Page 3 of 91
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
3.1 Threats .......................................................................................................................34
3.2 Organisational Security Policies ................................................................................35
3.3 Assumptions...............................................................................................................35
4 Security Objectives............................................................................................................37
4.1 Security Objectives for TOE .......................................................................................37
4.2 Security Objectives of Operational Environment.......................................................38
4.2.1 IT Environment......................................................................................................... 38
4.2.2 Non-IT Environment................................................................................................. 39
4.3 Security Objectives Rationale.....................................................................................40
4.3.1 Correspondence Table of Security Objectives ......................................................... 40
4.3.2 Security Objectives Descriptions ............................................................................. 41
5 Extended Components Definition......................................................................................45
5.1 Restricted forwarding of data to external interfaces (FPT_FDI_EXP) .......................45
6 Security Requirements......................................................................................................47
6.1 Security Functional Requirements.............................................................................47
6.1.1 Class FAU: Security audit ........................................................................................ 47
6.1.2 Class FCS: Cryptographic support .......................................................................... 51
6.1.3 Class FDP: User data protection ............................................................................. 52
6.1.4 Class FIA: Identification and authentication ......................................................... 56
6.1.5 Class FMT: Security management........................................................................... 60
6.1.6 Class FPT: Protection of the TSF............................................................................. 65
6.1.7 Class FTA: TOE access ............................................................................................. 66
6.1.8 Class FTP: Trusted path/channels........................................................................... 66
6.2 Security Assurance Requirements..............................................................................66
6.3 Security Requirements Rationale...............................................................................67
6.3.1 Tracing ....................................................................................................................... 67
6.3.2 Justification of Traceability...................................................................................... 69
6.3.3 Dependency Analysis ................................................................................................ 75
6.3.4 Security Assurance Requirements Rationale.......................................................... 77
7 TOE Summary Specification.............................................................................................78
7.1 Audit Function ...........................................................................................................78
7.2 Identification and Authentication Function ...............................................................80
To Next Page
Loading...
