Ricoh Aficio MP 2851 Security Target - Page 4

Page 4 of 81 3.3 Assumptions 27 4 Security Objectives 28 4.1 Security Objectives for TOE 28 4.2 Security Objectives of Operational Environment 29 4.3 Security Objectives Rationale 29 4.3.1 Tracing...29 4.3.2 Tracing Justification 30 5 Extended Components Definition 33 6 Security Requirements 34 6.1 Security Functional Requirements 34 6.1.1 Class FAU: Security audit 34 6.1.2 Class FCS: Cryptographic support 38 6.1.3 Class FDP: User data protection 39 6.1.4 Class FIA: Identification and authentication 42 6.1.5 Class FMT: Security management 45 6.1.6 Class FPT: Protection of the TSF 51 6.1.7 Class FTP: Trusted path/channels 52 6.2 Security Assurance Requirements 54 6.3 Security Requirements Rationale 55 6.3.1 Tracing...55 6.3.2 Justification of Traceability 56 6.3.3 Dependency Analysis 60 6.3.4 Security Assurance Requirements Rationale 62 7 TOE Summary Specification 63 7.1 TOE Security Function 63 7.1.1 SF.AUDIT Audit Function 64 7.1.1.1 Generation of Audit Logs 64 7.1.1.2 Reading Audit Logs 66 7.1.1.3 Protection of Audit Logs 66 7.1.1.4 Time Stamps 66 7.1.2 SF.I&A User Identification and Authentication Function 66 7.1.2.1 User Identification and Authentication 67 7.1.2.2 Actions in Event of Identification and Authentication Failure 67 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.