Service Manual Firmware KM652

8/11/2019 Service Manual Firmware KM652

http://slidepdf.com/reader/full/service-manual-firmware-km652 1/112

bizhub 652 / bizhub 602 / bizhub 552 / bizhub 502 / ineo 652 / ineo 602 / ineo 552 / ineo 502Control Software A2WU0Y0-0100-GM0-00 Securit !ar"et

Co#ri"ht$c% 2010-2011 &'()CA M)('*!A +US)(,SS !,C('*'G),S. )(C. All i"ht eere3

1 / 112

bizhubbizhubbizhubbizhub 652 652 652 652 / bizhub/ bizhub/ bizhub/ bizhub 602 602 602 602 / bizhub/ bizhub/ bizhub/ bizhub 552 552 552 552 / bizhub/ bizhub/ bizhub/ bizhub 502 502 502 502 ////ineoineoineoineo 652 652 652 652 / ineo/ ineo/ ineo/ ineo 602 602 602 602 / ineo/ ineo/ ineo/ ineo 552 552 552 552 / ineo/ ineo/ ineo/ ineo 502 502 502 502

Control Control Control Control Software Software Software Software

A AA A2W 2W 2W 2WU0Y0 U0Y0 U0Y0 U0Y0- -- -0100 0100 0100 0100- -- -GM0 GM0 GM0 GM0- -- -00 00 00 00

Securit Securit Securit Securit !ar"et !ar"et !ar"et !ar"et

This document is a translation of the evaluated and certified security target

written in Japanese

4erion 10

)ue3 on March 17. 2011

Create3 b &'()CA M)('*!A +US)(,SS !,C('*'G),S. )(C





2 / 112

8eiion itor9

:ate 4er :iiion A##roe3 Chec;e3 Create3 eiion

2010/7/0 100 'ffice Software

:eelo#<ent :i 1

irota Yo;obori Yohi3a )nitial 4erion

2010/11/= 101 'ffice Software

:eelo#<ent :i 1

irota !a3a Yohi3a :eal with t#o

2010/12/1 102 'ffice Software

:eelo#<ent :i 1


2011//17 10 'ffice Software

:eelo#<ent :i1






3 / 112

---- [ Contents ] ---------------------------------------------------------------------------------

1. ST Introduction ......................................................................................................................6

1.1. ST Reference................................................................................................................................... 6

1.2. TOE Reference................................................................................................................................ 6

1.3. TOE Overview ................................................................................................................................. 6 1.3.1. TOE Type.................................................... ............................................................ .......................................... 6

1.3.2. Usage of TOE and Main Security Functions................................................. .................................................... 6

1.4. TOE Description .............................................................................................................................. 7

1.4.1. Roles of TOE Users ........................................................ ........................................................... ....................... 7

1.4.2. Physical Scope of TOE............ ........................................................... ........................................................... ... 8

1.4.3. Logical Scope of TOE.............. ........................................................... ........................................................... . 11

2. Conformance Claims ........................................................................................................... 18

2.1. CC Conformance Claim ................................................................................................................ 18

2.2. PP Claim........................................................................................................................................ 18

2.3. Package Claim .............................................................................................................................. 18

2.4. Reference ...................................................................................................................................... 18

3. Security Problem Definition ................................................................................................19

3.1. Protected Assets............................................................................................................................ 19

3.2. Assumptions .................................................................................................................................. 20

3.3. Threats........................................................................................................................................... 20

3.4. Organizational Security Policies.................................................................................................... 22

4. Security Objectives.............................................................................................................. 23

4.1. Security Objectives for the TOE.................................................................................................... 23

4.2. Security Objectives for the Operational Environment................................................................... 25 4.3. Security Objectives Rationale ....................................................................................................... 27

4.3.1. Necessity .................................................... ............................................................ ........................................ 27

4.3.2. Sufficiency of Assumptions ....................................................... ........................................................... ........... 28

4.3.3. Sufficiency of Threats ..................................................... ........................................................... ..................... 28

4.3.4. Sufficiency of Organizational Security Policies...................................................... ......................................... 32

5. Extended Components Definition....................................................................................... 33

5.1. Extended Function Component..................................................................................................... 33

5.1.1. FAD_RIP.1 Definition ...................................................... ........................................................... ..................... 33

5.1.2. FIT_CAP.1 Definition ...................................................... ........................................................... ..................... 34

6. IT Security Requirements....................................................................................................36 6.1. TOE Security Requirements.......................................................................................................... 36

6.1.1. TOE Security Functional Requirements.................................... ........................................................... ........... 36

6.1.2. TOE Security Assurance Requirements ....................................................... .................................................. 65

6.2. IT Security Requirements Rationale ............................................................................................. 66

6.2.1. Rationale for IT Security Functional Requirements .......................................................... .............................. 66

6.2.2. Rationale for IT Security Assurance Requirements .......................................................... .............................. 85

7. TOE Summary Specification ...............................................................................................86

7.1. F.ADMIN (Administrator Function) ................................................................................................ 86

7.1.1. Administrator Identification Authentication Function......................................................... .............................. 86

7.1.2. Auto Logoff Function of Administrator Mode............................. ........................................................... ........... 87 7.1.3. Function Supported in Administrator Mode................................................................................ ..................... 87





4 / 112

7.2. F.ADMIN-SNMP (SNMP Administrator Function) ......................................................................... 96

7.2.1. Identification and Authentication Function by SNMP Password .......................................................... ........... 96

7.2.2. Management Function using SNMP................................................... ........................................................... . 96

7.3. F.SERVICE (Service Mode Function) ........................................................................................... 97

7.3.1. Service Engineer Identification Authentication Function..................... ........................................................... . 97

7.3.2. Function Supported in Service Mode.............................. ........................................................... ..................... 98 7.4. F.USER (User Function)................................................................................................................ 99

7.4.1. User Authentication Function...................... ............................................................ ........................................ 99

7.4.2. Auto Logoff Function in User Identification and Authentication Domain ....................................................... 101

7.4.3. Modification Function of User Password ...................................................... ................................................ 101

7.5. F.BOX (User Box Function) ......................................................................................................... 102

7.5.1. Personal User Box Function ..................................................... ........................................................... ......... 102

7.5.2. Public User Box Function ......................................................... ........................................................... ......... 103

7.5.3. Group User Box Function ......................................................... ........................................................... ......... 105

7.6. F.PRINT (Secure Print Function, ID & Print Function)................................................................106

7.6.1. Secure Print Function ..................................................... ........................................................... ................... 106

7.6.2. ID & print Function .......................................................... ........................................................... ................... 107

7.7. F.OVERWRITE-ALL (All Area Overwrite Deletion Function) ...................................................... 107

7.8. F.CRYPT (Encryption Key Generation Function)........................................................................ 109

7.9. F.RESET (Authentication Failure Frequency Reset Function) ................................................... 109

7.10. F.TRUSTED-PASS (Trust Channel Function)........................................................................... 109

7.11. F.S/MIME (S/MIME Encryption Processing Function) .............................................................. 109

7.12. F.FAX-CONTROL (FAX Unit Control Function) .........................................................................110

7.13. F.SUPPORT-AUTH (External Server Authentication Operation Support Function)..................110

7.14. F.SUPPORT-CRYPTO (ASIC Support Function).......................................................................110 7.15. F.ADMIN-WebDAV (Administrator Function (Counter Management Function)) .......................111

7.15.1. Identification and Authentication Function by WebDAV Server Password ..................................................111

7.15.2. Management Function Utilizing WebDAV....................................................................................................111





5 / 112

---- [ List of Figures ] ---------------------------------------------------------------------------------Figure 1 An example of MFP’s use environments.............................................................................. 8

Figure 2 Hardware composition relevant to TOE ............................................................................... 9

---- [ List of Tables ] ---------------------------------------------------------------------------------Table 1 Conformity of security objectives to assumptions, threats, and organization security

policies ....................................................................................................................................... 27

Table 2 Cryptographic Key Generation: Relation of Standards-Algorithm-Key sizes ................... 37

Table 3 Cryptographic Operation: Relation of Algorithm-Key sizes-Cryptographic Operation ..... 37

Table 4 User Box Access Control: Operational List....................................................................... 38

Table 5 Secure Print File Access Control: Operational List........................................................... 38

Table 6 Setting Management Access Control: Operational List .................................................... 39

Table 7 ID & Print file Access Control: Operational List ................................................................ 39

Table 8 TOE Security Assurance Requirements .............................................................................. 65

Table 9 Conformity of IT Security Functional Requirements to Security Objectives ....................... 66

Table 10 Dependencies of IT Security Functional Requirements Components .............................. 80

Table 11 Names and Identifiers of TOE Security Function .............................................................. 86

Table 12 Characters and Number of Digits for Password .............................................................. 87

Table 13 Types and Methods of Overwrite Deletion of Overall Area ............................................. 108





6 / 112

1111 S! )ntro3uction

11111111 S! eference

- S! !itle bizhub 652 / bizhub 602 / bizhub 552 / bizhub 502 /

ineo 652 / ineo 602 / ineo 552 / ineo 502 Control Software

A2WU0Y0-0100-GM0-00 Securit !ar"et

- S! 4erion 10

- Create3 on March 17. 2011

- Create3 b &'()CA M)('*!A +US)(,SS !,C('*'G),S. )(C

,iichi Yohi3a

12121212 !', eference

- !', (a<e >a#anee (a<e

bizhub 652 / bizhub 602 / bizhub 552 / bizhub 502 /

ineo 652 / ineo 602 / ineo 552 / ineo 502

?entai Sei"o Software

,n"lih (a<e

bizhub 652 / bizhub 602 / bizhub 552 / bizhub 502 /

ineo 652 / ineo 602 / ineo 552 / ineo 502

Control Software

- !', 4erion A2WU0Y0-0100-GM0-00

- !', !#e Software

- Create3 b &'()CA M)('*!A +US)(,SS !,C('*'G),S. )(C

1111 !', 'eriew

!hi #ara"ra#h e@#lain the ua"e. <ain ecurit function. an3 o#erational eniron<ent of

!',

11111111 !', !#e

bizhub 652 / bizhub 602 / bizhub 552 / bizhub 502 / ineo 652 / ineo 602 / ineo 552 / ineo 502control oftware. which i the !',. i an e<be33e3 oftware #ro3uct intalle3 in the SS: on the

MB controller to control the o#eration of the whole MB

12121212 Ua"e of !', an3 Main Securit unction

bizhub 652. bizhub 602. bizhub 552. bizhub 502. ineo 652. ineo 602. ineo 552 an3 ineo 502 are

3i"ital <ulti-function #ro3uct #roi3e3 b &onica Minolta +uine !echnolo"ie. )nc.

co<#oe3 b electin" an3 co<binin" co#. #rint. can an3 A function $ereinafter all the

#ro3uct are referre3 to a DMBD% !', i the Econtrol oftware for bizhub 652 / bizhub 602 /

bizhub 552 / bizhub 502 / ineo 652 / ineo 602 / ineo 552 / ineo 502D that control the entireo#eration of MB. inclu3in" the o#eration control #rocein" an3 the i<a"e 3ata <ana"e<ent





7 / 112

tri""ere3 b the #anel of the <ain bo3 of MB or throu"h the networ;

!', u##ort the #rotection fro< e@#oure of the hi"hl confi3ential 3ocu<ent tore3 in

MB Moreoer. for the 3an"er of ille"all brin"in" out ::. which tore i<a"e 3ata in MB.

!', can encr#t all the 3ata written in :: inclu3in" i<a"e 3ata uin" AS)C $A##lication

S#ecific )nte"rate3 Circuit% +ei3e. !', ha the function that 3elete all the 3ata of ::

co<#letel b 3eletion <etho3 co<#liant with ariou oerwrite 3eletion tan3ar3 at the ti<e

of aban3on<ent or the leae return an3 the function that control the acce fro< the #ublic

line a"aint the 3an"er uin" a@ function a a te##in"tone to acce internal networ; So it

contribute to the #reention of infor<ation lea;a"e of the or"anization that ue MB

1F1F1F1F !', :ecri#tion

1F11F11F11F1 ole of !', Uer

!he role of the #eronnel relate3 to the ue of MB with !', are 3efine3 a follow

Uer

An MB uer who i re"itere3 into MB $)n "eneral. the e<#loee in the office i au<e3%

A3<initrator

An MB uer who <ana"e the o#eration of MB Mana"e MB <echanical o#eration

an3 uer $)n "eneral. it i au<e3 that the #eron electe3 fro< the e<#loee in the office

#la thi role%

Serice en"ineer

A uer who <ana"e the <aintenance of MB Berfor< the re#air an3 a3Hut<ent of MB $)n

"eneral. the #eron-in-char"e of the ale co<#anie that #erfor< the <aintenance erice of

MB in coo#eration with &onica Minolta +uine !echnolo"ie. )nc i au<e3%

e#onible #eron of the or"anization that ue MB

A re#onible #eron of the or"anization that <ana"e the office where the MB i intalle3

Ai"n an a3<initrator who <ana"e the o#eration of MB

e#onible #eron of the or"anization that <ana"e the <aintenance of MB

A re#onible #eron of the or"anization that <ana"e the <aintenance of MB Ai"nerice en"ineer who <ana"e the <aintenance of MB

+ei3e thi. thou"h not a uer of !',. thoe who "o in an3 out the office are au<e3 a

acceible #eron to !',





8 / 112

1F21F21F21F2 Bhical Sco#e of !',

1F211F211F211F21 Ue ,niron<ent

i"ure 1 how a "eneral eniron<ent in which the ua"e of MB eIui##e3 with !', i

e@#ecte3 Moreoer. the <atter e@#ecte3 to occur in the ue eniron<ent are lite3 below

i"urei"urei"urei"ure 1111 An An An An eeee@a<#le@a<#le@a<#le@a<#le of of of of MBMBMBMB ue eniron<ent ue eniron<ent ue eniron<ent ue eniron<ent

An intra-office *A( e@it a a networ; in the office

MB i connecte3 to the client BC ia the intra-office *A(. an3 ha <utual 3ata

co<<unication

When a SM!B. !B. or Web:A4 erer i connecte3 to the intra-office *A(. MB can carr

out 3ata co<<unication with thee erer. too $!he :(S erice will be necear when

ettin" a 3o<ain na<e of the SM!B/!B/Web:A4 erer%

)t i alo au<e3 to unif <ana"e<ent of uer ):/#awor3 in a erer )n thi cae. !',

can control acce to the MB b uin" the uer re"itration infor<ation in the uer

infor<ation <ana"e<ent erer

When the intra-office *A( connect to an e@ternal networ;. <eaure uch a connectin" iaa firewall are ta;en. an3 an a##ro#riate etu# to bloc; acce reIuet to the MB fro< the

e@ternal networ; i a##lie3

!he intra-office *A( #roi3e a networ; eniron<ent that cannot be interce#te3 b office

o#eration inclu3in" uin" witchin" hub an3 intallin" wireta##in" 3etector

!he #ublic line connecte3 with MB i ue3 for co<<unication b a@ an3 the re<ote

3ia"notic function

)nternet

,@ternal (etwor;

'ffice

!', !', !', !', SM!B Serer !B Serer

Client BC

irewall Bublic line

:(S Serer MB

Uer )nfor<ationMana"e<entSerer

Web:A4 Serer





9 / 112

1F221F221F221F22 '#eration ,niron<ent

i"urei"urei"urei"ure 2222 ar3warear3warear3warear3ware co<#oitionco<#oitionco<#oitionco<#oition releant toreleant toreleant toreleant to !',!',!',!',

i"ure 2 how the tructure of the har3ware eniron<ent in MB that !', nee3 for the

o#eration !he MB controller i intalle3 in the <ain bo3 of MB. an3 !', e@it in SS: on

the MB controller. loa3e3 into the <ain <e<or

!he followin" e@#lain about the uniIue har3ware on the MB controller. the har3ware hain"

interface to the MB controller. an3 the connection uin" interface. hown in i"ure 2

SS:

A tora"e <e3iu< that tore the obHect co3e of the DMB Control Software.D which i the

!', A33itionall. tore the <ea"e 3ata e@#ree3 in each countrJ lan"ua"e to 3i#la

the re#one to acce throu"h the #anel an3 networ;

(4AM

A nonolatile <e<or !hi <e<or <e3iu< tore ariou ettin" that MB nee3 for

#rocein" of !',

AS)C

An inte"rate3 circuit for #ecific a##lication which i<#le<ent an :: encr#tion function

for enci#herin" the 3ata written in ::

::

A har3 3i; 3rie of 250G+ in ca#acit !hi i ue3 not onl for torin" i<a"e 3ata a file

but alo a an area to ae i<a"e 3ata an3 3etination 3ata te<#oraril 3urin" e@tenion

conerion an3 o on

Main/ub #ower u##lBower witche for actiatin" MB





10 / 112

Banel

An e@cluie control 3eice for the o#eration of MB. eIui##e3 with a touch #anel of a liIui3

crtal <onitor. ten-;e. tart ;e. to# ;e. creen witch ;e. etc

Scan unit/auto<atic 3ocu<ent fee3er

A 3eice that can i<a"e an3 #hoto fro< #a#er an3 conert the< into 3i"ital 3ata

Brinter unit

A 3eice to actuall #rint the i<a"e 3ata which were conerte3 for #rintin" when receie a

#rint reIuet fro< the MB controller

,thernet

Su##ort 10+AS,-!. 100+AS,-!. an3 Gi"abit ,thernet

US+

Co#in" i<a"e file to an e@ternal <e<or. co#in" or #rintin" i<a"e file fro< an e@ternal

<e<or. an3 u#3ate of !',. etc can be #erfor<e3 throu"h thi interface !hi i alo uable

a a connection interface of the o#tional #art !here i the 3eice interface ;it which i nee3

for co# or #rint fro< +luetooth 3eice an3 the US+ ;eboar31 to co<#le<ent ;e entr fro<

the #anel )nclu3in" an e@ternal <e<or. it i necear to be able to ue the<

S-22C

Serial connection uin" :-ub =-#in connector i uable !he <aintenance function i uable

throu"h thi interface in the cae of failure )t i alo #oible to ue the re<ote 3ia"notic

function $3ecribe3 later% b connectin" with the #ublic line ia a <o3e<

A unit $K o#tional #art%

A 3eice that ha a #ort of a@ #ublic line an3 i ue3 for co<<unication for A-3ata

tran<iion an3 re<ote 3ia"notic $3ecribe3 later% ia the #ublic line ) not #re-intalle3

in MB a a tan3ar3 function accor3in" to the circu<tance in ale. but ol3 a an o#tional

#art a@ unit i #urchae3 when the or"anization nee3 it. an3 the intallation i not

in3i#enable

1F21F21F21F2 Gui3ance

bizhub 602 / 502 Serice Manual Securit unction $>a#anee%

bizhub 652 / 602 / 552 / 502 S,4)C, MA(UA* S,CU)!Y U(C!)'(

ineo 652 / 602 / 552 / 502 S,4)C, MA(UA* S,CU)!Y U(C!)'(

bizhub 602 / 502 UerJ Gui3e Securit unction $>a#anee%

bizhub 652 / 602 / 552 / 502 UerJ Gui3e LSecurit '#eration

ineo 652 / 552 UerJ Gui3e LSecurit '#eration

ineo 602 / 502 Uer Gui3e LSecurit '#eration

1 )t i uable when the 3i#la lan"ua"e i ,n"lih. rench. )talian. Ger<an or S#anih )t 3oe not affect theo#eration of ecurit function





11 / 112

1F1F1F1F *o"ical Sco#e of !',

Uer ue a ariet of function of !', fro< the #anel an3 a client BC ia the networ;

ereafter. thi ection e@#lain t#ical function uch a the baic function. the uer bo@ function

to <ana"e the i<a"e file tore3. the uer i3entification an3 authentication function. the

a3<initrator function <ani#ulate3 b a3<initrator. the erice en"ineer function

<ani#ulate3 b erice en"ineer. an3 the function o#erate3 in the bac;"roun3 without uerJ

awarene

1F11F11F11F1 +aic unction

)n MB. a erie of function for the office wor; concernin" the i<a"e uch a co#. #rint. can.

an3 fa@ e@it a baic function. an3 !', #erfor< the core control in the o#eration of thee

function )t conert the raw 3ata acIuire3 fro< the e@ternal 3eice of the MB controller into

i<a"e file. an3 tore the< in AM an3 :: $or #rint i<a"e file fro< client BC. <ulti#le

t#e of conerion are a##lie3% !hee i<a"e file are conerte3 into 3ata to be #rinte3 or ent.

an3 tran<itte3 to the 3eice outi3e of the MB controller concerne3

'#eration of co#. #rint. can. an3 A are <ana"e3 b the unit of Hob. o that o#eration

#riorit can be chan"e3. finihin" of #rint Hob can be chan"e3. an3 uch o#eration can be

aborte3. b "iin" 3irection fro< the #anel

!he followin" i the function relate3 to the ecurit in the baic function

Secure Brint unction

When a Secure Brint #awor3 i receie3 to"ether with #rintin" 3ata. the i<a"e file i

tore3 a tan3b tatu !hen. #rintin" i #erfor<e3 b a #rint 3irection an3 #awor3 entr

fro< the #anel

When #rintin" i reIuete3 b a client BC. thi function eli<inate the #oibilit that other

uer tole a "lance at the #rintin" of hi"hl confi3ential 3ata. or uch 3ata i li##e3 into the

other #rintin"

): N Brint unction

When thi function i et u#. uual #rint 3ata are ae3 in the #rint waitin" tate. an3

#rinte3 b the uer authentication #rocein" fro< the #anel ,en when thi function i notet u#. if it i #ecifie3 on the #rint 3ata to actiate thi function. the te< will o#erate in

the a<e <anner a thi function i et u# b a uer

1F21F21F21F2 Uer +o@ unction

A 3irector calle3 a Duer bo@D can be create3 a an area to tore i<a"e file in :: !hree

t#e of uer bo@ are uableO the firt i the #eronal uer bo@ which a uer #oee. the econ3

i the #ublic uer bo@ which i hare3 b re"itere3 uer who <a3e a certain nu<ber of "rou#.

an3 the thir3 i the "rou# bo@ which i hare3 b the uer belon"in" to a<e account A for the

#eronal uer bo@. the o#eration i li<ite3 onl for the uer who own it. the #ublic uer bo@#erfor< acce control b harin" a #awor3 et to the uer bo@ a<on" uer An3 the "rou#





12 / 112

bo@ li<it o#eration onl for the uer of the account that are #er<itte3 to ue it

!', #rocee the followin" o#eration reIuet to a uer bo@ or i<a"e file in the uer bo@ that

i tran<itte3 fro< the #anel or the networ; unit throu"h a networ; fro< a client BC

Brint. tran<it. an3 3ownloa3 fro< a client BC. of i<a"e file in a uer bo@

!he encr#tion of uer bo@ file i #oible in the ,-<ail that i one of the tran<iion

<etho3

:elete an i<a"e file in a uer bo@. <oe/co# it to other uer bo@e an3 co# it to e@ternal

<e<or

Set a torin" #erio3 of i<a"e file in a uer bo@ $3elete auto<aticall after the #erio3 #ae%

Chan"e the na<e an3 #awor3 of a uer bo@. or 3elete a uer bo@

Set attribute of a uer bo@ $chan"e the t#e of a #eronal uer bo@. #ublic uer bo@. or "rou#

uer bo@%

1F1F1F1F Uer Authentication unction

!', can li<it the uer who ue MB or acce throu"h the #anel or the networ;. !',

i3entifie an3 authenticate that the uer i #er<itte3 to ue the MB b a##lin" the uer

#awor3 an3 uer ): When the i3entification an3 authentication uccee3. !', #er<it the

uer the ue of the baic function an3 the uer bo@ function. etc

Seeral t#e of uer authentication li;e below are u##orte3

$1% Machine authentication2

A <etho3 to authenticate uer at MB b re"iterin" a uer ): an3 a uer #awor3 into

:: on the MB controller

$2% ,@ternal erer authentication

A <etho3 to authenticate uer at MB b uin" the uer ): an3 the uer #awor3 that are

re"itere3 on the uer infor<ation <ana"e<ent erer which i connecte3 with the

intra-office *A( without <ana"in" the uer ): an3 uer #awor3 on the MB i3e

!hou"h <ulti#le <etho3 calle3 Actie :irector. (!*MF. an3 (:S are u##orte3. the

<etho3 of the e@ternal erer authentication au<e3 in thi S! i a##lie3 onl to the cae

of uin" Actie :irector

1FF1FF1FF1FF Account Authentication unction5

!', can <ana"e the MB uer b "rou#in" the< into Account unit !he <etho3 of Account

Authentication are a follow

$1% Metho3 nchronize3 with Uer Authentication

Set an Account ): on a uer beforehan3. an3 aociate the uer with the account ): of the

uer account when he/he i authenticate3

2 When uer i et EBaueP b a3<initrator function. authentication function for the uer 3oe not wor; A <etho3 of 3irector erice that Win3ow Serer 2000 $or later% u##ort to unifor<l <ana"e uerinfor<ation in the networ; eniron<ent of Win3ow #latfor< F An abbreiation of (! *A( Mana"er An authentication <etho3 ue3 in 3irector erice that Win3ow (!u##ort to unifor<l <ana"e uer infor<ation in networ; eniron<ent of Win3ow #latfor<5 When account i et EBaueP b a3<initrator function. authentication function for the account 3oe not wor;





13 / 112

$2% Metho3 not nchronize3 with Uer Authentication

Aociate a uer with hi/her account ): when the uer i authenticate3 b the account

#awor3 et for each account ):

1F51F51F51F5 A3<initrator unction

!', #roi3e the function uch a the <ana"e<ent of uer bo@e. <ana"e<ent of uer

infor<ation at the ti<e of MB authentication an3 <ana"e<ent of ariou ettin" of the

networ;. i<a"e Iualit. etc in the a3<initrator <o3e that onl authenticate3 a3<initrator can

<ani#ulate

!he followin" how the function relate3 to the ecurit

Uer re"itration <ana"e<ent

e"itration or chan"e of uer ):/#awor3. 3eletion of uer. an3 #aue/reu<e of uer

Chan"e of the aociation between uer an3 account ):

Account re"itration <ana"e<ent

e"itration or chan"e of account ):/#awor3 an3 #aue/reu<e of account

Mana"e<ent of uer bo@ ettin"

e"itration or chan"e of uer bo@ #awor3. an3 <ana"e<ent of uer attribute

'#erational etu# of auto<atic te< reet

Setu# of the function that lo" out auto<aticall when the ettin" ti<e #ae3

Mana"e<ent of networ; ettin"

Connection ettin" of the intra-office *A( $ettin" of :(S erer%

SM!B ettin" $ettin" of the SM!B erer utilize3 b ,-<ail tran<iion%

)B a33ree. (et+)'S na<e. an3 A##le!al; #rinter na<e etc

+ac;u# or retore function of (4AM an3 ::

!hi i #erfor<e3 throu"h the networ; b uin" an a##lication e@cluie ue for the

<ana"e<ent intalle3 in the client BC

All area oerwrite 3eletion function of ::

!here are 3ata 3eletion <etho3 confor<e3 to ariou <ilitar tan3ar3 $e@ Militar

Stan3ar3 of Unite3 State :e#art<ent of :efene%

When thi function i tarte3 u#. in confor<it with a et <etho3. the oerwrite 3eletion i

e@ecute3 for the oerall area of ::

or<at function of ::

A lo"ical for<at i e@ecutable Counter <ana"e<ent function

A function to <ana"e the counter infor<ation uch a the nu<ber of #rinte3 heet for

each uer throu"h the Web:A4 erice or !B erice $eference of uer #awor3 an3

account #awor3 i #oible%

Mana"e<ent of A etu# $K a@ unit i intalle3%

Setu# of !S)6 receiin"

Setu# of A out#ut at BC-A receiin" $Storin" in uer bo@ or co<<on area for all uer

are aailable%

6 An abbreiation of !ran<ittin" Subcriber )3entification !he a<e <eanin" of )3entification of SubcriberJ

!er<inal !S) receiin" i the function that can 3ei"nate the uer bo@ to be tore3 for each ubcriber





14 / 112

!he function below are the o#eration ettin" function relate3 e#eciall to the behaior of the

ecurit function

Metho3 etu# of a uer authentication function

Machine authentication. e@ternal erer authentication. or uer authentication to# i

electe3

Co<bination with Account Authentication i et u# $Metho3 nchronize3 with Uer

Authentication. Metho3 not nchronize3 with Uer Authentication%

Setu# of acce when the uer attribute i #ublic

)t i electe3 whether to #er<it or #rohibit MB utilization of the uer who i not i3entifie3

b uer ):

Setu# of a #awor3 #olic function

)t i electe3 whether to enable or 3iable the function to chec; the eeral con3ition of

the #awor3. uch a the nu<ber of ali3 3i"it of ariou #awor3

Setu# of the authentication <etho3 of Secure Brint an3 the authentication o#eration

#rohibition function

When ecure #rint file are authenticate3. the authentication o#eration #rohibition

function o#erate in a <o3e. an3 3oe not o#erate in the other <o3e

!he o#eration <o3e of the function 3etectin" unucceful authentication in each

authentication function i alo nchronou with the aboe <o3e

!he aboe-<entione3 o#erational <o3e are electe3

Setu# of the networ; ettin" <o3ification function b S(MB1 an3 2

)t i electe3 whether to enable or 3iable the function to chan"e M)+ b S(MB1 an3 2

'#erational Setu# of Authentication unction when writin" uin" S(MB

!he ecurit leel of authentication or ;i##in" authentication i electe3

or the ecurit leel. either Donl authentication #awor3D or Dauthentication #awor3

Q #riac #awor3D i aailable

Setu# of the :: encr#tion function

Whether to actiate or to# the function i electe3

An encr#tion #a#hrae i re"itere3 or chan"e3 when the function i actiate3

Setu# of the uer bo@ collectie <ana"e<ent function

)t i electe3 whether to enable or 3iable thi function

Setu# of the #rint ca#ture function

A function to erif the #rint 3ata receie3 b MB when the #rint function i fault

)t i electe3 whether to enable or 3iable thi function Setu# of the networ; ettin" <ana"e<ent reet function

!hi function reet a erie of ite< to factor 3efault alue

)t i electe3 whether to enable or 3iable thi function

Setu# of the trute3 channel $SS*/!*S encr#tion co<<unication% function

SS*/!*S erer certificate are "enerate3 or i<#orte3

!he encr#tion <etho3 ue3 for co<<unication i et u#

Setu# of the tran<iion a33re 3ata

A tran<iion a33re or <etho3 ue3 for bo@ file tran<iion etc i electe3

S/M)M, certificate are i<#orte3

Setu# of the Web:A4 erer Setu# of the co<<unication function of the Web:A4 erer. which can obtain uer





15 / 112

ettin"

Setu# of the !B erer function


Setu# of the S/M)M, function

Whether #er<it or #rohibit the S/M)M, certificate auto<atic re"itration function i

electe3

!he encr#tion <etho3 ue3 for 3ata encr#tion i electe3

Setu# of the ): N #rint function

Whether to actiate the ): N #rint function or not in nor<al #rintin" i electe3

1F61F61F61F6 Serice ,n"ineer unction

!', #roi3e a <ana"e<ent function of a3<initrator an3 a <aintenance function. uch a

a3Hutin" the 3eice for Scan/Brint etc. within the erice <o3e that onl a erice en"ineer can

o#erate !he followin" how the function relate3 to ecurit

Mo3ification function of a3<initrator #awor3

!he followin" i a et of o#eration ettin" function relate3 e#eciall to the behaior of the

ecurit function

Authentication etu# of the erice en"ineer with the C,R #awor3


Setu# of re<ote 3ia"notic function $later 3ecri#tion%

Able to elect #er<iion or #rohibition

Setu# of a !', u#3ate function ia )nternet


Setu# of <aintenance function


!he for<at function of ::

A lo"ical for<at an3 a #hical for<at are e@ecutable

)ntallation ettin" of ::

An e@#licit intallation ettin" i necear to ue :: a a 3ata tora"e area

)nitialization function

!he ariou ettin" that the uer or the a3<initrator ha et an3 the 3ata that the uerha tore3 are 3elete3

1FR1FR1FR1FR 'ther unction

!', #roi3e the function that run bac;"roun3 without awarene of the uer an3 the

u#3atin" function of !', !he followin" e@#lain the <aHor function

,ncr#tion ;e "eneration function

Berfor< encr#tion/3ecr#tion b AS)C when writin" 3ata in :: or rea3in" 3ata fro<

:: $!', 3oe not #roce the encr#tion an3 3ecri#tion itelf%

R An abbreiation of Cuto<er Serice en"ineer





16 / 112

!he o#erational etu# of thi function i #erfor<e3 b the a3<initrator function When

actiate3. !', "enerate the encr#tion ;e b the encr#tion #a#hrae that wa entere3

on the #anel

e<ote 3ia"notic function

MB eIui#<ent infor<ation uch a o#eratin" tate an3 the nu<ber of #rinte3 heet i

<ana"e3 b <a;in" ue of the connection b a #ort of A #ublic line. b a <o3e< throu"h

S-22C or b ,-<ail or Web:A4 to co<<unicate with the u##ort center of MB #ro3uce3

b &onica Minolta +uine !echnolo"ie. )nc )n a33ition. if necear. a##ro#riate erice

$hi#<ent of a33itional toner #ac;a"e. account clai<. 3i#atch of erice en"ineer 3ue to

the failure 3ia"noi. etc% are #roi3e3

U#3atin" function of !',

!', facilitate3 with the function to u#3ate itelf A for the u#3ate <ean. there are a

<etho3 that e@it a one of ite< of re<ote 3ia"notic function. a <etho3 that 3ownloa3

fro< !B erer throu"h ,thernet $!', u#3ate function ia )nternet%. an3 a <etho3 that

#erfor< the connection of e@ternal <e<or

,ncr#tion co<<unication function

!', can encr#t the 3ata tran<itte3 fro< client BC to MB. an3 the 3ata receie3 b

3ownloa3 fro< MB b uin" SS*/!*S

!he o#erational etu# of thi function i #erfor<e3 b the a3<initrator function

S/M)M, certificate auto<atic re"itration function

)t i the function to re"iter the certificate for S/M)M, $confor< to )!U-! 50=% with each

tran<iion a33re auto<aticall When a certificate i attache3 in receie3 e-<ail. MB

reco"nize uer ): accor3in" to the infor<ation of e-<ail hea3er. an3 re"iter the

certificate a certificate of the a<e uer ):

!he tan3ar3 i that MB i not intalle3 a@ unit an3 3oe not hae a #ort of a@ #ublic line.

o there i not the acce to the internal networ; throu"h MB !', #roi3e the followin"

function. #roi3e3 that a@ unit i intalle3 in MB

a@ unit control function

!', #rohibit acce to the internal networ;. where MB wa connecte3 to. fro< a #ort ofa@ #ublic line throu"h a@ unit

!', <a;e effectie ue of the ecurit function $:: encr#tion function% of AS)C. which i

an e@ternal entit !he followin" e@#lain t#ical function relate3 to the e@ternal entit

Utilization of AS)C

AS)C. an e@ternal entit. actiate a function to encr#t the 3ata in :: a a function to

#rotect unauthorize3 brin"-out of 3ata an3 o on when an encr#tion #a#hrae i et u#

1F71F71F71F7 ,nhance3 Securit unction





17 / 112

4ariou ettin" function relate3 to the behaior of the ecurit function for the A3<initrator

function an3 the Serice en"ineer function can be et collectiel to the ecure alue b the

o#eration ettin" of the D,nhance3 Securit unctionD ,ach alue et i #rohibite3 chan"in"

itelf into the ulnerable one in3ii3uall A the function that 3oe not hae a ettin" function of

the o#eration in3ii3uall. there i the reet function of the networ; ettin" an3 the u#3ate

function of !', throu"h the networ;. but the ue of thee function i #rohibite3

!he followin" e@#lain the erie of the ettin" con3ition of bein" the enhance3 ecurit

function actie )n or3er to actiate the enhance3 ecurit function. the #rereIuiite i reIuire3

that an a3<initrator #awor3 an3 a C, #awor3 houl3 be et alon" with the #awor3

#olic

Uer authentication function 4ali3 $+oth authentication b the <ain bo3an3 the e@ternal erer are uable%

Uer acce of BU+*)C Brohibite3 Serice en"ineer authentication function 4ali3 Bawor3 #olic function 4ali3 Setu# of ecure #rint authentication <etho3 Authentication o#eration #rohibition function

effectie <etho3 Setu# of Authentication '#eration Brohibition function

!he #anel an3 account are loc;e3 out for 5econ3 when authentication ha faile3 $failurefreIuenc threhol3 1-%

Uer bo@ collectie <ana"e<ent function Brohibite3 (etwor; ettin" <o3ification function with S(MB1 an3 2

Brohibite3 Authentication '#eration when writin" uin" S(MB

4ali3 Setu# of :: encr#tion function 4ali3

Brint ca#ture function Brohibite3 Maintenance function Brohibite3 Chan"e of ettin" b re<ote 3ia"notic function

Brohibite3 (etwor; ettin" <ana"e<ent reet function Brohibite3 !', u#3ate function ia )nternet Brohibite3 !ran<iion a33re 3ata uer etu# function

Brohibite3 '#erational etu# of !rute3 Channel function

4ali3 Setu# of o#eration #rohibition releae ti<e of A3<initrator authentication

Setu# #rohibite3 for 1-F <inute

Setu# of o#eration #rohibition releae ti<e of C, authentication Setu# #rohibite3 for 1-F <inute !B Serer function Brohibite3 Auto<atic re"itration of S/M)M, certificate Brohibite3 Setu# of li<itation of S/M)M, encr#tion eerit

4ali3 $'nl :,S an3 A,S areuer-electable%





18 / 112

2222 Confor<ance Clai<

21212121 CC Confor<ance Clai<

!hi S! confor< to the followin" tan3ar3

Co<<on Criteria for )nfor<ation !echnolo" Securit ,aluation

Bart 1 )ntro3uction an3 "eneral <o3el 4erion 1 eiion $>a#anee !ranlation 10%

Bart 2 Securit functional co<#onent 4erion 1 eiion $>a#anee !ranlation 10%

Bart Securit aurance co<#onent 4erion 1 eiion $>a#anee !ranlation 10%

• Securit function reIuire<ent Bart2 ,@ten3e3

• Securit aurance reIuire<ent Bart Confor<ant

22222222 BB Clai<

!here i no BB that i reference3 b thi S!

2222 Bac;a"e Clai<

!hi S! confor< to Bac;a"e ,A* !here i no a33itional aurance co<#onent

2F2F2F2F eference

• Co<<on Criteria for )nfor<ation !echnolo" Securit ,aluation Bart 1)ntro3uction an3

"eneral <o3el 4erion 1 eiion CCM+-200=-0R-001

• Co<<on Criteria for )nfor<ation !echnolo" Securit ,aluation Bart 2Securit functional

co<#onent 4erion 1 eiion CCM+-200=-0R-002

• Co<<on Criteria for )nfor<ation !echnolo" Securit ,aluation Bart Securit aurance

co<#onent 4erion 1 eiion CCM+-200=-0R-00

• Co<<on Metho3olo" for )nfor<ation !echnolo" Securit ,aluation

,aluation <etho3olo" 4erion 1 eiion CCM+-200=-0R-00F





19 / 112

Securit Broble< :efinition

!hi cha#ter will 3ecribe the conce#t of #rotecte3 aet. au<#tion. threat. an3

or"anizational ecurit #olicie

1111 Brotecte3 Aet

Securit conce#t of !', i Dthe #rotection of 3ata that can be 3icloe3 a"aint the intention of

the uerD A MB i "enerall ue3. the followin" i<a"e file in aailable ituation beco<e the

#rotecte3 aet

• Secure Brint file

An i<a"e file re"itere3 b Secure Brint

• ): N #rint file

An i<a"e file ae3 a an ): N #rint file when #rint 3ata are re"itere3 b the ): N #rint

function

• Uer +o@ file

An i<a"e file tore3 in the #eronal uer bo@. #ublic uer bo@ an3 "rou# uer bo@

A for a i<a"e file of a Hob ;e#t a a wait tate b actiitie of #lural Hob. an3 a i<a"e file of a

Hob ;e#t that #rint the re<ain3er of co#ie beco<in" a a wait tate for confir<ation of the

finih. an3 other than the i<a"e file 3ealt with the aboe-<entione3 i not inten3e3 to be

#rotecte3 in the "eneral ue of MB. o that it i not treate3 a the #rotecte3 aet

)n the tore of a ecure #rint file or an ): N #rint file an3 the tran<iion of a uer bo@ file.

<a;in" in the #re#aration for the threat thou"ht when unauthorize3 MB or <ail erer i

connecte3 b an chance. or when o#erational etu# of BC-A i chan"e3 een if without

unauthorize3 MB. the ettin" of MB $)B a33re etc% an3 o#eration ettin" of BC-A reIuire

not to be <o3ifie3 ille"all !herefore. the ettin" of MB $)B a33re etc% an3 o#eration ettin"

of BC-A are coni3ere3 a ubi3iar #rotecte3 aet

'n the other han3. when the tore3 3ata hae #hicall "one awa fro< the Huri3iction of a

uer. uch a the ue of MB en3e3 b the leae return or 3icar3. or the cae of a theft of ::.

the uer ha concern about lea; #oibilit of eer re<ainin" 3ata !herefore. in thi cae. the

followin" 3ata file beco<e #rotecte3 aet

• Secure Brint ile

• ): N #rint ile

• Uer +o@ ile

• 'n-<e<or )<a"e ile

)<a"e file of Hob in the wait tate

• Store3 )<a"e ile

Store3 i<a"e file other than ecure #rint file. uer bo@ file. or ): N #rint file

• :: re<ainin" )<a"e ile

!he file which re<ain in the :: 3ata area that i not 3elete3 onl b "eneral3eletion o#eration $3eletion of a file <aintenance area%





20 / 112

• )<a"e-relate3 ile

!e<#orar 3ata file "enerate3 in #rint i<a"e file #rocein"

• !ran<iion A33re :ata ile

ile inclu3in" ,-<ail a33re an3 tele#hone nu<ber that beco<e the 3etination to

tran<it an i<a"e

2222 Au<#tion

!he #reent ection i3entifie an3 3ecribe the au<#tion for the eniron<ent for uin" the

!',

AA:M)( AA:M)( AA:M)( AA:M)( $$$$BeronnelBeronnelBeronnelBeronnel con3itioncon3itioncon3itioncon3ition totototo bebebebe anananan a3<initratora3<initratora3<initratora3<initrator%%%%

A3<initrator. in the role "ien to the<. will not carr out a <aliciou act 3urin" the erie of

#er<itte3 o#eration "ien to the<

AS,4)C, AS,4)C, AS,4)C, AS,4)C, $$$$BeronnelBeronnelBeronnelBeronnel con3itioncon3itioncon3itioncon3ition totototo bebebebe aaaa ericeericeericeerice en"ineeren"ineeren"ineeren"ineer%%%%

Serice en"ineer. in the role "ien to the<. will not carr out a <aliciou act 3urin" erie of

#er<itte3 o#eration "ien to the<

A(,!W'& A(,!W'& A(,!W'& A(,!W'& $$$$(etwor;(etwor;(etwor;(etwor; connectionconnectionconnectionconnection con3itioncon3itioncon3itioncon3ition forforforfor MBMBMBMB%%%%

• !he intra-office *A( where the MB with the !', will be intalle3 i not interce#te3

• When the intra-office *A( where the MB with the !', will be intalle3 i connecte3 to an

e@ternal networ;. acce fro< the e@ternal networ; to the MB i not allowe3

A A A AS,C,!

