Ricoh Aficio MP C3001 Security Target - Page 63

Page 62 of 93 Dependencies: [FDP_ACC.1 Subset access control, or FDP_IFC.1 Subset information flow control] FMT_SMR.1 Security roles FMT_SMF.1 Specification of Management Function FMT_MSA.1.1(a) The TSF shall enforce the [assignment: document access control SFP] to restrict the ability to [selection: query, modify, delete, [assignment: newly create]] the security attributes [assignment: security attributes in Table 26] to [assignment: the user roles with operation permission in Table 26]. Table 26 : User Roles for Security Attributes (a) Security Attributes Login user name of normal user for Basic Authentication Login user name of normal user for External Authentication Login user name of supervisor Login user name of MFP administrator Document data attribute Document user list [when document data attributes are (+PRT), (+SCN), (+CPY), and (+FAXOUT)] Document user list [when document data attribute is (+DSR)] Document user list [when document data attribute is (+FAXIN)] Operations Query, modify, delete, newly create Query Query, modify, delete, newly create Query, modify Newly create Query, modify Query No operation permitted User Roles with Operation Permission MFP administrator Normal user who owns the applicable login user name MFP administrator Supervisor MFP administrator MFP administrator who owns the applicable login user name Supervisor - No operation permitted - Query, modify Query, modify MFP administrator, applicable normal user who stored the document data MFP administrator -: No user roles are permitted for operations by the TOE. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.