Page 3 of
93
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
3.1
Threats
.......................................................................................................................
36
3.2
Organisational Security Policies
................................................................................
37
3.3
Assumptions
...............................................................................................................
37
4
Security Objectives
............................................................................................................
39
4.1
Security Objectives for TOE
.......................................................................................
39
4.2
Security Objectives of Operational Environment
.......................................................
40
4.2.1
IT Environment
.........................................................................................................
40
4.2.2
Non-IT Environment
.................................................................................................
41
4.3
Security Objectives Rationale
.....................................................................................
42
4.3.1
Correspondence Table of Security Objectives
.........................................................
42
4.3.2
Security Objectives Descriptions
.............................................................................
43
5
Extended Components Definition
......................................................................................
47
5.1
Restricted forwarding of data to external interfaces (FPT_FDI_EXP)
.......................
47
6
Security Requirements
......................................................................................................
49
6.1
Security Functional Requirements
.............................................................................
49
6.1.1
Class FAU: Security audit
........................................................................................
49
6.1.2
Class FCS: Cryptographic support
..........................................................................
52
6.1.3
Class FDP: User data protection
.............................................................................
53
6.1.4
Class FIA: Identification and authentication
.........................................................
58
6.1.5
Class FMT: Security management
...........................................................................
61
6.1.6
Class FPT: Protection of the TSF
.............................................................................
67
6.1.7
Class FTA: TOE access
.............................................................................................
68
6.1.8
Class FTP: Trusted path/channels
...........................................................................
68
6.2
Security Assurance Requirements
..............................................................................
68
6.3
Security Requirements Rationale
...............................................................................
69
6.3.1
Tracing
.......................................................................................................................
69
6.3.2
Justification of Traceability
......................................................................................
71
6.3.3
Dependency Analysis
................................................................................................
77
6.3.4
Security Assurance Requirements Rationale
..........................................................
79
7
TOE Summary Specification
.............................................................................................
80
7.1
Audit Function
...........................................................................................................
80
7.2
Identification and Authentication Function
...............................................................
82