Page 47 of 82
Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
Dependencies: [FDP_ACC.1 Subset access control, or
FDP_IFC.1 Subset information flow control]
FMT_SMR.1 Security roles
FMT_SMF.1 Specification of Management Functions
FMT_MSA.1.1 The TSF shall enforce the [assignment: MFP access control SFP] to restrict the ability to
[selection: query, modify, delete, [assignment: newly create, change, add]] the security
attributes [assignment: security attributes in Table 17]to [assignment: users roles in
Table 17].
Table 17: Management roles of security attributes
Security attributes Operations User roles
Query,
newly create,
delete
- User administrator
General user IDs (a data
item of general user
information)
Query - General users
Newly create - Administrators
Query,
change
- Administrators who own the administrator IDs
Administrator IDs
Query - Supervisor
Administrator roles
Query,
add,
delete
- Administrators who are assigned these administrator
roles
Supervisor ID
Query,
change
- Supervisor
Document data ACL
Query,
modify
- File administrator
- Document file owner
- General users who have full control operation
permissions for the relevant document data
Document data default
ACL (a data item of
general user information)
Query,
modify
- User administrator
- General user who creates the applicable document
data
FMT_MSA.3 Static attribute initialisation
Hierarchical to: No other components.
Dependencies: FMT_MSA.1 Management of security attributes
FMT_SMR.1 Security roles
FMT_MSA.3.1 The TSF shall enforce the [assignment: MFP access control SFP] to provide default
values [selection: [assignment: specified as shown in Table 18] for security attributes that
are used to enforce the SFP.
FMT_MSA.3.2 The TSF shall allow the [assignment: no authorised identified roles] to specify alternative
To Next Page
Loading...
Need help?
General
