Ricoh MP 3350B Instrucciones de operaciones descargar pdf (Pagina 32)

Page 32 of 83

organisational security policies and assumptions. And the security objectives do not correspond to the

assumptions (as the shaded region in Table 4 shows).

Table 4: Relation between Security Environment and Security Objectives

TOE Security

Environment

Security Objectives

A.ADMIN

A.SUPERVISOR

A.NETWORK

T.ILLEGAL_USE

T.UNAUTH_ACCESS

T.ABUSE_SEC_MNG

T.SALVAGE

T.TRANSIT

T.FAX_LINE

P.SOFTWARE

O.AUDIT X XXXX

O.I&A XXX

O.DOC_ACC X

O.MANAGE X

O.MEM.PROTECT X

O.NET.PROTECT X

O.GENUINE X

O.LINE_PROTECT X

OE.ADMIN X

OE.SUPERVISOR X

OE.NETWORK X

4.3.2 Tracing Validity

The following are the rationale for each security objective being appropriate to satisfy "3.1 Threats", "3.2

Organisational Security Policies" and "3.3 Assumptions".

A.ADMIN (Administrators' Assumption)

A.ADMIN presupposes that the Administrators have adequate knowledge to operate the TOE securely in the

roles assigned to them, will guide General Users to operate the TOE securely. Additionally, Administrators

will not carry out any malicious acts using Administrator permissions.

By OE.ADMIN, the Responsible Manager for MFP selects trusted persons as Administrators, and provides

them with the education programmes according to their Administrator Roles. The educated Administrators

instruct General Users to be familiar with the compliance rules for secure operation for General Users, as

explicitly stated in Administrator guidance for the TOE. Therefore, A.ADMIN is accomplished.

1 2 ... 27 28 29 30 31 32 33 34 35 36 37 ... 82 83

Sin comentarios

Ricoh MP 3350B Instrucciones de operaciones Pagina 32