Service Manual Firmware KM652

bizhub 652 / bizhub 602 / bizhub 552 / bizhub 502 / ineo 652 / ineo 602 / ineo 552 / ineo
502
Control Software A2WU0Y0-0100-GM0-00 Securit !ar"et

Co#ri"ht$c% 2010-2011 &'()CA M)('*!A +US)(,SS !,C-('*'G),S. )(C/. All 0i"ht1 0e1er2e3/
1 / 112

bizhub bizhub bizhub bizhub 652 652 652 652 / bizhub / bizhub / bizhub / bizhub 602 602 602 602 / bizhub / bizhub / bizhub / bizhub 552 552 552 552 / bizhub / bizhub / bizhub / bizhub 502 502 502 502 / / / /
ineo ineo ineo ineo 652 652 652 652 / ineo / ineo / ineo / ineo 602 602 602 602 / ineo / ineo / ineo / ineo 552 552 552 552 / ineo / ineo / ineo / ineo 502 502 502 502
Control Control Control Control Software Software Software Software
A AA A2W 2W 2W 2WU0Y0 U0Y0 U0Y0 U0Y0- -- -0100 0100 0100 0100- -- -GM0 GM0 GM0 GM0- -- -00 00 00 00

Securit Securit Securit Securit !ar"et !ar"et !ar"et !ar"et

This document is a translation of the evaluated and certified security target
written in Japanese

4er1ion5 1/06
)11ue3 on5 March 17. 2011
Create3 b5 &'()CA M)('*!A +US)(,SS !,C-('*'G),S. )(C/

bizhub 652 / bizhub 602 / bizhub 552 / bizhub 502 / ineo 652 / ineo 602 / ineo 552 / ineo 502

2 / 112

80e2i1ion -i1tor9
:ate 4er/ :i2i1ion A##ro2e3 Chec;e3 Create3 0e2i1ion
2010/7/60 1/00 'ffice Software
:e2elo#<ent :i2/ 1
-irota Yo;obori Yo1hi3a )nitial 4er1ion/
2010/11/= 1/01 'ffice Software
:e2elo#<ent :i2/ 1
-irota

!a3a Yo1hi3a :eal with t#o1/
:e2elo#<ent :i2/ 1
-irota

!a3a Yo1hi3a :eal with t#o1/

:e2elo#<ent :i2/1
-irota !a3a Yo1hi3a :eal with t#o1/


3 / 112

---- [ Contents ] ---------------------------------------------------------------------------------
1. ST Introduction ...................................................................................................................... 6
1.1. ST Reference................................................................................................................................... 6
1.2. TOE Reference................................................................................................................................ 6
1.3. TOE Overview ................................................................................................................................. 6
1.3.1. TOE Type.......................................................................................................................................................... 6
1.3.2. Usage of TOE and Main Security Functions..................................................................................................... 6
1.4. TOE Description .............................................................................................................................. 7
1.4.1. Roles of TOE Users.......................................................................................................................................... 7
1.4.2. Physical Scope of TOE..................................................................................................................................... 8
1.4.3. Logical Scope of TOE..................................................................................................................................... 11
2. Conformance Claims ........................................................................................................... 18
2.1. CC Conformance Claim................................................................................................................ 18
2.2. PP Claim........................................................................................................................................ 18
2.3. Package Claim.............................................................................................................................. 18
2.4. Reference ...................................................................................................................................... 18
3. Security Problem Definition................................................................................................ 19
3.1. Protected Assets............................................................................................................................ 19
3.2. Assumptions .................................................................................................................................. 20
3.3. Threats........................................................................................................................................... 20
3.4. Organizational Security Policies.................................................................................................... 22
4. Security Objectives.............................................................................................................. 23
4.1. Security Objectives for the TOE.................................................................................................... 23
4.2. Security Objectives for the Operational Environment................................................................... 25
4.3. Security Objectives Rationale ....................................................................................................... 27
4.3.1. Necessity ........................................................................................................................................................ 27
4.3.2. Sufficiency of Assumptions............................................................................................................................. 28
4.3.3. Sufficiency of Threats ..................................................................................................................................... 28
4.3.4. Sufficiency of Organizational Security Policies............................................................................................... 32
5. Extended Components Definition....................................................................................... 33
5.1. Extended Function Component..................................................................................................... 33
5.1.1. FAD_RIP.1 Definition ...................................................................................................................................... 33
5.1.2. FIT_CAP.1 Definition ...................................................................................................................................... 34
6. IT Security Requirements.................................................................................................... 36
6.1. TOE Security Requirements.......................................................................................................... 36
6.1.1. TOE Security Functional Requirements.......................................................................................................... 36
6.1.2. TOE Security Assurance Requirements ......................................................................................................... 65
6.2. IT Security Requirements Rationale ............................................................................................. 66
6.2.1. Rationale for IT Security Functional Requirements ........................................................................................ 66
6.2.2. Rationale for IT Security Assurance Requirements ........................................................................................ 85
7. TOE Summary Specification ............................................................................................... 86
7.1. F.ADMIN (Administrator Function) ................................................................................................ 86
7.1.1. Administrator Identification Authentication Function....................................................................................... 86
7.1.2. Auto Logoff Function of Administrator Mode................................................................................................... 87
7.1.3. Function Supported in Administrator Mode..................................................................................................... 87

4 / 112
7.2. F.ADMIN-SNMP (SNMP Administrator Function) ......................................................................... 96
7.2.1. Identification and Authentication Function by SNMP Password ..................................................................... 96
7.2.2. Management Function using SNMP............................................................................................................... 96
7.3. F.SERVICE (Service Mode Function) ........................................................................................... 97
7.3.1. Service Engineer Identification Authentication Function................................................................................. 97
7.3.2. Function Supported in Service Mode.............................................................................................................. 98
7.4. F.USER (User Function)................................................................................................................ 99
7.4.1. User Authentication Function.......................................................................................................................... 99
7.4.2. Auto Logoff Function in User Identification and Authentication Domain ....................................................... 101
7.4.3. Modification Function of User Password ...................................................................................................... 101
7.5. F.BOX (User Box Function)......................................................................................................... 102
7.5.1. Personal User Box Function......................................................................................................................... 102
7.5.2. Public User Box Function ............................................................................................................................. 103
7.5.3. Group User Box Function ............................................................................................................................. 105
7.6. F.PRINT (Secure Print Function, ID & Print Function)................................................................ 106
7.6.1. Secure Print Function................................................................................................................................... 106
7.6.2. ID & print Function........................................................................................................................................ 107
7.7. F.OVERWRITE-ALL (All Area Overwrite Deletion Function) ...................................................... 107
7.8. F.CRYPT (Encryption Key Generation Function)........................................................................ 109
7.9. F.RESET (Authentication Failure Frequency Reset Function) ................................................... 109
7.10. F.TRUSTED-PASS (Trust Channel Function)........................................................................... 109
7.11. F.S/MIME (S/MIME Encryption Processing Function) .............................................................. 109
7.12. F.FAX-CONTROL (FAX Unit Control Function) .........................................................................110
7.13. F.SUPPORT-AUTH (External Server Authentication Operation Support Function)..................110
7.14. F.SUPPORT-CRYPTO (ASIC Support Function).......................................................................110
7.15. F.ADMIN-WebDAV (Administrator Function (Counter Management Function)) .......................111
7.15.1. Identification and Authentication Function by WebDAV Server Password ..................................................111
7.15.2. Management Function Utilizing WebDAV....................................................................................................111


5 / 112

---- [ List of Figures ] ---------------------------------------------------------------------------------
Figure 1 An example of MFPs use environments.............................................................................. 8
Figure 2 Hardware composition relevant to TOE............................................................................... 9

---- [ List of Tables ] ---------------------------------------------------------------------------------
Table 1 Conformity of security objectives to assumptions, threats, and organization security
policies ....................................................................................................................................... 27
Table 2 Cryptographic Key Generation: Relation of Standards-Algorithm-Key sizes ................... 37
Table 3 Cryptographic Operation: Relation of Algorithm-Key sizes-Cryptographic Operation ..... 37
Table 4 User Box Access Control: Operational List....................................................................... 38
Table 5 Secure Print File Access Control: Operational List........................................................... 38
Table 6 Setting Management Access Control: Operational List .................................................... 39
Table 7 ID & Print file Access Control: Operational List ................................................................ 39
Table 8 TOE Security Assurance Requirements .............................................................................. 65
Table 9 Conformity of IT Security Functional Requirements to Security Objectives ....................... 66
Table 10 Dependencies of IT Security Functional Requirements Components .............................. 80
Table 11 Names and Identifiers of TOE Security Function .............................................................. 86
Table 12 Characters and Number of Digits for Password .............................................................. 87
Table 13 Types and Methods of Overwrite Deletion of Overall Area ............................................. 108


6 / 112

1/ 1/ 1/ 1/ S! )ntro3uction

1/1/ 1/1/ 1/1/ 1/1/ S! 0eference

- S! !itle 5 bizhub 652 / bizhub 602 / bizhub 552 / bizhub 502 /
ineo 652 / ineo 602 / ineo 552 / ineo 502 Control Software
A2WU0Y0-0100-GM0-00 Securit !ar"et
- S! 4er1ion 5 1/06
- Create3 on 5 March 17. 2011
- Create3 b 5 &'()CA M)('*!A +US)(,SS !,C-('*'G),S. )(C/
,iichi Yo1hi3a

1/2/ 1/2/ 1/2/ 1/2/ !', 0eference

- !', (a<e 5 >a#ane1e (a<e 5
bizhub 652 / bizhub 602 / bizhub 552 / bizhub 502 /
ineo 652 / ineo 602 / ineo 552 / ineo 502
?entai Sei"o Software
,n"li1h (a<e 5
bizhub 652 / bizhub 602 / bizhub 552 / bizhub 502 /
ineo 652 / ineo 602 / ineo 552 / ineo 502
Control Software
- !', 4er1ion 5 A2WU0Y0-0100-GM0-00

- !', !#e 5 Software
- Create3 b 5 &'()CA M)('*!A +US)(,SS !,C-('*'G),S. )(C/

1/6/ 1/6/ 1/6/ 1/6/ !', '2er2iew

!hi1 #ara"ra#h e@#lain1 the u1a"e. <ain 1ecurit function1. an3 o#erational en2iron<ent of
!',/

1/6/1/ 1/6/1/ 1/6/1/ 1/6/1/ !', !#e

control 1oftware. which i1 the !',. i1 an e<be33e3 1oftware #ro3uct in1talle3 in the SS: on the
MAB controller to control the o#eration of the whole MAB/

1/6/2/ 1/6/2/ 1/6/2/ 1/6/2/ U1a"e of !', an3 Main Securit Aunction1

bizhub 652. bizhub 602. bizhub 552. bizhub 502. ineo 652. ineo 602. ineo 552 an3 ineo 502 are
3i"ital <ulti-function #ro3uct1 #ro2i3e3 b &onica Minolta +u1ine11 !echnolo"ie1. )nc/.
co<#o1e3 b 1electin" an3 co<binin" co#. #rint. 1can an3 AAC function1/ $-ereinafter all the
#ro3uct1 are referre3 to a1 DMABD/% !', i1 the Econtrol 1oftware for bizhub 652 / bizhub 602 /
bizhub 552 / bizhub 502 / ineo 652 / ineo 602 / ineo 552 / ineo 502D that control1 the entire
o#eration of MAB. inclu3in" the o#eration control #roce11in" an3 the i<a"e 3ata <ana"e<ent

7 / 112
tri""ere3 b the #anel of the <ain bo3 of MAB or throu"h the networ;/
!', 1u##ort1 the #rotection fro< e@#o1ure of the hi"hl confi3ential 3ocu<ent1 1tore3 in
MAB/ Moreo2er. for the 3an"er of ille"all brin"in" out -::. which 1tore1 i<a"e 3ata in MAB.
!', can encr#t all the 3ata written in -:: inclu3in" i<a"e 3ata u1in" AS)C $A##lication
S#ecific )nte"rate3 Circuit%/ +e1i3e1. !', ha1 the function that 3elete1 all the 3ata of -::
co<#letel b 3eletion <etho3 co<#liant with 2ariou1 o2erwrite 3eletion 1tan3ar31 at the ti<e
of aban3on<ent or the lea1e return1 an3 the function that control1 the acce11 fro< the #ublic
line a"ain1t the 3an"er u1in" Aa@ function a1 a 1te##in"1tone to acce11 internal networ;/ So it
contribute1 to the #re2ention of infor<ation lea;a"e of the or"anization that u1e1 MAB/

1/F/ 1/F/ 1/F/ 1/F/ !', :e1cri#tion

1/F/1/ 1/F/1/ 1/F/1/ 1/F/1/ 0ole1 of !', U1er1

!he role1 of the #er1onnel relate3 to the u1e of MAB with !', are 3efine3 a1 follow1/

U1er
An MAB u1er who i1 re"i1tere3 into MAB/ $)n "eneral. the e<#loee in the office i1 a11u<e3/%

A3<ini1trator
An MAB u1er who <ana"e1 the o#eration1 of MAB/ Mana"e1 MABG1 <echanical o#eration1
an3 u1er1/ $)n "eneral. it i1 a11u<e3 that the #er1on electe3 fro< the e<#loee1 in the office
#la1 thi1 role/%

Ser2ice en"ineer
A u1er who <ana"e1 the <aintenance of MAB/ Berfor<1 the re#air an3 a3Hu1t<ent of MAB/ $)n
"eneral. the #er1on-in-char"e of the 1ale1 co<#anie1 that #erfor<1 the <aintenance 1er2ice of
MAB in coo#eration with &onica Minolta +u1ine11 !echnolo"ie1. )nc/ i1 a11u<e3/%

0e1#on1ible #er1on of the or"anization that u1e1 MAB
A re1#on1ible #er1on of the or"anization that <ana"e1 the office where the MAB i1 in1talle3/
A11i"n1 an a3<ini1trator who <ana"e1 the o#eration of MAB/

0e1#on1ible #er1on of the or"anization that <ana"e1 the <aintenance of MAB
A re1#on1ible #er1on of the or"anization that <ana"e1 the <aintenance of MAB/ A11i"n1
1er2ice en"ineer1 who <ana"e the <aintenance of MAB/

+e1i3e1 thi1. thou"h not a u1er of !',. tho1e who "o in an3 out the office are a11u<e3 a1
acce11ible #er1on1 to !',/

8 / 112

1/F/2/ 1/F/2/ 1/F/2/ 1/F/2/ Bh1ical Sco#e of !',

1/F/2/1/ 1/F/2/1/ 1/F/2/1/ 1/F/2/1/ U1e ,n2iron<ent

Ai"ure 1 1how1 a "eneral en2iron<ent in which the u1a"e of MAB eIui##e3 with !', i1
e@#ecte3/ Moreo2er. the <atter1 e@#ecte3 to occur in the u1e en2iron<ent are li1te3 below/

Ai"ure Ai"ure Ai"ure Ai"ure 1 11 1 An An An An e ee e@a<#le @a<#le @a<#le @a<#le of of of of MAB MAB MAB MABG GG G1 u1e en2iron<ent1 1 u1e en2iron<ent1 1 u1e en2iron<ent1 1 u1e en2iron<ent1

An intra-office *A( e@i1t1 a1 a networ; in the office/
MAB i1 connecte3 to the client BC1 2ia the intra-office *A(. an3 ha1 <utual 3ata
co<<unication1/
When a SM!B. A!B. or Web:A4 1er2er i1 connecte3 to the intra-office *A(. MAB can carr
out 3ata co<<unication1 with the1e 1er2er1. too/ $!he :(S 1er2ice will be nece11ar when
1ettin" a 3o<ain na<e of the SM!B/A!B/Web:A4 1er2er/%
)t i1 al1o a11u<e3 to unif <ana"e<ent of u1er ):1/#a11wor31 in a 1er2er/ )n thi1 ca1e. !',
can control acce11 to the MAB b u1in" the u1er re"i1tration infor<ation in the u1er
infor<ation <ana"e<ent 1er2er/
When the intra-office *A( connect1 to an e@ternal networ;. <ea1ure1 1uch a1 connectin" 2ia
a firewall are ta;en. an3 an a##ro#riate 1etu# to bloc; acce11 reIue1t1 to the MAB fro< the
e@ternal networ; i1 a##lie3/
!he intra-office *A( #ro2i3e1 a networ; en2iron<ent that cannot be interce#te3 b office
o#eration1 inclu3in" u1in" 1witchin" hub1 an3 in1tallin" wireta##in" 3etector1/
!he #ublic line connecte3 with MAB i1 u1e3 for co<<unication1 b Aa@ an3 the re<ote
3ia"no1tic function/

)nternet
,@ternal (etwor;
'ffice
!', !', !', !',
SM!B Ser2er
A!B Ser2er
Client BC
Airewall
Bublic line
:(S Ser2er
MAB
U1er )nfor<ation
Mana"e<ent
Ser2er
Web:A4 Ser2er


9 / 112
1/F/2/2/ 1/F/2/2/ 1/F/2/2/ 1/F/2/2/ '#eration ,n2iron<ent

Ai"ure Ai"ure Ai"ure Ai"ure 2 22 2 -ar3ware -ar3ware -ar3ware -ar3ware co<#o1ition co<#o1ition co<#o1ition co<#o1ition rele2ant to rele2ant to rele2ant to rele2ant to !', !', !', !',

Ai"ure 2 1how1 the 1tructure of the har3ware en2iron<ent in MAB that !', nee31 for the
o#eration/ !he MAB controller i1 in1talle3 in the <ain bo3 of MAB. an3 !', e@i1t1 in SS: on
the MAB controller. loa3e3 into the <ain <e<or/
!he followin" e@#lain1 about the uniIue har3ware on the MAB controller. the har3ware ha2in"
interface1 to the MAB controller. an3 the connection u1in" interface1. 1hown in Ai"ure 2/

SS:
A 1tora"e <e3iu< that 1tore1 the obHect co3e of the DMAB Control Software.D which i1 the
!',/ A33itionall. 1tore1 the <e11a"e 3ata e@#re11e3 in each countrJ1 lan"ua"e to 3i1#la
the re1#on1e to acce11 throu"h the #anel an3 networ;/

(40AM
A non2olatile <e<or/ !hi1 <e<or <e3iu< 1tore1 2ariou1 1ettin"1 that MAB nee31 for
#roce11in" of !',/

AS)C
An inte"rate3 circuit for 1#ecific a##lication1 which i<#le<ent1 an -:: encr#tion function1
for enci#herin" the 3ata written in -::/

-::
A har3 3i1; 3ri2e of 250G+ in ca#acit/ !hi1 i1 u1e3 not onl for 1torin" i<a"e 3ata a1 file1
but al1o a1 an area to 1a2e i<a"e 3ata an3 3e1tination 3ata te<#oraril 3urin" e@ten1ion
con2er1ion an3 1o on/

Main/1ub #ower 1u##l
Bower 1witche1 for acti2atin" MAB/

10 / 112

Banel
An e@clu1i2e control 3e2ice for the o#eration of MAB. eIui##e3 with a touch #anel of a liIui3
cr1tal <onitor. ten-;e. 1tart ;e. 1to# ;e. 1creen 1witch ;e. etc/

Scan unit/auto<atic 3ocu<ent fee3er
A 3e2ice that 1can1 i<a"e1 an3 #hoto1 fro< #a#er an3 con2ert1 the< into 3i"ital 3ata/

Brinter unit
A 3e2ice to actuall #rint the i<a"e 3ata which were con2erte3 for #rintin" when recei2e1 a
#rint reIue1t fro< the MAB controller/

,thernet
Su##ort1 10+AS,-!. 100+AS,-!C. an3 Gi"abit ,thernet/

US+
Co#in" i<a"e file to an e@ternal <e<or. co#in" or #rintin" i<a"e file fro< an e@ternal
<e<or. an3 u#3ate of !',. etc/ can be #erfor<e3 throu"h thi1 interface/ !hi1 i1 al1o u1able
a1 a connection interface of the o#tional #art1/ !here i1 the 3e2ice interface ;it which i1 nee3
for co# or #rint fro< +luetooth 3e2ice an3 the US+ ;eboar3
1
to co<#le<ent ;e entr fro<
the #anel/ )nclu3in" an e@ternal <e<or. it i1 nece11ar to be able to u1e the</

0S-262C
Serial connection u1in" :-1ub =-#in connector1 i1 u1able/ !he <aintenance function i1 u1able
throu"h thi1 interface in the ca1e of failure/ )t i1 al1o #o11ible to u1e the re<ote 3ia"no1tic
function $3e1cribe3 later% b connectin" with the #ublic line 2ia a <o3e</

AAC unit $K o#tional #art%
A 3e2ice that ha1 a #ort of Aa@ #ublic line an3 i1 u1e3 for co<<unication1 for AAC-3ata
tran1<i11ion an3 re<ote 3ia"no1tic $3e1cribe3 later% 2ia the #ublic line/ )1 not #re-in1talle3
in MAB a1 a 1tan3ar3 function accor3in" to the circu<1tance1 in 1ale1. but 1ol3 a1 an o#tional
#art/ Aa@ unit i1 #urcha1e3 when the or"anization nee31 it. an3 the in1tallation i1 not
in3i1#en1able/

1/F/2/6/ 1/F/2/6/ 1/F/2/6/ 1/F/2/6/ Gui3ance

bizhub 602 / 502 Ser2ice Manual Securit Aunction1 $>a#ane1e%
bizhub 652 / 602 / 552 / 502 S,04)C, MA(UA* S,CU0)!Y AU(C!)'(
ineo 652 / 602 / 552 / 502 S,04)C, MA(UA* S,CU0)!Y AU(C!)'(
bizhub 602 / 502 U1erJ1 Gui3e Securit Aunction1 $>a#ane1e%
bizhub 652 / 602 / 552 / 502 U1erJ1 Gui3e LSecurit '#eration1M
ineo 652 / 552 U1erJ1 Gui3e LSecurit '#eration1M
ineo 602 / 502 U1erG1 Gui3e LSecurit '#eration1M

1
)t i1 u1able when the 3i1#la lan"ua"e i1 ,n"li1h. Arench. )talian. Ger<an or S#ani1h/ )t 3oe1 not affect the
o#eration of 1ecurit function1/

11 / 112

1/F/6/ 1/F/6/ 1/F/6/ 1/F/6/ *o"ical Sco#e of !',

U1er1 u1e a 2ariet of function1 of !', fro< the #anel an3 a client BC 2ia the networ;/
-ereafter. thi1 1ection e@#lain1 t#ical function1 1uch a1 the ba1ic function. the u1er bo@ function
to <ana"e the i<a"e file1 1tore3. the u1er i3entification an3 authentication function. the
a3<ini1trator function <ani#ulate3 b a3<ini1trator1. the 1er2ice en"ineer function
<ani#ulate3 b 1er2ice en"ineer1. an3 the function o#erate3 in the bac;"roun3 without u1erJ1
awarene11/

1/F/6/1/ 1/F/6/1/ 1/F/6/1/ 1/F/6/1/ +a1ic Aunction

)n MAB. a 1erie1 of function1 for the office wor; concernin" the i<a"e 1uch a1 co#. #rint. 1can.
an3 fa@ e@i1t1 a1 ba1ic function1. an3 !', #erfor<1 the core control in the o#eration of the1e
function1/ )t con2ert1 the raw 3ata acIuire3 fro< the e@ternal 3e2ice of the MAB controller into
i<a"e file1. an3 1tore1 the< in 0AM an3 -::/ $Aor #rint i<a"e file1 fro< client BC1. <ulti#le
t#e1 of con2er1ion are a##lie3/% !he1e i<a"e file1 are con2erte3 into 3ata to be #rinte3 or 1ent.
an3 tran1<itte3 to the 3e2ice out1i3e of the MAB controller concerne3/
'#eration1 of co#. #rint. 1can. an3 AAC are <ana"e3 b the unit of Hob. 1o that o#eration
#riorit can be chan"e3. fini1hin" of #rint Hob1 can be chan"e3. an3 1uch o#eration1 can be
aborte3. b "i2in" 3irection1 fro< the #anel/

!he followin" i1 the function1 relate3 to the 1ecurit in the ba1ic function/

Secure Brint Aunction
When a Secure Brint #a11wor3 i1 recei2e3 to"ether with #rintin" 3ata. the i<a"e file i1
1tore3 a1 1tan3b 1tatu1/ !hen. #rintin" i1 #erfor<e3 b a #rint 3irection an3 #a11wor3 entr
fro< the #anel/
When #rintin" i1 reIue1te3 b a client BC. thi1 function eli<inate1 the #o11ibilit that other
u1er1 1tole a "lance at the #rintin" of hi"hl confi3ential 3ata. or 1uch 3ata i1 1li##e3 into the
other #rintin"1/

): N Brint Aunction
When thi1 function i1 1et u#. u1ual #rint 3ata are 1a2e3 in the #rint waitin" 1tate. an3
#rinte3 b the u1er authentication #roce11in" fro< the #anel/ ,2en when thi1 function i1 not
1et u#. if it i1 1#ecifie3 on the #rint 3ata to acti2ate thi1 function. the 11te< will o#erate in
the 1a<e <anner a1 thi1 function i1 1et u# b a u1er/

1/F/6/2/ 1/F/6/2/ 1/F/6/2/ 1/F/6/2/ U1er +o@ Aunction

A 3irector calle3 a Du1er bo@D can be create3 a1 an area to 1tore i<a"e file1 in -::/ !hree
t#e1 of u1er bo@ are u1ableO the fir1t i1 the #er1onal u1er bo@ which a u1er #o11e11e1. the 1econ3
i1 the #ublic u1er bo@ which i1 1hare3 b re"i1tere3 u1er1 who <a3e a certain nu<ber of "rou#1.
an3 the thir3 i1 the "rou# bo@ which i1 1hare3 b the u1er1 belon"in" to 1a<e account/ A1 for the
#er1onal u1er bo@. the o#eration i1 li<ite3 onl for the u1er who own1 it. the #ublic u1er bo@
#erfor<1 acce11 control b 1harin" a #a11wor3 1et to the u1er bo@ a<on" u1er1/ An3 the "rou#

12 / 112
bo@ li<it1 o#eration1 onl for the u1er1 of the account that are #er<itte3 to u1e it/
!', #roce11e1 the followin" o#eration reIue1t1 to a u1er bo@ or i<a"e file1 in the u1er bo@ that
i1 tran1<itte3 fro< the #anel or the networ; unit throu"h a networ; fro< a client BC/

Brint. tran1<it. an3 3ownloa3 fro< a client BC. of i<a"e file1 in a u1er bo@
!he encr#tion of u1er bo@ file i1 #o11ible in the ,-<ail that i1 one of the tran1<i11ion
<etho31/
:elete an i<a"e file in a u1er bo@. <o2e/co# it to other u1er bo@e1 an3 co# it to e@ternal
<e<or
Set a 1torin" #erio3 of i<a"e file1 in a u1er bo@ $3elete auto<aticall after the #erio3 #a11e1/%
Chan"e the na<e an3 #a11wor3 of a u1er bo@. or 3elete a u1er bo@
Set attribute1 of a u1er bo@ $chan"e the t#e of a #er1onal u1er bo@. #ublic u1er bo@. or "rou#
u1er bo@%

1/F/6/6/ 1/F/6/6/ 1/F/6/6/ 1/F/6/6/ U1er Authentication Aunction

!', can li<it the u1er who u1e1 MAB/ Aor acce11 throu"h the #anel or the networ;. !',
i3entifie1 an3 authenticate1 that the u1er i1 #er<itte3 to u1e the MAB b a##lin" the u1er
#a11wor3 an3 u1er ):/ When the i3entification an3 authentication 1uccee31. !', #er<it1 the
u1er the u1e of the ba1ic function an3 the u1er bo@ function. etc/
Se2eral t#e1 of u1er authentication li;e below are 1u##orte3/

$1% Machine authentication
2

A <etho3 to authenticate u1er at MAB b re"i1terin" a u1er ): an3 a u1er #a11wor3 into
-:: on the MAB controller/
$2% ,@ternal 1er2er authentication
A <etho3 to authenticate u1er at MAB b u1in" the u1er ): an3 the u1er #a11wor3 that are
re"i1tere3 on the u1er infor<ation <ana"e<ent 1er2er which i1 connecte3 with the
intra-office *A( without <ana"in" the u1er ): an3 u1er #a11wor3 on the MAB 1i3e/
!hou"h <ulti#le <etho31 calle3 Acti2e :irector
6
. (!*M
F
. an3 (:S are 1u##orte3. the
<etho3 of the e@ternal 1er2er authentication a11u<e3 in thi1 S! i1 a##lie3 onl to the ca1e
of u1in" Acti2e :irector/

1/F/6/F/ 1/F/6/F/ 1/F/6/F/ 1/F/6/F/ Account Authentication Aunction
5

!', can <ana"e the MAB u1er1 b "rou#in" the< into Account unit/ !he <etho31 of Account
Authentication are a1 follow1/

$1% Metho3 1nchronize3 with U1er Authentication
Set an Account ): on a u1er beforehan3. an3 a11ociate the u1er with the account ): of the
u1erG1 account when he/1he i1 authenticate3/

2
When u1er i1 1et EBau1eP b a3<ini1trator function. authentication function for the u1er 3oe1 not wor;/
6
A <etho3 of 3irector 1er2ice that Win3ow1 Ser2er 2000 $or later% 1u##ort1 to unifor<l <ana"e u1er
infor<ation in the networ; en2iron<ent of Win3ow1 #latfor</
F
An abbre2iation of (! *A( Mana"er/ An authentication <etho3 u1e3 in 3irector 1er2ice that Win3ow1 (!
1u##ort1 to unifor<l <ana"e u1er infor<ation in networ; en2iron<ent of Win3ow1 #latfor</
5
When account i1 1et EBau1eP b a3<ini1trator function. authentication function for the account 3oe1 not wor;/

13 / 112
$2% Metho3 not 1nchronize3 with U1er Authentication
A11ociate a u1er with hi1/her account ): when the u1er i1 authenticate3 b the account
#a11wor3 1et for each account ):/

1/F/6/5/ 1/F/6/5/ 1/F/6/5/ 1/F/6/5/ A3<ini1trator Aunction

!', #ro2i3e1 the function1 1uch a1 the <ana"e<ent of u1er bo@e1. <ana"e<ent of u1er
infor<ation at the ti<e of MAB authentication an3 <ana"e<ent of 2ariou1 1ettin"1 of the
networ;. i<a"e Iualit. etc in the a3<ini1trator <o3e that onl authenticate3 a3<ini1trator can
<ani#ulate/
!he followin" 1how1 the function1 relate3 to the 1ecurit/

U1er re"i1tration <ana"e<ent
0e"i1tration or chan"e of u1er ):1/#a11wor31. 3eletion of u1er1. an3 #au1e/re1u<e of u1er1
Chan"e of the a11ociation between u1er1 an3 account ):1
Account re"i1tration <ana"e<ent
0e"i1tration or chan"e of account ):1/#a11wor31 an3 #au1e/re1u<e of account1/
Mana"e<ent of u1er bo@ 1ettin"1
0e"i1tration or chan"e of u1er bo@ #a11wor31. an3 <ana"e<ent of u1er attribute1
'#erational 1etu# of auto<atic 11te< re1et
Setu# of the function that lo"1 out auto<aticall when the 1ettin" ti<e #a11e3/
Mana"e<ent of networ; 1ettin"1
Connection 1ettin" of the intra-office *A( $1ettin" of :(S 1er2er%
SM!B 1ettin" $1ettin" of the SM!B 1er2er utilize3 b ,-<ail tran1<i11ion%
)B a33re11e1. (et+)'S na<e1. an3 A##le!al; #rinter na<e1 etc/
+ac;u# or re1tore function of (40AM an3 -::
!hi1 i1 #erfor<e3 throu"h the networ; b u1in" an a##lication e@clu1i2e u1e for the
<ana"e<ent in1talle3 in the client BC/
All area o2erwrite 3eletion function of -::
!here are 3ata 3eletion <etho31 confor<e3 to 2ariou1 <ilitar 1tan3ar31 $e@/ Militar
Stan3ar3 of Unite3 State1 :e#art<ent of :efen1e%
When thi1 function i1 1tarte3 u#. in confor<it with a 1et <etho3. the o2erwrite 3eletion i1
e@ecute3 for the o2erall area of -::/
Aor<at function of -::
A lo"ical for<at i1 e@ecutable/
Counter <ana"e<ent function
A function to <ana"e the counter infor<ation 1uch a1 the nu<ber of #rinte3 1heet1 for
each u1er throu"h the Web:A4 1er2ice or A!B 1er2ice/ $0eference of u1er #a11wor3 an3
account #a11wor3 i1 #o11ible/%
Mana"e<ent of AAC 1etu# $K Aa@ unit i1 in1talle3/%
Setu# of !S)
6
recei2in"
Setu# of AAC out#ut at BC-AAC recei2in" $Storin" in u1er bo@ or co<<on area for all u1er1
are a2ailable/%

6
An abbre2iation of !ran1<ittin" Sub1criber )3entification/ !he 1a<e <eanin" of )3entification of Sub1criberJ1
!er<inal/ !S) recei2in" i1 the function that can 3e1i"nate the u1er bo@ to be 1tore3 for each 1ub1criber/

14 / 112
!he function1 below are the o#eration 1ettin" function1 relate3 e1#eciall to the beha2ior of the
1ecurit function/

Metho3 1etu# of a u1er authentication function
Machine authentication. e@ternal 1er2er authentication. or u1er authentication 1to# i1
1electe3/
Co<bination with Account Authentication i1 1et u#/ $Metho3 1nchronize3 with U1er
Authentication. Metho3 not 1nchronize3 with U1er Authentication%
Setu# of acce11 when the u1er attribute i1 #ublic
)t i1 1electe3 whether to #er<it or #rohibit MAB utilization of the u1er who i1 not i3entifie3
b u1er ):/
Setu# of a #a11wor3 #olic function
)t i1 1electe3 whether to enable or 3i1able the function to chec; the 1e2eral con3ition1 of
the #a11wor3. 1uch a1 the nu<ber of 2ali3 3i"it1 of 2ariou1 #a11wor31/
Setu# of the authentication <etho3 of Secure Brint an3 the authentication o#eration
#rohibition function/
When 1ecure #rint file1 are authenticate3. the authentication o#eration #rohibition
function o#erate1 in a <o3e. an3 3oe1 not o#erate in the other <o3e/
!he o#eration <o3e of the function 3etectin" un1ucce11ful authentication in each
authentication function i1 al1o 1nchronou1 with the abo2e <o3e/
!he abo2e-<entione3 o#erational <o3e1 are 1electe3/
Setu# of the networ; 1ettin" <o3ification function b S(MB21 an3 22/
)t i1 1electe3 whether to enable or 3i1able the function to chan"e M)+ b S(MB21 an3 22/
'#erational Setu# of Authentication Aunction when writin" u1in" S(MB26
!he 1ecurit le2el1 of authentication or 1;i##in" authentication i1 1electe3/
Aor the 1ecurit le2el1. either Donl authentication #a11wor3D or Dauthentication #a11wor3
Q #ri2ac #a11wor3D i1 a2ailable/
Setu# of the -:: encr#tion function
Whether to acti2ate or 1to# the function i1 1electe3/
An encr#tion #a11#hra1e i1 re"i1tere3 or chan"e3 when the function i1 acti2ate3/
Setu# of the u1er bo@ collecti2e <ana"e<ent function
)t i1 1electe3 whether to enable or 3i1able thi1 function/
Setu# of the #rint ca#ture function
A function to 2erif the #rint 3ata recei2e3 b MAB when the #rint function i1 fault/
Setu# of the networ; 1ettin" <ana"e<ent re1et function
!hi1 function re1et1 a 1erie1 of ite<1 to factor 3efault 2alue1
Setu# of the tru1te3 channel $SS*/!*S encr#tion co<<unication1% function
SS*/!*S 1er2er certificate1 are "enerate3 or i<#orte3/
!he encr#tion <etho3 u1e3 for co<<unication1 i1 1et u#/
Setu# of the tran1<i11ion a33re11 3ata
A tran1<i11ion a33re11 or <etho3 u1e3 for bo@ file tran1<i11ion etc/ i1 1electe3/
S/M)M, certificate1 are i<#orte3/
Setu# of the Web:A4 1er2er
Setu# of the co<<unication1 function of the Web:A4 1er2er. which can obtain u1er