S,C,!S,C,!S,C,! $

$$$'#eration'#eration'#eration'#erational

alalal con3ition

con3itioncon3itioncon3ition about

aboutaboutabout ecret

ecretecretecret infor<ation

infor<ationinfor<ationinfor<ation%

%%%

,ach #awor3 an3 encr#tion #a#hrae 3oe not lea; fro< each uer in the ue of !',

AS,!!)(G AS,!!)(G AS,!!)(G AS,!!)(G $$$$'#eration'#eration'#eration'#erationalalalal ettin"ettin"ettin"ettin" con3itioncon3itioncon3itioncon3ition of of of of ,nhance3,nhance3,nhance3,nhance3 SecuritSecuritSecuritSecurit functionfunctionfunctionfunction%%%%

!he enhance3 ecurit function i enable3 when a uer ue the !',

!hreat

)n thi ection. threat that are au<e3 3urin" the ue of the !', an3 the eniron<ent for

uin" the !', are i3entifie3 an3 3ecribe3

!!!!:)SCA::)SCA::)SCA::)SCA:----MBMBMBMB $$$$*eae*eae*eae*eae----returnreturnreturnreturn an3an3an3an3 3icar33icar33icar33icar3 of of of of MMMMBBBB%%%%

When leae3 MB are returne3 or 3icar3e3 MB are collecte3. ecure #rint file. uer bo@

file. ): N #rint file. on-<e<or i<a"e file. tore3 i<a"e file. ::-re<ainin" i<a"e file.

i<a"e-relate3 file. tran<iion a33re 3ata file. an3 ariou #awor3 which were et u#

can lea; b the #eron with <aliciou intent when he/he analze the :: or (4AM in the

MB

!!!!+)(G+)(G+)(G+)(G----'U!'U!'U!'U!----S!'AG,S!'AG,S!'AG,S!'AG, $$$$Unauthorize3Unauthorize3Unauthorize3Unauthorize3 brin"brin"brin"brin"----out of ::out of ::out of ::out of ::%%%%

• Secure #rint file. uer bo@ file. ): N #rint file. on-<e<or i<a"e file. tore3 i<a"e file.::-re<ainin" i<a"e file. i<a"e-relate3 file. tran<iion a33re 3ata file. an3





21 / 112

ariou #awor3 which were et u# can lea; b a <aliciou #eron or a uer ille"all when

he/he brin" out the file to analze the :: in a MB

• A #eron or a uer with <aliciou intent ille"all re#lace the :: in MB )n the re#lace3

::. newl create3 file uch a ecure #rint file. uer bo@ file. ): N #rint file.

on-<e<or i<a"e file. tore3 i<a"e file. ::-re<ainin" i<a"e file. i<a"e-relate3 file.

tran<iion a33re 3ata file an3 ariou #awor3 which were et u# are accu<ulate3

A #eron or a uer with <aliciou intent ta;e out to analze the re#lace3 ::. o that uch

i<a"e file will lea;

!ACC,SS!ACC,SS!ACC,SS!ACC,SS----B)4A!,B)4A!,B)4A!,B)4A!,----+'+'+'+' $$$$Unauthorize3Unauthorize3Unauthorize3Unauthorize3 acceacceacceacce totototo thethethethe #eronal#eronal#eronal#eronal ueruerueruer bo@bo@bo@bo@ whichwhichwhichwhich ue3ue3ue3ue3 aaaa ueruerueruer

functionfunctionfunctionfunction%%%%

,@#oure of the uer bo@ file when a #eron or a uer with <aliciou intent accee the uer

bo@ where other uer own. an3 o#erate the uer bo@ file. uch a co#ie. <oe. 3ownloa3.

#rint. tran<it. an3 o on

!ACC,SS!ACC,SS!ACC,SS!ACC,SS----BU+*)CBU+*)CBU+*)CBU+*)C----+'+'+'+' $$$$Unauthorize3Unauthorize3Unauthorize3Unauthorize3 acceacceacceacce totototo #ublic#ublic#ublic#ublic ueruerueruer bo@bo@bo@bo@ whichwhichwhichwhich ue3ue3ue3ue3 aaaa ueruerueruer functionfunctionfunctionfunction%%%%

,@#oure of the uer bo@ file when a #eron or a uer with <aliciou intent accee the #ublic

uer bo@ which i not #er<itte3 to ue. an3 o#erate the uer bo@ file. uch a co#ie. <oe.

3ownloa3. #rint tran<it. an3 o on

!ACC,SS!ACC,SS!ACC,SS!ACC,SS----G'UBG'UBG'UBG'UB----+'+'+'+' $$$$Unauthorize3Unauthorize3Unauthorize3Unauthorize3 acceacceacceacce totototo thethethethe "rou#"rou#"rou#"rou# ueruerueruer bo@bo@bo@bo@ whichwhichwhichwhich ueueueue3333 aaaa ueruerueruer

functionfunctionfunctionfunction%%%%

,@#oure of the uer bo@ file when a #eron or a uer with <aliciou intent accee the "rou#

uer bo@ which the account where a uer 3oe not belon" to own. an3 o#erate the uer bo@

file. uch a co#ie. <oe. 3ownloa3. #rint tran<it. an3 o on

!ACC,SS!ACC,SS!ACC,SS!ACC,SS----S,CU,S,CU,S,CU,S,CU,----B)(!B)(!B)(!B)(! $$$$Unauthorize3Unauthorize3Unauthorize3Unauthorize3 acceacceacceacce totototo thethethethe ecureecureecureecure #rint#rint#rint#rint filefilefilefile orororor ): N #rint): N #rint): N #rint): N #rint file bfile bfile bfile b

utilizin" the uer functionutilizin" the uer functionutilizin" the uer functionutilizin" the uer function%%%%

• Secure #rint file are e@#oe3 b thoe <aliciou inclu3in" uer when he/he o#erate

$#rint etc% one to which acce i not allowe3

• ): N #rint file are e@#oe3 b thoe <aliciou inclu3in" uer when he/he o#erate $#rint

etc% one which were tore3 b other uer

!!!!U(,B,C!,:U(,B,C!,:U(,B,C!,:U(,B,C!,:----!A(SM)SS)'(!A(SM)SS)'(!A(SM)SS)'(!A(SM)SS)'( $$$$!ran<iion to uninten3e3 a33re!ran<iion to uninten3e3 a33re!ran<iion to uninten3e3 a33re!ran<iion to uninten3e3 a33re%%%%• Maliciou #eron or uer chan"e the networ; ettin" that are relate3 to the tran<iion

of a uer bo@ file ,en an a33re i et #reciel. a uer bo@ file i tran<itte3 $the ,-<ail

tran<iion or the !B tran<iion% to the entit which a uer 3oe not inten3 to. o that

a uer bo@ file i e@#oe3

8!he networ; ettin" which are relate3 to uer bo@ file tran<iion9

Settin" relate3 to the SM!B erer

Settin" relate3 to the :(S erer

• Maliciou #eron or uer chan"e the networ; ettin" which et in MB to i3entif MB

itelf where !', intalle3. b ettin" to the alue of the entit uch a another unauthorize3

MB fro< the alue of MB $(et+)'S na<e. A##le!al; #rinter na<e. )B a33re etc% that!', i ori"inall intalle3. o that ecure #rint file or ): N #rint file are e@#oe3





22 / 112

• Maliciou #eron or uer chan"e the !S) receiin" ettin" A uer bo@ file i tore3 to the

entit which a uer 3oe not inten3 to. o that a uer bo@ file i e@#oe3

• Maliciou #eron or uer chan"e the BC-A rece#tion ettin" + chan"in" the ettin" of

the torin" for the #ublic uer bo@ to tore to co<<on area for all uer. a uer bo@ file i

tore3 to the entit which a uer 3oe not inten3 to. o that a uer bo@ file i e@#oe3

K !hi threat e@it onl in the cae that the ettin" of BC-A rece#tion i <eant to wor; a

the o#eration ettin" for bo@ torin"

!!!!ACC,SS ACC,SS ACC,SS ACC,SS----S,!!)(GS,!!)(GS,!!)(GS,!!)(G $$$$An An An An unauthorize3unauthorize3unauthorize3unauthorize3 chan"echan"echan"echan"e of of of of aaaa functionfunctionfunctionfunction ettin"ettin"ettin"ettin" con3itioncon3itioncon3itioncon3ition relate3relate3relate3relate3 totototo

ecuritecuritecuritecurit%%%%

!he #oibilit of lea;in" uer bo@ file. ecure #rint file. or ): N #rint file rie becaue

thoe <aliciou inclu3in" uer chan"e the ettin" relate3 to the enhance3 ecurit function

!!!!+AC&UB+AC&UB+AC&UB+AC&UB----,S!',,S!',,S!',,S!', $$$$Unauthorize3Unauthorize3Unauthorize3Unauthorize3 ueueueue of of of of bbbbac;u#ac;u#ac;u#ac;u# functionfunctionfunctionfunction an3an3an3an3 retorretorretorretorationationationation functionfunctionfunctionfunction%%%%

Uer bo@ file. ecure #rint file. or ): N #rint file can lea; b thoe <aliciou inclu3in" uer

uin" the bac;u# function an3 the retoration function ille"all Alo hi"hl confi3ential 3ata

uch a #awor3 can be e@#oe3. o that ettin" <i"ht be falifie3

FFFF 'r"anizational Securit Bolicie

ecentl. there are a lot of or"anization that 3e<an3 ecurit of networ; in office Althou"h a

threat of wireta##in" actiitie etc in intra-office *A( i not au<e3 in thi S!. !', ecurit

eniron<ent that corre#on3 to the or"anization that 3e<an3e3 ecurit <eaure in

intra-office *A( i au<e3 Moreoer. althou"h a accu<ulate3 3ata in a client BC an3 a erer

e@itin" in internal networ;. an3 a "eneral 3ata traelin" acro the internal networ; are not

#rotecte3 aet. !', ecurit eniron<ent that corre#on3 to the or"anization that #rohibite3

the acce to internal networ; ia MB fro< a@ #ublic line #ortal i au<e3

!he ecurit #olicie a##lie3 in the or"anization that ue !', are i3entifie3 an3 3ecribe3 a

follow

BC'MMU()CA!)'(BC'MMU()CA!)'(BC'MMU()CA!)'(BC'MMU()CA!)'(----:A!A :A!A :A!A :A!A $$$$SSSSecureecureecureecure co<<unicco<<unicco<<unicco<<unicationationationation of of of of i<a"ei<a"ei<a"ei<a"e file%file%file%file%

i"hl confi3ential i<a"e file $ecure #rint file. uer bo@ file. an3 ): N #rint file% which

tran<itte3 or receie3 between )! eIui#<ent <ut be co<<unicate3 ia a trute3 #a to the

correct 3etination. or encr#te3 when the or"anization or the uer e@#ect to be #rotecte3

BBBB,>,C!,>,C!,>,C!,>,C!----*)(,*)(,*)(,*)(, $$$$Acce #rohibition fro< #ublic line Acce #rohibition fro< #ublic line Acce #rohibition fro< #ublic line Acce #rohibition fro< #ublic line%%%%

An acce to internal networ; fro< #ublic line ia the a@ #ublic line #ortal <ut be

#rohibite3





23 / 112

FFFF Securit 'bHectie

)n thi cha#ter. in relation to the au<#tion. the threat. an3 the or"anizational ecurit

#olic i3entifie3 in Cha#ter . the reIuire3 ecurit obHectie for the !', an3 the eniron<ent

for the ua"e of the !', are 3ecribe3 b bein" 3ii3e3 into the cate"orie of the ecurit

obHectie for the !', an3 the ecurit obHectie for the eniron<ent. a follow

F1F1F1F1 Securit 'bHectie for the !',

)n thi ection. the ecurit obHectie for the !', i i3entifie3 an3 3ecribe3

'''',G)S!,,:,G)S!,,:,G)S!,,:,G)S!,,:----US,US,US,US, $$$$UtilizationUtilizationUtilizationUtilization of of of of #er<itte3#er<itte3#er<itte3#er<itte3 ueruerueruer%%%%

!', #er<it the ue of MB intalle3 !', onl to the uer who uccee3e3 the i3entification

an3 authentication

''''B)4A!,B)4A!,B)4A!,B)4A!,----+'+'+'+' $$$$BeronalBeronalBeronalBeronal ueruerueruer bo@bo@bo@bo@ acceacceacceacce controlcontrolcontrolcontrol%%%%

• !', #er<it onl a uer to ue the uer function of the #eronal uer bo@ that thi uer

own

• !', #er<it onl a uer to ue the uer function of the ue bo@ file in the #eronal uer bo@

that thi uer own

''''BU+*)CBU+*)CBU+*)CBU+*)C----+'+'+'+' $$$$BublicBublicBublicBublic ueruerueruer bo@bo@bo@bo@ aaaaccecceccecce controlcontrolcontrolcontrol%%%%

• !', #er<it the uer who uccee3e3 i3entification an3 authentication the rea3in"

o#eration of the #ublic uer bo@

• !', #er<it the uer function of the #ublic uer bo@ onl to the uer who i #er<itte3 the

ue of thi #ublic uer bo@

• !', #er<it the uer function of the uer bo@ file in the #ublic uer bo@ onl to the uer who

i #er<itte3 the ue of thi #ublic uer bo@

''''G'UBG'UBG'UBG'UB----+'+'+'+' $$$$Grou#Grou#Grou#Grou# ueruerueruer bo@bo@bo@bo@ acceacceacceacce controlcontrolcontrolcontrol%%%%

• !', #er<it the uer function of the "rou# uer bo@ that thi account own onl to the uer

who i #er<itte3 the ue of thi account

• !', #er<it the uer function of the uer bo@ file in the "rou# uer bo@ that thi account

own onl to the uer who i #er<itte3 the ue of thi account

'S,CU,'S,CU,'S,CU,'S,CU,----B)(!B)(!B)(!B)(! $$$$Acce control for ecure #rint file an3 Acce control for ecure #rint file an3 Acce control for ecure #rint file an3 Acce control for ecure #rint file an3 ): N #rint): N #rint): N #rint): N #rint filefilefilefile%%%%

• !', #er<it the uer function of a ecure #rint file onl to the uer who wa allowe3 to ue

the file

• !', #er<it the uer function of an ): N #rint file onl to the uer who tore3 that file

''''C'()GC'()GC'()GC'()G $$$$Acce Acce Acce Acce li<itationli<itationli<itationli<itation totototo <ana"e<ent<ana"e<ent<ana"e<ent<ana"e<ent functionfunctionfunctionfunction%%%%

!', #er<it onl the a3<initrator the o#eration of the followin" function

• !he ettin" function relate3 to the SM!B erer

• !he ettin" function relate3 to the :(S erer• !he ettin" function relate3 to the a33re of MB





24 / 112

• +ac;u# function

• etoration function

• !he ettin" function of !rute3 Channel function ettin" 3ata

• !he ettin" function of certificate. tran<iion a33re 3ata. etc ue3 for the S/M)M,

function

• !he ettin" function of !S) receiin"

• !he ettin" function of BC-A rece#tion

• Counter <ana"e<ent function

!', #er<it the o#eration of the followin" function onl to the a3<initrator an3 the erice

en"ineer

• !he function relate3 to the ettin" of ,nhance3 Securit function

'''''4,W)!,'4,W)!,'4,W)!,'4,W)!,----A** A** A** A** $$$$Co<#leteCo<#leteCo<#leteCo<#lete oerwriteoerwriteoerwriteoerwrite 3eletion3eletion3eletion3eletion%%%%

!', oerwrite all the 3ata re"ion of :: in MB with 3eletion 3ata. an3 <a;e all i<a"e

3ata unable to retore )n a33ition. !', #roi3e a function to initialize ettin" uch a the

hi"hl confi3ential #awor3 on (4AM $a3<initrator #awor3. encr#tion #a#hrae.

S(MB #awor3. an3 Web:A4 erer #awor3% et b a uer or an a3<initrator

''''CYB!CYB!CYB!CYB!----&,Y &,Y &,Y &,Y $$$$,ncr#tion,ncr#tion,ncr#tion,ncr#tion ;e;e;e;e "eneration"eneration"eneration"eneration%%%%

!', "enerate an encr#tion ;e to encr#t an3 tore all the 3ata written in the :: in the

MB inclu3in" i<a"e file

''''!US!,:!US!,:!US!,:!US!,:----BASSBASSBASSBASS $$$$!he!he!he!he ueueueue of of of of !rute3!rute3!rute3!rute3 ChannelChannelChannelChannel%%%%

!', #roi3e the function that co<<unicate ia !rute3 Channel the followin" i<a"e file.

which i tran<itte3 an3 receie3 between MB an3 client BC

8 )<a"e file tran<itte3 fro< MB to client BC 9

• Uer bo@ file

8 )<a"e file tran<itte3 fro< client BC to MB 9

• )<a"e file that will be tore3 a uer bo@ file

• )<a"e file that will be tore3 a ecure #rint file

• )<a"e file that will be tore3 a ): N #rint file

''''CYB!'CYB!'CYB!'CYB!'----MA)*MA)*MA)*MA)* $$$$!he!he!he!he ueueueue of of of of encr#te3encr#te3encr#te3encr#te3 <ail<ail<ail<ail%%%%

!', #roi3e the function that encr#t an3 tran<it the uer bo@ file tran<itte3 fro< MB

to the correct 3etination with e-<ail

'A'A'A'A----C'(!'*C'(!'*C'(!'*C'(!'* $a@ unit control%$a@ unit control%$a@ unit control%$a@ unit control%

!', #roi3e the control function that #rohibit an acce to internal networ; which the MB

connect with. fro< #ublic line ia the a@ #ublic line #ortal

''''AU! AU! AU! AU!----CABA+)*)!Y CABA+)*)!Y CABA+)*)!Y CABA+)*)!Y $!he$!he$!he$!he u##ortu##ortu##ortu##ort o#erationo#erationo#erationo#eration totototo utilizeutilizeutilizeutilize ueruerueruer authenticationauthenticationauthenticationauthentication functionfunctionfunctionfunction%%%%

!', u##ort the necear o#eration to utilize the uer authentication function b uer

infor<ation <ana"e<ent erer uin" Actie :irector

''''CYB!'CYB!'CYB!'CYB!'----CABA+)*)!Y CABA+)*)!Y CABA+)*)!Y CABA+)*)!Y $!he$!he$!he$!he u##ortu##ortu##ortu##ort o#erationo#erationo#erationo#eration totototo utilizeutilizeutilizeutilize :::::::: enenenencr#tioncr#tioncr#tioncr#tion functionfunctionfunctionfunction%%%%!', u##ort necear <echanical o#eration to utilize the :: encr#tion function b





25 / 112

AS)C

F2F2F2F2 Securit 'bHectie for the '#erational ,niron<ent

)n thi ection. the ecurit obHectie for !', o#erational eniron<ent are 3ecribe3

',,,:',,,:',,,:',,,:----+AC& +AC& +AC& +AC& $$$$UtilizationUtilizationUtilizationUtilization of of of of a##licationa##licationa##licationa##lication totototo howhowhowhow ecureecureecureecure #awor3#awor3#awor3#awor3%%%%

!he a3<initrator an3 uer utilize the a##lication of a brower etc. ue3 b client BC to acce

MB. that #roi3e a##ro#riate #rotecte3 fee3bac; to the uer #awor3. uer bo@ #awor3.

account #awor3. a3<initrator #awor3. ecure #rint #awor3. S(MB #awor3. an3

Web:A4 erer #awor3. which will be entere3

',',',',SSSS,4,,4,,4,,4, $$$$UtilizationUtilizationUtilizationUtilization of of of of ueruerueruer infor<ationinfor<ationinfor<ationinfor<ation <ana"e<ent<ana"e<ent<ana"e<ent<ana"e<ent erer%erer%erer%erer%

!he a3<initrator et to utilize uer <ana"e<ent b Actie :irector in cae of uin"

e@ternal uer infor<ation <ana"e<ent erer intea3 of MB for the <ana"e<ent of uer

account

',',',',S,SS)'(S,SS)'(S,SS)'(S,SS)'( $!er<ination$!er<ination$!er<ination$!er<ination of of of of eioneioneioneion afterafterafterafter o#eration%o#eration%o#eration%o#eration%

!he a3<initrator ha the uer i<#le<ent the followin" o#eration

• After the o#eration of ecure #rint file. ): N #rint file. an3 the uer bo@ an3 uer bo@ file

en3. the lo"off o#eration i #erfor<e3

!he a3<initrator e@ecute the followin" o#eration

• After the o#eration of the ariou function in a3<initrator <o3e en3. the lo"off o#eration

i #erfor<e3

!he erice en"ineer e@ecute the followin" o#eration

• After the o#eration of the ariou function in erice <o3e en3. the lo"off o#eration i

#erfor<e3

',',',',A:M)(A:M)(A:M)(A:M)( $$$$A AA A reliablereliablereliablereliable a3<initratora3<initratora3<initratora3<initrator%%%%

!he re#onible #eron in the or"anization who ue MB will ai"n a #eron who can

faithfull e@ecute the "ien role 3urin" the o#eration of the MB with !', a an

a3<initrator

',',',',S,4)C,S,4)C,S,4)C,S,4)C, $$$$!he!he!he!he ericeericeericeerice en"ineeren"ineeren"ineeren"ineerJJJJ "uarantee"uarantee"uarantee"uarantee%%%%

• !he re#onible #eron in the or"anization <ana"in" the <aintenance of MB e3ucate a

erice en"ineer in or3er to faithfull carr out the "ien role for the intallation of the !',.

the etu# of !', an3 the <aintenance of the MB with !',

• !he a3<initrator obere the <aintenance wor; of MB with !', b a erice en"ineer

',(,!W'& ',(,!W'& ',(,!W'& ',(,!W'& $$$$(etwor;(etwor;(etwor;(etwor; ,niron<ent,niron<ent,niron<ent,niron<ent inininin whichwhichwhichwhich thethethethe MBMBMBMB iiii connecte3connecte3connecte3connecte3%%%%

• !he re#onible #eron in the or"anization who ue MB carrie out the ta##in" #reention

<eaure b ettin" the ci#her co<<unication eIui#<ent an3 the ta##in" 3etection

eIui#<ent to the *A( of the office where MB with !', i intalle3

• !he re#onible #eron in the or"anization who ue MB carrie out the <eaure for the

unauthorize3 acce fro< the outi3e b ettin" u# the eIui#<ent uch a the firewall tointerce#t the acce fro< an e@ternal networ; to MB with !',





26 / 112

',A',A',A',A----U()!U()!U()!U()! $Utilization of a@ unit%$Utilization of a@ unit%$Utilization of a@ unit%$Utilization of a@ unit%

!he erice en"ineer intall the a@ unit on MB which i the o#tional #art an3 et to

utilize the function of the a@ unit

',',',',S,C,!S,C,!S,C,!S,C,! $$$$A##ro#riate A##ro#riate A##ro#riate A##ro#riate <an<an<an<ana"e<enta"e<enta"e<enta"e<ent of of of of confi3entialconfi3entialconfi3entialconfi3ential infor<ationinfor<ationinfor<ationinfor<ation%%%%

!he a3<initrator ha the uer i<#le<ent the followin" o#eration

• &ee# the uer #awor3 an3 ecure #rint #awor3 confi3ential

• &ee# the uer bo@ #awor3 an3 account #awor3 confi3ential between the uer who

co<<onl utilize it

• Shoul3 not et the alue that can be "uee3 for the uer #awor3. ecure #rint #awor3

an3 the uer bo@ #awor3

• !he uer #awor3 an3 the uer bo@ #awor3 houl3 be #ro#erl chan"e3

• When the a3<initrator chan"e the uer #awor3 or the uer bo@ #awor3. <a;e the uer

to chan"e the< #ro<#tl

!he a3<initrator e@ecute the followin" o#eration

• Aoi3 ettin" an ea-to-"ue alue on the a3<initrator #awor3. account #awor3.

S(MB #awor3. encr#tion #a#hrae. an3 Web:A4 erer #awor3

• &ee# the a3<initrator #awor3. account #awor3. S(MB #awor3. encr#tion

#a#hare an3 Web:A4 erer #awor3 confi3ential

• Chan"e the a3<initrator #awor3. account #awor3. S(MB #awor3. encr#tion

#a#hrae. an3 Web:A4 erer #awor3 a##ro#riatel

!he erice en"ineer e@ecute the followin" o#eration

• Shoul3 not et the alue that can be "uee3 for the C, #awor3

•

&ee# the C, #awor3 confi3ential• !he C, #awor3 houl3 be #ro#erl chan"e3

• When the erice en"ineer chan"e the a3<initrator #awor3. <a;e the a3<initrator to

chan"e it #ro<#tl

',S,!!)(G',S,!!)(G',S,!!)(G',S,!!)(G----S,CU)!Y S,CU)!Y S,CU)!Y S,CU)!Y $$$$'#eration'#eration'#eration'#erational etu#al etu#al etu#al etu# of of of of ,nhance3,nhance3,nhance3,nhance3 SecuritSecuritSecuritSecurit functionfunctionfunctionfunction%%%%

!he a3<initrator <a;e the etu# of the enhance3 ecurit function effectie for !', before

a uer ue it





27 / 112

FFFF Securit 'bHectie ationale

F1F1F1F1 (eceit

!he corre#on3ence between the au<#tion. threat an3 or"anization ecurit #olicie an3

ecurit obHectie are hown in the followin" table )t how that the ecurit obHectie

corre#on3 to at leat one au<#tion. threat or or"anization ecurit #olicie

!able!able!able!able 1111 Confor<itConfor<itConfor<itConfor<it of of of of ecuritecuritecuritecurit obHectieobHectieobHectieobHectie totototo au<#tionau<#tionau<#tionau<#tion. threat. an3. threat. an3. threat. an3. threat. an3 or"anizationor"anizationor"anizationor"anization ecurit #olicecurit #olicecurit #olicecurit #olicieieieie

'r"anization ecurit

#olicie

Au<#tion

!hreat

Securit obHectie

A /A :M) (

A / S , 0 4) C ,

A /(,! W ' 0&

A / S , C 0,!

A / S ,! ! ) ( G

! /:) S C A 0:- M B

! /+ 0) ( G- ' U! - S

! ' 0A G,

! /A C C , S S - B 0) 4

A ! ,- + '

! /A C C , S S - B U+*

) C - + '

! /A C C , S S - G 0 ' UB - + '

! /A C C , S S - S , C U

0,- B 0) (!

! / U(, B , C ! ,:

- ! 0A ( S M) S S ) '(

! /A C C , S S - S ,! !

) ( G

! /+A C & UB - 0, S ! ' 0,

B / C 'MM U() C A ! ) '(- :A ! A

B / 0, > , C ! - * ) (,

',G)S!,,:-US,

'B)4A!,-+'

'BU+*)C-+'

'G'UB-+'

'S,CU,-B)(!

'C'()G ''4,W)!,-A**

'CYB!'-&,Y

'!US!,:-BASS

'CYB!'-MA)*

'A-C'(!'*

'CYB!'-CABA+)*)!Y

'AU!-CABA+)*)!Y

',,,:-+AC&

',S,4,

',S,SS)'(

',A:M)(

',S,4)C,

',(,!W'&

',A-U()!

',S,C,!

',S,!!)(G-S,CU)!Y





28 / 112

F2F2F2F2 Sufficienc of Au<#tion

!he ecurit obHectie for the au<#tion are 3ecribe3 a follow

AA:M)( AA:M)( AA:M)( AA:M)( $$$$Beronnel Con3ition to be anBeronnel Con3ition to be anBeronnel Con3ition to be anBeronnel Con3ition to be an A3<initrator% A3<initrator% A3<initrator% A3<initrator%

!hi con3ition au<e that a3<initrator are not <aliciou

With ',A:M)(. the or"anization that ue the MB ai"n #eronnel who are reliable in

the or"anization that ue the MB. o the reliabilit of the a3<initrator i realize3

AS,4)C, AS,4)C, AS,4)C, AS,4)C, $$$$BeronnelBeronnelBeronnelBeronnel Con3itionCon3itionCon3itionCon3ition totototo bebebebe aaaa SericeSericeSericeSerice ,n"ineer%,n"ineer%,n"ineer%,n"ineer%

!hi con3ition au<e the erice en"ineer are not <aliciou

With ',S,4)C,. the or"anization that <ana"e the <aintenance of the MB e3ucate the

erice en"ineer Alo the a3<initrator nee3 to obere the <aintenance of the MB. o that

the reliabilit of erice en"ineer i aure3

A(,!W'& A(,!W'& A(,!W'& A(,!W'& $$$$(etwor;(etwor;(etwor;(etwor; ConnectionConnectionConnectionConnection Con3itionCon3itionCon3itionCon3ition forforforfor thethethethe MBMBMBMB%%%%

!hi con3ition au<e that there are no wireta##in" actiitie an3 no acce b an

un#ecifie3 #eron fro< an e@ternal networ; to the intra-office *A(

',(,!W'& re"ulate the wireta##in" #reention b the intallation of 3eice uch a a

wireta##in" 3etection 3eice an3 3eice to #erfor< the encr#tion co<<unication on the

intra-office *A( )t alo re"ulate the unauthorize3 acce #reention fro< e@ternal b the

intallation of 3eice uch a firewall in or3er to bloc; acce to the MB fro< the e@ternal

networ;. o that thi con3ition i realize3

AS,C,! AS,C,! AS,C,! AS,C,! $'#eratin"$'#eratin"$'#eratin"$'#eratin" con3itioncon3itioncon3itioncon3ition concernin"concernin"concernin"concernin" confi3entialconfi3entialconfi3entialconfi3ential infor<ation%infor<ation%infor<ation%infor<ation%

!hi con3ition au<e each #awor3 an3 encr#tion #a#hrae uin" for the ue of !',

houl3 not be lea;e3 b each uer

',S,C,! re"ulate that the a3<initrator <a;e the uer to e@ecute the o#eration rule

concernin" the ecure #rint #awor3. uer bo@ #awor3. uer #awor3. an3 account

#awor3 an3 that the a3<initrator e@ecute the o#eration rule concernin" the

a3<initrator #awor3. S(MB #awor3. encr#tion #a#hrae. account #awor3. an3

Web:A4 erer #awor3 )t alo re"ulate that the erice en"ineer e@ecute the o#eration

rule concernin" the C, #awor3. an3 that the erice en"ineer <a;e the a3<initrator to

e@ecute the o#eration rule concernin" the a3<initrator #awor3. o that thi con3ition irealize3

AS,!!)(G AS,!!)(G AS,!!)(G AS,!!)(G $$$$,nhance3,nhance3,nhance3,nhance3 SecuritSecuritSecuritSecurit unctionunctionunctionunction '#erational'#erational'#erational'#erational Setu#Setu#Setu#Setu# Con3itionCon3itionCon3itionCon3ition%%%%

!hi con3ition au<e the enhance3 ecurit function o#erational ettin" con3ition i

atifie3

',S,!!)(G-S,CU)!Y re"ulate that thi i ue3 after the a3<initrator actiate the

enhance3 ecurit function. o that thi con3ition i realize3

FFFF Sufficienc of !hreat

!he ecurit obHectie a"aint threat are 3ecribe3 a follow





29 / 112

!:)SCA:!:)SCA:!:)SCA:!:)SCA:----MBMBMBMB $*eae$*eae$*eae$*eae returnreturnreturnreturn an3an3an3an3 3icar33icar33icar33icar3 of of of of MB%MB%MB%MB%

!hi threat au<e the #oibilit of lea;in" infor<ation fro< MB collecte3 fro< the uer

''4,W)!,-A** i that !', #roi3e the function to oerwrite 3ata for the 3eletion of

all area of :: an3 initialize the infor<ation of (4AM. o that the #oibilit of the

threat i re<oe3 b e@ecutin" thi function before MB i collecte3

Accor3in"l. thi threat i countere3 ufficientl

!+)(G!+)(G!+)(G!+)(G----'U!'U!'U!'U!----S!'AG,S!'AG,S!'AG,S!'AG, $Unauthorize3$Unauthorize3$Unauthorize3$Unauthorize3 brin"brin"brin"brin"in"in"in"in" outoutoutout ::::::::%%%%

!hi threat au<e the #oibilit that the i<a"e 3ata in :: lea; b bein" tolen fro<

the o#erational eniron<ent un3er MB ue3 or b intallin" the unauthorize3 :: an3

ta;in" awa with the 3ata accu<ulate3 in it

or the aboe. the #oibilit of the threat i re3uce3 becaue 'CYB!'-&,Y au<e that

!', "enerate an encr#tion ;e to encr#t the 3ata written in the ::. an3 a <echanical

o#eration to ue the :: encr#tion function b AS)C i u##orte3 b

'CYB!'-CABA+)*)!Y


!ACC,SS!ACC,SS!ACC,SS!ACC,SS----B)4A!,B)4A!,B)4A!,B)4A!,----+'+'+'+' $Unauthorize3$Unauthorize3$Unauthorize3$Unauthorize3 acceacceacceacce totototo #eronal#eronal#eronal#eronal ueruerueruer bo@bo@bo@bo@ uin"uin"uin"uin" ueruerueruer functionfunctionfunctionfunction%%%%

!hi threat au<e the #oibilit that an unauthorize3 o#eration i 3one b uin" the uer

function for the #eronal uer bo@ which each uer ue to tore the i<a"e file

',G)S!,,:-US, i au<e3 that onl the uer to who< !', uccee3 i3entification

an3 authentication i #er<itte3 to ue MB intalle3 !',. further<ore. the o#eration of a

#eronal uer bo@ an3 the uer bo@ file in a #eronal uer bo@ i retricte3 onl to the uer

who i the owner b 'B)4A!,-+'. o that the #oibilit of the threat i re3uce3 When

the e@ternal uer infor<ation <ana"e<ent erer i ue3. the #oibilit of the threat i

re3uce3 becaue the uer i3entification an3 authentication i o#erate3 throu"h

'AU!-CABA+)*)!Y u##ortin" the o#eration for the uer authentication function b the

uer infor<ation <ana"e<ent erer of Actie :irector an3 throu"h ',S,4, ettin" to

ue the uer <ana"e<ent b Actie :irector b the a3<initrator

',,,:-+AC& ue the a##lication re"ulatin" to return the #rotecte3 fee3bac; for the

entere3 #awor3 in the uerJ authentication. an3 ',S,SS)'( alo reIuire the lo"-off

o#eration after the o#eration en3. o that ',G)S!,,:-US, an3 'B)4A!,-+' are

u##orte3 ufficientl


!ACC,SS!ACC,SS!ACC,SS!ACC,SS----BU+*)CBU+*)CBU+*)CBU+*)C----+'+'+'+' $Unauthorize3$Unauthorize3$Unauthorize3$Unauthorize3 acceacceacceacce totototo ####ublicublicublicublic ueruerueruer bo@bo@bo@bo@ uin"uin"uin"uin" ueruerueruer functionfunctionfunctionfunction%%%%

!hi threat au<e the #oibilit that an unauthorize3 o#eration i 3one b uin" the uer

function for the #ublic uer bo@ which each uer hare to tore the i<a"e file

',G)S!,,:-US, au<e that onl the uer to who< !', uccee3 i3entification an3

authentication i #er<itte3 to ue MB intallin" !',. further<ore. the o#eration of the

#ublic uer bo@ an3 the uer bo@ file in the #ublic uer bo@ i retricte3 onl to the uer who i

#er<itte3 b 'BU+*)C-+'. o that the #oibilit of the threat i re3uce3 When the

e@ternal uer infor<ation <ana"e<ent erer i ue3. the #oibilit of the threat i re3uce3

becaue the uer i3entification an3 authentication i o#erate3 throu"h'AU!-CABA+)*)!Y u##ortin" the o#eration for the uer authentication function b the







31 / 112

!!!!U(,B,C!,:U(,B,C!,:U(,B,C!,:U(,B,C!,:----!A(SM)SS)'(!A(SM)SS)'(!A(SM)SS)'(!A(SM)SS)'( $$$$!ran<iion to uninten3e3 a33re!ran<iion to uninten3e3 a33re!ran<iion to uninten3e3 a33re!ran<iion to uninten3e3 a33re%%%%

!hi threat au<e the #oibilit of en3in" the uer bo@ file to the a33re that inJt

inten3e3. when the networ; ettin" that relate to the tran<iion i ille"all chan"e3 !hi

i concerne3 about a #oibilit that the uer bo@ file i tran<itte3 to the #ecifie3 erer

ille"all without the chan"e of the networ; eniron<ent contitution b the <aliciou #eron

b. for intance. ille"all bein" chan"e3 the a33re of the SM!B erer that rela ,-<ail for

the ,-<ail. or ille"all bein" chan"e3 the a33re of the :(S erer where the 3o<ain na<e

i inIuire3 when the a33re of the SM!B erer i ue3 for a earch of the 3o<ain na<e

or !B tran<iion. b bein" li;el to ue the <echani< of the earch of the 3o<ain na<e

i concerne3 about the i<ilar #oibilit of the inci3ent <i"ht be occurre3 b ,-<ailin"

urther<ore. when the networ; ettin" which i relate3 to the a33re of MB i <o3ifie3

ille"all. it au<e the #oibilit to ue the #rint function to the unauthorize3 entit fro<

client BC b the uer who beliee a !', ,#eciall. it beco<e a #roble< if a ecure #rint

file or an ): N #rint file which i reIuire3 to be conceale3 fro< other uer in the office i

tran<itte3 to the unauthorize3 entit

)n a33ition to thi. the ettin" of BC-A rece#tion an3 the ettin" of !S) rece#tion au<e

the #oibilit of uninten3e3 uer bo@ file torin" at A rece#tion

'n the other han3. 'C'()G re"ulate that the role to o#erate the networ; ettin" relatin"

to the tran<iion of !',. the ettin" of BC-A rece#tion an3 the ettin" of !S) rece#tion

are li<ite3 to the a3<initrator. an3 o the #oibilit of thi threat i re<oe3

',,,:-+AC& ue the a##lication re"ulatin" that the fee3bac; #rotecte3 i returne3 for

the entere3 #awor3 b the a3<initratorJ authentication an3 ',S,SS)'( reIuire to

lo"off after the o#eration en3. o that 'C'()G i u##orte3 ufficientl


!ACC,SS!ACC,SS!ACC,SS!ACC,SS----S,!!)(GS,!!)(GS,!!)(GS,!!)(G $$$$Unauthorize3Unauthorize3Unauthorize3Unauthorize3 chan"echan"echan"echan"e of of of of functionfunctionfunctionfunction ettin"ettin"ettin"ettin" con3itioncon3itioncon3itioncon3ition relate3relate3relate3relate3 totototo ecuritecuritecuritecurit%%%%

!hi threat au<e the #oibilit of 3eelo#in" coneIuentiall into the lea;a"e of the uer

bo@ file. ecure #rint file. or ): N #rint file b hain" been chan"e3 the #ecific function

ettin" which relate to ecurit

'C'()G re"ulate that onl the a3<initrator an3 the erice en"ineer are #er<itte3 to

#erfor< the etu# of the enhance3 ecurit function that control all ettin" function relate3

to a erie of ecurit. an3 o the #oibilit of the threat i re<oe3

',,,:-+AC& ue the a##lication re"ulatin" that the fee3bac; #rotecte3 i returne3 for

the entere3 ariou #awor3 b the a3<initratorJ authentication. an3 ',S,SS)'( i

alo reIuete3 to lo"off re#ectiel after the o#eration of the a3<initrator <o3e en3. othat 'C'()G i u##orte3 ufficientl


!+AC&UB!+AC&UB!+AC&UB!+AC&UB----,S!',,S!',,S!',,S!', $Unauthorize3$Unauthorize3$Unauthorize3$Unauthorize3 ueueueue of of of of bac;bac;bac;bac;----u#u#u#u# functionfunctionfunctionfunction an3an3an3an3 retorretorretorretorationationationation functionfunctionfunctionfunction%%%%

!hi threat au<e a #oibilit that uer bo@ file. ecure #rint file. or ): N #rint file <a

lea; when the bac;-u# function or the retoration function i ille"all ue3 Moreoer. thi

au<e that confi3ential 3ata uch a #awor3 <i"ht lea; or ariou ettin" are falifie3.

o that uer bo@ file. ecure #rint file. or ): N #rint file <a lea;

'C'()G re"ulate that the ue of the bac;-u# function an3 the retoration function i

#er<itte3 onl to the a3<initrator. o that the #oibilit of the threat i re<oe3',,,:-+AC& ue the a##lication re"ulatin" that the #rotecte3 fee3bac; i returne3 for





32 / 112

the entere3 #awor3 b the a3<initrator authentication an3 ',S,SS)'( i alo

reIuete3 the lo"-off o#eration after the o#eration en3. an3 o 'C'()G i ufficientl

u##orte3


FFFFFFFF Sufficienc of 'r"anizational Securit Bolicie

Securit obHectie corre#on3in" to or"anizational ecurit #olicie i e@#laine3 a follow

BC'MMU()CA!)'(BC'MMU()CA!)'(BC'MMU()CA!)'(BC'MMU()CA!)'(----:A!A :A!A :A!A :A!A $ecure$ecure$ecure$ecure co<<unicationco<<unicationco<<unicationco<<unication of of of of i<a"ei<a"ei<a"ei<a"e file%file%file%file%

