Ricoh Aficio MP 6001 SP Security Target - Page 56

Table 26: Rules for Initial Association of Attributes

Get Ricoh Aficio MP 6001 SP PDF manuals and user guides View all Ricoh Aficio MP 6001 SP manuals
Add to My Manuals
Save this manual to your list of manuals

Page 56 highlights

Page 55 of 87 FIA_USB.1.1 FIA_USB.1.2 The TSF shall associate the following user security attributes with subjects acting on the behalf of that user: [assignment: login user name of normal user, application type, login user name of supervisor, login user name of MFP administrator, and available function list]. The TSF shall enforce the following rules on the initial association of user security attributes with subjects acting on the behalf of users: [assignment: rules for the initial association of attributes listed in Table 26]. Table 26: Rules for Initial Association of Attributes User Subject User Security Attribute Normal user Normal user process - Login user name of normal user - Application type - Available function list Supervisor Supervisor process - Login user name of supervisor MFP administrator MFP administrator process - Login user name of MFP administrator FIA_USB.1.3 The TSF shall enforce the following rules governing changes to the user security attributes associated with subjects acting on the behalf of users: [assignment: none]. 6.1.5 Class FMT: Security management FMT_MSA.1(a)Management of security attributes Hierarchical to: No other components. Dependencies: [FDP_ACC.1 Subset access control, or FDP_IFC.1 Subset information flow control] FMT_SMR.1 Security roles FMT_SMF.1 Specification of Management Function FMT_MSA.1.1(a) The TSF shall enforce the [assignment: common access control SFP] to restrict the ability to [selection: query, modify, delete, [assignment: newly create]] the security attributes [assignment: security attributes in Table 27] to [assignment: the user roles in Table 27]. Table 27: User Roles for Security Attributes (a) Security Attributes Login user name of normal user Application type Login user name of supervisor Operations Query, modify, newly create, delete Query No operations permitted Query, User Roles MFP administrator Normal user who owns the applicable login user name Supervisor Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
Page 55 of
87
FIA_USB.1.1
The TSF shall associate the following user security attributes with subjects acting on the behalf
of that user:
[assignment: login user name of normal user, application type, login user
name of supervisor, login user name of MFP administrator, and available function list]
.
FIA_USB.1.2
The TSF shall enforce the following rules on the initial association of user security attributes
with subjects acting on the behalf of users:
[assignment: rules for the initial association of
attributes listed in Table 26]
.
Table 26: Rules for Initial Association of Attributes
User
Subject
User Security Attribute
Normal user
Normal user process
- Login user name of normal user
- Application type
- Available function list
Supervisor
Supervisor process
- Login user name of supervisor
MFP administrator
MFP administrator process
- Login user name of MFP administrator
FIA_USB.1.3
The TSF shall enforce the following rules governing changes to the user security attributes
associated with subjects acting on the behalf of users:
[assignment: none]
.
6.1.5
Class FMT: Security management
FMT_MSA.1(a) Management of security attributes
Hierarchical to:
No other components.
Dependencies:
[FDP_ACC.1 Subset access control, or
FDP_IFC.1 Subset information flow control]
FMT_SMR.1 Security roles
FMT_SMF.1 Specification of Management Function
FMT_MSA.1.1(a) The TSF shall enforce the
[assignment: common access control SFP]
to restrict the ability to
[selection: query, modify, delete, [assignment: newly create]]
the security attributes
[assignment: security attributes in Table 27]
to
[assignment: the user roles in Table 27]
.
Table 27: User Roles for Security Attributes (a)
Security Attributes
Operations
User Roles
Query,
modify,
newly create,
delete
MFP administrator
Login user name of normal user
Query
Normal user who owns the applicable
login user name
Application type
No operations permitted
-
Login user name of supervisor
Query,
Supervisor
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.