Ricoh Aficio MP 2851 Security Target - Page 46

Security attributes Administrator IDs Administrator roles Supervisor ID Document data ACL Operations Query Newly create Query, change Query Query, add, delete Query, change Query, modify Document data default ACL (a data item of general user information) Query, modify Page 46 of 81 User roles - General users - Administrators - Administrators who own the administrator IDs - Supervisor - Administrators who are assigned these administrator roles - Supervisor - File administrator - Document file owner - General users who have full control operation permissions for the relevant document data - User administrator - The general user who creates the applicable document data FMT_MSA.3 Static attribute initialisation Hierarchical to: No other components. Dependencies: FMT_MSA.1 Management of security attributes FMT_SMR.1 Security roles FMT_MSA.3.1 The TSF shall enforce the [assignment: MFP access control SFP] to provide default values [selection: [assignment: specified as shown in Table 17] for security attributes that are used to enforce the SFP. FMT_MSA.3.2 The TSF shall allow the [assignment: no authorised identified roles] to specify alternative initial values to override the default values when an object or information is created. Table 17: Characteristics of static attribute initialisation Object Document data stored by general users Security attribute associated with object Document data ACL Default value and its characteristic at time of object creation A value set in advance as the document data default ACL for the applicable general user (document file owner). This value can be set arbitrarily by the user administrator or the general user, and it has neither a restrictive nor permissive property, only the specified prop erty. FMT_MTD.1 Management of TSF data Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.