Ricoh Aficio MP C7501SP Manual page 6

Security policy

Hide thumbs Also See for Aficio MP C7501SP:

Information sheet (8 pages)

Table of Contents

Page 5 of 89

List of Figures

Figure 1 : Example of TOE Environment ....................................................................................................... 9

Figure 2 : Hardware Configuration of the TOE ............................................................................................ 12

Figure 3 : Logical Scope of the TOE ............................................................................................................ 17

List of Tables

Table 1 : Identification Information of TOE ................................................................................................... 7

Table 2 : Definition of Users ......................................................................................................................... 15

Table 3 : List of Administrative Roles .......................................................................................................... 15

Table 4 : Definition of User Data .................................................................................................................. 22

Table 5 : Definition of TSF Data................................................................................................................... 23

Table 6 : Specific Terms Related to This ST ................................................................................................. 23

Table 7 : Rationale for Security Objectives................................................................................................... 38

Table 8 : List of Auditable Events................................................................................................................. 46

Table 9 : List of Cryptographic Key Generation ........................................................................................... 49

Table 10 : List of Cryptographic Operation .................................................................................................. 49

Table 11 : List of Subjects, Objects, and Operations among Subjects and Objects (a) ................................. 50

Table 12 : List of Subjects, Objects, and Operations among Subjects and Objects (b)................................. 50

Table 13 : Subjects, Objects and Security Attributes (a) ............................................................................... 50

Table 14 : Rules to Control Operations on Document Data and User Jobs (a) ............................................. 51

Table 15 : Additional Rules to Control Operations on Document Data and User Jobs (a)............................ 52

Table 16 : Subjects, Objects and Security Attributes (b)............................................................................... 53

Table 17 : Rule to Control Operations on MFP Applications (b) .................................................................. 53

Table 18 : List of Authentication Events of Basic Authentication................................................................. 54

Table 19 : List of Actions for Authentication Failure.................................................................................... 54

Table 20 : List of Security Attributes for Each User That Shall Be Maintained ........................................... 55

Table 21 : Rules for Initial Association of Attributes .................................................................................... 57

Table 22 : User Roles for Security Attributes (a) .......................................................................................... 58

Table 23 : User Roles for Security Attributes (b) .......................................................................................... 59

Table 24 : Authorised Identified Roles Allowed to Override Default Values................................................ 60

Table 25 : List of TSF Data........................................................................................................................... 61

Table 26 : List of Specification of Management Functions........................................................................... 62

Table 27 : TOE Security Assurance Requirements (EAL3+ALC_FLR.2).................................................... 64

Table 28 : Relationship between Security Objectives and Functional Requirements ................................... 66

Table 29 : Results of Dependency Analysis of TOE Security Functional Requirements .............................. 73

Table 30 : List of Audit Events...................................................................................................................... 76

Table 31 : List of Audit Log Items ................................................................................................................ 77

Table 32 : Unlocking Administrators for Each User Role............................................................................. 79

Table 33 : Stored Documents Access Control Rules for Normal Users ........................................................ 81

Table 34 : Encrypted Communications Provided by the TOE ...................................................................... 83

Table 35 : List of Cryptographic Operations for Stored Data Protection ...................................................... 84

Table of Contents