Ricoh Aficio MP 3350B Security Target - Page 71

SF.DOC_ACC, Document Data Access Control Function, 1.3.1, Operations on Document Data by General

Get Ricoh Aficio MP 3350B PDF manuals and user guides View all Ricoh Aficio MP 3350B manuals
Add to My Manuals
Save this manual to your list of manuals

Page 71 highlights

Page 71 of 83 password meets those conditions, it registers the password. If the password does not meet those conditions, it does not register password but displays an error screen. (1) Usable characters and character types: Upper-case letters: [A-Z] (26 letters) Lower-case letters: [a-z] (26 letters) Numbers: [0-9] (10 letters) Symbols: SP (space 33 letters) (2) Registerable Password Length: For General Users No fewer than the Minimum Password Length set by the User Administrator (8-32 digits), nor more than 128 digits. For Administrators and a Supervisor No fewer than the Minimum Password Length set by the User Administrator (8-32 digits), nor more than 32 digits. (3) Rule: It is allowed to register the passwords composed of a combination of character types based on the Password Complexity Setting set by the User Administrator. The User Administrator sets either Level 1 or Level 2 for Password Complexity Setting. From the above, FIA_SOS.1 (Verification of secrets) and FMT_SMF.1 (Specification of Management Functions) are accomplished. 7.1.3 SF.DOC_ACC Document Data Access Control Function The TOE controls the access to the operations by users to store, read and delete the Document Data. The access control to the Document Data displays the only accessible Document Data on the Operation Panel or client PC, where the authorised users are authenticated, based on the assigned authorisation to user roles of the authorised users, who are authenticated with Identification and Authentication Function, or on the assigned authorisation to each user. This chapter describes the access control to the Document Data for each user role. The following are the explanations of each functional item in "SF.DOC_ACC Document Data Access Control Function" and their corresponding security functional requirements. 7.1.3.1 Operations on Document Data by General Users The TOE allows General Users to store Document Data, and allows them to read and delete the stored Document Data according to the Document Data ACL. The Document Data ACL records the IDs for General Users who are allowed to perform operations on Document Data, and operation permissions for Document Data. If a General User ID associated with the General User process is registered for the Document Data ACL, the TOE allows that General User ID to perform the operations according to the user ID's operation permission for Document Data. Table 3 shows the relation between the operation permissions on Document Data and the operations on Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
Page 71 of 83
password meets those conditions, it registers the password. If the password does not meet those conditions, it
does not register password but displays an error screen.
(1) Usable characters and character types:
Upper-case letters: [A-Z] (26 letters)
Lower-case letters: [a-z] (26 letters)
Numbers: [0-9] (10 letters)
Symbols: SP (space) ! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~ (33 letters)
(2) Registerable Password Length:
For General Users
No fewer than the Minimum Password Length set by the User Administrator (8-32 digits), nor
more than 128 digits.
For Administrators and a Supervisor
No fewer than the Minimum Password Length set by the User Administrator (8-32 digits), nor
more than 32 digits.
(3) Rule:
It is allowed to register the passwords composed of a combination of character types based on the
Password Complexity Setting set by the User Administrator. The User Administrator sets either
Level 1 or Level 2 for Password Complexity Setting.
From the above, FIA_SOS.1 (Verification of secrets) and FMT_SMF.1 (Specification of Management
Functions) are accomplished.
7.1.3
SF.DOC_ACC
Document Data Access Control Function
The TOE controls the access to the operations by users to store, read and delete the Document Data. The
access control to the Document Data displays the only accessible Document Data on the Operation Panel or
client PC, where the authorised users are authenticated, based on the assigned authorisation to user roles of
the authorised users, who are authenticated with Identification and Authentication Function, or on the
assigned authorisation to each user. This chapter describes the access control to the Document Data for each
user role.
The following are the explanations of each functional item in "SF.DOC_ACC
Document
Data
Access Control Function" and their corresponding security functional requirements.
7.1.3.1
Operations on Document Data by General Users
The TOE allows General Users to store Document Data, and allows them to read and delete the stored
Document Data according to the Document Data ACL. The Document Data ACL records the IDs for
General Users who are allowed to perform operations on Document Data, and operation permissions for
Document Data. If a General User ID associated with the General User process is registered for the
Document Data ACL, the TOE allows that General User ID to perform the operations according to the user
ID's operation permission for Document Data.
Table 3 shows the relation between the operation permissions on Document Data and the operations on
Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.