L.3 Session locking (FTA_SSL)

 

This family defines requirements for the TSF to provide the capability for locking and unlocking of interactive sessions (e.g. keyboard locking).

When a user is directly interacting with subjects in the TOE (interactive session), the user's terminal is vulnerable if left unattended. This family provides requirements for the TSF to disable (lock) the terminal or terminate the session after a specified period of inactivity, and for the user to initiate the disabling (locking) of the terminal. To reactivate the terminal, an event specified by the PP/ST author, such as the user re-authentication must occur.

A user is considered inactive, if he/she has not provided any stimulus to the TOE for a period of time.

A PP/ST author should consider whether FTP_TRP.1 Trusted path should be included. In that case, the function 'session locking' should be included in the operation in FTP_TRP.1.