Ricoh Aficio MP C2800 Security Target - Page 65

Page 65 of 80 *1: The starting of Audit Function is substituted with the event of the TOE startup. This TOE does not record the ending of Audit Function. The starting and ending of Audit Function audit the state of inactivity of Audit Function. Since Audit Function works as long as the TOE works and it is not necessary to audit the state of inactivity of Audit Function, it is appropriate not to record the ending of Audit Function. *2: Lockout release for administrators and supervisor by the TOE's restart, which isthe special Lockout release operation, is substituted with the event of the TOE startup. *3: For the successful reading of the document data, the objects to be recorded in IDs for the operational object document data are printing, Sending by E-mail, Delive ring to Folders and downloading from Web Service Function the document data stored in D-BOX *4 When the recording events occur due to the operations by users, User IDs are set as subject identities of basic audit information, and when the recording events occur due to the TOE, IDs that do not duplicate the user IDs but can identify systems are set. Since there are no interfaces on the TOE for modifying audit logs, unauthorised modification for the audit logs are not performed and the machine administrator who can delete the audit logs will not carry out any malicious acts using administrator privileges. By the above, FAU_GEN.1 (Audit data generation), FAU_STG.1 (Protected audit trail storage), and FAU_STG.4 (Prevention of audit data loss) are satisfied. 7.1.1.2 Reading Audit Logs The TOE allows only the machine administrator to read the audit logs in a text format using the Web Service Function. By the above, FAU_SAR.1 (Audit review), FAU_SAR.2 (Restricted audit review), and FMT_MTD.1 (Management of TSF data) are satisfied. 7.1.1.3 Protection of Audit Logs The TOE allows only the machine administrator to delete entire audit logs using the Operation Panel or the Web Service Function. By the above, FAU_SAR.1 (Audit review), FAU_SAR.2 (Restricted audit review), and FMT_MTD.1 (Management of TSF data) are satisfied. 7.1.1.4 Time Stamps The TOE logs the date and time of events by referencing the date and time of the internal system clock. By the above, FPT_STM.1 (Reliable time stamps) is satisfied. 7.1.2 SF.I&A User Identification and Authentication Function To allow authorised users to operate the TOE according to their roles and authorisation, the TOE identifies and authenticates users prior to their use of the TOE Security Functions. Following are the explanations of each functional item in " SF.I&A User Identification and Authentication Function" and their corresponding functional requirements. Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.