Ricoh Aficio MP C2800 Security Target - Page 44

authentication is in progress. Page 44 of 80 FIA_UID.2 User identification before any action Hierarchical to: FIA_UID.1 Timing of identification. Dependencies: No dependencies. FIA_UID.2.1 The TSF shall require each user to be successfully identified before allowing any other TSF-mediated actions on behalf of that user. FIA_USB.1 User -subject binding Hierarchical to: No other components. Dependencies: FIA_ATD.1 User attribute definition. FIA_USB.1.1 The TSF shall associate the following user security attributes with subjects acting on the behalf of that user: [assignment: general user IDs, document data default ACL, administrator IDs, administrator roles and supervisor ID]. FIA_USB.1.2 The TSF shall enforce the following rules on the initial association of user security attributes with subjects acting on the behalf of users: [assignment: rules for the initial association of attributes listed in Table 15 Table 15: Rules for initial association of attributes Users General user Administrator Supervisor Subjects General user process Administrator process Supervisor process Security attributes of users General user ID, Document data default ACL Administrator ID, Administrator ro les Supervisor ID FIA_USB.1.3 The TSF shall enforce the following rules governing changes to the user security attributes associated with subjects acting on the behalf of users:[assignment: administrators can add their own assigned administrator roles to other administrators, and can delete their own administrator roles. However, the administrator cannot delete the assigned administrator role if that role is assigned to no other administrators]. 6.1.5 Class FMT: Security management FMT_MSA.1 Management of security attributes Hierarchical to: No other components. Dependencies: [FDP_ACC.1 Subset access control, or Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.