Ricoh Aficio MP 2851 Security Target - Page 71

Page 71 of 81 If the logged-in user is a general user, the TOE allows that user to perform operations only on document data ACLs for which the user has full control authorisation. These operations are changing the document file owner's operation permissions for the document data, and newly registering and deleting document file users and changing their operation permissions. However, even if full control authorisation is not set for document file owners, document file owners can still perform operations on the document data ACLs of their own document data. These operations include changing the document file owner's operation permissions for the document data, newly registering and deleting document file users, and changing the document file users' operation permissions for the document data. By the above, FMT_MSA.1 (Management of security attributes), FMT_MSA.3 (Static attribute initialisation), and FMT_SMF.1 (Specification of management functions) are satisfied. 7.1.4.2 Management of Administrator Information Management of administrator information allows only specified users to perform operations on administrator information from the Operation Panel or Web Service Function. Administrator information includes administrator IDs, administrator authentication information, and administrator roles. Operations on administrator information include creation of new administrators, querying and changing administrator IDs, changing administrator authentication information, and querying, adding and deleting administrator roles. These operations can be performed only by specified users who have been authorised for each operation. Table 30 shows the relationship between the operations on administrator information and the users authorised for operations on administrator information. Table 30: Access to administrator information Operations on administrator information Creation of new administrator IDs Change administrator IDs Query administrator IDs Change administrator authentication information Add and query administrator roles Delete administrator roles Authorised users Administrators Administrators themselves Administrators themselves, supervisors Administrators themselves, supervisors Administrators already assigned that administrator role Administrators already assigned that administrator role (However, no administrator roles can be deleted unless these roles are assigned to another administrator.) If the logged-in user is an administrator or supervisor, the TOE allows that user to perform the operations shown in Table 30, respectively. By the above, FIA_USB.1 (User-subject binding), FMT_MSA.1 (Management of security attributes), FMT_MTD.1 (Management of TSF data), FMT_SMF.1 (Specification of management functions) and FMT_SMR.1 (Security roles) are satisfied. Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.