Ricoh Aficio MP C3501 Security Target - Page 64

Page 63 of 93 FMT_MSA.1(b)Management of security attributes Hierarchical to: No other components. Dependencies: [FDP_ACC.1 Subset access control, or FDP_IFC.1 Subset information flow control] FMT_SMR.1 Security roles FMT_SMF.1 Specification of Management Function FMT_MSA.1.1(b)The TSF shall enforce the [assignment: TOE function access control SFP] to restrict the ability to [selection: query, modify, delete, [assignment: newly create]] the security attributes [assignment: security attributes in Table 27] to [assignment: the user roles with operation permission in Table 27]. Table 27 : User Roles for Security Attributes (b) Security Attributes Login user name of normal user for Basic Authentication Login user name of normal user for External Authentication Available function list Function type User role Operations Query, modify, delete, newly create Query Query, modify, delete, newly create Query, modify Query (however, query is not allowed in case of External Authentication) No operation permitted No operation permitted User Roles with operation permission MFP administrator Normal user who owns the applicable login user name MFP administrator MFP administrator Applicable normal user - -: No user roles are permitted for operations by the TOE. FMT_MSA.3(a)Static attribute initialisation Hierarchical to: No other components. Dependencies: FMT_MSA.1 Management of security attributes FMT_SMR.1 Security roles FMT_MSA.3.1(a) The TSF shall enforce the [assignment: document access control SFP] to provide [selection: restrictive] default values for security attributes that are used to enforce the SFP. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.