Page 4 of 81
Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
3.3
Assumptions
.................................................................................
27
4
Security Objectives
...............................................................................
28
4.1
Security Objectives for TOE
................................................................
28
4.2
Security Objectives of Operational Environment
........................................
29
4.3
Security Objectives Rationale
..............................................................
29
4.3.1
Tracing
.......................................................................................................
29
4.3.2
Tracing Justification
....................................................................................
30
5
Extended Components Definition
...............................................................
33
6
Security Requirements
..........................................................................
34
6.1
Security Functional Requirements
........................................................
34
6.1.1
Class FAU: Security audit
............................................................................
34
6.1.2
Class FCS: Cryptographic support
................................................................
38
6.1.3
Class FDP: User data protection
...................................................................
39
6.1.4
Class FIA: Identification and authentication
.................................................
42
6.1.5
Class FMT: Security management
................................................................
45
6.1.6
Class FPT: Protection of the TSF
..................................................................
51
6.1.7
Class FTP: Trusted path/channels
................................................................
52
6.2
Security Assurance Requirements
.........................................................
54
6.3
Security Requirements Rationale
..........................................................
55
6.3.1
Tracing
.......................................................................................................
55
6.3.2
Justification of Traceability
..........................................................................
56
6.3.3
Dependency Analysis
...................................................................................
60
6.3.4
Security Assurance Requirements Rationale
..................................................
62
7
TOE Summary Specification
....................................................................
63
7.1
TOE Security Function
.....................................................................
63
7.1.1
SF.AUDIT
Audit Function
.........................................................................
64
7.1.1.1
Generation of Audit Logs
.......................................................................
64
7.1.1.2
Reading Audit Logs
...............................................................................
66
7.1.1.3
Protection of Audit Logs
........................................................................
66
7.1.1.4
Time Stamps
........................................................................................
66
7.1.2
SF.I&A
User Identification and Authentication Function
..............................
66
7.1.2.1
User Identification and Authentication
...................................................
67
7.1.2.2
Actions in Event of Identification and Authentication Failure
...................
67