Ricoh Aficio MP C2800 Security Target - Page 39

6.1.3 Class FDP: User data protection Page 39 of 80 FDP_ACC.1 Subset access control Hierarchical to: No other components. Dependencies: FDP_ACF.1 Security attribute based access control. FDP_ACC.1.1 The TSF shall enforce the [assignment:MFP access control SFP] on [assignment: List of Subjects, Objects, and Operation among Subjects and Objects inTable 7 Table 7: List of subjects, objects, and operations among subjects and objects Subjects Administrator process General user process Objects Document data Document data Operations among subjects and objects Deleting document data Storing document data Reading document data Deleting document data FDP_ACF.1 Security attribute based access control Hierarchical to: No other components. Dependencies: FDP_ACC.1 Subset access control FMT_MSA.3 Static attribute initialisation. FDP_ACF.1.1 The TSF shall enforce the [assignment: MFP access control SFP] to objects based on the following: [assignment: subjects or objects, and their corresponding security attributes shown Table 8]. Table 8: Subjects, objects and security attributes Types Subject Subject Object Subjects or objects Administrator process General user process Document data Security attributes - Administrator IDs - Administrator roles - General user ID - Document data default ACL - Document data ACL FDP_ACF.1.2 The TSF shall enforce the following rules to determine if an operation among controlled subjects and controlled objects is allowed: [assignment: rules governing subject operations on objects and access to the operations shown in Table 9 Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.