Ricoh Aficio MP 8001 sec - Page 48

Page 47 of 82 Dependencies: [FDP_ACC.1 Subset access control, or FDP_IFC.1 Subset information flow control] FMT_SMR.1 Security roles FMT_SMF.1 Specification of Management Functions FMT_MSA.1.1 The TSF shall enforce the [assignment: MFP access control SFP] to restrict the ability to [selection: query, modify, delete, [assignment: newly create, change, add]] the security attributes [assignment: security attributes in Table 17 to [assignment: users roles in Table 17]. Table 17: Management roles of security attributes Security attributes General user IDs (a data item of general user information) Administrator IDs Administrator roles Supervisor ID Document data ACL Operations Query, newly create, delete Query Newly create Query, change Query Query, add, delete Query, change Query, modify Document data default ACL (a data item of general user information) Query, modify User roles - User administrator - General users - Administrators - Administrators who own the administrator IDs - Supervisor - Administrators who are assigned these administrator roles - Supervisor - File administrator - Document file owner - General users who have full control operation permissions for the relevant document data - User administrator - General user who creates the applicable document data FMT_MSA.3 Static attribute initialisation Hierarchical to: No other components. Dependencies: FMT_MSA.1 Management of security attributes FMT_SMR.1 Security roles FMT_MSA.3.1 The TSF shall enforce the [assignment: MFP access control SFP] to provide default values [selection: [assignment: specified as shown in Table 18] for security attributes that are used to enforce the SFP. FMT_MSA.3.2 The TSF shall allow the [assignment: no authorised identified roles] to specify alternative Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.