Security Requirements Rationale; Tracing; Table 30 : Toe Security Assurance Requirements (Eal3+Alc_Flr.2) - Ricoh Aficio MP 2852SP Manual

Table 31 : TOE Security Assurance Requirements (EAL3+ALC_FLR.2)
Assurance Classes
ADV:
Development
AGD:
Guidance documents
ALC:
Life-cycle support
ASE:
Security Target evaluation
ATE:
Tests
AVA:
Vulnerability assessment
6.3

Security Requirements Rationale

This section describes the rationale for security requirements.
If all security functional requirements are satisfied as below, the security objectives defined in "4 Security
Objectives" are fulfilled.
6.3.1

Tracing

Table 32 shows the relationship between the TOE security functional requirements and TOE security
objectives. Table 32 shows that each TOE security functional requirement fulfils at least one TOE security
objective.
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
ADV_ARC.1 Security architecture description
ADV_FSP.3 Functional specification with complete summary
ADV_TDS.2 Architectural design
AGD_OPE.1 Operational user guidance
AGD_PRE.1 Preparative procedures
ALC_CMC.3 Authorisation controls
ALC_CMS.3 Implementation representation CM coverage
ALC_DEL.1 Delivery procedures
ALC_DVS.1 Identification of security measures
ALC_LCD.1 Developer defined life-cycle model
ALC_FLR.2 Flaw reporting procedures
ASE_CCL.1 Conformance claims
ASE_ECD.1 Extended components definition
ASE_INT.1 ST introduction
ASE_OBJ.2 Security objectives
ASE_REQ.2 Derived security requirements
ASE_SPD.1 Security problem definition
ASE_TSS.1 TOE summary specification
ATE_COV.2 Analysis of coverage
ATE_DPT.1 Testing: basic design
ATE_FUN.1 Functional testing
ATE_IND.2 Independent testing - sample
AVA_VAN.2 Vulnerability analysis
Assurance Components
Page 67 of 91