Specifications

S E C U R I T Y T A R G E T D T C O 1 3 8 1 , R e l e a s e 1 . 3 v
Designed by
Date
Department
Released by
Winfried Rogenz
Date
2012-04-25
Department
I CV AM TTS
LR
H
Designation
Security Target DTCO 1381, Release 1.3v
Document
40225345 SPE 000 AB
Version
Pages
26 / 52
Observe
Protection marks for restricting the use of documents and products
(DIN 34: 1998-01)
The copying, distribution and utilization of this document as well as the
communication of its contents to others without expressed authorization
is prohibited. Offenders will be held liable for the payment of damages.
All rights reserved in the event of the grant of a patent, utility model or
ornamental design registration.
Observe
Protection marks for restricting the use of documents and products
(DIN 34: 1998-01)
6 Security enforcing functions
6.1 Identification and authentication
<SEF1>
The TOE provides this security enforcing function of identification and authentication of
entities and human users.
This SEF includes the following features:
6.1.1 Motion sensor identification and authentication
UIA_201
The VU shall be able to establish, for every interaction, the identity of the motion sensor
it is connected to.
UIA_202
The identity of the motion sensor shall consist of the sensor approval number and the
sensor serial number.
UIA_203
The VU shall authenticate the motion sensor it is connected to:
-
At motion sensor connection,
-
At each calibration of the recording equipment,
-
At power supply recovery.
Authentication shall be mutual and triggered by the VU.
UIA_204
The VU shall periodically (
period TBD by manufacturer: every 10 seconds, in calibration
mode up to 45 minutes and more frequently than once per hour
) re-identify and re-
authenticate the motion sensor it is connected to, and ensure that the motion sensor
identified during the last calibration of the recording equipment has not been changed.
UIA_205
The VU shall detect and prevent use of authentication data that has been copied and
replayed.
UIA_206
After (
TBD by manufacturer: 2 and not more than 20)
consecutive unsuccessful authenti-
cation attempts have been detected, and/or after detecting that the identity of the motion
sensor has changed while not authorised (i.e. while not during a calibration of the re-
cording equipment), the SEF shall:
-
generate an audit record of the event,
-
warn the user,
-
continue to accept and use non secured motion data sent by the motion sensor.