Ricoh Aficio MP C2800 Security Target - Page 4

Page 4 of 80 3.3 Assumptions...26 4 Security Objectives 27 4.1 Security Objectives for TOE 27 4.2 Security Objectives of Operational Environment 28 4.3 Security Objectives Rationale 28 4.3.1 Tracing...28 4.3.2 Tracing Justification...29 5 Extended Components Definition 32 6 Security Requirements 33 6.1 Security Functional Requirements 33 6.1.1 Class FAU: Security audit...33 6.1.2 Class FCS: Cryptographic support 38 6.1.3 Class FDP: User data protection 39 6.1.4 Class FIA: Identification and Authentication 42 6.1.5 Class FMT: Security management 44 6.1.6 Class FPT: Protection of the TSF 51 6.1.7 Class FTP: Trusted path/channels 51 6.2 Security Assurance Requirements 53 6.3 Security Requirements Rationale 54 6.3.1 Tracing...54 6.3.2 Justification of Traceability 55 6.3.3 Dependency Analysis...59 6.3.4 Security Assurance Requirements Rationale 61 7 TOE Summary Specification 62 7.1 TOE Security Function 62 7.1.1 SF.AUDIT Audit Function 63 7.1.1.1 Generation of Audit Logs 63 7.1.1.2 Reading Audit Logs ...65 7.1.1.3 Protection of Audit Logs 65 7.1.1.4 Time Stamps...65 7.1.2 SF.I&A User Identification and Authentication Function 65 7.1.2.1 User Identification and Authentication 66 7.1.2.2 Actions in Event of Identification and Authentication Failure 66 Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.