Page 39 of 82
Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
Functional requirements
Actions which should be auditable
Auditable events of TOE
FTP_TRP.1
a) Minimal: Failures of the trusted
path functions.
b) Minimal: Identification of the user
associated with all trusted path
failures, if available.
c) Basic: All attempted uses of the
trusted path functions.
d) Basic: Identification of the user
associated with all trusted path
invocations, if available.
<Individually-defined auditable
events>
1. Communication with remote users
(Outcome: Success/Failure)
FAU_GEN.1.2 The TSF shall
record within each audit record at least the following information:
a) Date and time of the event, type of event, subject identity (if applicable), and the outcome
(success or failure) of the event; and
b) For each audit event type, based on the auditable event definitions of the functional
components included in the PP/ST,
[assignment: communication IP address, IDs of
persons whose authentication information is created/changed/deleted, Locking out
users, release of user Lockout, method of Lockout release, IDs of object document
data].
FAU_SAR.1 Audit review
Hierarchical to:
No other components.
Dependencies:
FAU_GEN.1 Audit data generation.
FAU_SAR.1.1 The TSF shall provide
[assignment: the machine administrator]
with the capability to
read
[assignment: all log items]
from the audit records.
FAU_SAR.1.2 The TSF shall provide the audit records in a manner suitable for the user to interpret the
information.
FAU_SAR.2 Restricted audit review
Hierarchical to:
No other components.
Dependencies:
FAU_SAR.1 Audit review.
FAU_SAR.2.1 The TSF shall prohibit all users read access to the audit records, except those users that have
been granted explicit read-access.
FAU_STG.1 Protected audit trail storage
Hierarchical to:
No other components.
Dependencies:
FAU_GEN.1 Audit data generation.
FAU_STG.1.1 The TSF shall protect the stored audit records in the audit trail from unauthorised deletion.
