Page 3 of 82
Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
3.3
Assumptions
.................................................................................
28
4
Security Objectives
...............................................................................
29
4.1
Security Objectives for TOE
................................................................
29
4.2
Security Objectives of Operational Environment
........................................
30
4.3
Security Objectives Rationale
..............................................................
30
4.3.1
Tracing
......................................................................................................
30
4.3.2
Tracing Justification
...................................................................................
31
5
Extended Components Definition
...............................................................
34
6
Security Requirements
..........................................................................
35
6.1
Security Functional Requirements
........................................................
35
6.1.1
Class FAU: Security audit
...........................................................................
35
6.1.2
Class FCS: Cryptographic support
...............................................................
40
6.1.3
Class FDP: User data protection
..................................................................
41
6.1.4
Class FIA: Identification and authentication
................................................
44
6.1.5
Class FMT: Security management
...............................................................
46
6.1.6
Class FPT: Protection of the TSF
.................................................................
53
6.1.7
Class FTP: Trusted path/channels
...............................................................
53
6.2
Security Assurance Requirements
.........................................................
55
6.3
Security Requirements Rationale
..........................................................
56
6.3.1
Tracing
......................................................................................................
56
6.3.2
Justification of Traceability
.........................................................................
57
6.3.3
Dependency Analysis
..................................................................................
61
6.3.4
Security Assurance Requirements Rationale
.................................................
63
7
TOE Summary Specification
....................................................................
64
7.1
TOE Security Function
.....................................................................
64
7.1.1
SF.AUDIT
Audit Function
........................................................................
65
7.1.1.1
Generation of Audit Logs
......................................................................
66
7.1.1.2
Reading Audit Logs
..............................................................................
67
7.1.1.3
Protection of Audit Logs
.......................................................................
67
7.1.1.4
Time Stamps
.......................................................................................
67
7.1.2
SF.I&A
User Identification and Authentication Function
.............................
67
7.1.2.1
User Identification and Authentication
..................................................
68
7.1.2.2
Actions in Event of Identification and Authentication Failure
..................
68