Page 4 of 83
3.3
Assumptions
.................................................................................................................
29
4
Security Objectives
..............................................................................................................
30
4.1
Security Objectives for TOE
.........................................................................................
30
4.2
Security Objectives for Operational Environment
......................................................
31
4.3
Security Objectives Rationale
......................................................................................
31
4.3.1
Tracing
.....................................................................................................................
31
4.3.2
Tracing Validity
.......................................................................................................
32
5
Extended Components Definition
.......................................................................................
35
6
Security Requirements
........................................................................................................
36
6.1
Security Functional Requirements
..............................................................................
36
6.1.1
Class FAU: Security audit
.......................................................................................
36
6.1.2
Class FCS: Cryptographic support
.........................................................................
41
6.1.3
Class FDP: User data protection
............................................................................
42
6.1.4
Class FIA: Identification and authentication
.........................................................
45
6.1.5
Class FMT: Security management
..........................................................................
48
6.1.6
Class FPT: Protection of the TSF
............................................................................
54
6.1.7
Class FTP: Trusted path/channels
..........................................................................
55
6.2
Security Assurance Requirements
...............................................................................
56
6.3
Security Requirements Rationale
................................................................................
57
6.3.1
Tracing
.....................................................................................................................
57
6.3.2
Tracing Validity
.......................................................................................................
58
6.3.3
Dependency Analysis
...............................................................................................
62
6.3.4
Security Assurance Requirements Rationale
.........................................................
64
7
TOE Summary Specification
...............................................................................................
65
7.1
TOE Security Function
................................................................................................
65
7.1.1
SF.AUDIT
Audit Function
....................................................................................
66
7.1.1.1
Audit logs generation
.......................................................................................
67
7.1.1.2
Reading Audit Logs
..........................................................................................
68
7.1.1.3
Protection of Audit Logs
...................................................................................
68
7.1.1.4
Time stamps
......................................................................................................
68
7.1.2
SF.I&A
User Identification and Authentication Function
..................................
69
7.1.2.1
User Identification and Authentication
...........................................................
69
7.1.2.2
Action in case of Identification and Authentication Failure
...........................
69
Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.