Ricoh Aficio MP C3001 Security Target - Page 70

Page 69 of 93 Table 31 : TOE Security Assurance Requirements (EAL3+ALC_FLR.2) Assurance Classes ADV: Development AGD: Guidance documents ALC: Life-cycle support ASE: Security Target evaluation ATE: Tests AVA: Vulnerability assessment ADV_ARC.1 ADV_FSP.3 ADV_TDS.2 AGD_OPE.1 AGD_PRE.1 ALC_CMC.3 ALC_CMS.3 ALC_DEL.1 ALC_DVS.1 ALC_LCD.1 ALC_FLR.2 ASE_CCL.1 ASE_ECD.1 ASE_INT.1 ASE_OBJ.2 ASE_REQ.2 ASE_SPD.1 ASE_TSS.1 ATE_COV.2 ATE_DPT.1 ATE_FUN.1 ATE_IND.2 AVA_VAN.2 Assurance Components Security architecture description Functional specification with complete summary Architectural design Operational user guidance Preparative procedures Authorisation controls Implementation representation CM coverage Delivery procedures Identification of security measures Developer defined life-cycle model Flaw reporting procedures Conformance claims Extended components definition ST introduction Security objectives Derived security requirements Security problem definition TOE summary specification Analysis of coverage Testing: basic design Functional testing Independent testing - sample Vulnerability analysis 6.3 Security Requirements Rationale This section describes the rationale for security requirements. If all security functional requirements are satisfied as below, the security objectives defined in "4 Security Objectives" are fulfilled. 6.3.1 Tracing Table 32 shows the relationship between the TOE security functional requirements and TOE security objectives. Table 32 shows that each TOE security functional requirement fulfils at least one TOE security objective. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.