RFC 3871           Operational Security Requirements      September 2004

2.12.2.  Support Authentication of Individual Users

   Requirement.

      Mechanisms used to authenticate interactive access for

      configuration and management MUST support the authentication of

      distinct, individual users.  This requirement MAY be relaxed to

      support system installation Section 2.4.5 or recovery of

      authorized access Section 2.12.15.

   Justification.

      The use of individual accounts, in conjunction with logging,

      promotes accountability.  The use of group or default accounts

      undermines individual accountability.

   Examples.

      A user may need to log in to the device to access CLI functions

      for management.  Individual user authentication could be provided

      by a centralized authentication server or a username/password

      database stored on the device.  It would be a violation of this

      rule for the device to only support a single "account" (with or

      without a username) and a single password shared by all users to

      gain administrative access.

   Warnings.

      This simply requires that the mechanism to support individual

      users be present.  Policy (e.g., forbidding shared group accounts)

      and enforcement are also needed but beyond the scope of this

      document.

2.12.3.  Support Simultaneous Connections

   Requirement.

      The device MUST support multiple simultaneous connections by

      distinct users, possibly at different authorization levels.

   Justification.

      This allows multiple people to perform authorized management

      functions simultaneously.  This also means that attempted

      connections by unauthorized users do not automatically lock out

      authorized users.

Jones                        Informational                     [Page 56]