Ricoh Aficio MP 8001

To Next Page

To Previous Page

Page 3 of 82

3.3 Assumptions .................................................................................28

4 Security Objectives...............................................................................29

4.1 Security Objectives for TOE................................................................29

4.2 Security Objectives of Operational Environment........................................30

4.3 Security Objectives Rationale..............................................................30

4.3.1 Tracing......................................................................................................30

4.3.2 Tracing Justification...................................................................................31

5 Extended Components Definition...............................................................34

6 Security Requirements..........................................................................35

6.1 Security Functional Requirements........................................................35

6.1.1 Class FAU: Security audit...........................................................................35

6.1.2 Class FCS: Cryptographic support...............................................................40

6.1.3 Class FDP: User data protection..................................................................41

6.1.4 Class FIA: Identification and authentication................................................44

6.1.5 Class FMT: Security management...............................................................46

6.1.6 Class FPT: Protection of the TSF.................................................................53

6.1.7 Class FTP: Trusted path/channels...............................................................53

6.2 Security Assurance Requirements.........................................................55

6.3 Security Requirements Rationale..........................................................56

6.3.1 Tracing......................................................................................................56

6.3.2 Justification of Traceability.........................................................................57

6.3.3 Dependency Analysis..................................................................................61

6.3.4 Security Assurance Requirements Rationale.................................................63

7 TOE Summary Specification....................................................................64

7.1 TOE Security Function.....................................................................64

7.1.1 SF.AUDIT Audit Function........................................................................65

7.1.1.1 Generation of Audit Logs......................................................................66

7.1.1.2 Reading Audit Logs..............................................................................67

7.1.1.3 Protection of Audit Logs.......................................................................67

7.1.1.4 Time Stamps.......................................................................................67

7.1.2 SF.I&A User Identification and Authentication Function.............................67

7.1.2.1 User Identification and Authentication ..................................................68

7.1.2.2 Actions in Event of Identification and Authentication Failure..................68

Ricoh Aficio MP 8001 - Page 4