L.1 Limitation on scope of selectable attributes (FTA_LSA)

This family defines requirements that will limit the session security attributes a user may select, and the subjects to which a user may be bound, based on: the method of access; the location or port of access; and/or the time (e.g. time-of-day, day-of-week).

User notes

This family provides the capability for a PP/ST author to specify requirements for the TSF to place limits on the domain of an authorised user's security attributes based on an environmental condition. For example, a user may be allowed to establish a "secret session" during normal business hours but outside those hours the same user may be constrained to only establishing "unclassified sessions". The identification of relevant constraints on the domain of selectable attributes can be achieved through the use of the selection operation. These constraints can be applied on an attribute-by-attribute basis. When there exists a need to specify constraints on multiple attributes this component will have to be replicated for each attribute. Examples of attributes that could be used to limit the session security attributes are:

a)    The method of access can be used to specify in which type of environment the user will be operating (e.g. file transfer protocol, terminal, vtam).

b)    The location of access can be used to constrain the domain of a user's selectable attributes based on a user's location or port of access. This capability is of particular use in environments where dial-up facilities or network facilities are available.

c)    The time of access can be used to constrain the domain of a user's selectable attributes. For example, ranges may be based upon time-of-day, day-of-week, or calendar dates. This constraint provides some operational protection against user actions that could occur at a time where proper monitoring or where proper procedural measures may not be in place.