Security Assurance Requirements Rationale - Ricoh Aficio MP 8001 Manual

Page 63 of 82
Rationale for Removing Dependencies on FIA_UID.1
Since this TOE employs FIA_UID.2, which is hierarchical to FIA_UID.1, the dependency on FIA_UID.1 is
satisfied by FIA_UAU.2 and FMR_SMR.1.
6.3.4

Security Assurance Requirements Rationale

This TOE is a commercially available product. It is assumed that it will be used in general offices, and that
the possibility of basic security attacks on this TOE exists. Architectural design (ADV_TDS.2) is adequate
to show the validity of commercially available products. A high attack potential is required for attacks that
circumvent or tamper with the TSF, which is not covered in this evaluation. The vulnerability analysis
(AVA_VAN.2) is therefore adequate for general needs.
However, protection of the secrecy of relevant information is required to make security attacks more
difficult, and it is important to ensure a secure development environment. Development security
(ACL_DVS.1) is therefore important also.
Based on the terms and costs of the evaluation, the evaluation assurance level of EAL3 is appropriate for
this TOE.
Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.