Fulfillment of the requirements (FR1)
Requirement
| SL 1 | Recommended compensatory measures at system level |
|---|---|---|
CR 1.1 – Human user identification and authentication | – | |
CR 1.1 RE (1) – Unique identification and authentication | o | – |
CR 1.1RE (2) – Multi-factor authentication via all interfaces | o | – |
CR 1.2 – Identification and authentication of software processes and devices | o | – |
CR 1.2 RE (1) – Unique identification and authentication | o | – |
CR 1.3 – Account management | – | |
CR 1.4 – Identifier management | – | |
CR 1.5 – Authenticator management | – | |
CR 1.5 RE (1) – Hardware security for authenticators | o | – |
CR 1.7 – Strength of password-based authentication | – | |
CR 1.7 RE (1) Generation and lifetime restrictions of passwords for human users | o | – |
CR 1.7 RE (2) – Password lifetime restrictions for all users (human users, software processes, or devices) | o | – |
CR 1.8 – PKI certificates | o | – |
CR 1.9 – Strength of public key-based authentication | o | – |
CR 1.10 – Authenticator feedback | – | |
CR 1.11 – Unsuccessful login attempts | – | |
CR 1.12 – System usage note | – | |
CR 1.14 – Strength of symmetric key-based authentication | o | – |
RE (1) – Hardware security for authentication using symmetrical keys | o | – |
