Ricoh Aficio MP 2851 Security Target - Page 41

FDP_IFC.1, Subset information flow control, FDP_IFF.1, Simple security attributes

Get Ricoh Aficio MP 2851 PDF manuals and user guides View all Ricoh Aficio MP 2851 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 41 highlights

Deleting document data Page 41 of 81 A general user process has permission to delete document data if the general user ID associated with the general user process matches either the document file owner ID or a document file user ID in the document data ACL associated with the document data, and if the matched ID has permission for editing/deleting or full control permission. FDP_ACF.1.3 The TSF shall explicitly authorise access of subjects to objects based on the following additional rules: [assignment: rules that explicitly grant subject's operations on objects shown in Table 10]. Table 10: Rules governing access explicitly Subject Administrator process Operations on object Deleting document data Rules governing access When the file administrator is included in administrator roles that are associated with administrator process, the administrator process has permission to delete all document data stored in the D-BOX. FDP_ACF.1.4 The TSF shall explicitly deny access of subjects to objects based on the [assignment: no rules, based on security attributes that explicitly deny access of subjects to objects]. FDP_IFC.1 Subset information flow control Hierarchical to: No other components. Dependencies: FDP_IFF.1 Simple security attributes. FDP_IFC.1.1 The TSF shall enforce the [assignment: telephone line information flow SFP] on [assignment: subjects, information, and an operation listed in Table 11]. Table 11: List of subjects, information and operation Subjects Information Operation - Fax process on Fax Unit - Fax reception process on Controller Board Data received from a telephone Transferring line (Note: "Transferring" means the Controller Board is receiving data through the Fax Unit from a telephone line.) FDP_IFF.1 Simple security attributes Hierarchical to: No other components. Dependencies: FDP_IFC.1 Subset information flow control FMT_MSA.3 Static attribute initialisation. FDP_IFF.1.1 The TSF shall enforce the [assignment: telephone line i nformation flow SFP] based on the Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
Page 41 of 81
Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
Deleting document data
A general user process has permission to delete document
data if the general user ID associated with the general user
process matches either the document file owner ID or a
document file user ID in the document data ACL associated
with the document data, and if the matched ID has permission
for editing/deleting or full control permission.
FDP_ACF.1.3 The TSF shall explicitly authorise access of subjects to objects based on the following
additional rules:
[assignment: rules that explicitly grant subject's operations on objects
shown in
Table 10
].
Table 10: Rules governing access explicitly
Subject
Operations on object
Rules governing access
Administrator
process
Deleting document data
When the file administrator is included in administrator roles
that are associated with administrator process, the
administrator process has permission to delete all document
data stored in the D-BOX.
FDP_ACF.1.4
The TSF shall explicitly deny access of subjects to objects based on the
[assignment: no
rules, based on security attributes that explicitly deny access of subjects to objects]
.
FDP_IFC.1
Subset information flow control
Hierarchical to:
No other components.
Dependencies:
FDP_IFF.1 Simple security attributes.
FDP_IFC.1.1
The TSF shall enforce the
[assignment: telephone line information flow SFP]
on
[assignment: subjects, information, and an operation listed in
Table 11
]
.
Table 11: List of subjects, information and operation
Subjects
Information
Operation
- Fax process on Fax Unit
- Fax reception process on Controller Board
Data received from a telephone
line
Transferring
(Note: "Transferring" means the Controller Board is receiving data through the Fax Unit from a telephone
line.)
FDP_IFF.1
Simple security attributes
Hierarchical to:
No other components.
Dependencies:
FDP_IFC.1 Subset information flow control
FMT_MSA.3 Static attribute initialisation.
FDP_IFF.1.1
The TSF shall enforce the
[assignment: telephone line information flow SFP]
based on the