Ricoh C400DN Security Target - Page 70
O.DOC.NO_DIS Protection of document disclosure, O.DOC.NO_ALT Protection of document alteration
UPC - 026649029516
View all Ricoh C400DN manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 70 highlights
Page 69 of 91 O.DOC.NO_DIS Protection of document disclosure O.DOC.NO_DIS is the security objective to prevent the documents from unauthorised disclosure by persons without a login user name, or by persons with a login user name but without an access permission to the document. To fulfil this security objective, it is required to implement the following countermeasures. (1) Specify and implement the access control to the document data. FDP_ACC.1(a) and FDP_ACF.1(a) only allow the following persons to view document data according to the document data attributes: the normal user who generated the document data or the normal user who is registered on the document user list of the document data. The MFP administrator, supervisor and RC Gate are not allowed to view document data. (2) Prevent reading the deleted documents, temporary documents and their fragments. Deleted documents, temporary documents and their fragments are prevented from being read by FDP_RIP.1. (3) Use trusted channels for sending or receiving document data. The document data sent and received by the TOE via the LAN are protected by FTP_ITC.1. (4) Management of the security attributes. FMT_MSA.1(a) specifies the available operations (newly create, query, modify and delete) on the login user name, and available operations (query and modify) on the document user list, and a specified user is thus restricted to perform each operation. FMT_MSA.3(a) surely sets the restrictive value to the security attributes of document data (object) when document data are generated. By satisfying FDP_ACC.1(a), FDP_ACF.1(a), FDP_RIP.1, FTP_ITC.1, FMT_MSA.1(a) and FMT_MSA.3(a), which are the security functional requirements for these countermeasures, O.DOC.NO_DIS is fulfilled. O.DOC.NO_ALT Protection of document alteration O.DOC.NO_ALT is the security objective to prevent the documents from unauthorised alteration by persons without a login user name, or by persons with a login user name but without an access permission to the document. To fulfil this security objective, it is required to implement the following countermeasures. (1) Specify and implement the access control to document data. FDP_ACC.1(a) and FDP_ACF.1(a) allow the following persons to delete document data (there is no "editing operation" of document data) according to the document data attributes: the normal user who generated the document data, the normal user who is registered in the document user list of the document data, and the MFP administrator. The supervisor and RC Gate are not allowed to delete document data. (2) Prevent deleting the deleted documents, temporary documents and their fragments. Deleted documents, temporary documents and their fragments are prevented from being used by FDP_RIP.1. (3) Use trusted channels for sending or receiving document data. The document data sent and received by the TOE via the LAN interface are protected by FTP_ITC.1. (4) Management of the security attributes. FMT_MSA.1(a) specifies the available operations (newly create, query, modify and delete) on the login user name, and available operations (query and modify) on the document user list, and a specified user Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.