User application notes
In this component, the TSF shall ensure that the provided reference meets certain construction rules, and thereby can be used in a secure way by potentially insecure subjects.
If a user wants to use disk resources without disclosing its identity, pseudonymity can be used. However, every time the user accesses the system, the same alias must be used. Such conditions can be specified in this component.
Operations
Assignment:
In FPR_PSE.3.1 the PP/ST author should specify the set of users and/or subjects against which the TSF must provide protection. For example, even if the PP/ST author specifies a single user or subject role, the TSF must not only provide protection against each individual user or subject, but must protect with respect to cooperating users and/or subjects. A set of users, for example, could be a group of users which can operate under the same role or can all use the same process(es).
In FPR_PSE.3.1 the PP/ST author should identify the list of subjects and/or operations and/or objects where the real user name of the subject should be protected, for example, 'the accessing of job offers'. Note that 'objects' includes any other attributes which might enable another user or subject to derive the actual identity of the user.
In FPR_PSE.3.2 the PP/ST author should identify the (one or more) number of aliases the TSF is able to provide.
In FPR_PSE.3.2 the PP/ST author should identify the list of subjects to whom the TSF is able to provide an alias.
Selection:
In FPR_PSE.3.3 the PP/ST author should specify whether the user alias is generated by the TSF, or supplied by the user.
Assignment:
In FPR_PSE.3.3 the PP/ST author should identify the metric to which the TSF-generated or user-generated alias should conform.
In FPR_PSE.3.4 the PP/ST author should identify the list of conditions that indicate when the used reference for the real user name shall be identical and when it shall be different, for example, "when the user logs on to the same host" it will use a unique alias.