Ricoh Aficio MP 2851 Security Target - Page 69
By the above, FIA_SOS.1 Verification of secrets and FMT_SMF.1 Specification of Management
View all Ricoh Aficio MP 2851 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 69 highlights
Page 69 of 81 No fewer than the Minimum Password Length specified by the user administrator (8-32 characters) and no more than 128 characters. Administrators and supervisors No fewer than the Minimum Password Length specified by the user administrator (8-32 characters) and no more than 32 characters. (3) Rule: Passwords that are composed of a combination of characters based on the Password Complexity Setting specified by the user administrator can be registered. The user administrator specifies either Level 1 or Level 2 for Password Complexity Setting. By the above, FIA_SOS.1 (Verification of secrets) and FMT_SMF.1 (Specification of Management Functions) are satisfied. 7.1.3 SF.DOC_ACC Document Data Access Control Function The TOE restricts user access to operations that store, read, and delete document data. The access control function displays only accessible document data on the Operation Panel or client computer where the user authenticated. Availability of document data is based on the roles assigned to the user who has been successfully authenticated by the Identification and Authentication Function, or the authorisation assigned to the individual user. This section describes the access control function that allows users to access document data based on their user role. Following are the explanations of each functional item in "SF.DOC_ACC Document Data Access Control Function" and their corresponding security functional requirements. 7.1.3.1 General User Operations on Document Data The TOE allows general users to store document data and to read and delete stored document data based on the document data ACL, which contains the IDs of general users who have permission to perform operations on the document data, and the operations permissions of the ID. If a general user ID that is associated with the general user process is registered for a document data ACL, the TOE allows that general user ID to perform operations on the document data according to the permissions assigned to the general user ID in the document data ACL. Table 2 shows the relationship between the operation permissions for document data and operations on document data. Table 28 shows the value of the document data ACL when storing document data. Table 28: Default value for document data ACL Type of document data Document data stored by a general user Default value for document data ACL Document data default ACL By the above, FDP_ACC.1 (Subset access control) and FDP_ACF.1 (Security attribute based access control) are satisfied. Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.