Cisco Cisco IOS Software Release 12.4(4)T

FIA_UAU.5.1 - The TSF shall provide [a password mechanism] to support user authentication.

FIA_UAU.5.2 - The TSF shall authenticate any user's claimed identity according to the [following 
multiple authentication mechanism rules:

single-use authentication mechanism shall be used for authorized administrators to access the TOE 
remotely such that successful authentication must be achieved before allowing any other 
TSF-mediated actions on behalf of that authorized administrator.

single-use authentication mechanism shall be used for authorized external IT entities accessing the 
TOE such that successful authentication must be achieved before allowing any other TSF-mediated 
actions on behalf of that authorized external IT entity.

1

reusable password mechanism shall be used for authorized administrators to access the TOE via a 
directly connected terminal such that successful authentication must be achieved before allowing 
any other TSF-mediated actions on behalf of that authorized administrator].

FDP_IFC.1.1 - The TSF shall enforce the [UNAUTHENTICATED_SFP] on the following:

[subjects: unauthenticated external IT entities that send and receive information through the TOE to 
one another

information: traffic sent through the TOE from one subject to another

operation: pass information]

FDP_IFF.1.1 - The TSF shall enforce the [UNAUTHENTICATED_SFP] based on the following types 
of subject and information security attributes:

[subject security attributes:

Presumed address

No additional attributes 

Information security attributes:

presumed address of source subject

presumed address of destination subject

transport layer protocol

TOE interface on which traffic arrives and departs

Service

No additional attributes]

1. Parts a and b of FIA_UAU5.2(1) is performed by the TOE environment and hence have been removed from 

FIAA_UAU.5.2(1) and included in the environmental iteration of this requirement (FIA_UAU.5.2(2)).