15 / 112
1ettin"1/
Setu# of the A!B 1er2er function
Setu# of the S/M)M, function
Whether #er<it or #rohibit the S/M)M, certificate auto<atic re"i1tration function i1
1electe3/
!he encr#tion <etho3 u1e3 for 3ata encr#tion i1 1electe3/
Setu# of the ): N #rint function
Whether to acti2ate the ): N #rint function or not in nor<al #rintin" i1 1electe3/

1/F/6/6/ 1/F/6/6/ 1/F/6/6/ 1/F/6/6/ Ser2ice ,n"ineer Aunction

!', #ro2i3e1 a <ana"e<ent function of a3<ini1trator an3 a <aintenance function. 1uch a1
a3Hu1tin" the 3e2ice for Scan/Brint etc. within the 1er2ice <o3e that onl a 1er2ice en"ineer can
o#erate/ !he followin" 1how1 the function1 relate3 to 1ecurit/

Mo3ification function of a3<ini1trator #a11wor3

!he followin" i1 a 1et of o#eration 1ettin" function1 relate3 e1#eciall to the beha2ior of the
1ecurit function/

Authentication 1etu# of the 1er2ice en"ineer with the C,
R
#a11wor3/
Setu# of re<ote 3ia"no1tic function $later 3e1cri#tion%
Able to 1elect #er<i11ion or #rohibition/
Setu# of a !', u#3ate function 2ia )nternet
Setu# of <aintenance function
!he for<at function of -::
A lo"ical for<at an3 a #h1ical for<at are e@ecutable/
)n1tallation 1ettin" of -::
An e@#licit in1tallation 1ettin" i1 nece11ar to u1e -:: a1 a 3ata 1tora"e area/
)nitialization function
!he 2ariou1 1ettin"1 that the u1er or the a3<ini1trator ha1 1et an3 the 3ata that the u1er
ha1 1tore3 are 3elete3/

1/F/6/R/ 1/F/6/R/ 1/F/6/R/ 1/F/6/R/ 'ther Aunction1

!', #ro2i3e1 the function1 that run bac;"roun3 without awarene11 of the u1er an3 the
u#3atin" function of !',/ !he followin" e@#lain1 the <aHor function1/

,ncr#tion ;e "eneration function
Berfor<1 encr#tion/3ecr#tion b AS)C when writin" 3ata in -:: or rea3in" 3ata fro<
-::/ $!', 3oe1 not #roce11 the encr#tion an3 3e1cri#tion it1elf/%

R
An abbre2iation of Cu1to<er Ser2ice en"ineer

16 / 112
!he o#erational 1etu# of thi1 function i1 #erfor<e3 b the a3<ini1trator function/ When
acti2ate3. !', "enerate1 the encr#tion ;e b the encr#tion #a11#hra1e that wa1 entere3
on the #anel/

0e<ote 3ia"no1tic function
MABG1 eIui#<ent infor<ation 1uch a1 o#eratin" 1tate an3 the nu<ber of #rinte3 1heet1 i1
<ana"e3 b <a;in" u1e of the connection b a #ort of AAC #ublic line. b a <o3e< throu"h
0S-262C or b ,-<ail or Web:A4 to co<<unicate with the 1u##ort center of MAB #ro3uce3
b &onica Minolta +u1ine11 !echnolo"ie1. )nc/ )n a33ition. if nece11ar. a##ro#riate 1er2ice1
$1hi#<ent of a33itional toner #ac;a"e1. account clai<. 3i1#atch of 1er2ice en"ineer1 3ue to
the failure 3ia"no1i1. etc/% are #ro2i3e3/

U#3atin" function of !',
!', facilitate3 with the function to u#3ate it1elf/ A1 for the u#3ate <ean1. there are a
<etho3 that e@i1t1 a1 one of ite<1 of re<ote 3ia"no1tic function. a <etho3 that 3ownloa31
fro< A!B 1er2er throu"h ,thernet $!', u#3ate function 2ia )nternet%. an3 a <etho3 that
#erfor<1 the connection of e@ternal <e<or/

,ncr#tion co<<unication function
!', can encr#t the 3ata tran1<itte3 fro< client BC to MAB. an3 the 3ata recei2e3 b
3ownloa3 fro< MAB b u1in" SS*/!*S/
!he o#erational 1etu# of thi1 function i1 #erfor<e3 b the a3<ini1trator function/

S/M)M, certificate auto<atic re"i1tration function
)t i1 the function to re"i1ter the certificate for S/M)M, $confor<1 to )!U-! C/50=% with each
tran1<i11ion a33re11 auto<aticall/ When a certificate i1 attache3 in recei2e3 e-<ail. MAB
reco"nize1 u1er ): accor3in" to the infor<ation of e-<ail hea3er. an3 re"i1ter1 the
certificate a1 certificate of the 1a<e u1er ):/

!he 1tan3ar3 i1 that MAB i1 not in1talle3 Aa@ unit an3 3oe1 not ha2e a #ort of Aa@ #ublic line.
1o there i1 not the acce11 to the internal networ; throu"h MAB/ !', #ro2i3e1 the followin"
function. #ro2i3e3 that Aa@ unit i1 in1talle3 in MAB/

Aa@ unit control function
!', #rohibit1 acce11 to the internal networ;. where MAB wa1 connecte3 to. fro< a #ort of
Aa@ #ublic line throu"h Aa@ unit/

!', <a;e1 effecti2e u1e of the 1ecurit function $-:: encr#tion function% of AS)C. which i1
an e@ternal entit/ !he followin" e@#lain1 t#ical function1 relate3 to the e@ternal entit/

Utilization of AS)C
AS)C. an e@ternal entit. acti2ate1 a function to encr#t the 3ata in -:: a1 a function to
#rotect unauthorize3 brin"-out of 3ata an3 1o on when an encr#tion #a11#hra1e i1 1et u#/

1/F/6/7/ 1/F/6/7/ 1/F/6/7/ 1/F/6/7/ ,nhance3 Securit Aunction


17 / 112
4ariou1 1ettin" function1 relate3 to the beha2ior of the 1ecurit function for the A3<ini1trator
function an3 the Ser2ice en"ineer function can be 1et collecti2el to the 1ecure 2alue1 b the
o#eration 1ettin"1 of the D,nhance3 Securit AunctionD/ ,ach 2alue 1et i1 #rohibite3 chan"in"
it1elf into the 2ulnerable one in3i2i3uall/ A1 the function that 3oe1 not ha2e a 1ettin" function of
the o#eration in3i2i3uall. there i1 the re1et function of the networ; 1ettin" an3 the u#3ate
function of !', throu"h the networ;. but the u1e of the1e function1 i1 #rohibite3/
!he followin" e@#lain1 the 1erie1 of the 1ettin" con3ition of bein" the enhance3 1ecurit
function acti2e/ )n or3er to acti2ate the enhance3 1ecurit function. the #rereIui1ite i1 reIuire3
that an a3<ini1trator #a11wor3 an3 a C, #a11wor3 1houl3 be 1et alon" with the #a11wor3
#olic/

U1er authentication function 5 4ali3 $+oth authentication b the <ain bo3
an3 the e@ternal 1er2er are u1able%
U1er 5 acce11 of BU+*)C 5 Brohibite3
Ser2ice en"ineer authentication function 5 4ali3
Ba11wor3 #olic function 5 4ali3
Setu# of 1ecure #rint authentication <etho3 5 Authentication o#eration #rohibition function
effecti2e <etho3
Setu# of Authentication '#eration Brohibition function
5 !he #anel an3 account are loc;e3 out for 5
1econ31 when authentication ha1 faile3 $failure
freIuenc thre1hol35 1-6%/
U1er bo@ collecti2e <ana"e<ent function 5 Brohibite3
(etwor; 1ettin" <o3ification function with S(MB21 an3 22
5 Brohibite3
Authentication '#eration when writin" u1in" S(MB26
5 4ali3
Setu# of -:: encr#tion function 5 4ali3
Brint ca#ture function 5 Brohibite3
Maintenance function 5 Brohibite3
Chan"e of 1ettin" b re<ote 3ia"no1tic function
5 Brohibite3
(etwor; 1ettin" <ana"e<ent re1et function 5 Brohibite3
!', u#3ate function 2ia )nternet 5 Brohibite3
!ran1<i11ion a33re11 3ata u1er 1etu# function
5 Brohibite3
'#erational 1etu# of !ru1te3 Channel function
5 4ali3
Setu# of o#eration #rohibition relea1e ti<e of A3<ini1trator authentication
5 Setu# #rohibite3 for 1-F <inute1
Setu# of o#eration #rohibition relea1e ti<e of C, authentication
5 Setu# #rohibite3 for 1-F <inute1
A!B Ser2er function 5 Brohibite3
Auto<atic re"i1tration of S/M)M, certificate 5 Brohibite3
Setu# of li<itation of S/M)M, encr#tion 1e2erit
5 4ali3 $'nl 6:,S an3 A,S are
u1er-1electable/%


18 / 112

2/ 2/ 2/ 2/ Confor<ance Clai<1

2/1/ 2/1/ 2/1/ 2/1/ CC Confor<ance Clai<

!hi1 S! confor<1 to the followin" 1tan3ar31/

Co<<on Criteria for )nfor<ation !echnolo" Securit ,2aluation
Bart 15 )ntro3uction an3 "eneral <o3el 4er1ion 6/1 0e2i1ion 6 $>a#ane1e !ran1lation 21/0%
Bart 25 Securit functional co<#onent1 4er1ion 6/1 0e2i1ion 6 $>a#ane1e !ran1lation 21/0%
Bart 65 Securit a11urance co<#onent1 4er1ion 6/1 0e2i1ion 6 $>a#ane1e !ran1lation 21/0%

Securit function reIuire<ent 5 Bart2 ,@ten3e3
Securit a11urance reIuire<ent 5 Bart6 Confor<ant

2/2/ 2/2/ 2/2/ 2/2/ BB Clai<

!here i1 no BB that i1 reference3 b thi1 S!/

2/6/ 2/6/ 2/6/ 2/6/ Bac;a"e Clai<

!hi1 S! confor<1 to Bac;a"e 5 ,A*6/ !here i1 no a33itional a11urance co<#onent/

2/F/ 2/F/ 2/F/ 2/F/ 0eference

Co<<on Criteria for )nfor<ation !echnolo" Securit ,2aluation Bart 15)ntro3uction an3
"eneral <o3el 4er1ion 6/1 0e2i1ion 6 CCM+-200=-0R-001
Co<<on Criteria for )nfor<ation !echnolo" Securit ,2aluation Bart 25Securit functional
co<#onent1 4er1ion 6/1 0e2i1ion 6 CCM+-200=-0R-002
Co<<on Criteria for )nfor<ation !echnolo" Securit ,2aluation Bart 65Securit a11urance
co<#onent1 4er1ion 6/1 0e2i1ion 6 CCM+-200=-0R-006
Co<<on Metho3olo" for )nfor<ation !echnolo" Securit ,2aluation
,2aluation <etho3olo" 4er1ion 6/1 0e2i1ion 6 CCM+-200=-0R-00F


19 / 112

6/ 6/ 6/ 6/ Securit Broble< :efinition

!hi1 cha#ter will 3e1cribe the conce#t of #rotecte3 a11et1. a11u<#tion1. threat1. an3
or"anizational 1ecurit #olicie1/

6/1/ 6/1/ 6/1/ 6/1/ Brotecte3 A11et1

Securit conce#t of !', i1 Dthe #rotection of 3ata that can be 3i1clo1e3 a"ain1t the intention of
the u1erD/ A1 MAB i1 "enerall u1e3. the followin" i<a"e file in a2ailable 1ituation beco<e1 the
#rotecte3 a11et1/

Secure Brint file
An i<a"e file re"i1tere3 b Secure Brint/
): N #rint file
An i<a"e file 1a2e3 a1 an ): N #rint file when #rint 3ata are re"i1tere3 b the ): N #rint
function/
U1er +o@ file
An i<a"e file 1tore3 in the #er1onal u1er bo@. #ublic u1er bo@ an3 "rou# u1er bo@/

A1 for a i<a"e file of a Hob ;e#t a1 a wait 1tate b acti2itie1 of #lural Hob1. an3 a i<a"e file of a
Hob ;e#t that #rint1 the re<ain3er of co#ie1 beco<in" a1 a wait 1tate for confir<ation of the
fini1h. an3 other than the i<a"e file 3ealt with the abo2e-<entione3 i1 not inten3e3 to be
#rotecte3 in the "eneral u1e of MAB. 1o that it i1 not treate3 a1 the #rotecte3 a11et1/
)n the 1tore of a 1ecure #rint file or an ): N #rint file an3 the tran1<i11ion of a u1er bo@ file.
<a;in" in the #re#aration for the threat thou"ht when unauthorize3 MAB or <ail 1er2er i1
connecte3 b an chance. or when o#erational 1etu# of BC-AAC i1 chan"e3 e2en if without
unauthorize3 MAB. the 1ettin" of MAB $)B a33re11 etc/% an3 o#eration 1ettin" of BC-AAC reIuire
not to be <o3ifie3 ille"all/ !herefore. the 1ettin" of MAB $)B a33re11 etc/% an3 o#eration 1ettin"
of BC-AAC are con1i3ere3 a1 1ub1i3iar #rotecte3 a11et1/

'n the other han3. when the 1tore3 3ata ha2e #h1icall "one awa fro< the Huri13iction of a
u1er. 1uch a1 the u1e of MAB en3e3 b the lea1e return or 3i1car3. or the ca1e of a theft of -::.
the u1er ha1 concern1 about lea; #o11ibilit of e2er re<ainin" 3ata/ !herefore. in thi1 ca1e. the
followin" 3ata file1 beco<e #rotecte3 a11et1/

Secure Brint Aile
): N #rint Aile
U1er +o@ Aile
'n-<e<or )<a"e Aile
)<a"e file of Hob in the wait 1tate
Store3 )<a"e Aile
Store3 i<a"e file1 other than 1ecure #rint file. u1er bo@ file. or ): N #rint file
-:: re<ainin" )<a"e Aile
!he file which re<ain1 in the -:: 3ata area that i1 not 3elete3 onl b "eneral
3eletion o#eration $3eletion of a file <aintenance area%

20 / 112
)<a"e-relate3 Aile
!e<#orar 3ata file "enerate3 in #rint i<a"e file #roce11in"
!ran1<i11ion A33re11 :ata Aile
Aile inclu3in" ,-<ail a33re11 an3 tele#hone nu<ber1 that beco<e the 3e1tination to
tran1<it an i<a"e/

6/2/ 6/2/ 6/2/ 6/2/ A11u<#tion1

!he #re1ent 1ection i3entifie1 an3 3e1cribe1 the a11u<#tion1 for the en2iron<ent for u1in" the
!',/

A/A:M)( A/A:M)( A/A:M)( A/A:M)( $ $$ $Ber1onnel Ber1onnel Ber1onnel Ber1onnel con3ition1 con3ition1 con3ition1 con3ition1 to to to to be be be be an an an an a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator% %% %
A3<ini1trator1. in the role "i2en to the<. will not carr out a <aliciou1 act 3urin" the 1erie1 of
#er<itte3 o#eration1 "i2en to the</

A/S,04)C, A/S,04)C, A/S,04)C, A/S,04)C, $ $$ $Ber1onnel Ber1onnel Ber1onnel Ber1onnel con3ition1 con3ition1 con3ition1 con3ition1 to to to to be be be be a aa a 1er2ice 1er2ice 1er2ice 1er2ice en"ineer en"ineer en"ineer en"ineer% %% %
Ser2ice en"ineer1. in the role "i2en to the<. will not carr out a <aliciou1 act 3urin" 1erie1 of
#er<itte3 o#eration1 "i2en to the</

A/(,!W'0& A/(,!W'0& A/(,!W'0& A/(,!W'0& $ $$ $(etwor; (etwor; (etwor; (etwor; connection connection connection connection con3ition1 con3ition1 con3ition1 con3ition1 for for for for MAB MAB MAB MAB% %% %
!he intra-office *A( where the MAB with the !', will be in1talle3 i1 not interce#te3/
When the intra-office *A( where the MAB with the !', will be in1talle3 i1 connecte3 to an
e@ternal networ;. acce11 fro< the e@ternal networ; to the MAB i1 not allowe3/

A/ A/ A/ A/S,C0,! S,C0,! S,C0,! S,C0,! $ $$ $'#eration '#eration '#eration '#erational al al al con3ition con3ition con3ition con3ition about about about about 1ecret 1ecret 1ecret 1ecret infor<ation infor<ation infor<ation infor<ation% %% %
,ach #a11wor3 an3 encr#tion #a11#hra1e 3oe1 not lea; fro< each u1er in the u1e of !',/

A/S,!!)(G A/S,!!)(G A/S,!!)(G A/S,!!)(G $ $$ $'#eration '#eration '#eration '#erational al al al 1ettin" 1ettin" 1ettin" 1ettin" con3ition con3ition con3ition con3ition of of of of ,nhance3 ,nhance3 ,nhance3 ,nhance3 Securit Securit Securit Securit function function function function% %% %
!he enhance3 1ecurit function i1 enable3 when a u1er u1e1 the !',/

6/6/ 6/6/ 6/6/ 6/6/ !hreat1

)n thi1 1ection. threat1 that are a11u<e3 3urin" the u1e of the !', an3 the en2iron<ent for
u1in" the !', are i3entifie3 an3 3e1cribe3/

!/ !/ !/ !/:)SCA0: :)SCA0: :)SCA0: :)SCA0:- -- -MAB MAB MAB MAB $ $$ $*ea1e *ea1e *ea1e *ea1e- -- -return return return return an3 an3 an3 an3 3i1car3 3i1car3 3i1car3 3i1car3 of of of of MA MA MA MAB BB B% %% %
When lea1e3 MAB1 are returne3 or 3i1car3e3 MAB1 are collecte3. 1ecure #rint file1. u1er bo@
file1. ): N #rint file1. on-<e<or i<a"e file1. 1tore3 i<a"e file1. -::-re<ainin" i<a"e file1.
i<a"e-relate3 file1. tran1<i11ion a33re11 3ata file1. an3 2ariou1 #a11wor31 which were 1et u#
can lea; b the #er1on with <aliciou1 intent when he/1he analze1 the -:: or (40AM in the
MAB/

!/ !/ !/ !/+0)(G +0)(G +0)(G +0)(G- -- -'U! 'U! 'U! 'U!- -- -S!'0AG, S!'0AG, S!'0AG, S!'0AG, $ $$ $Unauthorize3 Unauthorize3 Unauthorize3 Unauthorize3 brin" brin" brin" brin"- -- -out of -:: out of -:: out of -:: out of -::% %% %
Secure #rint file1. u1er bo@ file1. ): N #rint file1. on-<e<or i<a"e file1. 1tore3 i<a"e file1.
-::-re<ainin" i<a"e file1. i<a"e-relate3 file1. tran1<i11ion a33re11 3ata file1. an3

21 / 112
2ariou1 #a11wor31 which were 1et u# can lea; b a <aliciou1 #er1on or a u1er ille"all when
he/1he brin"1 out the file1 to analze the -:: in a MAB/
A #er1on or a u1er with <aliciou1 intent ille"all re#lace1 the -:: in MAB/ )n the re#lace3
-::. newl create3 file1 1uch a1 1ecure #rint file1. u1er bo@ file1. ): N #rint file1.
on-<e<or i<a"e file1. 1tore3 i<a"e file1. -::-re<ainin" i<a"e file1. i<a"e-relate3 file1.
tran1<i11ion a33re11 3ata file1 an3 2ariou1 #a11wor31 which were 1et u# are accu<ulate3/
A #er1on or a u1er with <aliciou1 intent ta;e1 out to analze the re#lace3 -::. 1o that 1uch
i<a"e file1 will lea;/

!/ACC,SS !/ACC,SS !/ACC,SS !/ACC,SS- -- -B0)4A!, B0)4A!, B0)4A!, B0)4A!,- -- -+'C +'C +'C +'C $ $$ $Unauthorize3 Unauthorize3 Unauthorize3 Unauthorize3 acce11 acce11 acce11 acce11 to to to to the the the the #er1onal #er1onal #er1onal #er1onal u1er u1er u1er u1er bo@ bo@ bo@ bo@ which which which which u1e3 u1e3 u1e3 u1e3 a aa a u1er u1er u1er u1er
function function function function% %% %
,@#o1ure of the u1er bo@ file when a #er1on or a u1er with <aliciou1 intent acce11e1 the u1er
bo@ where other u1er own1. an3 o#erate1 the u1er bo@ file. 1uch a1 co#ie1. <o2e1. 3ownloa31.
#rint1. tran1<it1. an3 1o on/

!/ACC,SS !/ACC,SS !/ACC,SS !/ACC,SS- -- -BU+*)C BU+*)C BU+*)C BU+*)C- -- -+'C +'C +'C +'C $ $$ $Unauthorize3 Unauthorize3 Unauthorize3 Unauthorize3 acce11 acce11 acce11 acce11 to to to to #ublic #ublic #ublic #ublic u1er u1er u1er u1er bo@ bo@ bo@ bo@ which which which which u1e3 u1e3 u1e3 u1e3 a aa a u1er u1er u1er u1er function function function function% %% %
,@#o1ure of the u1er bo@ file when a #er1on or a u1er with <aliciou1 intent acce11e1 the #ublic
u1er bo@ which i1 not #er<itte3 to u1e. an3 o#erate1 the u1er bo@ file. 1uch a1 co#ie1. <o2e1.
3ownloa31. #rint1 tran1<it1. an3 1o on/

!/ACC,SS !/ACC,SS !/ACC,SS !/ACC,SS- -- -G0'UB G0'UB G0'UB G0'UB- -- -+'C +'C +'C +'C $ $$ $Unauthorize3 Unauthorize3 Unauthorize3 Unauthorize3 acce11 acce11 acce11 acce11 to to to to the the the the "rou# "rou# "rou# "rou# u1er u1er u1er u1er bo@ bo@ bo@ bo@ which which which which u1e u1e u1e u1e3 33 3 a aa a u1er u1er u1er u1er
function function function function% %% %
,@#o1ure of the u1er bo@ file when a #er1on or a u1er with <aliciou1 intent acce11e1 the "rou#
u1er bo@ which the account where a u1er 3oe1 not belon" to own1. an3 o#erate1 the u1er bo@
file. 1uch a1 co#ie1. <o2e1. 3ownloa31. #rint1 tran1<it1. an3 1o on/

!/ACC,SS !/ACC,SS !/ACC,SS !/ACC,SS- -- -S,CU0, S,CU0, S,CU0, S,CU0,- -- -B0)(! B0)(! B0)(! B0)(! $ $$ $Unauthorize3 Unauthorize3 Unauthorize3 Unauthorize3 acce11 acce11 acce11 acce11 to to to to the the the the 1ecure 1ecure 1ecure 1ecure #rint #rint #rint #rint file file file file or or or or ): N #rint ): N #rint ): N #rint ): N #rint file b file b file b file b
utilizin" the u1er function utilizin" the u1er function utilizin" the u1er function utilizin" the u1er function% %% %
Secure #rint file1 are e@#o1e3 b tho1e <aliciou1 inclu3in" u1er1 when he/1he o#erate1
$#rint1 etc/% one1 to which acce11 i1 not allowe3/
): N #rint file1 are e@#o1e3 b tho1e <aliciou1 inclu3in" u1er1 when he/1he o#erate1 $#rint1
etc/% one1 which were 1tore3 b other u1er1/

!/ !/ !/ !/U(,CB,C!,: U(,CB,C!,: U(,CB,C!,: U(,CB,C!,:- -- -!0A(SM)SS)'( !0A(SM)SS)'( !0A(SM)SS)'( !0A(SM)SS)'( $ $$ $!ran1<i11ion to uninten3e3 a33re11 !ran1<i11ion to uninten3e3 a33re11 !ran1<i11ion to uninten3e3 a33re11 !ran1<i11ion to uninten3e3 a33re11% %% %
Maliciou1 #er1on or u1er chan"e1 the networ; 1ettin"1 that are relate3 to the tran1<i11ion
of a u1er bo@ file/ ,2en an a33re11 i1 1et #reci1el. a u1er bo@ file i1 tran1<itte3 $the ,-<ail
tran1<i11ion or the A!B tran1<i11ion% to the entit which a u1er 3oe1 not inten3 to. 1o that
a u1er bo@ file i1 e@#o1e3/
8!he networ; 1ettin"1 which are relate3 to u1er bo@ file tran1<i11ion9
Settin" relate3 to the SM!B 1er2er
Settin" relate3 to the :(S 1er2er
Maliciou1 #er1on or u1er chan"e1 the networ; 1ettin"1 which 1et in MAB to i3entif MAB
it1elf where !', in1talle3. b 1ettin" to the 2alue of the entit 1uch a1 another unauthorize3
MAB fro< the 2alue of MAB $(et+)'S na<e. A##le!al; #rinter na<e. )B a33re11 etc% that
!', i1 ori"inall in1talle3. 1o that 1ecure #rint file1 or ): N #rint file1 are e@#o1e3/

22 / 112
Maliciou1 #er1on or u1er chan"e1 the !S) recei2in" 1ettin"1/ A u1er bo@ file i1 1tore3 to the
entit which a u1er 3oe1 not inten3 to. 1o that a u1er bo@ file i1 e@#o1e3/
Maliciou1 #er1on or u1er chan"e1 the BC-AAC rece#tion 1ettin"1/ + chan"in" the 1ettin" of
the 1torin" for the #ublic u1er bo@ to 1tore to co<<on area for all u1er1. a u1er bo@ file i1
1tore3 to the entit which a u1er 3oe1 not inten3 to. 1o that a u1er bo@ file i1 e@#o1e3/
K !hi1 threat e@i1t1 onl in the ca1e that the 1ettin" of BC-AAC rece#tion i1 <eant to wor; a1
the o#eration 1ettin" for bo@ 1torin"/

!/ !/ !/ !/ACC,SS ACC,SS ACC,SS ACC,SS- -- -S,!!)(G S,!!)(G S,!!)(G S,!!)(G $ $$ $An An An An unauthorize3 unauthorize3 unauthorize3 unauthorize3 chan"e chan"e chan"e chan"e of of of of a aa a function function function function 1ettin" 1ettin" 1ettin" 1ettin" con3ition con3ition con3ition con3ition relate3 relate3 relate3 relate3 to to to to
1ecurit 1ecurit 1ecurit 1ecurit% %% %
!he #o11ibilit of lea;in" u1er bo@ file1. 1ecure #rint file1. or ): N #rint file1 ri1e1 becau1e
tho1e <aliciou1 inclu3in" u1er1 chan"e the 1ettin"1 relate3 to the enhance3 1ecurit function/

!/ !/ !/ !/+AC&UB +AC&UB +AC&UB +AC&UB- -- -0,S!'0, 0,S!'0, 0,S!'0, 0,S!'0, $ $$ $Unauthorize3 Unauthorize3 Unauthorize3 Unauthorize3 u1e u1e u1e u1e of of of of b bb bac;u# ac;u# ac;u# ac;u# function function function function an3 an3 an3 an3 re1tor re1tor re1tor re1toration ation ation ation function function function function% %% %
U1er bo@ file1. 1ecure #rint file1. or ): N #rint file1 can lea; b tho1e <aliciou1 inclu3in" u1er1
u1in" the bac;u# function an3 the re1toration function ille"all/ Al1o hi"hl confi3ential 3ata
1uch a1 #a11wor31 can be e@#o1e3. 1o that 1ettin"1 <i"ht be fal1ifie3/

6/F/ 6/F/ 6/F/ 6/F/ 'r"anizational Securit Bolicie1

0ecentl. there are a lot of or"anization1 that 3e<an3 1ecurit of networ; in office/ Althou"h a
threat of wireta##in" acti2itie1 etc/ in intra-office *A( i1 not a11u<e3 in thi1 S!. !', 1ecurit
en2iron<ent that corre1#on31 to the or"anization that 3e<an3e3 1ecurit <ea1ure1 in
intra-office *A( i1 a11u<e3/ Moreo2er. althou"h a accu<ulate3 3ata in a client BC an3 a 1er2er
e@i1tin" in internal networ;. an3 a "eneral 3ata tra2elin" acro11 the internal networ; are not
#rotecte3 a11et1. !', 1ecurit en2iron<ent that corre1#on31 to the or"anization that #rohibite3
the acce11 to internal networ; 2ia MAB fro< Aa@ #ublic line #ortal i1 a11u<e3/
!he 1ecurit #olicie1 a##lie3 in the or"anization that u1e1 !', are i3entifie3 an3 3e1cribe3 a1
follow1/

B/C'MMU()CA!)'( B/C'MMU()CA!)'( B/C'MMU()CA!)'( B/C'MMU()CA!)'(- -- -:A!A :A!A :A!A :A!A $ $$ $S SS Secure ecure ecure ecure co<<unic co<<unic co<<unic co<<unication ation ation ation of of of of i<a"e i<a"e i<a"e i<a"e file% file% file% file%
-i"hl confi3ential i<a"e file1 $1ecure #rint file1. u1er bo@ file1. an3 ): N #rint file1% which
tran1<itte3 or recei2e3 between )! eIui#<ent <u1t be co<<unicate3 2ia a tru1te3 #a11 to the
correct 3e1tination. or encr#te3 when the or"anization or the u1er e@#ect1 to be #rotecte3/

B/ B/ B/ B/0,>,C! 0,>,C! 0,>,C! 0,>,C!- -- -*)(, *)(, *)(, *)(, $ $$ $Acce11 #rohibition fro< #ublic line Acce11 #rohibition fro< #ublic line Acce11 #rohibition fro< #ublic line Acce11 #rohibition fro< #ublic line% %% %
An acce11 to internal networ; fro< #ublic line 2ia the Aa@ #ublic line #ortal <u1t be
#rohibite3/


23 / 112

F/ F/ F/ F/ Securit 'bHecti2e1

)n thi1 cha#ter. in relation to the a11u<#tion1. the threat1. an3 the or"anizational 1ecurit
#olic i3entifie3 in Cha#ter 6. the reIuire3 1ecurit obHecti2e1 for the !', an3 the en2iron<ent
for the u1a"e of the !', are 3e1cribe3 b bein" 3i2i3e3 into the cate"orie1 of the 1ecurit
obHecti2e1 for the !', an3 the 1ecurit obHecti2e1 for the en2iron<ent. a1 follow1/

F/1/ F/1/ F/1/ F/1/ Securit 'bHecti2e1 for the !',

)n thi1 1ection. the 1ecurit obHecti2e1 for the !', i1 i3entifie3 an3 3e1cribe3/

'/ '/ '/ '/0,G)S!,0,: 0,G)S!,0,: 0,G)S!,0,: 0,G)S!,0,:- -- -US,0 US,0 US,0 US,0 $ $$ $Utilization Utilization Utilization Utilization of of of of #er<itte3 #er<itte3 #er<itte3 #er<itte3 u1er u1er u1er u1er% %% %
!', #er<it1 the u1e of MAB in1talle3 !', onl to the u1er who 1uccee3e3 the i3entification
an3 authentication/

'/ '/ '/ '/B0)4A!, B0)4A!, B0)4A!, B0)4A!,- -- -+'C +'C +'C +'C $ $$ $Ber1onal Ber1onal Ber1onal Ber1onal u1er u1er u1er u1er bo@ bo@ bo@ bo@ acce11 acce11 acce11 acce11 control control control control% %% %
!', #er<it1 onl a u1er to u1e the u1er function of the #er1onal u1er bo@ that thi1 u1er
own1/
!', #er<it1 onl a u1er to u1e the u1er function of the u1e bo@ file in the #er1onal u1er bo@
that thi1 u1er own1/

'/ '/ '/ '/BU+*)C BU+*)C BU+*)C BU+*)C- -- -+'C +'C +'C +'C $ $$ $Bublic Bublic Bublic Bublic u1er u1er u1er u1er bo@ bo@ bo@ bo@ a aa acce11 cce11 cce11 cce11 control control control control% %% %
!', #er<it1 the u1er who 1uccee3e3 i3entification an3 authentication the rea3in"
o#eration of the #ublic u1er bo@/
!', #er<it1 the u1er function of the #ublic u1er bo@ onl to the u1er who i1 #er<itte3 the
u1e of thi1 #ublic u1er bo@/
!', #er<it1 the u1er function of the u1er bo@ file in the #ublic u1er bo@ onl to the u1er who
i1 #er<itte3 the u1e of thi1 #ublic u1er bo@/

'/ '/ '/ '/G0'UB G0'UB G0'UB G0'UB- -- -+'C +'C +'C +'C $ $$ $Grou# Grou# Grou# Grou# u1er u1er u1er u1er bo@ bo@ bo@ bo@ acce11 acce11 acce11 acce11 control control control control% %% %
!', #er<it1 the u1er function of the "rou# u1er bo@ that thi1 account own1 onl to the u1er
who i1 #er<itte3 the u1e of thi1 account/
!', #er<it1 the u1er function of the u1er bo@ file in the "rou# u1er bo@ that thi1 account
own1 onl to the u1er who i1 #er<itte3 the u1e of thi1 account/

'/S,CU0, '/S,CU0, '/S,CU0, '/S,CU0,- -- -B0)(! B0)(! B0)(! B0)(! $ $$ $Acce11 control for 1ecure #rint file1 an3 Acce11 control for 1ecure #rint file1 an3 Acce11 control for 1ecure #rint file1 an3 Acce11 control for 1ecure #rint file1 an3 ): N #rint ): N #rint ): N #rint ): N #rint file1 file1 file1 file1% %% %
!', #er<it1 the u1er function of a 1ecure #rint file onl to the u1er who wa1 allowe3 to u1e
the file/
!', #er<it1 the u1er function of an ): N #rint file onl to the u1er who 1tore3 that file/

'/ '/ '/ '/C'(A)G C'(A)G C'(A)G C'(A)G $ $$ $Acce11 Acce11 Acce11 Acce11 li<itation li<itation li<itation li<itation to to to to <ana"e<ent <ana"e<ent <ana"e<ent <ana"e<ent function function function function% %% %
!', #er<it1 onl the a3<ini1trator the o#eration of the followin" function1/
!he 1ettin" function relate3 to the SM!B 1er2er
!he 1ettin" function relate3 to the :(S 1er2er
!he 1ettin" function relate3 to the a33re11 of MAB