!hi or"anizational ecurit #olic #recribe carrin" out #rocein" ia trute3 #a to a

correct 3etination or encr#tin" to enure the confi3entialit about the i<a"e file which

flow on a networ; in the cae of the or"anization or the uer e@#ect to be #rotecte3 A thi

corre#on3 a oneJ reIuet. there i no nee3 to #roi3e ecure co<<unication function for

all co<<unication At leat one ecure co<<unication <etho3 between MB an3 client BC

nee3 to be #roi3e3 when tran<ittin" the ecure #rint file or the uer bo@ file

'!US!,:-BASS #roi3e !rute3 Channel to a correct 3etination in the tran<iion

an3 rece#tion of an i<a"e between MB an3 client BC for uer bo@ file. ecure #rint file.

an3 ): N #rint file that ae confi3ential i<a"e. o that the or"anizational ecurit #olicie

i achiee3

Alo. the ecurit obHectie #roi3e the tran<iion function to a correct 3etination b

encr#tin" the uer bo@ file tran<itte3 b e-<ail fro< MB to client BC b

'CYB!'-MA)*. o that the or"anizational ecurit #olicie i achiee3

urther<ore. 'C'()G retrict the !rute3 Channel function ettin" 3ata. the

<ana"e<ent of the uer bo@ fileJ encr#tion b e-<ail an3 the tran<iion a33re 3ata to

the a3<initrator An3. ',,,:-+AC& ue the a##lication re"ulatin" that the #rotecte3

fee3bac; i returne3 for the entere3 #awor3 in the a3<initratorJ authentication. an3

',S,SS)'( i alo re"ulate3 to lo" off after the o#eration of the a3<initrator <o3e en3.

o that 'C'()G i u##orte3

Accor3in"l. thi or"anizational ecurit #olic i ufficientl to achiee

B,>,C!B,>,C!B,>,C!B,>,C!----*)(,*)(,*)(,*)(, $Acce #rohibition fro< #ublic line%$Acce #rohibition fro< #ublic line%$Acce #rohibition fro< #ublic line%$Acce #rohibition fro< #ublic line%

!hi or"anizational ecurit #olic #rohibit bein" accee3 to a tore3 3ata in a client BC

an3 a erer e@itin" in internal networ; or a "eneral 3ata flowin" on internal networ; fro<

#ublic line ia the #ort of a@ #ublic line on a@ unit intalle3 to MB!hi <ean that co<<unication. li;e re<ote 3ia"notic function or ille"al o#eration

co<<an3. e@ce#t i<a"e 3ata which i ent fro< #ublic line networ; an3 forwar3e3 to

internal networ; ia the #ort of a@ #ublic line of MB i not forwar3e3 to internal networ;.

een thou"h a@ unit i intalle3 on MB at the reIuet of the or"anization

'A-C'(!'* #rohibit the acce to the 3ata e@itin" in internal networ; inclu3in" a

"eneral 3ata fro< #ublic line ia the a@ #ublic line #ortal

Alo. ',A-U()! i re"ulate3 to intall a@ unit which i the o#tional #art on MB b

erice en"ineer. o that 'A-C'(!'* i u##orte3

Accor3in"l. thi or"anizational ecurit #olic i achiee3





33 / 112

5555 ,@ten3e3 Co<#onent :efinition

51515151 ,@ten3e3 unction Co<#onent

)n thi S!. three e@ten3e3 function co<#onent are 3efine3 !he neceit of each ecurit

function reIuire<ent an3 the reaon of the labelin" 3efinition are 3ecribe3

A:)B1A:)B1A:)B1A:)B1

!hi i the ecurit function reIuire<ent for the #rotection of the re<ainin" infor<ation of

uer 3ata an3 !S 3ata

(eceit of e@tenion

!he re"ulation for the #rotection of the !S 3ata re<ainin" infor<ation i necear +ut

the ecurit function reIuire<ent to e@#lain the #rotection of the re<ainin" infor<ation

e@it onl in :B)B1 for the uer 3ata !here i no ecurit function reIuire<ent to

atif thi reIuire<ent

eaon for a##lie3 cla $A:%

!here i no reIuire<ent to e@#lain both of the uer 3ata an3 the !S 3ata with no

3itinction !herefore. new Cla wa 3efine3

eaon for a##lie3 fa<il $)B%

A thi i the e@tenion u# to the !S 3ata b uin" the content e@#laine3 b the releant

fa<il of :B cla. the a<e label of thi fa<il wa a##lie3

))))!CAB1!CAB1!CAB1!CAB1

!hi i the ecurit function reIuire<ent for re"ulatin" the necear abilit for !', to ue

effectiel the ecurit function of the e@ternal entit. )! eniron<ent

(eceit of e@tenion

)n cae of !', uin" the e@ternal ecurit function. the e@ternal ecurit function to be

urel ecure i i<#ortant. but !', abilit to #roi3e i er i<#ortant in or3er to ue

correctl the e@ternal ecurit function +ut there i no conce#t a thi reIuire<ent in the

ecurit function reIuire<ent

eaon for a##lie3 cla $)!%

!here i no uch conce#t in CC #art 2 !herefore. new Cla wa 3efine3

eaon for a##lie3 fa<il $CAB1%

A i<ilar to cla. there i no uch conce#t in CC #art 2 !herefore. new a<il wa3efine3

511511511511 A:)B1 :efinition

ClaClaClaCla nananana<e<e<e<e

A: Brotection of all 3ata

Meanin" of abbreiation A: $unctional reIuire<ent for All :ata #rotection%

ClaClaClaCla behaiorbehaiorbehaiorbehaior

!hi cla contain a fa<il #ecifin" the reIuire<ent relate3 with the #rotection of the uer3ata an3 the !S 3ata with no 3itinction 'ne fa<il e@it here





34 / 112

- ei3ual )nfor<ation Brotection of All :ata $A:)B%O

a<ila<ila<ila<il behaiorbehaiorbehaiorbehaior

!hi fa<il corre#on3 to the neceit neer to acce the 3elete3 3ata or newl create3

obHect an3 !S 3ata which houl3 not et a acceible !hi fa<il reIuire the #rotection for

the infor<ation that wa 3elete3 or releae3 lo"icall but ha a #oibilit to e@it till in

!',

Co<#onentCo<#onentCo<#onentCo<#onent leelin"leelin"leelin"leelin"

A:)B1 Dei3ual )nfor<ation Brotection of All :ata after the e@#licit 3eletion o#erationD

reIuire of !S to aure that the ubet of the 3efine3 obHect controlle3 b !S cannot

utilize an re<ainin" infor<ation of eer reource un3er the allocation of reource or the

releae of it

Au3it Au3it Au3it Au3it A:)B1

!he ue of the uer i3entification infor<ation with the e@#licit 3eletion o#eration

Mana"e<entMana"e<entMana"e<entMana"e<ent A:)B1

(o e@#ecte3 <ana"e<ent actiit

FAD_RIP.1eeeei3uali3uali3uali3ual )nfor<ation)nfor<ation)nfor<ation)nfor<ation BrotectionBrotectionBrotectionBrotection of of of of All All All All :ata:ata:ata:ata afterafterafterafter thethethethe e@#licite@#licite@#licite@#licit 3eletion3eletion3eletion3eletiono#erationo#erationo#erationo#eration

FAD_RIP.1.1

!S hall enure that the content of the infor<ation allocate3 to ource before hall not be aailable

after the e@#licit 3eletion o#eration a"aint the obHect an3 !S 3ata Lai"n<ent lit of obHect an3 lit

of !S 3ata

ierarchical to (o other co<#onent

:e#en3encie (o 3e#en3encie

512512512512 )!CAB1 :efinition

ClaClaClaCla na<ena<ena<ena<e

)! Su##ort for )! eniron<ent entitMeanin" of abbreiation )! $unctional reIuire<ent for )! eniron<ent u##ort%

ClaClaClaCla behaiorbehaiorbehaiorbehaior

!hi cla contain a fa<il #ecifin" the reIuire<ent relate3 with the ue of the ecurit

erice #roi3e3 b )! eniron<ent entit 'ne fa<il e@it here

- Ue of )! eniron<ent entit $)!CAB%O

a<ila<ila<ila<il behaiorbehaiorbehaiorbehaior

!hi fa<il corre#on3 to the ca#abilit 3efinition for !', at the ue of ecurit function of)! eniron<ent entit

A:)B ei3ual )nfor<ation Brotection of All :ata 1







36 / 112

6666 )! Securit eIuire<ent

)n thi cha#ter. the !', ecurit reIuire<ent are 3ecribe3

8888:efinition:efinition:efinition:efinition of of of of *abel*abel*abel*abel9999

!he ecurit function reIuire<ent reIuire3 for the !', are 3ecribe3 !hoe re"ulate3 in CC

Bart 2 will be 3irectl ue3 for the functional reIuire<ent co<#onent. an3 the a<e label will

be ue3 a well !he new a33itional reIuire<ent which i not 3ecribe3 in CC #art 2 i newl

etablihe3 an3 i3entifie3 with the label that 3oenJt co<#ete with CC #art 2

8888 Metho3Metho3Metho3Metho3 of of of of #ecifin"#ecifin"#ecifin"#ecifin" ecuritecuritecuritecurit functionfunctionfunctionfunction reIuire<entreIuire<entreIuire<entreIuire<ent DDDD'#eration'#eration'#eration'#erationDDDD 9999

)n the followin" 3ecri#tion. when ite< are in3icate3 in DitalicD an3 Dbol3.D it <ean that the

are ai"ne3 or electe3 When ite< are in3icate3 in DitalicD an3 Dbol3D with #arenthei ri"ht

after the un3erline3 ori"inal entence. it <ean that the un3erline3 entence are refine3 A

nu<ber in the #arenthee after a label <ean that the functional reIuire<ent i ue3

re#eate3l

8888Metho3Metho3Metho3Metho3 of of of of clearclearclearclear in3iin3iin3iin3icationcationcationcation of of of of 3e#en3enc3e#en3enc3e#en3enc3e#en3enc9999

!he label in the #arenthee D$ %D in the 3e#en3ent ection in3icate a label for the ecurit

functional reIuire<ent ue3 in thi S! When it i a 3e#en3enc that i not reIuire3 to be ue3

in thi S!. it i 3ecribe3 a D(/AD in the a<e #arenthee

61616161 !', Securit eIuire<ent

611611611611 !', Securit unctional eIuire<ent

6111611161116111 Cr#to"ra#hic Su##ort

FCS_CKM.1 Cr#to"ra#hicCr#to"ra#hicCr#to"ra#hicCr#to"ra#hic ;e;e;e;e "eneration"eneration"eneration"eneration

FCS_CKM.1.1

!he !S hall "enerate cr#to"ra#hic ;e in accor3ance with a #ecifie3 cr#to"ra#hic ;e "eneration

al"orith< Lai"n<ent cr#to"ra#hic ;e "eneration al"orith< an3 #ecifie3 cr#to"ra#hic ;e ize

Lai"n<ent cr#to"ra#hic ;e ize that <eet the followin" Lai"n<ent lit of tan3ar3

Lai"n<ent lit of tan3ar3 *ite3 *ite3 *ite3 *ite3 in in in in D DD D!able !able !able !able2 22 2 Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic ;e ;e ;e ;e "eneration "eneration "eneration "eneration

elation elation elation elation of of of of Stan3ar3 Stan3ar3 Stan3ar3 Stan3ar3 - -- -Al"orith< Al"orith< Al"orith< Al"orith<- -- -&e &e &e &e ize ize ize izeD DD D

Lai"n<ent cr#to"ra#hic ;e "eneration al"orith<

*ite3 *ite3 *ite3 *ite3 in in in in D DD D!able !able !able !able2 22 2 Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic ;e ;e ;e ;e "eneration "eneration "eneration "eneration

elation elation elation elation of of of of Stan3ar3 Stan3ar3 Stan3ar3 Stan3ar3 - -- -Al"orith Al"orith Al"orith Al"orith< << <- -- -&e &e &e &e ize ize ize izeD DD D

Lai"n<ent cr#to"ra#hic ;e ize

*ite3 *ite3 *ite3 *ite3 in in in in D DD D!able2 !able2 !able2 !able2 Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic ;e ;e ;e ;e "eneration "eneration "eneration "eneration

elation elation elation elation of of of of Stan3ar3 Stan3ar3 Stan3ar3 Stan3ar3 - -- -Al"orith< Al"orith< Al"orith< Al"orith<- -- -&e &e &e &e ize ize ize izeD DD D


:e#en3encie CSC&M2 or CSC'B1 $CSC'B1%. CSC&MF $(/A%





37 / 112

!able!able!able!able 2222 Cr#to"raCr#to"raCr#to"raCr#to"ra####hichichichic &e&e&e&e GenerationGenerationGenerationGeneration elationelationelationelation of of of of Stan3ar3Stan3ar3Stan3ar3Stan3ar3----Al"orith< Al"orith< Al"orith< Al"orith<----&e&e&e&e izeizeizeize

*it of Stan3ar3 Cr#to"ra#hic &e Generation Al"orith< Cr#to"ra#hic &e ize

)BS )BS )BS )BS 176 176 176 176- -- -2 22 2 B BB Beu3oran3o< eu3oran3o< eu3oran3o< eu3oran3o< nu<ber nu<ber nu<ber nu<ber Generation Generation Generation Generation A AA Al"orith< l"orith< l"orith< l"orith< - -- - 127 127 127 127 bit bit bit bit

- -- - 1=2 1=2 1=2 1=2 bit bit bit bit

- -- - 167 167 167 167 bit bit bit bit

- -- - 256 256 256 256 bit bit bit bit

&onica Minolta &onica Minolta &onica Minolta &onica Minolta

,ncr#tion ,ncr#tion ,ncr#tion ,ncr#tion

#ecification #ecification #ecification #ecification tan3ar3 tan3ar3 tan3ar3 tan3ar3

&onica Minolta &onica Minolta &onica Minolta &onica Minolta :: :: :: :: ,ncr#tion ,ncr#tion ,ncr#tion ,ncr#tion &e &e &e &e Generation Generation Generation Generation

Al"orith< Al"orith< Al"orith< Al"orith<

- -- - 127127127127 bit bit bit bit

FCS_COP.1 Cr#to"ra#hicCr#to"ra#hicCr#to"ra#hicCr#to"ra#hic o#erationo#erationo#erationo#eration

FCS_COP.1.1

!he !S hall #erfor< Lai"n<ent lit of Cr#to"ra#hic o#eration in accor3ance with a #ecifie3

cr#to"ra#hic al"orith< Lai"n<ent cr#to"ra#hic al"orith< an3 cr#to"ra#hic ;e izeLai"n<ent cr#to"ra#hic ;e ize that <eet the followin" Lai"n<ent lit of tan3ar3

Lai"n<ent lit of tan3ar3

*ite3 *ite3 *ite3 *ite3 in in in in D DD D!able !able !able !able Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic o#eration o#eration o#eration o#eration

elation elation elation elation of of of of Al"orith< Al"orith< Al"orith< Al"orith<- -- -&e &e &e &e ize ize ize ize- -- -Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic o#eration o#eration o#eration o#erationD DD D

Lai"n<ent cr#to"ra#hic al"orith<



Lai"n<ent cr#to"ra#hic ;e ize



Lai"n<ent lit of cr#to"ra#hic o#eration

*ite3 *ite3 *ite3 *ite3 in in in in D DD D!able !able !able !able Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic o#eration o#eration o#eration o#erationelation elation elation elation of of of of Al"orith< Al"orith< Al"orith< Al"orith<- -- -&e &e &e &e ize ize ize ize- -- -Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic o#eration o#eration o#eration o#erationD DD D


:e#en3encie :B)!C1 or :B)!C2 or CSC&M1 $CSC&M1 $ onl a #art of eent%%.

CSC&MF $(/A%

!able!able!able!able Cr#to"ra#hicCr#to"ra#hicCr#to"ra#hicCr#to"ra#hic '#eration'#eration'#eration'#eration elationelationelationelation of of of of Al"orith< Al"orith< Al"orith< Al"orith<----&e&e&e&e izeizeizeize----Cr#to"ra#hicCr#to"ra#hicCr#to"ra#hicCr#to"ra#hic '#eration'#eration'#eration'#eration

*it of

tan3ar3

Cr#to"ra#hic

Al"orith<

Cr#to"ra#hic

;e ize

Content of Cr#to"ra#hic o#eration

)B )B )B )BS SS S BU+ BU+ BU+ BU+ 1 11 1=R =R =R =R A,S A,S A,S A,S - -- - 127 127 127 127 bit bit bit bit

- -- - 1=2 1=2 1=2 1=2 bit bit bit bit- -- - 256 256 256 256 bit bit bit bit

,ncr#tion ,ncr#tion ,ncr#tion ,ncr#tion of of of of S/ S/ S/ S/M)M, M)M, M)M, M)M, tran<iion tran<iion tran<iion tran<iion 3ata 3ata 3ata 3ata

SB700 SB700 SB700 SB700- -- -6R 6R 6R 6R - -- -& && &e e e e- -- -!ri#le !ri#le !ri#le !ri#le- -- -:,S :,S :,S :,S - -- - 167 167 167 167 bit bit bit bit ,ncr#tion ,ncr#tion ,ncr#tion ,ncr#tion of of of of S/ S/ S/ S/M)M, M)M, M)M, M)M, tran<iion tran<iion tran<iion tran<iion 3ata 3ata 3ata 3ata

)BS )BS )BS )BS 176 176 176 176- -- -2 22 2 SA SA SA SA - -- - 102F 102F 102F 102F bit bit bit bit

- -- - 20F7 20F7 20F7 20F7 bit bit bit bit

- -- - 0R2 0R2 0R2 0R2 bit bit bit bit

- -- - F0=6 F0=6 F0=6 F0=6 bit bit bit bit

,ncr#tion ,ncr#tion ,ncr#tion ,ncr#tion of of of of cr#to"ra#hic cr#to"ra#hic cr#to"ra#hic cr#to"ra#hic ;e ;e ;e ;e to to to to e ee encr#t ncr#t ncr#t ncr#t

S/ S/ S/ S/M)M, M)M, M)M, M)M, tran<iion tran<iion tran<iion tran<iion 3ata 3ata 3ata 3ata





38 / 112

6112611261126112 Uer :ata Brotection

FDP_ACC.1[1] SubetSubetSubetSubet acceacceacceacce controlcontrolcontrolcontrol

FDP_ACC.1.1[1]!he !S hall enforce the Lai"n<ent acce control SB on Lai"n<ent lit of ubHect. obHect. an3

o#eration a<on" ubHect an3 obHect coere3 b the SB

Lai"n<ent lit of ubHect. obHect. an3 o#eration a<on" ubHect an3 obHect coere3 b the SB

*ite3 *ite3 *ite3 *ite3 in in in in D DD D!able !able !able !ableF FF F Uer Uer Uer Uer bo@ bo@ bo@ bo@ acce acce acce acce control control control control o#erational o#erational o#erational o#erational lit lit lit lit D DD D

Lai"n<ent acce control SB

Uer Uer Uer Uer +o@ +o@ +o@ +o@ acce acce acce acce control control control control


:e#en3encie :BAC1 $:BAC1L1%

!able!able!able!able FFFF UerUerUerUer +o@+o@+o@+o@ Acce Acce Acce Acce ControlControlControlControl '#erational'#erational'#erational'#erational *it*it*it*it

SubHect 'bHect '#erational *it

Uer Uer Uer Uer +o@ +o@ +o@ +o@ - -- - *it *it *it *it A AA A ta; ta; ta; ta; to to to to act act act act for for for for a aa a uer uer uer uer

Uer Uer Uer Uer +o@ +o@ +o@ +o@ ile ile ile ile - -- - Brint Brint Brint Brint

- -- - !ran<iion !ran<iion !ran<iion !ran<iion $, $, $, $,- -- -<ail <ail <ail <ail tran<iion.tran<iion.tran<iion.tran<iion. !B !B !B !B tran<iion.tran<iion.tran<iion.tran<iion.

SM+ SM+ SM+ SM+ tran<iion tran<iion tran<iion tran<iion.... A A A A tran<iion tran<iion tran<iion tran<iion an3 an3 an3 an3 Web:A4 Web:A4 Web:A4 Web:A4

tran<iion tran<iion tran<iion tran<iion% %% %

- -- - :ownloa3 :ownloa3 :ownloa3 :ownloa3

- -- - Moe Moe Moe Moe to to to to other other other other uer uer uer uer bo@e bo@e bo@e bo@e

- -- - Co# Co# Co# Co# to to to to other other other other uer uer uer uer bo@e bo@e bo@e bo@e

- -- - Co# toCo# toCo# toCo# to e@ternal e@ternal e@ternal e@ternal <e<or <e<or <e<or <e<or

- -- - +ac;u# +ac;u# +ac;u# +ac;u#


FDP_ACC.1.1[2]

!he !S hall enforce the Lai"n<ent acce control SB on Lai"n<ent lit of ubHect. obHect. an3

o#eration a<on" ubHect an3 obHect coere3 b the SB


*ite3 *ite3 *ite3 *ite3 in in in in D DD D!able !able !able !able 5 55 5 Secure Secure Secure Secure #rint #rint #rint #rint file file file file acce acce acce acce control control control control o#erational o#erational o#erational o#erational li li li lit tt tD DD D


Secure Secure Secure Secure #rint #rint #rint #rint fi fi fi file le le le acce acce acce acce control control control control


:e#en3encie :BAC1 $:BAC1L2%

!able!able!able!able 5555 SecureSecureSecureSecure BrintBrintBrintBrint ileileileile Acce Acce Acce Acce ControlControlControlControl '#erational'#erational'#erational'#erational *it*it*it*it

SubHect 'bHect '#erational lit

A AA A ta; ta; ta; ta; to to to to act act act act for for for for a aa a uer uer uer uer Secure Secure Secure Secure Brin Brin Brin Brint tt t ile ile ile ile - -- - *it *it *it *it

- -- - Brint Brint Brint Brint

- -- - +ac; +ac; +ac; +ac;- -- -U UU U# ## #


FDP_ACC.1.1[3]

!he !S hall enforce the Lai"n<ent acce control SB on Lai"n<ent lit of ubHect. obHect. an3o#eration a<on" ubHect an3 obHect coere3 b the SB






39 / 112

*ite3 *ite3 *ite3 *ite3 in in in in D DD D!able6 !able6 !able6 !able6 Settin" Settin" Settin" Settin" <ana"e<ent <ana"e<ent <ana"e<ent <ana"e<ent acce acce acce acce control control control control o#erational o#erational o#erational o#erational lit lit lit litD DD D


Settin" Settin" Settin" Settin" <ana"e<ent <ana"e<ent <ana"e<ent <ana"e<ent acce acce acce acce control control control control


:e#en3encie :BAC1 $:BAC1L%

!able!able!able!able 6666 Settin"Settin"Settin"Settin" Mana"e<entMana"e<entMana"e<entMana"e<ent Acce Acce Acce Acce ControlControlControlControl '#erational'#erational'#erational'#erational *it*it*it*it


A AA A ta; ta; ta; ta; to to to to act act act act for for for for a aa a uer uer uer uer - -- - SM!B SM!B SM!B SM!B Serer Serer Serer Serer Grou# Grou# Grou# Grou# 'bHect 'bHect 'bHect 'bHect

- -- - :(S :(S :(S :(S Serer Serer Serer Serer Grou# Grou# Grou# Grou# 'bHect 'bHect 'bHect 'bHect

- -- - MB MB MB MB A33re A33re A33re A33re Grou# Grou# Grou# Grou# 'bHect 'bHect 'bHect 'bHect 7 77 7

- -- - BC BC BC BC- -- -A A A A rece#tion rece#tion rece#tion rece#tion ettin" ettin" ettin" ettin" 'bHect 'bHect 'bHect 'bHect

- -- - !ran< !ran< !ran< !ran<iion A33re iion A33re iion A33re iion A33re :ata 'bHect :ata 'bHect :ata 'bHect :ata 'bHect

- -- - Settin" Settin" Settin" Settin"

- -- - etore etore etore etore

FDP_ACC.1[4] Subet acce controlSubet acce controlSubet acce controlSubet acce control

FDP_ACC.1.1[4]!he !S hall enforce the Lai"n<ent acce control SB on Lai"n<ent lit of ubHect. obHect. an3

o#eration a<on" ubHect an3 obHect coere3 b SB

Lai"n<ent lit of ubHect. obHect. an3 o#eration a<on" ubHect an3 obHect coere3 b SB

*ite3 in*ite3 in*ite3 in*ite3 in D DD D!ableR!ableR!ableR!ableR ): N #rint ): N #rint ): N #rint ): N #rint filefilefilefile A AA Accecceccecce C CC Control o#erational lit ontrol o#erational lit ontrol o#erational lit ontrol o#erational litD DD D


): N #rint ): N #rint ): N #rint ): N #rint file acce control file acce control file acce control file acce control


:e#en3encie :BAC1 $:BAC1LF%

!able!able!able!able RRRR ): N): N): N): N BBBBrintrintrintrint filefilefilefile Acce Control '#erational *it Acce Control '#erational *it Acce Control '#erational *it Acce Control '#erational *it


A ta; to act for a uer A ta; to act for a uer A ta; to act for a uer A ta; to act for a uer ): N #rint ): N #rint ): N #rint ): N #rint ile ile ile ile - -- - *it *it *it *it

- -- - Brint Brint Brint Brint

- -- - + ++ +ac;u# ac;u# ac;u# ac;u#

FDP_ACF.1[1] SecuritSecuritSecuritSecurit attributeattributeattributeattribute bae3bae3bae3bae3 acceacceacceacce controlcontrolcontrolcontrol

FDP_ACF.1.1[1]

!he !S hall enforce the Lai"n<ent acce control SB to obHect bae3 on the followin" Lai"n<ent

lit of ubHect an3 obHect controlle3 un3er the in3icate3 SB. an3 for each. the SB-releant ecurit

attribute. or na<e3 "rou# of SB-releant ecurit attribute

Lai"n<ent lit of ubHect an3 obHect controlle3 un3er the in3icate3 SB. an3 for each. the

SB-releant ecurit attribute. or na<e3 "rou# of SB-releant ecurit attribute

8 88 8SubHect SubHect SubHect SubHect9 99 9 8 88 8SubHect SubHect SubHect SubHect attribute attribute attribute attribute9 99 9

- -- - A AA A ta; ta; ta; ta; to to to to act act act act for for for for a aa a uer uer uer uer - -- - Uer Uer Uer Uer Attribute Attribute Attribute Attribute $ $$ $Uer Uer Uer Uer ): ): ): ):% %% %

- -- - Account Account Account Account (a<e (a<e (a<e (a<e $Account $Account $Account $Account ):% ):% ):% ):%

- -- - Uer Uer Uer Uer +o@ +o@ +o@ +o@ Attribute Attribute Attribute Attribute $ $$ $Uer Uer Uer Uer +o@ +o@ +o@ +o@ ): ): ): ):% %% %

- -- - A3<initrator A3<initrator A3<initrator A3<initrator Attribute Attribute Attribute Attribute

- -- ---------------------------------------------------------------------------------------------------------------------------------------------- --------------------------------------------------------------------------------------------------------------------------------------------- --------------------------------------------------------------------------------------------------------------------------------------------- ---------------------------------------------------------------------------------------------------------------------------------------------

8 88 8'bHect 'bHect 'bHect 'bHect9 99 9 8 88 8'bHect 'bHect 'bHect 'bHect attribute attribute attribute attribute9 99 9

- -- - Uer Uer Uer Uer +o@ +o@ +o@ +o@ - -- - Uer Uer Uer Uer Attribute Attribute Attribute Attribute $ $$ $Uer Uer Uer Uer ): ): ): ): or or or or Bublic Bublic Bublic Bublic or or or or Account Account Account Account ): ): ): ):% %% %

- -- - Uer Uer Uer Uer +o@ +o@ +o@ +o@ ile ile ile ile - -- - Uer Uer Uer Uer +o@ +o@ +o@ +o@ Attribute Attribute Attribute Attribute $ $$ $Uer Uer Uer Uer +o@ +o@ +o@ +o@ ): ): ): ):% %% %


8 !he MB a33re "rou# obHect i a erie of 3ata concernin" the a33re of the <ain bo3 of MB uch a )B

a33re an3 the A##letal; #rinter na<e





40 / 112

Uer Uer Uer Uer +o@ +o@ +o@ +o@ acce acce acce acce control control control control

FDP_ACF.1.2[1]

!he !S hall enforce the followin" rule to 3eter<ine if an o#eration a<on" controlle3 ubHect an3

controlle3 obHect i allowe3 Lai"n<ent rule "oernin" acce a<on" controlle3 ubHect an3

controlle3 obHect uin" controlle3 o#eration on controlle3 obHect

Lai"n<ent rule "oernin" acce a<on" controlle3 ubHect an3 controlle3 obHect uin" controlle3

o#eration on controlle3 obHect 8 88 8'#eration '#eration '#eration '#eration control control control control to to to to B BB Beronal eronal eronal eronal uer uer uer uer bo@ bo@ bo@ bo@9 99 9

A AA A ta; ta; ta; ta; to to to to act act act act for for for for a aa a uer uer uer uer i i i i #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to 3o 3o 3o 3o the the the the lit lit lit lit 3i#la 3i#la 3i#la 3i#la o#eration o#eration o#eration o#eration to to to to the the the the uer uer uer uer bo@ bo@ bo@ bo@ with with with with the the the the uer uer uer uer

attribute attribute attribute attribute of of of of an an an an obHect obHect obHect obHect attribute attribute attribute attribute corre#on3in" corre#on3in" corre#on3in" corre#on3in" to to to to the the the the uer uer uer uer attribute attribute attribute attribute $u $u $u $uer er er er ):% ):% ):% ):% of of of of the the the the ubHect ubHect ubHect ubHect attributeattributeattributeattribute

8 88 8'#eration '#eration '#eration '#eration control control control control to to to to Grou# Grou# Grou# Grou# uer uer uer uer bo@ bo@ bo@ bo@9 99 9

A AA A ta; ta; ta; ta; to to to to act act act act for for for for a aa a uer uer uer uer i i i i #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to 3o 3o 3o 3o the the the the lit lit lit lit 3i#la 3i#la 3i#la 3i#la o#eration o#eration o#eration o#eration to to to to the the the the uer uer uer uer bo@ bo@ bo@ bo@ with with with with the the the the Account Account Account Account

(a<e (a<e (a<e (a<e of of of of an an an an ob ob ob obHect Hect Hect Hect attribute attribute attribute attribute corre#on3in" corre#on3in" corre#on3in" corre#on3in" to to to to the the the the Account Account Account Account (a<e (a<e (a<e (a<e $ $$ $account account account account ):% ):% ):% ):% of of of of the the the the ubHect ubHect ubHect ubHect attributeattributeattributeattribute

8 88 8'#eration '#eration '#eration '#eration control control control control to to to to Bublic Bublic Bublic Bublic uer uer uer uer bo@ bo@ bo@ bo@9 99 9

A AA A ta; ta; ta; ta; to to to to act act act act for for for for the the the the uer uer uer uer who who who who i i i i relate3 relate3 relate3 relate3 to to to to the the the the uer uer uer uer attribute attribute attribute attribute $uer $uer $uer $uer ):% ):% ):% ):% i i i i #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to 3o 3o 3o 3o the the the the lit lit lit lit

3i#la 3i#la 3i#la 3i#la o#eration o#eration o#eration o#eration to to to to the the the the uer uer uer uer bo@ bo@ bo@ bo@ where where where where D DD DBublic Bublic Bublic BublicD DD D i i i i et et et et to to to to the the the the uer uer uer uer attribute attribute attribute attribute of of of of the the the the obH obH obH obHect ect ect ect attributeattributeattributeattribute

8 88 8'#erational '#erational '#erational '#erational control control control control to to to to Uer Uer Uer Uer bo@ bo@ bo@ bo@ file file file file9 99 9

A AA A ta; ta; ta; ta; to to to to act act act act for for for for a aa a uer uer uer uer i i i i #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to #rint #rint #rint #rint.... tran<it tran<it tran<it tran<it $, $, $, $,- -- -<ail <ail <ail <ail tran<iion.tran<iion.tran<iion.tran<iion. !B !B !B !B tran<iion.tran<iion.tran<iion.tran<iion. SM+ SM+ SM+ SM+

tran<iion tran<iion tran<iion tran<iion.... A A A A tran<iion tran<iion tran<iion tran<iion an3 an3 an3 an3 Web:A4 Web:A4 Web:A4 Web:A4 tran<iion tran<iion tran<iion tran<iion%. %. %. %. 3ownloa3.3ownloa3.3ownloa3.3ownloa3. <oe <oe <oe <oe to to to to other other other other uer uer uer uer bo@e bo@e bo@e bo@e....

co# co# co# co# to to to to the the the the other other other other uer uer uer uer bo@e bo@e bo@e bo@e an3 co# toan3 co# toan3 co# toan3 co# to e@ternal e@ternal e@ternal e@ternal <e<or <e<or <e<or <e<or.... to to to to the the the the uer uer uer uer bo@ bo@ bo@ bo@ file file file file that that that that hae hae hae hae the the the the <atche3 <atche3 <atche3 <atche3

the the the the uer uer uer uer bo@ bo@ bo@ bo@ attribute attribute attribute attribute $uer $uer $uer $uer bo@ bo@ bo@ bo@ ):% ):% ):% ):% of of of of the the the the obHect obHect obHect obHect attribute attribute attribute attribute with with with with the the the the uer uer uer uer bo@ bo@ bo@ bo@ attribute attribute attribute attribute of of of of the the the the ubHect ubHect ubHect ubHect

attributeattributeattributeattribute

FDP_ACF.1.3[1]

!he !S hall e@#licitl authorie acce of ubHect to obHect bae3 on the followin" a33itional rule

Lai"n<ent rule. bae3 on ecurit attribute. that e@#licitl authorie acce of ubHect to obHect


- -- - A AA A ta; ta; ta; ta; to to to to act act act act for for for for the the the the uer uer uer uer that that that that ha ha ha ha an an an an a3<initrator a3<initrator a3<initrator a3<initrator attribute attribute attribute attribute i i i i #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to o#erate o#erate o#erate o#erate 3i#lain" 3i#lain" 3i#lain" 3i#lain" of of of of uer uer uer uer

bo@ bo@ bo@ bo@ litlitlitlit

- -- - A AA A ta; ta; ta; ta; to to to to act act act act for for for for the the the the uer uer uer uer that that that that ha ha ha ha an an an an a3<initrator a3<initrator a3<initrator a3<initrator attribute attribute attribute attribute i i i i #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to o#erate o#erate o#erate o#erate the the the the bac; bac; bac; bac;- -- -u# u# u# u# the the the the

uer uer uer uer bo@ bo@ bo@ bo@ file file file file

FDP_ACF.1.4[1]

!he !S hall e@#licitl 3en acce of ubHect to obHect bae3 on the followin" a33itional rule

Lai"n<ent rule. bae3 on ecurit attribute that e@#licitl 3en acce of ubHect to obHect

Lai"n<ent rule. bae3 on ecurit attribute. that e@#licitl 3en acce of ubHect to obHect

(one (one (one (one


:e#en3encie :BACC1 $:BACC1L1% . M!MSA $M!MSAL1. M!MSAL%

FDP_ACF.1[2] SecuriSecuriSecuriSecuritttt attributeattributeattributeattribute bae3bae3bae3bae3 acceacceacceacce controlcontrolcontrolcontrol

FDP_ACF.1.1[2]


lit of ubHect an3 obHect controlle3 un3er the in3icate3 SB. an3 for each. the SB-releant ecurit


Lai"n<ent lit of ubHect an3 obHect controlle3 un3er the in3icate3 SB. an3 for each. the SB-releant

ecurit attribute. or na<e3 "rou# of SB-releant ecurit attribute


- -- - A ta; to act for a uer A ta; to act for a uer A ta; to act for a uer A ta; to act for a uer - -- - ile ile ile ile attribute attribute attribute attribute $ $$ $Secure Secure Secure Secure #rint #rint #rint #rint internal internal internal internal control control control control ): ): ): ):% %% %

- -- - Uer Uer Uer Uer attribute attribute attribute attribute $ $$ $Uer Uer Uer Uer ): ): ): ):% %% %

- -- - A3<initrator A3<initrator A3<initrator A3<initrator attribute attribute attribute attribute

---------------------------------------------------- ---------------------------------------------------- ---------------------------------------------------- ---------------------------------------------------------------------------------------------------------------------------------------------- ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------8 88 8'bHect 'bHect 'bHect 'bHect9 99 9 8 88 8'bHect 'bHect 'bHect 'bHect attribute attribute attribute attribute9 99 9

- -- - Secure Secure Secure Secure #rint #rint #rint #rint file file file file - -- - ile ile ile ile attribute attribute attribute attribute $ $$ $Secure Secure Secure Secure #rint #rint #rint #rint internal internal internal internal control control control control ): ): ): ):% %% %





41 / 112


Secure Secure Secure Secure #rint #rint #rint #rint file file file file acce acce acce acce control control control control

FDP_ACF.1.2[2]


controlle3 obHect i allowe3 Lai"n<ent rule "oernin" acce a<on" controlle3 ubHect an3 controlle3

obHect uin" controlle3 o#eration on controlle3 obHect

Lai"n<ent rule "oernin" acce a<on" controlle3 ubHect an3 controlle3 obHect uin" controlle3o#eration on controlle3 obHect

- -- - A AA A ta; ta; ta; ta; to to to to act act act act for for for for a aa a uer uer uer uer who who who who ha ha ha ha a aa a uer uer uer uer attribute attribute attribute attribute $uer $uer $uer $uer ):% ):% ):% ):% i i i i #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to 3i#la 3i#la 3i#la 3i#la the the the the lit lit lit lit of of of of all all all all the the the the ecure ecure ecure ecure

#rint #rint #rint #rint filefilefilefile

- -- - A AA A ta; ta; ta; ta; to to to to act act act act for for for for a aa a uer uer uer uer who who who who ha ha ha ha the the the the file file file file attribute attribute attribute attribute $the $the $the $the ecure ecure ecure ecure #rint #rint #rint #rint internal internal internal internal control control control control ):% ):% ):% ):% i i i i #er<itte3 #er<itte3 #er<itte3 #er<itte3 the the the the

#rint #rint #rint #rint o#eration o#eration o#eration o#eration to to to to the the the the ecure ecure ecure ecure #rint #rint #rint #rint file file file file that that that that ha ha ha ha <atch <atch <atch <atche3 e3 e3 e3 the the the the file file file file attribute attribute attribute attribute $ $$ $ecure ecure ecure ecure #rint #rint #rint #rint internal internal internal internal control control control control

):% ):% ):% ):% with with with with the the the the file file file file attribute attribute attribute attribute $ecure $ecure $ecure $ecure #rint #rint #rint #rint internal internal internal internal control control control control ):%):%):%):%

FDP_ACF.1.3[2]




A AA A ta; ta; ta; ta; to to to to act act act act for for for for a aa a uer uer uer uer who who who who ha ha ha ha an an an an a3<initrato a3<initrato a3<initrato a3<initrator rr r attribute attribute attribute attribute i i i i #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to bac; bac; bac; bac; u# u# u# u# ecure ecure ecure ecure #rint #rint #rint #rint filefilefilefile

FDP_ACF.1.4[2]!he !S hall e@#licitl 3en acce of ubHect to obHect bae3 on the followin" a33itional rule



(one (one (one (one


:e#en3encie :BACC1 $:BACC1L2% . M!MSA $M!MSAL2%

FDP_ACF.1[3] SecuritSecuritSecuritSecurit attributeattributeattributeattribute bae3bae3bae3bae3 acceacceacceacce controlcontrolcontrolcontrol

FDP_ACF.1.1[3]


lit of ubHect an3 obHect controlle3 un3er the in3icate3 SB. an3 for each. the SB-releant ecuritattribute. or na<e3 "rou# of SB-releant ecurit attribute

Lai"n<ent lit of ubHect an3 obHect controlle3 un3er the in3icate3 SB. an3 for each. the



- -- - A ta; to act for a uer A ta; to act for a uer A ta; to act for a uer A ta; to act for a uer - -- - A3<initrator A3<initrator A3<initrator A3<initrator attribute attribute attribute attribute

----------------------------------------------------------------------------------------------------------------------- ----------------------------------------------------------------------------------------------------------------------- ----------------------------------------------------------------------------------------------------------------------- ---------------------------------------------------------------------------------------------------------------------------------------------- ----------------------- ----------------------- -----------------------

8 88 8'bHect 'bHect 'bHect 'bHect9 99 9

- -- - SM!B SM!B SM!B SM!B erer erer erer erer "rou# "rou# "rou# "rou# obHect obHect obHect obHect

- -- - :(S :(S :(S :(S erer erer erer erer "rou# "rou# "rou# "rou# obHect obHect obHect obHect

- -- - MB MB MB MB a33re a33re a33re a33re "rou# "rou# "rou# "rou# obHect obHect obHect obHect

- -- - BC BC BC BC- -- -A A A A rece#tionrece#tionrece#tionrece#tion ettin" ettin" ettin" ettin" obHect obHect obHect obHect

- -- - !ran<iion A33re !ran<iion A33re !ran<iion A33re !ran<iion A33re 3ata obHect 3ata obHect 3ata obHect 3ata obHect

K KK K (o (o (o (o 'bHect 'bHect 'bHect 'bHect Attribute Attribute Attribute Attribute


Settin" Settin" Settin" Settin" <ana" <ana" <ana" <ana"e<ent e<ent e<ent e<ent acce acce acce acce control control control control

FDP_ACF.1.2[3]


controlle3 obHect i allowe3 Lai"n<ent rule "oernin" acce a<on" controlle3 ubHect an3


Lai"n<ent rule "oernin" acce a<on" controlle3 ubHect an3 controlle3 obHect uin" controlle3

o#eration on controlle3 obHect

- -- - A AA A ta; ta; ta; ta; act act act act for for for for a aa a uer uer uer uer who who who who ha ha ha ha a aa a a3<initrator a3<initrator a3<initrator a3<initrator attribute attribute attribute attribute i i i i #er<itte3 #er<itte3 #er<itte3 #er<itte3 t tt to oo o et et et et the the the the SM!B SM!B SM!B SM!B erer erer erer erer "rou# "rou# "rou# "rou#

obHec obHec obHec obHect.t.t.t. the the the the :(S :(S :(S :(S erer erer erer erer "rou# "rou# "rou# "rou# obHect obHect obHect obHect.... the the the the MB MB MB MB a33re a33re a33re a33re "rou# "rou# "rou# "rou# obHect obHect obHect obHect.... the the the the BC BC BC BC- -- -A A A A rece#tion rece#tion rece#tion rece#tion ettin" ettin" ettin" ettin"obHect obHect obHect obHect.... an3 the tran<iion a33re an3 the tran<iion a33re an3 the tran<iion a33re an3 the tran<iion a33re 3ata obHect3ata obHect3ata obHect3ata obHect an3 an3 an3 an3 to to to to o#erate o#erate o#erate o#erate the the the the retoration retoration retoration retoration

FDP_ACF.1.3[3]





42 / 112




(one (one (one (one

FDP_ACF.1.4[3]

!he !S hall e@#licitl 3en acce of ubHect to obHect bae3 on the followin" a33itional rule

Lai"n<ent rule. bae3 on ecurit attribute. that e@#licitl 3en acce of ubHect to obHectLai"n<ent rule. bae3 on ecurit attribute. that e@#licitl 3en acce of ubHect to obHect

(one (one (one (one


:e#en3encie :BACC1 $:BACC1L% . M!MSA $(/A%

FDP_ACF.1[4] Securit attribute bae3 acce controlSecurit attribute bae3 acce controlSecurit attribute bae3 acce controlSecurit attribute bae3 acce control

FDP_ACF.1.1[4]


lit of the ubHect an3 obHect controlle3 un3er the in3icate3 SB. an3 for each. SB-releant ecurit


Lai"n<ent lit of the ubHect an3 obHect controlle3 un3er the in3icate3 SB. an3 for each.


