Ricoh Aficio MP C3001 Security Target - Page 58

Page 57 of 93 FDP_ACF.1.1(b) The TSF shall enforce the [assignment: TOE function access control SFP] to objects based on the following: [assignment: subjects or objects, and their corresponding security attributes shown in Table 20]. Table 20 : Subjects, Objects and Security Attributes (b) Category Subject Subjects or Objects Normal user process Object Supervisor process RC Gate process MFP application Security Attributes - Login user name of normal user - Available function list - User role - User role - User role - Function type FDP_ACF.1.2(b) The TSF shall enforce the following rules to determine if an operation among controlled subjects and controlled objects is allowed: [assignment: rule to control operations among objects and subjects shown in Table 21]. Table 21 : Rule to Control Operations on MFP Applications (b) Object Operation Subject Rule to control Operations MFP application Execute Normal user process Allows executing MFP application which MFP administrator allowed in available function list for normal user process. FDP_ACF.1.3(b) The TSF shall explicitly authorise access of subjects to objects based on the following additional rules: [assignment: rules that the Fax Reception Function operated using administrator permission is surely permitted]. FDP_ACF.1.4(b) The TSF shall explicitly deny access of subjects to objects based on the following additional rules: [assignment: deny an operation on MFP application in case of supervisor process or RC Gate process]. FDP_RIP.1 Subset residual information protection Hierarchical to: No other components. Dependencies: No dependencies. FDP_RIP.1.1 The TSF shall ensure that any previous information content of a resource is made unavailable upon the [selection: deallocation of the resource from] the following objects: [assignment: user documents]. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.