Page 44 of 80
Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
authentication is in progress.
FIA_UID.2 User identification before any action
Hierarchical to: FIA_UID.1 Timing of identification.
Dependencies: No dependencies.
FIA_UID.2.1 The TSF shall require each user to be successfully identified before allowing any other
TSF-mediated actions on behalf of that user.
FIA_USB.1 User-subject binding
Hierarchical to: No other components.
Dependencies: FIA_ATD.1 User attribute definition.
FIA_USB.1.1 The TSF shall associate the following user security attributes with subjects acting on the
behalf of that user: [assignment: general user IDs, document data default ACL,
administrator IDs, administrator roles and supervisor ID].
FIA_USB.1.2 The TSF shall enforce the following rules on the initial association of user security attributes
with subjects acting on the behalf of users: [assignment: rules for the initial association of
attributes listed inTable 15].
Table 15: Rules for initial association of attributes
Users Subjects Security attributes of users
General user General user process General user ID,
Document data default ACL
Administrator Administrator process
Administrator ID,
Administrator roles
Supervisor Supervisor process Supervisor ID
FIA_USB.1.3 The TSF shall enforce the following rules governing changes to the user security attributes
associated with subjects acting on the behalf of users: [assignment: administrators can add
their own assigned administrator roles to other administrators, and can delete their own
administrator roles. However, the administrator cannot delete the assigned
administrator role if that role is assigned to no other administrators].
6.1.5 Class FMT: Security management
FMT_MSA.1 Management of security attributes
Hierarchical to: No other components.
Dependencies: [FDP_ACC.1 Subset access control, or
To Next Page
Loading...