8SubHect98SubHect98SubHect98SubHect9 8SubHect attribute9 8SubHect attribute9 8SubHect attribute9 8SubHect attribute9

- -- - A ta; to act for a uer A ta; to act for a uer A ta; to act for a uer A ta; to act for a uer - -- - Uer attribute $uer ):% Uer attribute $uer ):% Uer attribute $uer ):% Uer attribute $uer ):%

- -- - A3<initrator attribute A3<initrator attribute A3<initrator attribute A3<initrator attribute

------------------------------------------------------------ ------------------------------------------------------------ ------------------------------------------------------------ ---------------------------------------------------------------------------------------------------------------------------------------------- ---------------------------------------------------------------------------------- ---------------------------------------------------------------------------------- ----------------------------------------------------------------------------------

8'bHect98'bHect98'bHect98'bHect9 8'bHect attribute9 8'bHect attribute9 8'bHect attribute9 8'bHect attribute9

- -- - ): N #rint ): N #rint ): N #rint ): N #rint filefilefilefile - -- - Uer attribute $uer ):% Uer attribute $uer ):% Uer attribute $uer ):% Uer attribute $uer ):%


): N #rint ): N #rint ): N #rint ): N #rint file acc file acc file acc file acce e e e control control control control

FDP_ACF.1.2[4]

!he !S hall enforce the followin" rule to 3eter<ine if an o#eration a<on" controlle3 ubHect an3controlle3 obHect i allowe3 Lai"n<ent rule "oernin" acce a<on" controlle3 ubHect an3


Lai"n<ent rule "oernin" acce ue3 for controlle3 o#eration to controlle3 obHect a<on" controlle3

ubHect an3 controlle3 obHect

- -- - A ta; A ta; A ta; A ta; to actto actto actto act forforforfor a uer a uer a uer a uer i #er<itte3 t i #er<itte3 t i #er<itte3 t i #er<itte3 toooo lit an3 #rint lit an3 #rint lit an3 #rint lit an3 #rint the the the the ): N): N): N): N #rint #rint #rint #rint file whoe uer attribute of thefile whoe uer attribute of thefile whoe uer attribute of thefile whoe uer attribute of the

obHect attributeobHect attributeobHect attributeobHect attribute are eIual toare eIual toare eIual toare eIual to thoe of the ubHect attribute $uer ):% thoe of the ubHect attribute $uer ):% thoe of the ubHect attribute $uer ):% thoe of the ubHect attribute $uer ):%

FDP_ACF.1.3[4]

!he !S hall e@#licitl authorie acce of ubHect to obHect bae3 on the followin" u##le<ental rule



A ta; A ta; A ta; A ta; to actto actto actto act for a uer with the a3<initrator a for a uer with the a3<initrator a for a uer with the a3<initrator a for a uer with the a3<initrator attribute i #er<itte3 to bac; u#ttribute i #er<itte3 to bac; u#ttribute i #er<itte3 to bac; u#ttribute i #er<itte3 to bac; u# ): N #rint ): N #rint ): N #rint ): N #rint file file file file

FDP_ACF.1.4[4]!he !S hall e@#licitl 3en acce of ubHect to obHect bae3 on the followin" a33itional rule



(one (one (one (one


:e#en3encie :BACC1 $:BACC1LF% . M!MSA $M!MSALF%

FDP_IFC.1 Subet infor<ation flow controlSubet infor<ation flow controlSubet infor<ation flow controlSubet infor<ation flow control

FDP_IFC.1.1

!he !S hall enforce the Lai"n<ent infor<ation flow control SB on Lai"n<ent lit of ubHect.infor<ation. an3 o#eration that caue controlle3 infor<ation to flow to an3 fro< controlle3 ubHect

coere3 b the SB





43 / 112

Lai"n<ent lit of ubHect. infor<ation. an3 o#eration that caue controlle3 infor<ation to flow to an3

fro< controlle3 ubHect coere3 b the SB

8SubHect9 8SubHect9 8SubHect9 8SubHect9

- -- - ece#tion fro< a@ unit ece#tion fro< a@ unit ece#tion fro< a@ unit ece#tion fro< a@ unit

8 88 8) )) )nfor<ation nfor<ation nfor<ation nfor<ation9 99 9

- -- - eceie3 3ata fro< #ubliceceie3 3ata fro< #ubliceceie3 3ata fro< #ubliceceie3 3ata fro< #ublic line line line line

8 88 8' '' '#eration #eration #eration #eration9 99 9- -- - Sen3 to internal networ; Sen3 to internal networ; Sen3 to internal networ; Sen3 to internal networ;

Lai"n<ent infor<ation flow control SB

a@a@a@a@ infor<ation flow control infor<ation flow control infor<ation flow control infor<ation flow control


:e#en3encie :B)1$:B)1%

FDP_IFF.1 Si<#le ecurit attributeSi<#le ecurit attributeSi<#le ecurit attributeSi<#le ecurit attribute

FDP_IFF.1.1

!he !S hall enforce the Lai"n<ent infor<ation flow control SB bae3 on the followin" t#e of

ubHect an3 infor<ation ecurit attribute Lai"n<ent lit of ubHect an3 infor<ation controlle3 un3er

the in3icate3 SB. an3 for each. the ecurit attribute

Lai"n<ent infor<ation flow control SB

a@a@a@a@ infor<ation flow control infor<ation flow control infor<ation flow control infor<ation flow control

Lai"n<ent lit of ubHect an3 infor<ation controlle3 un3er the in3icate3 SB. an3 for each. the

ecurit attribute

8SubHect9 8SubHect9 8SubHect9 8SubHect9

- -- - ece#tion fro< a@ unit ece#tion fro< a@ unit ece#tion fro< a@ unit ece#tion fro< a@ unit

8) 8) 8) 8)nfor<ation nfor<ation nfor<ation nfor<ation9 99 9

- -- - eceie3 3ata fro< #ublic line eceie3 3ata fro< #ublic line eceie3 3ata fro< #ublic line eceie3 3ata fro< #ublic line

8S 8S 8S 8Securit attribute ecurit attribute ecurit attribute ecurit attribute9 99 9

- -- - )<a"e 3ata attribute )<a"e 3ata attribute )<a"e 3ata attribute )<a"e 3ata attribute

- -- - :ata attribute:ata attribute:ata attribute:ata attribute other than other than other than other than i<a"e 3ata i<a"e 3ata i<a"e 3ata i<a"e 3ata

FDP_IFF.1.2!he !S hall #er<it an infor<ation flow between a controlle3 ubHect an3 controlle3 infor<ation ia a

controlle3 o#eration if the followin" rule hol3 Lai"n<ent for each o#eration. the ecurit

attribute-bae3 relationhi# that <ut hol3 between ubHect an3 infor<ation ecurit attribute

Lai"n<ent for each o#eration. the ecurit attribute-bae3 relationhi# that <ut hol3 between ubHect

an3 infor<ation ecurit attribute

: :: :oe notoe notoe notoe not en3 en3 en3 en3 3ata3ata3ata3ata other than other than other than other than i<a"e 3ata receie3 fro< A unit to internal networ; i<a"e 3ata receie3 fro< A unit to internal networ; i<a"e 3ata receie3 fro< A unit to internal networ; i<a"e 3ata receie3 fro< A unit to internal networ;

FDP_IFF.1.3

!he !S hall enforce the Lai"n<ent a33itional infor<ation flow control SB rule

Lai"n<ent a33itional infor<ation flow control SB rule

(one (one (one (one

FDP_IFF.1.4

!he !S hall e@#licitl authorie an infor<ation flow bae3 on the followin" rule Lai"n<ent rule.bae3 on ecurit attribute. that e@#licitl authorie infor<ation flow

Lai"n<ent rule. bae3 on ecurit attribute. that e@#licitl authorie infor<ation flow

(one (one (one (one

FDP_IFF.1.5

!he !S hall e@#licitl 3en an infor<ation flow bae3 on the followin" rule Lai"n<ent rule. bae3

on ecurit attribute. that e@#licitl 3en infor<ation flow

Lai"n<ent rule. bae3 on ecurit attribute. that e@#licitl 3en infor<ation flow

(one (one (one (one


:e#en3encie :B)C1$:B)C1% . M!MSA $(/A%

611611611611 )3entification an3 Authentication





44 / 112

FIA_AFL.1[1] Authentication Authentication Authentication Authentication failurefailurefailurefailure han3lin"han3lin"han3lin"han3lin"

FIA_AFL.1.1[1]

!he !S hall 3etect when Lelection Lai"n<ent #oitie inte"er nu<ber. an a3<initrator

confi"urable #oitie inte"er within Lai"n<ent ran"e of acce#table alue unucceful

authentication atte<#t occur relate3 to Lai"n<ent lit of authentication eent Lai"n<ent lit of authentication eent

- -- - Authentication Authentication Authentication Authentication for for for for accein" accein" accein" accein" the the the the erice erice erice erice <o3e <o3e <o3e <o3e

- -- - e e e e- -- -authentication authentication authentication authentication for for for for chan"in" chan"in" chan"in" chan"in" the the the the C, C, C, C, #awor3 #awor3 #awor3 #awor3

Lelection Lai"n<ent #oitie inte"er nu<ber. an a3<initrator confi"urable #oitie inte"er

within Lai"n<ent ran"e of acce#table alue

Lai"n<ent Lai"n<ent Lai"n<ent Lai"n<ent ran"e ran"e ran"e ran"e of of of of acce#table acce#table acce#table acce#table alue alue alue alue an an an an a3<initrator a3<initrator a3<initrator a3<initrator confi"urable confi"urable confi"urable confi"urable #oitie #oitie #oitie #oitie inte"er inte"er inte"er inte"er within within within within 1 11 1- -- -

FIA_AFL.1.2[1]

When the 3efine3 nu<ber of unucceful authentication atte<#t ha been Lelection <et.

ur#ae3 . the !S hall Lai"n<ent lit of action

Lelection <et. ur#ae3

Met Met Met Met

Lai"n<ent lit of action 8 88 8Action Action Action Action whe whe whe when nn n it it it it i i i i 3etecte3 3etecte3 3etecte3 3etecte39 99 9

- -- - *o" *o" *o" *o" off off off off fro< fro< fro< fro< the the the the authentication authentication authentication authentication tatu tatu tatu tatu of of of of the the the the erice erice erice erice <o3e <o3e <o3e <o3e if if if if it it it it i.i.i.i. an3 an3 an3 an3 loc; loc; loc; loc; the the the the a aa authentication uthentication uthentication uthentication

function function function function which which which which u u u ue e e e the the the the C, C, C, C, #awor3 #awor3 #awor3 #awor3

- -- - )f )f )f )f it it it it not not not not un3er un3er un3er un3er the the the the authentication authentication authentication authentication tatu.tatu.tatu.tatu. loc; loc; loc; loc; the the the the authentication authentication authentication authentication function function function function which which which which ue ue ue ue the the the the C, C, C, C,

#a #a #a #awor3wor3wor3wor3

8 88 8'#eration '#eration '#eration '#eration for for for for recoerin" recoerin" recoerin" recoerin" the the the the nor<al nor<al nor<al nor<al con3ition con3ition con3ition con3ition9 99 9

Berfor< Berfor< Berfor< Berfor< the the the the loc; loc; loc; loc; releae releae releae releae function function function function of of of of C, C, C, C, a aa authentication uthentication uthentication uthentication b b b b #ecific #ecific #ecific #ecific o#erationo#erationo#erationo#eration

$When $When $When $When t tt ti<e i<e i<e i<e et inet inet inet in the releae ti<e ettin"the releae ti<e ettin"the releae ti<e ettin"the releae ti<e ettin" of o#eration #rohibitionof o#eration #rohibitionof o#eration #rohibitionof o#eration #rohibition forforforfor C, C, C, C, authenticationauthenticationauthenticationauthentication #ae3 #ae3 #ae3 #ae3

fro< fro< fro< fro< #ecific #ecific #ecific #ecific o#eration.o#eration.o#eration.o#eration. t tt the he he he releae releae releae releae #roce #roce #roce #roce i i i i #erfor<e3% #erfor<e3% #erfor<e3% #erfor<e3%


:e#en3encie )AUAU1 $)AUAU2L1%


FIA_AFL.1.1[2]




- -- - Au Au Au Authentication thentication thentication thentication for for for for accein" accein" accein" accein" the the the the a3<initrator a3<initrator a3<initrator a3<initrator <o3e <o3e <o3e <o3e

- -- - e e e e- -- -authentication authentication authentication authentication for for for for chan"in" chan"in" chan"in" chan"in" the the the the a3<initrator a3<initrator a3<initrator a3<initrator #awor3 #awor3 #awor3 #awor3


within Lai"n<ent ran"e of acce#table alue L LL Lai"n<ent ai"n<ent ai"n<ent ai"n<ent ran"e ran"e ran"e ran"e of of of of acce#table acce#table acce#table acce#table alue alue alue alue an an an an a3<initrator a3<initrator a3<initrator a3<initrator confi"urable confi"urable confi"urable confi"urable #oitie #oitie #oitie #oitie inte"er inte"er inte"er inte"er within within within within 1 11 1- -- -

FIA_AFL.1.2[2]




Met Met Met Met

Lai"n<ent lit of action

8 88 8Action Action Action Action when when when when it it it it i i i i 3etecte3 3etecte3 3etecte3 3etecte39 99 9

- -- - *o" *o" *o" *o" off off off off fro< fro< fro< fro< the the the the authentication authentication authentication authentication tatu tatu tatu tatu of of of of the the the the a3<initrator a3<initrator a3<initrator a3<initrator <o3e <o3e <o3e <o3e if if if if it it it it i.i.i.i. an3 an3 an3 an3 loc; loc; loc; loc; the the the the a aa authentication uthentication uthentication uthentication

function function function function which which which which u u u ue e e e the the the the a3<ini a3<ini a3<ini a3<initrator trator trator trator #awor3 #awor3 #awor3 #awor3

- -- - )f )f )f )f it it it itJ JJ J not not not not un3er un3er un3er un3er the the the the authentication authentication authentication authentication tatu.tatu.tatu.tatu. loc; loc; loc; loc; the the the the authentication authentication authentication authentication function function function function which which which which ue ue ue ue the the the the

a3<initrator a3<initrator a3<initrator a3<initrator #awor3 #awor3 #awor3 #awor38 88 8'#eration '#eration '#eration '#eration for for for for recoerin" recoerin" recoerin" recoerin" the the the the nor<al nor<al nor<al nor<al con3ition con3ition con3ition con3ition9 99 9

- -- - B BB Berfor< erfor< erfor< erfor< the the the the boot boot boot boot #roce #roce #roce #roce of of of of the the the the !',!',!',!', $eleae $eleae $eleae $eleae # ## #roce roce roce roce i i i i #erfor<e3 #erfor<e3 #erfor<e3 #erfor<e3 af af af after ter ter ter ti<e et inti<e et inti<e et inti<e et in the releae ti<ethe releae ti<ethe releae ti<ethe releae ti<e





45 / 112

ettin"ettin"ettin"ettin" of o#eration #rohibitionof o#eration #rohibitionof o#eration #rohibitionof o#eration #rohibition forforforfor A3<initrator A3<initrator A3<initrator A3<initrator authenticationauthenticationauthenticationauthentication #ae3 #ae3 #ae3 #ae3 b b b b the the the the boot boot boot boot #roce #roce #roce #roce% %% %



FIA_AFL.1[3] Authentication Authentication Authentication Authentication failurefailurefailurefailure han3han3han3han3lin"lin"lin"lin"

FIA_AFL.1.1[3]




- -- - Authentication Authentication Authentication Authentication for for for for accein" accein" accein" accein" the the the the M)+ M)+ M)+ M)+ obHect obHect obHect obHect throu"h throu"h throu"h throu"h S(MB S(MB S(MB S(MB



L LL Lai"n<ent ai"n<ent ai"n<ent ai"n<ent ran"e ran"e ran"e ran"e of of of of acce#table acce#table acce#table acce#table alue alue alue alue an an an an a3<initrator a3<initrator a3<initrator a3<initrator confi"urable confi"urable confi"urable confi"urable #oitie #oitie #oitie #oitie inte"er inte"er inte"er inte"er within within within within 1 11 1- -- -

FIA_AFL.1.2[3]




Met Met Met Met



:en :en :en :en the the the the acce acce acce acce to to to to the the the the M)+ M)+ M)+ M)+ obHect obHect obHect obHect an3 an3 an3 an3 loc; loc; loc; loc; the the the the authentication authentication authentication authentication function function function function to to to to ue ue ue ue S(MB S(MB S(MB S(MB #awor3 #awor3 #awor3 #awor3

8 88 8'#e '#e '#e '#eration ration ration ration for for for for recoerin" recoerin" recoerin" recoerin" the the the the nor<al nor<al nor<al nor<al con3ition con3ition con3ition con3ition9 99 9

- -- - Berfor< Berfor< Berfor< Berfor< the the the the 3elete 3elete 3elete 3elete function function function function of of of of authentication authentication authentication authentication failure failure failure failure freIuenc freIuenc freIuenc freIuenc offere3 offere3 offere3 offere3 within within within within the the the the a3<initrator a3<initrator a3<initrator a3<initrator

<o3e<o3e<o3e<o3e



FIA_AFL.1[4] Authen Authen Authen Authenticationticationticationtication failurefailurefailurefailure han3lin"han3lin"han3lin"han3lin"

FIA_AFL.1.1[4]




- -- - Authentication Authentication Authentication Authentication for for for for accein" accein" accein" accein" the the the the !', !', !', !', b b b b uer uer uer uer

- -- - e e e e- -- -authentication when a uer chan"e hi/her own uer #awor3 authentication when a uer chan"e hi/her own uer #awor3 authentication when a uer chan"e hi/her own uer #awor3 authentication when a uer chan"e hi/her own uer #awor3



Lai"n<ent Lai"n<ent Lai"n<ent Lai"n<ent ran"e ran"e ran"e ran"e of of of of acce#table acce#table acce#table acce#table alue alue alue alue an an an an a3<initrator a3<initrator a3<initrator a3<initrator confi"urable confi"urable confi"urable confi"urable #oitie #oitie #oitie #oitie inte"er inte"er inte"er inte"er within within within within 1 11 1- -- - FIA_AFL.1.2[4]


ur#ae3. the !S hall Lai"n<ent lit of action


Met Met Met Met



- -- - While While While While authenticationauthenticationauthenticationauthentication iiii #erfor<e3 #erfor<e3 #erfor<e3 #erfor<e3. lo" . lo" . lo" . lo" off off off off fro< fro< fro< fro< the the the the authentication authentication authentication authentication tatu tatu tatu tatu of of of of the the the the uer.uer.uer.uer. an3 an3 an3 an3 loc; loc; loc; loc; the the the the

a aa authentication uthentication uthentication uthentication function function function function for for for for the the the the ueruerueruer

- -- - 'therwie. loc; the authentication function for'therwie. loc; the authentication function for'therwie. loc; the authentication function for'therwie. loc; the authentication function for uin" the uer #awor3uin" the uer #awor3uin" the uer #awor3uin" the uer #awor3


- -- - Berfor< Berfor< Berfor< Berfor< the the the the 3e 3e 3e 3elete lete lete lete function function function function of of of of authentication authentication authentication authentication failure failure failure failure freIuenc freIuenc freIuenc freIuenc offere3 offere3 offere3 offere3 within within within within the the the the a3<initrator a3<initrator a3<initrator a3<initrator

<o3e<o3e<o3e<o3e








47 / 112

FIA_AFL.1[7] Authentication Authentication Authentication Authentication faifaifaifailurelurelurelure han3lin"han3lin"han3lin"han3lin"

FIA_AFL.1.1[7]




- -- - Account Account Account Account authentication authentication authentication authentication Account Account Account Account authentication authentication authentication authentication when when when when the the the the belon"in" belon"in" belon"in" belon"in" account account account account of of of of the the the the uer uer uer uer who who who who

accee accee accee accee in in in in the the the the nchronize3 nchronize3 nchronize3 nchronize3 <etho3 <etho3 <etho3 <etho3 i i i i not not not not re"itere3re"itere3re"itere3re"itere3

- -- - Account Account Account Account a aa authentication uthentication uthentication uthentication Account Account Account Account authentication authentication authentication authentication of of of of the the the the uer uer uer uer who who who who accee accee accee accee in in in in the the the the <etho3 <etho3 <etho3 <etho3 not not not not

nchronize3 nchronize3 nchronize3 nchronize3



Lai"n<en Lai"n<en Lai"n<en Lai"n<ent t t t ran"e ran"e ran"e ran"e of of of of acce#table acce#table acce#table acce#table alue alue alue alue an an an an a3<initrator a3<initrator a3<initrator a3<initrator confi"urable confi"urable confi"urable confi"urable #oitie #oitie #oitie #oitie inte"er inte"er inte"er inte"er within within within within 1 11 1- -- -

FIA_AFL.1.2[7]




Met Met Met MetLai"n<ent lit of action


*oc; *oc; *oc; *oc; the the the the authentication authentication authentication authentication function function function function for for for for the the the the concerne3 concerne3 concerne3 concerne3 account.account.account.account. an3 an3 an3 an3 3en 3en 3en 3en the the the the acce acce acce acce to to to to the the the the !', !', !', !', b b b b the the the the

uer uer uer uer who who who who #er<itte3 #er<itte3 #er<itte3 #er<itte3 the the the the ue ue ue ue of of of of the the the the accountaccountaccountaccount


Berfor< Berfor< Berfor< Berfor< the the the the 3elete 3elete 3elete 3elete function function function function of of of of authentication authentication authentication authentication failure failure failure failure freIuenc freIuenc freIuenc freIuenc offere3 offere3 offere3 offere3 within within within within the the the the a3<initrator a3<initrator a3<initrator a3<initrator

<o3e<o3e<o3e<o3e




FIA_AFL.1.1[8]




- -- - Authentication Authentication Authentication Authentication when when when when it it it it accee accee accee accee erice erice erice erice <o3e <o3e <o3e <o3e fro< the #anel fro< the #anel fro< the #anel fro< the #anel

- -- - Authentication Authentication Authentication Authentication when when when when it it it it accee accee accee accee a3<initrator a3<initrator a3<initrator a3<initrator <o3e <o3e <o3e <o3e fro< fro< fro< fro< the the the the #anel #anel #anel #anel

- -- - Uer Uer Uer Uer authentication authentication authentication authentication wh wh wh when en en en uer uer uer uer accee accee accee accee !', !', !', !', fro< fro< fro< fro< the the the the #anel #anel #anel #anel

- -- - Account Account Account Account authentication authentication authentication authentication when when when when uer uer uer uer accee accee accee accee !', !', !', !', fro< fro< fro< fro< the the the the #anel #anel #anel #anel

- -- - Authentication Authentication Authentication Authentication when when when when it it it it accee accee accee accee ecure ecure ecure ecure #rint #rint #rint #rint file file file file fro< the #anel fro< the #anel fro< the #anel fro< the #anel

- -- - Authentication Authentication Authentication Authentication when when when when it it it it accee accee accee accee Bublic Bublic Bublic Bublic uer uer uer uer bo@ bo@ bo@ bo@ fro< fro< fro< fro< the the the the #anel #anel #anel #anel

Lelection Lai"n<ent #oitie inte"er nu<ber. an a3<initrator confi"urable #oitie inte"erwithin Lai"n<ent ran"e of acce#table alue

Lai"n<ent Lai"n<ent Lai"n<ent Lai"n<ent #oitie #oitie #oitie #oitie inte"er inte"er inte"er inte"er nu<ber nu<ber nu<ber nu<ber 1 11 1

FIA_AFL.1.2[8]




Met Met Met Met



:en :en :en :en all all all all acce acce acce acce fro< fro< fro< fro< the the the the #anel #anel #anel #anel

8 88 8'#eration '#eration '#eration '#eration for for for for recoerin" recoerin" recoerin" recoerin" the the the the nor<al nor<al nor<al nor<al co co co con3ition n3ition n3ition n3ition9 99 9

Auto<aticall Auto<aticall Auto<aticall Auto<aticall releae releae releae releae the the the the loc; loc; loc; loc; after after after after 5 55 5 econ3econ3econ3econ3ierarchical to (o other co<#onent





48 / 112

:e#en3encie )AUAU1$)AUAU2L1. )AUAU2L2. )AUAU1L1. )AUAU2L.

)AUAU2LF. )AUAU1L2%

FIA_AFL.1[9] Authentication failure han3lin" Authentication failure han3lin" Authentication failure han3lin" Authentication failure han3lin"

FIA_AFL.1.1[9]!he !S hall 3etect when Lelection Lai"n<ent #oitie inte"er nu<ber. an a3<initrator



- -- - Authentication when Authentication when Authentication when Authentication when accein" b Web:A4 accein" b Web:A4 accein" b Web:A4 accein" b Web:A4



Lai"n<entLai"n<entLai"n<entLai"n<ent ran"e ofran"e ofran"e ofran"e of acce#table acce#table acce#table acce#table alue alue alue alue an a3<initrator confi"urable #oitie inte"er within 1 an a3<initrator confi"urable #oitie inte"er within 1 an a3<initrator confi"urable #oitie inte"er within 1 an a3<initrator confi"urable #oitie inte"er within 1- -- -

FIA_AFL.1.2[9]


ur#ae3. the !S hall Lai"n<ent lit of action


Met Met Met Met


8Action when it i 3etecte39 8Action when it i 3etecte39 8Action when it i 3etecte39 8Action when it i 3etecte39

:en:en:en:en thethethethe acceacceacceacce b Web:A4. an3 loc; the authentication function which ue theb Web:A4. an3 loc; the authentication function which ue theb Web:A4. an3 loc; the authentication function which ue theb Web:A4. an3 loc; the authentication function which ue the Web:A4 Web:A4 Web:A4 Web:A4 erererererererer

#awor3 #awor3 #awor3 #awor3

8'#eration for 8'#eration for 8'#eration for 8'#eration for recoerin" the nor<al con3ition9 recoerin" the nor<al con3ition9 recoerin" the nor<al con3ition9 recoerin" the nor<al con3ition9

Berfor< Berfor< Berfor< Berfor< thethethethe 3elete 3elete 3elete 3elete function of the authentication failurefunction of the authentication failurefunction of the authentication failurefunction of the authentication failure freIuenc offere3 with freIuenc offere3 with freIuenc offere3 with freIuenc offere3 within the a3<initratorin the a3<initratorin the a3<initratorin the a3<initrator

<o3e<o3e<o3e<o3e



FIA_ATD.1 UerUerUerUer attributeattributeattributeattribute 3ef 3ef 3ef 3efinitioninitioninitioninition

FIA_ATD.1.1

!he !S hall <aintain the followin" lit of ecurit attribute belon"in" to in3ii3ual uer

Lai"n<ent lit of ecurit attribute

Lai"n<ent lit of ecurit attribute

- -- - Uer Uer Uer Uer attribute attribute attribute attribute $Uer $Uer $Uer $Uer ):% ):% ):% ):%

- -- - Uer Uer Uer Uer bo@ bo@ bo@ bo@ attri attri attri attribute bute bute bute $ $$ $Uer Uer Uer Uer bo@ bo@ bo@ bo@ ): ): ): ):% %% %

- -- - ile ile ile ile attribute attribute attribute attribute $ $$ $Secure Secure Secure Secure #rint #rint #rint #rint internal internal internal internal control control control control ): ): ): ):% %% %

- -- - Account Account Account Account na<e na<e na<e na<e $Account $Account $Account $Account ):% ):% ):% ):%

- -- - A3<initrator A3<initrator A3<initrator A3<initrator Attribute Attribute Attribute Attribute

ierarchical to (o other co<#onent:e#en3encie (o 3e#en3encie

FIA_SOS.1[1] 4erification 4erification 4erification 4erification of of of of ecretecretecretecret

FIA_SOS.1.1[1]

!he !S hall #roi3e a <echani< to erif that ecret $A3<initrator $A3<initrator $A3<initrator $A3<initrator Bawor3.Bawor3.Bawor3.Bawor3. C, C, C, C, Bawor3 Bawor3 Bawor3 Bawor3....

ecure #rint #awor3. uer bo@ #awor3. account #awor3. an3 Web:A4 erer #awor3 ecure #rint #awor3. uer bo@ #awor3. account #awor3. an3 Web:A4 erer #awor3 ecure #rint #awor3. uer bo@ #awor3. account #awor3. an3 Web:A4 erer #awor3 ecure #rint #awor3. uer bo@ #awor3. account #awor3. an3 Web:A4 erer #awor3% %% % <eet

Lai"n<ent a 3efine3 Iualit <etric


- -- - (u<ber (u<ber (u<ber (u<ber of of of of 3i"it 3i"it 3i"it 3i"it 7 77 7- -- - 3i"it 3i"it 3i"it 3i"it

- -- - Character Character Character Character t#e t#e t#e t#e #oible to chooe #oible to chooe #oible to chooe #oible to chooe fro< = or <ore fro< = or <ore fro< = or <ore fro< = or <ore character character character character

- -- - ule ule ule ule $1% $1% $1% $1% :o :o :o :o not not not not co<#oe co<#oe co<#oe co<#oe b b b b onl onl onl onl one an3one an3one an3one an3 the the the the a<e a<e a<e a<e character character character character

$2% $2% $2% $2% :o :o :o :o not not not not et et et et the the the the a<e a<e a<e a<e #awor3 #awor3 #awor3 #awor3 a a a a the the the the current current current current ettin" ettin" ettin" ettin" after chan"e after chan"e after chan"e after chan"e





49 / 112




FIA_SOS.1.1[2]!he !S hall #roi3e a <echani< to erif that ecret $S(MB $S(MB $S(MB $S(MB Bawor3% Bawor3% Bawor3% Bawor3% <eet Lai"n<ent a

3efine3 Iualit <etric


- -- - (u<ber (u<ber (u<ber (u<ber of of of of 3i"it 3i"it 3i"it 3i"it 7 77 7- -- - 3i"it 3i"it 3i"it 3i"it or or or or <ore <ore <ore <ore

- -- - Character Character Character Character t#e t#e t#e t#e #oible to chooe #oible to chooe #oible to chooe #oible to chooe fro< =0 or <orefro< =0 or <orefro< =0 or <orefro< =0 or <ore character character character character

- -- - ule ule ule ule

$1% $1% $1% $1% :o not:o not:o not:o not co<#oe co<#oe co<#oe co<#oe b onlb onlb onlb onl one an3one an3one an3one an3 the a<e characterthe a<e characterthe a<e characterthe a<e character

$2% $2% $2% $2% :o not et the a<e #awor3 a the current ettin" after chan :o not et the a<e #awor3 a the current ettin" after chan :o not et the a<e #awor3 a the current ettin" after chan :o not et the a<e #awor3 a the current ettin" after chan"e"e"e"e




FIA_SOS.1.1[3]

!he !S hall #roi3e a <echani< to erif that ecret $Uer $Uer $Uer $Uer Bawor3% Bawor3% Bawor3% Bawor3% <eet Lai"n<ent a 3efine3

Iualit <etric


- -- - (u<ber (u<ber (u<ber (u<ber of of of of 3i"it 3i"it 3i"it 3i"it 7 77 7- -- - 3i"it 3i"it 3i"it 3i"it or or or or <ore <ore <ore <ore

- -- - Character Character Character Character t#e t#e t#e t#e #oible to chooe #oible to chooe #oible to chooe #oible to chooe fro< 177 or <ore fro< 177 or <ore fro< 177 or <ore fro< 177 or <ore character character character character


$1% $1% $1% $1% :o not:o not:o not:o not co<#oe co<#oe co<#oe co<#oe b onlb onlb onlb onl one an3one an3one an3one an3 the a<e characterthe a<e characterthe a<e characterthe a<e character

$2% $2% $2% $2% :o not et the a<e #awor3 a the current e :o not et the a<e #awor3 a the current e :o not et the a<e #awor3 a the current e :o not et the a<e #awor3 a the current ettin" after chan"ettin" after chan"ettin" after chan"ettin" after chan"e




FIA_SOS.1.1[4]

!he !S hall #roi3e a <echani< to erif that ecret $,ncr#tion $,ncr#tion $,ncr#tion $,ncr#tion #a#hrae% #a#hrae% #a#hrae% #a#hrae% <eet Lai"n<ent a



- -- - (u<ber (u<ber (u<ber (u<ber of of of of 3i"it 3i"it 3i"it 3i"it 20 20 20 20- -- - 3i"it 3i"it 3i"it 3i"it

- -- - Character Character Character Character t#e t#e t#e t#e #oible to chooe #oible to chooe #oible to chooe #oible to chooe fro< 7 or <ore fro< 7 or <ore fro< 7 or <ore fro< 7 or <ore character character character character


$1% $1% $1% $1% :o :o :o :o not not not not co<#oe co<#oe co<#oe co<#oe b b b b onl onl onl onl one an3one an3one an3one an3 the the the the a<e a<e a<e a<e charactercharactercharactercharacter

$2% $2% $2% $2% :o :o :o :o not not not not et et et et the the the the a<e a<e a<e a<e #a#hra #a#hra #a#hra #a#hrae ee e a a a a the the the the current current current current ettin" ettin" ettin" ettin" after chan"e after chan"e after chan"e after chan"e




FIA_SOS.1.1[5]

!he !S hall #roi3e a <echani< to erif that ecret $Seion $Seion $Seion $Seion )nfor<ation% )nfor<ation% )nfor<ation% )nfor<ation% <eet Lai"n<ent a



10 10 10 10 10 10 10 10 an3 an3 an3 an3 aboe aboe aboe aboeierarchical to (o other co<#onent





50 / 112


FIA_SOS.2 4erification of ecret 4erification of ecret 4erification of ecret 4erification of ecret

FIA_SOS.2.1

!he !S hall #roi3e a <echani< to "enerate ecret $Seion $Seion $Seion $Seion infor<ation% infor<ation% infor<ation% infor<ation% that <eet Lai"n<ent a3efine3 Iualit <etric


10 10 10 10 10 10 10 10 an3 an3 an3 an3 aboe aboe aboe aboe

FIA_SOS.2.2

!he !S hall be able to enforce the ue of !S "enerate3 ecret for Lai"n<ent lit of !S

function

Lai"n<ent lit of !S function

- -- - A3<initrator A3<initrator A3<initrator A3<initrator authentication authentication authentication authentication $ $$ $Acce Acce Acce Acce throu"h throu"h throu"h throu"h the the the the networ; networ; networ; networ;% %% %

- -- - Uer Uer Uer Uer authentication authentication authentication authentication $ $$ $Acce Acce Acce Acce throu"h throu"h throu"h throu"h the the the the networ networ networ networ; ;; ;% %% %

- -- - Uer Uer Uer Uer bo@ bo@ bo@ bo@ au au au auth th th thentication entication entication entication $ $$ $Acce Acce Acce Acce throu"h throu"h throu"h throu"h the the the the networ; networ; networ; networ;% %% %



FIA_UAU.1[1] !i<in" of authentication!i<in" of authentication!i<in" of authentication!i<in" of authentication

FIA_UAU.1.1[1]

!he !S hall allow Lai"n<ent lit of !S <e3iate3 action on behalf of the uer to be #erfor<e3

before the uer i authenticate3

Lai"n<ent lit of !S <e3iate3 action

Confir< Confir< Confir< Confir< the the the the to##e3to##e3to##e3to##e3 tate of uer tate of uer tate of uer tate of uer ue ue ue ue $ $$ $Metho3 of uer authentication Metho3 of uer authentication Metho3 of uer authentication Metho3 of uer authentication Machine authentication Machine authentication Machine authentication Machine authentication

onl% onl% onl% onl%

FIA_UAU.1.2[1]

!he !S hall reIuire each uer $Uer% $Uer% $Uer% $Uer% to be uccefull authenticate3 before allowin" an other

!S-<e3iate3 action on behalf of that uer $Uer% $Uer% $Uer% $Uer% ierarchical to (o other co<#onent

:e#en3encie )AU):1$)AU):2L%

FIA_UAU.1[2] !i<in" of authentication!i<in" of authentication!i<in" of authentication!i<in" of authentication

FIA_UAU.1.1[2]

!he !S hall allow Lai"n<ent lit of !S <e3iate3 action on behalf of the uer to be #erfor<e3

before the uer i authenticate3

Lai"n<ent lit of !S <e3iate3 action

C CC Confir< the to##e3 tate ofonfir< the to##e3 tate ofonfir< the to##e3 tate ofonfir< the to##e3 tate of the accountthe accountthe accountthe account

FIA_UAU.1.2[2]

!he !S hall reIuire each uer $ $$ $Uer who i #er<itte3 to ue account Uer who i #er<itte3 to ue account Uer who i #er<itte3 to ue account Uer who i #er<itte3 to ue account% %% % to be uccefull

authenticate3 before allowin" an other !S-<e3iate3 action on behalf of that uer $ $$ $Uer who iUer who iUer who iUer who i

#er<itte3 to ue account #er<itte3 to ue account #er<itte3 to ue account #er<itte3 to ue account% %% %


:e#en3encie )AU):1$)AU):2L%

FIA_UAU.2[1] UerUerUerUer authenticationauthenticationauthenticationauthentication bef bef bef beforeoreoreore anananan actionactionactionaction

FIA_UAU.2.1[1]

!he !S hall reIuire each uer $ $$ $Serice Serice Serice Serice ,n"ineer ,n"ineer ,n"ineer ,n"ineer% %% % to be uccefull authenticate3 before allowin"

an other !S-<e3iate3 action on behalf of that uer $ $$ $Serice Serice Serice Serice ,n"ineer ,n"ineer ,n"ineer ,n"ineer% %% %

ierarchical to )AUAU1:e#en3encie )AU):1 $)AU):2L1%





51 / 112

FIA_UAU.2[2] UerUerUerUer authenticationauthenticationauthenticationauthentication beforebeforebeforebefore anananan actionactionactionaction

FIA_UAU.2.1[2]

!he !S hall reIuire each uer $ $$ $A3<initrator A3<initrator A3<initrator A3<initrator $Uer who i authenticate3 b$Uer who i authenticate3 b$Uer who i authenticate3 b$Uer who i authenticate3 b A3<initrator A3<initrator A3<initrator A3<initrator

#awor3. Uer who i authenticate3 b Web:A4 erer #awor3. Ue #awor3. Uer who i authenticate3 b Web:A4 erer #awor3. Ue #awor3. Uer who i authenticate3 b Web:A4 erer #awor3. Ue #awor3. Uer who i authenticate3 b Web:A4 erer #awor3. Uer who i authenticate3 b

r who i authenticate3 br who i authenticate3 br who i authenticate3 b

S(MB #awor3% S(MB #awor3% S(MB #awor3% S(MB #awor3%% %% % to be uccefull authenticate3 before allowin" an other !S-<e3iate3 action on

behalf of that uer $ $$ $A3<initrator A3<initrator A3<initrator A3<initrator $Uer who i authenticate3 b$Uer who i authenticate3 b$Uer who i authenticate3 b$Uer who i authenticate3 b A3<initrator A3<initrator A3<initrator A3<initrator #awor3. Uer who i #awor3. Uer who i #awor3. Uer who i #awor3. Uer who i

authenticate3 b Web:A4 erer authenticate3 b Web:A4 erer authenticate3 b Web:A4 erer authenticate3 b Web:A4 erer #awor3. Uer who i authenticate3 b S(MB #awor3% #awor3. Uer who i authenticate3 b S(MB #awor3% #awor3. Uer who i authenticate3 b S(MB #awor3% #awor3. Uer who i authenticate3 b S(MB #awor3%% %% %

ierarchical to )AUAU1

:e#en3encie )AU):1 $)AU):2L2%


FIA_UAU.2.1[4]

!he !S hall reIuire each uer $ $$ $Uer Uer Uer Uer who who who who i i i i #er<i #er<i #er<i #er<itte3 tte3 tte3 tte3 to to to to ue ue ue ue ecure ecure ecure ecure #rint #rint #rint #rint file file file file% %% % to be uccefull

authenticate3 before allowin" an other !S-<e3iate3 action on behalf of that uer $ $$ $Uer Uer Uer Uer who who who who i i i i #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to ue ue ue ue ecure ecure ecure ecure #rint #rint #rint #rint file file file file% %% %

ierarchical to )AUAU1

:e#en3encie )AU):1 $)AU):2LF%


FIA_UAU.2.1[5]

!he !S hall reIuire each uer $ $$ $Uer Uer Uer Uer who who who who i i i i #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to ue ue ue ue the the the the #ublic #ublic #ublic #ublic uer uer uer uer bo@ bo@ bo@ bo@% %% % to be

uccefull authenticate3 before allowin" an other !S-<e3iate3 action on behalf of that uer

$ $$ $Uer Uer Uer Uer who who who who i i i i #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to ue ue ue ue the the the the #ublic #ublic #ublic #ublic uer uer uer uer bo@ bo@ bo@ bo@% %% %

ierarchical to )AUAU1:e#en3encie )AU):1 $)AU):2L5%

FIA_UAU.6 eeee----authenticatin"authenticatin"authenticatin"authenticatin"

FIA_UAU.6.1

!he !S hall re-authenticate the uer un3er the con3ition Lai"n<ent lit of con3ition un3er

which re-authentication i reIuire3

Lai"n<ent lit of con3ition un3er which re-authentication i reIuire3

- -- - When the erice en"ineer <o3ifie the C, #awor3When the erice en"ineer <o3ifie the C, #awor3When the erice en"ineer <o3ifie the C, #awor3When the erice en"ineer <o3ifie the C, #awor3

- -- - When When When When the the the the a3<initrator a3<initrator a3<initrator a3<initrator <o3ifie <o3ifie <o3ifie <o3ifie the the the the a3<initrator a3<initrator a3<initrator a3<initrator #awor3 #awor3 #awor3 #awor3

- -- - When the uer chan"e hi/her own uer #awor3When the uer chan"e hi/her own uer #awor3When the uer chan"e hi/her own uer #awor3When the uer chan"e hi/her own uer #awor3

- -- - When When When When a uer #er<itte3 a uer #er<itte3 a uer #er<itte3 a uer #er<itte3 to ueto ueto ueto ue aaaa #ublic uer bo@ chan"e the #ublic uer bo@ chan"e the #ublic uer bo@ chan"e the #ublic uer bo@ chan"e the ueruerueruer bo@ #awor3 ofbo@ #awor3 ofbo@ #awor3 ofbo@ #awor3 of the the the the #ublic uer #ublic uer #ublic uer #ublic uerbo@bo@bo@bo@



FIA_UAU.7 Brotecte3Brotecte3Brotecte3Brotecte3 autheautheautheauthenticationnticationnticationntication fee3bac;fee3bac;fee3bac;fee3bac;

FIA_UAU.7.1

!he !S hall #roi3e onl Lai"n<ent lit of fee3bac; to the uer while the authentication i in

#ro"re

Lai"n<ent lit of fee3bac;

:i#la :i#la :i#la :i#la D DD DK KK KD DD D eer eer eer eer character character character character 3ata 3ata 3ata 3ata in#utin#utin#utin#utierarchical to (o other co<#onent

:e#en3encie )AUAU1 $)AUAU2L1. )AUAU2L2. )AUAU1L1. )AUAU2L.