24 / 112
+ac;u# function
0e1toration function
!he 1ettin" function of !ru1te3 Channel function 1ettin" 3ata
!he 1ettin" function1 of certificate1. tran1<i11ion a33re11 3ata. etc u1e3 for the S/M)M,
function/
!he 1ettin" function of !S) recei2in"
!he 1ettin" function of BC-AAC rece#tion
Counter <ana"e<ent function
!', #er<it1 the o#eration of the followin" function1 onl to the a3<ini1trator an3 the 1er2ice
en"ineer/
!he function relate3 to the 1ettin" of ,nhance3 Securit function

'/ '/ '/ '/'4,0W0)!, '4,0W0)!, '4,0W0)!, '4,0W0)!,- -- -A** A** A** A** $ $$ $Co<#lete Co<#lete Co<#lete Co<#lete o2erwrite o2erwrite o2erwrite o2erwrite 3eletion 3eletion 3eletion 3eletion% %% %
!', o2erwrite1 all the 3ata re"ion1 of -:: in MAB with 3eletion 3ata. an3 <a;e1 all i<a"e
3ata unable to re1tore/ )n a33ition. !', #ro2i3e1 a function to initialize 1ettin"1 1uch a1 the
hi"hl confi3ential #a11wor31 on (40AM $a3<ini1trator #a11wor3. encr#tion #a11#hra1e.
S(MB #a11wor3. an3 Web:A4 1er2er #a11wor3% 1et b a u1er or an a3<ini1trator/

'/ '/ '/ '/C0YB! C0YB! C0YB! C0YB!- -- -&,Y &,Y &,Y &,Y $ $$ $,ncr#tion ,ncr#tion ,ncr#tion ,ncr#tion ;e ;e ;e ;e "eneration "eneration "eneration "eneration% %% %
!', "enerate1 an encr#tion ;e to encr#t an3 1tore all the 3ata written in the -:: in the
MAB inclu3in" i<a"e file1/

'/ '/ '/ '/!0US!,: !0US!,: !0US!,: !0US!,:- -- -BASS BASS BASS BASS $ $$ $!he !he !he !he u1e u1e u1e u1e of of of of !ru1te3 !ru1te3 !ru1te3 !ru1te3 Channel Channel Channel Channel% %% %
!', #ro2i3e1 the function that co<<unicate1 2ia !ru1te3 Channel the followin" i<a"e file.
which i1 tran1<itte3 an3 recei2e3 between MAB an3 client BC/
8 )<a"e file tran1<itte3 fro< MAB to client BC 9
U1er bo@ file
8 )<a"e file tran1<itte3 fro< client BC to MAB 9
)<a"e file that will be 1tore3 a1 u1er bo@ file1
)<a"e file that will be 1tore3 a1 1ecure #rint file1
)<a"e file1 that will be 1tore3 a1 ): N #rint file1

'/ '/ '/ '/C0YB!' C0YB!' C0YB!' C0YB!'- -- -MA)* MA)* MA)* MA)* $ $$ $!he !he !he !he u1e u1e u1e u1e of of of of encr#te3 encr#te3 encr#te3 encr#te3 <ail <ail <ail <ail% %% %
!', #ro2i3e1 the function that encr#t1 an3 tran1<it1 the u1er bo@ file tran1<itte3 fro< MAB
to the correct 3e1tination with e-<ail/

'/AAC '/AAC '/AAC '/AAC- -- -C'(!0'* C'(!0'* C'(!0'* C'(!0'* $Aa@ unit control% $Aa@ unit control% $Aa@ unit control% $Aa@ unit control%
!', #ro2i3e1 the control function that #rohibit1 an acce11 to internal networ; which the MAB
connect1 with. fro< #ublic line 2ia the Aa@ #ublic line #ortal/

'/ '/ '/ '/AU!- AU!- AU!- AU!-- -- -CABA+)*)!Y CABA+)*)!Y CABA+)*)!Y CABA+)*)!Y $!he $!he $!he $!he 1 11 1u##ort u##ort u##ort u##ort o#eration o#eration o#eration o#eration to to to to utilize utilize utilize utilize u1er u1er u1er u1er authentication authentication authentication authentication function function function function% %% %
!', 1u##ort1 the nece11ar o#eration to utilize the u1er authentication function b u1er
infor<ation <ana"e<ent 1er2er u1in" Acti2e :irector/

'/ '/ '/ '/C0YB!' C0YB!' C0YB!' C0YB!'- -- -CABA+)*)!Y CABA+)*)!Y CABA+)*)!Y CABA+)*)!Y $!he $!he $!he $!he 1u##ort 1u##ort 1u##ort 1u##ort o#eration o#eration o#eration o#eration to to to to utilize utilize utilize utilize -:: -:: -:: -:: en en en encr#tion cr#tion cr#tion cr#tion function function function function% %% %
!', 1u##ort1 nece11ar <echanical o#eration1 to utilize the -:: encr#tion function b

25 / 112
AS)C/

F/2/ F/2/ F/2/ F/2/ Securit 'bHecti2e1 for the '#erational ,n2iron<ent

)n thi1 1ection. the 1ecurit obHecti2e1 for !', o#erational en2iron<ent are 3e1cribe3/

',/A,,: ',/A,,: ',/A,,: ',/A,,:- -- -+AC& +AC& +AC& +AC& $ $$ $Utilization Utilization Utilization Utilization of of of of a##lication a##lication a##lication a##lication to to to to 1how 1how 1how 1how 1ecure 1ecure 1ecure 1ecure #a11wor3 #a11wor3 #a11wor3 #a11wor3% %% %
!he a3<ini1trator an3 u1er utilize the a##lication of a brow1er etc/. u1e3 b client BC to acce11
MAB. that #ro2i3e1 a##ro#riate #rotecte3 fee3bac; to the u1er #a11wor3. u1er bo@ #a11wor3.
account #a11wor3. a3<ini1trator #a11wor3. 1ecure #rint #a11wor3. S(MB #a11wor3. an3
Web:A4 1er2er #a11wor3. which will be entere3/

', ', ', ',/S /S /S /S,04,0 ,04,0 ,04,0 ,04,0 $ $$ $Utilization Utilization Utilization Utilization of of of of u1er u1er u1er u1er infor<ation infor<ation infor<ation infor<ation <ana"e<ent <ana"e<ent <ana"e<ent <ana"e<ent 1er2er% 1er2er% 1er2er% 1er2er%
!he a3<ini1trator 1et1 to utilize u1er <ana"e<ent b Acti2e :irector in ca1e of u1in"
e@ternal u1er infor<ation <ana"e<ent 1er2er in1tea3 of MAB for the <ana"e<ent of u1er
account/

', ', ', ',/S,SS)'( /S,SS)'( /S,SS)'( /S,SS)'( $!er<ination $!er<ination $!er<ination $!er<ination of of of of 1e11ion 1e11ion 1e11ion 1e11ion after after after after o#eration% o#eration% o#eration% o#eration%
!he a3<ini1trator ha1 the u1er i<#le<ent the followin" o#eration/
After the o#eration of 1ecure #rint file1. ): N #rint file1. an3 the u1er bo@ an3 u1er bo@ file1
en31. the lo"off o#eration i1 #erfor<e3/
!he a3<ini1trator e@ecute1 the followin" o#eration/
After the o#eration of the 2ariou1 function in a3<ini1trator <o3e en31. the lo"off o#eration
i1 #erfor<e3
!he 1er2ice en"ineer e@ecute1 the followin" o#eration/
After the o#eration of the 2ariou1 function in 1er2ice <o3e en31. the lo"off o#eration i1
#erfor<e3/

', ', ', ',/A:M)( /A:M)( /A:M)( /A:M)( $ $$ $A AA A reliable reliable reliable reliable a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator% %% %
!he re1#on1ible #er1on in the or"anization who u1e1 MAB will a11i"n a #er1on who can
faithfull e@ecute the "i2en role 3urin" the o#eration of the MAB with !', a1 an
a3<ini1trator/

', ', ', ',/S,04)C, /S,04)C, /S,04)C, /S,04)C, $ $$ $!he !he !he !he 1er2ice 1er2ice 1er2ice 1er2ice en"ineer en"ineer en"ineer en"ineerJ JJ J1 11 1 "uarantee "uarantee "uarantee "uarantee% %% %
!he re1#on1ible #er1on in the or"anization <ana"in" the <aintenance of MAB e3ucate1 a
1er2ice en"ineer in or3er to faithfull carr out the "i2en role for the in1tallation of the !',.
the 1etu# of !', an3 the <aintenance of the MAB with !',/
!he a3<ini1trator ob1er2e1 the <aintenance wor; of MAB with !', b a 1er2ice en"ineer/

',/(,!W'0& ',/(,!W'0& ',/(,!W'0& ',/(,!W'0& $ $$ $(etwor; (etwor; (etwor; (etwor; ,n2iron<ent ,n2iron<ent ,n2iron<ent ,n2iron<ent in in in in which which which which the the the the MAB MAB MAB MAB i1 i1 i1 i1 connecte3 connecte3 connecte3 connecte3% %% %
!he re1#on1ible #er1on in the or"anization who u1e1 MAB carrie1 out the ta##in" #re2ention
<ea1ure1 b 1ettin" the ci#her co<<unication1 eIui#<ent an3 the ta##in" 3etection
eIui#<ent to the *A( of the office where MAB with !', i1 in1talle3/
!he re1#on1ible #er1on in the or"anization who u1e1 MAB carrie1 out the <ea1ure1 for the
unauthorize3 acce11 fro< the out1i3e b 1ettin" u# the eIui#<ent 1uch a1 the firewall to
interce#t the acce11 fro< an e@ternal networ; to MAB with !',/

26 / 112

',/AAC ',/AAC ',/AAC ',/AAC- -- -U()! U()! U()! U()! $Utilization of Aa@ unit% $Utilization of Aa@ unit% $Utilization of Aa@ unit% $Utilization of Aa@ unit%
!he 1er2ice en"ineer in1tall1 the Aa@ unit on MAB which i1 the o#tional #art1 an3 1et1 to
utilize the function of the Aa@ unit/

',/ ',/ ',/ ',/S,C0,! S,C0,! S,C0,! S,C0,! $ $$ $A##ro#riate A##ro#riate A##ro#riate A##ro#riate <an <an <an <ana"e<ent a"e<ent a"e<ent a"e<ent of of of of confi3ential confi3ential confi3ential confi3ential infor<ation infor<ation infor<ation infor<ation% %% %
!he a3<ini1trator ha1 the u1er i<#le<ent the followin" o#eration/
&ee# the u1er #a11wor3 an3 1ecure #rint #a11wor3 confi3ential/
&ee# the u1er bo@ #a11wor3 an3 account #a11wor3 confi3ential between the u1er1 who
co<<onl utilize it/
Shoul3 not 1et the 2alue that can be "ue11e3 for the u1er #a11wor3. 1ecure #rint #a11wor3
an3 the u1er bo@ #a11wor3/
!he u1er #a11wor3 an3 the u1er bo@ #a11wor3 1houl3 be #ro#erl chan"e3/
When the a3<ini1trator chan"e1 the u1er #a11wor3 or the u1er bo@ #a11wor3. <a;e the u1er
to chan"e the< #ro<#tl/
!he a3<ini1trator e@ecute1 the followin" o#eration/
A2oi3 1ettin" an ea1-to-"ue11 2alue on the a3<ini1trator #a11wor3. account #a11wor3.
S(MB #a11wor3. encr#tion #a11#hra1e. an3 Web:A4 1er2er #a11wor3/
&ee# the a3<ini1trator #a11wor3. account #a11wor3. S(MB #a11wor3. encr#tion
#a11#har1e an3 Web:A4 1er2er #a11wor3 confi3ential/
Chan"e the a3<ini1trator #a11wor3. account #a11wor3. S(MB #a11wor3. encr#tion
#a11#hra1e. an3 Web:A4 1er2er #a11wor3 a##ro#riatel/
!he 1er2ice en"ineer e@ecute1 the followin" o#eration/
Shoul3 not 1et the 2alue that can be "ue11e3 for the C, #a11wor3/
&ee# the C, #a11wor3 confi3ential/
!he C, #a11wor3 1houl3 be #ro#erl chan"e3/
When the 1er2ice en"ineer chan"e1 the a3<ini1trator #a11wor3. <a;e the a3<ini1trator to
chan"e it #ro<#tl/

',/S,!!)(G ',/S,!!)(G ',/S,!!)(G ',/S,!!)(G- -- -S,CU0)!Y S,CU0)!Y S,CU0)!Y S,CU0)!Y $ $$ $'#eration '#eration '#eration '#erational 1etu# al 1etu# al 1etu# al 1etu# of of of of ,nhance3 ,nhance3 ,nhance3 ,nhance3 Securit Securit Securit Securit function function function function% %% %
!he a3<ini1trator <a;e1 the 1etu# of the enhance3 1ecurit function effecti2e for !', before
a u1er u1e1 it/

27 / 112
F/6/ F/6/ F/6/ F/6/ Securit 'bHecti2e1 0ationale

F/6/1/ F/6/1/ F/6/1/ F/6/1/ (ece11it

!he corre1#on3ence between the a11u<#tion1. threat1 an3 or"anization 1ecurit #olicie1 an3
1ecurit obHecti2e1 are 1hown in the followin" table/ )t 1how1 that the 1ecurit obHecti2e1
corre1#on3 to at lea1t one a11u<#tion. threat or or"anization 1ecurit #olicie1/

!able !able !able !able 1 11 1 Confor<it Confor<it Confor<it Confor<it of of of of 1 11 1ecurit ecurit ecurit ecurit obHecti2e1 obHecti2e1 obHecti2e1 obHecti2e1 to to to to a11u<#tion a11u<#tion a11u<#tion a11u<#tion1. threat1. an3 1. threat1. an3 1. threat1. an3 1. threat1. an3 or"anization or"anization or"anization or"anization 1ecurit #olic 1ecurit #olic 1ecurit #olic 1ecurit #olicie1 ie1 ie1 ie1
'r"anization 1ecurit
#olicie1
A11u<#tion1
!hreat1

Securit obHecti2e1
A
/
A
:
M
)
(

A
/
S
,
0
4
)
C
,

A
/
(
,
!
W
'
0
&

A
/
S
,
C
0
,
!

A
/
S
,
!
!
)
(
G

!
/
:
)
S
C
A
0
:
-
M
A
B

!
/
+
0
)
(
G
-
'
U
!
-
S
!
'
0
A
G
,

!
/
A
C
C
,
S
S
-
B
0
)
4
A
!
,
-
+
'
C

!
/
A
C
C
,
S
S
-
B
U
+
*
)
C
-
+
'
C

!
/
A
C
C
,
S
S
-
G
0
'
U
B
-
+
'
C

!
/
A
C
C
,
S
S
-
S
,
C
U
0
,
-
B
0
)
(
!

!
/
U
(
,
C
B
,
C
!
,
:
-
!
0
A
(
S
M
)
S
S
)
'
(

!
/
A
C
C
,
S
S
-
S
,
!
!
)
(
G

!
/
+
A
C
&
U
B
-
0
,
S
!
'
0
,

B
/
C
'
M
M
U
(
)
C
A
!
)
'
(
-
:
A
!
A

B
/
0
,
>
,
C
!
-
*
)
(
,

'/0,G)S!,0,:-US,0 C C C C
'/B0)4A!,-+'C C
'/BU+*)C-+'C C
'/G0'UB-+'C C
'/S,CU0,-B0)(! C
'/C'(A)G C C C C
'/'4,0W0)!,-A** C
'/C0YB!'-&,Y C
'/!0US!,:-BASS C
'/C0YB!'-MA)* C
'/AAC-C'(!0'* C
'/C0YB!'-CABA+)*)!Y C
'/AU!--CABA+)*)!Y C C C C
',/A,,:-+AC& C C C C C C C C
',/S,04,0 C C C C
',/S,SS)'( C C C C C C C C
',/A:M)( C
',/S,04)C, C
',/(,!W'0& C
',/AAC-U()! C
',/S,C0,! C
',/S,!!)(G-S,CU0)!Y C


28 / 112

F/6/2/ F/6/2/ F/6/2/ F/6/2/ Sufficienc of A11u<#tion1

!he 1ecurit obHecti2e1 for the a11u<#tion1 are 3e1cribe3 a1 follow1/

A/A:M)( A/A:M)( A/A:M)( A/A:M)( $ $$ $Ber1onnel Con3ition1 to be an Ber1onnel Con3ition1 to be an Ber1onnel Con3ition1 to be an Ber1onnel Con3ition1 to be an A3<ini1trator% A3<ini1trator% A3<ini1trator% A3<ini1trator%
!hi1 con3ition a11u<e1 that a3<ini1trator1 are not <aliciou1/
With ',/A:M)(. the or"anization that u1e1 the MAB a11i"n1 #er1onnel who are reliable in
the or"anization that u1e1 the MAB. 1o the reliabilit of the a3<ini1trator i1 realize3/

A/S,04)C, A/S,04)C, A/S,04)C, A/S,04)C, $ $$ $Ber1onnel Ber1onnel Ber1onnel Ber1onnel Con3ition1 Con3ition1 Con3ition1 Con3ition1 to to to to be be be be a aa a Ser2ice Ser2ice Ser2ice Ser2ice ,n"ineer% ,n"ineer% ,n"ineer% ,n"ineer%
!hi1 con3ition a11u<e1 the 1er2ice en"ineer are not <aliciou1/
With ',/S,04)C,. the or"anization that <ana"e1 the <aintenance of the MAB e3ucate1 the
1er2ice en"ineer/ Al1o the a3<ini1trator nee31 to ob1er2e the <aintenance of the MAB. 1o that
the reliabilit of 1er2ice en"ineer1 i1 a11ure3/

A/(,!W'0& A/(,!W'0& A/(,!W'0& A/(,!W'0& $ $$ $(etwor; (etwor; (etwor; (etwor; Connection Connection Connection Connection Con3ition1 Con3ition1 Con3ition1 Con3ition1 for for for for the the the the MAB MAB MAB MAB% %% %
!hi1 con3ition a11u<e1 that there are no wireta##in" acti2itie1 an3 no acce11 b an
un1#ecifie3 #er1on fro< an e@ternal networ; to the intra-office *A(/
',/(,!W'0& re"ulate1 the wireta##in" #re2ention b the in1tallation of 3e2ice1 1uch a1 a
wireta##in" 3etection 3e2ice an3 3e2ice to #erfor< the encr#tion co<<unication on the
intra-office *A(/ )t al1o re"ulate1 the unauthorize3 acce11 #re2ention fro< e@ternal b the
in1tallation of 3e2ice1 1uch a1 firewall in or3er to bloc; acce11 to the MAB fro< the e@ternal
networ;1. 1o that thi1 con3ition i1 realize3/

A/S,C0,! A/S,C0,! A/S,C0,! A/S,C0,! $'#eratin" $'#eratin" $'#eratin" $'#eratin" con3ition con3ition con3ition con3ition concernin" concernin" concernin" concernin" confi3ential confi3ential confi3ential confi3ential infor<ation% infor<ation% infor<ation% infor<ation%
!hi1 con3ition a11u<e1 each #a11wor3 an3 encr#tion #a11#hra1e u1in" for the u1e of !',
1houl3 not be lea;e3 b each u1er/
',/S,C0,! re"ulate1 that the a3<ini1trator <a;e1 the u1er to e@ecute the o#eration rule
concernin" the 1ecure #rint #a11wor3. u1er bo@ #a11wor3. u1er #a11wor3. an3 account
#a11wor3 an3 that the a3<ini1trator e@ecute1 the o#eration rule concernin" the
a3<ini1trator #a11wor3. S(MB #a11wor3. encr#tion #a11#hra1e. account #a11wor3. an3
Web:A4 1er2er #a11wor3/ )t al1o re"ulate1 that the 1er2ice en"ineer e@ecute1 the o#eration
rule concernin" the C, #a11wor3. an3 that the 1er2ice en"ineer <a;e1 the a3<ini1trator to
e@ecute the o#eration rule concernin" the a3<ini1trator #a11wor3. 1o that thi1 con3ition i1
realize3/

A/S,!!)(G A/S,!!)(G A/S,!!)(G A/S,!!)(G $ $$ $,nhance3 ,nhance3 ,nhance3 ,nhance3 Securit Securit Securit Securit Aunction Aunction Aunction Aunction '#erational '#erational '#erational '#erational Setu# Setu# Setu# Setu# Con3ition Con3ition Con3ition Con3ition% %% %
!hi1 con3ition a11u<e1 the enhance3 1ecurit function o#erational 1ettin"1 con3ition i1
1ati1fie3/
',/S,!!)(G-S,CU0)!Y re"ulate1 that thi1 i1 u1e3 after the a3<ini1trator acti2ate1 the
enhance3 1ecurit function. 1o that thi1 con3ition i1 realize3/

F/6/6/ F/6/6/ F/6/6/ F/6/6/ Sufficienc of !hreat1

!he 1ecurit obHecti2e1 a"ain1t threat1 are 3e1cribe3 a1 follow1/

29 / 112

!/:)SCA0: !/:)SCA0: !/:)SCA0: !/:)SCA0:- -- -MAB MAB MAB MAB $*ea1e $*ea1e $*ea1e $*ea1e return return return return an3 an3 an3 an3 3i1car3 3i1car3 3i1car3 3i1car3 of of of of MAB% MAB% MAB% MAB%
!hi1 threat a11u<e1 the #o11ibilit of lea;in" infor<ation fro< MAB collecte3 fro< the u1er/
'/'4,0W0)!,-A** i1 that !', #ro2i3e1 the function to o2erwrite 3ata for the 3eletion of
all area of -:: an3 initialize1 the infor<ation of (40AM. 1o that the #o11ibilit of the
threat i1 re<o2e3 b e@ecutin" thi1 function before MAB i1 collecte3/
Accor3in"l. thi1 threat i1 countere3 1ufficientl/

!/+0)(G !/+0)(G !/+0)(G !/+0)(G- -- -'U! 'U! 'U! 'U!- -- -S!'0AG, S!'0AG, S!'0AG, S!'0AG, $Unauthorize3 $Unauthorize3 $Unauthorize3 $Unauthorize3 brin" brin" brin" brin"in" in" in" in" out out out out -:: -:: -:: -::% %% %
!hi1 threat a11u<e1 the #o11ibilit that the i<a"e 3ata in -:: lea;1 b bein" 1tolen fro<
the o#erational en2iron<ent un3er MAB u1e3 or b in1tallin" the unauthorize3 -:: an3
ta;in" awa with the 3ata accu<ulate3 in it/
Aor the abo2e. the #o11ibilit of the threat i1 re3uce3 becau1e '/C0YB!'-&,Y a11u<e1 that
!', "enerate1 an encr#tion ;e to encr#t the 3ata written in the -::. an3 a <echanical
o#eration to u1e the -:: encr#tion function b AS)C i1 1u##orte3 b
'/C0YB!'-CABA+)*)!Y/

!/ACC,SS !/ACC,SS !/ACC,SS !/ACC,SS- -- -B0)4A!, B0)4A!, B0)4A!, B0)4A!,- -- -+'C +'C +'C +'C $Unauthorize3 $Unauthorize3 $Unauthorize3 $Unauthorize3 acce11 acce11 acce11 acce11 to to to to #er1onal #er1onal #er1onal #er1onal u1er u1er u1er u1er bo@ bo@ bo@ bo@ u1in" u1in" u1in" u1in" u1er u1er u1er u1er function function function function% %% %
!hi1 threat a11u<e1 the #o11ibilit that an unauthorize3 o#eration i1 3one b u1in" the u1er
function for the #er1onal u1er bo@ which each u1er u1e1 to 1tore the i<a"e file/
'/0,G)S!,0,:-US,0 i1 a11u<e3 that onl the u1er to who< !', 1uccee3 i3entification
an3 authentication i1 #er<itte3 to u1e MAB in1talle3 !',. further<ore. the o#eration of a
#er1onal u1er bo@ an3 the u1er bo@ file in a #er1onal u1er bo@ i1 re1tricte3 onl to the u1er
who i1 the owner b '/B0)4A!,-+'C. 1o that the #o11ibilit of the threat i1 re3uce3/ When
the e@ternal u1er infor<ation <ana"e<ent 1er2er i1 u1e3. the #o11ibilit of the threat i1
re3uce3 becau1e the u1er i3entification an3 authentication i1 o#erate3 throu"h
'/AU!--CABA+)*)!Y 1u##ortin" the o#eration for the u1er authentication function b the
u1er infor<ation <ana"e<ent 1er2er of Acti2e :irector an3 throu"h ',/S,04,0 1ettin" to
u1e the u1er <ana"e<ent b Acti2e :irector b the a3<ini1trator/
',/A,,:-+AC& u1e1 the a##lication re"ulatin" to return the #rotecte3 fee3bac; for the
entere3 #a11wor3 in the u1erJ1 authentication. an3 ',/S,SS)'( al1o reIuire1 the lo"-off
o#eration after the o#eration en31. 1o that '/0,G)S!,0,:-US,0 an3 '/B0)4A!,-+'C are
1u##orte3 1ufficientl/

!/ACC,SS !/ACC,SS !/ACC,SS !/ACC,SS- -- -BU+*)C BU+*)C BU+*)C BU+*)C- -- -+'C +'C +'C +'C $Unauthorize3 $Unauthorize3 $Unauthorize3 $Unauthorize3 acce11 acce11 acce11 acce11 to to to to # ## #ublic ublic ublic ublic u1er u1er u1er u1er bo@ bo@ bo@ bo@ u1in" u1in" u1in" u1in" u1er u1er u1er u1er function function function function% %% %
!hi1 threat a11u<e1 the #o11ibilit that an unauthorize3 o#eration i1 3one b u1in" the u1er
function for the #ublic u1er bo@ which each u1er 1hare1 to 1tore the i<a"e file/
'/0,G)S!,0,:-US,0 a11u<e1 that onl the u1er to who< !', 1uccee3 i3entification an3
authentication i1 #er<itte3 to u1e MAB in1tallin" !',. further<ore. the o#eration of the
#ublic u1er bo@ an3 the u1er bo@ file in the #ublic u1er bo@ i1 re1tricte3 onl to the u1er who i1
#er<itte3 b '/BU+*)C-+'C. 1o that the #o11ibilit of the threat i1 re3uce3/ When the
e@ternal u1er infor<ation <ana"e<ent 1er2er i1 u1e3. the #o11ibilit of the threat i1 re3uce3
becau1e the u1er i3entification an3 authentication i1 o#erate3 throu"h
'/AU!--CABA+)*)!Y 1u##ortin" the o#eration for the u1er authentication function b the

30 / 112
u1er infor<ation <ana"e<ent 1er2er of Acti2e :irector an3 throu"h ',/S,04,0 1ettin" to
u1e the u1er <ana"e<ent b Acti2e :irector b the a3<ini1trator/
entere3 #a11wor3 in the u1erJ1 authentication an3 u1er bo@J1 authentication. an3
',/S,SS)'( reIuire1 the lo"-off o#eration after the o#eration en31. 1o that
'/0,G)S!,0,:-US,0 an3 '/BU+*)C-+'C are 1u##orte3 1ufficientl/

!/ACC,SS !/ACC,SS !/ACC,SS !/ACC,SS- -- -G0'UB G0'UB G0'UB G0'UB- -- -+'C +'C +'C +'C $Unauthorize3 $Unauthorize3 $Unauthorize3 $Unauthorize3 acce11 acce11 acce11 acce11 to to to to a aa a "rou# "rou# "rou# "rou# u1er u1er u1er u1er bo@ bo@ bo@ bo@ u1in" u1in" u1in" u1in" u1er u1er u1er u1er fu fu fu function% nction% nction% nction%
!hi1 threat a11u<e1 the #o11ibilit that an unauthorize3 o#eration i1 #erfor<e3 b u1in" the
u1er function for the "rou# u1er bo@ that i1 a 1tora"e area of i<a"e file u1e3 b u1er who i1
#er<itte3 the u1e of the account. or the u1er bo@ file in it/
'/0,G)S!,0,:-US,0 a11u<e1 that !', #er<it1 onl the u1er who 1uccee3e3 the
i3entification an3 authentication to u1e MAB in1talle3 !',. further<ore. the o#eration of
the "rou# u1er bo@ an3 u1er bo@ file in the "rou# u1er bo@ i1 re1tricte3 onl to the #er<itte3
u1er b '/G0'UB-+'C. 1o that the #o11ibilit of the threat i1 re<o2e3/ When the e@ternal
u1er infor<ation <ana"e<ent 1er2er i1 u1e3. the #o11ibilit of the threat i1 re3uce3 becau1e
the u1er i3entification an3 authentication i1 o#erate3 throu"h '/AU!--CABA+)*)!Y
1u##ortin" the o#eration for the u1er authentication function b the u1er infor<ation
<ana"e<ent 1er2er of Acti2e :irector an3 throu"h ',/S,04,0 1ettin" to u1e the u1er
<ana"e<ent b Acti2e :irector b the a3<ini1trator/
entere3 #a11wor3 in the u1erJ1 authentication an3 accountJ1 authentication. an3
',/S,SS)'( al1o reIuire1 the lo"-off o#eration after the o#eration en31. 1o that
'/0,G)S!,0,:-US,0 an3 '/G0'UB-+'C are 1u##orte3 1ufficientl/

!/ACC,SS !/ACC,SS !/ACC,SS !/ACC,SS- -- -S,CU0, S,CU0, S,CU0, S,CU0,- -- -B0)(! B0)(! B0)(! B0)(! $Unauthorize3 $Unauthorize3 $Unauthorize3 $Unauthorize3 a aa acce11 to a 1ecure #rint file cce11 to a 1ecure #rint file cce11 to a 1ecure #rint file cce11 to a 1ecure #rint file or an ): N #rint file or an ): N #rint file or an ): N #rint file or an ): N #rint file
u1in" the u1er function u1in" the u1er function u1in" the u1er function u1in" the u1er function% % % %
!hi1 threat a11u<e1 the #o11ibilit that an unauthorize3 o#eration i1 3one to the 1ecure #rint
an3 ): N #rint u1in" u1er function/
'/0,G)S!,0,:-US,0 a11u<e1 that !', #er<it1 onl the u1er who 1uccee3e3 the
i3entification an3 authentication to u1e MAB in1tallin" !',. further<ore. the o#eration1 of
the 1ecure #rint an3 ): N #rint are li<ite3 onl to the authorize3 u1er b '/S,CU0,-B0)(!.
1o that the #o11ibilit of the threat i1 re3uce3/ When the e@ternal u1er infor<ation
<ana"e<ent 1er2er i1 u1e3. the #o11ibilit of the threat i1 re3uce3 becau1e the u1er
i3entification an3 authentication i1 o#erate3 throu"h '/AU!--CABA+)*)!Y 1u##ortin" the
o#eration for the u1er authentication function b the u1er infor<ation <ana"e<ent 1er2er of
Acti2e :irector an3 throu"h ',/S,04,0 1ettin" to u1e the u1er <ana"e<ent b Acti2e
:irector b the a3<ini1trator/
entere3 #a11wor3 in the u1erJ1 authentication an3 acce11 authentication to the 1ecure #rint.
an3 ',/S,SS)'( reIuire1 the lo"-off o#eration after the o#eration en31. 1o that
'/0,G)S!,0,:-US,0 an3 '/S,CU0,-B0)(! are 1u##orte3 1ufficientl/


31 / 112
!/ !/ !/ !/U(,CB,C!,: U(,CB,C!,: U(,CB,C!,: U(,CB,C!,:- -- -!0A(SM)SS)'( !0A(SM)SS)'( !0A(SM)SS)'( !0A(SM)SS)'( $ $$ $!ran1<i11ion to uninten3e3 a33re11 !ran1<i11ion to uninten3e3 a33re11 !ran1<i11ion to uninten3e3 a33re11 !ran1<i11ion to uninten3e3 a33re11% % % %
!hi1 threat a11u<e1 the #o11ibilit of 1en3in" the u1er bo@ file to the a33re11 that i1nJt
inten3e3. when the networ; 1ettin" that relate1 to the tran1<i11ion i1 ille"all chan"e3/ !hi1
i1 concerne3 about a #o11ibilit that the u1er bo@ file i1 tran1<itte3 to the 1#ecifie3 1er2er
ille"all without the chan"e of the networ; en2iron<ent con1titution b the <aliciou1 #er1on
b. for in1tance. ille"all bein" chan"e3 the a33re11 of the SM!B 1er2er that rela1 ,-<ail for
the ,-<ail. or ille"all bein" chan"e3 the a33re11 of the :(S 1er2er where the 3o<ain na<e
i1 inIuire3 when the a33re11 of the SM!B 1er2er i1 u1e3 for a 1earch of the 3o<ain na<e/
Aor A!B tran1<i11ion. b bein" li;el to u1e the <echani1< of the 1earch of the 3o<ain na<e
i1 concerne3 about the 1i<ilar #o11ibilit of the inci3ent <i"ht be occurre3 b ,-<ailin"/
Aurther<ore. when the networ; 1ettin" which i1 relate3 to the a33re11 of MAB i1 <o3ifie3
ille"all. it a11u<e1 the #o11ibilit to u1e the #rint function to the unauthorize3 entit fro<
client BC b the u1er who belie2e1 a1 !',/ ,1#eciall. it beco<e1 a #roble< if a 1ecure #rint
file or an ): N #rint file which i1 reIuire3 to be conceale3 fro< other u1er1 in the office i1
tran1<itte3 to the unauthorize3 entit/
)n a33ition to thi1. the 1ettin" of BC-AAC rece#tion an3 the 1ettin" of !S) rece#tion a11u<e1
the #o11ibilit of uninten3e3 u1er bo@ file 1torin" at AAC rece#tion/
'n the other han3. '/C'(A)G re"ulate1 that the role to o#erate the networ; 1ettin" relatin"
to the tran1<i11ion of !',. the 1ettin" of BC-AAC rece#tion an3 the 1ettin" of !S) rece#tion
are li<ite3 to the a3<ini1trator. an3 1o the #o11ibilit of thi1 threat i1 re<o2e3/
',/A,,:-+AC& u1e1 the a##lication re"ulatin" that the fee3bac; #rotecte3 i1 returne3 for
the entere3 #a11wor3 b the a3<ini1tratorJ1 authentication an3 ',/S,SS)'( reIuire1 to
lo"off after the o#eration en31. 1o that '/C'(A)G i1 1u##orte3 1ufficientl/

!/ACC,SS !/ACC,SS !/ACC,SS !/ACC,SS- -- -S,!!)(G S,!!)(G S,!!)(G S,!!)(G $ $$ $Unauthorize3 Unauthorize3 Unauthorize3 Unauthorize3 chan"e chan"e chan"e chan"e of of of of function function function function 1ettin" 1ettin" 1ettin" 1ettin" con3ition con3ition con3ition con3ition relate3 relate3 relate3 relate3 to to to to 1ecurit 1ecurit 1ecurit 1ecurit% %% %
!hi1 threat a11u<e1 the #o11ibilit of 3e2elo#in" con1eIuentiall into the lea;a"e of the u1er
bo@ file1. 1ecure #rint file1. or ): N #rint file1 b ha2in" been chan"e3 the 1#ecific function
1ettin" which relate1 to 1ecurit/
'/C'(A)G re"ulate1 that onl the a3<ini1trator an3 the 1er2ice en"ineer are #er<itte3 to
#erfor< the 1etu# of the enhance3 1ecurit function that control1 all 1ettin" function relate3
to a 1erie1 of 1ecurit. an3 1o the #o11ibilit of the threat i1 re<o2e3/
',/A,,:-+AC& u1e1 the a##lication re"ulatin" that the fee3bac; #rotecte3 i1 returne3 for
the entere3 2ariou1 #a11wor31 b the a3<ini1tratorJ1 authentication. an3 ',/S,SS)'( i1
al1o reIue1te3 to lo"off re1#ecti2el after the o#eration1 of the a3<ini1trator <o3e en31. 1o
that '/C'(A)G i1 1u##orte3 1ufficientl/

