Page 45 of
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
6 Security Requirements
This section describes Security Functional Requirements, Security Assurance Requirements and Security
Requirements Rationale.
6.1 Security
This section describes the TOE security functional requirements for fulfilling the security objectives defined
in section 4.1. The security functional requirements are quoted from the requirement defined in the CC Part2.
The security functional requirements that are not defined in CC Part2 are quoted from the extended security
functional requirements defined in the PP (IEEE Standard for a Protection Profile in Operational
Environment A (IEEE Std 2600.1-2009)).
The part with assignment and selection defined in the [CC] is identified with
[bold face and brackets]
The part with refinement is identified with (refinement:).
Class FAU: Security audit
FAU_GEN.1 Audit
Hierarchical to: No other components.
FPT_STM.1 Reliable time stamps
The TSF shall be able to generate an audit record of the following auditable events:
a) Start-up and shutdown of the audit functions;
b) All auditable events for the
[selection: not specified]
level of audit; and
[assignment: auditable events of the TOE shown in Table 8]
The TSF shall record within each audit record at least the following information:
a) Date and time of the event, type of event, subject identity (if applicable), and the outcome
(success or failure) of the event; and
b) For each audit event type, based on the auditable event definitions of the functional
components included in the PP/ST,
[assignment: types of job for FDP_ACF.1(a), all login
user names that attempted the user identification for FIA_UID.1, communication
direction of Web Function, communication IP address of the communication used for
Web Function and folder transmission, recipient's e-mail address used for e-mail
transmission, and communication direction of communication with RC Gate]
Table 8 shows the action (CC rules) recommended by the CC as auditable for each functional requirement
and the corresponding auditable events of the TOE.