Ricoh Aficio MP 8001 sec - Page 47

Page 46 of 82 bullets) for one letter of passwords on authentication feedback] to the user while the authentication is in progress. FIA_UID.2 User identification before any action Hierarchical to: FIA_UID.1 Timing of identification. Dependencies: No dependencies. FIA_UID.2.1 The TSF shall require each user to be successfully identified before allowing any other TSF-mediated actions on behalf of that user. FIA_USB.1 User-subject binding Hierarchical to: No other components. Dependencies: FIA_ATD.1 User attribute definition. FIA_USB.1.1 The TSF shall associate the following user security attributes with subjects acting on the behalf of that user: [assignment: general user IDs, document data default ACL, administrator IDs, administrator roles and supervisor ID]. FIA_USB.1.2 The TSF shall enforce the following rules on the initial association of user security attributes with subjects acting on the behalf of users: [assignment: rules for the initial association of attributes listed in Table 16 Table 16: Rules for initial association of attributes Users General user Administrator Supervisor Subjects General user process Administrator process Supervisor process Security attributes of users General user ID, Document data default ACL Administrator ID, Administrator roles Supervisor ID FIA_USB.1.3 The TSF shall enforce the following rules governing changes to the user security attributes associated with subjects acting on the behalf of users: [assignment: administrators can add their own assigned administrator roles to other administrators, and can delete their own administrator roles. However, the administrator cannot delete the assigned administrator role if that role is assigned to no other administrators]. 6.1.5 Class FMT: Security management FMT_MSA.1 Management of security attributes Hierarchical to: No other components. Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.