Page 37 of 80
Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
Functional
requirements
Actions which should be auditable Auditable events of TOE
invocations, if available.
FAU_GEN.1.2 The TSF shall record within each audit record at least the following information:
a) Date and time of the event, type of event, subject identity (if applicable), and the outcome
(success or failure) of the event; and
b) For each audit event type, based on the auditable event definitions of the functional
components included in the PP/ST, [assignment: communication IP address, IDs of
persons whose authentication information is created/changed/deleted, Locking out users,
release of user Lockout, method of Lockout release, IDs of object document data].
FAU_SAR.1 Audit review
Hierarchical to: No other components.
Dependencies: FAU_GEN.1 Audit data generation.
FAU_SAR.1.1 The TSF shall provide [assignment: the machine administrator] with the capability to read
[assignment: all log items] from the audit records.
FAU_SAR.1.2 The TSF shall provide the audit records in a manner suitable for the user to interpret the
information.
FAU_SAR.2 Restricted audit review
Hierarchical to: No other components.
Dependencies: FAU_SAR.1 Audit review.
FAU_ SAR.2.1 The TSF shall prohibit all users read access to the audit records, except those users that have
been granted explicit read-access.
FAU_STG.1 Protected audit trail storage
Hierarchical to: No other components.
Dependencies: FAU_GEN.1 Audit data generation.
FAU_STG.1.1 The TSF shall protect the stored audit records in the audit trail from unauthorised deletion.
FAU_STG.1.2 The TSF shall be able to [selection: prevent] unauthorised modifications to the stored audit
records in the audit trail.
FAU_STG.4 Prevention of audit data loss
Hierarchical to: FAU_STG.3 Action in case of possible audit data loss.
Dependencies: FAU_STG.1 Protected audit trail storage.
FAU_STG.4.1 The TSF shall [selection: overwrite the oldest stored audit records] and [assignment: no
To Next Page
Loading...