!/+AC&UB !/+AC&UB !/+AC&UB !/+AC&UB- -- -0,S!'0, 0,S!'0, 0,S!'0, 0,S!'0, $Unauthorize3 $Unauthorize3 $Unauthorize3 $Unauthorize3 u1e u1e u1e u1e of of of of bac; bac; bac; bac;- -- -u# u# u# u# function function function function an3 an3 an3 an3 re1tor re1tor re1tor re1toration ation ation ation function function function function% %% %
!hi1 threat a11u<e1 a #o11ibilit that u1er bo@ file1. 1ecure #rint file1. or ): N #rint file1 <a
lea; when the bac;-u# function or the re1toration function i1 ille"all u1e3/ Moreo2er. thi1
a11u<e1 that confi3ential 3ata 1uch a1 #a11wor31 <i"ht lea; or 2ariou1 1ettin"1 are fal1ifie3.
1o that u1er bo@ file1. 1ecure #rint file1. or ): N #rint file1 <a lea;/
'/C'(A)G re"ulate1 that the u1e of the bac;-u# function an3 the re1toration function i1
#er<itte3 onl to the a3<ini1trator. 1o that the #o11ibilit of the threat i1 re<o2e3/
',/A,,:-+AC& u1e1 the a##lication re"ulatin" that the #rotecte3 fee3bac; i1 returne3 for

32 / 112
the entere3 #a11wor3 b the a3<ini1trator authentication an3 ',/S,SS)'( i1 al1o
reIue1te3 the lo"-off o#eration after the o#eration en31. an3 1o '/C'(A)G i1 1ufficientl
1u##orte3/

F/6/F/ F/6/F/ F/6/F/ F/6/F/ Sufficienc of 'r"anizational Securit Bolicie1

Securit obHecti2e corre1#on3in" to or"anizational 1ecurit #olicie1 i1 e@#laine3 a1 follow1/

B/C'MMU()CA!)'( B/C'MMU()CA!)'( B/C'MMU()CA!)'( B/C'MMU()CA!)'(- -- -:A!A :A!A :A!A :A!A $1ecure $1ecure $1ecure $1ecure co<<unication co<<unication co<<unication co<<unication of of of of i<a"e i<a"e i<a"e i<a"e file% file% file% file%
!hi1 or"anizational 1ecurit #olic #re1cribe1 carrin" out #roce11in" 2ia tru1te3 #a11 to a
correct 3e1tination or encr#tin" to en1ure the confi3entialit about the i<a"e file which
flow1 on a networ; in the ca1e of the or"anization or the u1er e@#ect to be #rotecte3/ A1 thi1
corre1#on31 a1 oneJ1 reIue1t. there i1 no nee3 to #ro2i3e 1ecure co<<unication function for
all co<<unication/ At lea1t one 1ecure co<<unication <etho3 between MAB an3 client BC
nee31 to be #ro2i3e3 when tran1<ittin" the 1ecure #rint file or the u1er bo@ file/
'/!0US!,:-BASS #ro2i3e1 !ru1te3 Channel to a correct 3e1tination in the tran1<i11ion
an3 rece#tion of an i<a"e between MAB an3 client BC1 for u1er bo@ file1. 1ecure #rint file1.
an3 ): N #rint file1 that 1a2e confi3ential i<a"e1. 1o that the or"anizational 1ecurit #olicie1
i1 achie2e3/
Al1o. the 1ecurit obHecti2e #ro2i3e1 the tran1<i11ion function to a correct 3e1tination b
encr#tin" the u1er bo@ file tran1<itte3 b e-<ail fro< MAB to client BC b
'/C0YB!'-MA)*. 1o that the or"anizational 1ecurit #olicie1 i1 achie2e3/
Aurther<ore. '/C'(A)G re1trict1 the !ru1te3 Channel function 1ettin" 3ata. the
<ana"e<ent of the u1er bo@ file1J encr#tion b e-<ail an3 the tran1<i11ion a33re11 3ata to
the a3<ini1trator/ An3. ',/A,,:-+AC& u1e1 the a##lication re"ulatin" that the #rotecte3
fee3bac; i1 returne3 for the entere3 #a11wor3 in the a3<ini1tratorJ1 authentication. an3
',/S,SS)'( i1 al1o re"ulate3 to lo" off after the o#eration1 of the a3<ini1trator <o3e en31.
1o that '/C'(A)G i1 1u##orte3/
Accor3in"l. thi1 or"anizational 1ecurit #olic i1 1ufficientl to achie2e/

B/0,>,C! B/0,>,C! B/0,>,C! B/0,>,C!- -- -*)(, *)(, *)(, *)(, $Acce11 #rohibition fro< #ublic line% $Acce11 #rohibition fro< #ublic line% $Acce11 #rohibition fro< #ublic line% $Acce11 #rohibition fro< #ublic line%
!hi1 or"anizational 1ecurit #olic #rohibit1 bein" acce11e3 to a 1tore3 3ata in a client BC
an3 a 1er2er e@i1tin" in internal networ; or a "eneral 3ata flowin" on internal networ; fro<
#ublic line 2ia the #ort of Aa@ #ublic line on Aa@ unit in1talle3 to MAB/
!hi1 <ean1 that co<<unication. li;e re<ote 3ia"no1tic function or ille"al o#eration
co<<an3. e@ce#t i<a"e 3ata which i1 1ent fro< #ublic line networ; an3 forwar3e3 to
internal networ; 2ia the #ort of Aa@ #ublic line of MAB i1 not forwar3e3 to internal networ;.
e2en thou"h Aa@ unit i1 in1talle3 on MAB at the reIue1t of the or"anization/
'/AAC-C'(!0'* #rohibit1 the acce11 to the 3ata e@i1tin" in internal networ; inclu3in" a
"eneral 3ata fro< #ublic line 2ia the Aa@ #ublic line #ortal/
Al1o. ',/AAC-U()! i1 re"ulate3 to in1tall Aa@ unit which i1 the o#tional #art on MAB b
1er2ice en"ineer. 1o that '/AAC-C'(!0'* i1 1u##orte3/
Accor3in"l. thi1 or"anizational 1ecurit #olic i1 achie2e3/


33 / 112

5/ 5/ 5/ 5/ ,@ten3e3 Co<#onent1 :efinition

5/1/ 5/1/ 5/1/ 5/1/ ,@ten3e3 Aunction Co<#onent

)n thi1 S!. three e@ten3e3 function co<#onent1 are 3efine3/ !he nece11it of each 1ecurit
function reIuire<ent an3 the rea1on of the labelin" 3efinition are 3e1cribe3/

AA:S0)B/1 AA:S0)B/1 AA:S0)B/1 AA:S0)B/1
!hi1 i1 the 1ecurit function reIuire<ent for the #rotection of the re<ainin" infor<ation of
u1er 3ata an3 !SA 3ata/
(ece11it of e@ten1ion
!he re"ulation for the #rotection of the !SA 3ata re<ainin" infor<ation i1 nece11ar/ +ut
the 1ecurit function reIuire<ent to e@#lain the #rotection of the re<ainin" infor<ation
e@i1t1 onl in A:BS0)B/1 for the u1er 3ata/ !here i1 no 1ecurit function reIuire<ent to
1ati1f thi1 reIuire<ent/
0ea1on for a##lie3 cla11 $AA:%
!here i1 no reIuire<ent to e@#lain both of the u1er 3ata an3 the !SA 3ata with no
3i1tinction/ !herefore. new Cla11 wa1 3efine3/
0ea1on for a##lie3 fa<il $0)B%
A1 thi1 i1 the e@ten1ion u# to the !SA 3ata b u1in" the content e@#laine3 b the rele2ant
fa<il of A:B cla11. the 1a<e label of thi1 fa<il wa1 a##lie3/

A) A) A) A)!SCAB/1 !SCAB/1 !SCAB/1 !SCAB/1
!hi1 i1 the 1ecurit function reIuire<ent for re"ulatin" the nece11ar abilit for !', to u1e
effecti2el the 1ecurit function of the e@ternal entit. )! en2iron<ent/
(ece11it of e@ten1ion
)n ca1e of !', u1in" the e@ternal 1ecurit function1. the e@ternal 1ecurit function to be
1urel 1ecure i1 i<#ortant. but !', abilit to #ro2i3e i1 2er i<#ortant in or3er to u1e
correctl the e@ternal 1ecurit function/ +ut there i1 no conce#t a1 thi1 reIuire<ent in the
1ecurit function reIuire<ent1/
0ea1on for a##lie3 cla11 $A)!%
!here i1 no 1uch conce#t in CC #art 2/ !herefore. new Cla11 wa1 3efine3/
0ea1on for a##lie3 fa<il $CAB/1%
A1 1i<ilar to cla11. there i1 no 1uch conce#t in CC #art 2/ !herefore. new Aa<il wa1
3efine3/

5/1/1/ 5/1/1/ 5/1/1/ 5/1/1/ AA:S0)B/1 :efinition

Cla11 Cla11 Cla11 Cla11 na na na na<e <e <e <e
AA:5 Brotection of all 3ata
Meanin" of abbre2iation5 AA: $Aunctional reIuire<ent for All :ata #rotection%

Cla11 Cla11 Cla11 Cla11 beha2ior beha2ior beha2ior beha2ior
!hi1 cla11 contain1 a fa<il 1#ecifin" the reIuire<ent relate3 with the #rotection of the u1er
3ata an3 the !SA 3ata with no 3i1tinction/ 'ne fa<il e@i1t1 here/

34 / 112

- 0e1i3ual )nfor<ation Brotection of All :ata $AA:S0)B%O

Aa<il Aa<il Aa<il Aa<il beha2ior beha2ior beha2ior beha2ior
!hi1 fa<il corre1#on31 to the nece11it ne2er to acce11 the 3elete3 3ata or newl create3
obHect an3 !SA 3ata which 1houl3 not 1et a1 acce11ible/ !hi1 fa<il reIuire1 the #rotection for
the infor<ation that wa1 3elete3 or relea1e3 lo"icall but ha1 a #o11ibilit to e@i1t 1till in
!',/

Co<#onent Co<#onent Co<#onent Co<#onent le2elin" le2elin" le2elin" le2elin"

AA:S0)B/15 D0e1i3ual )nfor<ation Brotection of All :ata after the e@#licit 3eletion o#erationD
reIuire1 of !SA to a11ure that the 1ub1et of the 3efine3 obHect controlle3 b !SA cannot
utilize an re<ainin" infor<ation of e2er re1ource un3er the allocation of re1ource or the
relea1e of it/

Au3it Au3it Au3it Au3it 5 55 5 AA:S0)B/1
!he u1e of the u1er i3entification infor<ation with the e@#licit 3eletion o#eration
Mana"e<ent Mana"e<ent Mana"e<ent Mana"e<ent 5 55 5 AA:S0)B/1
(o e@#ecte3 <ana"e<ent acti2it

FAD_RIP.1
0e 0e 0e 0e1i3ual 1i3ual 1i3ual 1i3ual )nfor<ation )nfor<ation )nfor<ation )nfor<ation Brotection Brotection Brotection Brotection of of of of All All All All :ata :ata :ata :ata after after after after the the the the e@#licit e@#licit e@#licit e@#licit 3eletion 3eletion 3eletion 3eletion
o#eration o#eration o#eration o#eration
FAD_RIP.1.1
!SA 1hall en1ure that the content of the infor<ation allocate3 to 1ource before 1hall not be a2ailable
after the e@#licit 3eletion o#eration a"ain1t the obHect an3 !SA 3ata/5 La11i"n<ent5 li1t of obHect an3 li1t
of !SA 3ataM
-ierarchical to 5 (o other co<#onent1
:e#en3encie1 5 (o 3e#en3encie1

5/1/2/ 5/1/2/ 5/1/2/ 5/1/2/ A)!SCAB/1 :efinition

Cla11 Cla11 Cla11 Cla11 na<e na<e na<e na<e
A)!5 Su##ort for )! en2iron<ent entit
Meanin" of abbre2iation5 A)! $Aunctional reIuire<ent for )! en2iron<ent 1u##ort%

Cla11 Cla11 Cla11 Cla11 beha2ior beha2ior beha2ior beha2ior
!hi1 cla11 contain1 a fa<il 1#ecifin" the reIuire<ent relate3 with the u1e of the 1ecurit
1er2ice #ro2i3e3 b )! en2iron<ent entit/ 'ne fa<il e@i1t1 here/

- U1e of )! en2iron<ent entit $A)!SCAB%O

Aa<il Aa<il Aa<il Aa<il beha2ior beha2ior beha2ior beha2ior
!hi1 fa<il corre1#on31 to the ca#abilit 3efinition for !', at the u1e of 1ecurit function of
)! en2iron<ent entit/
AA:S0)B 0e1i3ual )nfor<ation Brotection of All :ata
1

35 / 112

Co<#onent Co<#onent Co<#onent Co<#onent le2elin" le2elin" le2elin" le2elin"

Meanin" of abbre2iation5 CAB $CAB CAB CAB CABabilit of u1in" )! en2iron<ent%

A)!SCAB/15 DCa#abilit of u1in" 1ecurit 1er2ice of )! en2iron<ent entitD corre1#on31 to the
1ub1tantiation of ca#abilit nee3e3 to u1e the 1ecurit function correctl #ro2i3e3 b )!
en2iron<ent entit/

Au3it Au3it Au3it Au3it 5 55 5 A)!SCAB/1
!he followin" action1 1houl3 be au3itable if AAUSG,( Securit au3it 3ata "eneration i1 inclu3e3 in the
BB/S!/
a% Mini<al Aailure of o#eration for )! en2iron<ent entit
b% +a1ic U1e all o#eration of )! en2iron<ent entit $1ucce11. failure%
Mana"e<ent Mana"e<ent Mana"e<ent Mana"e<ent 5 55 5 A)!SCAB/1
!he followin" action1 coul3 be con1i3ere3 for the <ana"e<ent function1 in AM!/
!here i1 no <ana"e<ent acti2it e@#ecte3

FIT_CAP.1 Ca#abilit Ca#abilit Ca#abilit Ca#abilit of of of of u1in" u1in" u1in" u1in" 1ecurit 1ecurit 1ecurit 1ecurit 1 11 1er2ice er2ice er2ice er2ice of of of of )! )! )! )! en2 en2 en2 en2iron<ent iron<ent iron<ent iron<ent entit entit entit entit
FIT_CAP.1.1
!SA 1hall #ro2i3e the nece11ar ca#abilit to u1e the 1er2ice for La11i"n<ent5 1ecurit 1er2ice #ro2i3e3
b )! en2iron<ent entitM/ 5 La11i"n<ent5 nece11ar ca#abilit li1t for the o#eration of 1ecurit 1er2iceM

A)!SCAB Ca#abilit of u1in" )! en2iron<ent entit
1

36 / 112

6/ 6/ 6/ 6/ )! Securit 0eIuire<ent1

)n thi1 cha#ter. the !', 1ecurit reIuire<ent1 are 3e1cribe3/

8 88 8:efinition :efinition :efinition :efinition of of of of *abel *abel *abel *abel9 99 9
!he 1ecurit function reIuire<ent1 reIuire3 for the !', are 3e1cribe3/ !ho1e re"ulate3 in CC
Bart 2 will be 3irectl u1e3 for the functional reIuire<ent1 co<#onent1. an3 the 1a<e label1 will
be u1e3 a1 well/ !he new a33itional reIuire<ent which i1 not 3e1cribe3 in CC #art 2 i1 newl
e1tabli1he3 an3 i3entifie3 with the label that 3oe1nJt co<#ete with CC #art 2/

8 88 8 Metho3 Metho3 Metho3 Metho3 of of of of 1#ecifin" 1#ecifin" 1#ecifin" 1#ecifin" 1ecurit 1ecurit 1ecurit 1ecurit function function function function reIuire<ent reIuire<ent reIuire<ent reIuire<ent D DD D'#eration '#eration '#eration '#erationD DD D 9 99 9
)n the followin" 3e1cri#tion. when ite<1 are in3icate3 in DitalicD an3 Dbol3.D it <ean1 that the
are a11i"ne3 or 1electe3/ When ite<1 are in3icate3 in DitalicD an3 Dbol3D with #arenthe1i1 ri"ht
after the un3erline3 ori"inal 1entence1. it <ean1 that the un3erline3 1entence1 are refine3/ A
nu<ber in the #arenthe1e1 after a label <ean1 that the functional reIuire<ent i1 u1e3
re#eate3l/

8 88 8Metho3 Metho3 Metho3 Metho3 of of of of clear clear clear clear in3i in3i in3i in3ication cation cation cation of of of of 3e#en3enc 3e#en3enc 3e#en3enc 3e#en3enc9 99 9
!he label in the #arenthe1e1 D$ %D in the 3e#en3ent 1ection in3icate1 a label for the 1ecurit
functional reIuire<ent1 u1e3 in thi1 S!/ When it i1 a 3e#en3enc that i1 not reIuire3 to be u1e3
in thi1 S!. it i1 3e1cribe3 a1 D(/AD in the 1a<e #arenthe1e1/

6/1/ 6/1/ 6/1/ 6/1/ !', Securit 0eIuire<ent1

6/1/1/ 6/1/1/ 6/1/1/ 6/1/1/ !', Securit Aunctional 0eIuire<ent1

6/1/1/1/ 6/1/1/1/ 6/1/1/1/ 6/1/1/1/ Cr#to"ra#hic Su##ort

FCS_CKM.1 Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic ;e ;e ;e ;e "eneration "eneration "eneration "eneration
FCS_CKM.1.1
!he !SA 1hall "enerate cr#to"ra#hic ;e1 in accor3ance with a 1#ecifie3 cr#to"ra#hic ;e "eneration
al"orith< La11i"n<ent5 cr#to"ra#hic ;e "eneration al"orith<M an3 1#ecifie3 cr#to"ra#hic ;e 1ize1
La11i"n<ent5 cr#to"ra#hic ;e 1ize1M that <eet the followin"5 La11i"n<ent5 li1t of 1tan3ar31M/
La11i"n<ent5 li1t of 1tan3ar31M 5
*i1te3 *i1te3 *i1te3 *i1te3 in in in in D DD D!able !able !able !able2 22 2 Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic ;e ;e ;e ;e "eneration "eneration "eneration "eneration
0elation 0elation 0elation 0elation of of of of Stan3ar3 Stan3ar3 Stan3ar3 Stan3ar31 11 1- -- -Al"orith< Al"orith< Al"orith< Al"orith<- -- -&e &e &e &e 1ize1 1ize1 1ize1 1ize1D DD D
La11i"n<ent5 cr#to"ra#hic ;e "eneration al"orith<M 5
*i1te3 *i1te3 *i1te3 *i1te3 in in in in D DD D!able !able !able !able2 22 2 Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic ;e ;e ;e ;e "eneration "eneration "eneration "eneration
0elation 0elation 0elation 0elation of of of of Stan3ar3 Stan3ar3 Stan3ar3 Stan3ar31 11 1- -- -Al"orith Al"orith Al"orith Al"orith< << <- -- -&e &e &e &e 1ize1 1ize1 1ize1 1ize1D DD D
La11i"n<ent5 cr#to"ra#hic ;e 1ize1M 5
*i1te3 *i1te3 *i1te3 *i1te3 in in in in D DD D!able2 !able2 !able2 !able2 Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic ;e ;e ;e ;e "eneration "eneration "eneration "eneration
0elation 0elation 0elation 0elation of of of of Stan3ar3 Stan3ar3 Stan3ar3 Stan3ar31 11 1- -- -Al"orith< Al"orith< Al"orith< Al"orith<- -- -&e &e &e &e 1ize1 1ize1 1ize1 1ize1D DD D
:e#en3encie1 5 ACSSC&M/2 or ACSSC'B/1 $ACSSC'B/1%. ACSSC&M/F $(/A%


37 / 112
!able !able !able !able 2 22 2 Cr#to"ra Cr#to"ra Cr#to"ra Cr#to"ra# ## #hic hic hic hic &e &e &e &e Generation Generation Generation Generation5 55 5 0elation 0elation 0elation 0elation of of of of Stan3ar3 Stan3ar3 Stan3ar3 Stan3ar31 11 1- -- -Al"orith< Al"orith< Al"orith< Al"orith<- -- -&e &e &e &e 1ize1 1ize1 1ize1 1ize1
*i1t of Stan3ar31 Cr#to"ra#hic &e Generation Al"orith< Cr#to"ra#hic &e 1ize1
A)BS A)BS A)BS A)BS 176 176 176 176- -- -2 22 2 B BB B1eu3oran3o< 1eu3oran3o< 1eu3oran3o< 1eu3oran3o< nu<ber nu<ber nu<ber nu<ber Generation Generation Generation Generation A AA Al"orith< l"orith< l"orith< l"orith<

- -- - 127 127 127 127 bit1 bit1 bit1 bit1
- -- - 1=2 1=2 1=2 1=2 bit1 bit1 bit1 bit1
- -- - 167 167 167 167 bit1 bit1 bit1 bit1
- -- - 256 256 256 256 bit1 bit1 bit1 bit1
&onica Minolta &onica Minolta &onica Minolta &onica Minolta
,ncr#tion ,ncr#tion ,ncr#tion ,ncr#tion
1#ecification 1#ecification 1#ecification 1#ecification 1tan3ar3 1tan3ar3 1tan3ar3 1tan3ar3
&onica Minolta &onica Minolta &onica Minolta &onica Minolta -:: -:: -:: -:: ,ncr#tion ,ncr#tion ,ncr#tion ,ncr#tion &e &e &e &e Generation Generation Generation Generation
Al"orith< Al"orith< Al"orith< Al"orith<
- -- - 127 127 127 127 bit1 bit1 bit1 bit1

FCS_COP.1 Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic o#eration1 o#eration1 o#eration1 o#eration1
FCS_COP.1.1
!he !SA 1hall #erfor< La11i"n<ent5 li1t of Cr#to"ra#hic o#eration1M in accor3ance with a 1#ecifie3
cr#to"ra#hic al"orith< La11i"n<ent5 cr#to"ra#hic al"orith<M an3 cr#to"ra#hic ;e 1ize1
La11i"n<ent5 cr#to"ra#hic ;e 1ize1M that <eet the followin"5 La11i"n<ent5 li1t of 1tan3ar31M/
La11i"n<ent5 li1t of 1tan3ar31M 5
*i1te3 *i1te3 *i1te3 *i1te3 in in in in D DD D!able !able !able !able6 66 6 Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic o#eration o#eration o#eration o#eration
0elation 0elation 0elation 0elation of of of of Al"orith< Al"orith< Al"orith< Al"orith<- -- -&e &e &e &e 1ize1 1ize1 1ize1 1ize1- -- -Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic o#eration o#eration o#eration o#erationD DD D
La11i"n<ent5 cr#to"ra#hic al"orith<M 5
*i1te3 *i1te3 *i1te3 *i1te3 in in in in D DD D!able6 !able6 !able6 !able6 Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic o#eration o#eration o#eration o#eration
La11i"n<ent5 cr#to"ra#hic ;e 1ize1M 5
La11i"n<ent5 li1t of cr#to"ra#hic o#erationM 5
:e#en3encie1 5 A:BS)!C/1 or A:BS)!C/2 or ACSSC&M/1 $ACSSC&M/1 $ onl a #art of e2ent1%%.
ACSSC&M/F $(/A%

!able !able !able !able 6 66 6 Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic '#eration '#eration '#eration '#eration5 5 5 5 0elation 0elation 0elation 0elation of of of of Al"orith< Al"orith< Al"orith< Al"orith<- -- -&e &e &e &e 1ize1 1ize1 1ize1 1ize1- -- -Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic Cr#to"ra#hic '#eration '#eration '#eration '#eration
*i1t of
1tan3ar31
Cr#to"ra#hic
Al"orith<
Cr#to"ra#hic
;e 1ize1
Content1 of Cr#to"ra#hic o#eration

A)B A)B A)B A)BS SS S BU+ BU+ BU+ BU+ 1 11 1=R =R =R =R A,S A,S A,S A,S - -- - 127 127 127 127 bit1 bit1 bit1 bit1
- -- - 1=2 1=2 1=2 1=2 bit1 bit1 bit1 bit1
- -- - 256 256 256 256 bit1 bit1 bit1 bit1
,ncr#tion ,ncr#tion ,ncr#tion ,ncr#tion of of of of S/ S/ S/ S/M)M, M)M, M)M, M)M, tran1<i11ion tran1<i11ion tran1<i11ion tran1<i11ion 3ata 3ata 3ata 3ata
SB700 SB700 SB700 SB700- -- -6R 6R 6R 6R 6 66 6- -- -& && &e e e e- -- -!ri#le !ri#le !ri#le !ri#le- -- -:,S :,S :,S :,S - -- - 167 167 167 167 bit1 bit1 bit1 bit1 ,ncr#tion ,ncr#tion ,ncr#tion ,ncr#tion of of of of S/ S/ S/ S/M)M, M)M, M)M, M)M, tran1<i11ion tran1<i11ion tran1<i11ion tran1<i11ion 3ata 3ata 3ata 3ata
A)BS A)BS A)BS A)BS 176 176 176 176- -- -2 22 2 0SA 0SA 0SA 0SA - -- - 102F 102F 102F 102F bit1 bit1 bit1 bit1
- -- - 20F7 20F7 20F7 20F7 bit1 bit1 bit1 bit1
- -- - 60R2 60R2 60R2 60R2 bit1 bit1 bit1 bit1
- -- - F0=6 F0=6 F0=6 F0=6 bit1 bit1 bit1 bit1
,ncr#tion ,ncr#tion ,ncr#tion ,ncr#tion of of of of cr#to"ra#hic cr#to"ra#hic cr#to"ra#hic cr#to"ra#hic ;e ;e ;e ;e to to to to e ee encr#t ncr#t ncr#t ncr#t
S/ S/ S/ S/M)M, M)M, M)M, M)M, tran1<i11ion tran1<i11ion tran1<i11ion tran1<i11ion 3ata 3ata 3ata 3ata


38 / 112

6/1/1/2/ 6/1/1/2/ 6/1/1/2/ 6/1/1/2/ U1er :ata Brotection

FDP_ACC.1[1] Sub1et Sub1et Sub1et Sub1et acce11 acce11 acce11 acce11 control control control control
FDP_ACC.1.1[1]
!he !SA 1hall enforce the La11i"n<ent5 acce11 control SABM on La11i"n<ent5 li1t of 1ubHect1. obHect1. an3
o#eration1 a<on" 1ubHect1 an3 obHect1 co2ere3 b the SABM/
La11i"n<ent5 li1t of 1ubHect1. obHect1. an3 o#eration1 a<on" 1ubHect1 an3 obHect1 co2ere3 b the SABM 5
*i1te3 *i1te3 *i1te3 *i1te3 in in in in D DD D!able !able !able !ableF FF F U1er U1er U1er U1er bo@ bo@ bo@ bo@ acce11 acce11 acce11 acce11 control control control control o#erational o#erational o#erational o#erational li1t li1t li1t li1t D DD D
La11i"n<ent5 acce11 control SABM 5
U1er U1er U1er U1er +o@ +o@ +o@ +o@ acce11 acce11 acce11 acce11 control control control control
:e#en3encie1 5 A:BSACA/1 $A:BSACA/1L1M%

!able !able !able !able F FF F U1er U1er U1er U1er +o@ +o@ +o@ +o@ Acce11 Acce11 Acce11 Acce11 Control Control Control Control5 5 5 5 '#erational '#erational '#erational '#erational *i1t *i1t *i1t *i1t
SubHect 'bHect '#erational *i1t
U1er U1er U1er U1er +o@ +o@ +o@ +o@ - -- - *i1t *i1t *i1t *i1t A AA A ta1; ta1; ta1; ta1; to to to to act act act act for for for for a aa a u1er u1er u1er u1er
U1er U1er U1er U1er +o@ +o@ +o@ +o@ Aile Aile Aile Aile - -- - Brint Brint Brint Brint
- -- - !ran1<i11ion !ran1<i11ion !ran1<i11ion !ran1<i11ion $, $, $, $,- -- -<ail <ail <ail <ail tran1<i11ion. tran1<i11ion. tran1<i11ion. tran1<i11ion. A!B A!B A!B A!B tran1<i11ion. tran1<i11ion. tran1<i11ion. tran1<i11ion.
SM+ SM+ SM+ SM+ tran1<i11ion tran1<i11ion tran1<i11ion tran1<i11ion. .. . AAC AAC AAC AAC tran1<i11ion tran1<i11ion tran1<i11ion tran1<i11ion an3 an3 an3 an3 Web:A4 Web:A4 Web:A4 Web:A4
tran1<i11ion tran1<i11ion tran1<i11ion tran1<i11ion% %% %
- -- - :ownloa3 :ownloa3 :ownloa3 :ownloa3
- -- - Mo2e Mo2e Mo2e Mo2e to to to to other other other other u1er u1er u1er u1er bo@e1 bo@e1 bo@e1 bo@e1
- -- - Co# Co# Co# Co# to to to to other other other other u1er u1er u1er u1er bo@e1 bo@e1 bo@e1 bo@e1
- -- - Co# to Co# to Co# to Co# to e@ternal e@ternal e@ternal e@ternal <e<or <e<or <e<or <e<or
- -- - +ac;u# +ac;u# +ac;u# +ac;u#

FDP_ACC.1.1[2]
*i1te3 *i1te3 *i1te3 *i1te3 in in in in D DD D!able !able !able !able 5 55 5 Secure Secure Secure Secure #rint #rint #rint #rint file file file file acce11 acce11 acce11 acce11 control control control control o#erational o#erational o#erational o#erational li1 li1 li1 li1t tt tD DD D
Secure Secure Secure Secure #rint #rint #rint #rint fi fi fi file le le le acce11 acce11 acce11 acce11 control control control control

!able !able !able !able 5 55 5 Secure Secure Secure Secure Brint Brint Brint Brint Aile Aile Aile Aile Acce11 Acce11 Acce11 Acce11 Control5 Control5 Control5 Control5 '#erational '#erational '#erational '#erational *i1t *i1t *i1t *i1t
SubHect 'bHect '#erational li1t
A AA A ta1; ta1; ta1; ta1; to to to to act act act act for for for for a aa a u1er u1er u1er u1er Secure Secure Secure Secure Brin Brin Brin Brint tt t Aile Aile Aile Aile - -- - *i1t *i1t *i1t *i1t
- -- - Brint Brint Brint Brint
- -- - +ac; +ac; +ac; +ac;- -- -U UU U# ## #

FDP_ACC.1.1[3]

39 / 112
*i1te3 *i1te3 *i1te3 *i1te3 in in in in D DD D!able6 !able6 !able6 !able6 Settin" Settin" Settin" Settin" <ana"e<ent <ana"e<ent <ana"e<ent <ana"e<ent acce11 acce11 acce11 acce11 control control control control o#erational o#erational o#erational o#erational li1t li1t li1t li1tD DD D
Settin" Settin" Settin" Settin" <ana"e<ent <ana"e<ent <ana"e<ent <ana"e<ent acce11 acce11 acce11 acce11 control control control control

!able !able !able !able 6 66 6 Settin" Settin" Settin" Settin" Mana"e<ent Mana"e<ent Mana"e<ent Mana"e<ent Acce11 Acce11 Acce11 Acce11 Control Control Control Control5 55 5 '#erational '#erational '#erational '#erational *i1t *i1t *i1t *i1t
A AA A ta1; ta1; ta1; ta1; to to to to act act act act for for for for a aa a u1er u1er u1er u1er - -- - SM!B SM!B SM!B SM!B Ser2er Ser2er Ser2er Ser2er Grou# Grou# Grou# Grou# 'bHect 'bHect 'bHect 'bHect
- -- - :(S :(S :(S :(S Ser2er Ser2er Ser2er Ser2er Grou# Grou# Grou# Grou# 'bHect 'bHect 'bHect 'bHect
- -- - MAB MAB MAB MAB A33re11 A33re11 A33re11 A33re11 Grou# Grou# Grou# Grou# 'bHect 'bHect 'bHect 'bHect
7 77 7

- -- - BC BC BC BC- -- -AAC AAC AAC AAC rece#tion rece#tion rece#tion rece#tion 1ettin" 1ettin" 1ettin" 1ettin" 'bHect 'bHect 'bHect 'bHect
- -- - !ran1< !ran1< !ran1< !ran1<i11ion A33re11 i11ion A33re11 i11ion A33re11 i11ion A33re11 :ata 'bHect :ata 'bHect :ata 'bHect :ata 'bHect
- -- - Settin"1 Settin"1 Settin"1 Settin"1
- -- - 0e1tore 0e1tore 0e1tore 0e1tore

FDP_ACC.1[4] Sub1et acce11 control Sub1et acce11 control Sub1et acce11 control Sub1et acce11 control
FDP_ACC.1.1[4]
o#eration1 a<on" 1ubHect1 an3 obHect1 co2ere3 b SABM/
La11i"n<ent5 li1t of 1ubHect1. obHect1. an3 o#eration1 a<on" 1ubHect1 an3 obHect1 co2ere3 b SABM 5
*i1te3 in *i1te3 in *i1te3 in *i1te3 in D DD D!ableR !ableR !ableR !ableR ): N #rint ): N #rint ): N #rint ): N #rint file file file file A AA Acce11 cce11 cce11 cce11 C CC Control o#erational li1t ontrol o#erational li1t ontrol o#erational li1t ontrol o#erational li1tD DD D
): N #rint ): N #rint ): N #rint ): N #rint file acce11 control file acce11 control file acce11 control file acce11 control
:e#en3encie1 5 A:BSACA/1 $A:BSACA/1LFM%

!able !able !able !able R RR R ): N ): N ): N ): N B BB Brint rint rint rint file file file file Acce11 Control5 '#erational *i1t Acce11 Control5 '#erational *i1t Acce11 Control5 '#erational *i1t Acce11 Control5 '#erational *i1t
A ta1; to act for a u1er A ta1; to act for a u1er A ta1; to act for a u1er A ta1; to act for a u1er ): N #rint ): N #rint ): N #rint ): N #rint Aile Aile Aile Aile - -- - *i1t *i1t *i1t *i1t
- -- - Brint Brint Brint Brint
- -- - + ++ +ac;u# ac;u# ac;u# ac;u#

