Ricoh Aficio MP 6001 SP Security Target - Page 81

Page 80 of 87 The TOE also allows creating up to four new MFP administrators, and deleting the MFP administrators. An MFP administrator cannot be deleted if the MFP administrator is assigned to no other persons. FMT_MSA.1(a) (Management of security attributes) The TOE allows only specified users to operate the security attributes related to the common access control SFP from the specified operation interfaces. The operations (newly create, query, modify and delete) are available only on the security attributes that can be operated by the users. Table 40 shows the list of security attributes that can be operated by the users, the permitted users to operate each security attribute and their permitted operations, and the available operation interfaces. Table 40: Security Attributes Management of Common Access Control SFP Security Attribute Login user name of normal user Application type Login user name of supervisor Login user name of MFP administrator Document type Document user list of user documents including the following document types: Document Server user document, scanner user document and fax document. Document user list of user documents including received fax documents. (*1) Operation Interface Operation Panel Web browser No operation interfaces available Operation Panel Web browser Operation Panel Web browser No operation interfaces available Operation Newly create, query, modify, delete Query No operations permitted Query, modify Newly create Query, modify Query No operations permitted User MFP administrator Normal user who owns the applicable login user name - Supervisor MFP administrator MFP administrator who owns the applicable login user name Supervisor - Operation Panel Web browser Query, modify MFP administrator, applicable normal user who stored the document Operation Panel Web browser Query, modify MFP administrator -: No user roles are permitted for operations by the TOE. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.