Page 3 of
93
Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
3.1
3.1
3.1
3.1
Threats
Threats
Threats
Threats
................................
................................
................................
................................................................
................................
................................
................................................................
................................
................................
.........................................................
.........................
.........................
.........................
35
35
35
35
3.2
3.2
3.2
3.2
Organisational Security Policies
Organisational Security Policies
Organisational Security Policies
Organisational Security Policies
................................
................................
................................
................................................................
................................
................................
..................................................
..................
..................
..................
36
36
36
36
3.3
3.3
3.3
3.3
Assumptions
Assumptions
Assumptions
Assumptions
................................
................................
................................
................................................................
................................
................................
................................................................
................................
................................
.................................................
.................
.................
.................
36
36
36
36
4
Security Objectives
Security Objectives
Security Objectives
Security Objectives
................................
................................
................................
................................................................
................................
................................
................................................................
................................
................................
..............................................
..............
..............
..............
38
38
38
38
4.1
4.1
4.1
4.1
Security Objectives for TOE
Security Objectives for TOE
Security Objectives for TOE
Security Objectives for TOE
................................
................................
................................
................................................................
................................
................................
.........................................................
.........................
.........................
.........................
38
38
38
38
4.2
4.2
4.2
4.2
Security Objectives of Operational Environment
Security Objectives of Operational Environment
Security Objectives of Operational Environment
Security Objectives of Operational Environment
................................
................................
................................
........................................................
........................
........................
........................
39
39
39
39
4.2.1
IT Environment
.........................................................................................................
39
4.2.2
Non-IT Environment
.................................................................................................
40
4.3
4.3
4.3
4.3
Security Ob
Security Ob
Security Ob
Security Objectives Rationale
jectives Rationale
jectives Rationale
jectives Rationale
................................
................................
................................
................................................................
................................
................................
......................................................
......................
......................
......................
41
41
41
41
4.3.1
Correspondence Table of Security Objectives
.........................................................
41
4.3.2
Security Objectives Descriptions
.............................................................................
42
5
Extended Components Definition
Extended Components Definition
Extended Components Definition
Extended Components Definition
................................
................................
................................
................................................................
................................
................................
.......................................................
.......................
.......................
.......................
46
46
46
46
5.1
5.1
5.1
5.1
Restricted forwarding of data to external interfaces (FPT_FDI_EXP)
Restricted forwarding of data to external interfaces (FPT_FDI_EXP)
Restricted forwarding of data to external interfaces (FPT_FDI_EXP)
Restricted forwarding of data to external interfaces (FPT_FDI_EXP)
.......................
.......................
.......................
.......................
46
46
46
46
6
Security Requirements
Security Requirements
Security Requirements
Security Requirements
................................
................................
................................
................................................................
................................
................................
................................................................
................................
................................
........................................
........
........
........
48
48
48
48
6.1
6.1
6.1
6.1
Security Functional Requirements
Security Functional Requirements
Security Functional Requirements
Security Functional Requirements
................................
................................
................................
................................................................
................................
................................
..............................................
..............
..............
..............
48
48
48
48
6.1.1
Class FAU: Security audit
........................................................................................
48
6.1.2
Class FCS: Cryptographic support
..........................................................................
52
6.1.3
Class FDP: User data protection
.............................................................................
53
6.1.4
Class FIA: Identification and authentication
.........................................................
57
6.1.5
Class FMT: Security management
...........................................................................
61
6.1.6
Class FPT: Protection of the TSF
.............................................................................
66
6.1.7
Class FTA: TOE access
.............................................................................................
67
6.1.8
Class FTP: Trusted path/channels
...........................................................................
67
6.2
6.2
6.2
6.2
Security Assurance Requirements
Security Assurance Requirements
Security Assurance Requirements
Security Assurance Requirements
................................
................................
................................
................................................................
................................
................................
...............................................
...............
...............
...............
68
68
68
68
6.3
6.3
6.3
6.3
Security Requirements Rationale
Security Requirements Rationale
Security Requirements Rationale
Security Requirements Rationale
................................
................................
................................
................................................................
................................
................................
................................................
................
................
................
68
68
68
68
6.3.1
Tracing
.......................................................................................................................
69
6.3.2
Justification of Traceability
......................................................................................
70
6.3.3
Dependency Analysis
................................................................................................
77
6.3.4
Security Assurance Requirements Rationale
..........................................................
78
7
TOE Summary Specification
TOE Summary Specification
TOE Summary Specification
TOE Summary Specification
................................
................................
................................
................................................................
................................
................................
...............................................................
...............................
...............................
...............................
80
80
80
80
7.1
7.1
7.1
7.1
Audit Function
Audit Function
Audit Function
Audit Function
................................
................................
................................
................................................................
................................
................................
................................................................
................................
................................
.............................................
.............
.............
.............
80
80
80
80
7.2
7.2
7.2
7.2
Identification and Authentication Function
Identification and Authentication Function
Identification and Authentication Function
Identification and Authentication Function
................................
................................
................................
................................................................
................................
................................
................................
82
82
82
82