FDP_ACF.1[1] Securit Securit Securit Securit attribute attribute attribute attribute ba1e3 ba1e3 ba1e3 ba1e3 acce11 acce11 acce11 acce11 control control control control
FDP_ACF.1.1[1]
!he !SA 1hall enforce the La11i"n<ent5 acce11 control SABM to obHect1 ba1e3 on the followin"5 La11i"n<ent5
li1t of 1ubHect1 an3 obHect1 controlle3 un3er the in3icate3 SAB. an3 for each. the SAB-rele2ant 1ecurit
attribute1. or na<e3 "rou#1 of SAB-rele2ant 1ecurit attribute1M/
La11i"n<ent5 li1t of 1ubHect1 an3 obHect1 controlle3 un3er the in3icate3 SAB. an3 for each. the
SAB-rele2ant 1ecurit attribute1. or na<e3 "rou#1 of SAB-rele2ant 1ecurit attribute1M 5
8 88 8SubHect SubHect SubHect SubHect9 99 9 8 88 8SubHect SubHect SubHect SubHect attribute1 attribute1 attribute1 attribute19 99 9
- -- - A AA A ta1; ta1; ta1; ta1; to to to to act act act act for for for for a aa a u1er u1er u1er u1er - -- - U1er U1er U1er U1er Attribute Attribute Attribute Attribute $ $$ $U1er U1er U1er U1er ): ): ): ):% %% %
- -- - Account Account Account Account (a<e (a<e (a<e (a<e $Account $Account $Account $Account ):% ):% ):% ):%
- -- - U1er U1er U1er U1er +o@ +o@ +o@ +o@ Attribute Attribute Attribute Attribute $ $$ $U1er U1er U1er U1er +o@ +o@ +o@ +o@ ): ): ): ):% %% %
- -- - A3<ini1trator A3<ini1trator A3<ini1trator A3<ini1trator Attribute Attribute Attribute Attribute
- -- ---------------------------------------------------------------------------------------------------------------------------------------------- --------------------------------------------------------------------------------------------------------------------------------------------- --------------------------------------------------------------------------------------------------------------------------------------------- ---------------------------------------------------------------------------------------------------------------------------------------------
8 88 8'bHect 'bHect 'bHect 'bHect9 99 9 8 88 8'bHect 'bHect 'bHect 'bHect attribute1 attribute1 attribute1 attribute19 99 9
- -- - U1er U1er U1er U1er +o@ +o@ +o@ +o@ - -- - U1er U1er U1er U1er Attribute Attribute Attribute Attribute $ $$ $U1er U1er U1er U1er ): ): ): ): or or or or Bublic Bublic Bublic Bublic or or or or Account Account Account Account ): ): ): ):% %% %
- -- - U1er U1er U1er U1er +o@ +o@ +o@ +o@ Aile Aile Aile Aile - -- - U1er U1er U1er U1er +o@ +o@ +o@ +o@ Attribute Attribute Attribute Attribute $ $$ $U1er U1er U1er U1er +o@ +o@ +o@ +o@ ): ): ): ):% %% %

8
!he MAB a33re11 "rou# obHect i1 a 1erie1 of 3ata concernin" the a33re11 of the <ain bo3 of MAB 1uch a1 )B
a33re11 an3 the A##letal; #rinter na<e/

40 / 112
U1er U1er U1er U1er +o@ +o@ +o@ +o@ acce11 acce11 acce11 acce11 control control control control
FDP_ACF.1.2[1]
!he !SA 1hall enforce the followin" rule1 to 3eter<ine if an o#eration a<on" controlle3 1ubHect1 an3
controlle3 obHect1 i1 allowe35 La11i"n<ent5 rule1 "o2ernin" acce11 a<on" controlle3 1ubHect1 an3
controlle3 obHect1 u1in" controlle3 o#eration1 on controlle3 obHect1M/
La11i"n<ent5 rule1 "o2ernin" acce11 a<on" controlle3 1ubHect1 an3 controlle3 obHect1 u1in" controlle3
o#eration1 on controlle3 obHect1M 5
8 88 8'#eration '#eration '#eration '#eration control control control control to to to to B BB Ber1onal er1onal er1onal er1onal u1er u1er u1er u1er bo@ bo@ bo@ bo@9 99 9
A AA A ta1; ta1; ta1; ta1; to to to to act act act act for for for for a aa a u1er u1er u1er u1er i1 i1 i1 i1 #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to 3o 3o 3o 3o the the the the li1t li1t li1t li1t 3i1#la 3i1#la 3i1#la 3i1#la o#eration o#eration o#eration o#eration to to to to the the the the u1er u1er u1er u1er bo@ bo@ bo@ bo@ with with with with the the the the u1er u1er u1er u1er
attribute attribute attribute attribute of of of of an an an an obHect obHect obHect obHect attribute attribute attribute attribute corre1#on3in" corre1#on3in" corre1#on3in" corre1#on3in" to to to to the the the the u1er u1er u1er u1er attribute attribute attribute attribute $u1 $u1 $u1 $u1er er er er ):% ):% ):% ):% of of of of the the the the 1ubHect 1ubHect 1ubHect 1ubHect attribute/ attribute/ attribute/ attribute/

8 88 8'#eration '#eration '#eration '#eration control control control control to to to to Grou# Grou# Grou# Grou# u1er u1er u1er u1er bo@ bo@ bo@ bo@9 99 9
A AA A ta1; ta1; ta1; ta1; to to to to act act act act for for for for a aa a u1er u1er u1er u1er i1 i1 i1 i1 #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to 3o 3o 3o 3o the the the the li1t li1t li1t li1t 3i1#la 3i1#la 3i1#la 3i1#la o#eration o#eration o#eration o#eration to to to to the the the the u1er u1er u1er u1er bo@ bo@ bo@ bo@ with with with with the the the the Account Account Account Account
(a<e (a<e (a<e (a<e of of of of an an an an ob ob ob obHect Hect Hect Hect attribute attribute attribute attribute corre1#on3in" corre1#on3in" corre1#on3in" corre1#on3in" to to to to the the the the Account Account Account Account (a<e (a<e (a<e (a<e $ $$ $account account account account ):% ):% ):% ):% of of of of the the the the 1ubHect 1ubHect 1ubHect 1ubHect attribute/ attribute/ attribute/ attribute/

8 88 8'#eration '#eration '#eration '#eration control control control control to to to to Bublic Bublic Bublic Bublic u1er u1er u1er u1er bo@ bo@ bo@ bo@9 99 9
A AA A ta1; ta1; ta1; ta1; to to to to act act act act for for for for the the the the u1er u1er u1er u1er who who who who i1 i1 i1 i1 relate3 relate3 relate3 relate3 to to to to the the the the u1er u1er u1er u1er attribute attribute attribute attribute $u1er $u1er $u1er $u1er ):% ):% ):% ):% i1 i1 i1 i1 #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to 3o 3o 3o 3o the the the the li1t li1t li1t li1t
3i1#la 3i1#la 3i1#la 3i1#la o#eration o#eration o#eration o#eration to to to to the the the the u1er u1er u1er u1er bo@ bo@ bo@ bo@ where where where where D DD DBublic Bublic Bublic BublicD DD D i1 i1 i1 i1 1et 1et 1et 1et to to to to the the the the u1er u1er u1er u1er attribute attribute attribute attribute1 11 1 of of of of the the the the obH obH obH obHect ect ect ect attribute/ attribute/ attribute/ attribute/

8 88 8'#erational '#erational '#erational '#erational control control control control to to to to U1er U1er U1er U1er bo@ bo@ bo@ bo@ file file file file9 99 9
A AA A ta1; ta1; ta1; ta1; to to to to act act act act for for for for a aa a u1er u1er u1er u1er i1 i1 i1 i1 #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to #rint #rint #rint #rint. .. . tran1<it tran1<it tran1<it tran1<it $, $, $, $,- -- -<ail <ail <ail <ail tran1<i11ion. tran1<i11ion. tran1<i11ion. tran1<i11ion. A!B A!B A!B A!B tran1<i11ion. tran1<i11ion. tran1<i11ion. tran1<i11ion. SM+ SM+ SM+ SM+
tran1<i11ion tran1<i11ion tran1<i11ion tran1<i11ion. .. . AAC AAC AAC AAC tran1<i11ion tran1<i11ion tran1<i11ion tran1<i11ion an3 an3 an3 an3 Web:A4 Web:A4 Web:A4 Web:A4 tran1<i11ion tran1<i11ion tran1<i11ion tran1<i11ion%. %. %. %. 3ownloa3. 3ownloa3. 3ownloa3. 3ownloa3. <o2e <o2e <o2e <o2e to to to to other other other other u1er u1er u1er u1er bo@e1 bo@e1 bo@e1 bo@e1. .. .
co# co# co# co# to to to to the the the the other other other other u1er u1er u1er u1er bo@e1 bo@e1 bo@e1 bo@e1 an3 co# to an3 co# to an3 co# to an3 co# to e@ternal e@ternal e@ternal e@ternal <e<or <e<or <e<or <e<or. .. . to to to to the the the the u1er u1er u1er u1er bo@ bo@ bo@ bo@ file file file file that that that that ha2e ha2e ha2e ha2e the the the the <atche3 <atche3 <atche3 <atche3
the the the the u1er u1er u1er u1er bo@ bo@ bo@ bo@ attribute attribute attribute attribute $u1er $u1er $u1er $u1er bo@ bo@ bo@ bo@ ):% ):% ):% ):% of of of of the the the the obHect obHect obHect obHect attribute attribute attribute attribute with with with with the the the the u1er u1er u1er u1er bo@ bo@ bo@ bo@ attribute attribute attribute attribute of of of of the the the the 1ubHect 1ubHect 1ubHect 1ubHect
attribute/ attribute/ attribute/ attribute/

FDP_ACF.1.3[1]
!he !SA 1hall e@#licitl authori1e acce11 of 1ubHect1 to obHect1 ba1e3 on the followin" a33itional rule15
La11i"n<ent5 rule1. ba1e3 on 1ecurit attribute1. that e@#licitl authori1e acce11 of 1ubHect1 to obHect1M/
La11i"n<ent5 rule1. ba1e3 on 1ecurit attribute1. that e@#licitl authori1e acce11 of 1ubHect1 to obHect1M 5
- -- - A AA A ta1; ta1; ta1; ta1; to to to to act act act act for for for for the the the the u1er u1er u1er u1er that that that that ha1 ha1 ha1 ha1 an an an an a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator attribute attribute attribute attribute i1 i1 i1 i1 #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to o#erate o#erate o#erate o#erate 3i1#lain" 3i1#lain" 3i1#lain" 3i1#lain" of of of of u1er u1er u1er u1er
bo@ bo@ bo@ bo@ li1t/ li1t/ li1t/ li1t/
- -- - A AA A ta1; ta1; ta1; ta1; to to to to act act act act for for for for the the the the u1er u1er u1er u1er that that that that ha1 ha1 ha1 ha1 an an an an a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator attribute attribute attribute attribute i1 i1 i1 i1 #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to o#erate o#erate o#erate o#erate the the the the bac; bac; bac; bac;- -- -u# u# u# u# the the the the
u1er u1er u1er u1er bo@ bo@ bo@ bo@ file file file file/ // /
FDP_ACF.1.4[1]
!he !SA 1hall e@#licitl 3en acce11 of 1ubHect1 to obHect1 ba1e3 on the followin" a33itional rule15
La11i"n<ent5 rule1. ba1e3 on 1ecurit attribute1 that e@#licitl 3en acce11 of 1ubHect1 to obHect1M/
La11i"n<ent5 rule1. ba1e3 on 1ecurit attribute1. that e@#licitl 3en acce11 of 1ubHect1 to obHect1M 5
(one (one (one (one
:e#en3encie1 5 A:BSACC/1 $A:BSACC/1L1M% . AM!SMSA/6 $AM!SMSA/6L1M. AM!SMSA/6L6M%

FDP_ACF.1[2] Securi Securi Securi Securit t t t attribute attribute attribute attribute ba1e3 ba1e3 ba1e3 ba1e3 acce11 acce11 acce11 acce11 control control control control
FDP_ACF.1.1[2]
La11i"n<ent5 li1t of 1ubHect1 an3 obHect1 controlle3 un3er the in3icate3 SAB. an3 for each. the SAB-rele2ant
1ecurit attribute1. or na<e3 "rou#1 of SAB-rele2ant 1ecurit attribute1M 5
- -- - A ta1; to act for a u1er A ta1; to act for a u1er A ta1; to act for a u1er A ta1; to act for a u1er - -- - Aile Aile Aile Aile attribute1 attribute1 attribute1 attribute1 $ $$ $Secure Secure Secure Secure #rint #rint #rint #rint internal internal internal internal control control control control ): ): ): ):% %% %
- -- - U1er U1er U1er U1er attribute1 attribute1 attribute1 attribute1 $ $$ $U1er U1er U1er U1er ): ): ): ):% %% %
- -- - A3<ini1trator A3<ini1trator A3<ini1trator A3<ini1trator attribute1 attribute1 attribute1 attribute1
---------------------------------------------------- ---------------------------------------------------- ---------------------------------------------------- ---------------------------------------------------------------------------------------------------------------------------------------------- ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------
8 88 8'bHect 'bHect 'bHect 'bHect9 99 9 8 88 8'bHect 'bHect 'bHect 'bHect attribute1 attribute1 attribute1 attribute19 99 9
- -- - Secure Secure Secure Secure #rint #rint #rint #rint file file file file - -- - Aile Aile Aile Aile attribute1 attribute1 attribute1 attribute1 $ $$ $Secure Secure Secure Secure #rint #rint #rint #rint internal internal internal internal control control control control ): ): ): ):% %% %

41 / 112
Secure Secure Secure Secure #rint #rint #rint #rint file file file file acce11 acce11 acce11 acce11 control control control control
FDP_ACF.1.2[2]
controlle3 obHect1 i1 allowe35 La11i"n<ent5 rule1 "o2ernin" acce11 a<on" controlle3 1ubHect1 an3 controlle3
obHect1 u1in" controlle3 o#eration1 on controlle3 obHect1M/
- -- - A AA A ta1; ta1; ta1; ta1; to to to to act act act act for for for for a aa a u1er u1er u1er u1er who who who who ha1 ha1 ha1 ha1 a aa a u1er u1er u1er u1er attribute attribute attribute attribute $u1er $u1er $u1er $u1er ):% ):% ):% ):% i1 i1 i1 i1 #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to 3i1#la 3i1#la 3i1#la 3i1#la the the the the li1t li1t li1t li1t of of of of all all all all the the the the 1ecure 1ecure 1ecure 1ecure
#rint #rint #rint #rint file1/ file1/ file1/ file1/
- -- - A AA A ta1; ta1; ta1; ta1; to to to to act act act act for for for for a aa a u1er u1er u1er u1er who who who who ha1 ha1 ha1 ha1 the the the the file file file file attribute attribute attribute attribute $the $the $the $the 1ecure 1ecure 1ecure 1ecure #rint #rint #rint #rint internal internal internal internal control control control control ):% ):% ):% ):% i1 i1 i1 i1 #er<itte3 #er<itte3 #er<itte3 #er<itte3 the the the the
#rint #rint #rint #rint o#eration o#eration o#eration o#eration to to to to the the the the 1ecure 1ecure 1ecure 1ecure #rint #rint #rint #rint file file file file that that that that ha1 ha1 ha1 ha1 <atch <atch <atch <atche3 e3 e3 e3 the the the the file file file file attribute attribute attribute attribute $ $$ $1ecure 1ecure 1ecure 1ecure #rint #rint #rint #rint internal internal internal internal control control control control
):% ):% ):% ):% with with with with the the the the file file file file attribute attribute attribute attribute $1ecure $1ecure $1ecure $1ecure #rint #rint #rint #rint internal internal internal internal control control control control ):%/ ):%/ ):%/ ):%/
FDP_ACF.1.3[2]
A AA A ta1; ta1; ta1; ta1; to to to to act act act act for for for for a aa a u1er u1er u1er u1er who who who who ha1 ha1 ha1 ha1 an an an an a3<ini1trato a3<ini1trato a3<ini1trato a3<ini1trator rr r attribute attribute attribute attribute i1 i1 i1 i1 #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to bac; bac; bac; bac; u# u# u# u# 1ecure 1ecure 1ecure 1ecure #rint #rint #rint #rint file/ file/ file/ file/
FDP_ACF.1.4[2]
La11i"n<ent5 rule1. ba1e3 on 1ecurit attribute1. that e@#licitl 3en acce11 of 1ubHect1 to obHect1M/
(one (one (one (one
:e#en3encie1 5 A:BSACC/1 $A:BSACC/1L2M% . AM!SMSA/6 $AM!SMSA/6L2M%

FDP_ACF.1[3] Securit Securit Securit Securit attribute attribute attribute attribute ba1e3 ba1e3 ba1e3 ba1e3 acce11 acce11 acce11 acce11 control control control control
FDP_ACF.1.1[3]
La11i"n<ent5 li1t of 1ubHect1 an3 obHect1 controlle3 un3er the in3icate3 SAB. an3 for each. the
- -- - A ta1; to act for a u1er A ta1; to act for a u1er A ta1; to act for a u1er A ta1; to act for a u1er - -- - A3<ini1trator A3<ini1trator A3<ini1trator A3<ini1trator attribute1 attribute1 attribute1 attribute1
----------------------------------------------------------------------------------------------------------------------- ----------------------------------------------------------------------------------------------------------------------- ----------------------------------------------------------------------------------------------------------------------- ---------------------------------------------------------------------------------------------------------------------------------------------- ----------------------- ----------------------- -----------------------
8 88 8'bHect 'bHect 'bHect 'bHect9 99 9
- -- - SM!B SM!B SM!B SM!B 1er2er 1er2er 1er2er 1er2er "rou# "rou# "rou# "rou# obHect obHect obHect obHect
- -- - :(S :(S :(S :(S 1er2er 1er2er 1er2er 1er2er "rou# "rou# "rou# "rou# obHect obHect obHect obHect
- -- - MAB MAB MAB MAB a33re11 a33re11 a33re11 a33re11 "rou# "rou# "rou# "rou# obHect obHect obHect obHect
- -- - BC BC BC BC- -- -AAC AAC AAC AAC rece#tion rece#tion rece#tion rece#tion 1ettin" 1ettin" 1ettin" 1ettin" obHect obHect obHect obHect
- -- - !ran1<i11ion A33re11 !ran1<i11ion A33re11 !ran1<i11ion A33re11 !ran1<i11ion A33re11 3ata obHect 3ata obHect 3ata obHect 3ata obHect

K KK K (o (o (o (o 'bHect 'bHect 'bHect 'bHect Attribute Attribute Attribute Attribute
Settin" Settin" Settin" Settin" <ana" <ana" <ana" <ana"e<ent e<ent e<ent e<ent acce11 acce11 acce11 acce11 control control control control
FDP_ACF.1.2[3]
- -- - A AA A ta1; ta1; ta1; ta1; act act act act for for for for a aa a u1er u1er u1er u1er who who who who ha1 ha1 ha1 ha1 a aa a a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator attribute attribute attribute attribute i1 i1 i1 i1 #er<itte3 #er<itte3 #er<itte3 #er<itte3 t tt to oo o 1et 1et 1et 1et the the the the SM!B SM!B SM!B SM!B 1er2er 1er2er 1er2er 1er2er "rou# "rou# "rou# "rou#
obHec obHec obHec obHect. t. t. t. the the the the :(S :(S :(S :(S 1er2er 1er2er 1er2er 1er2er "rou# "rou# "rou# "rou# obHect obHect obHect obHect. .. . the the the the MAB MAB MAB MAB a33re11 a33re11 a33re11 a33re11 "rou# "rou# "rou# "rou# obHect obHect obHect obHect. .. . the the the the BC BC BC BC- -- -AAC AAC AAC AAC rece#tion rece#tion rece#tion rece#tion 1ettin" 1ettin" 1ettin" 1ettin"
obHect obHect obHect obHect. .. . an3 the tran1<i11ion a33re11 an3 the tran1<i11ion a33re11 an3 the tran1<i11ion a33re11 an3 the tran1<i11ion a33re11 3ata obHect 3ata obHect 3ata obHect 3ata obHect an3 an3 an3 an3 to to to to o#erate o#erate o#erate o#erate the the the the re1toration re1toration re1toration re1toration/ // /
FDP_ACF.1.3[3]

42 / 112
(one (one (one (one
FDP_ACF.1.4[3]
(one (one (one (one
:e#en3encie1 5 A:BSACC/1 $A:BSACC/1L6M% . AM!SMSA/6 $(/A%

FDP_ACF.1[4] Securit attribute ba1e3 acce11 control Securit attribute ba1e3 acce11 control Securit attribute ba1e3 acce11 control Securit attribute ba1e3 acce11 control
FDP_ACF.1.1[4]
li1t of the 1ubHect1 an3 obHect1 controlle3 un3er the in3icate3 SAB. an3 for each. SAB-rele2ant 1ecurit
La11i"n<ent5 li1t of the 1ubHect1 an3 obHect1 controlle3 un3er the in3icate3 SAB. an3 for each.
8SubHect9 8SubHect9 8SubHect9 8SubHect9 8SubHect attribute19 8SubHect attribute19 8SubHect attribute19 8SubHect attribute19
- -- - A ta1; to act for a u1er A ta1; to act for a u1er A ta1; to act for a u1er A ta1; to act for a u1er - -- - U1er attribute1 $u1er ):% U1er attribute1 $u1er ):% U1er attribute1 $u1er ):% U1er attribute1 $u1er ):%
- -- - A3<ini1trator attribute1 A3<ini1trator attribute1 A3<ini1trator attribute1 A3<ini1trator attribute1
------------------------------------------------------------ ------------------------------------------------------------ ------------------------------------------------------------ ---------------------------------------------------------------------------------------------------------------------------------------------- ---------------------------------------------------------------------------------- ---------------------------------------------------------------------------------- ----------------------------------------------------------------------------------
8'bHect9 8'bHect9 8'bHect9 8'bHect9 8'bHect attribute19 8'bHect attribute19 8'bHect attribute19 8'bHect attribute19
- -- - ): N #rint ): N #rint ): N #rint ): N #rint file file file file - -- - U1er attribute1 $u1er ):% U1er attribute1 $u1er ):% U1er attribute1 $u1er ):% U1er attribute1 $u1er ):%

): N #rint ): N #rint ): N #rint ): N #rint file acc file acc file acc file acce11 e11 e11 e11 control control control control
FDP_ACF.1.2[4]
La11i"n<ent5 rule1 "o2ernin" acce11 u1e3 for controlle3 o#eration1 to controlle3 obHect1 a<on" controlle3
1ubHect1 an3 controlle3 obHect1M 5
- -- - A ta1; A ta1; A ta1; A ta1; to act to act to act to act for for for for a u1er a u1er a u1er a u1er i1 #er<itte3 t i1 #er<itte3 t i1 #er<itte3 t i1 #er<itte3 to o o o li1t an3 #rint li1t an3 #rint li1t an3 #rint li1t an3 #rint the the the the ): N ): N ): N ): N #rint #rint #rint #rint file who1e u1er attribute1 of the file who1e u1er attribute1 of the file who1e u1er attribute1 of the file who1e u1er attribute1 of the
obHect attribute1 obHect attribute1 obHect attribute1 obHect attribute1 are eIual to are eIual to are eIual to are eIual to tho1e of the 1ubHect attribute1 $u1er ):% tho1e of the 1ubHect attribute1 $u1er ):% tho1e of the 1ubHect attribute1 $u1er ):% tho1e of the 1ubHect attribute1 $u1er ):%/ // /
FDP_ACF.1.3[4]
!he !SA 1hall e@#licitl authori1e acce11 of 1ubHect1 to obHect1 ba1e3 on the followin" 1u##le<ental rule15
A ta1; A ta1; A ta1; A ta1; to act to act to act to act for a u1er with the a3<ini1trator a for a u1er with the a3<ini1trator a for a u1er with the a3<ini1trator a for a u1er with the a3<ini1trator attribute1 i1 #er<itte3 to bac; u# ttribute1 i1 #er<itte3 to bac; u# ttribute1 i1 #er<itte3 to bac; u# ttribute1 i1 #er<itte3 to bac; u# ): N #rint ): N #rint ): N #rint ): N #rint file file file file1 11 1/ // /
FDP_ACF.1.4[4]
(one (one (one (one
:e#en3encie1 5 A:BSACC/1 $A:BSACC/1LFM% . AM!SMSA/6 $AM!SMSA/6LFM%

FDP_IFC.1 Sub1et infor<ation flow control Sub1et infor<ation flow control Sub1et infor<ation flow control Sub1et infor<ation flow control
FDP_IFC.1.1
!he !SA 1hall enforce the La11i"n<ent5 infor<ation flow control SABM on La11i"n<ent5 li1t of 1ubHect1.
infor<ation. an3 o#eration1 that cau1e controlle3 infor<ation to flow to an3 fro< controlle3 1ubHect1
co2ere3 b the SABM/

43 / 112
La11i"n<ent5 li1t of 1ubHect1. infor<ation. an3 o#eration1 that cau1e controlle3 infor<ation to flow to an3
fro< controlle3 1ubHect1 co2ere3 b the SABM 5
8SubHect9 8SubHect9 8SubHect9 8SubHect9
- -- - 0ece#tion fro< Aa@ unit 0ece#tion fro< Aa@ unit 0ece#tion fro< Aa@ unit 0ece#tion fro< Aa@ unit
8 88 8) )) )nfor<ation nfor<ation nfor<ation nfor<ation9 99 9
- -- - 0ecei2e3 3ata fro< #ublic 0ecei2e3 3ata fro< #ublic 0ecei2e3 3ata fro< #ublic 0ecei2e3 3ata fro< #ublic line line line line
8 88 8' '' '#eration #eration #eration #eration9 99 9
- -- - Sen3 to internal networ; Sen3 to internal networ; Sen3 to internal networ; Sen3 to internal networ;
La11i"n<ent5 infor<ation flow control SABM 5
Aa@ Aa@ Aa@ Aa@ infor<ation flow control infor<ation flow control infor<ation flow control infor<ation flow control
:e#en3encie1 5 A:BS)AA/1$A:BS)AA/1%

FDP_IFF.1 Si<#le 1ecurit attribute1 Si<#le 1ecurit attribute1 Si<#le 1ecurit attribute1 Si<#le 1ecurit attribute1
FDP_IFF.1.1
!he !SA 1hall enforce the La11i"n<ent5 infor<ation flow control SABM ba1e3 on the followin" t#e1 of
1ubHect an3 infor<ation 1ecurit attribute15 La11i"n<ent5 li1t of 1ubHect1 an3 infor<ation controlle3 un3er
the in3icate3 SAB. an3 for each. the 1ecurit attribute1M/
La11i"n<ent5 infor<ation flow control SABM 5
Aa@ Aa@ Aa@ Aa@ infor<ation flow control infor<ation flow control infor<ation flow control infor<ation flow control
La11i"n<ent5 li1t of 1ubHect1 an3 infor<ation controlle3 un3er the in3icate3 SAB. an3 for each. the
1ecurit attribute1M 5
8SubHect9 8SubHect9 8SubHect9 8SubHect9
- -- - 0ece#tion fro< Aa@ unit 0ece#tion fro< Aa@ unit 0ece#tion fro< Aa@ unit 0ece#tion fro< Aa@ unit
8) 8) 8) 8)nfor<ation nfor<ation nfor<ation nfor<ation9 99 9
- -- - 0ecei2e3 3ata fro< #ublic line 0ecei2e3 3ata fro< #ublic line 0ecei2e3 3ata fro< #ublic line 0ecei2e3 3ata fro< #ublic line
8S 8S 8S 8Securit attribute ecurit attribute ecurit attribute ecurit attribute9 99 9
- -- - )<a"e 3ata attribute )<a"e 3ata attribute )<a"e 3ata attribute )<a"e 3ata attribute
- -- - :ata attribute :ata attribute :ata attribute :ata attribute other than other than other than other than i<a"e 3ata i<a"e 3ata i<a"e 3ata i<a"e 3ata
FDP_IFF.1.2
!he !SA 1hall #er<it an infor<ation flow between a controlle3 1ubHect an3 controlle3 infor<ation 2ia a
controlle3 o#eration if the followin" rule1 hol35 La11i"n<ent5 for each o#eration. the 1ecurit
attribute-ba1e3 relation1hi# that <u1t hol3 between 1ubHect an3 infor<ation 1ecurit attribute1M/
La11i"n<ent5 for each o#eration. the 1ecurit attribute-ba1e3 relation1hi# that <u1t hol3 between 1ubHect
an3 infor<ation 1ecurit attribute1M 5
: :: :oe1 not oe1 not oe1 not oe1 not 1en3 1en3 1en3 1en3 3ata 3ata 3ata 3ata other than other than other than other than i<a"e 3ata recei2e3 fro< AAC unit to internal networ; i<a"e 3ata recei2e3 fro< AAC unit to internal networ; i<a"e 3ata recei2e3 fro< AAC unit to internal networ; i<a"e 3ata recei2e3 fro< AAC unit to internal networ;/ // /
FDP_IFF.1.3
!he !SA 1hall enforce the La11i"n<ent5 a33itional infor<ation flow control SAB rule1M/
La11i"n<ent5 a33itional infor<ation flow control SAB rule1M 5
(one (one (one (one
FDP_IFF.1.4
!he !SA 1hall e@#licitl authori1e an infor<ation flow ba1e3 on the followin" rule15 La11i"n<ent5 rule1.
ba1e3 on 1ecurit attribute1. that e@#licitl authori1e infor<ation flow1M/
La11i"n<ent5 rule1. ba1e3 on 1ecurit attribute1. that e@#licitl authori1e infor<ation flow1M 5
(one (one (one (one
FDP_IFF.1.5
!he !SA 1hall e@#licitl 3en an infor<ation flow ba1e3 on the followin" rule15 La11i"n<ent5 rule1. ba1e3
on 1ecurit attribute1. that e@#licitl 3en infor<ation flow1M/
La11i"n<ent5 rule1. ba1e3 on 1ecurit attribute1. that e@#licitl 3en infor<ation flow1M 5
(one (one (one (one
:e#en3encie1 5 A:BS)AC/1$A:BS)AC/1% . AM!SMSA/6 $(/A%

6/1/1/6/ 6/1/1/6/ 6/1/1/6/ 6/1/1/6/ )3entification an3 Authentication


44 / 112
FIA_AFL.1[1] Authentication Authentication Authentication Authentication failure failure failure failure han3lin" han3lin" han3lin" han3lin"
FIA_AFL.1.1[1]
!he !SA 1hall 3etect when L1election5 La11i"n<ent5 #o1iti2e inte"er nu<berM. an a3<ini1trator
confi"urable #o1iti2e inte"er within La11i"n<ent5 ran"e of acce#table 2alue1MM un1ucce11ful
authentication atte<#t1 occur relate3 to La11i"n<ent5 li1t of authentication e2ent1M/
La11i"n<ent5 li1t of authentication e2ent1M 5
- -- - Authentication Authentication Authentication Authentication for for for for acce11in" acce11in" acce11in" acce11in" the the the the 1er2ice 1er2ice 1er2ice 1er2ice <o3e <o3e <o3e <o3e
- -- - 0e 0e 0e 0e- -- -authentication authentication authentication authentication for for for for chan"in" chan"in" chan"in" chan"in" the the the the C, C, C, C, #a11wor3/ #a11wor3/ #a11wor3/ #a11wor3/
L1election5 La11i"n<ent5 #o1iti2e inte"er nu<berM. an a3<ini1trator confi"urable #o1iti2e inte"er
within La11i"n<ent5 ran"e of acce#table 2alue1MM
La11i"n<ent5 La11i"n<ent5 La11i"n<ent5 La11i"n<ent5 ran"e ran"e ran"e ran"e of of of of acce#table acce#table acce#table acce#table 2alue1M 2alue1M 2alue1M 2alue1M 5 55 5 an an an an a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator confi"urable confi"urable confi"urable confi"urable #o1iti2e #o1iti2e #o1iti2e #o1iti2e inte"er inte"er inte"er inte"er within within within within 1 11 1- -- -6 66 6
FIA_AFL.1.2[1]
When the 3efine3 nu<ber of un1ucce11ful authentication atte<#t1 ha1 been L1election5 <et.
1ur#a11e3M. the !SA 1hall La11i"n<ent5 li1t of action1M/
L1election5 <et. 1ur#a11e3M 5
Met Met Met Met
La11i"n<ent5 li1t of action1M 5
8 88 8Action Action Action Action whe whe whe when nn n it it it it i1 i1 i1 i1 3etecte3 3etecte3 3etecte3 3etecte39 99 9
- -- - *o" *o" *o" *o" off off off off fro< fro< fro< fro< the the the the authentication authentication authentication authentication 1tatu1 1tatu1 1tatu1 1tatu1 of of of of the the the the 1er2ice 1er2ice 1er2ice 1er2ice <o3e <o3e <o3e <o3e if if if if it it it it i1. i1. i1. i1. an3 an3 an3 an3 loc; loc; loc; loc; the the the the a aa authentication uthentication uthentication uthentication
function function function function which which which which u1 u1 u1 u1e1 e1 e1 e1 the the the the C, C, C, C, #a11wor3/ #a11wor3/ #a11wor3/ #a11wor3/
- -- - )f )f )f )f it it it itG GG G1 11 1 not not not not un3er un3er un3er un3er the the the the authentication authentication authentication authentication 1tatu1. 1tatu1. 1tatu1. 1tatu1. loc; loc; loc; loc; the the the the authentication authentication authentication authentication function function function function which which which which u1e1 u1e1 u1e1 u1e1 the the the the C, C, C, C,
#a11 #a11 #a11 #a11wor3/ wor3/ wor3/ wor3/
8 88 8'#eration '#eration '#eration '#eration for for for for reco2erin" reco2erin" reco2erin" reco2erin" the the the the nor<al nor<al nor<al nor<al con3ition con3ition con3ition con3ition9 99 9
Berfor< Berfor< Berfor< Berfor< the the the the loc; loc; loc; loc; relea1e relea1e relea1e relea1e function function function function of of of of C, C, C, C, a aa authentication uthentication uthentication uthentication b b b b 1#ecific 1#ecific 1#ecific 1#ecific o#eration/ o#eration/ o#eration/ o#eration/
$When $When $When $When t tt ti<e i<e i<e i<e 1et in 1et in 1et in 1et in the relea1e ti<e 1ettin" the relea1e ti<e 1ettin" the relea1e ti<e 1ettin" the relea1e ti<e 1ettin" of o#eration #rohibition of o#eration #rohibition of o#eration #rohibition of o#eration #rohibition for for for for C, C, C, C, authentication authentication authentication authentication #a11e3 #a11e3 #a11e3 #a11e3
fro< fro< fro< fro< 1#ecific 1#ecific 1#ecific 1#ecific o#eration. o#eration. o#eration. o#eration. t tt the he he he relea1e relea1e relea1e relea1e #roce11 #roce11 #roce11 #roce11 i1 i1 i1 i1 #erfor<e3/% #erfor<e3/% #erfor<e3/% #erfor<e3/%