52 / 112

)AUAU2LF. )AUAU1L2%

FIA_UID.2[1] UerUerUerUer i3entificationi3entificationi3entificationi3entification beforebeforebeforebefore anananan actionactionactionaction

FIA_UID.2.1[1]

!he !S hall reIuire each uer $ $$ $Serice Serice Serice Serice ,n"ineer ,n"ineer ,n"ineer ,n"ineer% %% % to be uccefull i3entifie3 before allowin" another !S-<e3iate3 action on behalf of that uer $ $$ $Serice Serice Serice Serice ,n"ineer ,n"ineer ,n"ineer ,n"ineer% %% %

ierarchical to )AU):1



FIA_UID.2.1[2]

!he !S hall reIuire each uer $ $$ $A3<initrator A3<initrator A3<initrator A3<initrator% %% % to be uccefull i3entifie3 before allowin" an other

!S-<e3iate3 action on behalf of that uer $ $$ $A3<initrator A3<initrator A3<initrator A3<initrator% %% %



FIA_UID.2[3] UerUerUerUer i3entificationi3entificationi3entificationi3entification bebebebeforeforeforefore anananan actionactionactionaction

FIA_UID.2.1[3]

!he !S hall reIuire each uer $ $$ $Uer Uer Uer Uer% %% % to be uccefull i3entifie3 before allowin" an other

!S-<e3iate3 action on behalf of that uer $ $$ $Uer Uer Uer Uer% %% %




FIA_UID.2.1[4]

!he !S hall reIuire each uer $ $$ $Uer Uer Uer Uer who who who who i i i i #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to ue ue ue ue ecure ecure ecure ecure #rint #rint #rint #rint file file file file% %% % to be uccefull

i3entifie3 before allowin" an other !S-<e3iate3 action on behalf of that uer $ $$ $Uer Uer Uer Uer who who who who i i i i

#er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to ue ue ue ue ecure ecure ecure ecure #rint #rint #rint #rint file file file file% % % %




FIA_UID.2.1[5]

!he !S hall reIuire each uer $ $$ $Uer Uer Uer Uer who who who who i i i i #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to ue ue ue ue the the the the #ublic #ublic #ublic #ublic uer uer uer uer bo@ bo@ bo@ bo@% %% % to be uccefull

i3entifie3 before allowin" an other !S-<e3iate3 action on behalf of that uer $ $$ $Uer Uer Uer Uer who who who who i i i i #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to ue ue ue ue the the the the #ublic #ublic #ublic #ublic uer uer uer uer bo@ bo@ bo@ bo@% %% %



FIA_UID.2[6] UerUerUerUer i3entificationi3entificationi3entificationi3entification bebebebeforeforeforefore anananan actionactionactionaction

FIA_UID.2.1[6]

!he !S hall reIuire each uer $ $$ $Uer Uer Uer Uer who who who who i i i i #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to ue ue ue ue the the the the account account account account% %% % to be uccefull i3entifie3

before allowin" an other !S-<e3iate3 action on behalf of that uer $ $$ $Uer Uer Uer Uer who who who who i i i i #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to ue ue ue ue

the the the the account account account account% %% %







53 / 112


FIA_UID.2.1[7]

!he !S hall reIuire each uer $ $$ $,@ternal ,@ternal ,@ternal ,@ternal Serer Serer Serer Serer% %% % to be uccefull i3entifie3 before allowin" an

other !S-<e3iate3 action on behalf of that uer $ $$ $,@ternal ,@ternal ,@ternal ,@ternal Serer Serer Serer Serer% %% %



FIA_USB.1 UerUerUerUer----ubHectubHectubHectubHect bin3in"bin3in"bin3in"bin3in"

FIA_USB.1.1

!he !S hall aociate the followin" uer ecurit attribute with ubHect actin" on the behalf of that

uer Lai"n<entO lit of uer ecurit attribute

Lai"n<entO lit of uer ecurit attribute

- -- - Uer Uer Uer Uer attribute attribute attribute attribute $Uer $Uer $Uer $Uer ):% ):% ):% ):%

- -- - Uer Uer Uer Uer bo@ bo@ bo@ bo@ attribute attribute attribute attribute $Uer $Uer $Uer $Uer bo@ bo@ bo@ bo@ ):% ):% ):% ):%

- -- - ile ile ile ile attribute attribute attribute attribute $Secure $Secure $Secure $Secure #rint #rint #rint #rint internal internal internal internal control control control control ):% ):% ):% ):%

- -- - Account Account Account Account na<e na<e na<e na<e $Acco $Acco $Acco $Account unt unt unt ):% ):% ):% ):%- -- - A3<initrator A3<initrator A3<initrator A3<initrator Attribute Attribute Attribute Attribute

FIA_USB.1.2

!he !S hall enforce the followin" rule on the initial aociation of uer ecurit attribute with

ubHect actin" on the behalf of uer Lai"n<ent rule for the initial aociation of attribute

Lai"n<ent rule for the initial aociation of attribute

8 88 8Uer Uer Uer Uer bo@ bo@ bo@ bo@ attribute attribute attribute attribute9 99 9

!he !he !he !he uer uer uer uer bo@ bo@ bo@ bo@ ): ): ): ): of of of of the the the the concerne3 concerne3 concerne3 concerne3 uer uer uer uer bo@ bo@ bo@ bo@ aociate aociate aociate aociate to to to to the the the the ta; ta; ta; ta; actin" actin" actin" actin" on on on on the the the the behalf behalf behalf behalf of of of of uer uer uer uer when when when when

authenticate3 authenticate3 authenticate3 authenticate3 with with with with the the the the acce acce acce acce to to to to the the the the uer uer uer uer bo@ bo@ bo@ bo@

8 88 8Account Account Account Account (a<e (a<e (a<e (a<e9 99 9

- -- - )n )n )n )n the the the the < << <etho3 etho3 etho3 etho3 not not not not nchronize3 nchronize3 nchronize3 nchronize3 with with with with U UU Uer er er er a aa authentication uthentication uthentication uthentication.... t tt the he he he account account account account ): ): ): ): of of of of the the the the concerne3 concerne3 concerne3 concerne3 account account account account

aociate aociate aociate aociate to to to to the the the the ta; ta; ta; ta; actin" actin" actin" actin" on on on on the the the the behalf behalf behalf behalf of of of of uer uer uer uer when when when when authenticate3 authenticate3 authenticate3 authenticate3 with with with with the the the the acce acce acce acce to to to to the the the the

accountaccountaccountaccount

- -- - )n )n )n )n the the the the < << <etho3 etho3 etho3 etho3 nchronize3 nchronize3 nchronize3 nchronize3 with with with with U UU Uer er er er a aa authentication uthentication uthentication uthentication.... t tt the he he he ac ac ac account count count count ): ): ): ): that that that that i i i i et et et et to to to to the the the the concerne3 concerne3 concerne3 concerne3

uer uer uer uer aociate aociate aociate aociate to to to to the the the the ta; ta; ta; ta; actin" actin" actin" actin" on on on on the the the the behalf behalf behalf behalf of of of of uer uer uer uer when when when when authenticate3 authenticate3 authenticate3 authenticate3 with with with with the the the the acce acce acce acce to to to to the the the the

ueruerueruer

8 88 8ile ile ile ile attribute attribute attribute attribute9 99 9

!he !he !he !he ecure ecure ecure ecure #rint #rint #rint #rint internal internal internal internal control control control control ): ): ): ): of of of of the the the the concerne3 concerne3 concerne3 concerne3 ecure ecure ecure ecure #rint #rint #rint #rint file file file file aociate aociate aociate aociate to to to to the the the the ta; ta; ta; ta; actin" actin" actin" actin" on on on on

the the the the behalf behalf behalf behalf of of of of uer uer uer uer when when when when authenticate3 authenticate3 authenticate3 authenticate3 with with with with the the the the acce acce acce acce to to to to the the the the ecure ecure ecure ecure #rint #rint #rint #rint filefilefilefile

8Uer 8Uer 8Uer 8Uer attribute9 attribute9 attribute9 attribute9

!he !he !he !he uer uer uer uer ): ): ): ): of of of of the the the the concerne3 concerne3 concerne3 concerne3 uer uer uer uer aociate aociate aociate aociate to to to to the the the the ta; ta; ta; ta; actin" actin" actin" actin" on on on on the the the the behalf behalf behalf behalf of of of of uer uer uer uer when when when when

authenticate3 authenticate3 authenticate3 authenticate3 a a a a the the the the uer uer uer uer

8A3<initrator 8A3<initrator 8A3<initrator 8A3<initrator attribute9 attribute9 attribute9 attribute9

!he !he !he !he A3<initrator A3<initrator A3<initrator A3<initrator attribute attribute attribute attribute aociate aociate aociate aociate to to to to the the the the ta; ta; ta; ta; actin" actin" actin" actin" on on on on the the the the behalf behalf behalf behalf of of of of uer uer uer uer when when when when authenticate3 authenticate3 authenticate3 authenticate3

a a a a the the the the A3<initrator A3<initrator A3<initrator A3<initrator

FIA_USB.1.3

!he !S hall enforce the followin" rule "oernin" chan"e to the uer ecurit attribute aociate3

with ubHect actin" on the behalf of uer Lai"n<ent rule for the chan"in" of attribute

Lai"n<ent rule for the chan"in" of attribute

(one (one (one (one


:e#en3encie )AA!:1 $)AA!:1%

611F611F611F611F Securit Mana"e<ent

FMT_MOF.1[1] Mana"e<entMana"e<entMana"e<entMana"e<ent of of of of ecuritecuritecuritecurit functionfunctionfunctionfunction behaiorbehaiorbehaiorbehaior





54 / 112

FMT_MOF.1.1[1]

!he !S hall retrict the abilit to Lelection 3eter<ine the behaior of. 3iable. enable. <o3if thebehaior of the function Lai"n<ent lit of function to Lai"n<ent the authorize3 i3entifie3 role Lai"n<ent lit of function

- -- - ,nhance3 ,nhance3 ,nhance3 ,nhance3 Securit Securit Securit Securit Settin" Settin" Settin" Settin"Lelection 3eter<ine the behaior of. 3iable. enable. <o3if the behaior of

3iable 3iable 3iable 3iableLai"n<ent the authorize3 i3entifie3 role - -- - A3<initrator A3<initrator A3<initrator A3<initrator- -- - Seri Seri Seri Serice ce ce ce ,n"ineer ,n"ineer ,n"ineer ,n"ineer


:e#en3encie M!SM1 $M!SM1% . M!SM1 $M!SM1L1. M!SM1L2%

FMT_MOF.1[2] Mana"e<entMana"e<entMana"e<entMana"e<ent of of of of ecuritecuritecuritecurit functionfunctionfunctionfunction behaiobehaiobehaiobehaiouuuurrrr

FMT_MOF.1.1[2]

!he !S hall retrict the abilit to Lelection 3eter<ine the behaior of. 3iable. enable. <o3if thebehaiour of the function Lai"n<ent lit of function to Lai"n<ent the authorize3 i3entifie3

role Lai"n<ent lit of function

- -- - Uer Uer Uer Uer Authentication Authentication Authentication Authentication unction unction unction unction

- -- - S/M)M, S/M)M, S/M)M, S/M)M, function function function function

- -- - S(MB S(MB S(MB S(MB #awor3 #awor3 #awor3 #awor3 authentication authentication authentication authentication function function function function

- -- - ): N #rint ): N #rint ): N #rint ): N #rint function function function functionLelection 3eter<ine the behaior of. 3iable. enable. <o3if the behaior of

<o3if <o3if <o3if <o3if the the the the behaior behaior behaior behaior of of of ofLai"n<ent the authorize3 i3entifie3 role

A3<initrator A3<initrator A3<initrator A3<initrator


:e#en3encie M!SM1 $M!SM1% . M!SM1 $M!SM1L2%

FMT_MOF.1[3] Mana"e<entMana"e<entMana"e<entMana"e<ent of of of of ecuritecuritecuritecurit functionfunctionfunctionfunction behaiorbehaiorbehaiorbehaior

FMT_MOF.1.1[3]

!he !S hall retrict the abilit to Lelection 3eter<ine the behaiour of. 3iable. enable. <o3if thebehaiour of the function Lai"n<ent lit of function to Lai"n<ent the authorize3 i3entifie3role Lai"n<ent lit of function

- -- - Account Account Account Account Authentication Authentication Authentication Authentication unction unction unction unction

- -- - !rute3 !rute3 !rute3 !rute3 Channel Channel Channel Channel unction unction unction unctionLelection 3eter<ine the behaior of. 3iable. enable. <o3if the behaiour of

<o3if <o3if <o3if <o3if the the the the behaior behaior behaior behaior of of of of. 3iable . 3iable . 3iable . 3iableLai"n<ent the authorize3 i3entifie3 role




FMT_MSA.1[1] ManManManManaaaa"e<ent"e<ent"e<ent"e<ent of of of of ecuritecuritecuritecurit attributeattributeattributeattribute

FMT_MSA.1.1[1]

!he !S hall enforce the Lai"n<ent acce control SB$%. infor<ation flow control SB$% to

retrict the abilit to Lelection chan"e3efault. Iuer. <o3if. 3elete . Lai"n<ent other o#eration

the ecurit attribute Lai"n<ent lit of ecurit attribute to Lai"n<ent the authorize3 i3entifie3

role

Lai"n<ent lit of ecurit attribute Uer Uer Uer Uer attribute attribute attribute attribute of of of of the the the the uer uer uer uer bo@ bo@ bo@ bo@ that that that that i i i i et et et et uer uer uer uerJ JJ J own own own own Luer Luer Luer Luer ): ): ): ):

Lelection chan"e3efault. Iuer. <o3if. 3elete . Lai"n<ent other o#eration







56 / 112

ecurit attribute $Uer Uer Uer Uer attribute attribute attribute attribute of of of of the the the the u uu ue e e er rr r bo@ bo@ bo@ bo@ % that are ue3 to enforce the SB

Lelection. chooe one of retrictie. #er<iie. Lai"n<ent other #ro#ert

L LL Lai"n<ent ai"n<ent ai"n<ent ai"n<ent other other other other #ro#ert #ro#ert #ro#ert #ro#ert

e#on3e3 e#on3e3 e#on3e3 e#on3e3 the the the the re"it re"it re"it re"ite ee er rr re3 e3 e3 e3 ituation ituation ituation ituation of of of of the the the the uer uer uer uer bo@ bo@ bo@ bo@ claifie3 claifie3 claifie3 claifie3 into into into into the the the the followin" followin" followin" followin" caecaecaecae

$1% $1% $1% $1% LBubl LBubl LBubl LBublic.ic.ic.ic. when when when when an an an an uer uer uer uer bo@ bo@ bo@ bo@ i i i i re"itere3 re"itere3 re"itere3 re"itere3 b b b b the the the the o#eration o#eration o#eration o#eration of of of of uer uer uer uer or or or or a3<initrator a3<initrator a3<initrator a3<initrator

$2% $2% $2% $2% LUer LUer LUer LUer ): ): ): ): of of of of the the the the uer uer uer uer who who who who #erfor<e3 #erfor<e3 #erfor<e3 #erfor<e3 the the the the releant releant releant releant Hob. Hob. Hob. Hob. when when when when a aa a uer uer uer uer bo@ bo@ bo@ bo@ i i i i re"itere3 re"itere3 re"itere3 re"itere3

auto<aticall auto<aticall auto<aticall auto<aticall accor3in" accor3in" accor3in" accor3in" to to to to the the the the o#eration o#eration o#eration o#eration of of of of tore3 tore3 tore3 tore3 Hob Hob Hob Hob #ecifin" #ecifin" #ecifin" #ecifin" unre"itere3 unre"itere3 unre"itere3 unre"itere3 uer uer uer uer bo@bo@bo@bo@Lai"n<ent acce control SB. infor<ation flow control SB

Uer Uer Uer Uer bo@ bo@ bo@ bo@ acce acce acce acce con con con cont tt trol rol rol rol

FMT_MSA.3.2[1]

!he !S hall allow the Lai"n<ent the authorize3 i3entifie3 role to #ecif alternatie initial

alue to oerri3e the 3efault alue when an obHect or infor<ation i create3

Lai"n<ent the authorize3 i3entifie3 role

Cae Cae Cae Cae $1% $1% $1% $1% i3entifie3 i3entifie3 i3entifie3 i3entifie3 in in in in Lai"n<ent Lai"n<ent Lai"n<ent Lai"n<ent other other other other #ro#ert #ro#ert #ro#ert #ro#ert of of of of M!MSA1 M!MSA1 M!MSA1 M!MSA1 Uer Uer Uer Uer. a3<initrator . a3<initrator . a3<initrator . a3<initrator

Cae Cae Cae Cae $2% $2% $2% $2% i3entifie3 i3entifie3 i3entifie3 i3entifie3 in in in in Lai"n<ent Lai"n<ent Lai"n<ent Lai"n<ent other other other other #ro#ert #ro#ert #ro#ert #ro#ert of of of of M!MSA1 M!MSA1 M!MSA1 M!MSA1 (one (one (one (one


:e#en3encie M!MSA1 $M!MSA1L1. M!MSA1L2% . M!SM1 $M!SM1L%

FMT_MSA.3[2] StaticStaticStaticStatic attributeattributeattributeattribute initializationinitializationinitializationinitialization

FMT_MSA.3.1[2]

!he !S hall enforce the Lai"n<ent acce control SB. infor<ation flow control SB to #roi3e

Lelection. chooe one of retrictie. #er<iie. Lai"n<ent other #ro#ert 3efault alue for

ecurit attribute $Secure Secure Secure Secure #rint #rint #rint #rint internal internal internal internal control control control control ): ): ): ): % that are ue3 to enforce the SB

Lelection. chooe one of retrictie. #er<iie. Lai"n<ent other #ro#ert

L LL Lai"n<ent ai"n<ent ai"n<ent ai"n<ent other other other other #ro#ert #ro#ert #ro#ert #ro#ert )3entifie3 )3entifie3 )3entifie3 )3entifie3 uniIuel uniIuel uniIuel uniIuel

Lai"n<ent acce control SB. infor<ation flow control SB

Secure Secure Secure Secure #rint #rint #rint #rint file file file file acce acce acce acce control control control control

FMT_MSA.3.2[2]




( (( (one one one one


:e#en3encie M!MSA1 $(/A% . M!SM1 $(/A%

FMT_MSA.3[3] StaticStaticStaticStatic attributeattributeattributeattribute initializationinitializationinitializationinitialization

FMT_MSA.3.1[3]


Lelection. chooe one of retrictie. #er<iie. Lai"n<ent other #ro#ert 3efault alue for

ecurit attribute $Uer Uer Uer Uer bo@ bo@ bo@ bo@ attribute attribute attribute attribute of of of of uer uer uer uer bo@ bo@ bo@ bo@ file file file file % that are ue3 to enforce the SBLelection. chooe one of retrictie. #er<iie. Lai"n<ent other #ro#ert

Lai"n<ent Lai"n<ent Lai"n<ent Lai"n<ent other other other other #ro# #ro# #ro# #ro#ert ert ert ert Corre#on3 Corre#on3 Corre#on3 Corre#on3 with with with with the the the the alue alue alue alue of of of of the the the the uer uer uer uer bo@ bo@ bo@ bo@ attribute attribute attribute attribute of of of of the the the the uer uer uer uer bo@ bo@ bo@ bo@

that that that that electe3 electe3 electe3 electe3 a a a a a aa a tar"et tar"et tar"et tar"et to to to to tore tore tore tore the the the the uer uer uer uer bo@ bo@ bo@ bo@ file file file file concerne3concerne3concerne3concerne3


Uer Uer Uer Uer bo@ bo@ bo@ bo@ acce acce acce acce control control control control

FMT_MSA.3.2[3]




(one (one (one (one







57 / 112

FMT_MSA.3[4] Static attribute initializationStatic attribute initializationStatic attribute initializationStatic attribute initialization

FMT_MSA.3.1[4]


Lelection chooe one of retrictie. #er<iie. Lai"n<ent other #ro#ert 3efault alue for the

ecurit attribute $Uer attribute Uer attribute Uer attribute Uer attribute ofofofof ): N #rint ): N #rint ): N #rint ): N #rint file file file file % that are ue3 to enforce the SB

Lelection chooe one of retrictie. #er<iie. Lai"n<ent other #ro#ert

Lai"n<ent other #ro#ertLai"n<ent other #ro#ertLai"n<ent other #ro#ertLai"n<ent other #ro#ert Shall beShall beShall beShall be eIual to eIual to eIual to eIual to the alue the alue the alue the alue of the uer attribute of the uer of the uer attribute of the uer of the uer attribute of the uer of the uer attribute of the uer whowhowhowho

toretoretoretore thatthatthatthat ): N #rint ): N #rint ): N #rint ): N #rint file file file file


): N #rint ): N #rint ): N #rint ): N #rint filefilefilefile acce control acce control acce control acce control

FMT_MSA.3.2[4]

!he !S hall allow the Lai"n<ent the authorie3 i3entifie3 role to #ecif alternatie initial



(one (one (one (one



FMT_MTD.1[1] Mana"e<entMana"e<entMana"e<entMana"e<ent of of of of !S!S!S!S 3ata3ata3ata3ata

FMT_MTD.1.1[1]

$ $$ $When When When When the the the the L<achine L<achine L<achine L<achine authentication authentication authentication authentication i i i i electe3 electe3 electe3 electe3 a a a a the the the the Uer Uer Uer Uer authentication authentication authentication authentication <etho3 <etho3 <etho3 <etho3% %% % !he !S hall

retrict the abilit to Lelection chan"e3efault. Iuer. <o3if. 3elete. clear . Lai"n<ent other

o#eration the Lai"n<ent lit of !S 3ata to Lai"n<ent the authorize3 i3entifie3 role

Lai"n<ent lit of !S 3ata

Uer Uer Uer Uer # ## #awor3 awor3 awor3 awor3

Lelection chan"e3efault. Iuer. <o3if. 3elete. clear . Lai"n<ent other o#eration

Lai"n<entLai"n<entLai"n<entLai"n<ent other other other other o#eration o#eration o#eration o#eration e"itration e"itration e"itration e"itration

Lai"n<ent the authorize3 i3entifie3 role A3<initrator A3<initrator A3<initrator A3<initrator




FMT_MTD.1.1[2]

$ $$ $When When When When the the the the L<achine L<achine L<achine L<achine authentication authentication authentication authentication i i i i electe3 electe3 electe3 electe3 a a a a the the the the Uer Uer Uer Uer authentication authentication authentication authentication <etho3 <etho3 <etho3 <etho3% %% % !he !S hall

retrict the abilit to Lelection chan"e3efault. Iuer. <o3if. 3elete. clear . Lai"n<ent other

o#eration the Lai"n<ent lit of !S 3ata to Lai"n<ent the authorize3 i3entifie3 role


Uer Uer Uer UerJ JJ J own own own own uer uer uer uer #awor3 #awor3 #awor3 #awor3Lelection chan"e3efault. Iuer. <o3if. 3elete. clear . Lai"n<ent other o#eration

<o3if <o3if <o3if <o3if


- -- - Uer Uer Uer Uer

- -- - A3<initrator A3<initrator A3<initrator A3<initrator


:e#en3encie M!SM1 $M!SM1% . M!SM1 $M!SM1L2. M!SM1L%


FMT_MTD.1.1[3]!he !S hall retrict the abilit to Lelection chan"e3efault. Iuer. <o3if. 3elete. clear . Lai"n<ent

other o#eration the Lai"n<ent lit of !S 3ata to Lai"n<ent the authorize3 i3entifie3 role





58 / 112


- -- - Uer Uer Uer Uer ): ): ): ):

- -- - Account Account Account Account ): ): ): ):

- -- - Account Account Account Account #awor3 #awor3 #awor3 #awor3

- -- - Secure Secure Secure Secure #rint #rint #rint #rint #awor3 #awor3 #awor3 #awor3

- -- - Banel Banel Banel Banel auto auto auto auto lo" lo" lo" lo"- -- -off off off off ti<e ti<e ti<e ti<e

- -- - !hrehol3 !hrehol3 !hrehol3 !hrehol3 (u<ber (u<ber (u<ber (u<ber of of of of authentication authentication authentication authentication failure failure failure failure- -- - ,@ternal ,@ternal ,@ternal ,@ternal erer erer erer erer authentication authentication authentication authentication ettin" ettin" ettin" ettin" 3ata 3ata 3ata 3ata

- -- - S/ S/ S/ S/M)M, M)M, M)M, M)M, certificate certificate certificate certificate = == =

- -- - +elon"in" +elon"in" +elon"in" +elon"in" Account Account Account Account of of of of Uer Uer Uer Uer

- -- - e e e eleae ti<e ofleae ti<e ofleae ti<e ofleae ti<e of o#eration #rohibition foro#eration #rohibition foro#eration #rohibition foro#eration #rohibition for A3<initrator A3<initrator A3<initrator A3<initrator authentication authentication authentication authentication

- -- - ,ncr#tion ,ncr#tion ,ncr#tion ,ncr#tion #a#hrae #a#hrae #a#hrae #a#hrae

- -- - S(MB S(MB S(MB S(MB #awor3 #awor3 #awor3 #awor3

- -- - !S) !S) !S) !S) receiin" receiin" receiin" receiin" ettin" ettin" ettin" ettin" 3ata 3ata 3ata 3ata

- -- - Web:A4 erer #awor3 Web:A4 erer #awor3 Web:A4 erer #awor3 Web:A4 erer #awor3




A3<initrator A3<initrator A3<initrator A3<initratorierarchical to (o other co<#onent



FMT_MTD.1.1[4]

!he !S hall retrict the abilit to Lelection chan"e3efault. Iuer. <o3if. 3elete. clear . Lai"n<ent



Uer Uer Uer Uer bo@ bo@ bo@ bo@ #awor3 #awor3 #awor3 #awor3 of of of of th th th the ee e releant releant releant releant uer uer uer uer bo@ bo@ bo@ bo@


<o3if <o3if <o3if <o3ifLai"n<ent the authorize3 i3entifie3 role

- -- - Uer Uer Uer Uer who who who who i i i i #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to ue ue ue ue that that that that #ublic #ublic #ublic #ublic uer uer uer uer bo@ bo@ bo@ bo@



:e#en3encie M!SM1 $M!SM1% . M!SM1 $M!SM1L2. M!SM1LF%


FMT_MTD.1.1[5]


other o#eration the Lai"n<ent lit of !S 3ata to Lai"n<ent the authorize3 i3entifie3 role Lai"n<ent lit of !S 3ata

Uer Uer Uer Uer bo@ bo@ bo@ bo@ #awor3 #awor3 #awor3 #awor3


L LL Lai"n<ent ai"n<ent ai"n<ent ai"n<ent other other other other o#eration o#eration o#eration o#eration e"itration e"itration e"itration e"itration


- -- - Uer Uer Uer Uer



:e#en3encie M!SM1 $M!SM1% . M!SM1 $M!SM1L2. M!SM1L%

9 )t inten3 the o#eration of re#lacin" a ettable 3i"ital certificate for each uer in tea3 of the <o3ification of thealue itelf





59 / 112


FMT_MTD.1.1[6]




A3<initrator A3<initrator A3<initrator A3<initrator #awor3 #awor3 #awor3 #awor3





- -- - Serice Serice Serice Serice , ,, ,n"ineer n"ineer n"ineer n"ineer




FMT_MTD.1.1[7]!he !S hall retrict the abilit to Lelection chan"e3efault. Iuer. <o3if. 3elete. clear . Lai"n<ent




- -- - Uer Uer Uer Uer #awor3 #awor3 #awor3 #awor3


- -- - Uer Uer Uer Uer bo@ bo@ bo@ bo@ #awor3 #awor3 #awor3 #awor3

- -- - Se Se Se Secure #rint #awor3cure #rint #awor3cure #rint #awor3cure #rint #awor3

- -- - Web:A4 erer #awor3 Web:A4 erer #awor3 Web:A4 erer #awor3 Web:A4 erer #awor3


Iuer Iuer Iuer Iuer

Lai"n<ent the authorize3 i3entifie3 role A3<initrator A3<initrator A3<initrator A3<initrator




FMT_MTD.1.1[8]




Secure Secure Secure Secure #rint #rint #rint #rint #awor3 #awor3 #awor3 #awor3

Lelection chan"e3efault. Iuer. <o3if. 3elete. clear . Lai"n<ent other o#eration Lai"n<ent Lai"n<ent Lai"n<ent Lai"n<ent other other other other o#er o#er o#er o#eration ation ation ation e"itration e"itration e"itration e"itration


Uer Uer Uer Uer


:e#en3encie M!SM1 $M!SM1% . M!SM1 $M!SM1L%


FMT_MTD.1.1[9]


other o#eration the Lai"n<ent lit of !S 3ata to Lai"n<ent the authorize3 i3entifie3 role Lai"n<ent lit of !S 3ata

- -- - C, C, C, C, #awor3 #awor3 #awor3 #awor3





60 / 112

- -- - e e e eleae ti<e ofleae ti<e ofleae ti<e ofleae ti<e of o#eration #rohibition foro#eration #rohibition foro#eration #rohibition foro#eration #rohibition for C, C, C, C, authentication authentication authentication authentication




Serice Serice Serice Serice ,n"ineer ,n"ineer ,n"ineer ,n"ineer




FMT_MTD.1.1[10]




Uer Uer Uer Uer ): ): ): ):


Lai"n<ent Lai"n<ent Lai"n<ent Lai"n<ent other other other other o#eration o#eration o#eration o#eration e"itration e"itration e"itration e"itration


A3<initrator. A3<initrator. A3<initrator. A3<initrator. ,@ternal ,@ternal ,@ternal ,@ternal erer erer erer erer



FMT_MTD.1[11] Mana"e<eMana"e<eMana"e<eMana"e<entntntnt of of of of !S!S!S!S 3ata3ata3ata3ata

FMT_MTD.1.1[11]





- -- - Account Account Account Account #awor3 #awor3 #awor3 #awor3- -- - S/M)M, S/M)M, S/M)M, S/M)M, certificate certificate certificate certificate

- -- - :ata of !S) rece#tion ettin" :ata of !S) rece#tion ettin" :ata of !S) rece#tion ettin" :ata of !S) rece#tion ettin"

- -- - :ata of e@ternal erer authentication ettin" :ata of e@ternal erer authentication ettin" :ata of e@ternal erer authentication ettin" :ata of e@ternal erer authentication ettin"








FMT_MTD.1.1[12]




+elon"in" +elon"in" +elon"in" +elon"in" Account Account Account Account of of of of a aa a uer uer uer uer oneelf oneelf oneelf oneelf




A3<initra A3<initra A3<initra A3<initrator.tor.tor.tor. the the the the uer uer uer uer who who who who i i i i #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to ue ue ue ue of of of of the the the the account account account account 10 10 10 10


10 A uer who inJt relate3 with an account na<e. an3 who wa infor<e3 of the account #awor3 for the account): fro< the a3<initrator off-line





61 / 112


FMT_MTD.1[13] Mana"e<ent of !S 3ataMana"e<ent of !S 3ataMana"e<ent of !S 3ataMana"e<ent of !S 3ata

FMT_MTD.1.1[13]

!he !S hall retrict the abilit to Lelection chan"e3efault. Iuer. <o3if. 3elete. clear . Lai"n<entother o#eration the Lai"n<ent lit of !S 3ata to Lai"n<ent the authorize3 i3entifie3 role


U UU Uer ): er ): er ): er ):

Account ): Account ): Account ): Account ):


Lai"n<ent other o#eration Baue an3 reu<e Lai"n<ent other o#eration Baue an3 reu<e Lai"n<ent other o#eration Baue an3 reu<e Lai"n<ent other o#eration Baue an3 reu<e





FMT_SMF.1 S#ecificationS#ecificationS#ecificationS#ecification of of of of Mana"e<entMana"e<entMana"e<entMana"e<ent unctionunctionunctionunction

FMT_SMF.1.1

!he !S hall be ca#able of #erfor<in" the followin" <ana"e<ent function Lai"n<ent lit of

<ana"e<ent function to be #roi3e3 b the !S

Lai"n<ent lit of <ana"e<ent function to be #roi3e3 b the !S

- -- - Sto# Sto# Sto# Sto# unction unction unction unction of of of of ,nhance3 ,nhance3 ,nhance3 ,nhance3 ecurit ecurit ecurit ecurit function function function function b b b b a3<initrator a3<initrator a3<initrator a3<initrator

- -- - '#eration etu# function of'#eration etu# function of'#eration etu# function of'#eration etu# function of ): N #rint ): N #rint ): N #rint ): N #rint function b a3<initrator function b a3<initrator function b a3<initrator function b a3<initrator

- -- - '#eration '#eration '#eration '#eration Metho3 Metho3 Metho3 Metho3 S SS Settin" ettin" ettin" ettin" unction unction unction unction of of of of Uer Uer Uer Uer Authentication Authentication Authentication Authentication unction unction unction unction b b b b a3<initrator a3<initrator a3<initrator a3<initrator

- -- - '#eration '#eration '#eration '#eration Metho3 Metho3 Metho3 Metho3 Settin" Settin" Settin" Settin" unction unction unction unction of of of of Account Account Account Account Authentication Authentication Authentication Authentication unction unction unction unction b b b b a3<initrator a3<initrator a3<initrator a3<initrator

- -- - '#eration '#eration '#eration '#eration Settin" Settin" Settin" Settin" unction unction unction unction of of of of S(MB S(MB S(MB S(MB #awor3 #awor3 #awor3 #awor3 authentication authentication authentication authentication function function function function b b b b a3<initrator a3<initrator a3<initrator a3<initrator

- -- - Settin" Settin" Settin" Settin" function function function function of of of of a aa authentication uthentication uthentication uthentication failure failure failure failure freIuenc freIuenc freIuenc freIuenc threhol3 threhol3 threhol3 threhol3 b b b b a3<initrator a3<initrator a3<initrator a3<initrator in in in in the the the the authentication authentication authentication authentication

o#eration o#eration o#eration o#eration #rohibition #rohibition #rohibition #rohibition function function function function- -- - +ac;u# +ac;u# +ac;u# +ac;u# unction unction unction unction b b b b a3<initrator a3<initrator a3<initrator a3<initrator 11 11 11 11

- -- - etor etor etor etoration ation ation ation unction unction unction unction b b b b a3<initrator a3<initrator a3<initrator a3<initrator 12 12 12 12

- -- - e"itration e"itration e"itration e"itration function function function function of of of of account account account account ): ): ): ): b b b b a3<initrator a3<initrator a3<initrator a3<initrator

- -- - Mo3ific Mo3ific Mo3ific Mo3ification ation ation ation function function function function of of of of account account account account ): ): ): ): b b b b a3<initrator a3<initrator a3<initrator a3<initrator

- -- - e"itration e"itration e"itration e"itration function function function function of of of of account account account account #awor3 #awor3 #awor3 #awor3 b b b b a3<initrator a3<initrator a3<initrator a3<initrator

- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of account account account account #awor3 #awor3 #awor3 #awor3 b b b b a3<initrator a3<initrator a3<initrator a3<initrator

- -- - Banel Banel Banel Banel Auto Auto Auto Auto *o" *o" *o" *o"- -- -off off off off !i<e !i<e !i<e !i<e Settin" Settin" Settin" Settin" unction unction unction unction b b b b a3<initrator a3<initrator a3<initrator a3<initrator

- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of a aa a3<initrator 3<initrator 3<initrator 3<initrator #awor3 #awor3 #awor3 #awor3 b b b b a3<initrator a3<initrator a3<initrator a3<initrator

- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of S(MB S(MB S(MB S(MB #awor3 #awor3 #awor3 #awor3 b b b b a3<initrator a3<initrator a3<initrator a3<initrator

- -- - e"itration e"itration e"itration e"itration function function function function of of of of uer uer uer uer bo@ bo@ bo@ bo@ #awor3 #awor3 #awor3 #awor3 b b b b a3<initrator a3<initrator a3<initrator a3<initrator

- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of uer uer uer uer bo@ bo@ bo@ bo@ #awor3 #awor3 #awor3 #awor3 b b b b a3<initrator a3<initrator a3<initrator a3<initrator

- -- - Mo3ification function of Web:A4Mo3ification function of Web:A4Mo3ification function of Web:A4Mo3ification function of Web:A4 erer #awor3 berer #awor3 berer #awor3 berer #awor3 b a3<initrator a3<initrator a3<initrator a3<initrator

- -- - e"itration function of uer bo@ b a3<initrator e"itration function of uer bo@ b a3<initrator e"itration function of uer bo@ b a3<initrator e"itration function of uer bo@ b a3<initrator

- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of uer uer uer uer attribute attribute attribute attribute of of of of the the the the uer uer uer uer bo@ bo@ bo@ bo@ b b b b the the the the a3<initrator a3<initrator a3<initrator a3<initrator

- -- - e"itration e"itration e"itration e"itration function function function function of of of of uer uer uer uer ): ): ): ): b b b b a3<initrator a3<initrator a3<initrator a3<initrator

- -- - Sto# Sto# Sto# Sto# function of uer b a3<ini function of uer b a3<ini function of uer b a3<ini function of uer b a3<initrator trator trator trator

- -- - eu<e function of uer b a3<initrator eu<e function of uer b a3<initrator eu<e function of uer b a3<initrator eu<e function of uer b a3<initrator

- -- - Sto# Sto# Sto# Sto# function of account b a3<initrator function of account b a3<initrator function of account b a3<initrator function of account b a3<initrator

- -- - eu<e function of account b a3<initrator eu<e function of account b a3<initrator eu<e function of account b a3<initrator eu<e function of account b a3<initrator

- -- - e"itration e"itration e"itration e"itration function function function function of of of of uer uer uer uer #awor3 #awor3 #awor3 #awor3 when when when when <etho3 <etho3 <etho3 <etho3 of of of of uer uer uer uer authentication authentication authentication authentication b b b b a3<initrator a3<initrator a3<initrator a3<initrator i i i i

<achine <achine <achine <achine authenticati authenticati authenticati authentication on on on

- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of uer uer uer uer #awor3 #awor3 #awor3 #awor3 when when when when <etho3 <etho3 <etho3 <etho3 of of of of uer uer uer uer authentication authentication authentication authentication b b b b a3<initrator a3<initrator a3<initrator a3<initrator i i i i

<achine <achine <achine <achine authentication authentication authentication authentication

11 A #art of the bac;u# function corre#on3 to the inIuir function of !S 3ata12 A #art of the retoration function corre#on3 to the <o3ification function of !S 3ata





62 / 112

- -- - e"itration e"itration e"itration e"itration function function function function of of of of S/M)M, S/M)M, S/M)M, S/M)M, certificate certificate certificate certificate b b b b a3<initrator a3<initrator a3<initrator a3<initrator

- -- - e"itration e"itration e"itration e"itration <o3ification <o3ification <o3ification <o3ification function function function function of of of of S/M)M, S/M)M, S/M)M, S/M)M, certificate certificate certificate certificate b b b b a3<init a3<init a3<init a3<initrator rator rator rator

- -- - '#eration '#eration '#eration '#eration ettin" ettin" ettin" ettin" function function function function of of of of S/M)M, S/M)M, S/M)M, S/M)M, function function function function b b b b a3<initrator a3<initrator a3<initrator a3<initrator

- -- - '#eration '#eration '#eration '#eration ettin" ettin" ettin" ettin" function function function function of of of of !rute3 !rute3 !rute3 !rute3 Channel Channel Channel Channel function function function function b b b b a3<initrator a3<initrator a3<initrator a3<initrator

- -- - e"itration e"itration e"itration e"itration function function function function of of of of +elon"in" +elon"in" +elon"in" +elon"in" Account Account Account Account of of of of uer uer uer uer b b b b a3<initrator a3<initrator a3<initrator a3<initrator

- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of +elon"in" +elon"in" +elon"in" +elon"in" Acco Acco Acco Account unt unt unt of of of of uer uer uer uer b b b b a3<initrator a3<initrator a3<initrator a3<initrator

- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of eleae ti<e ofeleae ti<e ofeleae ti<e ofeleae ti<e of o#eration #rohibition foro#eration #rohibition foro#eration #rohibition foro#eration #rohibition for A3<initrator A3<initrator A3<initrator A3<initrator authentication authentication authentication authentication b b b ba3<initrator a3<initrator a3<initrator a3<initrator

- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of ,ncr#tion ,ncr#tion ,ncr#tion ,ncr#tion #a#hrae #a#hrae #a#hrae #a#hrae b b b b a3<initrator a3<initrator a3<initrator a3<initrator

- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of !S) !S) !S) !S) receiin" receiin" receiin" receiin" ett ett ett ettin" in" in" in" 3ata 3ata 3ata 3ata b b b b a3<initrator a3<initrator a3<initrator a3<initrator

- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of C,C,C,C, #awor3 #awor3 #awor3 #awor3 b b b b erice erice erice erice en"ineer en"ineer en"ineer en"ineer

- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of a3<initrator a3<initrator a3<initrator a3<initrator #awor3 #awor3 #awor3 #awor3 b b b b erice erice erice erice en"ineer en"ineer en"ineer en"ineer

- -- - Sto# Sto# Sto# Sto# function function function function of of of of ,nhance3 ,nhance3 ,nhance3 ,nhance3 Securit Securit Securit Securit function function function function b b b b erice erice erice erice en"ineer en"ineer en"ineer en"ineer

- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of eleae eleae eleae eleae ti<e ofti<e ofti<e ofti<e of o#eration #rohibition foro#eration #rohibition foro#eration #rohibition foro#eration #rohibition for C, C, C, C, authentication authentication authentication authentication b b b b erice erice erice erice

en"ineer en"ineer en"ineer en"ineer

- -- - 'erwrite 'erwrite 'erwrite 'erwrite function function function function for for for for the the the the 3efault 3efault 3efault 3efault alue alue alue alue of of of of the the the the uer uer uer uer attribute attribute attribute attribute of of of of the the the the uer uer uer uer bo@ bo@ bo@ bo@ b b b b the the the the ueruerueruer

- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of uer uer uer uer #awor3 #awor3 #awor3 #awor3 when when when when <etho3 <etho3 <etho3 <etho3 of of of of uer uer uer uer authentication authentication authentication authentication i i i i <achine <achine <achine <achine

a aa authentication uthentication uthentication uthentication b b b b uer uer uer uer

- -- - e"itration e"itration e"itration e"itration function function function function of of of of uer uer uer uer bo@ bo@ bo@ bo@ #awor3 #awor3 #awor3 #awor3 b b b b uer uer uer uer

- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of uer uer uer uer attribute attribute attribute attribute of of of of uer uer uer uer bo@ bo@ bo@ bo@ b b b b uer uer uer uer

- -- - e"itration e"itration e"itration e"itration function function function function of of of of +elon"in" +elon"in" +elon"in" +elon"in" Account Account Account Account of of of of uer uer uer uer oneelf oneelf oneelf oneelf b b b b uer uer uer uer who who who who i i i i #er<itte3 #er<itte3 #er<itte3 #er<itte3 the the the the ue ue ue ue of of of of the the the the

account account account account

- -- - Uer Uer Uer Uer bo@ bo@ bo@ bo@ re"itration re"itration re"itration re"itration function function function function b b b b uer uer uer uer

- -- - Auto<atic Auto<atic Auto<atic Auto<atic B BB Beronal eronal eronal eronal uer uer uer uer bo@ bo@ bo@ bo@ re"itration re"itration re"itration re"itration function function function function b b b b uer uer uer uer bo@ bo@ bo@ bo@ tore3 tore3 tore3 tore3 Hob Hob Hob Hob that that that that #ecifie #ecifie #ecifie #ecifie unre"itere3 unre"itere3 unre"itere3 unre"itere3

bo@ bo@ bo@ bo@ b b b b uer uer uer uer

- -- - Ma Ma Ma Machine chine chine chine non non non non- -- -re"itere3 re"itere3 re"itere3 re"itere3 uer uer uer uerJ JJ J uer uer uer uer ): ): ): ): auto<atic auto<atic auto<atic auto<atic re"itration re"itration re"itration re"itration function function function function with with with with e@ternal e@ternal e@ternal e@ternal erer erer erer erer when when when when

uer uer uer uer authe authe authe authentic ntic ntic ntication ation ation ation <etho3 <etho3 <etho3 <etho3 i i i i e@ternal e@ternal e@ternal e@ternal erer erer erer erer authentication authentication authentication authentication

- -- - e"itration e"itration e"itration e"itration function function function function of of of of ecure ecure ecure ecure #rint #rint #rint #rint #awor3 #awor3 #awor3 #awor3 accor3in" accor3in" accor3in" accor3in" to to to to ecure ecure ecure ecure #rint #rint #rint #rint file file file file re"itration re"itration re"itration re"itration b b b b uer uer uer uer

- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of uer uer uer uer attribute attribute attribute attribute of of of of uer uer uer uer bo@ bo@ bo@ bo@ b b b b uer uer uer uer who who who who i i i i #er<itte3 #er<itte3 #er<itte3 #er<itte3 the the the the ue ue ue ue of of of of #ublic #ublic #ublic #ublic uer uer uer uer b bb bo@ o@ o@ o@

- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of uer uer uer uer bo@ bo@ bo@ bo@ #awor3 #awor3 #awor3 #awor3 of of of of the the the the uer uer uer uer bo@ bo@ bo@ bo@ b b b b uer uer uer uer who who who who i i i i #er<itte3 #er<itte3 #er<itte3 #er<itte3 the the the the ue ue ue ue of of of of #ublic #ublic #ublic #ublic

uer uer uer uer bo@ bo@ bo@ bo@

- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of the the the the concerne3 concerne3 concerne3 concerne3 uer uer uer uer bo@ bo@ bo@ bo@J JJ J uer uer uer uer attribute attribute attribute attribute b b b b uer uer uer uer who who who who i i i i #er<itte3 #er<itte3 #er<itte3 #er<itte3 the the the the ue ue ue ue of of of ofthe the the the "rou# "rou# "rou# "rou# bo@ bo@ bo@ bo@



FMT_SMR.1[1] SecuritSecuritSecuritSecurit rolerolerolerole

FMT_SMR.1.1[1]

!he !S hall <aintain the role Lai"n<ent the authorie3 i3entifie3 role

Lai"n<ent the authorie3 i3entifie3 role

Serice Serice Serice Serice ,n"ineer ,n"ineer ,n"ineer ,n"ineer

FMT_SMR.1.2[1]!he !S hall be able to aociate uer with role




FMT_SMR.1.1[2]




FMT_SMR.1.2[2]

!he !S hall be able to aociate uer with roleierarchical to (o other co<#onent





63 / 112



FMT_SMR.1.1[3]

!he !S hall <aintain the role Lai"n<ent the authorie3 i3entifie3 role Lai"n<ent the authorie3 i3entifie3 role

U UU Uer er er er

FMT_SMR.1.2[3]

!he !S hall be able to aociate uer with role


:e#en3encie )AU):1 $)AU):2L%


FMT_SMR.1.1[4]


Lai"n<ent the authorie3 i3entifie3 role Uer Uer Uer Uer who who who who i i i i authorize3 authorize3 authorize3 authorize3 to to to to ue ue ue ue that that that that #ublic #ublic #ublic #ublic uer uer uer uer bo@ bo@ bo@ bo@

FMT_SMR.1.2[4]





FMT_SMR.1.1[5]


Lai"n<ent the authorie3 i3entifie3 role ,@ternal ,@ternal ,@ternal ,@ternal erer erer erer erer

FMT_SMR.1.2[5]



:e#en3encie )AU):1 $)AU):2LR%


FMT_SMR.1.1[6]



! !! !he he he he uer uer uer uer who who who who i i i i #er<i #er<i #er<i #er<itte3 tte3 tte3 tte3 to to to to ue ue ue ue of of of of the the the the account account account account

FMT_SMR.1.2[6]




6115611561156115 !', Acce

FTA_SSL.3 !S!S!S!S----initiate3initiate3initiate3initiate3 ter<inationter<inationter<inationter<ination

FTA_SSL.3.1

!he !S hall ter<inate an interactie eion after a Lai"n<ent ti<e interal of uer inactiit

Lai"n<ent ti<e interal of uer inactiit





64 / 112

!i<e !i<e !i<e !i<e 3eci3e3 3eci3e3 3eci3e3 3eci3e3 fro< fro< fro< fro< the the the the final final final final o#eration o#eration o#eration o#eration 3e#en3in" 3e#en3in" 3e#en3in" 3e#en3in" on on on on the the the the #anel #anel #anel #anel auto auto auto auto lo"off lo"off lo"off lo"off ti<e ti<e ti<e ti<e $1 $1 $1 $1- -- -= == = <inute/% <inute/% <inute/% <inute/% while while while while a aa a

a3<in a3<in a3<in a3<initrator itrator itrator itrator or or or or a aa a uer uer uer uer i i i i o#eratin" o#eratin" o#eratin" o#eratin" on on on on the the the the #anel #anel #anel #anel



6116611661166116 !rute3 Ba/Channel

FTP_ITC.1 )nter)nter)nter)nter----!S!S!S!S trute3trute3trute3trute3 channelchannelchannelchannel

FTP_ITC.1.1

!he !S hall #roi3e a co<<unication channel between itelf an3 another trute3 )! #ro3uct that i

lo"icall 3itinct fro< other co<<unication channel an3 #roi3e aure3 i3entification of it en3

#oint an3 #rotection of the channel 3ata fro< <o3ification or 3icloure

FTP_ITC.1.2

!he !S hall #er<it Lelection the !S. another trute3 )! #ro3uct to initiate co<<unication ia the

trute3 channel

Lelection the !S. another trute3 )! #ro3uct

!he !he !he !he other other other other trute3 trute3 trute3 trute3 )! )! )! )! #ro3uct #ro3uct #ro3uct #ro3uctFTP_ITC.1.3

!he !S hall initiate co<<unication ia the trute3 channel for Lai"n<ent lit of function for which

a trute3 channel i reIuire3

Lai"n<ent lit of function for which a trute3 channel i reIuire3

- -- - :ownloa3 :ownloa3 :ownloa3 :ownloa3 of of of of the the the the uer uer uer uer bo@ bo@ bo@ bo@ filefilefilefile

- -- - U#loa3 U#loa3 U#loa3 U#loa3 of of of of the the the the i<a"e i<a"e i<a"e i<a"e file file file file that that that that will will will will be be be be tore3 tore3 tore3 tore3 a a a a a aa a uer uer uer uer bo@ bo@ bo@ bo@ filefilefilefile

- -- - U UU U#loa3 #loa3 #loa3 #loa3 of of of of the the the the i<a"e i<a"e i<a"e i<a"e file file file file that that that that will will will will be be be be the the the the ecure ecure ecure ecure #rint #rint #rint #rint filefilefilefile

- -- - U#loa3 of the i<a"e file that will be the ): N Brint fileU#loa3 of the i<a"e file that will be the ): N Brint fileU#loa3 of the i<a"e file that will be the ): N Brint fileU#loa3 of the i<a"e file that will be the ): N Brint file



611R611R611R611R ,@tenion e<ainin" All )nfor<ation Brotection

FAD_RIP.1 Brotection of all re<aiBrotection of all re<aiBrotection of all re<aiBrotection of all re<aininininin" infor<ation after e@#licit 3eletion o#erationn" infor<ation after e@#licit 3eletion o#erationn" infor<ation after e@#licit 3eletion o#erationn" infor<ation after e@#licit 3eletion o#eration

FAD_RIP.1.1

!S hall enure that the content of the infor<ation allocate3 to ource before hall not be aailable

after the e@#licit 3eletion o#eration a"aint the obHect an3 !S 3ata Lai"n<ent lit of obHect an3 lit

of !S 3ata

Lai"n<ent *it of obHect an3 lit of !S 3ata

8 88 8'bHect 'bHect 'bHect 'bHect9 99 9

- -- - Uer Uer Uer Uer +o@ +o@ +o@ +o@ file file file file

- -- - Secure Secure Secure Secure #rint #rint #rint #rint file file file file

- -- - ): N #rint ): N #rint ): N #rint ): N #rint file file file file

- -- - 'n 'n 'n 'n- -- -<e< <e< <e< <e<o oo or r r r i<a"e i<a"e i<a"e i<a"e file file file file

- -- - Store3 Store3 Store3 Store3 i<a"e i<a"e i<a"e i<a"e file file file file

- -- - :: r :: r :: r :: re<ainin" e<ainin" e<ainin" e<ainin" i<a"e i<a"e i<a"e i<a"e file file file file

- -- - ) )) )<a"e <a"e <a"e <a"e- -- -relate3 relate3 relate3 relate3 file file file file

- -- - !ran<iion !ran<iion !ran<iion !ran<iion a33re a33re a33re a33re 3ata 3ata 3ata 3ata file file file file

8 88 8!S !S !S !S 3ata 3ata 3ata 3ata9 99 9

- -- - ,ncr#tion ,ncr#tion ,ncr#tion ,ncr#tion #a#hrae #a#hrae #a#hrae #a#hrae

- -- - A3<initrator A3<initrator A3<initrator A3<initrator #awor3 #awor3 #awor3 #awor3


- -- - Web:A4 erer #awor3 Web:A4 erer #awor3 Web:A4 erer #awor3 Web:A4 erer #awor3- -- - Uer Uer Uer Uer ): ): ): ):

- -- - Uer Uer Uer Uer #awor3 #awor3 #awor3 #awor3





65 / 112

- -- - Uer Uer Uer Uer +o@ +o@ +o@ +o@ #awor3 #awor3 #awor3 #awor3

- -- - Secure Secure Secure Secure #rint #rint #rint #rint #awor3 #awor3 #awor3 #awor3



- -- - S/M)M, S/M)M, S/M)M, S/M)M, certificate certificate certificate certificate

- -- - SS* certificate SS* certificate SS* certificate SS* certificate

ierarchical to (o other co<#onent:e#en3encie (o 3e#en3encie

6117611761176117 ,@tenion Ca#abilit of Uin" )! ,niron<ent ,ntit

FIT_CAP.1[1] Ca#abilitCa#abilitCa#abilitCa#abilit of of of of uin"uin"uin"uin" ecuritecuritecuritecurit ericeericeericeerice of of of of )!)!)!)! eniron<enteniron<enteniron<enteniron<ent entitentitentitentit

FIT_CAP.1.1[1]

!S hall #roi3e the necear ca#abilit to ue the erice for Lai"n<ent ecurit erice #roi3e3

b )! eniron<ent entit Lai"n<ent necear ca#abilit lit for the o#eration of ecurit erice

Lai"n<ent ecurit erice #roi3e3 b )! eniron<ent entit Uer Uer Uer Uer authentication authentication authentication authentication function function function function of of of of uer uer uer uer infor<ation infor<ation infor<ation infor<ation <ana"e<ent <ana"e<ent <ana"e<ent <ana"e<ent erer erer erer erer uin" uin" uin" uin" Actie :irector Actie :irector Actie :irector Actie :irector

Lai"n<ent necear ca#abilit lit for the o#eration of ecurit erice

- -- - )nIuir )nIuir )nIuir )nIuir function function function function of of of of authentication authentication authentication authentication infor<atio infor<atio infor<atio infor<ation nn n for for for for the the the the i3entification i3entification i3entification i3entification an3 an3 an3 an3 authentication authentication authentication authentication tar"et tar"et tar"et tar"et uer uer uer uer

- -- - AcIuire<ent AcIuire<ent AcIuire<ent AcIuire<ent function function function function of of of of authentication authentication authentication authentication infor<ation infor<ation infor<ation infor<ation for for for for the the the the i3entification i3entification i3entification i3entification an3 an3 an3 an3 authentication authentication authentication authentication tar"et tar"et tar"et tar"et

uer uer uer uer



FIT_CAP.1[2] Ca#abilitCa#abilitCa#abilitCa#abilit of of of of uin"uin"uin"uin" ecuritecuritecuritecurit ericeericeericeerice of of of of )!)!)!)! eniron<enteniron<enteniron<enteniron<ent entitentitentitentit

FIT_CAP.1.1[2]!S hall #roi3e the necear ca#abilit to ue the erice for Lai"n<ent ecurit erice #roi3e3

b )! eniron<ent entit Lai"n<ent necear ca#abilit lit for the o#eration of ecurit erice

Lai"n<ent ecurit erice #roi3e3 b )! eniron<ent entit

:: e :: e :: e :: encr#tion ncr#tion ncr#tion ncr#tion function function function function achiee3 achiee3 achiee3 achiee3 b b b b AS)C AS)C AS)C AS)C

Lai"n<ent necear ca#abilit lit for the o#eration of ecurit erice

Su##ort Su##ort Su##ort Su##ort function function function function of the of the of the of the i ii i<a"e file<a"e file<a"e file<a"e file #rocein" #rocein" #rocein" #rocein" b b b b :::::::: encr#tion encr#tion encr#tion encr#tion function function function function



612612612612 !', Securit Aurance eIuire<ent

!he !', i a co<<ercial office #ro3uct that i ue3 in a "eneral office eniron<ent. an3

therefore a !', ecurit aurance reIuire<ent that i reIuire3 for ,A* confor<ance. which

i a ufficient leel a an aurance for co<<ercial office #ro3uct. i a##lie3 !he followin" table

u<<arize the a##lie3 !', ecurit aurance reIuire<ent

!!!!ableableableable 7777 !',!',!',!', SecuritSecuritSecuritSecurit Aurance Aurance Aurance Aurance eIuire<enteIuire<enteIuire<enteIuire<ent

!', Securit Aurance eIuire<ent Co<#onent

Securit architecture 3ecri#tion A:4AC1 A:4 :eelo#<entunctional #ecification with co<#lete u<<ar A:4SB





66 / 112

!', Securit Aurance eIuire<ent Co<#onent

Architectural 3ei"n A:4!:S2

'#erational uer "ui3ance AG:'B,1 AG: Gui3ance 3ocu<ent

Bre#aratie #roce3ure AG:B,1

Authoriation control A*CCMC

)<#le<entation re#reentation CM coera"e A*CCMS

:elier #roce3ure A*C:,*1

)3entification of ecurit <eaure A*C:4S1

A*C *ife Ccle Su##ort

:eelo#er 3efine3 life-ccle <o3el A*C*C:1

Confor<ance clai< AS,CC*1

,@ten3e3 co<#onent 3efinition AS,,C:1

S! intro3uction AS,)(!1

Securit obHectie AS,'+>2

:erie3 ecurit reIuire<ent AS,,T2

Securit #roble< 3efinition AS,SB:1

AS, Securit !ar"et ,aluation

!', u<<ar #ecification AS,!SS1

Anali of coera"e A!,C'42

!etin" baic 3ei"n A!,:B!1

unctional tetin" A!,U(1 A!, !et

)n3e#en3ent tetin" - a<#le A!,)(:2

A4A 4ulnerabilit Ae<ent 4ulnerabilit anali A4A4A(2

62626262 )! Securit eIuire<ent ationale

621621621621 ationale for )! Securit unctional eIuire<ent

6211621162116211 (eceit

!he corre#on3ence between the ecurit obHectie an3 the )! ecurit functional

reIuire<ent are hown in the followin" table )t how that the )! ecurit functional

reIuire<ent corre#on3 to at leat one ecurit obHectie

!able!able!able!able ==== Confor<itConfor<itConfor<itConfor<it of of of of )!)!)!)! SecuritSecuritSecuritSecurit unctionalunctionalunctionalunctional eIuire<enteIuire<enteIuire<enteIuire<ent totototo SecuritSecuritSecuritSecurit 'bHectie'bHectie'bHectie'bHectie

Securit 'bHectie

Securit

unctional

eIuire<ent

O.R E

GI S T E R E D - U

S E R

O.P R I V A T E -B

OX

O.P

U B L I C -B

OX

O. GR

O U P -B

OX

O. S E

C U R E -P R I N T

O. C

ON F I G

O. OV E R WR I T E -A L L

O. C R Y P T

O-K E Y

O.T R

U S T E D -P A

S S

O. C R Y P T

O-MA I L

O.F A X - C

ON T R

OL

O.A

U T H - C A P A B I L I T Y

O. C R Y P T

O- C A P A B I L I T Y

* s e t . a d mi n

* s e t . s er v i c

e

set.admin X X X X X Xset.service X X X X X X





67 / 112

Securit 'bHectie

Securit

unctional

eIuire<ent

O.R E

GI S T E R E D

- U S E R

O.P R I V A T E -B

OX

O.P

U B L I C -B

OX

O. GR

O U P -B

OX

O. S E

C U R E -P R I N T

O. C

ON F I G

O. OV E R WR I T E -A L L

O. C R Y P T

O-K E Y

O.T R

U S T E D -P A

S S

O. C R Y P T

O-MA I L

O.F A X - C

ON T R

O

L

O.A

U T H - C A P A B

I L I T Y

O. C R Y P T

O- C A P A B I L I T Y

* s e t . a d mi n

* s e t . s er v i c

e

FCS_CKM.1 X X

FCS_COP.1 X

FDP_ACC.1[1] X X X X

FDP_ACC.1[2] X X

FDP_ACC.1[3] X

FDP_ACC.1[4] X X

FDP_ACF.1[1] X X X X

FDP_ACF.1[2] X X

FDP_ACF.1[3] XFDP_ACF.1[4] X X

FDP_IFC.1 X

FDP_IFF.1 X

FIA_AFL.1[1] X

FIA_AFL.1[2] X

FIA_AFL.1[3] X

FIA_AFL.1[4] X

FIA_AFL.1[5] X

FIA_AFL.1[6] X

FIA_AFL.1[7] X

FIA_AFL.1[8] X X X X X X

FIA_AFL.1[9] X

FIA_ATD.1 X X X X X

FIA_SOS.1[1] X X X X X X

FIA_SOS.1[2] X

FIA_SOS.1[3] X

FIA_SOS.1[4] X

FIA_SOS.1[5] X X X

FIA_SOS.2 X X X

FIA_UAU.2[1] X

FIA_UAU.2[2] X X

FIA_UAU.1[1] X

FIA_UAU.2[3] X

FIA_UAU.2[4] X

FIA_UAU.1[2] XFIA_UAU.6 X X X X X

FIA_UAU.7 X X X X X X

FIA_UID.2[1] X

FIA_UID.2[2] X X

FIA_UID.2[3] X

FIA_UID.2[4] X

FIA_UID.2[5] X

FIA_UID.2[6] X

FIA_UID.2[7] X

FIA_USB.1 X X X X X

FMT_MOF.1[1] X

FMT_MOF.1[2] X X X

FMT_MOF.1[3] X XFMT_MSA.1[1] X X

FMT_MSA.1[2] X X







69 / 112

uer i3entification an3 authentication

8(ecear reIuire<ent for i3entification an3 authentication of the uer9

)t i3entifie an3 authenticate that the uer who accee i a #er<itte3 uer b )AU):2 L

an3 )AUAU1 L1

)AUAUR return DKD for each entere3 character a fee3bac; #rotecte3 b the #anel an3

u##ort the authentication

)n the cae of the failure authentication fro< the #anel. )AA*1 L7 refue all in#ut

acce#tance fro< the #anel for 5 econ3 in eer failure When the authentication failure

reache 1- ti<e. )AA*1 LF loc; the authentication function for that uer fro< then on

!hi loc; tatu i releae3 b the a3<initratorJ releae o#eration

M!M'1 L2 #er<it onl the a3<initrator the election of the uer authentication

<etho3 which are DMachine authenticationD an3 D,@ternal erer authenticationD

M!M!:1 L #er<it onl the a3<initrator the ettin" $<o3ification% of the threhol3 of

the Authentication failure freIuenc which i the trial freIuenc of the failure authentication

in the uer authentication

)AS'S1 L5 ecure the Iualit erification of the eion infor<ation ue3 in the uer

authentication ia the networ;. an3 )AS'S2 ecure the Iualit of the eion infor<ation

which i "enerate3 an3 ue3

8(ecear reIuire<ent for <ana"in" eion of uer who i i3entifie3 an3 authenticate39

!he 3uration of eion of the uer who i i3entifie3 an3 authenticate3 contribute to re3uce

the chance of attac;in" aociate3 with unnecear eion connection. b en3in" the eion

after the #anel auto<atic lo"off ti<e ela#e with !ASS* when it lo" in fro< the #anel

!he chan"e in the #anel auto lo"off ti<e i li<ite3 to the a3<initrator b M!M!:1 L

8(ecear reIuire<ent for <ana"in" the i3entification an3 authentication infor<ation of the

uer9

When Dthe <achine authenticationD i choen in a <etho3 of the uer authentication b

M!M!:1 L1. the initial re"itration of a uer #awor3 in the uerJ re"itration i

#er<itte3 onl b the a3<initrator

When Dthe <achine authenticationD ha been electe3 in the <etho3 of the uer authentication.

the re"itration of the uer ):. #aue an3 reu<#tion of ue in the uer re"itration i

#er<itte3 to the a3<initrator b M!M!:1 L10 an3 M!M!:1 L1 When the De@ternal

erer authenticationD $ha been electe3 in the uer authentication <etho3. the uer who iauthenticate3 the i3entification i #er<itte3 fro< an e@ternal erer an3 re"itere3

auto<aticall b thi reIuire<ent $!hi corre#on3 to the uer ): re"itration of the

De@ternal ererD% At thi re"itration. the e@ternal erer accein" !', i i3entifie3 the

e@ternal erer re"itere3 b )AU):2 LR !hi <ana"e<ent behaior i <aintaine3 a the

role of the e@ternal erer b M!SM1 L5 )n a33ition. the re"itration function of uer ):

i #ecifie3 for the a3<initration function b M!SM1

!he re"itration an3 chan"e o#eration of an e@ternal erer ettin" i li<ite3 to onl the

a3<initrator b M!M!:1 L an3 M!M!:1 L11

!he Iualit of the uer #awor3 i erifie3 b )AS'S1 L When D<achine authenticationDi electe3 in the <etho3 of the uer authentication. a chan"e of the uer #awor3 i li<ite3 to





70 / 112

the uer itelf an3 the a3<initrator b M!M!:1 L2 )n a33ition. when a uer chan"e

hi/her own uer #awor3. the uer i re-authenticate3 b )AUAU6

8(ecear reIuire<ent to ;ee# the a3<initrator ecure9

refer to eta3<in

8(ecear reIuire<ent to ;ee# the erice en"ineer ecure9

refer to eterice

8ole an3 <ana"e<ent function for each <ana"e<ent9

!he role to 3o thee <ana"e<ent i <aintaine3 a a a3<initrator b M!SM1 L2 an3 a

uer b M!SM1 L Moreoer. thee <ana"e<ent function are #ecifie3 b M!SM1

!hi ecurit obHectie i atifie3 b the co<#letion of thee <ulti#le functional reIuire<ent

'B)4A!,'B)4A!,'B)4A!,'B)4A!,----+'+'+'+' $#eronal$#eronal$#eronal$#eronal ueruerueruer bo@bo@bo@bo@ acceacceacceacce control%control%control%control%

!hi ecurit obHectie li<it acce to the #eronal uer bo@ an3 the uer bo@ file in the

#eronal uer bo@ to onl the uer who own that uer bo@. an3 nee3 ariou reIuire<ent

that relate to the acce control

8Uer bo@ acce control $a #eronal uer bo@%9

After the uer ha been i3entifie3 an3 authenticate3. the uer ): i aociate3 with the ta;

of actin" a ue b )AA!:1 an3 )AUS+1 + :BACC1 L1 an3 :BAC1 L1. the

ta; of actin" the uer ha a uer ):. an3 i #er<itte3 to 3i#la the lit of the uer bo@ with a

corre#on3in" uer attribute )n a33ition. after the uer bo@ ha been electe3. when the uer

bo@ ): i aociate3 with the ta; of actin" a ue b )AA!:1 an3 )AUS+1. the

o#eration uch a a #rint. a 3ownloa3. tran<iion. a <oe<ent. an3 a co# i #er<itte3 to

the uer bo@ file that ha a corre#on3in" obHect attribute to uer ): an3 uer bo@ ): of the

ubHect attribute

8Mana"e<ent of a #eronal uer bo@9

M!MSA1 L1 #er<it to the uer an3 the a3<initrator the chan"e o#eration of the uer

attribute of the uer bo@ where the uer ): i et

A for the re"itration of the uer bo@. #ublic i a##ointe3 to the uer attribute of the uer bo@

b M!MSA L1. an3 it i #er<itte3 onl to the uer an3 a3<initrator to "ie the initialalue to chan"e the #ublic attribute )n a33ition. when the Hob to tore the non-re"itere3 uer

bo@ into the uer bo@ a##ointe3 i e@ecute3 3ue to the a<e reIuire<ent. a uer ): of the uer

who e@ecute a Hob concerne3 i a##ointe3 auto<aticall

A for the uer bo@ attribute of the uer bo@ file. the alue conitent with the uer bo@

attribute of the uer bo@ which wa electe3 a the file ae3 i et u# b M!MSA L


refer to eta3<in

8(ecear reIuire<ent to ;ee# the erice en"ineer ecure9 refer to eterice





71 / 112

8ole an3 controllin" function for each <ana"e<ent9

A the role of 3oin" thee <ana"e<ent. M!SM1 L2 <aintain an a3<initrator an3

M!SM1 L <aintain a uer #er<itte3 the ue of the uer bo@ M!SM1 #ecifie

thee <ana"e<ent function

!hi ecurit obHectie i atifie3 b the co<#letion of thee <ulti#le functional

reIuire<ent

'BU+*)C'BU+*)C'BU+*)C'BU+*)C----+' $a #ublic+' $a #ublic+' $a #ublic+' $a #ublic ueruerueruer bo@ acce control%bo@ acce control%bo@ acce control%bo@ acce control%

!hi ecurit obHectie #er<it the in#ection of the #ublic uer bo@ to all uer. an3 li<it

the ettin" of the #ublic uer bo@ an3 the o#eration of the uer function of the uer bo@ file in

the #ublic uer bo@ onl to the uer who #er<itte3 the utilization of that #ublic uer bo@ An3

it nee3 the ariou reIuire<ent re"ar3in" acce control

8Uer bo@ acce control $a #ublic uer bo@%9


of actin" a ue b )AA!:1 an3 )AUS+1 :BACC1 L1 an3 :BAC1 L1 #er<it

the lit 3i#la o#eration to the uer bo@ where #ublic i et on the uer attribute to the ta;

of actin" the uer who ha uer ):

)t i reIuire3 to be a uer who i #er<itte3 the ue of the uer bo@ to o#erate the uer bo@ file

in the #ublic uer bo@ )AU):2 L5 an3 )AUAU2 LF i3entifie an3 authenticate that it

i a uer who i #er<itte3 the ue of the uer bo@



)n the cae of the failure authentication fro< the #anel. )AA*1 L7 refue all in#ut

acce#tance fro< the #anel for 5 econ3 in eer failure When the authentication failure

reache 1- ti<e. )AA*1 L6 loc; the authentication function for that uer fro< then on

!hi loc; tatu i releae3 b the a3<initratorJ releae o#eration

M!M!:1 L #er<it onl to the a3<initrator the etu# of the threhol3 of the

unauthorize3 acce 3etection alue that i the trial freIuenc of the failure authentication in

the authentication of the uer who i #er<itte3 the ue of the uer bo@

When )AA!:1 an3 )AUS+1 relate a uer bo@ ): to the ta; of actin" ue. :BACC1

L1 an3 :BAC1 L1 #er<it the uer bo@ file that ha a corre#on3in" obHect attribute to

the uer bo@ ): of the ubHect attribute an3 i et #ublic to the uer attribute of uer bo@. theo#eration uch a a #rint. a 3ownloa3. tran<iion. a <oe<ent. an3 a co#

)AS'S1 L5 ecure the Iualit erification of the eion infor<ation ue3 in the uer bo@

authentication ia the networ;. an3 )AS'S2 ecure the Iualit of the eion infor<ation

which i "enerate3 an3 ue3

8Mana"e<ent of a #ublic uer bo@9

M!MSA1 L2 #er<it the uer who i #er<itte3 the ue of the uer bo@ an3 the

a3<initrator to o#erate the chan"e of the uer attribute of ue bo@ which DBublicD i et

M!M!:1 LF #er<it the chan"e in the uer bo@ #awor3 onl to the a3<initrator an3

the uer who i #er<itte3 to the ue of the uer bo@ )AS'S1 L1 erifie the Iualit of theuer bo@ #awor3 )f a uer #er<itte3 to ue a #ublic uer bo@ chan"e the uer bo@ #awor3





72 / 112

of the #ublic uer bo@. )AUAU6 re-authenticate the uer

A for the uer bo@ re"itration. M!MSA L1 #ecifie the #ublic to the uer attribute of

the uer bo@. an3 #er<it onl the uer an3 a3<initrator to "ie the initial alue to chan"e

the uer attribute M!M!:1 L5 #er<it the re"itration of the uer bo@ #awor3 onl to

the uer or the a3<initrator or the uer bo@ attribute of the uer bo@ file. the uer bo@

attribute alue of the electe3 uer bo@ a tora"e i et b M!MSA L


refer to eta3<in


refer to eterice


A the role of 3oin" thee <ana"e<ent. M!SM1L2 <aintain an a3<initrator an3

M!SM1LF <aintain a uer #er<itte3 the ue of the uer bo@ M!SM1 #ecifie

thee <ana"e<ent function


reIuire<ent

'G'UB'G'UB'G'UB'G'UB----+'+'+'+' $Grou#$Grou#$Grou#$Grou# ueruerueruer bo@bo@bo@bo@ acceacceacceacce controlcontrolcontrolcontrol%%%%

!hi ecurit obHectie #er<it the brower of the "rou# uer bo@ onl to the uer who i

#er<itte3 the ue of the account )t alo li<it the et of the "rou# uer bo@ which i not a

#aue tatu of ue an3 the o#eration of the uer function of the uer bo@ file in the "rou#

uer bo@ onl to the uer who i #er<itte3 the ue of the "rou# uer bo@. an3 reIuire ariou

reIuire<ent that relate to the acce control

8Uer bo@ acce control $a "rou# uer bo@%9


of actin" a ue b )AA!:1 an3 )AUS+1 An3 after the account ha been authenticate3.

the account ): i aociate3 with the ta; of actin" a ue b )AA!:1 an3 )AUS+1

:BACC1L1 an3 :BAC1L1 #er<it a ta; to act for the uer to o#erate the lit to the

uer bo@ $"rou# uer bo@% where the uer attribute corre#on3e3 with the Account (a<e

$account ):% in the ecurit attribute of the ubHect i et)t i reIuire3 to be a uer who i #er<itte3 the ue of the "rou# uer bo@ to o#erate the uer

bo@ file in the "rou# uer bo@ which i not a #aue tatu of ue When the Account

authentication <etho3 i Dthe <etho3 not nchronize3D. )AU):2 L6 an3 )AUAU1 L2

i3entifie an3 authenticate that it i a uer who i #er<itte3 the ue of the "rou# uer bo@

When the account authentication <etho3 i Dnchronize3 <etho3D an3 the Account that uer

belon" to i not re"itere3. )AU):2 L6 an3 )AUAU1 L2 i3entifie an3 authenticate

that it i a uer who i #er<itte3 the ue of the account



)n the cae of the failure authentication fro< the #anel. )AA*1 L7 refue all in#utacce#tance fro< the #anel for 5 econ3 in eer failure When the authentication failure





73 / 112

reache 1- ti<e. )AA*1 LR loc; the authentication function for that account fro< then

on !hi loc; tatu i releae3 b the a3<initratorJ releae o#eration

M!M!:1 L #er<it onl the a3<initrator the etu# of the threhol3 of the

unauthorize3 acce 3etection alue that i the trial freIuenc of the failure authentication in

the authentication of the uer who i #er<itte3 the ue of the "rou# uer bo@

When )AA!:1 an3 )AUS+1 relate to the uer bo@ ): un3er the ta; to act for uer.

:BACC1L1 an3 :BAC1L1 #er<it the uer bo@ file that ha a corre#on3in" obHect

attribute to the account ): an3 the uer bo@ ): of the ubHect attribute the o#eration uch a

#rint. 3ownloa3. tran<iion. <oe<ent an3 co#

8(ecear reIuire<ent to <ana"e the "rou# uer bo@9

M!MAS1 L #er<it the <o3ification o#eration of the uer attribute of the uer bo@ that

i et Daccount ):D to the uer who i #er<itte3 the acce to the "rou# uer bo@ an3 the

a3<initrator

or the uer bo@ attribute of the uer bo@ file. the uer bo@ attribute alue of the electe3 uer

bo@ a tora"e i et b M!MSA L

8(ecear reIuire<ent to <ana"e the ubHect attribute relate3 with the "rou# uer bo@9

M!M!:1L11 an3 M!M!:1L1 retrict the re"itration. #aue of ue an3 reu<#tion

of ue of the account ): an3 account #awor3 onl to the a3<initrator Alo. M!M!:1

L retrict the <o3ification of the account ): an3 account #awor3 onl to the

a3<initrator M!M!:1 L12 retrict the re"itration of the belon"in" account ai"ne3

to the uer. to the a3<initrator an3 to the uer who i #er<itte3 the ue of the account

)AS'S1 L1 erifie the Iualit of the account #awor3

8Mana"e<ent of the account authentication <etho39

M!M'1 L retrict the behaior <ana"e<ent of the account authentication function

an3 the to# o#eration <ana"e<ent onl to the a3<initrator


refer to eta3<in


refer to eterice



M!SM1 L6 <aintain a uer #er<itte3 the ue of the "rou# uer bo@ M!SM1

#ecifie thee <ana"e<ent function


reIuire<ent

'S,CU,'S,CU,'S,CU,'S,CU,----B)(!B)(!B)(!B)(! $$$$Acce control Acce control Acce control Acce control of of of of ecureecureecureecure #rint file#rint file#rint file#rint file an3an3an3an3 ): N #rint): N #rint): N #rint): N #rint filefilefilefile%%%%

!hee ecurit obHectie e@#lain the #olic for the ecure #rint fileirt. for ecure #rint file. thi ecurit obHectie li<it the #rint of the ecure #rint file onl





74 / 112

for the uer. who i #er<itte3 the ue of the ecure #rint file. an3 reIuire ariou

reIuire<ent that relate to the acce control

8Secure #rint file acce control9


of actin" a ue b )AA!:1 an3 )AUS+1 :BACC1 L2 an3 :BAC1 L2 #er<it

the lit 3i#la o#eration of eer ecure #rint file to the ta; of actin" the uer who ha uer

):

A it <ut be a uer who i #er<itte3 the ue of the ecure #rint file to #rint it. )AU):2 LF

an3 )AUAU2 L i3entifie an3 authenticate that it i a uer who i #er<itte3 the ue of

the ecure #rint file



)AA*1 L7 refue all in#ut acce#tance fro< the #anel for 5 econ3 in eer failure

When the authentication failure reache 1- ti<e. )AA*1 L5 loc; the authentication

function for the concerne3 ecure #rint file !hi loc; tatu i releae3 b the a3<initratorJ

releae o#eration

M!M!:1 L #er<it onl to the a3<initrator the etu# of the threhol3 of the

authentication failure freIuenc that i the trial freIuenc of the failure authentication in

the authentication of the uer who i #er<itte3 the ue of the ecure #rint file

When )AA!:1 an3 )AUS+1 relate the ecure #rint internal control ): to the ta; of

actin" ue. :BACC1 L2 an3 :BAC1 L2 #er<it the #rint o#eration to the ecure #rint

file that ha a corre#on3in" obHect attribute to the ecure #rint internal control ): of the

ubHect attribute

A for ecure #rint internal control ):. M!MSA L2 "ie the alue uniIuel i3entifie3

when the ecure #rint file i tore3

8Secure #rint #awor39

M!M!:1 L7 #er<it onl to the uer the re"itration of the ecure #rint #awor3 ue3

for the authentication )AS'S1 L1 erifie the Iualit of the ecure #rint #awor3

(e@t. for ): N #rint file. thi ecurit obHectie li<it the #rint of the ): N #rint file onl for

the uer who tore3 that file. o that ariou reIuire<ent re"ar3in" acce control are

necear

8): N #rint file acce control9

:BACC1LF an3 :BAC1LF #er<it the ta; ubtitutin" for a uer with a uer ): to

lit an3 #rint the ): N #rint file with the uer attribute conitent with the uer ):

or the uer attribute et in the ): N #rint file. the uer ): of the uer who tore the file

when the file i tore3 i et b M!MSA LF

8'#eration <ana"e<ent of the ): N #rint function9

Mana"e<ent of thi o#eration <o3e i li<ite3 onl to the a3<initrator b M!M'1 L2

8(ecear reIuire<ent to ;ee# the a3<initrator ecure9 refer to eta3<in





75 / 112


refer to eterice



M!SM1 L <aintain a uer Moreoer. M!SM1 #ecifie thee <ana"e<ent

function


reIuire<ent

'C'()G'C'()G'C'()G'C'()G $$$$Acce Acce Acce Acce li<itationli<itationli<itationli<itation totototo anananan <ana"e<ent<ana"e<ent<ana"e<ent<ana"e<ent functionfunctionfunctionfunction%%%%

!hi ecurit obHectie li<it the ettin" relate3 to the SM!B erer. the ettin" relate3 to the

:(S erer. the ettin" relate3 to the ,nhance3 Securit function. the bac;u# function. an3

the retoration function to the a3<initrator. an3 nee3 ariou reIuire<ent to li<it the

acce to a erie of ettin" function an3 the <ana"e<ent function

8Mana"e<ent of networ; ettin"9

When the a3<initrator attribute i aociate3 with the ta; of ubtitutin" the ue.

:BACC1L an3 :BAC1L #er<it the ta; of ubtitutin" the uer to o#erate the

ettin" of SM!B erer "rou# obHect. :(S erer "rou# obHect. MB a33re "rou# obHect.

