Ricoh Aficio MP 2851 Security Target - Page 72

By the above, FMT_MSA.1 Management of security attributes, FMT_MTD.1 Management of TSF data

Get Ricoh Aficio MP 2851 PDF manuals and user guides View all Ricoh Aficio MP 2851 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 72 highlights

Page 72 of 81 7.1.4.3 Management of Supervisor Information Management of supervisor information allows only supervisors to query and change supervisor IDs, and to change supervisor authentication information from the Operation Panel or Web Service Function. If the logged-in user from the Operation Panel or a client computer is a supervisor, the TOE allows that user to query and change supervisor IDs and to change supervisor authentication information. By the above, FMT_MSA.1 (Management of security attributes), FMT_MTD.1 (Management of TSF data), FMT_SMF.1 (Specification of management functions), and FMT_SMR.1 (Security roles) are satisfied. 7.1.4.4 Management of General User Information Management of general user information allows only specified users to perform all or some of the operations involved in creating, changing, and deleting general user information from the Operation Panel or Web Service Function. General user information includes general user IDs, general user authentication information, document data default ACL, and S/MIME user information. If the logged-in user from the Operation Panel and Web Service Function is a user administrator or general user, the TOE allows that user to perform the operations shown in Table 31. Table 31: Authorised operations on general user information Operations on general user information Creation of new general user information to Address Book (general user ID, general user authentication information, and S/MIME user information) Edit general user information registered to Address Book (authentication information of general users, document data default ACL, S/MIME user information) Query general user information registered to Address Book (general user ID, document data default ACL, S/MIME user information) Query general user information registered to Address Book (general user ID, S/MIME user information) Delete general user Information registered to Address Book (general user ID, authentication information of general users, S/MIME user information) Delete general user information registered to Address Book (S/MIME user information) Authorised user User administrators User administrators General users themselves User administrators General users themselves General users User administrators General users identified as the S/MIME users When new general user information is created, the new general user ID will be set to the value of the document data default ACL as the document file owner, and authorised operations on the document data will be reading document data and modifying the document data ACL. Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
Page 72 of 81
Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
7.1.4.3
Management of Supervisor Information
Management of supervisor information allows only supervisors to query and change supervisor IDs, and to
change supervisor authentication information from the Operation Panel or Web Service Function. If the
logged-in user from the Operation Panel or a client computer is a supervisor, the TOE allows that user to
query and change supervisor IDs and to change supervisor authentication information.
By the above, FMT_MSA.1 (Management of security attributes), FMT_MTD.1 (Management of TSF data),
FMT_SMF.1 (Specification of management functions), and FMT_SMR.1 (Security roles) are satisfied.
7.1.4.4
Management of General User Information
Management of general user information allows only specified users to perform all or some of the operations
involved in creating, changing, and deleting general user information from the Operation Panel or Web
Service Function. General user information includes general user IDs, general user authentication
information, document data default ACL, and S/MIME user information.
If the logged-in user from the Operation Panel and Web Service Function is a user administrator or general
user, the TOE allows that user to perform the operations shown in Table 31.
Table 31: Authorised operations on general user information
Operations on general user information
Authorised user
Creation of
new general user information to Address
Book
(general user ID, general user authentication information,
and S/MIME user information)
User administrators
Edit general user information registered to Address Book
(authentication information of general users, document
data default ACL, S/MIME user information)
User administrators
General users themselves
Query general user information registered to Address
Book
(general user ID, document data default ACL, S/MIME
user information)
User administrators
General users themselves
Query general user information registered to Address
Book
(general user ID, S/MIME user information)
General users
Delete general user Information registered to Address
Book
(general user ID, authentication information of general
users, S/MIME user information)
User administrators
Delete general user information registered to Address
Book
(S/MIME user information)
General users identified as the S/MIME
users
When new general user information is created, the new general user ID will be set to the value of the
document data default ACL as the document file owner, and authorised operations on the document data will
be reading document data and modifying the document data ACL.