:e#en3encie1 5 A)ASUAU/1 $A)ASUAU/2L1M%

FIA_AFL.1.1[2]
- -- - Au Au Au Authentication thentication thentication thentication for for for for acce11in" acce11in" acce11in" acce11in" the the the the a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator <o3e <o3e <o3e <o3e
- -- - 0e 0e 0e 0e- -- -authentication authentication authentication authentication for for for for chan"in" chan"in" chan"in" chan"in" the the the the a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator #a11wor3 #a11wor3 #a11wor3 #a11wor3
within La11i"n<ent5 ran"e of acce#table 2alue1MM 5
L LL La11i"n<ent5 a11i"n<ent5 a11i"n<ent5 a11i"n<ent5 ran"e ran"e ran"e ran"e of of of of acce#table acce#table acce#table acce#table 2alue1 2alue1 2alue1 2alue1M MM M 5 55 5 an an an an a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator confi"urable confi"urable confi"urable confi"urable #o1iti2e #o1iti2e #o1iti2e #o1iti2e inte"er inte"er inte"er inte"er within within within within 1 11 1- -- -6 66 6
FIA_AFL.1.2[2]
Met Met Met Met
8 88 8Action Action Action Action when when when when it it it it i1 i1 i1 i1 3etecte3 3etecte3 3etecte3 3etecte39 99 9
- -- - *o" *o" *o" *o" off off off off fro< fro< fro< fro< the the the the authentication authentication authentication authentication 1tatu1 1tatu1 1tatu1 1tatu1 of of of of the the the the a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator <o3e <o3e <o3e <o3e if if if if it it it it i1. i1. i1. i1. an3 an3 an3 an3 loc; loc; loc; loc; the the the the a aa authentication uthentication uthentication uthentication
function function function function which which which which u1 u1 u1 u1e1 e1 e1 e1 the the the the a3<ini a3<ini a3<ini a3<ini1trator 1trator 1trator 1trator #a11wor3/ #a11wor3/ #a11wor3/ #a11wor3/
- -- - )f )f )f )f it it it itJ JJ J1 11 1 not not not not un3er un3er un3er un3er the the the the authentication authentication authentication authentication 1tatu1. 1tatu1. 1tatu1. 1tatu1. loc; loc; loc; loc; the the the the authentication authentication authentication authentication function function function function which which which which u1e1 u1e1 u1e1 u1e1 the the the the
a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator #a11wor3/ #a11wor3/ #a11wor3/ #a11wor3/
- -- - B BB Berfor< erfor< erfor< erfor< the the the the boot boot boot boot #roce11 #roce11 #roce11 #roce11 of of of of the the the the !',/ !',/ !',/ !',/ $0elea1e $0elea1e $0elea1e $0elea1e # ## #roce11 roce11 roce11 roce11 i1 i1 i1 i1 #erfor<e3 #erfor<e3 #erfor<e3 #erfor<e3 af af af after ter ter ter ti<e 1et in ti<e 1et in ti<e 1et in ti<e 1et in the relea1e ti<e the relea1e ti<e the relea1e ti<e the relea1e ti<e

45 / 112
1ettin" 1ettin" 1ettin" 1ettin" of o#eration #rohibition of o#eration #rohibition of o#eration #rohibition of o#eration #rohibition for for for for A3<ini1trator A3<ini1trator A3<ini1trator A3<ini1trator authentication authentication authentication authentication #a11e3 #a11e3 #a11e3 #a11e3 b b b b the the the the boot boot boot boot #roce11/ #roce11/ #roce11/ #roce11/% %% %


FIA_AFL.1[3] Authentication Authentication Authentication Authentication failure failure failure failure han3 han3 han3 han3lin" lin" lin" lin"
FIA_AFL.1.1[3]
- -- - Authentication Authentication Authentication Authentication for for for for acce11in" acce11in" acce11in" acce11in" the the the the M)+ M)+ M)+ M)+ obHect obHect obHect obHect throu"h throu"h throu"h throu"h S(MB S(MB S(MB S(MB
L LL La11i"n<ent5 a11i"n<ent5 a11i"n<ent5 a11i"n<ent5 ran"e ran"e ran"e ran"e of of of of acce#table acce#table acce#table acce#table 2alue1M 2alue1M 2alue1M 2alue1M 5 55 5 an an an an a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator confi"urable confi"urable confi"urable confi"urable #o1iti2e #o1iti2e #o1iti2e #o1iti2e inte"er inte"er inte"er inte"er within within within within 1 11 1- -- -6 66 6
FIA_AFL.1.2[3]
Met Met Met Met
:en :en :en :en the the the the acce11 acce11 acce11 acce11 to to to to the the the the M)+ M)+ M)+ M)+ obHect obHect obHect obHect an3 an3 an3 an3 loc; loc; loc; loc; the the the the authentication authentication authentication authentication function function function function to to to to u1e u1e u1e u1e S(MB S(MB S(MB S(MB #a11wor3/ #a11wor3/ #a11wor3/ #a11wor3/
8 88 8'#e '#e '#e '#eration ration ration ration for for for for reco2erin" reco2erin" reco2erin" reco2erin" the the the the nor<al nor<al nor<al nor<al con3ition con3ition con3ition con3ition9 99 9
- -- - Berfor< Berfor< Berfor< Berfor< the the the the 3elete 3elete 3elete 3elete function function function function of of of of authentication authentication authentication authentication failure failure failure failure freIuenc freIuenc freIuenc freIuenc offere3 offere3 offere3 offere3 within within within within the the the the a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
<o3e/ <o3e/ <o3e/ <o3e/

FIA_AFL.1[4] Authen Authen Authen Authentication tication tication tication failure failure failure failure han3lin" han3lin" han3lin" han3lin"
FIA_AFL.1.1[4]
- -- - Authentication Authentication Authentication Authentication for for for for acce11in" acce11in" acce11in" acce11in" the the the the !', !', !', !', b b b b u1er u1er u1er u1er
- -- - 0e 0e 0e 0e- -- -authentication when a u1er chan"e1 hi1/her own u1er #a11wor3 authentication when a u1er chan"e1 hi1/her own u1er #a11wor3 authentication when a u1er chan"e1 hi1/her own u1er #a11wor3 authentication when a u1er chan"e1 hi1/her own u1er #a11wor3
within La11i"n<ent5 ran"e of acce#table 2alue1MM 5 55 5
FIA_AFL.1.2[4]
Met Met Met Met
- -- - While While While While authentication authentication authentication authentication i1 i1 i1 i1 #erfor<e3 #erfor<e3 #erfor<e3 #erfor<e3. lo" . lo" . lo" . lo" off off off off fro< fro< fro< fro< the the the the authentication authentication authentication authentication 1tatu1 1tatu1 1tatu1 1tatu1 of of of of the the the the u1er. u1er. u1er. u1er. an3 an3 an3 an3 loc; loc; loc; loc; the the the the
a aa authentication uthentication uthentication uthentication function function function function for for for for the the the the u1er/ u1er/ u1er/ u1er/
- -- - 'therwi1e. loc; the authentication function for 'therwi1e. loc; the authentication function for 'therwi1e. loc; the authentication function for 'therwi1e. loc; the authentication function for u1in" the u1er #a11wor3/ u1in" the u1er #a11wor3/ u1in" the u1er #a11wor3/ u1in" the u1er #a11wor3/
- -- - Berfor< Berfor< Berfor< Berfor< the the the the 3e 3e 3e 3elete lete lete lete function function function function of of of of authentication authentication authentication authentication failure failure failure failure freIuenc freIuenc freIuenc freIuenc offere3 offere3 offere3 offere3 within within within within the the the the a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
<o3e/ <o3e/ <o3e/ <o3e/

46 / 112

FIA_AFL.1.1[5]
Authentication Authentication Authentication Authentication for for for for acce11in" acce11in" acce11in" acce11in" the the the the 1ecure 1ecure 1ecure 1ecure #rint #rint #rint #rint file file file file
La11i La11i La11i La11i"n<ent5 "n<ent5 "n<ent5 "n<ent5 ran"e ran"e ran"e ran"e of of of of acce#table acce#table acce#table acce#table 2alue1M 2alue1M 2alue1M 2alue1M 5 55 5 an an an an a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator confi"urable confi"urable confi"urable confi"urable #o1iti2e #o1iti2e #o1iti2e #o1iti2e inte"er inte"er inte"er inte"er within within within within 1 11 1- -- -6 66 6
FIA_AFL.1.2[5]
Met Met Met Met
:en :en :en :en the the the the acce11 acce11 acce11 acce11 to to to to the the the the 1ecure 1ecure 1ecure 1ecure #rint #rint #rint #rint file file file file an3 an3 an3 an3 loc; loc; loc; loc; the the the the authentication authentication authentication authentication function function function function for for for for the the the the 1ecure 1ecure 1ecure 1ecure #rint #rint #rint #rint file/ file/ file/ file/
8 88 8'#eration '#eration '#eration '#eration for for for for reco2erin" reco2erin" reco2erin" reco2erin" the the the the nor<al nor<al nor<al nor<al con con con con3ition 3ition 3ition 3ition9 99 9
<o3e/ <o3e/ <o3e/ <o3e/

FIA_AFL.1.1[6]
La11i"n<ent5 li1t of authentication e2ent1M/ 5
- -- - Authentication Authentication Authentication Authentication for for for for acce11in" acce11in" acce11in" acce11in" a a a a #ublic #ublic #ublic #ublic u1er u1er u1er u1er bo@ bo@ bo@ bo@
- -- - 0e 0e 0e 0e- -- -authentication wh authentication wh authentication wh authentication when a u1er en a u1er en a u1er en a u1er authorize3 authorize3 authorize3 authorize3 to acce11 to acce11 to acce11 to acce11 a a a a #ublic u1er bo@ chan"e1 the #ublic u1er bo@ chan"e1 the #ublic u1er bo@ chan"e1 the #ublic u1er bo@ chan"e1 the u1er u1er u1er u1er bo@ bo@ bo@ bo@
#a11wor3 of the #ublic u1er bo@ #a11wor3 of the #ublic u1er bo@ #a11wor3 of the #ublic u1er bo@ #a11wor3 of the #ublic u1er bo@
FIA_AFL.1.2[6]
Met Met Met Met
- -- - While While While While authentication i1 authentication i1 authentication i1 authentication i1 #erfor<e3 #erfor<e3 #erfor<e3 #erfor<e3. lo" . lo" . lo" . lo" off off off off fro< fro< fro< fro< the the the the authentication authentication authentication authentication 1tatu1 1tatu1 1tatu1 1tatu1 of of of of the the the the u1er u1er u1er u1er bo@. bo@. bo@. bo@. an3 an3 an3 an3 loc; loc; loc; loc;
the the the the a aa authentication uthentication uthentication uthentication function function function function for for for for the the the the concerne3 concerne3 concerne3 concerne3 u1er u1er u1er u1er bo@/ bo@/ bo@/ bo@/
- -- - 'therwi1e. loc; the authentication function which u1e1 the 'therwi1e. loc; the authentication function which u1e1 the 'therwi1e. loc; the authentication function which u1e1 the 'therwi1e. loc; the authentication function which u1e1 the u1er u1er u1er u1er bo@ bo@ bo@ bo@ #a11wor3/ #a11wor3/ #a11wor3/ #a11wor3/
<o3e/ <o3e/ <o3e/ <o3e/
:e#en3encie1 5 A)ASUAU/1 $A)ASUAU/2LFM%


47 / 112
FIA_AFL.1[7] Authentication Authentication Authentication Authentication fai fai fai failure lure lure lure han3lin" han3lin" han3lin" han3lin"
FIA_AFL.1.1[7]
- -- - Account Account Account Account authentication5 authentication5 authentication5 authentication5 Account Account Account Account authentication authentication authentication authentication when when when when the the the the belon"in" belon"in" belon"in" belon"in" account account account account of of of of the the the the u1er u1er u1er u1er who who who who
acce11e1 acce11e1 acce11e1 acce11e1 in in in in the the the the 1nchronize3 1nchronize3 1nchronize3 1nchronize3 <etho3 <etho3 <etho3 <etho3 i1 i1 i1 i1 not not not not re"i1tere3/ re"i1tere3/ re"i1tere3/ re"i1tere3/
- -- - Account Account Account Account a aa authentication5 uthentication5 uthentication5 uthentication5 Account Account Account Account authentication authentication authentication authentication of of of of the the the the u1er u1er u1er u1er who who who who acce11e1 acce11e1 acce11e1 acce11e1 in in in in the the the the <etho3 <etho3 <etho3 <etho3 not not not not
1nchronize3 1nchronize3 1nchronize3 1nchronize3/ // /
La11i"n<en La11i"n<en La11i"n<en La11i"n<ent5 t5 t5 t5 ran"e ran"e ran"e ran"e of of of of acce#table acce#table acce#table acce#table 2alue1M 2alue1M 2alue1M 2alue1M 5 55 5 an an an an a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator confi"urable confi"urable confi"urable confi"urable #o1iti2e #o1iti2e #o1iti2e #o1iti2e inte"er inte"er inte"er inte"er within within within within 1 11 1- -- -6 66 6
FIA_AFL.1.2[7]
Met Met Met Met
*oc; *oc; *oc; *oc; the the the the authentication authentication authentication authentication function function function function for for for for the the the the concerne3 concerne3 concerne3 concerne3 account. account. account. account. an3 an3 an3 an3 3en 3en 3en 3en the the the the acce11 acce11 acce11 acce11 to to to to the the the the !', !', !', !', b b b b the the the the
u1er u1er u1er u1er who who who who #er<itte3 #er<itte3 #er<itte3 #er<itte3 the the the the u1e u1e u1e u1e of of of of the the the the account/ account/ account/ account/
Berfor< Berfor< Berfor< Berfor< the the the the 3elete 3elete 3elete 3elete function function function function of of of of authentication authentication authentication authentication failure failure failure failure freIuenc freIuenc freIuenc freIuenc offere3 offere3 offere3 offere3 within within within within the the the the a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
<o3e/ <o3e/ <o3e/ <o3e/

FIA_AFL.1.1[8]
- -- - Authentication Authentication Authentication Authentication when when when when it it it it acce11e1 acce11e1 acce11e1 acce11e1 1er2ice 1er2ice 1er2ice 1er2ice <o3e <o3e <o3e <o3e fro< the #anel fro< the #anel fro< the #anel fro< the #anel
- -- - Authentication Authentication Authentication Authentication when when when when it it it it acce11e1 acce11e1 acce11e1 acce11e1 a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator <o3e <o3e <o3e <o3e fro< fro< fro< fro< the the the the #anel #anel #anel #anel
- -- - U1er U1er U1er U1er authentication authentication authentication authentication wh wh wh when en en en u1er u1er u1er u1er acce11e1 acce11e1 acce11e1 acce11e1 !', !', !', !', fro< fro< fro< fro< the the the the #anel #anel #anel #anel
- -- - Account Account Account Account authentication authentication authentication authentication when when when when u1er u1er u1er u1er acce11e1 acce11e1 acce11e1 acce11e1 !', !', !', !', fro< fro< fro< fro< the the the the #anel #anel #anel #anel
- -- - Authentication Authentication Authentication Authentication when when when when it it it it acce11e1 acce11e1 acce11e1 acce11e1 1ecure 1ecure 1ecure 1ecure #rint #rint #rint #rint file file file file fro< the #anel fro< the #anel fro< the #anel fro< the #anel
- -- - Authentication Authentication Authentication Authentication when when when when it it it it acce11e1 acce11e1 acce11e1 acce11e1 Bublic Bublic Bublic Bublic u1er u1er u1er u1er bo@ bo@ bo@ bo@ fro< fro< fro< fro< the the the the #anel #anel #anel #anel
La11i"n<ent5 La11i"n<ent5 La11i"n<ent5 La11i"n<ent5 #o1iti2e #o1iti2e #o1iti2e #o1iti2e inte"er inte"er inte"er inte"er nu<berM nu<berM nu<berM nu<berM 5 55 5 1 11 1
FIA_AFL.1.2[8]
Met Met Met Met
:en :en :en :en all all all all acce11 acce11 acce11 acce11 fro< fro< fro< fro< the the the the #anel/ #anel/ #anel/ #anel/
8 88 8'#eration '#eration '#eration '#eration for for for for reco2erin" reco2erin" reco2erin" reco2erin" the the the the nor<al nor<al nor<al nor<al co co co con3ition n3ition n3ition n3ition9 99 9
Auto<aticall Auto<aticall Auto<aticall Auto<aticall relea1e relea1e relea1e relea1e the the the the loc; loc; loc; loc; after after after after 5 55 5 1econ31/ 1econ31/ 1econ31/ 1econ31/

48 / 112
:e#en3encie1 5 A)ASUAU/1$A)ASUAU/2L1M. A)ASUAU/2L2M. A)ASUAU/1L1M. A)ASUAU/2L6M.
A)ASUAU/2LFM. A)ASUAU/1L2M%

FIA_AFL.1[9] Authentication failure han3lin" Authentication failure han3lin" Authentication failure han3lin" Authentication failure han3lin"
FIA_AFL.1.1[9]
- -- - Authentication when Authentication when Authentication when Authentication when acce11in" b Web:A4 acce11in" b Web:A4 acce11in" b Web:A4 acce11in" b Web:A4

La11i"n<ent5 La11i"n<ent5 La11i"n<ent5 La11i"n<ent5 ran"e of ran"e of ran"e of ran"e of acce#table acce#table acce#table acce#table 2alue1 2alue1 2alue1 2alue1M 5 M 5 M 5 M 5 an a3<ini1trator confi"urable #o1iti2e inte"er within 1 an a3<ini1trator confi"urable #o1iti2e inte"er within 1 an a3<ini1trator confi"urable #o1iti2e inte"er within 1 an a3<ini1trator confi"urable #o1iti2e inte"er within 1- -- -6 66 6
FIA_AFL.1.2[9]
Met Met Met Met
8Action when it i1 3etecte39 8Action when it i1 3etecte39 8Action when it i1 3etecte39 8Action when it i1 3etecte39
:en :en :en :en the the the the acce11 acce11 acce11 acce11 b Web:A4. an3 loc; the authentication function which u1e1 the b Web:A4. an3 loc; the authentication function which u1e1 the b Web:A4. an3 loc; the authentication function which u1e1 the b Web:A4. an3 loc; the authentication function which u1e1 the Web:A4 Web:A4 Web:A4 Web:A4 1er2er 1er2er 1er2er 1er2er
#a11wor3/ #a11wor3/ #a11wor3/ #a11wor3/
8'#eration for 8'#eration for 8'#eration for 8'#eration for reco2erin" the nor<al con3ition9 reco2erin" the nor<al con3ition9 reco2erin" the nor<al con3ition9 reco2erin" the nor<al con3ition9
Berfor< Berfor< Berfor< Berfor< the the the the 3elete 3elete 3elete 3elete function of the authentication failure function of the authentication failure function of the authentication failure function of the authentication failure freIuenc offere3 with freIuenc offere3 with freIuenc offere3 with freIuenc offere3 within the a3<ini1trator in the a3<ini1trator in the a3<ini1trator in the a3<ini1trator
<o3e/ <o3e/ <o3e/ <o3e/

FIA_ATD.1 U1er U1er U1er U1er attribute attribute attribute attribute 3ef 3ef 3ef 3efinition inition inition inition
FIA_ATD.1.1
!he !SA 1hall <aintain the followin" li1t of 1ecurit attribute1 belon"in" to in3i2i3ual u1er15
La11i"n<ent5 li1t of 1ecurit attribute1M/
La11i"n<ent5 li1t of 1ecurit attribute1M 5
- -- - U1er U1er U1er U1er attribute1 attribute1 attribute1 attribute1 $U1er $U1er $U1er $U1er ):% ):% ):% ):%
- -- - U1er U1er U1er U1er bo@ bo@ bo@ bo@ attri attri attri attribute1 bute1 bute1 bute1 $ $$ $U1er U1er U1er U1er bo@ bo@ bo@ bo@ ): ): ): ):% %% %
- -- - Aile Aile Aile Aile attribute1 attribute1 attribute1 attribute1 $ $$ $Secure Secure Secure Secure #rint #rint #rint #rint internal internal internal internal control control control control ): ): ): ):% %% %
- -- - Account Account Account Account na<e na<e na<e na<e $Account $Account $Account $Account ):% ):% ):% ):%

FIA_SOS.1[1] 4erification 4erification 4erification 4erification of of of of 1ecret1 1ecret1 1ecret1 1ecret1
FIA_SOS.1.1[1]
!he !SA 1hall #ro2i3e a <echani1< to 2erif that 1ecret1 $A3<ini1trator $A3<ini1trator $A3<ini1trator $A3<ini1trator Ba11wor3. Ba11wor3. Ba11wor3. Ba11wor3. C, C, C, C, Ba11wor3 Ba11wor3 Ba11wor3 Ba11wor3. . . .
1ecure #rint #a11wor3. u1er bo@ #a11wor3. account #a11wor3. an3 Web:A4 1er2er #a11wor3 1ecure #rint #a11wor3. u1er bo@ #a11wor3. account #a11wor3. an3 Web:A4 1er2er #a11wor3 1ecure #rint #a11wor3. u1er bo@ #a11wor3. account #a11wor3. an3 Web:A4 1er2er #a11wor3 1ecure #rint #a11wor3. u1er bo@ #a11wor3. account #a11wor3. an3 Web:A4 1er2er #a11wor3% %% % <eet
La11i"n<ent5 a 3efine3 Iualit <etricM/
La11i"n<ent5 a 3efine3 Iualit <etricM 5
- -- - (u<ber (u<ber (u<ber (u<ber of of of of 3i"it15 3i"it15 3i"it15 3i"it15 7 77 7- -- - 3i"it1 3i"it1 3i"it1 3i"it1
- -- - Character Character Character Character t#e5 t#e5 t#e5 t#e5 #o11ible to choo1e #o11ible to choo1e #o11ible to choo1e #o11ible to choo1e fro< =6 or <ore fro< =6 or <ore fro< =6 or <ore fro< =6 or <ore character1 character1 character1 character1
- -- - 0ule 0ule 0ule 0ule 5 55 5
$1% $1% $1% $1% :o :o :o :o not not not not co<#o1e co<#o1e co<#o1e co<#o1e b b b b onl onl onl onl one an3 one an3 one an3 one an3 the the the the 1a<e 1a<e 1a<e 1a<e character character character character/ // /
$2% $2% $2% $2% :o :o :o :o not not not not 1et 1et 1et 1et the the the the 1a<e 1a<e 1a<e 1a<e #a11wor3 #a11wor3 #a11wor3 #a11wor3 a1 a1 a1 a1 the the the the current current current current 1ettin" 1ettin" 1ettin" 1ettin" after chan"e after chan"e after chan"e after chan"e/ // /

49 / 112

FIA_SOS.1.1[2]
!he !SA 1hall #ro2i3e a <echani1< to 2erif that 1ecret1 $S(MB $S(MB $S(MB $S(MB Ba11wor3% Ba11wor3% Ba11wor3% Ba11wor3% <eet La11i"n<ent5 a
3efine3 Iualit <etricM/
- -- - (u<ber (u<ber (u<ber (u<ber of of of of 3i"it15 3i"it15 3i"it15 3i"it15 7 77 7- -- - 3i"it1 3i"it1 3i"it1 3i"it1 or or or or <ore <ore <ore <ore
- -- - Character Character Character Character t#e5 t#e5 t#e5 t#e5 #o11ible to choo1e #o11ible to choo1e #o11ible to choo1e #o11ible to choo1e fro< =0 or <ore fro< =0 or <ore fro< =0 or <ore fro< =0 or <ore character1 character1 character1 character1
- -- - 0ule 5 0ule 5 0ule 5 0ule 5
$1% $1% $1% $1% :o not :o not :o not :o not co<#o1e co<#o1e co<#o1e co<#o1e b onl b onl b onl b onl one an3 one an3 one an3 one an3 the 1a<e character/ the 1a<e character/ the 1a<e character/ the 1a<e character/
$2% $2% $2% $2% :o not 1et the 1a<e #a11wor3 a1 the current 1ettin" after chan :o not 1et the 1a<e #a11wor3 a1 the current 1ettin" after chan :o not 1et the 1a<e #a11wor3 a1 the current 1ettin" after chan :o not 1et the 1a<e #a11wor3 a1 the current 1ettin" after chan"e/ "e/ "e/ "e/

FIA_SOS.1.1[3]
!he !SA 1hall #ro2i3e a <echani1< to 2erif that 1ecret1 $U1er $U1er $U1er $U1er Ba11wor3% Ba11wor3% Ba11wor3% Ba11wor3% <eet La11i"n<ent5 a 3efine3
Iualit <etricM/
- -- - (u<ber (u<ber (u<ber (u<ber of of of of 3i"it15 3i"it15 3i"it15 3i"it15 7 77 7- -- - 3i"it1 3i"it1 3i"it1 3i"it1 or or or or <ore <ore <ore <ore
- -- - Character Character Character Character t#e5 t#e5 t#e5 t#e5 #o11ible to choo1e #o11ible to choo1e #o11ible to choo1e #o11ible to choo1e fro< 177 or <ore fro< 177 or <ore fro< 177 or <ore fro< 177 or <ore character1 character1 character1 character1
- -- - 0ule 5 0ule 5 0ule 5 0ule 5
$1% $1% $1% $1% :o not :o not :o not :o not co<#o1e co<#o1e co<#o1e co<#o1e b onl b onl b onl b onl one an3 one an3 one an3 one an3 the 1a<e character/ the 1a<e character/ the 1a<e character/ the 1a<e character/
$2% $2% $2% $2% :o not 1et the 1a<e #a11wor3 a1 the current 1e :o not 1et the 1a<e #a11wor3 a1 the current 1e :o not 1et the 1a<e #a11wor3 a1 the current 1e :o not 1et the 1a<e #a11wor3 a1 the current 1ettin" after chan"e/ ttin" after chan"e/ ttin" after chan"e/ ttin" after chan"e/

FIA_SOS.1.1[4]
!he !SA 1hall #ro2i3e a <echani1< to 2erif that 1ecret1 $,ncr#tion $,ncr#tion $,ncr#tion $,ncr#tion #a11#hra1e% #a11#hra1e% #a11#hra1e% #a11#hra1e% <eet La11i"n<ent5 a
- -- - (u<ber (u<ber (u<ber (u<ber of of of of 3i"it15 3i"it15 3i"it15 3i"it15 20 20 20 20- -- - 3i"it1 3i"it1 3i"it1 3i"it1
- -- - Character Character Character Character t#e5 t#e5 t#e5 t#e5 #o11ible to choo1e #o11ible to choo1e #o11ible to choo1e #o11ible to choo1e fro< 76 or <ore fro< 76 or <ore fro< 76 or <ore fro< 76 or <ore character1 character1 character1 character1
- -- - 0ule 0ule 0ule 0ule 5 55 5
$1% $1% $1% $1% :o :o :o :o not not not not co<#o1e co<#o1e co<#o1e co<#o1e b b b b onl onl onl onl one an3 one an3 one an3 one an3 the the the the 1a<e 1a<e 1a<e 1a<e character/ character/ character/ character/
$2% $2% $2% $2% :o :o :o :o not not not not 1et 1et 1et 1et the the the the 1a<e 1a<e 1a<e 1a<e #a11#hra1 #a11#hra1 #a11#hra1 #a11#hra1e ee e a1 a1 a1 a1 the the the the current current current current 1ettin" 1ettin" 1ettin" 1ettin" after chan"e after chan"e after chan"e after chan"e/ // /

FIA_SOS.1.1[5]
!he !SA 1hall #ro2i3e a <echani1< to 2erif that 1ecret1 $Se11ion $Se11ion $Se11ion $Se11ion )nfor<ation% )nfor<ation% )nfor<ation% )nfor<ation% <eet La11i"n<ent5 a
La11i"n<ent5 a 3efine3 Iualit <etricM5
10 10 10 10
10 10 10 10
an3 an3 an3 an3 abo2e abo2e abo2e abo2e

50 / 112

FIA_SOS.2 4erification of 1ecret1 4erification of 1ecret1 4erification of 1ecret1 4erification of 1ecret1
FIA_SOS.2.1
!he !SA 1hall #ro2i3e a <echani1< to "enerate 1ecret1 $Se11ion $Se11ion $Se11ion $Se11ion infor<ation% infor<ation% infor<ation% infor<ation% that <eet La11i"n<ent5 a
3efine3 Iualit <etric/M/
La11i"n<ent5 a 3efine3 Iualit <etric/M 5
10 10 10 10
10 10 10 10
an3 an3 an3 an3 abo2e abo2e abo2e abo2e
FIA_SOS.2.2
!he !SA 1hall be able to enforce the u1e of !SA "enerate3 1ecret1 for La11i"n<ent5 li1t of !SA
function1M/
La11i"n<ent5 li1t of !SA function1M 5
- -- - A3<ini1trator A3<ini1trator A3<ini1trator A3<ini1trator authentication authentication authentication authentication $ $$ $Acce11 Acce11 Acce11 Acce11 throu"h throu"h throu"h throu"h the the the the networ; networ; networ; networ;% %% %
- -- - U1er U1er U1er U1er authentication authentication authentication authentication $ $$ $Acce11 Acce11 Acce11 Acce11 throu"h throu"h throu"h throu"h the the the the networ networ networ networ; ;; ;% %% %
- -- - U1er U1er U1er U1er bo@ bo@ bo@ bo@ au au au auth th th thentication entication entication entication $ $$ $Acce11 Acce11 Acce11 Acce11 throu"h throu"h throu"h throu"h the the the the networ; networ; networ; networ;% %% %

FIA_UAU.1[1] !i<in" of authentication !i<in" of authentication !i<in" of authentication !i<in" of authentication
FIA_UAU.1.1[1]
!he !SA 1hall allow La11i"n<ent5 li1t of !SA <e3iate3 action1M on behalf of the u1er to be #erfor<e3
before the u1er i1 authenticate3/
La11i"n<ent5 li1t of !SA <e3iate3 action1M
Confir< Confir< Confir< Confir< the the the the 1to##e3 1to##e3 1to##e3 1to##e3 1tate of u1erG 1tate of u1erG 1tate of u1erG 1tate of u1erG1 u1e 1 u1e 1 u1e 1 u1e $ $$ $Metho3 of u1er authentication Metho3 of u1er authentication Metho3 of u1er authentication Metho3 of u1er authentication5 5 5 5 Machine authentication Machine authentication Machine authentication Machine authentication
onl% onl% onl% onl%
FIA_UAU.1.2[1]
!he !SA 1hall reIuire each u1er $U1er% $U1er% $U1er% $U1er% to be 1ucce11full authenticate3 before allowin" an other
!SA-<e3iate3 action1 on behalf of that u1er $U1er% $U1er% $U1er% $U1er%/
:e#en3encie1 5 A)ASU):/1$A)ASU):/2L6M%

FIA_UAU.1[2] !i<in" of authentication !i<in" of authentication !i<in" of authentication !i<in" of authentication
FIA_UAU.1.1[2]
!he !SA 1hall allow La11i"n<ent5 li1t of !SA <e3iate3 action1M on behalf of the u1er to be #erfor<e3
before the u1er i1 authenticate3/
La11i"n<ent5 li1t of !SA <e3iate3 action1M
C CC Confir< the 1to##e3 1tate of onfir< the 1to##e3 1tate of onfir< the 1to##e3 1tate of onfir< the 1to##e3 1tate of the account/ the account/ the account/ the account/
FIA_UAU.1.2[2]
!he !SA 1hall reIuire each u1er $ $$ $U1er who i1 #er<itte3 to u1e account U1er who i1 #er<itte3 to u1e account U1er who i1 #er<itte3 to u1e account U1er who i1 #er<itte3 to u1e account% %% % to be 1ucce11full
authenticate3 before allowin" an other !SA-<e3iate3 action1 on behalf of that u1er $ $$ $U1er who i1 U1er who i1 U1er who i1 U1er who i1
#er<itte3 to u1e account #er<itte3 to u1e account #er<itte3 to u1e account #er<itte3 to u1e account% %% %/
:e#en3encie1 5 A)ASU):/1$A)ASU):/2L6M%

FIA_UAU.2[1] U1er U1er U1er U1er authentication authentication authentication authentication bef bef bef before ore ore ore an an an an action action action action
FIA_UAU.2.1[1]
!he !SA 1hall reIuire each u1er $ $$ $Ser2ice Ser2ice Ser2ice Ser2ice ,n"ineer ,n"ineer ,n"ineer ,n"ineer% %% % to be 1ucce11full authenticate3 before allowin"
an other !SA-<e3iate3 action1 on behalf of that u1er $ $$ $Ser2ice Ser2ice Ser2ice Ser2ice ,n"ineer ,n"ineer ,n"ineer ,n"ineer% %% %/
-ierarchical to 5 A)ASUAU/1
:e#en3encie1 5 A)ASU):/1 $A)ASU):/2L1M%

51 / 112

FIA_UAU.2[2] U1er U1er U1er U1er authentication authentication authentication authentication before before before before an an an an action action action action
FIA_UAU.2.1[2]
!he !SA 1hall reIuire each u1er $ $$ $A3<ini1trator A3<ini1trator A3<ini1trator A3<ini1trator $U1er who i1 authenticate3 b $U1er who i1 authenticate3 b $U1er who i1 authenticate3 b $U1er who i1 authenticate3 b A3<ini1trator A3<ini1trator A3<ini1trator A3<ini1trator
#a11wor3. U1er who i1 authenticate3 b Web:A4 1er2er #a11wor3. U1e #a11wor3. U1er who i1 authenticate3 b Web:A4 1er2er #a11wor3. U1e #a11wor3. U1er who i1 authenticate3 b Web:A4 1er2er #a11wor3. U1e #a11wor3. U1er who i1 authenticate3 b Web:A4 1er2er #a11wor3. U1er who i1 authenticate3 b r who i1 authenticate3 b r who i1 authenticate3 b r who i1 authenticate3 b
S(MB #a11wor3% S(MB #a11wor3% S(MB #a11wor3% S(MB #a11wor3%% %% % to be 1ucce11full authenticate3 before allowin" an other !SA-<e3iate3 action1 on
behalf of that u1er $ $$ $A3<ini1trator A3<ini1trator A3<ini1trator A3<ini1trator $U1er who i1 authenticate3 b $U1er who i1 authenticate3 b $U1er who i1 authenticate3 b $U1er who i1 authenticate3 b A3<ini1trator A3<ini1trator A3<ini1trator A3<ini1trator #a11wor3. U1er who i1 #a11wor3. U1er who i1 #a11wor3. U1er who i1 #a11wor3. U1er who i1
authenticate3 b Web:A4 1er2er authenticate3 b Web:A4 1er2er authenticate3 b Web:A4 1er2er authenticate3 b Web:A4 1er2er #a11wor3. U1er who i1 authenticate3 b S(MB #a11wor3% #a11wor3. U1er who i1 authenticate3 b S(MB #a11wor3% #a11wor3. U1er who i1 authenticate3 b S(MB #a11wor3% #a11wor3. U1er who i1 authenticate3 b S(MB #a11wor3%% %% %/

FIA_UAU.2.1[4]
!he !SA 1hall reIuire each u1er $ $$ $U1er U1er U1er U1er who who who who i1 i1 i1 i1 #er<i #er<i #er<i #er<itte3 tte3 tte3 tte3 to to to to u1e u1e u1e u1e 1ecure 1ecure 1ecure 1ecure #rint #rint #rint #rint file file file file% %% % to be 1ucce11full
authenticate3 before allowin" an other !SA-<e3iate3 action1 on behalf of that u1er $ $$ $U1er U1er U1er U1er who who who who i1 i1 i1 i1
#er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to u1e u1e u1e u1e 1ecure 1ecure 1ecure 1ecure #rint #rint #rint #rint file file file file% %% %
:e#en3encie1 5 A)ASU):/1 $A)ASU):/2LFM%

FIA_UAU.2.1[5]
!he !SA 1hall reIuire each u1er $ $$ $U1er U1er U1er U1er who who who who i1 i1 i1 i1 #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to u1e u1e u1e u1e the the the the #ublic #ublic #ublic #ublic u1er u1er u1er u1er bo@ bo@ bo@ bo@% %% % to be
1ucce11full authenticate3 before allowin" an other !SA-<e3iate3 action1 on behalf of that u1er
$ $$ $U1er U1er U1er U1er who who who who i1 i1 i1 i1 #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to u1e u1e u1e u1e the the the the #ublic #ublic #ublic #ublic u1er u1er u1er u1er bo@ bo@ bo@ bo@% %% %

FIA_UAU.6 0e 0e 0e 0e- -- -authenticatin" authenticatin" authenticatin" authenticatin"
FIA_UAU.6.1
!he !SA 1hall re-authenticate the u1er un3er the con3ition1 La11i"n<ent5 li1t of con3ition1 un3er
which re-authentication i1 reIuire3M/
La11i"n<ent5 li1t of con3ition1 un3er which re-authentication i1 reIuire3M
- -- - When the 1er2ice en"ineer <o3ifie1 the C, #a11wor3/ When the 1er2ice en"ineer <o3ifie1 the C, #a11wor3/ When the 1er2ice en"ineer <o3ifie1 the C, #a11wor3/ When the 1er2ice en"ineer <o3ifie1 the C, #a11wor3/
- -- - When When When When the the the the a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator <o3ifie1 <o3ifie1 <o3ifie1 <o3ifie1 the the the the a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator #a11wor3/ #a11wor3/ #a11wor3/ #a11wor3/
- -- - When the u1er chan"e1 hi1/her own u1er #a11wor3/ When the u1er chan"e1 hi1/her own u1er #a11wor3/ When the u1er chan"e1 hi1/her own u1er #a11wor3/ When the u1er chan"e1 hi1/her own u1er #a11wor3/
- -- - When When When When a u1er #er<itte3 a u1er #er<itte3 a u1er #er<itte3 a u1er #er<itte3 to u1e to u1e to u1e to u1e a a a a #ublic u1er bo@ chan"e1 the #ublic u1er bo@ chan"e1 the #ublic u1er bo@ chan"e1 the #ublic u1er bo@ chan"e1 the u1er u1er u1er u1er bo@ #a11wor3 of bo@ #a11wor3 of bo@ #a11wor3 of bo@ #a11wor3 of the the the the #ublic u1er #ublic u1er #ublic u1er #ublic u1er
bo@/ bo@/ bo@/ bo@/

FIA_UAU.7 Brotecte3 Brotecte3 Brotecte3 Brotecte3 authe authe authe authentication ntication ntication ntication fee3bac; fee3bac; fee3bac; fee3bac;
FIA_UAU.7.1
!he !SA 1hall #ro2i3e onl La11i"n<ent5 li1t of fee3bac;M to the u1er while the authentication i1 in
#ro"re11/
La11i"n<ent5 li1t of fee3bac;M 5
:i1#la :i1#la :i1#la :i1#la D DD DK KK KD DD D e2er e2er e2er e2er character character character character 3ata 3ata 3ata 3ata in#ut/ in#ut/ in#ut/ in#ut/
:e#en3encie1 5 A)ASUAU/1 $A)ASUAU/2L1M. A)ASUAU/2L2M. A)ASUAU/1L1M. A)ASUAU/2L6M.

