Ricoh Aficio MP 6001 SP Security Target - Page 68

O.CONF.NO_ALT Protection of TSF confidential data alteration, O.USER.AUTHORIZED User identification

Get Ricoh Aficio MP 6001 SP PDF manuals and user guides View all Ricoh Aficio MP 6001 SP manuals
Add to My Manuals
Save this manual to your list of manuals

Page 68 highlights

Page 67 of 87 (1) Management of the TSF confidential data. FMT_MTD.1 allows the MFP administrator and applicable normal user to operate the login password of normal user. A supervisor is allowed to operate the login password of supervisor. The supervisor and applicable MFP administrator are allowed to operate the login password of MFP administrator. The MFP administrator is only allowed to operate the audit log and HDD cryptographic key. (2) Specification of the Management Function. FMT_SMF.1 performs the required Management Functions for Security Function. (3) Specification of the roles. FMT_SMR.1 maintains the users who have the privileges. (4) Use trusted channels for sending or receiving TSF confidential data. The TSF confidential data sent and received from the LAN interface are protected by FTP_ITC.1. By satisfying FMT_MTD.1, FMT_SMF.1, FMT_SMR.1 and FTP_ITC.1, which are the security functional requirements for these countermeasures, O.CONF.NO_DIS is fulfilled. O.CONF.NO_ALT Protection of TSF confidential data alteration O.CONF.NO_ALT is the security objective to allow only users who can maintain the security to alter the TSF confidential data. To fulfil this security objective, it is required to implement the following countermeasures. (1) Management of the TSF confidential data. FMT_MTD.1 allows the MFP administrator and applicable normal user to operate the login password of normal user. A supervisor is allowed to operate the login password of supervisor. The supervisor and applicable MFP administrator are allowed to operate the login password of MFP administrator. The MFP administrator is only allowed to operate the audit log and newly create an HDD cryptographic key. (2) Specification of the Management Function. FMT_SMF.1 performs the required Management Functions for Security Function. (3) Specification of the roles. FMT_SMR.1 maintains the users who have the privileges. (4) Use trusted channels for sending or receiving TSF confidential data. The TSF confidential data sent and received from the LAN interface are protected by FTP_ITC.1. By satisfying FMT_MTD.1, FMT_SMF.1, FMT_SMR.1 and FTP_ITC.1, which are the security functional requirements for these countermeasures, O.CONF.NO_ALT is fulfilled. O.USER.AUTHORIZED User identification and authentication O.USER.AUTHORIZED is the security objective to restrict users so that only valid users can use the TOE functions. To fulfil this security objective, it is required to implement the following countermeasures. (1) Identify and authenticate the users prior to the TOE use. FIA_UID.1 identifies the users prior to the TOE use. FIA_UAU.1 authenticates the users if the user is the registered user or not prior to the TOE use. (2) Allow the successfully identified and authenticated user to use the TOE. FIA_ATD.1 and FIA_USB.1 manage the access procedures to the protected assets of the users who are Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
Page 67 of
87
(1)
Management of the TSF confidential data.
FMT_MTD.1 allows the MFP administrator and applicable normal user to operate the login password
of normal user. A supervisor is allowed to operate the login password of supervisor. The supervisor and
applicable MFP administrator are allowed to operate the login password of MFP administrator. The
MFP administrator is only allowed to operate the audit log and HDD cryptographic key.
(2)
Specification of the Management Function.
FMT_SMF.1 performs the required Management Functions for Security Function.
(3)
Specification of the roles.
FMT_SMR.1 maintains the users who have the privileges.
(4)
Use trusted channels for sending or receiving TSF confidential data.
The TSF confidential data sent and received from the LAN interface are protected by FTP_ITC.1.
By satisfying FMT_MTD.1, FMT_SMF.1, FMT_SMR.1 and FTP_ITC.1, which are the security functional
requirements for these countermeasures, O.CONF.NO_DIS is fulfilled.
O.CONF.NO_ALT Protection of TSF confidential data alteration
O.CONF.NO_ALT is the security objective to allow only users who can maintain the security to alter the
TSF confidential data. To fulfil this security objective, it is required to implement the following
countermeasures.
(1)
Management of the TSF confidential data.
FMT_MTD.1 allows the MFP administrator and applicable normal user to operate the login password
of normal user. A supervisor is allowed to operate the login password of supervisor. The supervisor and
applicable MFP administrator are allowed to operate the login password of MFP administrator. The
MFP administrator is only allowed to operate the audit log and newly create an HDD cryptographic
key.
(2)
Specification of the Management Function.
FMT_SMF.1 performs the required Management Functions for Security Function.
(3)
Specification of the roles.
FMT_SMR.1 maintains the users who have the privileges.
(4)
Use trusted channels for sending or receiving TSF confidential data.
The TSF confidential data sent and received from the LAN interface are protected by FTP_ITC.1.
By satisfying FMT_MTD.1, FMT_SMF.1, FMT_SMR.1 and FTP_ITC.1, which are the security functional
requirements for these countermeasures, O.CONF.NO_ALT is fulfilled.
O.USER.AUTHORIZED User identification and authentication
O.USER.AUTHORIZED is the security objective to restrict users so that only valid users can use the TOE
functions. To fulfil this security objective, it is required to implement the following countermeasures.
(1)
Identify and authenticate the users prior to the TOE use.
FIA_UID.1 identifies the users prior to the TOE use.
FIA_UAU.1 authenticates the users if the user is the registered user or not prior to the TOE use.
(2)
Allow the successfully identified and authenticated user to use the TOE.
FIA_ATD.1 and FIA_USB.1 manage the access procedures to the protected assets of the users who are
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.