GB/T 20273-2019安全功能要求解读（三）FAU_GEN.2 用户身份关联

（一）前言
（二）FAU_GEN.1 审计数据产生

（三）FAU_GEN.2 用户身份关联

GB18336.2

7.2.6 FAU_GEN.2 用户身份关联
从属于：无其他组件。
依赖关系：
FAU_GEN.1 审计数据产生；
FIA_UID.1 标识的时机。
7.2.6.1 FAU_GEN.2.1
对于已标识身份的用户的行为所产生的审计事件，TSF应能将每个可审计事件与引起该事件的用户身份相关联。

C.3.3 FAU_GEN.2 用户身份关联
C.3.3.1 用户应用注释
本组件负责处理在单个用户身份级别上可审计事件的责任追溯性方面要求。本组件应该用作FAU_GEN.1“审计数据产生”的补充。
审计要求和隐私要求之间存在着潜在的冲突，为了审计，希望能了解谁完成了一个动作，而该用户则可能希望只有自己知道自己的动作，而不被他人（如同事）识别出，或者可能在组织安全策略要求必须保护用户身份。在这些情况下，审计与隐私的目标是互相矛盾的。所以，如果选定这一审计要求，并且隐私也很重要，应考虑增加用户假名组件。隐私类FPR中规定了基于假名确定真实用户名的要求。
如果用户身份还没有通过鉴别被验证，在一个无效登录的实例中所声称的用户身份应该被记录。应考虑指明已记录的身份没有被鉴别的情况。

ISO15408-2

7.2.6 FAU_GEN.2 User identity association
Hierarchical to: No other components.
Dependencies:
FAU_GEN.1 Audit data generation
FIA_UID.1 Timing of identification
7.2.6.1 FAU_GEN.2.1
For audit events resulting from actions of identified users, the TSF shall be able to associate each auditable event with the identity of the user that caused the event.

C.3.3 FAU_GEN.2 User identity association
C.3.3.1 User application notes
This component addresses the requirement of accountability of auditable events at the level of individual user identity. This component should be used in addition to FAU_GEN.1 Audit data generation.
There is a potential conflict between the audit and privacy requirements. For audit purposes it may be desirable to know who performed an action. The user may want to keep his/her actions to himself/herself and not be identified by other persons (e.g. a site with job offers). Or it might be required in the Organisational Security Policy that the identity of the users must be protected. In those cases the objectives for audit and privacy might contradict each other. Therefore if this requirement is selected and privacy is important, inclusion of the component user pseudonimity might be considered. Requirements on determining the real user name based on its pseudonym are specified in the privacy class.
If the identity of the user has not yet been verified through authentication, in the instance of an invalid login the claimed user identity should be recorded. It should be considered to indicate when a recorded identity has not been authenticated.

GB20273

7.2.2.2 用户身份关联（FAU_GEN.2）
FAU_GEN.2.1
对于已标识用户行为所产生的审计事件，TSF应能将每个审计事件和引起该审计事件的用户身份关联起来。

USGovPP

5.1.1.2 User and/or group identity association (FAU_GEN_(EXT).2)
FAU_GEN_(EXT).2.1
For audit events resulting from actions of identified users and/or identified groups, the TSF shall be able to associate each auditable event with the identity of the user and/or group that caused the event.

GB20009

5.1.2.2 用户身份关联（FAU_GEN.2）
用户身份关联组件应将审计事件与主体身份相联系，满足可审计事件追溯到单个数据库用户身份上的要求。该组件安全评估内容如下：
a）审计记录中应能查看到每个审计事件是否与引发审计事件的用户身份关联信息；
b）审计记录中应能查看到每个审计事件是否与引发审计事件的【赋值：ST作者指定的用户身份鉴别方式】相关联的数据库会话信息；
c）应检查提供将审计记录中用户身份与用户所属组/角色身份关联查看的辅助视图或管理API/工具，确认能看到用户身份关联信息。

简析

• 根据GB18336.2 7.2.3，不影响GB20273 7.2.6.4和GB20009 5.1.6.7管理功能规范（FMT_SMF.1）的安全管理功能列表。
• GB20273无隐私功能要求类FPR。