52 / 112
A)ASUAU/2LFM. A)ASUAU/1L2M%

FIA_UID.2[1] U1er U1er U1er U1er i3entification i3entification i3entification i3entification before before before before an an an an action action action action
FIA_UID.2.1[1]
!he !SA 1hall reIuire each u1er $ $$ $Ser2ice Ser2ice Ser2ice Ser2ice ,n"ineer ,n"ineer ,n"ineer ,n"ineer% %% % to be 1ucce11full i3entifie3 before allowin" an
other !SA-<e3iate3 action1 on behalf of that u1er $ $$ $Ser2ice Ser2ice Ser2ice Ser2ice ,n"ineer ,n"ineer ,n"ineer ,n"ineer% %% %/ // /
-ierarchical to 5 A)ASU):/1

FIA_UID.2.1[2]
!he !SA 1hall reIuire each u1er $ $$ $A3<ini1trator A3<ini1trator A3<ini1trator A3<ini1trator% %% % to be 1ucce11full i3entifie3 before allowin" an other
!SA-<e3iate3 action1 on behalf of that u1er $ $$ $A3<ini1trator A3<ini1trator A3<ini1trator A3<ini1trator% %% %/ // /

FIA_UID.2[3] U1er U1er U1er U1er i3entification i3entification i3entification i3entification be be be before fore fore fore an an an an action action action action
FIA_UID.2.1[3]
!he !SA 1hall reIuire each u1er $ $$ $U1er U1er U1er U1er% %% % to be 1ucce11full i3entifie3 before allowin" an other
!SA-<e3iate3 action1 on behalf of that u1er $ $$ $U1er U1er U1er U1er% %% %/ // /

FIA_UID.2.1[4]
!he !SA 1hall reIuire each u1er $ $$ $U1er U1er U1er U1er who who who who i1 i1 i1 i1 #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to u1e u1e u1e u1e 1ecure 1ecure 1ecure 1ecure #rint #rint #rint #rint file file file file% %% % to be 1ucce11full
i3entifie3 before allowin" an other !SA-<e3iate3 action1 on behalf of that u1er $ $$ $U1er U1er U1er U1er who who who who i1 i1 i1 i1
#er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to u1e u1e u1e u1e 1ecure 1ecure 1ecure 1ecure #rint #rint #rint #rint file file file file%/ %/ %/ %/

FIA_UID.2.1[5]
!he !SA 1hall reIuire each u1er $ $$ $U1er U1er U1er U1er who who who who i1 i1 i1 i1 #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to u1e u1e u1e u1e the the the the #ublic #ublic #ublic #ublic u1er u1er u1er u1er bo@ bo@ bo@ bo@% %% % to be 1ucce11full
i3entifie3 before allowin" an other !SA-<e3iate3 action1 on behalf of that u1er $ $$ $U1er U1er U1er U1er who who who who i1 i1 i1 i1
#er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to u1e u1e u1e u1e the the the the #ublic #ublic #ublic #ublic u1er u1er u1er u1er bo@ bo@ bo@ bo@% %% %/ // /

FIA_UID.2[6] U1er U1er U1er U1er i3entification i3entification i3entification i3entification be be be before fore fore fore an an an an action action action action
FIA_UID.2.1[6]
!he !SA 1hall reIuire each u1er $ $$ $U1er U1er U1er U1er who who who who i1 i1 i1 i1 #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to u1e u1e u1e u1e the the the the account account account account% %% % to be 1ucce11full i3entifie3
before allowin" an other !SA-<e3iate3 action1 on behalf of that u1er $ $$ $U1er U1er U1er U1er who who who who i1 i1 i1 i1 #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to u1e u1e u1e u1e
the the the the account account account account% %% %/ // /


53 / 112
FIA_UID.2.1[7]
!he !SA 1hall reIuire each u1er $ $$ $,@ternal ,@ternal ,@ternal ,@ternal Ser2er Ser2er Ser2er Ser2er% %% % to be 1ucce11full i3entifie3 before allowin" an
other !SA-<e3iate3 action1 on behalf of that u1er $ $$ $,@ternal ,@ternal ,@ternal ,@ternal Ser2er Ser2er Ser2er Ser2er% %% %/ // /

FIA_USB.1 U1er U1er U1er U1er- -- -1ubHect 1ubHect 1ubHect 1ubHect bin3in" bin3in" bin3in" bin3in"
FIA_USB.1.1
!he !SA 1hall a11ociate the followin" u1er 1ecurit attribute1 with 1ubHect1 actin" on the behalf of that
u1er5 La11i"n<entO li1t of u1er 1ecurit attribute1M/
La11i"n<entO li1t of u1er 1ecurit attribute1M5
- -- - U1er U1er U1er U1er attribute1 attribute1 attribute1 attribute1 $U1er $U1er $U1er $U1er ):% ):% ):% ):%
- -- - U1er U1er U1er U1er bo@ bo@ bo@ bo@ attribute1 attribute1 attribute1 attribute1 $U1er $U1er $U1er $U1er bo@ bo@ bo@ bo@ ):% ):% ):% ):%
- -- - Aile Aile Aile Aile attribute1 attribute1 attribute1 attribute1 $Secure $Secure $Secure $Secure #rint #rint #rint #rint internal internal internal internal control control control control ):% ):% ):% ):%
- -- - Account Account Account Account na<e na<e na<e na<e $Acco $Acco $Acco $Account unt unt unt ):% ):% ):% ):%
FIA_USB.1.2
!he !SA 1hall enforce the followin" rule1 on the initial a11ociation of u1er 1ecurit attribute1 with
1ubHect1 actin" on the behalf of u1er15 La11i"n<ent5 rule1 for the initial a11ociation of attribute1M/
La11i"n<ent5 rule1 for the initial a11ociation of attribute1M5
8 88 8U1er U1er U1er U1er bo@ bo@ bo@ bo@ attribute attribute attribute attribute9 99 9
!he !he !he !he u1er u1er u1er u1er bo@ bo@ bo@ bo@ ): ): ): ): of of of of the the the the concerne3 concerne3 concerne3 concerne3 u1er u1er u1er u1er bo@ bo@ bo@ bo@ a11ociate1 a11ociate1 a11ociate1 a11ociate1 to to to to the the the the ta1; ta1; ta1; ta1; actin" actin" actin" actin" on on on on the the the the behalf behalf behalf behalf of of of of u1er1 u1er1 u1er1 u1er1 when when when when
authenticate3 authenticate3 authenticate3 authenticate3 with with with with the the the the acce11 acce11 acce11 acce11 to to to to the the the the u1er u1er u1er u1er bo@ bo@ bo@ bo@/ // /
8 88 8Account Account Account Account (a<e (a<e (a<e (a<e9 99 9
- -- - )n )n )n )n the the the the < << <etho3 etho3 etho3 etho3 not not not not 1nchronize3 1nchronize3 1nchronize3 1nchronize3 with with with with U UU U1er 1er 1er 1er a aa authentication uthentication uthentication uthentication. .. . t tt the he he he account account account account ): ): ): ): of of of of the the the the concerne3 concerne3 concerne3 concerne3 account account account account
a11ociate1 a11ociate1 a11ociate1 a11ociate1 to to to to the the the the ta1; ta1; ta1; ta1; actin" actin" actin" actin" on on on on the the the the behalf behalf behalf behalf of of of of u1er1 u1er1 u1er1 u1er1 when when when when authenticate3 authenticate3 authenticate3 authenticate3 with with with with the the the the acce11 acce11 acce11 acce11 to to to to the the the the
account/ account/ account/ account/
- -- - )n )n )n )n the the the the < << <etho3 etho3 etho3 etho3 1nchronize3 1nchronize3 1nchronize3 1nchronize3 with with with with U UU U1er 1er 1er 1er a aa authentication uthentication uthentication uthentication. .. . t tt the he he he ac ac ac account count count count ): ): ): ): that that that that i1 i1 i1 i1 1et 1et 1et 1et to to to to the the the the concerne3 concerne3 concerne3 concerne3
u1er u1er u1er u1er a11ociate1 a11ociate1 a11ociate1 a11ociate1 to to to to the the the the ta1; ta1; ta1; ta1; actin" actin" actin" actin" on on on on the the the the behalf behalf behalf behalf of of of of u1er1 u1er1 u1er1 u1er1 when when when when authenticate3 authenticate3 authenticate3 authenticate3 with with with with the the the the acce11 acce11 acce11 acce11 to to to to the the the the
u1er/ u1er/ u1er/ u1er/
8 88 8Aile Aile Aile Aile attribute attribute attribute attribute9 99 9
!he !he !he !he 1ecure 1ecure 1ecure 1ecure #rint #rint #rint #rint internal internal internal internal control control control control ): ): ): ): of of of of the the the the concerne3 concerne3 concerne3 concerne3 1ecure 1ecure 1ecure 1ecure #rint #rint #rint #rint file file file file a11ociate1 a11ociate1 a11ociate1 a11ociate1 to to to to the the the the ta1; ta1; ta1; ta1; actin" actin" actin" actin" on on on on
the the the the behalf behalf behalf behalf of of of of u1er1 u1er1 u1er1 u1er1 when when when when authenticate3 authenticate3 authenticate3 authenticate3 with with with with the the the the acce11 acce11 acce11 acce11 to to to to the the the the 1ecure 1ecure 1ecure 1ecure #rint #rint #rint #rint file/ file/ file/ file/
8U1er 8U1er 8U1er 8U1er attribute9 attribute9 attribute9 attribute9
!he !he !he !he u1er u1er u1er u1er ): ): ): ): of of of of the the the the concerne3 concerne3 concerne3 concerne3 u1er u1er u1er u1er a11ociate1 a11ociate1 a11ociate1 a11ociate1 to to to to the the the the ta1; ta1; ta1; ta1; actin" actin" actin" actin" on on on on the the the the behalf behalf behalf behalf of of of of u1er1 u1er1 u1er1 u1er1 when when when when
authenticate3 authenticate3 authenticate3 authenticate3 a1 a1 a1 a1 the the the the u1er u1er u1er u1er/ // /
8A3<ini1trator 8A3<ini1trator 8A3<ini1trator 8A3<ini1trator attribute9 attribute9 attribute9 attribute9
!he !he !he !he A3<ini1trator A3<ini1trator A3<ini1trator A3<ini1tratorG GG G1 attribute1 1 attribute1 1 attribute1 1 attribute1 a11ociate a11ociate a11ociate a11ociate to to to to the the the the ta1; ta1; ta1; ta1; actin" actin" actin" actin" on on on on the the the the behalf behalf behalf behalf of of of of u1er1 u1er1 u1er1 u1er1 when when when when authenticate3 authenticate3 authenticate3 authenticate3
a1 a1 a1 a1 the the the the A3<ini1trator A3<ini1trator A3<ini1trator A3<ini1trator/ // /
FIA_USB.1.3
!he !SA 1hall enforce the followin" rule1 "o2ernin" chan"e1 to the u1er 1ecurit attribute1 a11ociate3
with 1ubHect1 actin" on the behalf of u1er15 La11i"n<ent5 rule1 for the chan"in" of attribute1M/
La11i"n<ent5 rule1 for the chan"in" of attribute1M/
(one (one (one (one
:e#en3encie1 5 A)ASA!:/1 $A)ASA!:/1%

6/1/1/F/ 6/1/1/F/ 6/1/1/F/ 6/1/1/F/ Securit Mana"e<ent

FMT_MOF.1[1] Mana"e<ent Mana"e<ent Mana"e<ent Mana"e<ent of of of of 1ecurit 1ecurit 1ecurit 1ecurit function1 function1 function1 function1 beha2ior beha2ior beha2ior beha2ior

54 / 112
FMT_MOF.1.1[1]
!he !SA 1hall re1trict the abilit to L1election5 3eter<ine the beha2ior of. 3i1able. enable. <o3if the
beha2ior ofM the function1 La11i"n<ent5 li1t of function1M to La11i"n<ent5 the authorize3 i3entifie3 role1M/
La11i"n<ent5 li1t of function1M 5
- -- - ,nhance3 ,nhance3 ,nhance3 ,nhance3 Securit Securit Securit Securit Settin" Settin" Settin" Settin"
L1election5 3eter<ine the beha2ior of. 3i1able. enable. <o3if the beha2ior ofM 5
3i1able 3i1able 3i1able 3i1able
La11i"n<ent5 the authorize3 i3entifie3 role1M 5
- -- - A3<ini1trator A3<ini1trator A3<ini1trator A3<ini1trator
- -- - Ser2i Ser2i Ser2i Ser2ice ce ce ce ,n"ineer ,n"ineer ,n"ineer ,n"ineer
:e#en3encie1 5 AM!SSMA/1 $AM!SSMA/1% . AM!SSM0/1 $AM!SSM0/1L1M. AM!SSM0/1L2M%

FMT_MOF.1[2] Mana"e<ent Mana"e<ent Mana"e<ent Mana"e<ent of of of of 1ecurit 1ecurit 1ecurit 1ecurit function1 function1 function1 function1 beha2io beha2io beha2io beha2iou uu ur rr r
FMT_MOF.1.1[2]
!he !SA 1hall re1trict the abilit to L1election5 3eter<ine the beha2ior of. 3i1able. enable. <o3if the
beha2iour ofM the function1 La11i"n<ent5 li1t of function1M to La11i"n<ent5 the authorize3 i3entifie3
role1M/
- -- - U1er U1er U1er U1er Authentication Authentication Authentication Authentication Aunction Aunction Aunction Aunction
- -- - S/M)M, S/M)M, S/M)M, S/M)M, function function function function
- -- - S(MB S(MB S(MB S(MB #a11wor3 #a11wor3 #a11wor3 #a11wor3 authentication authentication authentication authentication function function function function
- -- - ): N #rint ): N #rint ): N #rint ): N #rint function function function function
L1election5 3eter<ine the beha2ior of. 3i1able. enable. <o3if the beha2ior ofM 5
<o3if <o3if <o3if <o3if the the the the beha2ior beha2ior beha2ior beha2ior of of of of
A3<ini1trator A3<ini1trator A3<ini1trator A3<ini1trator
:e#en3encie1 5 AM!SSMA/1 $AM!SSMA/1% . AM!SSM0/1 $AM!SSM0/1L2M%

FMT_MOF.1[3] Mana"e<ent Mana"e<ent Mana"e<ent Mana"e<ent of of of of 1ecurit 1ecurit 1ecurit 1ecurit function1 function1 function1 function1 beha2ior beha2ior beha2ior beha2ior
FMT_MOF.1.1[3]
!he !SA 1hall re1trict the abilit to L1election5 3eter<ine the beha2iour of. 3i1able. enable. <o3if the
beha2iour ofM the function1 La11i"n<ent5 li1t of function1M to La11i"n<ent5 the authorize3 i3entifie3
role1M/
- -- - Account Account Account Account Authentication Authentication Authentication Authentication Aunction Aunction Aunction Aunction
- -- - !ru1te3 !ru1te3 !ru1te3 !ru1te3 Channel Channel Channel Channel Aunction Aunction Aunction Aunction
L1election5 3eter<ine the beha2ior of. 3i1able. enable. <o3if the beha2iour ofM 5
<o3if <o3if <o3if <o3if the the the the beha2ior beha2ior beha2ior beha2ior of of of of. 3i1able . 3i1able . 3i1able . 3i1able

FMT_MSA.1[1] Man Man Man Mana aa a"e<ent "e<ent "e<ent "e<ent of of of of 1ecurit 1ecurit 1ecurit 1ecurit attribute1 attribute1 attribute1 attribute1
FMT_MSA.1.1[1]
!he !SA 1hall enforce the La11i"n<ent5 acce11 control SAB$1%. infor<ation flow control SAB$1%M to
re1trict the abilit to L1election5 chan"eS3efault. Iuer. <o3if. 3elete. La11i"n<ent5 other o#eration1MM
the 1ecurit attribute1 La11i"n<ent5 li1t of 1ecurit attribute1M to La11i"n<ent5 the authorize3 i3entifie3
role1M/
U1er U1er U1er U1er attribute1 attribute1 attribute1 attribute1 of of of of the the the the u1er u1er u1er u1er bo@ bo@ bo@ bo@ that that that that i1 i1 i1 i1 1et 1et 1et 1et u1er u1er u1er u1erJ JJ J1 11 1 own own own own Lu1er Lu1er Lu1er Lu1er ):M ):M ):M ):M/ // /
L1election5 chan"eS3efault. Iuer. <o3if. 3elete. La11i"n<ent5 other o#eration1MM 5

55 / 112
M MM Mo3if o3if o3if o3if $ $$ $<o3if <o3if <o3if <o3if to to to to other other other other u1er u1er u1er u1erJ JJ J1 11 1 LU1er LU1er LU1er LU1er ): ): ): ):M MM M. .. . Laccount Laccount Laccount Laccount ):M ):M ):M ):M or or or or L#ublicM L#ublicM L#ublicM L#ublicM% %% %
- -- - U1er U1er U1er U1er
La11i"n<ent5 acce11 control SAB. infor<ation flow control SABM 5
U1er U1er U1er U1er bo@ bo@ bo@ bo@ acce11 acce11 acce11 acce11 contr contr contr contro oo ol ll l
:e#en3encie1 5 A:BSACC/1 or A:BS)AC/1 $A:BSACC/1L1M% . AM!SSMA/1 $AM!SSMA/1% .
AM!SSM0/1 $AM!SSM0/1L2M. AM!SSM0/1L6M%

FMT_MSA.1[2] Man Man Man Mana aa a"e<ent "e<ent "e<ent "e<ent of of of of 1ecurit 1ecurit 1ecurit 1ecurit attribute1 attribute1 attribute1 attribute1
FMT_MSA.1.1[2]
role1M/
U1er U1er U1er U1er attribute1 attribute1 attribute1 attribute1 of of of of u1er u1er u1er u1er bo@ bo@ bo@ bo@ that that that that i1 i1 i1 i1 1et 1et 1et 1et the the the the L#ublicM L#ublicM L#ublicM L#ublicM/ // /
<o3if <o3if <o3if <o3if $ $$ $<o3if <o3if <o3if <o3if to to to to LU1er LU1er LU1er LU1er ):M ):M ):M ):M or or or or Laccount Laccount Laccount Laccount ):M ):M ):M ):M% %% %
- -- - U1er U1er U1er U1er who who who who i1 i1 i1 i1 #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to u1e u1e u1e u1e that that that that #ublic #ublic #ublic #ublic u1er u1er u1er u1er bo@ bo@ bo@ bo@
U1er U1er U1er U1er bo@ bo@ bo@ bo@ acce11 acce11 acce11 acce11 contr contr contr contro oo ol ll l
AM!SSM0/1 $AM!SSM0/1L2M. AM!SSM0/1LFM%

FMT_MSA.1[3] Mana"e<ent Mana"e<ent Mana"e<ent Mana"e<ent of of of of 1ecurit 1ecurit 1ecurit 1ecurit attribute1 attribute1 attribute1 attribute1
FMT_MSA.1.1[3]
role1M/
U1er U1er U1er U1er attribute1 attribute1 attribute1 attribute1 of of of of u1er u1er u1er u1er bo@ bo@ bo@ bo@ that that that that i1 i1 i1 i1 1et 1et 1et 1et the the the the LAccount LAccount LAccount LAccount ):M/ ):M/ ):M/ ):M/
<o3if <o3if <o3if <o3if $ $$ $<o3if <o3if <o3if <o3if to to to to Lu1er Lu1er Lu1er Lu1er ):M. ):M. ):M. ):M. L#ublicM L#ublicM L#ublicM L#ublicM or or or or other other other other Laccount Laccount Laccount Laccount ):M ):M ):M ):M% %% %
- -- - U1er U1er U1er U1er who who who who i1 i1 i1 i1 #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to u1e u1e u1e u1e that that that that account account account account
U1er U1er U1er U1er bo@ bo@ bo@ bo@ acce11 acce11 acce11 acce11 control control control control
AM!SSM0/1 $AM!SSM0/1L2M. AM!SSM0/1L6M%

FMT_MSA.3[1] Static Static Static Static attribute attribute attribute attribute initialization initialization initialization initialization
FMT_MSA.3.1[1]
!he !SA 1hall enforce the La11i"n<ent5 acce11 control SAB. infor<ation flow control SABM to #ro2i3e
L1election. choo1e one of5 re1tricti2e. #er<i11i2e. La11i"n<ent5 other #ro#ertMM 3efault 2alue1 for

56 / 112
1ecurit attribute1 $U1er U1er U1er U1er attribute1 attribute1 attribute1 attribute1 of of of of the the the the u uu u1e 1e 1e 1er rr r bo@ bo@ bo@ bo@% that are u1e3 to enforce the SAB/
L1election. choo1e one of5 re1tricti2e. #er<i11i2e. La11i"n<ent5 other #ro#ertMM 5
L LL La11i"n<ent5 a11i"n<ent5 a11i"n<ent5 a11i"n<ent5 other other other other #ro#ert #ro#ert #ro#ert #ro#ertM MM M 5 55 5
0e1#on3e3 0e1#on3e3 0e1#on3e3 0e1#on3e3 the the the the re"i1t re"i1t re"i1t re"i1te ee er rr re3 e3 e3 e3 1ituation 1ituation 1ituation 1ituation of of of of the the the the u1er u1er u1er u1er bo@ bo@ bo@ bo@ cla11ifie3 cla11ifie3 cla11ifie3 cla11ifie3 into into into into the the the the followin" followin" followin" followin" ca1e1/ ca1e1/ ca1e1/ ca1e1/
$1% $1% $1% $1% LBubl LBubl LBubl LBublicM. icM. icM. icM. when when when when an an an an u1er u1er u1er u1er bo@ bo@ bo@ bo@ i1 i1 i1 i1 re"i1tere3 re"i1tere3 re"i1tere3 re"i1tere3 b b b b the the the the o#eration o#eration o#eration o#eration of of of of u1er u1er u1er u1er or or or or a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
$2% $2% $2% $2% LU1er LU1er LU1er LU1er ):M ):M ):M ):M of of of of the the the the u1er u1er u1er u1er who who who who #erfor<e3 #erfor<e3 #erfor<e3 #erfor<e3 the the the the rele2ant rele2ant rele2ant rele2ant Hob. Hob. Hob. Hob. when when when when a aa a u1er u1er u1er u1er bo@ bo@ bo@ bo@ i1 i1 i1 i1 re"i1tere3 re"i1tere3 re"i1tere3 re"i1tere3
auto<aticall auto<aticall auto<aticall auto<aticall accor3in" accor3in" accor3in" accor3in" to to to to the the the the o#eration o#eration o#eration o#eration of of of of 1tore3 1tore3 1tore3 1tore3 Hob Hob Hob Hob 1#ecifin" 1#ecifin" 1#ecifin" 1#ecifin" unre"i1tere3 unre"i1tere3 unre"i1tere3 unre"i1tere3 u1er u1er u1er u1er bo@/ bo@/ bo@/ bo@/
U1er U1er U1er U1er bo@ bo@ bo@ bo@ acce11 acce11 acce11 acce11 con con con cont tt trol rol rol rol
FMT_MSA.3.2[1]
!he !SA 1hall allow the La11i"n<ent5 the authorize3 i3entifie3 role1M to 1#ecif alternati2e initial
2alue1 to o2erri3e the 3efault 2alue1 when an obHect or infor<ation i1 create3/
La11i"n<ent5 the authorize3 i3entifie3 role1M
Ca1e Ca1e Ca1e Ca1e $1% $1% $1% $1% i3entifie3 i3entifie3 i3entifie3 i3entifie3 in in in in La11i"n<ent5 La11i"n<ent5 La11i"n<ent5 La11i"n<ent5 other other other other #ro#ertM #ro#ertM #ro#ertM #ro#ertM of of of of AM!SMSA/6/1 AM!SMSA/6/1 AM!SMSA/6/1 AM!SMSA/6/1 5 55 5 U1er U1er U1er U1er. a3<ini1trator . a3<ini1trator . a3<ini1trator . a3<ini1trator
Ca1e Ca1e Ca1e Ca1e $2% $2% $2% $2% i3entifie3 i3entifie3 i3entifie3 i3entifie3 in in in in La11i"n<ent5 La11i"n<ent5 La11i"n<ent5 La11i"n<ent5 other other other other #ro#ertM #ro#ertM #ro#ertM #ro#ertM of of of of AM!SMSA/6/1 AM!SMSA/6/1 AM!SMSA/6/1 AM!SMSA/6/1 5 55 5 (one (one (one (one
:e#en3encie1 5 AM!SMSA/1 $AM!SMSA/1L1M. AM!SMSA/1L2M% . AM!SSM0/1 $AM!SSM0/1L6M%

FMT_MSA.3.1[2]
1ecurit attribute1 $Secure Secure Secure Secure #rint #rint #rint #rint internal internal internal internal control control control control ): ): ): ):% that are u1e3 to enforce the SAB/
L LL La11i"n<ent5 a11i"n<ent5 a11i"n<ent5 a11i"n<ent5 other other other other #ro#ert #ro#ert #ro#ert #ro#ertM MM M 5 55 5 )3entifie3 )3entifie3 )3entifie3 )3entifie3 uniIuel uniIuel uniIuel uniIuel
Secure Secure Secure Secure #rint #rint #rint #rint file file file file acce11 acce11 acce11 acce11 control control control control
FMT_MSA.3.2[2]
( (( (one one one one
:e#en3encie1 5 AM!SMSA/1 $(/A% . AM!SSM0/1 $(/A%

FMT_MSA.3.1[3]
1ecurit attribute1 $U1er U1er U1er U1er bo@ bo@ bo@ bo@ attribute1 attribute1 attribute1 attribute1 of of of of u1er u1er u1er u1er bo@ bo@ bo@ bo@ file file file file% that are u1e3 to enforce the SAB/
La11i"n<ent5 La11i"n<ent5 La11i"n<ent5 La11i"n<ent5 other other other other #ro# #ro# #ro# #ro#ertM ertM ertM ertM 5 55 5 Corre1#on31 Corre1#on31 Corre1#on31 Corre1#on31 with with with with the the the the 2alue 2alue 2alue 2alue of of of of the the the the u1er u1er u1er u1er bo@ bo@ bo@ bo@ attribute1 attribute1 attribute1 attribute1 of of of of the the the the u1er u1er u1er u1er bo@ bo@ bo@ bo@
that that that that 1electe3 1electe3 1electe3 1electe3 a1 a1 a1 a1 a aa a tar"et tar"et tar"et tar"et to to to to 1tore 1tore 1tore 1tore the the the the u1er u1er u1er u1er bo@ bo@ bo@ bo@ file file file file concerne3/ concerne3/ concerne3/ concerne3/
U1er U1er U1er U1er bo@ bo@ bo@ bo@ acce11 acce11 acce11 acce11 control control control control
FMT_MSA.3.2[3]
(one (one (one (one


57 / 112
FMT_MSA.3[4] Static attribute initialization Static attribute initialization Static attribute initialization Static attribute initialization
FMT_MSA.3.1[4]
L1election5 choo1e one of5 re1tricti2e. #er<i11i2e. La11i"n<ent5 other #ro#ertMM 3efault 2alue1 for the
1ecurit attribute1 $U1er attribute U1er attribute U1er attribute U1er attribute1 11 1 of of of of ): N #rint ): N #rint ): N #rint ): N #rint file file file file% that are u1e3 to enforce the SAB/
L1election5 choo1e one of5 re1tricti2e. #er<i11i2e. La11i"n<ent5 other #ro#ertMM 5
La11i"n<ent5 other #ro#ertM5 La11i"n<ent5 other #ro#ertM5 La11i"n<ent5 other #ro#ertM5 La11i"n<ent5 other #ro#ertM5 Shall be Shall be Shall be Shall be eIual to eIual to eIual to eIual to the 2alue the 2alue the 2alue the 2alue1 11 1 of the u1er attribute1 of the u1er of the u1er attribute1 of the u1er of the u1er attribute1 of the u1er of the u1er attribute1 of the u1er who who who who
1tore1 1tore1 1tore1 1tore1 that that that that ): N #rint ): N #rint ): N #rint ): N #rint file file file file/ / / /
): N #rint ): N #rint ): N #rint ): N #rint file file file file acce11 control acce11 control acce11 control acce11 control
FMT_MSA.3.2[4]
!he !SA 1hall allow the La11i"n<ent5 the authori1e3 i3entifie3 role1M to 1#ecif alternati2e initial
(one (one (one (one

FMT_MTD.1[1] Mana"e<ent Mana"e<ent Mana"e<ent Mana"e<ent of of of of !SA !SA !SA !SA 3ata 3ata 3ata 3ata
FMT_MTD.1.1[1]
$ $$ $When When When When the the the the L<achine L<achine L<achine L<achine authenticationM authenticationM authenticationM authenticationM i1 i1 i1 i1 1electe3 1electe3 1electe3 1electe3 a1 a1 a1 a1 the the the the U1er U1er U1er U1er authentication authentication authentication authentication <etho3 <etho3 <etho3 <etho3% %% % !he !SA 1hall
re1trict the abilit to L1election5 chan"eS3efault. Iuer. <o3if. 3elete. clear. La11i"n<ent5 other
o#eration1MM the La11i"n<ent5 li1t of !SA 3ataM to La11i"n<ent5 the authorize3 i3entifie3 role1M/
La11i"n<ent5 li1t of !SA 3ataM 5
U1er U1er U1er U1er # ## #a11wor3 a11wor3 a11wor3 a11wor3
L1election5 chan"eS3efault. Iuer. <o3if. 3elete. clear. La11i"n<ent5 other o#eration1MM 5
La11i"n<ent5 La11i"n<ent5 La11i"n<ent5 La11i"n<ent5 other other other other o#eration1 o#eration1 o#eration1 o#eration1M MM M 5 55 5 0e"i1tration 0e"i1tration 0e"i1tration 0e"i1tration

FMT_MTD.1.1[2]
$ $$ $When When When When the the the the L<achine L<achine L<achine L<achine authenticationM authenticationM authenticationM authenticationM i1 i1 i1 i1 1electe3 1electe3 1electe3 1electe3 a1 a1 a1 a1 the the the the U1er U1er U1er U1er authentication authentication authentication authentication <etho3 <etho3 <etho3 <etho3% %% % !he !SA 1hall
re1trict the abilit to L1election5 chan"eS3efault. Iuer. <o3if. 3elete. clear. La11i"n<ent5 other
o#eration1MM the La11i"n<ent5 li1t of !SA 3ataM to La11i"n<ent5 the authorize3 i3entifie3 role1M/
U1er U1er U1er U1erJ JJ J1 11 1 own own own own u1er u1er u1er u1er #a11wor3 #a11wor3 #a11wor3 #a11wor3
<o3if <o3if <o3if <o3if

FMT_MTD.1.1[3]
!he !SA 1hall re1trict the abilit to L1election5 chan"eS3efault. Iuer. <o3if. 3elete. clear. La11i"n<ent5
other o#eration1MM the La11i"n<ent5 li1t of !SA 3ataM to La11i"n<ent5 the authorize3 i3entifie3 role1M/

58 / 112
- -- - U1er U1er U1er U1er ): ): ): ):
- -- - Account Account Account Account ): ): ): ):
- -- - Account Account Account Account #a11wor3 #a11wor3 #a11wor3 #a11wor3
- -- - Secure Secure Secure Secure #rint #rint #rint #rint #a11wor3 #a11wor3 #a11wor3 #a11wor3
- -- - Banel Banel Banel Banel auto auto auto auto lo" lo" lo" lo"- -- -off off off off ti<e ti<e ti<e ti<e
- -- - !hre1hol3 !hre1hol3 !hre1hol3 !hre1hol3 (u<ber (u<ber (u<ber (u<ber of of of of authentication authentication authentication authentication failure failure failure failure
- -- - ,@ternal ,@ternal ,@ternal ,@ternal 1er2er 1er2er 1er2er 1er2er authentication authentication authentication authentication 1ettin" 1ettin" 1ettin" 1ettin" 3ata 3ata 3ata 3ata
- -- - S/ S/ S/ S/M)M, M)M, M)M, M)M, certificate certificate certificate certificate
= == =

