Page 45 of 80
Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
FDP_IFC.1 Subset information flow control]
FMT_SMR.1 Security roles
FMT_SMF.1 Specification of Management Functions
FMT_MSA.1.1 The TSF shall enforce the [assignment: MFP access control SFP] to restrict the ability to
[selection: query, modify, delete, [assignment: newly create, change, add]] the security
attributes [assignment: security attributes inTable 16] to [assignment: users/roles in
Table 16].
Table 16: Management roles of security attributes
Security attributes Operations User roles
Query,
newly create,
delete
- User administrator
General user IDs (a data
item of general user
information)
Query - General users
Newly create - Administrators
Query,
change
- Administrators who own the administrator IDs
Administrator IDs
Query - Supervisor
Administrator roles
Query,
add,
delete
- Administrators who are assigned these administrator
roles
Supervisor ID
Query,
change
- Supervisor
Document data ACL
Query,
modify
- File administrator
- Document file owner
- General users who have full control operation
permissions for the relevant document data
Document data default
ACL (a data item of
general user information)
Query,
modify
- User administrator
- The general user who creates the applicable
document data
FMT_MSA.3 Static attribute initialisation
Hierarchical to: No other components.
Dependencies: FMT_MSA.1 Management of security attributes
FMT_SMR.1 Security roles
FMT_MSA.3.1 The TSF shall enforce the [assignment: MFP access control SFP] to provide default
values [selection: [assignment: specified as shown in Table 17] for security attributes that
are used to enforce the SFP.
FMT_MSA.3.2 The TSF shall allow the [assignment: no authorised identified roles] to specify alternative
initial values to override the default values when an object or information is created.
To Next Page
Loading...
