Filter
Top Products
RVM.1 and the state of operating effectively is ready in FMT_MOF.1.
Therefore, O.CE can be realized by the correspondent security functional requirements.
O.DATAACCESS Access limit to the document data
The access control to User BOX is realized using FDP_ACC.1[1] and FDP_ACF.1[1].
O.DATAACCESS permits the user reception function (subject) to operate for reading the document
data in the User BOX owned by the valid general user who owns User BOX. As above mentioned,
only the general user who owns the User BOX becomes possible to operate the document data in the
User BOX.
The general user who owns the targeted User BOX is maintained in FMT_SMR.1. The manage-
ment of User BOX identifier is specified in FMT_SMF.1. Their functions are not bypassed with
FPT_ RVM.1 and the state of operating is effectively ready in FMT_MOF.1.
Therefore, O.DATAACCESS can be realized by the correspondent security functional
requirements.
O.AUDIT Record of the audit information
The necessary audit information is recorded in FAU_GEN.1, with the reliable time stamp in
FPT_STM.1. In auditable events, all the events regarding the explicit unauthorized access to
“asset to be protected” are selected and the equivalents to “selection: minimum” in FAU_GEN.1 is
included. However, the following items that are selected in the minimum are not included.
- FPT_STM.1 : It is not necessary because there is no the function for “change of time”.
- FMT_SMR.1 : It is not necessary because the roles of administrator and CE are fixed.
The audit information is also recorded for “success” in identification and authentication. Therefore,
all the events related to access control to “asset to be protected” are recorded.
The area of audit storage is protected in FAU_STG.1. When the area of audit storage is
exhausted, overwriting of audit record is executed for the used area of audit information in FAU_
STG.4. The capture of audit information is not bypassed with FPT_ RVM.1 and the state of
operating is effectively ready in FMT_MOF.1. As above mentioned, the necessary audit information
is stored.
Reading out the audit data by anyone except the administrator is prohibited in FAU_SAR.2. The
provision in a form that can interpret the audit record is realized in FAU_SAR.1. As above mention-
ed, the audit of audit record becomes possible.
Therefore, O.AUDIT can be realized by the correspondent security functional requirements.
OE.HDD Protection of the HDD
FDP_UID.2[E] and FDP_UAU.2[E] permit the access for only the TOE that HDD1 and HDD2
Copyright© 2005 KONICA MINOLTA BUSINESS TECHNOLOGIES, INC., All Rights Reserved