Ricoh Aficio MP C3002 Security Target - Page 4

Page 3 of 93 3.1 Threats ...35 3.2 Organisational Security Policies 36 3.3 Assumptions...36 4 Security Objectives...38 4.1 Security Objectives for TOE 38 4.2 Security Objectives of Operational Environment 39 4.2.1 IT Environment...39 4.2.2 Non-IT Environment 40 4.3 Security Objectives Rationale 41 4.3.1 Correspondence Table of Security Objectives 41 4.3.2 Security Objectives Descriptions 42 5 Extended Components Definition 46 5.1 Restricted forwarding of data to external interfaces (FPT_FDI_EXP 46 6 Security Requirements...48 6.1 Security Functional Requirements 48 6.1.1 Class FAU: Security audit 48 6.1.2 Class FCS: Cryptographic support 52 6.1.3 Class FDP: User data protection 53 6.1.4 Class FIA: Identification and authentication 57 6.1.5 Class FMT: Security management 61 6.1.6 Class FPT: Protection of the TSF 66 6.1.7 Class FTA: TOE access 67 6.1.8 Class FTP: Trusted path/channels 67 6.2 Security Assurance Requirements 68 6.3 Security Requirements Rationale 68 6.3.1 Tracing ...69 6.3.2 Justification of Traceability 70 6.3.3 Dependency Analysis 77 6.3.4 Security Assurance Requirements Rationale 78 7 TOE Summary Specification 80 7.1 Audit Function ...80 7.2 Identification and Authentication Function 82 Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.