Ricoh Aficio MP C2800 Security Target - Page 45

Page 45 of 80 FDP_IFC.1 Subset information flow control] FMT_SMR.1 Security roles FMT_SMF.1 Specification of Management Functions FMT_MSA.1.1 The TSF shall enforce the [assignment: MFP access control SFP] to restrict the ability to [selection: query, modify, delete, [assignment: newly create, change, add]] the security attributes [assignment: security attributes in Table 16 to [assignment: users/roles in Table 16]. Table 16: Management roles of security attributes Security attributes General user IDs (a data item of general user information) Administrator IDs Administrator roles Supervisor ID Document data ACL Operations Query, newly create, delete Query Newly create Query, change Query Query, add, delete Query, change Query, modify Document data default ACL (a data item of general user information) Query, modify User roles - User administrator - General users - Administrators - Administrators who own the administrator IDs - Supervisor - Administrators who are assigned these administrator roles - Supervisor - File administrator - Document file owner - General users who have full control operation permissions for the relevant document data - User administrator - The general user who creates the applicable document data FMT_MSA.3 Static attribute initialisation Hierarchical to: No other components. Dependencies: FMT_MSA.1 Management of security attributes FMT_SMR.1 Security roles FMT_MSA.3.1 The TSF shall enforce the [assignment: MFP access control SFP] to provide default values [selection: [assignment: specifiedas shown inTable17] for security attributes that are used to enforce the SFP. FMT_MSA.3.2 The TSF shall allow the [assignment: no authorised identified roles] to specify alternative initial values to override the default values when an object or information is created. Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.