Ricoh Aficio MP 8001 sec - Page 72

File Administrator Operations on Document Data, SF.SEC_MNG, Security Management Function, 1.4

Get Ricoh Aficio MP 8001 PDF manuals and user guides View all Ricoh Aficio MP 8001 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 72 highlights

Table 29: Default value for document data ACL Page 71 of 82 Type of document data Document data stored by a general user Default value for document data ACL Document data default ACL By the above, FDP_ACC.1 (Subset access control) and FDP_ACF.1 (Security attribute based access control) are satisfied. 7.1.3.2 File Administrator Operations on Document Data If the logged-in user from the Operation Panel or Web Service Function is a file administrator, the TOE allows that user to display a list of document data and to delete the document data in the list individually or all at once. By the above, FDP_ACC.1 (Subset access control) and FDP_ACF.1 (Security attributebased access control) are satisfied. 7.1.4 SF.SEC_MNG Security Management Function The TOE provides Security Management Functions according to the roles assigned to users who havebeen successfully identified and authenticated using the "SF.I&A User Identification and Authentication Function". Following are explanations of each functional item in "SF.SEC_MNG Security Management Function" and their corresponding security functional requirements. 7.1.4.1 Management of Document Data ACL Management of the document data ACL allows operations on the document data ACL from the Operation Panel or Web Service Function to be restricted to specified users only. Operations on the document data ACL include changing the document file owner and the document file owner's operation permissions for the document data, newly registering and deleting document file users, and changing document file users' operation permissions for the document data. These operations can be performed only by specified users who have been authorised for each operation. Table 30 shows the relationship between operations on the document data ACL and the users authorised for the operations. Table 30: Operations on document data ACL and authorised users Operations on document data ACL Changing of document file owners Changing of document file owners' operation permissions for document data Registration of new document file users Authorised users - File administrators - File administrators - Document file owners - General users with full control authorisation - File administrators - Document file owners - General users with full control authorisation Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
Page 71 of 82
Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
Table 29: Default value for document data ACL
Type of document data
Default value for document data ACL
Document data stored by a general user
Document data default ACL
By the above, FDP_ACC.1 (Subset access control) and FDP_ACF.1 (Security attribute based access
control) are satisfied.
7.1.3.2
File Administrator Operations on Document Data
If the logged-in user from the Operation Panel or Web Service Function is a file administrator, the TOE
allows that user to display a list of document data and to delete the document data in the list individually or
all at once.
By the above, FDP_ACC.1 (Subset access control) and FDP_ACF.1 (Security attributebased access
control) are satisfied.
7.1.4
SF.SEC_MNG
Security Management Function
The TOE provides Security Management Functions according to the roles assigned to users who have been
successfully identified
and authenticated using the "SF.I&A
User
Identification
and
Authentication Function".
Following are explanations of each functional item in "SF.SEC_MNG
Security
Management Function" and their corresponding security functional requirements.
7.1.4.1
Management of Document Data ACL
Management of the document data ACL allows operations on the document data ACL from the Operation
Panel or Web Service Function to be restricted to specified users only. Operations on the document data
ACL include changing the document file owner and the document file owner's operation permissions for
the document data, newly registering and deleting document file users, and changing document file users
'
operation permissions for the document data. These operations can be performed only by specified users
who have been authorised for each operation. Table 30 shows the relationship between operations on the
document data ACL and the users authorised for the operations.
Table 30: Operations on document data ACL and authorised users
Operations on document data ACL
Authorised users
Changing of document file owners
- File administrators
Changing of document file owners' operation
permissions for document data
- File administrators
- Document file owners
- General users with full control authorisation
Registration of new document file users
- File administrators
- Document file owners
- General users with full control authorisation