1 Scope
2 Conformance
3 References
4 Definitions
  4.1 Terms defined in this document
      4.1.1 Access right
      4.1.2 Administration
      4.1.3 Customer-specifiable
      4.1.4 Identification
      4.1.5 User identifier
  4.2 Terms defined in other documents
5 Acronyms
6 Specification of security enforcing functions
  6.1 Identification and Authentication
      6.1.1 Unique Identification and Authentication
      6.1.2 Identification and Authentication prior to all
             other interactions
      6.1.3 Associate information to users
      6.1.4 Logon message
      6.1.5 Number of logon trials
      6.1.6 Expiration of unused user identifiers
      6.1.7 Disable users temporarily
      6.1.8 User status information
      6.1.9 Authentication information protection
      6.1.10 Authentication information independence
      6.1.11 Authentication information aging
  6.2 Access Control
      6.2.1 Authenticated user identification
      6.2.2 Individual user
      6.2.3 User groups
      6.2.4 Objects
      6.2.5 Types of access rights
      6.2.6 Default access rights
      6.2.7 Precedence of access rights
      6.2.8 Date of modification
      6.2.9 Verification of rights
      6.2.10 Application controlled access rights
  6.3 Accountability and audit
      6.3.1 Associate actions and users
      6.3.2 Logging
      6.3.4 Copy audit trails
      6.3.5 Alarm if unable to record
      6.3.6 Select users
      6.3.7 Dynamic control
  6.4 Object Reuse
  6.5 Accuracy
      6.5.1 TOE software integrity
      6.5.2 Data integrity
      6.5.3 Security parameters status report
  6.6 Reliability of service
      6.6.1 Recovery
      6.6.2 Data backup
7 Password specific requirements
  7.1 User-changeable password
  7.2 Password aging
  7.3 Password expiration notification
  7.4 Password reuse
  7.5 Password complexity
  7.6 Password logging
  7.7 Default passwords
Annex A (informative) Access control model
Annex B (informative) Terms defined in other documents