Page 39 of 80
Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
6.1.3 Class FDP: User data protection
FDP_ACC.1 Subset access control
Hierarchical to: No other components.
Dependencies: FDP_ACF.1 Security attribute based access control.
FDP_ACC.1.1 The TSF shall enforce the [assignment: MFP access control SFP] on [assignment: List of
Subjects, Objects, and Operation among Subjects and Objects in Table 7].
Table 7: List of subjects, objects, and operations among subjects and objects
Subjects Objects Operations among subjects and objects
Administrator process Document data Deleting document data
General user process Document data
Storing document data
Reading document data
Deleting document data
FDP_ACF.1 Security attribute based access control
Hierarchical to: No other components.
Dependencies: FDP_ACC.1 Subset access control
FMT_MSA.3 Static attribute initialisation.
FDP_ACF.1.1 The TSF shall enforce the [assignment: MFP access control SFP] to objects based on the
following: [assignment: subjects or objects, and their corresponding security attributes
shownTable 8].
Table 8: Subjects, objects and security attributes
Types Subjects or objects Security attributes
Subject Administrator process
- Administrator IDs
- Administrator roles
Subject General user process
- General user ID
- Document data default ACL
Object Document data - Document data ACL
FDP_ACF.1.2 The TSF shall enforce the following rules to determine if an operation among controlled
subjects and controlled objects is allowed: [assignment: rules governing subject
operations on objects and access to the operations shown inTable 9].
To Next Page
Loading...
