1. Manuals
  2. Brands
  3. Ricoh Manuals
  4. Printer
  5. Aficio MP C4501
  6. Manual

Extended Components Definition; Restricted Forwarding Of Data To External Interfaces (Fpt_Fdi_Exp) - Ricoh Aficio MP C4501 Series Manual

Security target
Hide thumbs Also See for Aficio MP C4501 Series:
Table of Contents

Advertisement

5 Extended Components Definition

This section describes Extended Components Definition.
5.1

Restricted forwarding of data to external interfaces (FPT_FDI_EXP)

Family behaviour
This family defines requirements for the TSF to restrict direct forwarding of information from one external
interface to another external interface.
Many products receive information on specific external interfaces and are intended to transform and process
this information before it is transmitted on another external interface. However, some products may provide
the capability for attackers to misuse external interfaces to violate the security of the TOE or devices that are
connected to the TOE's external interfaces. Therefore, direct forwarding of unprocessed data between
different external interfaces is forbidden unless explicitly allowed by an authorized administrative role. The
family FPT_FDI_EXP has been defined to specify this kind of functionality.
Component levelling:
FPT_FDI_EXP: Restricted forwarding of data to external interfaces
FPT_FDI_EXP.1 Restricted forwarding of data to external interfaces provides for the functionality to require
TSF controlled processing of data received over defined external interfaces before these data are sent out on
another external interface. Direct forwarding of data from one external interface to another one requires
explicit allowance by an authorized administrative role.
Management: FPT_FDI_EXP.1
The following actions could be considered for the management functions in FMT:
a)
Definition of the role(s) that are allowed to perform the management activities
b)
Management of the conditions under which direct forwarding can be allowed by an administrative role
c)
Revocation of such an allowance
Audit:
FPT_FDI_EXP.1
There are no auditable events foreseen.
Rationale:
Quite often, a TOE is supposed to perform specific checks and process data received on one external
interface before such (processed) data are allowed to be transferred to another external interface. Examples
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
Page 47 of 93
1
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Ricoh Aficio MP C4501 Series

Related Content for Ricoh Aficio MP C4501 Series

This manual is also suitable for:

Aficio c5501 seriesAficio mp c5501 series

Table of Contents