Ricoh Aficio MP C3001 Security Target - Page 50

Security Requirements - ip address

Get Ricoh Aficio MP C3001 PDF manuals and user guides View all Ricoh Aficio MP C3001 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 50 highlights

Page 49 of 93 6 Security Requirements This section describes Security Functional Requirements, Security Assurance Requirements and Security Requirements Rationale. 6.1 Security Functional Requirements This section describes the TOE security functional requirements for fulfilling the security objectives defined in section 4.1. The security functional requirements are quoted from the requirement defined in the CC Part2. The security functional requirements that are not defined in CC Part2 are quoted from the extended security functional requirements defined in the PP (IEEE Standard for a Protection Profile in Operational Environment A (IEEE Std 2600.1-2009)). The part with assignment and selection defined in the [CC] is identified with [bold face and brackets]. The part with refinement is identified with (refinement:). 6.1.1 Class FAU: Security audit FAU_GEN.1 Audit data generation Hierarchical to: No other components. Dependencies: FPT_STM.1 Reliable time stamps FAU_GEN.1.1 The TSF shall be able to generate an audit record of the following auditable events: a) Start-up and shutdown of the audit functions; b) All auditable events for the [selection: not specified] level of audit; and c) [assignment: auditable events of the TOE shown in Table 12]. FAU_GEN.1.2 The TSF shall record within each audit record at least the following information: a) Date and time of the event, type of event, subject identity (if applicable), and the outcome (success or failure) of the event; and b) For each audit event type, based on the auditable event definitions of the functional components included in the PP/ST, [assignment: types of job for FDP_ACF.1(a), all login user names that attempted the user identification for FIA_UID.1, communication direction of Web Function, communication IP address of the communication used for Web Function and folder transmission, recipient's e-mail address used for e-mail transmission, and communication direction of communication with RC Gate]. Table 12 shows the action (CC rules) recommended by the CC as auditable for each functional requirement and the corresponding auditable events of the TOE. Table 12 : List of Auditable Events Functional Requirements FDP_ACF.1(a) Actions Which Should Be Auditable Auditable Events a) Minimal: Successful requests to Original: Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
Page 49 of
93
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
6 Security Requirements
This section describes Security Functional Requirements, Security Assurance Requirements and Security
Requirements Rationale.
6.1
Security Functional Requirements
This section describes the TOE security functional requirements for fulfilling the security objectives defined
in section 4.1. The security functional requirements are quoted from the requirement defined in the CC Part2.
The security functional requirements that are not defined in CC Part2 are quoted from the extended security
functional requirements defined in the PP (IEEE Standard for a Protection Profile in Operational
Environment A (IEEE Std 2600.1-2009)).
The part with assignment and selection defined in the [CC] is identified with
[bold face and brackets]
.
The part with refinement is identified with (refinement:).
6.1.1
Class FAU: Security audit
FAU_GEN.1 Audit data generation
Hierarchical to:
No other components.
Dependencies:
FPT_STM.1 Reliable time stamps
FAU_GEN.1.1
The TSF shall be able to generate an audit record of the following auditable events:
a) Start-up and shutdown of the audit functions;
b) All auditable events for the
[selection: not specified]
level of audit; and
c)
[assignment: auditable events of the TOE shown in Table 12]
.
FAU_GEN.1.2
The TSF shall record within each audit record at least the following information:
a) Date and time of the event, type of event, subject identity (if applicable), and the outcome
(success or failure) of the event; and
b) For each audit event type, based on the auditable event definitions of the functional
components included in the PP/ST,
[assignment: types of job for FDP_ACF.1(a), all login
user names that attempted the user identification for FIA_UID.1, communication
direction of Web Function, communication IP address of the communication used for
Web Function and folder transmission, recipient's e-mail address used for e-mail
transmission, and communication direction of communication with RC Gate]
.
Table 12 shows the action (CC rules) recommended by the CC as auditable for each functional requirement
and the corresponding auditable events of the TOE.
Table 12 : List of Auditable Events
Functional
Requirements
Actions Which Should Be Auditable
Auditable Events
FDP_ACF.1(a)
a) Minimal: Successful requests to
Original: