Ricoh Aficio MP 3350B Security Target - Page 42

6.1.3 Class FDP: User data protection Page 42 of 83 FDP_ACC.1 Subset access control Hierarchical to: No other components. Dependencies: FDP_ACF.1 Security attribute based access control. FDP_ACC.1.1 The TSF shall enforce the [assignment: MFP access control SFP] on [assignment: List of Subjects, Objects, and Operation among Subjects and Objects in Table 8]. Table 8: List of Subjects, Objects, and Operations among Subjects and Objects Subjects Administrator process General User process Objects Document Data Document Data Operations among subjects and objects Deleting Document Data Storing Document Data Reading Document Data Deleting Document Data FDP_ACF.1 Security attribute based access control Hierarchical to: No other components. Dependencies: FDP_ACC.1 Subset access control FMT_MSA.3 Static attribute initialization. FDP_ACF.1.1 The TSF shall enforce the [assignment: MFP access control SFP] to objects based on the following: [assignment: subjects or objects, and their corresponding security attributes shown in Table 9]. Table 9: Subjects, Objects and Security Attributes㩷 Types Subjects or objects Security attributes Subject Administrator process - Administrator IDs - Administrator Roles Subject General User process - General User IDs - Document Data Default ACL Object Document Data - Document Data ACL 㩷 FDP_ACF.1.2 The TSF shall enforce the following rules to determine if an operation among controlled subjects and controlled objects is allowed: [assignment: rules governing subject's operations on objects and access on operations shown in Table 10]. Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.