Page 57 of
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
FDP_ACF.1.1(b) The TSF shall enforce the [assignment: TOE function access control SFP] to objects based
on the following: [assignment: subjects or objects, and their corresponding security
attributes shown in Table 20].
Table 20 : Subjects, Objects and Security Attributes (b)
Subjects or Objects
Security Attributes
Normal user process
- Login user name of normal user
- Available function list
- User role
Supervisor process
- User role
RC Gate process
- User role
MFP application
- Function type
FDP_ACF.1.2(b) The TSF shall enforce the following rules to determine if an operation among controlled
subjects and controlled objects is allowed: [assignment: rule to control operations among
objects and subjects shown in Table 21].
Table 21 : Rule to Control Operations on MFP Applications (b)
Rule to control Operations
MFP application
Normal user process
Allows executing MFP application
which MFP administrator allowed in
available function list for normal user
FDP_ACF.1.3(b) The TSF shall explicitly authorise access of subjects to objects based on the following
additional rules: [assignment: rules that the Fax Reception Function operated using
administrator permission is surely permitted].
FDP_ACF.1.4(b) The TSF shall explicitly deny access of subjects to objects based on the following additional
rules: [assignment: deny an operation on MFP application in case of supervisor process or
RC Gate process].
Subset residual information protection
Hierarchical to:
No other components.
Dependencies: No
The TSF shall ensure that any previous information content of a resource is made unavailable
upon the [selection: deallocation of the resource from] the following objects: [assignment:
user documents].