Specifications
CRP-C0239-01
10
- Network Administration
- File Administration
After the TOE carries out (2), the operator gives the instruction to the TOE of what
he/she wants to operate. The instruction may include the "operation on Document
Data" or "use of the Management Function". Either (3) or (4) is processed, depending
on which instruction you select.
(3) For the instruction including the "operation on Document Data", the TOE
determines if the instructed operation is authorized for the user or not, based on
the user ID and operator's role, identified in (2). The TOE follows the instruction
and performs the operation only if it is authorized. The TOE determines the
instructed operation based on the following criteria.
- When the operator's role is the General User
Each Document Data has the information (Document Data ACL) that
determines who to allow the operation and what kind of operation to allow
(there are some phases, such as to allow only to read, and also to change Print
Setting, and also to delete, and also to operate on the Document Data ACL). The
TOE determines if the instructed operation is authorized or not, based on the
user ID that is identified in (2) and the Document Data ACL.
- When the operator's role is not the General User
If the operator's role identified in (2) is the Administrator, and has the role of
File Administrator, it is allowed for the operator to delete the arbitrary data. If
not, no operations on Document Data are allowed.
Since (3) limits the operation on Document Data by the authorized TOE user
according to the access control (if the user is the General User who are authorized
with the Document Data ACL or not, OR if the user is the authorized
Administrator or not), the TOE counters T.UNAUTH_ACCESS.
(4) For the instruction including "use of the Management Function", the TOE applies
to the "Security Management Function", based on the user ID and the operator's
role identified in (2).
The Security Management Function is the operations on the following data the
TOE has.
- Document Data ACL
- Registration Information about Users
- Lockout Policy (Number of Attempts before Lockout, whether or not to release
Lockout base on the elapsed time, Lockout Release Timer)
- System date, time
- HDD Encryption Key
- Audit Log
- Service Mode Lock Function
- Password Policy (Minimum Password Length, and the minimum of combination
of character types for password)
The TOE allows the operations on these data provided that the operator's role is
the Administrator or Supervisor
*1
. However, the TOE also allows General Users to
perform the operations on Document Data provided that the operator can leaves
the security maintained as described below.
- It is allowed for the document file owners and the General Users, who are set for
each Document Data, to perform the operations on Document Data ACL (except
*1
Some operations may not be allowed for the Administrators or Supervisor. There is a rule
that determines which operation is allowed for the detailed Administrator (User
Administration, Machine Administration, Network Administration and File Administration)
and Supervisor. The detail of this rule is beyond the scope of this document.