beautypg.com

Konica Minolta BIZHUB 920 User Manual

Page 80

background image

RVM.1 and the state of operating effectively is ready in FMT_MOF.1.

Therefore, O.CE can be realized by the correspondent security functional requirements.

O.DATAACCESS Access limit to the document data

The access control to User BOX is realized using FDP_ACC.1[1] and FDP_ACF.1[1].

O.DATAACCESS permits the user reception function (subject) to operate for reading the document

data in the User BOX owned by the valid general user who owns User BOX. As above mentioned,

only the general user who owns the User BOX becomes possible to operate the document data in the

User BOX.

The general user who owns the targeted User BOX is maintained in FMT_SMR.1. The manage-

ment of User BOX identifier is specified in FMT_SMF.1. Their functions are not bypassed with

FPT_ RVM.1 and the state of operating is effectively ready in FMT_MOF.1.

Therefore, O.DATAACCESS can be realized by the correspondent security functional

requirements.

O.AUDIT Record of the audit information

The necessary audit information is recorded in FAU_GEN.1, with the reliable time stamp in

FPT_STM.1. In auditable events, all the events regarding the explicit unauthorized access to

“asset to be protected” are selected and the equivalents to “selection: minimum” in FAU_GEN.1 is

included. However, the following items that are selected in the minimum are not included.

- FPT_STM.1 : It is not necessary because there is no the function for “change of time”.

- FMT_SMR.1 : It is not necessary because the roles of administrator and CE are fixed.

The audit information is also recorded for “success” in identification and authentication. Therefore,

all the events related to access control to “asset to be protected” are recorded.

The area of audit storage is protected in FAU_STG.1. When the area of audit storage is

exhausted, overwriting of audit record is executed for the used area of audit information in FAU_

STG.4. The capture of audit information is not bypassed with FPT_ RVM.1 and the state of

operating is effectively ready in FMT_MOF.1. As above mentioned, the necessary audit information

is stored.

Reading out the audit data by anyone except the administrator is prohibited in FAU_SAR.2. The

provision in a form that can interpret the audit record is realized in FAU_SAR.1. As above mention-

ed, the audit of audit record becomes possible.

Therefore, O.AUDIT can be realized by the correspondent security functional requirements.

OE.HDD Protection of the HDD

FDP_UID.2[E] and FDP_UAU.2[E] permit the access for only the TOE that HDD1 and HDD2

Copyright© 2005 KONICA MINOLTA BUSINESS TECHNOLOGIES, INC., All Rights Reserved