Ricoh Aficio MP C2800 Security Target - Page 43

Page 43 of 80 Dependencies: No dependencies. FIA_ATD.1.1 The TSF shall maintain the following list of security attributes belonging to individual users: [assignment: general user IDs, document data default ACL, administrator IDs, administrator roles and supervisor ID]. FIA_SOS.1 Verification of secrets Hierarchical to: No other components. Dependencies: No dependencies. FIA_SOS.1.1 The TSF shall provide a mechanism to verify that secrets meet[assignment: following quality metrics]. (1) Usable characters and its types: Upper-case letters: [A-Z] (26 letters) Lower-case letters: [a-z] (26 letters) Numbers: [0-9] (10 digits) Symbols: SP (spaces 33 symbols) (2) Registerable password length: For general users No fewer than the Minimum Password Length specified by the user a dministrator (8-32 characters) and no more than 128 characters. For administrators and a supervisor No fewer than the Minimum Password Length specified by the user administrator (8-32 characters) and no more than32 characters. (3) Rule: Passwords that are composed of a combination of characters based on the Password Complexity Setting specified by the user administrator can be registered. The user administrator specifies either Level 1 or Level 2 for Password Complexity Setting. FIA_UAU.2 User authentication before any action Hierarchical to: FIA_UAU.1 Timing of authentication. Dependencies: FIA_UID.1 Timing of identification. FIA_UAU.2.1 The TSF shall require each user to be successfully authenticated before allowing any other TSF-mediated actions on behalf o f that user. FIA_UAU.7 Protected authentication feedback Hierarchical to: No other components. Dependencies: FIA_UAU.1 Timing of authentication. FIA_UAU.7.1 The TSF shall provide only [assignment: displaying a dummy letter (*: asterisks, or : bullets) for one letter of passwords on authentication feedback] to the user while the Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.