Ricoh Aficio MP 3352 Security Target - Page 56

User jobs No setting of document data attribute Delete MFP administrator process Allows. Page 55 of 91 FDP_ACF.1.4(a) The TSF shall explicitly deny access of subjects to objects based on the following additional rules: [assignment: deny the operations on the document data and user jobs in case of supervisor process or RC Gate process]. FDP_ACF.1(b) Security attribute-based access control Hierarchical to: No other components. Dependencies: FDP_ACC.1 Subset access control FMT_MSA.3 Static attribute initialisation FDP_ACF.1.1(b) The TSF shall enforce the [assignment: TOE function access control SFP] to objects based on the following: [assignment: subjects or objects, and their corresponding security attributes shown in Table 20]. Table 20 : Subjects, Objects and Security Attributes (b) Category Subject Subjects or Objects Normal user process Object Supervisor process RC Gate process MFP application Security Attributes - Login user name of normal user - Available function list - User role - User role - User role - Function type FDP_ACF.1.2(b) The TSF shall enforce the following rules to determine if an operation among controlled subjects and controlled objects is allowed: [assignment: rule to control operations among objects and subjects shown in Table 21]. Table 21 : Rule to Control Operations on MFP Applications (b) Object Operation Subject Rule to control Operations MFP application Execute Normal user process Allows executing MFP application which MFP administrator allowed in available function list for normal user process. FDP_ACF.1.3(b) The TSF shall explicitly authorise access of subjects to objects based on the following additional rules: [assignment: rules that the Fax Reception Function operated using administrator permission is surely permitted]. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.