FDP_ACF.1.1(b) The TSF shall enforce the [assignment: TOE function access control SFP] to objects based
on the following: [assignment: subjects or objects, and their corresponding security
attributes shown in Table 20].
Category
Subject
Normal user process
Supervisor process
RC Gate process
Object
MFP application
FDP_ACF.1.2(b) The TSF shall enforce the following rules to determine if an operation among controlled
subjects and controlled objects is allowed: [assignment: rule to control operations among
objects and subjects shown in Table 21].
Table 21 : Rule to Control Operations on MFP Applications (b)
Object
MFP application
FDP_ACF.1.3(b) The TSF shall explicitly authorise access of subjects to objects based on the following
additional rules: [assignment: rules that the Fax Reception Function operated using
administrator permission is surely permitted].
FDP_ACF.1.4(b) The TSF shall explicitly deny access of subjects to objects based on the following additional
rules: [assignment: deny an operation on MFP application in case of supervisor process or
RC Gate process].
FDP_RIP.1
Subset residual information protection
Hierarchical to:
No other components.
Dependencies:
No dependencies.
FDP_RIP.1.1
The TSF shall ensure that any previous information content of a resource is made unavailable
upon the [selection: deallocation of the resource from] the following objects: [assignment:
user documents].
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
Table 20 : Subjects, Objects and Security Attributes (b)
Subjects or Objects
Operation
Execute
Normal user process
Security Attributes
- Login user name of normal user
- Available function list
- User role
- User role
- User role
- Function type
Subject
Allows executing MFP application
which MFP administrator allowed in
available function list for normal user
process.
Page 57 of 93
Rule to control Operations