Ricoh Aficio MP 3351 Security Target - Page 51

Table 18: Rules on User Documents Page 50 of 87 Subject Normal user process Object User document Rules Governing Access The TOE controls the operations on user documents in the following order 1) and 2). 1) Limit the document types by MFP applications 2) Limit the operation by each normal user 1) Limit the document types by MFP applications The availability of a user document is determined by the operation interface for normal user, application type associated with the normal user process, and document type associated with the user document. The following table shows the relationship between the application type and available document type. Operation Interfaces Application Type Available Document Type Operation Panel Document Function Server Document Server user document, fax document Scanner Function Fax Function Scanner user document Fax document, received fax document Client computer (Web browser) Document Function Server Document Server user document, scanner user document (operation permission for Scanner Function is required for the applicable normal user), fax document (operation permission for Fax Function is required for the applicable normal user) Fax Function Received fax document Client computer (printer driver) Printer Function Document Server user document Client computer (fax driver) Fax Function Fax document 2) Limit the operation for each normal user When the document user list associated with the user documents includes the login user name of the normal user associated with the normal user process, the user document operations of reading (print, download, fax, e-mail and folder transmission) and deletion are allowed for that normal user process. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.