Ricoh Aficio MP 6001 SP Security Target - Page 66

O.DOC.NO_ALT Protection of document alteration

Get Ricoh Aficio MP 6001 SP PDF manuals and user guides View all Ricoh Aficio MP 6001 SP manuals
Add to My Manuals
Save this manual to your list of manuals

Page 66 highlights

Page 65 of 87 (2) Prevent reading the deleted documents, temporary documents and their fragments. Deleted documents, temporary documents and their fragments are prevented from being read by FDP_RIP.1. (3) Use trusted channels for sending or receiving user documents. The user documents sent and received from the LAN interface are protected by FTP_ITC.1. (4) Management of the security attributes. FMT_MSA.1(a) specifies the available operations (newly create, query, modify and delete) on the login user name, and available operations (query and modify) on the document user list, and a specified user is thus restricted to perform each operation. FMT_MSA.3(a) sets the defined default value to the document user list and document type which are the security attributes of the user document (object) when the user document is generated. By satisfying FDP_ACC.1(a), FDP_ACF.1(a), FDP_RIP.1, FTP_ITC.1, FMT_MSA.1(a) and FMT_MSA.3(a), which are the security functional requirements for these countermeasures, O.DOC.NO_DIS is fulfilled. O.DOC.NO_ALT Protection of document alteration O.DOC.NO_ALT is the security objective to prevent the documents from unauthorised alteration by persons without a login user name, or by persons with a login user name but without an access permission to the document. To fulfil this security objective, it is required to implement the following countermeasures. (1) Specify and implement the access control to user document. FDP_ACC.1(a) and FDP_ACF.1(a) restrict the deletion (there is no "editing operation" of user documents) of user document by the user role. Additionally, the normal users are restricted to delete the user document by the operation permission granted to them. To normal users, the available document type of user document is restricted by the executing MFP application, and the normal user can delete only user document for which the deleting permission is granted. The MFP administrator is allowed to delete the user documents. The supervisor is not allowed to delete the user documents. (2) Prevent deleting the deleted documents, temporary documents and their fragments. Deleted documents, temporary documents and their fragments are prevented from being used by FDP_RIP.1. (3) Use trusted channels for sending or receiving user documents. The user documents sent and received from the LAN interface are protected by FTP_ITC.1. (4) Management of the security attributes. FMT_MSA.1(a) specifies the available operations (newly create, query, modify and delete) on the login user name, and available operations (query and modify) on the document user list, and a specified user is thus restricted to perform each operation. FMT_MSA.3(a) sets the defined default value to the document user list and document type which are the security attributes of the user document (object) when the user document is generated. By satisfying FDP_ACC.1(a), FDP_ACF.1(a), FDP_RIP.1, FTP_ITC.1, FMT_MSA.1(a) and FMT_MSA.3(a), which are the security functional requirements for these countermeasures, O.DOC.NO_ALT is fulfilled. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
Page 65 of
87
(2)
Prevent reading the deleted documents, temporary documents and their fragments.
Deleted documents, temporary documents and their fragments are prevented from being read by
FDP_RIP.1.
(3)
Use trusted channels for sending or receiving user documents.
The user documents sent and received from the LAN interface are protected by FTP_ITC.1.
(4)
Management of the security attributes.
FMT_MSA.1(a) specifies the available operations (newly create, query, modify and delete) on the login
user name, and available operations (query and modify) on the document user list, and a specified user
is thus restricted to perform each operation.
FMT_MSA.3(a) sets the defined default value to the document user list and document type which are
the security attributes of the user document (object) when the user document is generated.
By
satisfying
FDP_ACC.1(a),
FDP_ACF.1(a),
FDP_RIP.1,
FTP_ITC.1,
FMT_MSA.1(a)
and
FMT_MSA.3(a), which are the security functional requirements for these countermeasures, O.DOC.NO_DIS
is fulfilled.
O.DOC.NO_ALT Protection of document alteration
O.DOC.NO_ALT is the security objective to prevent the documents from unauthorised alteration by persons
without a login user name, or by persons with a login user name but without an access permission to the
document. To fulfil this security objective, it is required to implement the following countermeasures.
(1)
Specify and implement the access control to user document.
FDP_ACC.1(a) and FDP_ACF.1(a) restrict the deletion (there is no "editing operation" of user
documents) of user document by the user role. Additionally, the normal users are restricted to delete the
user document by the operation permission granted to them. To normal users, the available document
type of user document is restricted by the executing MFP application, and the normal user can delete
only user document for which the deleting permission is granted. The MFP administrator is allowed to
delete the user documents. The supervisor is not allowed to delete the user documents.
(2)
Prevent deleting the deleted documents, temporary documents and their fragments.
Deleted documents, temporary documents and their fragments are prevented from being used by
FDP_RIP.1.
(3)
Use trusted channels for sending or receiving user documents.
The user documents sent and received from the LAN interface are protected by FTP_ITC.1.
(4)
Management of the security attributes.
FMT_MSA.1(a) specifies the available operations (newly create, query, modify and delete) on the login
user name, and available operations (query and modify) on the document user list, and a specified user
is thus restricted to perform each operation.
FMT_MSA.3(a) sets the defined default value to the document user list and document type which are
the security attributes of the user document (object) when the user document is generated.
By
satisfying
FDP_ACC.1(a),
FDP_ACF.1(a),
FDP_RIP.1,
FTP_ITC.1,
FMT_MSA.1(a)
and
FMT_MSA.3(a),
which
are
the
security
functional
requirements
for
these
countermeasures,
O.DOC.NO_ALT is fulfilled.
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.