Ricoh Aficio MP 3350B Security Target - Page 48

Page 48 of 83 associated with subjects acting on the behalf of users: [assignment: Administrators can add their own assigned Administrator Roles to other Administrators, and can delete their own Administrator Roles. However, if deleting the Administrator Role makes no Administrator covers that Administrator Role, it is not allowed to delete the Administrator Role]. 6.1.5 Class FMT: Security management FMT_MSA.1 Management of security attributes Hierarchical to: No other components. Dependencies: [FDP_ACC.1 Subset access control, or FDP_IFC.1 Subset information flow control] FMT_SMR.1 Security roles FMT_SMF.1 Specification of Management Functions FMT_MSA.1.1 The TSF shall enforce the [assignment: MFP access control SFP] to restrict the ability to [selection: query, modify, delete, [assignment: newly create, change, add]] the security attributes [assignment: security attributes in Table 17] to [assignment: users/roles in Table 17]. Table 17: Management Roles of Security Attributes㩷 Security attributes General User IDs (a data item of General User Information) Administrator IDs Administrator Roles Supervisor ID Document Data ACL Operations Query, newly create, delete Query Newly create Query, change Query Query, add, delete Query, change Query, modify Document Data Default Query, ACL (a data item of modify User roles - User Administrator - General Users - Administrators - Administrators who owns the applicable Administrator IDs - Supervisor - Administrators who are assigned the applicable Administrator Roles - Supervisor - File Administrator - Document File Owner - General Users who have full control operation permission for the applicable Document Data - User Administrator - The General User who create the applicable Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.