6.1.3
Class FDP: User data protection
FDP_ACC.1 Subset access control
Hierarchical to:
Dependencies:
FDP_ACC.1.1 The TSF shall enforce the [assignment: MFP access control SFP] on [assignment: List of
Subjects, Objects, and Operation among Subjects and Objects in
Table 7: List of subjects, objects, and operations among subjects and objects
Subjects
Administrator process
General user process
FDP_ACF.1
Security attribute based access control
Hierarchical to:
Dependencies:
FDP_ACF.1.1 The TSF shall enforce the [assignment: MFP access control SFP] to objects based on the
following: [assignment: subjects or objects, and their corresponding security attributes
Table 8
shown
Table 8: Subjects, objects and security attributes
Types
Subjects or objects
Subject
Administrator process
Subject
General user process
Object
Document data
FDP_ACF.1.2 The TSF shall enforce the following rules to determine if an operation among controlled
subjects and controlled objects is allowed: [assignment: rules governing subject
operations on objects and access to the operations shown in
Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
No other components.
FDP_ACF.1 Security attribute based access control.
Objects
Document data
Document data
No other components.
FDP_ACC.1 Subset access control
FMT_MSA.3 Static attribute initialisation.
].
- Administrator IDs
- Administrator roles
- General user ID
- Document data default ACL
- Document data ACL
Table 7].
Operations among subjects and objects
Deleting document data
Storing document data
Reading document data
Deleting document data
Security attributes
Table 9].
Page 39 of 80