Ricoh Aficio MP C3501 Security Target - Page 34

Page 33 of 93 For those points mentioned above, the security problems and security objectives in this ST are consistent with those in the PP. 2.4.3 Consistency Claim with Security Requirements in PP The SFRs for this TOE consist of the Common Security Functional Requirements, 2600.1-PRT, 2600.1-SCN, 2600.1-CPY, 2600.1-FAX, 2600.1-DSR, and 2600.1-SMI. The Common Security Functional Requirements are the indispensable SFR specified by the PP. 2600.1-PRT, 2600.1-SCN, 2600.1-CPY, 2600.1-FAX, 2600.1-DSR, and 2600.1-SMI are selected from the SFR Package specified by the PP. 2600.1-NVS is not selected because this TOE does not have any non-volatile memory medium that is detachable. Although the security requirements of this ST were partly augmented and instantiated over the security requirements of the PP, they are still consistent with the PP. Described below are the parts augmented and instantiated with the reasons for their consistency with the PP. Augmentation of FAU_STG.1, FAU_STG.4, FAU_SAR.1, and FAU_SAR.2 FAU_STG.1, FAU_STG.4, FAU_SAR.1, and FAU_SAR.2 are augmented according to PP APPLICATION NOTE7 in order for the TOE to maintain and manage the audit logs. Augmentation of FIA_AFL.1, FIA_UAU.7, and FIA_SOS.1 For the Basic Authentication function of the TOE, FIA_AFL.1, FIA_UAU.7, and FIA_SOS.1 are augmented according to PP APPLICATION NOTE36. Refinement of FIA_UAU.1(a), FIA_UAU.1(b), FIA_UID.1(a), FIA_UID.1(b), and FIA_SOS.1 For authentication of normal users of this TOE, Basic Authentication conducted by the TOE and authentication conducted by the external authentication server can be used. According to PP APPLICATION NOTE 35, the authentications of users are assumed to be executed by the TOE or external IT devices. For this reason, both Basic Authentication and External Authentication comply with the PP. The refinement of FIA_UAU.1(a), FIA_UAU.1(b), FIA_UID.1(a), FIA_UID.1(b), and FIA_SOS.1 is to identify these authentication methods; it is not to change the security requirements specified by the PP. Augmentation and Refinement of FIA_UAU.2 and FIA_UID.2 Since the identification and authentication method for RC Gate differs from the identification and authentication methods for normal users or administrator, FIA_UAU.2 and FIA_UID.2 are augmented according to PP APPLICATION NOTE 37 and PP APPLICATION NOTE 41, aside from FIA_UAU.1(a), FIA_UAU.1(b), FIA_UID.1(a) and FIA_UID.1(b). The refinement of FIA_UAU.2 and FIA_UID.2 is to identify the identification and authentication method for normal users or administrator and the identification and authentication method for RC Gate; it is not to change the security requirements specified by the PP. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.