Page 46 of 82
Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
bullets) for one letter of passwords on authentication feedback]
to the user while the
authentication is in progress.
FIA_UID.2
User identification before any action
Hierarchical to:
FIA_UID.1 Timing of identification.
Dependencies:
No dependencies.
FIA_UID.2.1
The TSF shall require each user to be successfully identified before allowing any other
TSF-mediated actions on behalf of that user.
FIA_USB.1
User-subject binding
Hierarchical to:
No other components.
Dependencies:
FIA_ATD.1 User attribute definition.
FIA_USB.1.1 The TSF shall associate the following user security attributes with subjects acting on the
behalf of that user:
[assignment: general user IDs, document data default ACL,
administrator IDs, administrator roles and supervisor ID]
.
FIA_USB.1.2 The TSF shall enforce the following rules on the initial association of user security
attributes with subjects acting on the behalf of users:
[assignment: rules for the initial
association of attributes listed in
Table 16
].
Table 16: Rules for initial association of attributes
Users
Subjects
Security attributes of users
General user
General user process
General user ID,
Document data default ACL
Administrator
Administrator process
Administrator ID,
Administrator roles
Supervisor
Supervisor process
Supervisor ID
FIA_USB.1.3 The TSF shall enforce the following rules governing changes to the user security attributes
associated with subjects acting on the behalf of users:
[assignment: administrators can
add their own assigned administrator roles to other administrators, and can delete
their own administrator roles. However, the administrator cannot delete the assigned
administrator role if that role is assigned to no other administrators].
6.1.5
Class FMT: Security management
FMT_MSA.1
Management of security attributes
Hierarchical to:
No other components.
