Ricoh Mp C3001 Instruction Manual

    Page 50 of 93 
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved. 
  perform an operation on an object 
covered by the SFP. 
b) Basic: All requests to perform an 
operation on an object covered by the 
SFP. 
c) Detailed: The specific security 
attributes used in making an access 
check. - Start and end operation of 
storing document data. 
- Start and end operation of 
printing document data. 
- Start and end operation of 
downloading document data. 
- Start and end operation of 
faxing...

    Page 51 of 93 
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved. 
authentication mechanism; 
b) Basic: All use of the authentication 
mechanism. login operation 
FIA_UID.1(a)  a) Minimal: Unsuccessful use of the 
user identification mechanism, 
including the user identity provided; 
b) Basic: All use of the user 
identification mechanism, including 
the user identity provided. b) Basic: Success and failure of 
login operation. Also includes 
the user identification that is 
required by the...

    Page 52 of 93 
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved. 
Dependencies:    FAU_GEN.1 Audit data generation 
FIA_UID.1 Timing of identification 
FAU_GEN.2.1  For audit events resulting from actions of identified users, the TSF shall be able to associate 
each auditable event with the identity of the user that caused the event. 
FAU_STG.1  Protected audit trail storage 
Hierarchical to:  No other components. 
Dependencies:  FAU_GEN.1 Audit data generation 
FAU_STG.1.1  The TSF shall...

    Page 53 of 93 
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved. 
specified cryptographic key sizes [assignment: cryptographic key sizes in Table 13] that 
meet the following: [assignment: standards in Table 13]. 
Table 13 : List of Cryptographic Key Generation 
Key Type Standard Cryptographic Key 
Generation Algorithm 
Cryptographic 
Key Size 
HDD cryptographic key  BSI-AIS31  TRNG  256 bits 
 
FCS_COP.1 Cryptographic operation 
Hierarchical to:  No other components. 
Dependencies:...

    Page 54 of 93 
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved. 
Table 15 : List of Subjects, Objects, and Operations among Subjects and Objects (a) 
Subjects - Normal user process 
- MFP administrator process 
- Supervisor process 
- RC Gate process 
Objects - Document data 
- User jobs 
Operations - Read 
- Delete 
 
FDP_ACC.1(b)  Subset access control 
Hierarchical to:  No other components. 
Dependencies:  FDP_ACF.1 Security attribute based access control 
FDP_ACC.1.1(b)  The TSF shall...

    Page 55 of 93 
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved. 
Subject  Supervisor process  - User role 
Subject  RC Gate process  - User role 
Object  Document data  - Document data attribute 
- Document user list 
Object  User job  - Login user name of normal user 
 
FDP_ACF.1.2(a)  The TSF shall enforce the following rules to determine if an operation among controlled 
subjects and controlled objects is allowed: [assignment: rules to control operations among 
subjects and objects...

    Page 56 of 93 
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved. 
Document 
data +CPY Read Normal user 
process Not allowed. However, it is allowed for 
normal user process that created the 
document data. 
Document 
data +DSR Delete Normal user 
process Not allowed. However, it is allowed for 
normal user process with login user 
name of normal user registered on 
document user list for document data. 
Document 
data +DSR Read Normal user 
process Not allowed. However, it is allowed for...

    Page 57 of 93 
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved. 
FDP_ACF.1.1(b)  The TSF shall enforce the [assignment: TOE function access control SFP] to objects based 
on the following: [assignment: subjects or objects, and their corresponding security 
attributes shown in Table 20]. 
Table 20 : Subjects, Objects and Security Attributes (b) 
Category Subjects or Objects Security Attributes 
Normal user process  - Login user name of normal user 
- Available function list 
- User role...

    Page 58 of 93 
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved. 
6.1.4  Class FIA: Identification and authentication 
FIA_AFL.1 Authentication failure handling 
Hierarchical to:  No other components. 
Dependencies:  FIA_UAU.1 Timing of authentication 
FIA_AFL.1.1  The TSF shall detect when [selection: an administrator configurable positive integer within 
[assignment: 1 to 5]] unsuccessful authentication attempts occur related to [assignment: the 
authentication events of Basic...

    Page 59 of 93 
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved. 
Table 24 : List of Security Attributes for Each User That Shall Be Maintained 
Users List of Security Attributes 
Normal user  - Login user name of normal user 
- User role 
- Available function list 
Supervisor  - User role 
MFP administrator  - Login user name of MFP administrator 
- User role 
RC Gate  - User role 
 
FIA_SOS.1  Verification of secrets 
Hierarchical to:  No other components. 
Dependencies: No dependencies....