Ricoh C400DN Security Target - Page 55

Page 54 of 91 Document data +CPY Read Normal user process Not allowed. However, it is allowed for normal user process that created the document data. Document data +DSR Delete Normal user process Not allowed. However, it is allowed for normal user process with login user name of normal user registered on document user list for document data. Document data +DSR Read Normal user process Not allowed. However, it is allowed for normal user process with login user name of normal user registered on document user list for document data. User jobs No setting of document data attribute Delete Normal user process Not allowed. However, it is allowed for normal user process with login user name of normal user, which is the security attribute of user jobs. FDP_ACF.1.3(a) The TSF shall explicitly authorise access of subjects to objects based on the following additional rules: [assignment: rules to control operations among subjects and objects shown in Table 18]. Table 18 : Additional Rules to Control Operations on Document Data and User Jobs (a) Objects Document Data Attributes Operations Subjects Rules to control Operations Document data +PRT Delete MFP administrator process Allows. Document data +FAXIN Delete MFP administrator process Allows. Document data +DSR Delete MFP administrator process Allows. User jobs No setting of document data attribute Delete MFP administrator process Allows. FDP_ACF.1.4(a) The TSF shall explicitly deny access of subjects to objects based on the following additional rules: [assignment: deny the operations on the document data and user jobs in case of supervisor process or RC Gate process]. FDP_ACF.1(b) Security attribute-based access control Hierarchical to: No other components. Dependencies: FDP_ACC.1 Subset access control FMT_MSA.3 Static attribute initialisation Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.