Page 69 of
93
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
Table 31 : TOE Security Assurance Requirements (EAL3+ALC_FLR.2)
Assurance Classes
Assurance Components
ADV_ARC.1
Security architecture description
ADV_FSP.3
Functional specification with complete summary
ADV:
Development
ADV_TDS.2 Architectural
design
AGD_OPE.1
Operational user guidance
AGD:
Guidance documents
AGD_PRE.1 Preparative
procedures
ALC_CMC.3 Authorisation
controls
ALC_CMS.3
Implementation representation CM coverage
ALC_DEL.1 Delivery
procedures
ALC_DVS.1
Identification of security measures
ALC_LCD.1
Developer defined life-cycle model
ALC:
Life-cycle support
ALC_FLR.2
Flaw reporting procedures
ASE_CCL.1 Conformance
claims
ASE_ECD.1 Extended
components
definition
ASE_INT.1 ST
introduction
ASE_OBJ.2 Security
objectives
ASE_REQ.2
Derived security requirements
ASE_SPD.1
Security problem definition
ASE:
Security Target evaluation
ASE_TSS.1 TOE
summary
specification
ATE_COV.2
Analysis of coverage
ATE_DPT.1
Testing: basic design
ATE_FUN.1 Functional
testing
ATE:
Tests
ATE_IND.2
Independent testing - sample
AVA:
Vulnerability assessment
AVA_VAN.2 Vulnerability
analysis
6.3
Security Requirements Rationale
This section describes the rationale for security requirements.
If all security functional requirements are satisfied as below, the security objectives defined in "4 Security
Objectives" are fulfilled.
6.3.1 Tracing
Table 32 shows the relationship between the TOE security functional requirements and TOE security
objectives. Table 32 shows that each TOE security functional requirement fulfils at least one TOE security
objective.