BC-A rece#tion ettin" obHect. an3 tran<iion a33re 3ata obHect

8'#eration li<itation of +ac;u# an3 retoration function9

When the a3<initrator attribute i aociate3 with the ta; of actin" the ue b )AA!:1

an3 )AUS+1. the ta; of actin" the uer i #er<itte3 the bac;-u# o#eration ofO

- the uer bo@ file b :BACC1 L1 an3 :BAC1 L1

- the ecure #rint file b :BACC1 L2 an3 :BAC1 L2

- the ): N #rint file b :BACC1 LF an3 :BAC1 LF

)n a33ition. the retoration o#eration i #er<itte3 for

- SM!B erer "rou# obHect. :(S erer "rou# obHect. MB a33re "rou# obHect. BC-A

o#eration ettin" obHect. an3 tran<iion a33re 3ata obHect b :BACC1L an3

:BAC1L

Moreoer. the retoration o#eration $<o3ification o#eration% i #er<itte3 onl to thea3<initrator for the followin" 3ata

- the enhance3 ecurit ettin" 3ata b M!M'1 L1

- the o#eration ettin" 3ata of uer authentication function. encr#tion tren"th ettin" 3ata

for S/M)M, function an3 the o#eration ettin" 3ata of S(MB #awor3 authentication

function b M!M'1L2

- the !rute3 Channel ettin" 3ata. encr#tion #a#hrae an3 the o#eration ettin" 3ata of

account authentication function b M!M'1L

- the uer attribute of the uer bo@ b M!MSA1 L1. M!MSA1 L2 an3 M!MSA1 L

- the uer #awor3 b M!M!:1 L2

- the uer ):. the S(MB #awor3. the #anel auto lo"off ti<e. the authentication failurefreIuenc. the ecure #rint #awor3. the e@ternal authentication ettin" 3ata. the account





76 / 112

):. the account #awor3. the S/M)M, certificate. the belon"in" account of uer. releae

ti<e of o#eration #rohibition for a3<initrator authentication. !S) receiin" ettin". an3

Web:A4 erer #awor3 b M!M!:1L

- the uer bo@ #awor3 b M!M!:1 LF

M!M!:1 LR #er<it onl to the a3<initrator the bac;u# o#eration $inIuir o#eration%

of the S(MB #awor3. the uer #awor3. the uer bo@ #awor3. an3 the ecure #rint

#awor3. the account #awor3. an3 Web:A4 erer #awor3

8'#erational li<itation of ,nhance3 Securit function9

M!M'1 L1 #er<it onl the a3<initrator an3 erice en"ineer to 3iable the ettin"

for the enhance3 ecurit function

8Mana"e<ent of encr#tion #a#hrae 9

M!M!:1 L #er<it onl a3<initrator the <o3ification o#eration to the encr#tion

#a#hrae )AS'S1 LF erifie the Iualit of the encr#tion #a#hrae

8(ecear reIuire<ent for accein" M)+ obHect9

!he SM!B erer "rou# obHect. the :(S erer "rou# obHect an3 the MB a33re "rou#

obHect e@it a an M)+ obHect a well. o that the retriction i necear een in the acce

fro< the S(MB

)AU):2 L2 an3 )AUAU2 L2 i3entifie an3 authenticate that the uer who accee

the M)+ obHect i an a3<initrator

)AA*1 L loc; the authentication function to acce the M)+ obHect when the failure

authentication reache 1- ti<e !hi loc; i releae3 b the loc; releae o#eration b the

a3<initrator

M!M!:1 L retrict the threhol3 ettin" of the unauthorize3 acce 3etection alue

that i the trial freIuenc of the failure authentication in the a3<initrator authentication

uin" the S(MB #awor3 onl to the a3<initrator

M!M!:1 L retrict the chan"e of the S(MB #awor3 to the a3<initrator

)AS'S1 L2 erifie the Iualit of the S(MB #awor3

M!M'1 L2 retrict the <etho3 of the S(MB #awor3 authentication function onl

to the a3<initrator

8eIuire<ent for the counter <ana"e<ent function $acce b Web:A4%9

)AU):2 L2 an3 )AUAU2 L2 i3entif an3 authenticate that the uer accein" bWeb:A4 i an a3<initrator

M!M!:1 LR #er<it the i3entifie3 an3 authenticate3 a3<initrator to #erfor< inIuir

of uer #awor3 an3 account #awor3

)AA*1 L= loc; the a3<initrator authentication function which ue the Web:A4

erer #awor3 when the failure authentication reache 1- ti<e !hi loc; i releae3 b

the loc; releae o#eration b the a3<initrator

M!M!:1L retrict the threhol3 ettin" of the unauthorize3 acce 3etection alue

that i the trial freIuenc of the failure authentication in the a3<initrator authentication

uin" the Web:A4 erer #awor3 onl to the a3<initrator

M!M!:1 L retrict the chan"e of the Web:A4 erer #awor3 onl to thea3<initrator )AS'S1 L1 erifie the Iualit of the Web:A4 erer #awor3





77 / 112

8 '#erational *i<it of !rute3 Channel function ettin" 3ata9

!he behaior an3 the to# ettin" of !rute3 Channel function are #er<itte3 onl to the

a3<initrator b M!M'1 L

8'#erational *i<it for S/M)M, function9

!he re"itration of the S/M)M, certificate i #er<itte3 onl to the a3<initrator b

M!M!:1 L11 !he <o3ification of the re"itere3 S/M)M, certificate i #er<itte3 onl to

the a3<initrator b M!M!:1 L )n a33ition. the etu# of tran<iion a33re 3ata i

#er<itte3 onl to the a3<initrator b :BACC1 L an3 :BAC1 L !he behaior of

the S/M)M, function i #er<itte3 onl to the a3<initrator b the M!M'1 L2

8'#erational *i<it for A function9

!he re"itration of the uer bo@ to be tore3 in !S) rece#tion $!S) rece#tion ettin"% i

#er<itte3 onl to the a3<initrator b M!M!:1 L11 !he <o3ification of the re"itere3

!S) rece#tion ettin" i #er<itte3 onl to the a3<initrator b M!M!:1 L )n a33ition.

the ettin" of the area tore3 when BC-A i receie3 $BC-A rece#tion ettin"% i

#er<itte3 onl to the a3<initrator b :BACC1 L an3 :BAC1 L


refer to eta3<in


refer to eterice


A the role of 3oin" thee <ana"e<ent. M!SM1L1 <aintain a erice en"ineer an3

M!SM1L2 <aintain an a3<initrator Moreoer. M!SM1 #ecifie thee

<ana"e<ent function


reIuire<ent

''4,W)!,''4,W)!,''4,W)!,''4,W)!,----A** A** A** A** $$$$Co<#leteCo<#leteCo<#leteCo<#lete oerwriteoerwriteoerwriteoerwrite 3eletion3eletion3eletion3eletion%%%%

!hi ecurit obHectie re"ulate that it 3elete all 3ata area of :: an3 initialize theconceale3 infor<ation of (4AM that i et b the uer. an3 reIuire ariou reIuire<ent

that relate to the 3eletion

A:)B1 "uarantee that thee obHectie infor<ation not to be able to ue the content of

an #reiou infor<ation b the 3eletion o#eration

!herefore. thi ecurit obHectie i atifie3

'CYB!'CYB!'CYB!'CYB!''''----&,Y &,Y &,Y &,Y $$$$,ncr#tion,ncr#tion,ncr#tion,ncr#tion ;e;e;e;e "eneration"eneration"eneration"eneration%%%%

!hi ecurit obHectie re"ulate that the encr#tion ;e necear to encr#t all the 3ata

written in :: b AS)C i "enerate3. an3 nee3 ariou reIuire<ent that relate to the

encr#tion ;e "enerationUin" &onica Minolta :: encr#tion ;e "eneration al"ori< accor3in" to the &onica





78 / 112

Minolta encr#tion #ecification tan3ar3. CSC&M1 "enerate an encr#tion ;e 127 bit

lon" )n a33ition. the encr#tion ;e i "enerate3 on AM that i a olatilit <e<or with

the #ower u##l '( an3 i 3ia##eare3 with the #ower u##l '

!hi ecurit obHectie i atifie3 b thi functional reIuire<ent

'!US!,:'!US!,:'!US!,:'!US!,:----BASSBASSBASSBASS $Ua"e$Ua"e$Ua"e$Ua"e of of of of !rute3!rute3!rute3!rute3 Channel%Channel%Channel%Channel%

!hi ecurit obHectie "enerate the !rute3 Channel in the tran<iion an3 rece#tion uch

a a uer bo@ file. a ecure #rint file. an3 an ): N #rint file. an3 the reIuire<ent that relate

with the !rute3 Channel i necear !B)!C1 "enerate the !rute3 Channel accor3in"

to the reIuire<ent fro< the other !rute3 )! #ro3uct. an3 it i a##lie3 to the tran<iion

an3 rece#tion. uch a the uer bo@ file. the ecure #rint file. an3 the ): N #rint file

!hi ecurit obHectie i atifie3 b thi functional reIuire<ent.

'CYB!''CYB!''CYB!''CYB!'----MA)*MA)*MA)*MA)* $Ua"e$Ua"e$Ua"e$Ua"e of of of of ,ncr#tion,ncr#tion,ncr#tion,ncr#tion <ail%<ail%<ail%<ail%

!hi ecurit obHectie re"ulate the encr#tion of a uer bo@ file when tran<ittin" the uer

bo@ file b e-<ail. an3 ariou reIuire<ent relate3 to the encr#tion are necear

CSC&M1 "enerate the encr#tion ;e $127. 167. 1=2 or 256 bit% b uin" Beu3oran3o<

nu<ber Generation Al"orith< accor3in" to )BS 176-2

CSC'B1 encr#t the uer bo@ file b uin" A,S $encr#tion ;e 127. 1=2 or 256 bit% of

)BS BU+ 1=R $it beco<e a tran<iion 3ata of S/M)M,% Alo. the a<e reIuire<ent

encr#t the uer bo@ file b uin" -&e-!ri#le-:,S $encr#tion ;e 167 bit% of SB700-6R

$+ the a<e to;en. it beco<e a tran<iion 3ata of S/M)M,% CSC'B1 encr#t thee

encr#tion ;e b SA of )BS 176-2 b uin" a #ublic ;e of S/M)M, certificate of each

3etination $102F. 20F7. 0R2 or F0=6 bit%

!hi ecurit obHectie i atifie3 b the co<#letion of thee #lural functional reIuire<ent

' A' A' A' A----C'(!'*C'(!'*C'(!'*C'(!'* $$$$a@ unita@ unita@ unita@ unit control%control%control%control%

!hi ecurit obHectie re"ulate to #rohibit an acce to internal networ; which the MB

concerne3 connect with. fro< #ublic line ia the a@ #ublic line #ortal

!hi <ean that co<<unication. li;e re<ote 3ia"notic function or ille"al o#eration

co<<an3. e@ce#t i<a"e 3ata which i ent fro< #ublic line networ; an3 forwar3e3 to

internal networ; ia MB i not forwar3e3 to internal networ;. an3 ariou reIuire<ent

relate3 to the flow control of a@ unit are necear

A##lin" :B)C1 an3 :B)1. the flow control not to en3 3ata. e@ce#t the i<a"e 3ata

which the rece#tion function fro< a #ublic line receie3. to internal networ; i achiee3!hi ecurit obHectie i atifie3 b thi functional reIuire<ent

''''AU!AU!AU!AU!----CCCCABA+)*)!Y ABA+)*)!Y ABA+)*)!Y ABA+)*)!Y $$$$Su##ortSu##ortSu##ortSu##ort actionactionactionaction totototo ueueueue ueruerueruer authenticationauthenticationauthenticationauthentication functionfunctionfunctionfunction%%%%

!hi ecurit obHectie re"ulate that !', u##ort the uer authentication function uin" an

uer infor<ation <ana"e<ent erer that i the entit outi3e !',. an3 nee3 ariou

reIuire<ent that re"ulate to u##ort the e@ternal entit action

A##lin" )!CAB1 L1. the inIuir an3 the acIuire<ent function for the i3entification an3

authentication obHectie uer are achiee3 for the uer authentication function b the Actie

:irector of the uer infor<ation <ana"e<ent erer






79 / 112

''''CYB!CYB!CYB!CYB!''''----CABA+)*)!Y CABA+)*)!Y CABA+)*)!Y CABA+)*)!Y $$$$Su##ortSu##ortSu##ortSu##ort actionactionactionaction totototo ueueueue thethethethe :::::::: encr#tionencr#tionencr#tionencr#tion funcfuncfuncfunctiontiontiontion%%%%

!hi ecurit obHectie re"ulate that !', u##ort the action to encr#t the 3ata tore3 in

:: b AS)C that i the entit outi3e !',. an3 nee3 ariou reIuire<ent that re"ulate

to u##ort the e@ternal entit action

A##lin" )!CAB1L2. a u##ort function to #roce all 3ata in :: throu"h the ::

encr#tion function i<#le<ente3 b AS)C i achiee3 for that :: encr#tion function


eta3<in eta3<in eta3<in eta3<in $$$$SetSetSetSet of of of of necearnecearnecearnecear reIuire<entreIuire<entreIuire<entreIuire<ent ttttoooo ;ee#;ee#;ee#;ee# a3<initratora3<initratora3<initratora3<initrator ecureecureecureecure%%%%

8)3entification an3 Authentication of an a3<initrator9

)AU):2 L2 an3 )AUAU2 L2 i3entifie an3 authenticate that the accein" uer i an

a3<initrator

)AUAUR return DKD for each character entere3 a fee3bac; #rotecte3 in the #anel. an3


)AA*1 L7 refue. in cae of the failure authentication trie3 fro< the #anel. all the in#ut

recei#t fro< the #anel for fie econ3 in eer failure When the failure authentication

reache 1- ti<e. )AA*1 L2 lo"off if itJ un3er authentication. an3 loc; all the

authentication function that ue the a3<initrator #awor3 fro< then on !he releae

function i e@ecute3 b tartin" !', with turnin" ' an3 '( the #ower u##l. o that the

loc; i releae3 after the releae ti<e of o#eration #rohibition for a3<initrator

authentication #ae3

M!M!:1 L #er<it onl to the a3<initrator the ettin" of the threhol3 of the

authentication failure freIuenc which i the trial freIuenc of the failure authentication in

the a3<initrator authentication an3 chan"e of the releae ti<e of o#eration #rohibition for

a3<initrator authentication

8Mana"e<ent of eion of i3entifie3 an3 authenticate3 a3<initrator9

!he 3uration of eion of the a3<initrator who i i3entifie3 an3 authenticate3 contribute

to re3uce the chance of attac;in" aociate3 with unnecear eion connection b en3in"

the eion after the #anel auto<atic lo"off ti<e ela#e b !ASS* if it lo" in fro< the

#anel !he chan"e in the #anel auto lo"off ti<e i li<ite3 to the a3<initrator b

M!M!:1 L

8Mana"e<ent of a3<initratorJ authentication infor<ation9

)AS'S1 L1 erifie the Iualit of the a3<initrator #awor3 Moreoer. )AS'S L5erifie the Iualit of eion infor<ation ue3 to authenticate the a3<initrator ia the

networ;. an3 )AS'S2 ecure the Iualit of eion infor<ation that i "enerate3 an3

ue3 M!M!:1 L6 retrict the chan"e in the a3<initrator #awor3 to the

a3<initrator an3 the erice en"ineer When the a3<initrator chan"e the a3<initrator

#awor3. )AUAU6 re-authenticate it )n thi re-authentication. when the failure

authentication reache 1- ti<e. )AA*1 L2 lo"off it if itJ un3er authentication. an3

releae the authentication tatu of the a3<initrator fro< then on An3 it loc; all the

authentication function to ue the a3<initrator #awor3 !he releae function i e@ecute3

b tartin" !', with turnin" ' an3 '( the #ower u##l. o that the loc; i releae3 after

the releae ti<e of o#eration #rohibition for a3<initrator authentication #ae3





80 / 112


M!SM1 L1 hae erice en"ineer <aintain the role to 3o thee <ana"e<ent. an3

M!SM1L2 hae the a3<initrator 3o the a<e A33itionall. M!SM1 #ecifie thee

<ana"e<ent function

eterice eterice eterice eterice $$$$SetSetSetSet of of of of necearnecearnecearnecear reIuire<entreIuire<entreIuire<entreIuire<ent totototo ;ee#;ee#;ee#;ee# ericeericeericeerice en"ineeren"ineeren"ineeren"ineer ecureecureecureecure%%%%

8)3entification an3 Authentication of a erice en"ineer9

)AU):2 L1 an3 )AUAU2L1 i3entifie an3 authenticate that the accein" uer i a

erice en"ineer

)AUAUR return DKD eer one character entere3 a the fee3bac; #rotecte3 in the #anel.

an3 u##ort the authentication

)AA*1L7 refue all the in#ut recei#t fro< the #anel for fie econ3 at each failure.

an3 when the failure authentication reache 1- ti<e. )AA*1L1 lo"off it if itJ un3er

authentication. an3 loc; all the authentication function to ue the C, #awor3 !he C,

authentication loc; releae function i e@ecute3 an3 the releae ti<e of o#eration #rohibition

for C, authentication ela#e. o that thi loc; tatu i releae3

M!M!:1 L #er<it onl to the a3<initrator the ettin" of the threhol3 of the

authentication failure freIuenc that i the trial freIuenc of the failure authentication in the

erice en"ineer authentication M!M!:1 L= #er<it onl to the erice en"ineer the

ettin" of the releae ti<e of o#eration #rohibition for C, authentication

8Mana"e<ent of erice en"ineerJ authentication infor<ation9

)AS'S1L1 erifie the Iualit of the C, #awor3 M!M!:1 L= retrict the chan"e in

the C, #awor3 to the erice en"ineer Moreoer. )AUAU6 re-authenticate it )n thi

re-authentication. when the failure authentication reache 1- ti<e. )AA*1L1 releae

the authentication tatu of the erice en"ineer an3 loc; all the authentication function to

ue the C, #awor3 !he C, authentication loc; releae function i e@ecute3 an3 the releae

ti<e of o#eration #rohibition for C, authentication ela#e. o that thi loc; tatu i

releae3


M!SM1 L1 <aintain the role to 3o thee <ana"e<ent a a erice en"ineer

M!SM1 #ecifie thee <ana"e<ent function

621621621621 :e#en3encie of )! Securit unctional eIuire<ent

!he 3e#en3encie of the )! ecurit functional reIuire<ent co<#onent are hown in the

followin" table When a 3e#en3enc re"ulate3 in CC Bart 2 i not atifie3. the reaon i

#roi3e3 in the ection for the D:e#en3encie elation in thi S!D

!able!able!able!able 10101010 :e#en3encie:e#en3encie:e#en3encie:e#en3encie of of of of )!)!)!)! SecuritSecuritSecuritSecurit unctionalunctionalunctionalunctional eIuire<enteIuire<enteIuire<enteIuire<ent Co<#onentCo<#onentCo<#onentCo<#onent

(/A (ot A##licable

unctional

eIuire<entCo<#onent for

thi S!

:e#en3encie on CC Bart 2 :e#en3encie elation in thi S!









83 / 112

unctional

eIuire<ent

Co<#onent for

thi S!


)AU):2L5 (one (/A

)AU):2L6 (one (/A

)AU):2LR (one (/A

)AUS+1 )AA!:1 )AA!:1

M!M'1L1M!SM1.

M!SM1

M!SM1.

M!SM1L1. M!SM1L2

M!M'1L2M!SM1.

M!SM1

M!SM1.

M!SM1L2

M!M'1LM!SM1.

M!SM1

M!SM1.

M!SM1L2

M!MSA1L1

:BACC1 or :B)C1.

M!SM1.

M!SM1

:BACC1L1.

M!SM1.

M!SM1L2. M!SM1L

M!MSA1L2:BACC1 or :B)C1.M!SM1.

M!SM1

:BACC1L1.M!SM1.

M!SM1L2. M!SM1LF

M!MSA1L

:BACC1 or :B)C1.

M!SM1.

M!SM1

:BACC1L1.

M!SM1.

M!SM1L2. M!SM1L6

M!MSAL1M!MSA1.

M!SM1

M!MSA1L1. M!MSA1L2.

M!SM1L

M!MSAL2

M!MSA1.

M!SM1(either i a##licable

8!he reaon not to a##l M!MSA19

!hi i the internal control ): that i i3entifie3

uniIuel. an3 thi 3oe not reIuire the <ana"e<ent

uch a chan"e or 3eletion. after thi i ai"ne3 once

8M!SM19

!he ai"n<ent of M!MSA2L2 i not a##licable

M!SM1 i the 3e#en3enc that i et relatin" to

the followin" an3 o there i no neceit of

a##lication

M!MSAL

M!MSA1.

M!SM1

(either i a##licable

8!he reaon not to a##l M!MSA19

!he uer bo@ attribute of a uer bo@ file alwa nee3

to corre#on3 with the uer bo@ !herefore. the alue

onl ha to be "ien at the ti<e of tora"e )t i not

necear to chan"e the alue of thi attribute at the

ti<e of other o#erational ti<in" Accor3in"l. the

<ana"e<ent reIuire<ent i unnecear

8M!SM19

!he ai"n<ent of M!MSA2L i not a##licable



a##lication

M!MSALF

M!MSA1.

M!SM1

(either i a##licable

8!he reaon not to a##l M!MSA19)t i the conce#t of ): N #rint that the obHect i a #rint





84 / 112

unctional

eIuire<ent

Co<#onent for

thi S!


obHect to which onl the #eron who tore3 it can

acce. o it i not au<e3 that the obHect i

tranferre3 to an other uer ConeIuentl. it i notnecear to chan"e the alue of the attribute when

the uer #erfor< o#eration other than tore. o that

the <ana"e<ent reIuire<ent i unnecear

8M!SM19

!he ai"n<ent of M!MSA2LF i not a##licable



a##lication

M!M!:1L1M!SM1.

M!SM1

M!SM1.

M!SM1L2

M!M!:1L2M!SM1.

M!SM1

M!SM1.

M!SM1L2 . M!SM1L

M!M!:1LM!SM1.

M!SM1

M!SM1.

M!SM1L2

M!M!:1LFM!SM1.

M!SM1

M!SM1.

M!SM1L2. M!SM1LF

M!M!:1L5M!SM1.

M!SM1

M!SM1.

M!SM1L2. M!SM1L

M!M!:1L6M!SM1.

M!SM1

M!SM1.

M!SM1L1. M!SM1L2

M!M!:1LRM!SM1.

M!SM1

M!SM1.

M!SM1L2

M!M!:1L7M!SM1.

M!SM1

M!SM1.

M!SM1L

M!M!:1L=M!SM1.

M!SM1

M!SM1

M!SM1L1

M!M!:1L10M!SM1

M!SM1

M!SM1

M!SM1L2. M!SM1L5

M!M!:1L11M!SM1

M!SM1

M!SM1

M!SM1L2

M!M!:1L12

M!SM1

M!SM1

M!SM1

M!SM1L2

M!SM1L6

M!M!:1L1M!SM1

M!SM1

M!SM1

M!SM1L2

M!SM1 (one (/A

M!SM1L1 )AU):1 )AU):2L1

M!SM1L2 )AU):1 )AU):2L2

M!SM1L )AU):1 )AU):2L

M!SM1LF )AU):1 )AU):2L5

M!SM1L5 )AU):1 )AU):2LR

M!SM1L6 )AU):1 )AU):2L6

!ASS* (one (/A

!B)!C1 (one (/A

A:)B1 (one (/A

)!CAB1L1 (one (/A

)!CAB1L2 (one (/A





85 / 112

622622622622 ationale for )! Securit Aurance eIuire<ent

!hi !', i intalle3 an3 ue3 in an eniron<ent where a3eIuate ecurit i <aintaine3 in

ter< of the #hical. #eronnel. an3 connectiit (onethele. a3eIuate effectiene in the

eniron<ent where the !', i ue3 <ut be aure3 A a "eneral co<<ercial office #ro3uct.

the e@ecution of tet bae3 on function #ecification an3 !', 3ei"n. an3 anali of the

tren"th of function an3 a earch for ulnerabilitie are reIuire3 )n a33ition. it i 3eirable that

it ha a 3eelo#<ent eniron<ent control. a confi"uration <ana"e<ent for the !', an3 a

ecure 3itribution #roce3ure An3 therefore the election of ,A*. which #roi3e an a3eIuate

aurance leel. i reaonable

!he ecure reIuire<ent 3e#en3enc anali i au<e3 to be a##ro#riate becaue the

#ac;a"e ,A* ha been electe3. therefore 3etail are not 3icue3





86 / 112

RRRR !', Su<<ar S#ecification

!he lit of the !', ecurit function le3 fro< the !', ecurit function reIuire<ent i hown

in !able 11 below !he 3etaile3 #ecification i e@#laine3 in the #ara"ra#h 3ecribe3 below

!able!able!able!able 11111111 (a<e an3 )3entifier(a<e an3 )3entifier(a<e an3 )3entifier(a<e an3 )3entifier of of of of !',!',!',!', SecuritSecuritSecuritSecurit unctionunctionunctionunction

(o !', Securit unction

1 A:M)( A3<initrator function

2 A:M)(-S(MB S(MB a3<initrator function

S,4)C, Serice <o3e function

F US, Uer function

5 +' Uer bo@ function

6 B)(! Secure #rint function. ): N #rint function

R '4,W)!,-A** All area oerwrite 3eletion function7 CYB! ,ncr#tion ;e "eneration function

= ,S,! Authentication ailure reIuenc eet function

10 !US!,:-BASS !rute3 Channel function

11 S/M)M, S/M)M, encr#tion #rocein" function

12 A-C'(!'* a@ unit control function

1 SUBB'!-AU! ,@ternal Serer authentication o#eration u##ort function

1F SUBB'!-CYB!' AS)C u##ort function

15 A:M)(-Web:A4 A3<initrator function $Counter <ana"e<ent function%

R1R1R1R1 A:M)( $A3<initrator unction%

A:M)( i a erie of ecurit function that a3<initrator o#erate. uch a an a3<initrator

i3entification authentication function in an a3<initrator <o3e accein" fro< a #anel or

throu"h a networ;. an3 a ecurit <ana"e<ent function that inclu3e a chan"e of an

a3<initrator #awor3 an3 a loc; cancellation of a loc;e3 uer bo@ $(eerthele. all function

are not feaible function throu"h both a #anel an3 a networ;%

R11R11R11R11 A3<initrator )3entification Authentication unction

)t i3entifie an3 authenticate the accein" uer a the a3<initrator in re#one to the

acce reIuet to the a3<initrator <o3e

Broi3e the a3<initrator authentication <echani< authenticatin" b the a3<initrator

#awor3 that conit of the character hown in !able 12

Broi3e the a3<initrator authentication <echani< uin" the eion infor<ation

bei3e the a3<initrator #awor3. after the a3<initrator i authenticate3 to the acce

fro< the networ;.

Accor3in" to #rotocol. ue the eion infor<ation of <ore than 1010. or "enerate an3 ue

the eion infor<ation <ore than 1010

eturn DKD for each character a fee3bac; for the entere3 a3<initrator #awor3

eet the nu<ber of authentication failure when uccee3in" in the authentication





87 / 112

)n the cae of acce fro< a #anel. it 3oenJt acce#t the in#ut fro< a #anel for fie econ3

when failin" in the authentication

*oc; all the authentication function to ue the a3<initrator #awor3 when 3etectin" the

authentication failure that beco<e 1- ti<e at total in each authentication function b

uin" the a3<initrator #awor3 $efue the acce to the a3<initrator <o3e%

!he a3<initrator #ecifie the failure freIuenc threhol3 b the unauthorize3 acce

3etecte3 threhol3 ettin" function

,S,! wor; an3 the loc; of authentication function i releae3

A 3ecribe3 aboe. )AA*1L2. )AA*1L7. )AS'S1L5. )AS'S2 )AUAU2L2.

)AUAUR an3 )AU):2L2 are realize3

!able!able!able!able 12121212 CCCCharacterharacterharacterharacter an3an3an3an3 ((((u<beru<beru<beru<ber of of of of ::::i"iti"iti"iti"it forforforfor BBBBawor3awor3awor3awor3 13

'bHectie (u<ber

of 3i"it

Character

C, Bawor3

A3<initrator Bawor3

Account Bawor3

Uer +o@ Bawor3

Secure Brint Bawor3

Web:A4 Serer Bawor3

7 Selectable fro< = or <ore character in total

$Al#habet. nu<eric. an3 <bol $So<e are not inclu3e3%

,ncr#tion #a#hrae 20 Selectable fro< 7 or <ore character in total


Uer Bawor3 7 or <ore Selectable fro< 177 or <ore character in total

$Al#habet. nu<eric. <bol $So<e are not inclu3e3%. an3

#ecial character $So<e are not inclu3e3%

S(MB Bawor3

- Briac Bawor3

- Authentication Bawor3

7 or <ore Selectable fro< =0 or <ore character in total


R12R12R12R12 Auto *o"off unction of A3<initrator Mo3e

While accein" an a3<initrator <o3e fro< a #anel. if not acce#tin" an o#eration 3urin" the

#anel auto<atic lo"off ti<e. it lo" off the a3<initrator <o3e auto<aticall

A 3ecribe3 aboe. )ASS* i realize3

R1R1R1R1 unction Su##orte3 in A3<initrator Mo3e

When a uer i i3entifie3 an3 authenticate3 a an a3<initrator b the a3<initrator

i3entification authentication function at the accein" reIuet to the a3<initrator <o3e. the

a3<initrator attribute i aociate3 with the ta; ubtitutin" the uer An3 the followin"

o#eration an3 the ue of the function are #er<itte3

A 3ecribe3 aboe. )AA!:1 an3 )AUS+1 are realize3

13 !able 12 how the <ini<u< #awor3 #ace a the ecurit #ecification !herefore. althou"h o<e e@clu3e3character are hown 3e#en3in" on the #awor3 t#e. the e@clu3e3 character are #er<itte3 to ue if #oible





88 / 112

R11R11R11R11 Chan"e of A3<initrator Bawor3

When a uer i re-authenticate3 a an a3<initrator b the #anel an3 the new #awor3

atifie the Iualit. the #awor3 i chan"e3

Broi3e the a3<initrator authentication <echani< that i authenticate3 b the

a3<initrator #awor3 which conit of the character hown in !able 12

eet the nu<ber of authentication failure when uccee3in" in the re-authentication

eturn DKD for each character a fee3bac; for the entere3 a3<initrator #awor3 in the

re-authentication

When the authentication failure that beco<e 1- ti<e at total in each authentication

function b uin" the a3<initrator #awor3 i 3etecte3. it lo"off the a3<initrator <o3e

accein" fro< the #anel. an3 loc; all the authentication function to ue the a3<initrator

#awor3 $!he acce to the a3<initrator <o3e i refue3%


3etection threhol3 ettin" function

,S,! wor;. o that the loc; of the authentication function i releae3

4erif the new a3<initrator #awor3 if the followin" Iualitie are atifie3

)t i co<#oe3 of the character an3 b the nu<ber of 3i"it hown in the a3<initrator

#awor3 of !able 12

)t hall not be co<#oe3 of one ;in3 of character

)t 3oenJt <atch with the current alue

A 3ecribe3 aboe. )AA*1L2. )AS'S1L1. )AUAU6. )AUAUR. M!M!:1L6.

M!SM1 an3 M!SM1L2 are realize3

R12R12R12R12 Uer Setu#

Uer e"itration $'nl the uer who ue with the <achine authentication a Uer

authentication <etho3%

Uer i re"itere3 b ettin" the uer ): $!hou"h uer ): i co<#oe3 of the uer na<e an3

the authentication erer infor<ation1F. onl uer na<e i re"itere3 in cae of the <achine

authentication% an3 re"iterin" the uer #awor3 )t erifie whether the uer #awor3

newl et hae been atifie3 the followin" Iualitie

)t i co<#oe3 of the character an3 b the nu<ber of 3i"it. hown in the uer #awor3of the !able 12


While the e@ternal erer authentication i effectie. the uer #awor3 cannot be re"itere3

Alo re"iter the belon"in" account $account ):%. an3 relate $!he account ettin" i

necear beforehan3%

Chan"e of uer #awor3 $'nl the uer who ue with the <achine authentication a Uer

14 )t aociate with the e@ternal erer authentication ettin" 3ata that i et in the cae of the ue of thee@ternal erer $onl Actie :irectl <etho3 i a##licable% a the <etho3 of the uer authentication function+ecaue it 3eal when there are #lural uer infor<ation <ana"e<ent erer. there i a cae in which #lural etof authentication erer infor<ation are inclu3e3 in the e@ternal erer infor<ation ettin" 3ata





89 / 112

authentication <etho3%

Uer #awor3 i chan"e3 )t erifie whether the uer #awor3 newl et hae been

atifie3 the followin" Iualitie

)t i co<#oe3 of the character an3 b the nu<ber of 3i"it. hown in the uer #awor3

of the !able 12


)t hall not be eIual to the alue which i currentl et

Uer 3eletion

Uer ): an3 uer #awor3 i 3elete3

When a #eronal uer bo@ that a concerne3 uer own e@it. that #eronal uer bo@ i

auto<aticall et to the #ublic uer bo@ of Duer attribute #ublicD

Baue/reu<e of Uer $'nl in the <achine authentication a Uer authentication <etho3%

S#ecif the Uer ): an3 #aue the uer or reu<e the uer in the #aue tate !he uer in the

#aue tate i not i3entifie3 an3 not authenticate3. o that the uer cannot ue the uer

function after i3entification an3 authentication

Chan"e of the belon"in" account

!he belon"in" account that relate3 to uer i chan"e3

A 3ecribe3 aboe. )AS'S1L. M!M!:1L1. M!M!:1L2. M!M!:1L.

M!M!:1L10. M!M!:1L12. M!M!:1L1. M!SM1 an3 M!SM1L2 are

realize3

R1R1R1R1

Uer +o@ Setu#

Uer +o@ e"itration

When the a3<initrator attribute i relate3. the iew of the lit of uer bo@e i #er<itte3 A

#eronal uer bo@. a "rou# uer bo@. an3 a #ublic uer bo@ are re"itere3 b electin" the uer

attribute to the non-re"itration uer bo@ ): electe3 fro< the lit of uer bo@e When the

are re"itere3. E#ublicP i #ecifie3 on the uer attribute of the uer bo@ b 3efault. howeer. a

uer ): or an account ): can be electe3

)n the cae of the #eronal uer bo@. the arbitrar uer ): re"itere3 i #ecifie3

)n the cae of the #ublic uer bo@. erif that a uer bo@ #awor3 re"itere3 atifie the

followin" con3ition• )t i co<#oe3 of the character an3 b the nu<ber of 3i"it. hown in the uer bo@

#awor3 of the !able 12

• )t hall not be co<#oe3 of one ;in3 of character

S#ecif the arbitrar account ): re"itere3 when "rou# uer bo@

Chan"e of Uer +o@ Bawor3

!he uer bo@ #awor3 et to the #ublic uer bo@ i chan"e3

)t erifie whether the uer bo@ #awor3 newl et hae been atifie3 the followin"

Iualitie

• )t i co<#oe3 of the character an3 b the nu<ber of 3i"it. hown in the uer bo@#awor3 of the !able 12





90 / 112

• )t hall not be co<#oe3 of one ;in3 of character

• )t hall not be eIual to the alue which i currentl et

Chan"e of uer attribute of uer bo@

S#ecif the uer attribute of a #eronal uer bo@ to the other uer or the account that

re"itere3

S#ecif the uer attribute of "rou# uer bo@ to the uer or the other account that

re"itere3

S#ecif the uer attribute of #ublic uer bo@ to the uer or account that re"itere3

S#ecif the uer attribute of a #eronal uer bo@ or "rou# uer bo@ to #ublic

• )f a uer bo@ #awor3 i not re"itere3 at the a<e ti<e. the #awor3 hall be

re"itere3. an3 the a<e #rocein" a the chan"e of uer bo@ #awor3 <entione3

aboe i #erfor<e3

A 3ecribe3 aboe. :BACC1L1. :BAC1L1. )AS'S1L1. M!MSA1L1.

M!MSA1L2. M!MSA1L. M!MSAL1. M!M!:1LF. M!M!:1L5. M!SM1

an3 M!SM1L2 are realize3

R1FR1FR1FR1F eleae of *oc;

eet $clear all% the nu<ber of ti<e of authentication failure for each uer

)f there i a uer to who< acce i loc;e3. the loc; i releae3

eet $clear all% the nu<ber of ti<e of authentication failure for all ecure #rint #awor3

)f there i a ecure #rint #awor3 to which acce i loc;e3. the loc; i releae3

eet $clear all% the nu<ber of ti<e of authentication failure of each uer bo@e

)f there i a uer bo@ to which acce i loc;e3. the loc; i releae3

eet $clear all% the nu<ber of ti<e of authentication failure of each account

)f there i a uer account to which acce i loc;e3. the loc; i releae3

eet $clear all% the nu<ber of ti<e of authentication failure of S(MB #awor3

)f the acce to a M)+ obHect i loc;e3. the loc; i releae3

eet $clear all% the nu<ber of ti<e of authentication failure of Web:A4 erer #awor3

)f accein" b Web:A4 i loc;e3 u#. the loc; i releae3

A 3ecribe3 aboe. )AA*1 L. )AA*1LF. )AA*1L5. )AA*1L6.

)AA*1LR. an3 )AA*1L= are realize3

R15R15R15R15 Setu# of Uer Authentication unction

Set the followin" authentication <etho3 in a uer authentication function

Machine authentication Authentication <etho3 which utilize a uer #awor3 <ana"e3 on

MB i3e

,@ternal erer authentication Authentication <etho3 which utilize a uer #awor3

<ana"e3 with a uer infor<ation <ana"e<ent erer connecte3 throu"h a networ;$'nl

Actie :irector <etho3 i obHect%

When e@ternal erer authentication i ue3. the e@ternal erer authentication ettin"3ata $Contain the <ulti#le authentication erer infor<ation. uch a 3o<ain na<e to





91 / 112

which e@ternal erer belon"% nee3 to be et

Set the followin" authentication <etho3 in the account authentication function ue3 with a

uer authentication function

Account authentication function nchronize3 <etho3

!he <etho3 which utilize an account ): aociate3 with uer ): beforehan3

Account authentication function <etho3 not nchronize3

!he <etho3 to authenticate b the account ): an3 the account #awor3 at the ti<e of acce.

without utilizin" the account ): that aociate3 with uer ): beforehan3

Account authentication function not ue

Utilize onl the authentication function b uer ):. an3 not utilize the i3entification an3

authentication b account infor<ation

A 3ecribe3 aboe. M!M'1 L2. M!M'1L. M!M!:1L. M!M!:1L11.


R16R16R16R16 Unauthorize3 Acce Setu#

Setu# of unauthorize3 acce 3etection threhol3

!he unauthorize3 acce 3etection threhol3 in the authentication o#eration #rohibition

function i et for 1- ti<e

Setu# of the releae ti<e of o#eration #rohibition for A3<initrator Authentication

Set the releae ti<e of o#eration #rohibition for A3<initrator Authentication between 5-60

<inute

A 3ecribe3 aboe. M!M!:1L. M!SM1 an3 M!SM1L2 are realize3

R1RR1RR1RR1R

Setu# of Auto *o"off unction

!he #anel auto lo"off ti<e which i the ettin" 3ata of the auto lo"off function houl3 be et

within the followin" ti<e ran"e

#anel auto lo"off ti<e 1 - = <inute

A 3ecribe3 aboe. M!M!:1 L. M!SM1 an3 M!SM1L2 are realize3

R17R17R17R17 (etwor; Setu#

A etu# o#eration of the followin" ettin" 3ata i #erfor<e3

A erie of etu# 3ata that relate to SM!B erer $)B a33re. Bort (u<ber. etc% A erie of etu# 3ata that relate to :(S erer $)B a33re. Bort (u<ber. etc%

A erie of etu# 3ata that relate to MB a33re $)B a33re. (et+)'S (a<e. A##le!al;

Brinter (a<e. etc%

A 3ecribe3 aboe. :BACC1L an3 :BAC1L are realize3

R1=R1=R1=R1= ,@ecution of +ac;-u# an3 etoration unction

All the ettin" 3ata tore3 in (4AM an3 :: are bac;e3-u# an3 re-tore3 e@ce#t the

a3<initrator #awor3. the C, #awor3. an3 encr#tion #a#hrae A the obHect relate3 to

ecurit. 3ue to the relation of confi3entialit an3 co<#letene. the one hown b the followin"claification i tar"ete3





92 / 112

8!#e A 'bHect to which bac;-u# an3 retoration houl3 be li<ite39

S(MB #awor3

Uer #awor3

Account #awor3

Secure #rint #awor3

Uer +o@ #awor3

Web:A4 erer #awor3

8!#e + 'bHect to which retoration houl3 be li<ite39

A erie of 3ata that relate to SM!B erer ettin"

A erie of 3ata that relate to :(S erer ettin"

A erie of 3ata that relate to MB a33re ettin"

'#eration ettin" 3ata of S(MB #awor3 authentication function

Settin" 3ata of ,nhance3 Securit function

Settin" 3ata of o#eration <etho3 of uer authentication function

'#eration ettin" 3ata of account authentication function

Authentication failure freIuenc threhol3 of authentication o#eration #rohibition function

Banel auto lo"off ti<e

Uer ):

Uer attribute of uer bo@

Account ):

S/M)M, certificate

!ran<iion a33re 3ata

,ncr#tion tren"th ettin" 3ata in S/M)M, function

SS* certificate

+elon"in" Account of uer

eleae ti<e of o#eration #rohibition for A3<initrator authentication

BC-A rece#tion ettin"

!S) receiin" ettin" 3ata

,@ternal erer authentication ettin" 3ata

8!#e C 'bHect to which bac;-u# houl3 be li<ite39

Secure #rint file

Uer bo@ file ): N #rint file

A 3ecribe3 aboe. :BACC1L1. :BACC1L2. :BACC1L. :BACC1LF.

:BAC1L1. :BAC1L2 . :BAC1L. :BAC1LF. M!M'1L1 . M!M'1L2 .

M!M'1L. M!MSA1L1 . M!MSA1L2 . M!MSA1L. M!M!:1L2 .

M!M!:1L . M!M!:1LF . M!M!:1LR. M!SM1 an3 M!SM1L2 are

realize3

R110R110R110R110 '#eration Setu# of :: ,ncr#tion unction

8,ncr#tion Ba#hrae Chan"e9





93 / 112

!he encr#tion #a#hrae i chan"e3 )t i chan"e3 when the newl etu# encr#tion

#a#hrae atifie Iualit reIuire<ent. an3 CYB!' i #erfor<e3

4erif that the encr#tion #a#hrae newl et atifie the followin" Iualitie

)t i co<#oe3 of the character an3 b the nu<ber of 3i"it hown in the encr#tion

#a#hrae of the !able 12


)t hall not be <atche3 with the current alue

A 3ecribe3 aboe. )AS'S1LF. M!M!:1L. M!SM1 an3 M!SM1L2 are

realize3

R111R111R111R111 Chan"e of S(MB Bawor3

!he S(MB #awor3 $Briac #awor3 an3 Authentication #awor3% i chan"e3 !hi i

#erfor<e3 when the newl etu# #awor3 atifie Iualit reIuire<ent

4erifie that the S(MB #awor3 which i newl et atifie the followin" Iualitie

)t i co<#oe3 of the character an3 b the nu<ber of 3i"it hown in S(MB #awor3 of

the !able 12



A 3ecribe3 aboe. )AS'S1L2. M!M!:1L. M!SM1. an3 M!SM1L2 are

realize3

R112R112R112R112 Setu# of S(MB Bawor3 Authentication unction

!he authentication <etho3 in the S(MB #awor3 authentication function i et to D'nl

Authentication #awor3D or the DAuthentication #awor3 an3 Briac #awor3D

A 3ecribe3 aboe. M!M'1L2. M!SM1 an3 M!SM1L2 are realize3

R11R11R11R11 Account Setu#

Account re"itration

Account i re"itere3 b ettin" the account ): an3 re"iterin" the account #awor3 )t

erifie whether the account #awor3 newl et hae been atifie3 the followin" Iualitie

)t i co<#oe3 of the character an3 b the nu<ber of 3i"it. hown in the account

#awor3 of the !able 12 )t hall not be co<#oe3 of one ;in3 of character

Chan"e of account ): an3 account #awor3

Account ): an3 account #awor3 i chan"e3 )t erifie whether the account #awor3

newl et hae been atifie3 the followin" Iualitie

)t i co<#oe3 of the character an3 b the nu<ber of 3i"it. hown in the account



)t hall not be <atche3 to the current ettin"

Account 3eletion





94 / 112

Account ): an3 account #awor3 are 3elete3

When the "rou# uer bo@ of the account ): e@it. that "rou# uer bo@ i auto<aticall et

to the #ublic uer bo@ of Duer attribute #ublicD

Baue/reu<e of Account

Account ): i #ecifie3. an3 the ue of the account i #aue3 or the ue of the account in the

#aue tate i reu<e3 !he account in the #aue tate i not 3one the i3entification an3

authentication. an3 beco<e i<#oible to ue the uer function to nee3 the i3entification

an3 authentication of account

A 3ecribe3 aboe. )AS'S1L1. M!MSA1L. M!M!:1L. M!M!:1L11.

