Ricoh Aficio MP C3001 Security Target - Page 4

Page 3 of 93 3.1 Threats ...36 3.2 Organisational Security Policies 37 3.3 Assumptions ...37 4 Security Objectives...39 4.1 Security Objectives for TOE 39 4.2 Security Objectives of Operational Environment 40 4.2.1 IT Environment...40 4.2.2 Non-IT Environment 41 4.3 Security Objectives Rationale 42 4.3.1 Correspondence Table of Security Objectives 42 4.3.2 Security Objectives Descriptions 43 5 Extended Components Definition 47 5.1 Restricted forwarding of data to external interfaces (FPT_FDI_EXP 47 6 Security Requirements...49 6.1 Security Functional Requirements 49 6.1.1 Class FAU: Security audit 49 6.1.2 Class FCS: Cryptographic support 52 6.1.3 Class FDP: User data protection 53 6.1.4 Class FIA: Identification and authentication 58 6.1.5 Class FMT: Security management 61 6.1.6 Class FPT: Protection of the TSF 67 6.1.7 Class FTA: TOE access 68 6.1.8 Class FTP: Trusted path/channels 68 6.2 Security Assurance Requirements 68 6.3 Security Requirements Rationale 69 6.3.1 Tracing ...69 6.3.2 Justification of Traceability 71 6.3.3 Dependency Analysis 77 6.3.4 Security Assurance Requirements Rationale 79 7 TOE Summary Specification 80 7.1 Audit Function ...80 7.2 Identification and Authentication Function 82 Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.