Ricoh Aficio MP 8001 sec - Page 32

Page 31 of 82 Table 4: Relationship between security environment and security objectives TOE security Environment A.ADMIN A.SUPERVISOR A.NETWORK T.ILLEGAL_USE T.UNAUTH_ACCESS T.ABUSE_SEC_MNG T.SALVAGE T.TRANSIT T.FAX_LINE P.SOFTWARE Security objectives O.AUDIT O.I&A O.DOC_ACC O.MANAGE O.MEM.PROTECT O.NET.PROTECT O.GENUINE O.LINE_PROTECT OE.ADMIN OE.SUPERVISOR OE.NETWORK v vv vv v vv v v v v v v v v v 4.3.2 Tracing Justification The following are the rationale for each security objectives being appropriate to satisfy "3.1 Threats", "3.2 Organisational Security Policies" and "3.3 Assumptions". A.ADMIN (Assumptions for administrators) As specified by A.ADMIN, administrators shall have sufficient knowledge to operate the TOE securely in the roles assigned to them and instruct general users to operate the TOE securely also. Additionally, administrators are unlikely to abuse their permissions. As specified by OE.ADMIN, the responsible manager of the MFP shall select trusted persons as administrators and instruct them on their administrator roles. Once instructed, administrators then shall instruct general users, familiarising them with the compliance rules for secure TOEoperation as defined in the administrator guidance for the TOE. Therefore, A.ADMIN is upheld. A.SUPERVISOR (Assumptions for supervisor) As specified by A.SUPERVISOR, a supervisor shall have sufficient knowledge to operate the TOE securely in the roles assigned to him/her, and be unlikely to abuse his/her permissions. As specified by OE.SUPERVISOR, the responsible manager of the MFP shall select a trusted person as a supervisor and instruct him/her on the role of supervisor. Therefore, A.SUPERVISOR is upheld. Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.