M!M!:1L1. M!SM1 an3 M!SM1L2 are realize3

R11FR11FR11FR11F Setu# of !rute3 Channel unction

Set the ettin" 3ata of !rute3 Channel function b SS*/!*S

Co<<unication ,ncr#tion Stren"th Settin" $Mo3ification of the co<<unication encr#tion

<etho3%

'#eration an3 Sto# Settin" of the !rute3 Channel function

A 3ecribe3 aboe. M!M'1L. M!SM1 an3 M!SM1L2 are realize3

R115R115R115R115 Setu# of S/M)M, !ran<iion unction

Set the ettin" 3ata which are ue3 when the uer bo@ file i S/M)M, tran<itte3

!ran<iion a33re 3ata $e-<ail a33re%

e"itration an3 <o3ification of S/M)M, certificate

Setu# of ,ncr#tion Stren"th for S/M)M, function

A 3ecribe3 aboe. :BACC1L. :BAC1L. M!M'1L2. M!M!:1L.

M!M!:1L11. M!SM1. an3 M!SM1L2 are realize3

R116R116R116R116 Setu# of A

Set the ettin" 3ata of A relate3 ettin" a follow.

BC-A rece#tion Settin"

Settin" either of two <o3e at BC-A o#eration which are to tore in each uer bo@ an3to tore in co<<on area for all uer accor3in" to the 3ei"nate3 infor<ation at A

tran<iion

!S) rece#tion Settin"

Settin" the torin" uer bo@ at !S) rece#tion b relatin" the tran<itter tele#hone

nu<ber with the uer bo@ a the i3entification infor<ation of tran<itter ter<inal

A 3ecribe3 aboe. :BACC1L. :BACB1L. M!M!:1L. M!M!:1L11.


R11RR11RR11RR11R unction elate3 to ,nhance3 Securit unction

!he function that influence the etu# of the ,nhance3 Securit function that the





95 / 112

a3<initrator o#erate i a follow $K )t ha e@#laine3 the influence of the bac;u# an3

retoration function in R1=%

'#erational etu# of ,nhance3 Securit function

unction to et ali3 or inali3 of ,nhance3 Securit function

:: lo"ical for<at function

unction to write the 3efault alue of <ana"e<ent 3ata uin" the file te< of :: Alon"

with the e@ecution of thi lo"ical for<at. the etu# of the ,nhance3 Securit function i

inali3ate3

All area oerwrite 3eletion function

!he etu# 3ata of enhance3 ecurit function are inali3ate3 b e@ecutin" the oerwrite

3eletion of all area


R117R117R117R117 unction elate3 to Bawor3 )nitialization unction

!he function that relate to the initialization of the #awor3 that the a3<initrator o#erate

i a follow

All area oerwrite 3eletion function

!he ettin" of the a3<initrator #awor3. the S(MB #awor3 an3 the Web:A4 erer

#awor3 are initialize3 to the alue at factor hi#<ent b e@ecutin" the oerwrite 3eletion

of all area

A 3ecribe3 aboe. M!M!:1L . M!M!:1L6. M!SM1 an3 M!SM1L2 are

realize3

R11=R11=R11=R11=

Chan"e of Web:A4 Serer Bawor3

!he Web:A4 erer #awor3 i chan"e3 !hi i #erfor<e3 when the newl etu# Web:A4

erer #awor3 atifie the Iualit

4erifie that the Web:A4 erer #awor3 which i newl et atifie the followin"

Iualitie

)t i co<#oe3 of the character an3 b the nu<ber of 3i"it. hown in the Web:A4 erer



)t hall not be <atche3 to the current ettin"

A 3ecribe3 aboe. )AS'S1L1. M!M!:1L. M!SM1. an3 M!SM1L2 arerealize3

R120R120R120R120 '#erational Setu# of the ): N Brint unction

!he o#eration <o3e of the ): N #rint function are et u# a follow

): N #rint auto<atic o#eration <o3e

An o#eration <o3e that tore a #rint file ent fro< a client BC a an ): N #rint file een if

#rintin" i reIuete3 b the nor<al #rint etu#

): N #rint #ecifie3 o#eration <o3e

An o#eration <o3e that tore a #rint file ent fro< a client BC a an ): N #rint file onlwhen it i reIuete3 to tore that file a an ): N #rint file





96 / 112

A 3ecribe3 aboe. M!M'1L2. M!SM1. an3 M!SM1L2 are realize3

R2R2R2R2 A:M)(-S(MB $S(MB A3<initrator unction%

A:M)(-S(MB i a ecurit function. which i3entifie an3 authenticate the a3<initrator

in the acce throu"h the networ; b uin" S(MB fro< client BC. an3 then #er<it the

o#eration of a ettin" function of the networ; onl to the a3<initrator whoe i3entification an3

authentication wa uccee3e3

R21R21R21R21 )3entification an3 Authentication unction b S(MB Bawor3

)t i3entifie an3 authenticate b the S(MB #awor3. that the uer who accee the M)+

obHect throu"h the networ; with the ue of S(MB i an a3<initrator

Broi3e the S(MB authentication <echani< which authenticate b the S(MB #awor3

that conit of the character hown in !able 12

'nl Authentication #awor3 or both the Briac #awor3 an3 the Authentication

#awor3 i ue3

)n the cae of S(MB. the S(MB #awor3 i ue3 for eer eion without reIuirin" the

a3<initrator authentication <echani< b the e#arate eion infor<ation

eet the authentication failure freIuenc if it uccee3 in authentication

)n the cae of both the Briac #awor3 an3 the Authentication #awor3 are ue3. the

authentication failure freIuenc i reet onl when both #awor3 to"ether uccee3e3 in

the authentication

When the authentication failure that beco<e the 1- ti<e at total in each authentication

function b uin" the S(MB #awor3 i 3etecte3. all the authentication function to ue the

S(MB #awor3 are loc;e3 $!he acce to the M)+ obHect i refue3%



)n the cae of both the Briac #awor3 an3 the Authentication #awor3 are utilize3.

een thou"h both #awor3 to"ether fail in authentication. it i 3etecte3 a one failure

!he loc; tatu i releae3 when the loc; releae function to the M)+ obHect of A:M)( i

#erfor<e3

A 3ecribe3 aboe. )AA*1L . )AUAU2L2 an3 )AU):2L2 are realize3

R22R22R22R22 Mana"e<ent unction uin" S(MB

When it i i3entifie3 an3 authenticate3 that the uer i an a3<initrator b the S(MB

#awor3. the acce to the M)+ obHect i #er<itte3. an3 then the o#eration of the ettin" 3ata

hown below i #er<itte3 to be 3one

$1% (etwor; Setu#

Setu# o#eration of the followin" ettin" 3ata i #erfor<e3

Settin" 3ata that relate to SM!B erer $)B a33re. #ort nu<ber. etc%

Settin" 3ata that relate to :(S erer $)B a33re. #ort nu<ber. etc% A erie of ettin" 3ata that relate to MB a33re $)B a33re. (et+)'S na<e. A##le!al;





97 / 112

#rinter na<e. etc%

A 3ecribe3 aboe. :BACC1L an3 :BAC1L are realize3

$2% Chan"e of S(MB #awor3

!he S(MB #awor3 $Briac #awor3 an3 Authentication #awor3% i chan"e3 4erif that

the S(MB #awor3 newl et atifie the followin" Iualitie

)t i co<#oe3 of the character an3 b the nu<ber of 3i"it hown in the S(MB #awor3

of the !able 12

!hi #awor3 i not co<#oe3 of one character onl

!hi #awor3 i not <atche3 to the currentl etu# #awor3

A 3ecribe3 aboe. )AS'S1L2. M!M!:1L . M!SM1 an3 M!SM1L2 are

realize3

$% Setu# of S(MB #awor3 authentication function

!he authentication <etho3 in the S(MB #awor3 authentication function i et to the

DAuthentication #awor3 onlD or the DBriac #awor3 an3 the Authentication #awor3D

A 3ecribe3 aboe. M!M'1L2 . M!SM1 an3 M!SM1L2 are realize3

RRRR S,4)C, $Serice Mo3e unction%

S,4)C, i a erie of ecurit function that the erice en"ineer o#erate. uch a the

erice en"ineer i3entification authentication function in erice <o3e accein" fro< a #anel.

an3 a ecurit <ana"e<ent function that inclu3e a chan"e in the C, #awor3 an3 the

a3<initrator #awor3

R1R1R1R1 Serice ,n"ineer )3entification Authentication unction

)t i i3entifie3 an3 authenticate3 the accein" uer a the erice en"ineer in re#one to the

acce reIuet to the erice <o3e fro< the #anel

Broi3e the C, authentication <echani< that i authenticate3 b the C, #awor3 that

conit of the character hown in !able 12

!he C, authentication <echani< b the e#arate eion infor<ation i not reIuire3

becaue the erice <o3e can onl be accee3 fro< the #anel

eturn EKP for each character a fee3bac; for the entere3 C, #awor3

eet the nu<ber of the authentication failure when uccee3in" in the authentication (ot acce#t the in#ut fro< the #anel for fie econ3 when the authentication faile3


function b uin" the C, #awor3 i 3etecte3. it loc; all the authentication function to ue

the C, #awor3 $!he acce to the erice <o3e i refue3%



*oc; of authentication function i releae3 with ,S,! function o#erate3

A 3ecribe3 aboe. )AA*1L1. )AA*1L7. )AUAU2L1. )AUAUR an3

)AU):2L1 are realize3





98 / 112

R2R2R2R2 unction Su##orte3 in Serice Mo3e

When a uer i i3entifie3 an3 authenticate3 a a erice en"ineer b the erice en"ineer

i3entification authentication function at the acce reIuet to the erice <o3e. the ue of the

followin" function i #er<itte3

R21R21R21R21 Chan"e of C, Bawor3

When a uer i re-authenticate3 a a erice en"ineer an3 the new #awor3 atifie the

Iualit. it i chan"e3

Broi3e the C, authentication <echani< that i re-authenticate3 b the C, #awor3 that

conit of the character hown in !able 12

eet the authentication failure freIuenc when uccee3in" in the re-authentication

eturn DKD for each character a fee3bac; for the entere3 C, #awor3 in the

re-authentication


function b uin" the C, #awor3 i 3etecte3. it lo"off the erice <o3e accein" fro< the

#anel. an3 loc; all the authentication function to ue the C, #awor3 $!he acce to the

erice <o3e i refue3%



!he ,S,! function unloc; the authentication function

)t erifie that the C, #awor3 newl et atifie the followin" Iualitie

)t i co<#oe3 of the character an3 b the nu<ber of 3i"it. hown in the C, #awor3 of

the !able 12



A 3ecribe3 aboe. )AA*1L1. )AS'S1L1. )AUAU6. )AUAUR. M!M!:1L=.


R22R22R22R22 Chan"e of A3<initrator Bawor3

Chan"e the a3<initrator #awor3 4erif that the a3<initrator #awor3 newl et

atifie the followin" Iualitie

)t i co<#oe3 of the character an3 b the nu<ber of 3i"it. hown in the a3<initrator#awor3 of the !able 12



A 3ecribe3 aboe. )AS'S1L1. M!M!:1L6. M!SM1 an3 M!SM1L1 are

realize3

R2R2R2R2 Setu# of the releae ti<e of o#eration #rohibition for C, Authentication

Set the releae ti<e of o#eration #rohibition for C, Authentication between 5 - 60 <inute

A 3ecribe3 aboe. M!M!:1L=. M!SM1 an3 M!SM1L1 are realize3





99 / 112

R2FR2FR2FR2F unction elate3 to ,nhance3 Securit unction

!he function that influence the ettin" of the ,nhance3 Securit function that the erice

en"ineer o#erate are a follow

:: lo"ical for<at function

unction to write the initial alue of <ana"e<ent 3ata uin" the file te< of :: !he

ettin" of the ,nhance3 Securit function i inali3ate3 alon" with the e@ecution of thi

lo"ical for<at

:: #hical for<at function

unction to rewrite the entire 3i; in :: with a re"ulate3 #attern inclu3in" the i"nal row

uch a the trac; an3 ector infor<ation !he ettin" of the ,nhance3 Securit function i

inali3ate3 alon" with the e@ecution of thi #hical for<at

)nitialization function

unction to reet eer ettin" alue written in (4AM to the factor 3efault !he etu# of

the ,nhance3 Securit function i inali3ate3 b e@ecutin" thi initialization function


RFRFRFRF US, $Uer unction%

US, i3entifie an3 authenticate the uer for the ue of MB ariou function !o the

i3entifie3 an3 authenticate3 uer. it #roi3e the <ana"e<ent function of the uer #awor3

that i <ana"e3 in the MB at the ti<e of <achine authentication. bei3e the #er<iion of the

ue of function uch a +' an3 B)(!

RF1RF1RF1RF1 Uer Authentication unction

8Account Authentication Uer i3entification an3 authentication in the nchronize3 <etho39

When the acce reIuet for the uer bo@ an3 the tore reIuet for the ecure #rint file. it i

i3entifie3 an3 authenticate3 to be a #er<itte3 uer Account (a<e $account ):% i aociate3

with the concerne3 uer ): that i et u# beforehan3 bei3e the uer ): for the i3entifie3 an3

authenticate3 uer. an3 the ue of +' an3 B)(! i #er<itte3 to the i3entifie3 an3

authenticate3 uer

eturn DKD for each character a fee3bac; for the entere3 uer #awor3


(ot acce#t the acce fro< the #anel for fie econ3 when the authentication faile3 When the authentication failure that beco<e 1- ti<e at total for the concerne3 uer i

3etecte3. it loc; all the authentication function to the uer

!he a3<initrator #ecifie the failure freIuenc threhol3 b the o#eration ettin" of

the authentication o#eration #rohibition function

!he loc; of authentication function i releae3 b #erfor<in" the loc; releae function to the

concerne3 uer of A:M)(

A 3ecribe3 aboe. )AA*1LF. )AA*1L7. )AA!:1. )AUAU 1L1. )AUAUR

)AU):2L an3 )AUS+1 are realize3

8 Account authentication Account re"itration function when the belon"in" account of uer inot re"itere3 in the nchronize3 <etho39





100 / 112

eIuire the Account authentication after Uer i3entification an3 authentication

e"iter the ucceful account ): a account na<e when uccee3in" in the account

authentication $+ thi. M!M!:1L12. M!SM1 an3 M!SM1L6 are realize3%

$!he 3etail of the account authentication i the a<e a #rocein" of the ite< e@#laine3 in

the followin" 8 Account authentication Uer i3entification an3 authentication in the

authentication <etho3 not nchronize39%

8 Account authentication Uer i3entification an3 authentication in the authentication <etho3

not nchronize39

When the acce reIuet for the uer bo@ an3 the tore reIuet for the ecure #rint file. it i

i3entifie3 an3 authenticate3 to be a #er<itte3 uer !he 3etail of uer authentication i the a<e

a account authentication uer i3entification an3 authentication in the nchronize3 <etho3 )n

the cae of the acce fro< the #anel. the account authentication i reIuire3. Account (a<e i

aociate3 with the uer ): if uccee3in" the account authentication. an3 the ue of +' an3

B)(! i #er<itte3 to the uer who i i3entifie3 an3 authenticate3

Broi3e account authentication <echani< that i authenticate3 the account b the

account #awor3 that conit of the character hown in !able 12

eturn DKD for each character a fee3bac; for the entere3 account #awor3


(ot acce#t the acce fro< the #anel for fie econ3 when the authentication faile3

When the authentication failure that beco<e 1- ti<e at total for the concerne3 account i

3etecte3. it loc; all the authentication function to the account

!he a3<initrator #ecifie the failure freIuenc threhol3 b the o#eration ettin" of

the authentication o#eration #rohibition function

!he loc; of the authentication function i releae3 b #erfor<in" the loc; releae function to

the concerne3 account of A:M)(

A 3ecribe3 aboe. )AA*1LR. )AA*1L7. )AA!:1. )AUAU1L2. )AUAUR

)AU):2L6 an3 )AUS+1 are realize3

When accein" fro< a networ;. the account i not authenticate3 after the uer authentication

but the uer an3 the account are #rocee3 with one eIuence When authenticatin" the account.

the account ): i aociate3 with the uer ):. an3 the uer ): an3 the account ): are <eaure3

b the eion infor<ation which i the a<e a uer i3entification an3 authentication in the

account authentication the nchronize3 <etho3

Broi3e the uer authentication <echani< that authenticate the uer b the uer#awor3 that conit of the character hown in !able 12

After the uer i authenticate3 to the acce fro< the networ;. the uer authentication

<echani< uin" eion infor<ation bei3e the uer #awor3 i #roi3e3

Accor3in" to the #rotocol. it ue the eion infor<ation <ore than 1010 or it "enerate

an3 ue the eion infor<ation <ore than 1010

A 3ecribe3 aboe. )AA!:1. )AS'S1L5. )AS'S2 an3 )AUS+1 are realize3

8Account authentication Uer i3entification an3 authentication when it 3oe not ue39

When the acce reIuet for the uer bo@ an3 the tore reIuet of the ecure #rint file. it i

i3entifie3 an3 authenticate3 to be a #er<itte3 uer !he 3etail of the uer authentication i thea<e a account authentication uer i3entification an3 authentication in the nchronize3





101 / 112

<etho3 !he ue of +' an3 B)(! i #er<itte3 to the uer who i i3entifie3 an3

authenticate3

A 3ecribe3 aboe. )AA*1LF. )AA*1L7. )AA!:1. )AUAU 1L1. )AUAUR

)AU):2L an3 )AUS+1 are realize3

8Auto<atic re"itration of the Uer ):9

)n the cae of the E,@ternal erer authenticationP ha been electe3 a the uer

authentication <etho3. the i3entifie3 an3 authenticate3 uer i re"itere3 a a uer ): with the

uer na<e an3 authentication erer infor<ation that wa ue3 with i3entification an3

authentication

A 3ecribe3 aboe. )AU):2LR. M!M!:1L10. M!SM1 an3 M!SM1L5 are

realize3

RF2RF2RF2RF2 Auto *o"off unction in Uer )3entification an3 Authentication :o<ain

While the uer who i i3entifie3 an3 authenticate3 i accein" fro< a #anel. if it 3oe not

acce#t an o#eration for <ore than the D#anel auto<atic lo"off ti<eD. it lo" off fro< a uer

i3entification an3 authentication 3o<ain auto<aticall

A 3ecribe3 aboe. !ASS* i realize3

RFRFRFRF Mo3ification unction of Uer Bawor3

When the i3entification an3 authentication are uccee3e3. an3 the acce to the uer

i3entification an3 authentication 3o<ain i #er<itte3. the uer i #er<itte3 to chan"e it own

#awor3 When the e@ternal erer authentication i effectie. thi function cannot be a##lie3

!he uer #awor3 i chan"e3 when it i re-authenticate3 that the uer i a uer an3 the newl

etu# #awor3 atifie the Iualit

Broi3e uer authentication <echani< that i authenticate3 the uer b the uer

#awor3 that conit of the character hown in !able 12


eturn EKP for each character a fee3bac; for the entere3 uer #awor3. in the cae of acce

fro< the #anel at the re-authentication

When the authentication failure that beco<e 1- ti<e at total for the concerne3 account i

3etecte3 b each authentication function utilizin" the uer #awor3. all the authentication

function utilizin" the uer #awor3 of the uer are loc;e3 out $*o"in b the uer i 3enie3Chan"e o#eration of the uer #awor3 i 3enie3%



!he loc; of the authentication function i releae3 b #erfor<in" the loc; releae function

to the concerne3 account of A:M)(

Chan"e3 when the uer #awor3 newl et atifie the followin" Iualitie

)t i co<#oe3 of the character an3 b the nu<ber of 3i"it. hown in the uer #awor3 of

the !able 12


!hi #awor3 i not <atche3 to the currentl etu# #awor3 A 3ecribe3 aboe. )AA*1LF. )AS'S1L. )AUAU6. )AUAUR. M!M!:1L2.





102 / 112

M!SM1. an3 M!SM1L are realize3

R5R5R5R5 +' $Uer +o@ unction%

+' #er<it a uer who wa i3entifie3 an3 authenticate3 a a #er<itte3 uer to o#erate an3

<ana"e hi/her #eronal uer bo@ When the account authentication i ue3. +' #er<it the

uer to o#erate an3 <ana"e the "rou# uer bo@ aociate3 with the account to which the uer

belon" +' i a erie of ecurit function uch a the acce control function allowin" that

the uer i #er<itte3 to ue the #ublic uer bo@ when he/he trie to acce that #ublic uer bo@

an3 #er<ittin" ariou o#eration of the #ublic uer bo@ an3 the uer bo@ file after the

authentication uccee3

8e"itration of uer bo@ b uer o#eration9

!o re"iter a #eronal uer bo@. a "rou# uer bo@ or #ublic uer bo@ b electin" the uer

attribute to the non-re"itration uer bo@ ): electe3 When itJ re"itere3. it i #oible to elect

DUer ):D or DAccount ):D in the uer attribute of the uer bo@ which hae been #ecifie3 DBublicD

a a 3efault alue

)n the cae of the #eronal uer bo@. the arbitrar uer ): re"itere3 i #ecifie3

)n the cae of the #ublic uer bo@. erif that a uer bo@ #awor3 re"itere3 atifie the

followin" con3ition

)t i co<#oe3 of the character an3 b the nu<ber of 3i"it. hown in the uer bo@



)n the cae of "rou# uer bo@. the arbitrar account ): re"itere3 i #ecifie3

A 3ecribe3 aboe. )AS'S1L1. M!MSAL1. M!M!:1L5. M!SM1 an3

M!SM1L are realize3

8Auto<atic re"itration of uer bo@9

)n the uer bo@ o#eration to tore of the co# Hob an3 the #rint Hob. when the #ecifie3 uer bo@

i unre"itere3. the #eronal uer bo@ which i et the uer ): of the uer who o#erate the

Hob concerne3 i auto<aticall re"itere3

A 3ecribe3 aboe. M!MSAL1 an3 M!SM1 are realize3

8Storin" of uer bo@ file9 )n the new torin" o#eration. <oe or co# o#eration of uer bo@ file. the uer bo@ ):

eIuialent to the uer bo@ #ecifie3 a tar"et tora"e i et to the uer bo@ attribute a the

uer bo@ file

A 3ecribe3 aboe. M!MSAL i realize3

R51R51R51R51 Beronal Uer +o@ unction

R511R511R511R511 Acce Control unction to Beronal Uer +o@

!he ta; to act for the i3entifie3 an3 authenticate3 uer ha DUer ):D of the uer who ii3entifie3 an3 authenticate3 for the uer attribute !hi ta; i #er<itte3 the 3i#la of the lit





103 / 112

of the #eronal uer bo@ which ha a corre#on3in" uer attribute with thi uer attribute

A 3ecribe3 aboe. )AA!:1. )AUS+1. :BACC1L1 an3 :BAC1L1 are realize3

R512R512R512R512 Acce Control unction to Uer +o@ ile in Beronal Uer +o@

When the uer bo@ to o#erate i electe3. DUer +o@ ):D of the uer bo@ i aociate3 with the

ta; a a uer bo@ attribute in a33ition to the uer attribute !hi ta; i #er<itte3. to the uer

bo@ file with the uer bo@ attribute corre#on3in" to the uer bo@ attribute of itelf. the #rintin".

the ,-<ail tran<iion $inclu3e the S/M)M, tran<iion%. the !B tran<iion. the A

tran<iion. the SM+ tran<iion. Web:A4 tran<iion. 3ownloa3. the re<oin" to other

uer bo@e. the co# o#eration to other uer bo@e. an3 the co# o#eration to an e@ternal

<e<or


R51R51R51R51 Uer Attribute Chan"e of Beronal Uer +o@

!he uer attribute can be chan"e3

)f another re"itere3 uer i #ecifie3. it beco<e a #eronal uer bo@ that another uer

<ana"e

)f #ublic i #ecifie3. it beco<e a #ublic uer bo@ )t i necear to re"iter the uer bo@

#awor3 )n thi cae. it i erifie3 that the uer bo@ #awor3 atifie the followin"

reIuire<ent

)t i co<#oe3 of the character an3 b the nu<ber of 3i"it hown in the uer bo@



)f account ): i #ecifie3. it beco<e a "rou# uer bo@ that can be accee3 b a uer who i

#er<itte3 the ue of the concerne3 account

A 3ecribe3 aboe. )AS'S1L1. M!MSA1L1. M!SM1 an3 M!SM1L are

realize3

R52R52R52R52 Bublic Uer +o@ unction

When the uer i i3entifie3 an3 authenticate3 a a #er<itte3 uer. the ta; to act for the uer

who i i3entifie3 an3 authenticate3 ha DUer ):D of the i3entifie3 an3 authenticate3 uer a the

uer attribute !hi ta; i #er<itte3 the 3i#la of the lit of the #ublic uer bo@ which i et the#ublic a the uer attribute !he o#eration #ecification of each #ublic uer bo@ i a follow

$A 3ecribe3 aboe. )AA!:1. )AUS+1. :BACC1L1 an3 :BAC1L1 are realize3%

R521R521R521R521 Authentication unction in Acce to Bublic Uer +o@

or the acce reIuet for each #ublic uer bo@. after the aboe-<entione3 erification function

i o#erate3. the uer who accee i authenticate3 that it i a uer #er<itte3 the ue of a uer

bo@ concerne3 re#ectiel

Broi3e the uer bo@ authentication <echani< that i authenticate3 b the uer bo@

#awor3 that conit of the character hown in !able 12 After the uer bo@ i authenticate3 to the acce fro< the networ;. it #roi3e the uer bo@







105 / 112


eturn EKP for each character a fee3bac; for the entere3 uer bo@ #awor3. in the cae of

acce fro< the #anel at the re-authentication

When the authentication failure that beco<e 1- ti<e at total for the concerne3 #ublic

uer bo@ i 3etecte3 b each authentication function utilizin" the uer #awor3. all the

authentication function utilizin" the uer bo@ #awor3 of the #ublic uer bo@ are loc;e3

out $:en the lo"in of the #ublic uer bo@ :en the chan"e o#eration of the uer bo@

#awor3 of the #ublic uer bo@%



!he loc; of the authentication function i releae3 b the loc; releae function to the #ublic

uer bo@ of A:M)( e@ecute3

Chan"e3 when the uer bo@ #awor3 newl et atifie the followin" Iualitie

)t i co<#oe3 of the character an3 b the nu<ber of 3i"it. hown in the uer #awor3 of

the !able 12


!hi #awor3 i not <atche3 to the currentl etu# #awor3

A 3ecribe3 aboe. )AA*1L6. )AS'S1L1. )AUAU6. )AUAUR. M!M!:1LF.

M!SM1. an3 M!SM1LF are realize3

R5R5R5R5 Grou# Uer +o@ unction

R51R51R51R51 Acce Control unction for Grou# Uer +o@

!he ta; to act for the i3entifie3 an3 authenticate3 uer ha the EAccount ):D a the Account

(a<e that i aociate3 with the i3entifie3 an3 authenticate3 uer !hi ta; i #er<itte3 the

3i#la of the lit of the "rou# uer bo@ which ha a corre#on3in" uer attribute with thi

account ):


R52R52R52R52 Acce Control unction to Uer +o@ ile in Grou# Uer +o@

When the uer bo@ to o#erate i electe3. DUer +o@ ):D of the uer bo@ i aociate3 with the

ta; a a uer bo@ attribute in a33ition to the uer attribute !hi ta; i #er<itte3. to the uer

bo@ file with the uer bo@ attribute corre#on3in" to the uer bo@ attribute of ubHect attribute.the #rintin". the ,-<ail tran<iion $inclu3e the S/M)M, tran<iion%. the !B tran<iion.

the A tran<iion. the SM+ tran<iion. Web:A4 tran<iion. 3ownloa3. the re<oin"

to other uer bo@e. the co# o#eration to other uer bo@e. an3 the co# o#eration to an

e@ternal <e<or

A 3ecribe3 aboe. )AA!:1. )AUS+1. :BACC1 L1 an3 :BAC1L1 are realize3

R5R5R5R5 Uer Attribute Chan"e of Grou# Uer +o@

!he uer attribute can be chan"e3

)f another account ): i #ecifie3. it beco<e a "rou# uer bo@ that the uer of another Account (a<e can acce





106 / 112

)f #ublic i #ecifie3. it beco<e a #ublic uer bo@ )t i necear to re"iter the uer bo@

#awor3 )n thi cae. it i erifie3 that the uer bo@ #awor3 atifie the followin"

reIuire<ent

)t i co<#oe3 of the character an3 b the nu<ber of 3i"it hown in the uer bo@



S#ecif a re"itere3 uer. an3 chan"e to a #eronal uer bo@ for the re"itere3 uer

A 3ecribe3 aboe. )AS'S1 L1. M!MSA1L. M!SM1 an3 M!SM1L6 are

realize3

R6R6R6R6 B)(! $Secure Brint unction. ): N Brint unction%

B)(! i a ecurit function relate3 to the ecure #rint function an3 ): N #rint function

)t #roi3e the acce control function that allow the #rintin" an3 3i#lain" the lit of the

ecure #rint file after authenticatin" if a uer i the authorize3 #eron to ue the ecure #rint file

for the acce to the ecure #rint file fro< the #anel to the i3entifie3 an3 authenticate3 uer

Moreoer. for the uer who wa i3entifie3 an3 authenticate3 a a #er<itte3 uer. when ): N

#rint file are accee3 fro< the #anel. B)(! #roi3e the acce control function that allow

the #rintin" an3 3i#lain" the lit of onl the one tore3 b the uer

R61R61R61R61 Secure Brint unction

R611R611R611R611 Authentication unction b Secure Brint Bawor3

When the uer i i3entifie3 an3 authenticate3 a the #er<itte3 uer. it authenticate that the

accein" uer i a uer to who< the ue of the ecure #rint file i #er<itte3. in re#one to the

acce reIuet to each ecure #rint file

Broi3e the ecure #rint authentication <echani< that i authenticate3 b the ecure

#rint #awor3 that conit of the character hown in !able 12

!he ecure #rint authentication <echani< b the e#arate eion infor<ation i not

nee3e3 becaue it beco<e onl an acce fro< the #anel in the cae of the ecure #rint

eturn DKD for each character a fee3bac; for the entere3 ecure #rint #awor3


!he acce fro< the #anel i not acce#te3 for 5 econ3 when the authentication i faile3

When the authentication failure that beco<e the 1- ti<e in total for the ecure #rint fileconcerne3 i 3etecte3. the authentication function to the ecure #rint file i loc;e3



!he loc; i releae3 b the loc; releae function to the ecure #rint file of A:M)(

e@ecute3

A 3ecribe3 aboe. )AA*1L5. )AA*1L7. )AUAU2L. )AUAUR an3

)AU):2LF are realize3

R612R612R612R612 Acce Control unction to Secure Brint ile

!he ecure #rint file acce control o#erate when it i authenticate3







108 / 112

initialization i a follow

<'bHect for the 3eletion ::9

Secure #rint file

Uer bo@ file

): N #rint file

'n-<e<or i<a"e file

Store3 i<a"e file

:: re<ainin" i<a"e file

)<a"e relate3 file

!ran<iion a33re 3ata file

Uer ):

Uer #awor3

Uer bo@ #awor3

Secure #rint #awor3

Account ):

Account #awor3

S/M)M, certificate

SS* certificate

8'bHect for the initialization (4AM9

A3<initrator Bawor3

S(MB #awor3

Web:A4 erer #awor3

,ncr#tion #a#hrae --- ,ncr#tion Ba#hrae i 3elete3. an3 the

o#erational ettin" of :: encr#tion function i

turne3 '

!he 3eletion <etho3 uch a the 3ata oerwritten in :: an3 the writin" freIuenc i

e@ecute3 accor3in" to the 3eletion <etho3 of the oerall area oerwrite 3eletion function et b

A:M)( $!able 1% or the :: encr#tion function. the encr#tion #a#hrae which wa et

i 3iable3 b turnin" off the o#erational etu# !he etu# of the ,nhance3 Securit function

beco<e inali3 in the e@ecution of thi function $efer to the 3ecri#tion for the o#erational

etu# of the ,nhance3 Securit function in A:M)(%

A 3ecribe3 aboe. A:)B1 i realize3

!able!able!able!able 1111 !#e!#e!#e!#e an3 Metho3an3 Metho3an3 Metho3an3 Metho3 of of of of ''''erwriteerwriteerwriteerwrite ::::eletioneletioneletioneletion of of of of 'er'er'er'erallallallall A AA Arearearearea

Metho3 'erwritten 3ata t#e an3 their or3er

Mo3e1 0@00

Mo3e2 an3o< nu<ber an3o< nu<ber 0@00

Mo3e 0@00 0@ an3o< nu<ber 4erification

Mo3eF an3o< nu<ber 0@00 0@

Mo3e5 0@00 0@ 0@00 0@

Mo3e6 0@00

0@

0@00

0@

0@00

0@

an3o< nu<berMo3eR 0@00 0@ 0@00 0@ 0@00 0@ 0@AA





109 / 112

Metho3 'erwritten 3ata t#e an3 their or3er

Mo3e7 0@00 0@ 0@00 0@ 0@00 0@ 0@AA 4erification

R7R7R7R7 CYB! $,ncr#tion &e Generation unction%

CYB! "enerate an encr#tion ;e to encr#t all 3ata written in :: b uin" the &onica

Minolta :: encr#tion ;e "eneration al"orith< that i re"ulate3 b the &onica Minolta

encr#tion #ecification tan3ar3

When the encr#tion #a#hrae i 3eci3e3 in the :: encr#tion functional o#eration

ettin" to which the acce i retricte3 in A:M)(. an encr#tion ;e 127 bit lon" i

"enerate3 fro< the encr#tion #a#hrae b a##lin" the &onica Minolta :: encr#tion ;e

"eneration al"orith<

A 3ecribe3 aboe. CSC&M1 i realize3

R=R=R=R= ,S,! $Authentication ailure reIuenc eet unction%

,S,! i a function that releae the loc; b reettin" the authentication failure freIuenc

when the account loc; in the a3<initrator authentication an3 C, authentication

$1% C, Authentication function loc; releae #rocein" function

!he function i e@ecute3 b the #ecific o#eration. an3 the loc; i releae3 b clearin" the

failure freIuenc of the C, authentication to 0 after the releae ti<e of o#eration #rohibition

for C, authentication

A 3ecribe3 aboe. )AA*1L1 i realize3

$2% A3<initrator authentication function loc; releae #rocein" function

!he function i e@ecute3 b '/'( of the <ain #ower u##l. an3 the loc; i releae3 b

clearin" the failure freIuenc of the a3<initrator authentication to 0 after the releae ti<e of

o#eration #rohibition for A3<initrator authentication

A 3ecribe3 aboe. )AA*1L2 i realize3

R10R10R10R10 !US!,:-BASS $!rut Channel unction%

!US!,:-BASS i a function that "enerate an3 achiee the !rute3 Channel b uin"

SS* or !S* #rotocol when tran<ittin" an3 receiin" the followin" i<a"e file between client BCan3 MB

Uer bo@ file $3ownloa3 fro< MB to client BC%

)<a"e file that will be tore3 a a uer bo@ file $u#loa3 fro< client BC to MB%

)<a"e file that will be tore3 a Secure Brint file $u#loa3 fro< client BC to MB%

)<a"e file that will be tore3 a an ): N #rint file $u#loa3 fro< client BC to MB%

A 3ecribe3 aboe. !B)!C1 i realize3

R11R11R11R11 S/M)M, $S/M)M, ,ncr#tion Brocein" unction%

S/M)M, i a function to encr#t the uer bo@ file when tran<ittin" the uer bo@ file aS/M)M,





110 / 112

8Uer bo@ file ,ncr#tion &e "eneration9

!he ,ncr#tion ;e i "enerate3 to encr#t the uer bo@ file b the #eu3oran3o< nu<ber

Generation Al"orith< which )BS 176-2 #roi3e $,ncr#tion ;e len"th i 127. 167. 1=2

or 256 bit%

A 3ecribe3 aboe. CSC&M1 i realize3

8,ncr#tion of Uer bo@ file 9

)t i encr#te3 b A,S which )BS BU+ 1=R #roi3e b uin" encr#tion ;e $127. 1=2 an3

256 bit% to encr#t the uer bo@ file

)t i encr#te3 b the -&e-!ri#le-:,S which SB700-6R #roi3e b uin" the encr#tion

;e $167 bit% to encr#t the uer bo@ file

A 3ecribe3 aboe. CSC'B1 i realize3

8,ncr#tion of Uer bo@ file ,ncr#tion ;e9

!he encr#tion ;e to encr#t the uer bo@ file i encr#te3 b SA which )BS 176-2

#roi3e

!he ;e len"th of the encr#tion ;e ue3 in thi cae i 102F. 20F7. 0R2 or F0=6 bit

A 3ecribe3 aboe. CSC'B1 i realize3

R12R12R12R12 A-C'(!'* $A Unit Control unction%

A-C'(!'* i the function that #rohibit an acce to internal networ; connecte3 to

MB throu"h the A unit b !', control

!', control the function that tranfer the 3ata receie3 fro< #ublic line to internal *A(

!he #rohibition of acce $3ata forwar3in" e@ce#t i<a"e 3ata% fro< #ublic line to internal

networ; i realize3 b !', control

A 3ecribe3 aboe. :B)C1 an3 :B)1 are realize3

R1R1R1R1 SUBB'!-AU! $,@ternal Serer Authentication '#eration Su##ort unction%

SUBB'!-AU! i the function that realize the uer authentication function in

coo#eration with the uer infor<ation <ana"e<ent erer of Actie :irector $the function that

o#erate with US,%

When the Ee@ternal erer authenticationP i electe3 for uer authentication <etho3. theinIuir for the authentication infor<ation of the uer i 3one for the uer infor<ation

<ana"e<ent erer un3er the uerJ reIuet of the i3entification an3 authentication #roce

After thi inIuir. the uer i3entification an3 authentication #roce i realize3 b "ettin" the

uer authentication infor<ation returne3 bac; fro< uer infor<ation <ana"e<ent erer

A 3ecribe3 aboe. CSCAB1 L1 i realize3

R1FR1FR1FR1F SUBB'!-CYB!' $AS)C Su##ort unction%

SUBB'!-CYB!' i the function that o#erate the :: encr#tion function that utilize

AS)C fro< !',or all 3ata written in ::. an encr#tion ;e "enerate3 b CYB!' i et in AS)C. an3





111 / 112

encr#tion i #erfor<e3 b the AS)C 'n the other han3. for the encr#te3 3ata rea3 out of the

::. the encr#tion ;e "enerate3 b CYB!' i et in AS)C in the a<e <anner a aboe.

an3 3ecr#tion i #erfor<e3 b the AS)C

A 3ecribe3 aboe. CSCAB1 L2 i realize3

R15R15R15R15 A:M)(-Web:A4 $A3<initrator unction $Counter Mana"e<ent unction%%

A:M)(-Web:A4 i the ecurit function that i3entifie an3 authenticate a3<initrator

when accee3 ia a networ; fro< a client BC uin" Web:A4. an3 #er<it onl the

a3<initrator who wa i3entifie3 an3 authenticate3 uccefull to o#erate the counter

<ana"e<ent function $!he counter <ana"e<ent function inclu3e !S 3ata !hi i 3ecribe3

in 3etail below%

R151R151R151R151 )3entification an3 Authentication unction b Web:A4 Serer Bawor3

)t i i3entifie3 an3 authenticate3 b the Web:A4 erer #awor3 that a uer accein" ia a

networ; uin" Web:A4 i an a3<initrator

Broi3e the Web:A4 authentication <echani< which authenticate the uer b the

Web:A4 erer #awor3 conitin" of the character hown in !able 12

or Web:A4. no e#arate <echani< to authenticate the a3<initrator bae3 on the

eion infor<ation. but a Web:A4 erer #awor3 i ue3 for each eion


When the authentication failure that beco<e the econ3. fourth. an3 i@th in total i

3etecte3 b each authentication function utilizin" a Web:A4 erer #awor3. all the

authentication function utilizin" a Web:A4 erer #awor3 i loc;e3 $:en the acce

uin" Web:A4%



!he loc; i releae3 b the loc; releae function to the Web:A4 authentication of A:M)(

e@ecute3

A 3ecribe3 aboe. )AA*1L=. )AUAU2L2. an3 )AU):2L2 are realize3

R152R152R152R152 Mana"e<ent unction Utilizin" Web:A4

When it i i3entifie3 an3 authenticate3 that the uer i an a3<initrator b the Web:A4erer #awor3. acce utilizin" Web:A4 i #er<itte3. an3 the etu# o#eration of the followin"

ettin" 3ata i #er<itte3

R1521R1521R1521R1521 'btention of Uer Bawor3

Uer #awor3 i obtaine3 for each re"itere3 uer

A 3ecribe3 aboe. M!M!:1LR. M!SM1. an3 M!SM1L2 are realize3

R1522R1522R1522R1522 'btention of Account Bawor3

Account #awor3 i obtaine3 for each re"itere3 account




A 3ecribe3 aboe. M!M!:1LR. M!SM1. an3 M!SM1L2 are realize3

Documents

Service Manual Firmware KM652