Ricoh Aficio MP 3350B Security Target - Page 73
Management of Administrator Information
View all Ricoh Aficio MP 3350B manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 73 highlights
Delete the Document File Users Change the operation permission on Document Data of Document File Users Page 73 of 83 - Document File Owners - General Users with full control authorisation - File Administrator - Document File Owners - General Users with full control authorisation - File Administrator - Document File Owners - General Users with full control authorisation If the login user is the File Administrator, the TOE allows the File Administrator to perform the operations on all Document Data ACLs including changing Document File Owners and the access rights of the Document File Owners, newly registering Document File Users, deleting Document File Users, and changing the access rights of Document File Users. If the login user is a General User, it allows the General User to perform the operations only on the Document Data ACL for which the General User is set as the full control authorised user, including changing the operation permission on Document Data of the Document File Owners, newly registering Document File Users, deleting Document File Users, and changing the operation permission on Document Data of Document File Users. However, even if the full control authorisation is not set for Document File Owners, Document File Owners are allowed to perform the operations on the Document Data ACL of the Document Data owned by the Document File Owners, including changing the operation permission on Document Data of the Document File Owners, newly registering and delete Document File Users, and changing the operation permission on Document Data of Document File Users. From the above, FMT_MSA.1 (Management of security attributes), FMT_MSA.3 (Static attribute initialisation) and FMT_SMF.1 (Specification of Management Functions) are accomplished. 7.1.4.2 Management of Administrator Information Management of Administrator Information allows only specific users to perform operations on Administrator Information from the Operation Panel or Web Service Function. Administrator Information includes Administrator IDs, Administrator Authentication Information, and Administrator Roles. The operations on Administrator Information include newly creating, querying and changing Administrator IDs, changing Administrator Authentication Information, querying, adding and deleting Administrator Roles. The users who are authorised to perform each of these operations are specified. Table 31 shows the relation between the operations on Administrator Information and the authorised users for the operations on Administrator Information. Table 31: Access to Administrator Information Operations on Administrator Information Newly create Administrator IDs Change Administrator IDs Query Administrator IDs Change Administrator Authorised operators Administrators The Administrator themselves The Administrator themselves, Supervisor The Administrator themselves, Supervisor Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.