Page 5 of 82
Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
List of Figures
Figure 1: Example of TOE environment
........................................................................................................
11
Figure 2: Hardware configuration of TOE
.....................................................................................................
13
Figure 3: Logical boundaries of TOE
.............................................................................................................
19
List of Tables
Table 1: MFP names for each series
.................................................................................................................
7
Table 2: List of administrator roles
................................................................................................................
17
Table 3: Correspondence between operations authorised by permissions to process document data and
operations p ossible on document data
............................................................................................................
23
Table 4: Relationship between security environment and security objectives
...............................................
31
Table 5: List of auditable events
....................................................................................................................
35
Table 6: List of cryptographic key generation
................................................................................................
40
Table 7: List of cryptographic operations
.......................................................................................................
41
Table 8: List of subjects, objects, and operations among subjects and objects
..............................................
41
Table 9: Subjects, objects and security attributes
...........................................................................................
41
Table 10: Rules governing access
..................................................................................................................
42
Table 11: Rules governing access explicitly
..................................................................................................
42
Table 12: List of subjects, information and operation
....................................................................................
43
Table 13: Security attributes corresponding to subjects or information
.........................................................
43
Table 14: List of authentication events
...........................................................................................................
44
Table 15: Lockout release actions
..................................................................................................................
44
Table 16: Rules for initial association of attributes
........................................................................................
46
Table 17: Management roles of security attributes
.........................................................................................
47
Table 18: Characteristics of static attribute initialisation
...............................................................................
48
Table 19: List of TSF data management
.........................................................................................................
48
Table 20: List of specifications of Management Functions
............................................................................
50
Table 21: Services requiring trusted paths
.....................................................................................................
54
Table 22: TOE Security assurance requirements (EAL3)
..............................................................................
55
Table 23: Relationship between security objectives and functional requirements
.........................................
56
Table 24: Correspondence of dependencies of TOE security functional requirements
..................................
61
Table 25: Relationship between TOE security functional requirements and TOE Security Functions
..........
64
Table 26: Auditable events and auditable information
...................................................................................
66
Table 27: User roles and authentication methods
...........................................................................................
68
Table 28: Unlocking administrators for each user role
..................................................................................
69
Table 29: Default value for document data ACL
...........................................................................................
71
Table 30: Operations on document data ACL and authorised users
...............................................................
71
Table 31: Access to administrator information
...............................................................................................
72
Table 32: Authorised operations on general user information
........................................................................
73
Table 33: Administrators authorised to specify machine control data
............................................................
74