Ricoh Aficio MP 8001 sec - Page 43
assignment: no
View all Ricoh Aficio MP 8001 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 43 highlights
Page 42 of 82 FDP_ACF.1.2 The TSF shall enforce the following rules to determine if an operation among controlled subjects and controlled objects is allowed: [assignment: rules governing subject operations on objects and access to the operations shown in Table 10 Table 10: Rules governing access Subject General user process Operations on objects Storing document data Reading document data Deleting document data Rules governing access General users can store document data. When the document data is stored, the document data default ACL associated with the general user process is copied to the document data ACL associated with the document data. A general user process has permission to read document data if the general user ID associated with the general user process matches either the document file owner ID or the document file user ID in the document data ACL associated with the document data, and if the matched ID has viewing, editing, editing/deleting, or full control permission. A general user process has permission to delete document data if the general user ID associated with the general user process matches either the document file owner ID or a document file user ID in the document data ACL associated with the document data, and if the matched ID has permission for editing/deleting or full control permission. FDP_ACF.1.3 The TSF shall explicitly authorise access of subjects to objects based on the following additional rules: [assignment: rules that explicitly grant subject's operations on objects shown in Table 11 Table 11: Rules governing access explicitly Subject Administrator process Operations on object Deleting document data Rules governing access When the file administrator is included in administrator roles that are associated with administrator process, the administrator process has permission to delete all document data stored in the D-BOX. FDP_ACF.1.4 The TSF shall explicitly deny access of subjects to objects based on the [assignment: no rules, based on security attributes that explicitly deny access of subjects to objects]. FDP_IFC.1 Subset information flow control Hierarchical to: No other components. Dependencies: FDP_IFF.1 Simple security attributes. FDP_IFC.1.1 The TSF shall enforce the [assignment: telephone line information flow SFP] on Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.