- -- - +elon"in" +elon"in" +elon"in" +elon"in" Account Account Account Account of of of of U1er U1er U1er U1er
- -- - 0e 0e 0e 0elea1e ti<e of lea1e ti<e of lea1e ti<e of lea1e ti<e of o#eration #rohibition for o#eration #rohibition for o#eration #rohibition for o#eration #rohibition for A3<ini1trator A3<ini1trator A3<ini1trator A3<ini1trator authentication authentication authentication authentication
- -- - ,ncr#tion ,ncr#tion ,ncr#tion ,ncr#tion #a11#hra1e #a11#hra1e #a11#hra1e #a11#hra1e
- -- - S(MB S(MB S(MB S(MB #a11wor3 #a11wor3 #a11wor3 #a11wor3
- -- - !S) !S) !S) !S) recei2in" recei2in" recei2in" recei2in" 1ettin" 1ettin" 1ettin" 1ettin" 3ata 3ata 3ata 3ata
- -- - Web:A4 1er2er #a11wor3 Web:A4 1er2er #a11wor3 Web:A4 1er2er #a11wor3 Web:A4 1er2er #a11wor3

FMT_MTD.1.1[4]
U1er U1er U1er U1er bo@ bo@ bo@ bo@ #a11wor3 #a11wor3 #a11wor3 #a11wor3 of of of of th th th the ee e rele2ant rele2ant rele2ant rele2ant u1er u1er u1er u1er bo@ bo@ bo@ bo@
- -- - U1er U1er U1er U1er who who who who i1 i1 i1 i1 #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to u1e u1e u1e u1e that that that that #ublic #ublic #ublic #ublic u1er u1er u1er u1er bo@ bo@ bo@ bo@
:e#en3encie1 5 AM!SSMA/1 $AM!SSMA/1% . AM!SSM0/1 $AM!SSM0/1L2M. AM!SSM0/1LFM%

FMT_MTD.1.1[5]
U1er U1er U1er U1er bo@ bo@ bo@ bo@ #a11wor3 #a11wor3 #a11wor3 #a11wor3
L LL La11i"n<ent5 a11i"n<ent5 a11i"n<ent5 a11i"n<ent5 other other other other o#eration1 o#eration1 o#eration1 o#eration1M MM M 5 55 5 0e"i1tration 0e"i1tration 0e"i1tration 0e"i1tration

9
)t inten31 the o#eration of re#lacin" a 1ettable 3i"ital certificate for each u1er in 1tea3 of the <o3ification of the
2alue it1elf/

59 / 112
FMT_MTD.1.1[6]
A3<ini1trator A3<ini1trator A3<ini1trator A3<ini1trator #a11wor3 #a11wor3 #a11wor3 #a11wor3
- -- - Ser2ice Ser2ice Ser2ice Ser2ice , ,, ,n"ineer n"ineer n"ineer n"ineer

FMT_MTD.1.1[7]
- -- - U1er U1er U1er U1er #a11wor3 #a11wor3 #a11wor3 #a11wor3
- -- - U1er U1er U1er U1er bo@ bo@ bo@ bo@ #a11wor3 #a11wor3 #a11wor3 #a11wor3
- -- - Se Se Se Secure #rint #a11wor3 cure #rint #a11wor3 cure #rint #a11wor3 cure #rint #a11wor3
Iuer Iuer Iuer Iuer

FMT_MTD.1.1[8]
Secure Secure Secure Secure #rint #rint #rint #rint #a11wor3 #a11wor3 #a11wor3 #a11wor3
La11i"n<ent5 La11i"n<ent5 La11i"n<ent5 La11i"n<ent5 other other other other o#er o#er o#er o#eration1M ation1M ation1M ation1M 5 55 5 0e"i1tration 0e"i1tration 0e"i1tration 0e"i1tration
U1er U1er U1er U1er

FMT_MTD.1.1[9]
- -- - C, C, C, C, #a11wor3 #a11wor3 #a11wor3 #a11wor3

60 / 112
- -- - 0e 0e 0e 0elea1e ti<e of lea1e ti<e of lea1e ti<e of lea1e ti<e of o#eration #rohibition for o#eration #rohibition for o#eration #rohibition for o#eration #rohibition for C, C, C, C, authentication authentication authentication authentication
Ser2ice Ser2ice Ser2ice Ser2ice ,n"ineer ,n"ineer ,n"ineer ,n"ineer

FMT_MTD.1.1[10]
U1er U1er U1er U1er ): ): ): ):
La11i"n<ent5 La11i"n<ent5 La11i"n<ent5 La11i"n<ent5 other other other other o#eration1M o#eration1M o#eration1M o#eration1M 5 55 5 0e"i1tration 0e"i1tration 0e"i1tration 0e"i1tration
A3<ini1trator. A3<ini1trator. A3<ini1trator. A3<ini1trator. ,@ternal ,@ternal ,@ternal ,@ternal 1er2er 1er2er 1er2er 1er2er

FMT_MTD.1[11] Mana"e<e Mana"e<e Mana"e<e Mana"e<ent nt nt nt of of of of !SA !SA !SA !SA 3ata 3ata 3ata 3ata
FMT_MTD.1.1[11]
- -- - S/M)M, S/M)M, S/M)M, S/M)M, certificate certificate certificate certificate
- -- - :ata of !S) rece#tion 1ettin" :ata of !S) rece#tion 1ettin" :ata of !S) rece#tion 1ettin" :ata of !S) rece#tion 1ettin"
- -- - :ata of e@ternal 1er2er authentication 1ettin" :ata of e@ternal 1er2er authentication 1ettin" :ata of e@ternal 1er2er authentication 1ettin" :ata of e@ternal 1er2er authentication 1ettin"

FMT_MTD.1.1[12]
+elon"in" +elon"in" +elon"in" +elon"in" Account Account Account Account of of of of a aa a u1er u1er u1er u1er one1elf one1elf one1elf one1elf
La11i"n<ent5 the authorize3 i3entifie3 role1M5
A3<ini1tra A3<ini1tra A3<ini1tra A3<ini1trator. tor. tor. tor. the the the the u1er u1er u1er u1er who who who who i1 i1 i1 i1 #er<itte3 #er<itte3 #er<itte3 #er<itte3 to to to to u1e u1e u1e u1e of of of of the the the the account account account account
10 10 10 10


10
A u1er who i1nJt relate3 with an account na<e. an3 who wa1 infor<e3 of the account #a11wor3 for the account
): fro< the a3<ini1trator off-line/

61 / 112

FMT_MTD.1[13] Mana"e<ent of !SA 3ata Mana"e<ent of !SA 3ata Mana"e<ent of !SA 3ata Mana"e<ent of !SA 3ata
FMT_MTD.1.1[13]
U UU U1er ): 1er ): 1er ): 1er ):
Account ): Account ): Account ): Account ):
La11i"n<ent5 other o#eration1M 5 Bau1e an3 re1u<e La11i"n<ent5 other o#eration1M 5 Bau1e an3 re1u<e La11i"n<ent5 other o#eration1M 5 Bau1e an3 re1u<e La11i"n<ent5 other o#eration1M 5 Bau1e an3 re1u<e
La11i"n<ent5 the authorize3 i3entifie3 role1M5

FMT_SMF.1 S#ecification S#ecification S#ecification S#ecification of of of of Mana"e<ent Mana"e<ent Mana"e<ent Mana"e<ent Aunction1 Aunction1 Aunction1 Aunction1
FMT_SMF.1.1
!he !SA 1hall be ca#able of #erfor<in" the followin" <ana"e<ent function15 La11i"n<ent5 li1t of
<ana"e<ent function1 to be #ro2i3e3 b the !SAM/
La11i"n<ent5 li1t of <ana"e<ent function1 to be #ro2i3e3 b the !SAM 5
- -- - Sto# Sto# Sto# Sto# A AA Aunction unction unction unction of of of of ,nhance3 ,nhance3 ,nhance3 ,nhance3 1ecurit 1ecurit 1ecurit 1ecurit function function function function b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
- -- - '#eration 1etu# function of '#eration 1etu# function of '#eration 1etu# function of '#eration 1etu# function of ): N #rint ): N #rint ): N #rint ): N #rint function b a3<ini1trator function b a3<ini1trator function b a3<ini1trator function b a3<ini1trator
- -- - '#eration '#eration '#eration '#eration Metho3 Metho3 Metho3 Metho3 S SS Settin" ettin" ettin" ettin" A AA Aunction unction unction unction of of of of U1er U1er U1er U1er Authentication Authentication Authentication Authentication Aunction Aunction Aunction Aunction b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
- -- - '#eration '#eration '#eration '#eration Metho3 Metho3 Metho3 Metho3 Settin" Settin" Settin" Settin" Aunction Aunction Aunction Aunction of of of of Account Account Account Account Authentication Authentication Authentication Authentication Aunction Aunction Aunction Aunction b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
- -- - '#eration '#eration '#eration '#eration Settin" Settin" Settin" Settin" Aunction Aunction Aunction Aunction of of of of S(MB S(MB S(MB S(MB #a11wor3 #a11wor3 #a11wor3 #a11wor3 authentication authentication authentication authentication function function function function b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
- -- - Settin" Settin" Settin" Settin" function function function function of of of of a aa authentication uthentication uthentication uthentication failure failure failure failure freIuenc freIuenc freIuenc freIuenc thre1hol3 thre1hol3 thre1hol3 thre1hol3 b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator in in in in the the the the authentication authentication authentication authentication
o#eration o#eration o#eration o#eration #rohibition #rohibition #rohibition #rohibition function function function function
- -- - +ac;u# +ac;u# +ac;u# +ac;u# Aunction Aunction Aunction Aunction b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
11 11 11 11

- -- - 0e1tor 0e1tor 0e1tor 0e1toration ation ation ation Aunction Aunction Aunction Aunction b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
12 12 12 12

- -- - 0e"i1tration 0e"i1tration 0e"i1tration 0e"i1tration function function function function of of of of account account account account ): ): ): ): b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
- -- - Mo3ific Mo3ific Mo3ific Mo3ification ation ation ation function function function function of of of of account account account account ): ): ): ): b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
- -- - 0e"i1tration 0e"i1tration 0e"i1tration 0e"i1tration function function function function of of of of account account account account #a11wor3 #a11wor3 #a11wor3 #a11wor3 b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of account account account account #a11wor3 #a11wor3 #a11wor3 #a11wor3 b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
- -- - Banel Banel Banel Banel Auto Auto Auto Auto *o" *o" *o" *o"- -- -off off off off !i<e !i<e !i<e !i<e Settin" Settin" Settin" Settin" Aunction Aunction Aunction Aunction b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of a aa a3<ini1trator 3<ini1trator 3<ini1trator 3<ini1trator #a11wor3 #a11wor3 #a11wor3 #a11wor3 b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of S(MB S(MB S(MB S(MB #a11wor3 #a11wor3 #a11wor3 #a11wor3 b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
- -- - 0e"i1tration 0e"i1tration 0e"i1tration 0e"i1tration function function function function of of of of u1er u1er u1er u1er bo@ bo@ bo@ bo@ #a11wor3 #a11wor3 #a11wor3 #a11wor3 b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of u1er u1er u1er u1er bo@ bo@ bo@ bo@ #a11wor3 #a11wor3 #a11wor3 #a11wor3 b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
- -- - Mo3ification function of Web:A4 Mo3ification function of Web:A4 Mo3ification function of Web:A4 Mo3ification function of Web:A4 1er2er #a11wor3 b 1er2er #a11wor3 b 1er2er #a11wor3 b 1er2er #a11wor3 b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
- -- - 0e"i1tration function of u1er bo@ b a3<ini1trator 0e"i1tration function of u1er bo@ b a3<ini1trator 0e"i1tration function of u1er bo@ b a3<ini1trator 0e"i1tration function of u1er bo@ b a3<ini1trator
- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of u1er u1er u1er u1er attribute attribute attribute attribute1 11 1 of of of of the the the the u1er u1er u1er u1er bo@ bo@ bo@ bo@ b b b b the the the the a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
- -- - 0e"i1tration 0e"i1tration 0e"i1tration 0e"i1tration function function function function of of of of u1er u1er u1er u1er ): ): ): ): b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
- -- - Sto# Sto# Sto# Sto# function of u1er b a3<ini1 function of u1er b a3<ini1 function of u1er b a3<ini1 function of u1er b a3<ini1trator trator trator trator
- -- - 0e1u<e function of u1er b a3<ini1trator 0e1u<e function of u1er b a3<ini1trator 0e1u<e function of u1er b a3<ini1trator 0e1u<e function of u1er b a3<ini1trator
- -- - Sto# Sto# Sto# Sto# function of account b a3<ini1trator function of account b a3<ini1trator function of account b a3<ini1trator function of account b a3<ini1trator
- -- - 0e1u<e function of account b a3<ini1trator 0e1u<e function of account b a3<ini1trator 0e1u<e function of account b a3<ini1trator 0e1u<e function of account b a3<ini1trator
- -- - 0e"i1tration 0e"i1tration 0e"i1tration 0e"i1tration function function function function of of of of u1er u1er u1er u1er #a11wor3 #a11wor3 #a11wor3 #a11wor3 when when when when <etho3 <etho3 <etho3 <etho3 of of of of u1er u1er u1er u1er authentication authentication authentication authentication b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator i1 i1 i1 i1
<achine <achine <achine <achine authenticati authenticati authenticati authentication on on on
- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of u1er u1er u1er u1er #a11wor3 #a11wor3 #a11wor3 #a11wor3 when when when when <etho3 <etho3 <etho3 <etho3 of of of of u1er u1er u1er u1er authentication authentication authentication authentication b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator i1 i1 i1 i1
<achine <achine <achine <achine authentication authentication authentication authentication

11
A #art of the bac;u# function corre1#on31 to the inIuir function of !SA 3ata/
12
A #art of the re1toration function corre1#on31 to the <o3ification function of !SA 3ata/

62 / 112
- -- - 0e"i1tration 0e"i1tration 0e"i1tration 0e"i1tration function function function function of of of of S/M)M, S/M)M, S/M)M, S/M)M, certificate certificate certificate certificate b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
- -- - 0e"i1tration 0e"i1tration 0e"i1tration 0e"i1tration <o3ification <o3ification <o3ification <o3ification function function function function of of of of S/M)M, S/M)M, S/M)M, S/M)M, certificate certificate certificate certificate b b b b a3<ini1t a3<ini1t a3<ini1t a3<ini1trator rator rator rator
- -- - '#eration '#eration '#eration '#eration 1ettin" 1ettin" 1ettin" 1ettin" function function function function of of of of S/M)M, S/M)M, S/M)M, S/M)M, function function function function b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
- -- - '#eration '#eration '#eration '#eration 1ettin" 1ettin" 1ettin" 1ettin" function function function function of of of of !ru1te3 !ru1te3 !ru1te3 !ru1te3 Channel Channel Channel Channel function function function function b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
- -- - 0e"i1tration 0e"i1tration 0e"i1tration 0e"i1tration function function function function of of of of +elon"in" +elon"in" +elon"in" +elon"in" Account Account Account Account of of of of u1er u1er u1er u1er b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of +elon"in" +elon"in" +elon"in" +elon"in" Acco Acco Acco Account unt unt unt of of of of u1er u1er u1er u1er b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of 0elea1e ti<e of 0elea1e ti<e of 0elea1e ti<e of 0elea1e ti<e of o#eration #rohibition for o#eration #rohibition for o#eration #rohibition for o#eration #rohibition for A3<ini1trator A3<ini1trator A3<ini1trator A3<ini1trator authentication authentication authentication authentication b b b b
a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of ,ncr#tion ,ncr#tion ,ncr#tion ,ncr#tion #a11#hra1e #a11#hra1e #a11#hra1e #a11#hra1e b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of !S) !S) !S) !S) recei2in" recei2in" recei2in" recei2in" 1ett 1ett 1ett 1ettin" in" in" in" 3ata 3ata 3ata 3ata b b b b a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator
- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of C, C, C, C, #a11wor3 #a11wor3 #a11wor3 #a11wor3 b b b b 1er2ice 1er2ice 1er2ice 1er2ice en"ineer en"ineer en"ineer en"ineer
- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator #a11wor3 #a11wor3 #a11wor3 #a11wor3 b b b b 1er2ice 1er2ice 1er2ice 1er2ice en"ineer en"ineer en"ineer en"ineer
- -- - Sto# Sto# Sto# Sto# function function function function of of of of ,nhance3 ,nhance3 ,nhance3 ,nhance3 Securit Securit Securit Securit function function function function b b b b 1er2ice 1er2ice 1er2ice 1er2ice en"ineer en"ineer en"ineer en"ineer
- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of 0elea1e 0elea1e 0elea1e 0elea1e ti<e of ti<e of ti<e of ti<e of o#eration #rohibition for o#eration #rohibition for o#eration #rohibition for o#eration #rohibition for C, C, C, C, authentication authentication authentication authentication b b b b 1er2ice 1er2ice 1er2ice 1er2ice
en"ineer en"ineer en"ineer en"ineer
- -- - '2erwrite '2erwrite '2erwrite '2erwrite function function function function for for for for the the the the 3efault 3efault 3efault 3efault 2alue 2alue 2alue 2alue of of of of the the the the u1er u1er u1er u1er attribute attribute attribute attribute of of of of the the the the u1er u1er u1er u1er bo@ bo@ bo@ bo@ b b b b the the the the u1er/ u1er/ u1er/ u1er/
- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of u1er u1er u1er u1er #a11wor3 #a11wor3 #a11wor3 #a11wor3 when when when when <etho3 <etho3 <etho3 <etho3 of of of of u1er u1er u1er u1er authentication authentication authentication authentication i1 i1 i1 i1 <achine <achine <achine <achine
a aa authentication uthentication uthentication uthentication b b b b u1er u1er u1er u1er
- -- - 0e"i1tration 0e"i1tration 0e"i1tration 0e"i1tration function function function function of of of of u1er u1er u1er u1er bo@ bo@ bo@ bo@ #a11wor3 #a11wor3 #a11wor3 #a11wor3 b b b b u1er u1er u1er u1er
- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of u1er u1er u1er u1er attribute attribute attribute attribute of of of of u1er u1er u1er u1er bo@ bo@ bo@ bo@ b b b b u1er u1er u1er u1er
- -- - 0e"i1tration 0e"i1tration 0e"i1tration 0e"i1tration function function function function of of of of +elon"in" +elon"in" +elon"in" +elon"in" Account Account Account Account of of of of u1er u1er u1er u1er one1elf one1elf one1elf one1elf b b b b u1er u1er u1er u1er who who who who i1 i1 i1 i1 #er<itte3 #er<itte3 #er<itte3 #er<itte3 the the the the u1e u1e u1e u1e of of of of the the the the
account account account account
- -- - U1er U1er U1er U1er bo@ bo@ bo@ bo@ re"i1tration re"i1tration re"i1tration re"i1tration function function function function b b b b u1er u1er u1er u1er
- -- - Auto<atic Auto<atic Auto<atic Auto<atic B BB Ber1onal er1onal er1onal er1onal u1er u1er u1er u1er bo@ bo@ bo@ bo@ re"i1tration re"i1tration re"i1tration re"i1tration function function function function b b b b u1er u1er u1er u1er bo@ bo@ bo@ bo@ 1tore3 1tore3 1tore3 1tore3 Hob Hob Hob Hob that that that that 1#ecifie1 1#ecifie1 1#ecifie1 1#ecifie1 unre"i1tere3 unre"i1tere3 unre"i1tere3 unre"i1tere3
bo@ bo@ bo@ bo@ b b b b u1er u1er u1er u1er
- -- - Ma Ma Ma Machine chine chine chine non non non non- -- -re"i1tere3 re"i1tere3 re"i1tere3 re"i1tere3 u1er1 u1er1 u1er1 u1er1J JJ J u1er u1er u1er u1er ): ): ): ): auto<atic auto<atic auto<atic auto<atic re"i1tration re"i1tration re"i1tration re"i1tration function function function function with with with with e@ternal e@ternal e@ternal e@ternal 1er2er 1er2er 1er2er 1er2er when when when when
u1er u1er u1er u1er authe authe authe authentic ntic ntic ntication ation ation ation <etho3 <etho3 <etho3 <etho3 i1 i1 i1 i1 e@ternal e@ternal e@ternal e@ternal 1er2er 1er2er 1er2er 1er2er authentication authentication authentication authentication
- -- - 0e"i1tration 0e"i1tration 0e"i1tration 0e"i1tration function function function function of of of of 1ecure 1ecure 1ecure 1ecure #rint #rint #rint #rint #a11wor3 #a11wor3 #a11wor3 #a11wor3 accor3in" accor3in" accor3in" accor3in" to to to to 1ecure 1ecure 1ecure 1ecure #rint #rint #rint #rint file file file file re"i1tration re"i1tration re"i1tration re"i1tration b b b b u1er u1er u1er u1er
- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of u1er u1er u1er u1er attribute attribute attribute attribute of of of of u1er u1er u1er u1er bo@ bo@ bo@ bo@ b b b b u1er u1er u1er u1er who who who who i1 i1 i1 i1 #er<itte3 #er<itte3 #er<itte3 #er<itte3 the the the the u1e u1e u1e u1e of of of of #ublic #ublic #ublic #ublic u1er u1er u1er u1er b bb bo@ o@ o@ o@
- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of u1er u1er u1er u1er bo@ bo@ bo@ bo@ #a11wor3 #a11wor3 #a11wor3 #a11wor3 of of of of the the the the u1er u1er u1er u1er bo@ bo@ bo@ bo@ b b b b u1er u1er u1er u1er who who who who i1 i1 i1 i1 #er<itte3 #er<itte3 #er<itte3 #er<itte3 the the the the u1e u1e u1e u1e of of of of #ublic #ublic #ublic #ublic
u1er u1er u1er u1er bo@ bo@ bo@ bo@
- -- - Mo3ification Mo3ification Mo3ification Mo3ification function function function function of of of of the the the the concerne3 concerne3 concerne3 concerne3 u1er u1er u1er u1er bo@ bo@ bo@ bo@J JJ J1 11 1 u1er u1er u1er u1er attribute attribute attribute attribute b b b b u1er u1er u1er u1er who who who who i1 i1 i1 i1 #er<itte3 #er<itte3 #er<itte3 #er<itte3 the the the the u1e u1e u1e u1e of of of of
the the the the "rou# "rou# "rou# "rou# bo@ bo@ bo@ bo@

FMT_SMR.1[1] Securit Securit Securit Securit role1 role1 role1 role1
FMT_SMR.1.1[1]
!he !SA 1hall <aintain the role1 La11i"n<ent5 the authori1e3 i3entifie3 role1M/
La11i"n<ent5 the authori1e3 i3entifie3 role1M 5
Ser2ice Ser2ice Ser2ice Ser2ice ,n"ineer ,n"ineer ,n"ineer ,n"ineer
FMT_SMR.1.2[1]
!he !SA 1hall be able to a11ociate u1er1 with role1/

FMT_SMR.1.1[2]
FMT_SMR.1.2[2]

63 / 112

FMT_SMR.1.1[3]
U UU U1er 1er 1er 1er
FMT_SMR.1.2[3]

FMT_SMR.1.1[4]
U1er U1er U1er U1er who who who who i1 i1 i1 i1 authorize3 authorize3 authorize3 authorize3 to to to to u1e u1e u1e u1e that that that that #ublic #ublic #ublic #ublic u1er u1er u1er u1er bo@ bo@ bo@ bo@
FMT_SMR.1.2[4]

FMT_SMR.1.1[5]
,@ternal ,@ternal ,@ternal ,@ternal 1er2er 1er2er 1er2er 1er2er
FMT_SMR.1.2[5]
:e#en3encie1 5 A)ASU):/1 $A)ASU):/2LRM%

FMT_SMR.1.1[6]
! !! !he he he he u1er u1er u1er u1er who who who who i1 i1 i1 i1 #er<i #er<i #er<i #er<itte3 tte3 tte3 tte3 to to to to u1e u1e u1e u1e of of of of the the the the account account account account
FMT_SMR.1.2[6]

6/1/1/5/ 6/1/1/5/ 6/1/1/5/ 6/1/1/5/ !', Acce11

FTA_SSL.3 !SA !SA !SA !SA- -- -initiate3 initiate3 initiate3 initiate3 ter<ination ter<ination ter<ination ter<ination
FTA_SSL.3.1
!he !SA 1hall ter<inate an interacti2e 1e11ion after a La11i"n<ent5 ti<e inter2al of u1er inacti2itM/
La11i"n<ent5 ti<e inter2al of u1er inacti2itM 5

64 / 112
!i<e !i<e !i<e !i<e 3eci3e3 3eci3e3 3eci3e3 3eci3e3 fro< fro< fro< fro< the the the the final final final final o#eration o#eration o#eration o#eration 3e#en3in" 3e#en3in" 3e#en3in" 3e#en3in" on on on on the the the the #anel #anel #anel #anel auto auto auto auto lo"off lo"off lo"off lo"off ti<e ti<e ti<e ti<e $1 $1 $1 $1- -- -= == = <inute/1% <inute/1% <inute/1% <inute/1% while while while while a aa a
a3<in a3<in a3<in a3<ini1trator i1trator i1trator i1trator or or or or a aa a u1er u1er u1er u1er i1 i1 i1 i1 o#eratin" o#eratin" o#eratin" o#eratin" on on on on the the the the #anel #anel #anel #anel

6/1/1/6/ 6/1/1/6/ 6/1/1/6/ 6/1/1/6/ !ru1te3 Ba11/Channel

FTP_ITC.1 )nter )nter )nter )nter- -- -!SA !SA !SA !SA tru1te3 tru1te3 tru1te3 tru1te3 channel channel channel channel
FTP_ITC.1.1
!he !SA 1hall #ro2i3e a co<<unication channel between it1elf an3 another tru1te3 )! #ro3uct that i1
lo"icall 3i1tinct fro< other co<<unication channel1 an3 #ro2i3e1 a11ure3 i3entification of it1 en3
#oint1 an3 #rotection of the channel 3ata fro< <o3ification or 3i1clo1ure/
FTP_ITC.1.2
!he !SA 1hall #er<it L1election5 the !SA. another tru1te3 )! #ro3uctM to initiate co<<unication 2ia the
tru1te3 channel/

L1election 5 the !SA. another tru1te3 )! #ro3uctM
!he !he !he !he other other other other tru1te3 tru1te3 tru1te3 tru1te3 )! )! )! )! #ro3uct #ro3uct #ro3uct #ro3uct
FTP_ITC.1.3
!he !SA 1hall initiate co<<unication 2ia the tru1te3 channel for La11i"n<ent5 li1t of function1 for which
a tru1te3 channel i1 reIuire3M/

La11i"n<ent 5 li1t of function1 for which a tru1te3 channel i1 reIuire3M
- -- - :ownloa3 :ownloa3 :ownloa3 :ownloa3 of of of of the the the the u1er u1er u1er u1er bo@ bo@ bo@ bo@ file/ file/ file/ file/
- -- - U#loa3 U#loa3 U#loa3 U#loa3 of of of of the the the the i<a"e i<a"e i<a"e i<a"e file file file file that that that that will will will will be be be be 1tore3 1tore3 1tore3 1tore3 a1 a1 a1 a1 a aa a u1er u1er u1er u1er bo@ bo@ bo@ bo@ file/ file/ file/ file/
- -- - U UU U#loa3 #loa3 #loa3 #loa3 of of of of the the the the i<a"e i<a"e i<a"e i<a"e file file file file that that that that will will will will be be be be the the the the 1ecure 1ecure 1ecure 1ecure #rint #rint #rint #rint file/ file/ file/ file/
- -- - U#loa3 of the i<a"e file that will be the ): N Brint file/ U#loa3 of the i<a"e file that will be the ): N Brint file/ U#loa3 of the i<a"e file that will be the ): N Brint file/ U#loa3 of the i<a"e file that will be the ): N Brint file/

6/1/1/R/ 6/1/1/R/ 6/1/1/R/ 6/1/1/R/ ,@ten1ion5 0e<ainin" All )nfor<ation Brotection

FAD_RIP.1 Brotection of all re<ai Brotection of all re<ai Brotection of all re<ai Brotection of all re<aini ni ni nin" infor<ation after e@#licit 3eletion o#eration n" infor<ation after e@#licit 3eletion o#eration n" infor<ation after e@#licit 3eletion o#eration n" infor<ation after e@#licit 3eletion o#eration
FAD_RIP.1.1
!SA 1hall en1ure that the content of the infor<ation allocate3 to 1ource before 1hall not be a2ailable
after the e@#licit 3eletion o#eration a"ain1t the obHect an3 !SA 3ata/5 La11i"n<ent5 li1t of obHect an3 li1t
of !SA 3ataM
La11i"n<ent 5 *i1t of obHect an3 li1t of !SA 3ataM 5
8 88 8'bHect1 'bHect1 'bHect1 'bHect19 99 9
- -- - U1er U1er U1er U1er +o@ +o@ +o@ +o@ file file file file
- -- - Secure Secure Secure Secure #rint #rint #rint #rint file file file file
- -- - ): N #rint ): N #rint ): N #rint ): N #rint file file file file
- -- - 'n 'n 'n 'n- -- -<e< <e< <e< <e<o oo or r r r i<a"e i<a"e i<a"e i<a"e file file file file
- -- - Store3 Store3 Store3 Store3 i<a"e i<a"e i<a"e i<a"e file file file file
- -- - -:: r -:: r -:: r -:: re<ainin" e<ainin" e<ainin" e<ainin" i<a"e i<a"e i<a"e i<a"e file file file file
- -- - ) )) )<a"e <a"e <a"e <a"e- -- -relate3 relate3 relate3 relate3 file file file file
- -- - !ran1<i11ion !ran1<i11ion !ran1<i11ion !ran1<i11ion a33re11 a33re11 a33re11 a33re11 3ata 3ata 3ata 3ata file file file file
8 88 8!SA !SA !SA !SA 3ata 3ata 3ata 3ata9 99 9
- -- - ,ncr#tion ,ncr#tion ,ncr#tion ,ncr#tion #a11#hra1e #a11#hra1e #a11#hra1e #a11#hra1e
- -- - A3<ini1trator A3<ini1trator A3<ini1trator A3<ini1trator #a11wor3 #a11wor3 #a11wor3 #a11wor3
- -- - U1er U1er U1er U1er ): ): ): ):
- -- - U1er U1er U1er U1er #a11wor3 #a11wor3 #a11wor3 #a11wor3

65 / 112
- -- - U1er U1er U1er U1er +o@ +o@ +o@ +o@ #a11wor3 #a11wor3 #a11wor3 #a11wor3
- -- - Secure Secure Secure Secure #rint #rint #rint #rint #a11wor3 #a11wor3 #a11wor3 #a11wor3
- -- - S/M)M, S/M)M, S/M)M, S/M)M, certificate certificate certificate certificate
- -- - SS* certificate SS* certificate SS* certificate SS* certificate

6/1/1/7/ 6/1/1/7/ 6/1/1/7/ 6/1/1/7/ ,@ten1ion5 Ca#abilit of U1in" )! ,n2iron<ent ,ntit

FIT_CAP.1[1] Ca#abilit Ca#abilit Ca#abilit Ca#abilit of of of of u1in" u1in" u1in" u1in" 1ecurit 1ecurit 1ecurit 1ecurit 1er2ice 1er2ice 1er2ice 1er2ice of of of of )! )! )! )! en2iron<ent en2iron<ent en2iron<ent en2iron<ent entit entit entit entit
FIT_CAP.1.1[1]
La11i"n<ent5 1ecurit 1er2ice #ro2i3e3 b )! en2iron<ent entitM 5
U1er U1er U1er U1er authentication authentication authentication authentication function function function function of of of of u1er u1er u1er u1er infor<ation infor<ation infor<ation infor<ation <ana"e<ent <ana"e<ent <ana"e<ent <ana"e<ent 1er2er 1er2er 1er2er 1er2er u1in" u1in" u1in" u1in" Acti2e :irector Acti2e :irector Acti2e :irector Acti2e :irector
La11i"n<ent5 nece11ar ca#abilit li1t for the o#eration of 1ecurit 1er2iceM 5
- -- - )nIuir )nIuir )nIuir )nIuir function function function function of of of of authentication authentication authentication authentication infor<atio infor<atio infor<atio infor<ation nn n for for for for the the the the i3entification i3entification i3entification i3entification an3 an3 an3 an3 authentication authentication authentication authentication tar"et tar"et tar"et tar"et u1er u1er u1er u1er
- -- - AcIuire<ent AcIuire<ent AcIuire<ent AcIuire<ent function function function function of of of of authentication authentication authentication authentication infor<ation infor<ation infor<ation infor<ation for for for for the the the the i3entification i3entification i3entification i3entification an3 an3 an3 an3 authentication authentication authentication authentication tar"et tar"et tar"et tar"et
u1er u1er u1er u1er

FIT_CAP.1[2] Ca#abilit Ca#abilit Ca#abilit Ca#abilit of of of of u1in" u1in" u1in" u1in" 1ecurit 1ecurit 1ecurit 1ecurit 1er2ice 1er2ice 1er2ice 1er2ice of of of of )! )! )! )! en2iron<ent en2iron<ent en2iron<ent en2iron<ent entit entit entit entit
FIT_CAP.1.1[2]
La11i"n<ent5 1ecurit 1er2ice #ro2i3e3 b )! en2iron<ent entitM 5
-:: e -:: e -:: e -:: encr#tion ncr#tion ncr#tion ncr#tion function function function function achie2e3 achie2e3 achie2e3 achie2e3 b b b b AS)C AS)C AS)C AS)C
La11i"n<ent5 nece11ar ca#abilit li1t for the o#eration of 1ecurit 1er2iceM 5
Su##ort Su##ort Su##ort Su##ort function function function function of the of the of the of the i ii i<a"e file <a"e file <a"e file <a"e file #roce11in" #roce11in" #roce11in" #roce11in" b b b b -:: -:: -:: -:: encr#tion encr#tion encr#tion encr#tion function function function function

6/1/2/ 6/1/2/ 6/1/2/ 6/1/2/ !', Securit A11urance 0eIuire<ent1

!he !', i1 a co<<ercial office #ro3uct that i1 u1e3 in a "eneral office en2iron<ent. an3
therefore a !', 1ecurit a11urance reIuire<ent that i1 reIuire3 for ,A*6 confor<ance. which
i1 a 1ufficient le2el a1 an a11urance for co<<ercial office #ro3uct1. i1 a##lie3/ !he followin" table
1u<<arize1 the a##lie3 !', 1ecurit a11urance reIuire<ent1/

! !! !able able able able 7 77 7 !', !', !', !', Securit Securit Securit Securit A11urance A11urance A11urance A11urance 0eIuire<ent1 0eIuire<ent1 0eIuire<ent1 0eIuire<ent1
!', Securit A11urance 0eIuire<ent1 Co<#onent
Securit architecture 3e1cri#tion A:4SA0C/1 A:45 :e2elo#<ent
Aunctional 1#ecification with co<#lete 1u<<ar A:4SASB/6

66 / 112
!', Securit A11urance 0eIuire<ent1 Co<#onent
Architectural 3e1i"n A:4S!:S/2
'#erational u1er "ui3ance AG:S'B,/1
AG:5 Gui3ance 3ocu<ent1
Bre#arati2e #roce3ure1 AG:SB0,/1
Authori1ation control1 A*CSCMC/6
)<#le<entation re#re1entation CM co2era"e A*CSCMS/6
:eli2er #roce3ure1 A*CS:,*1
)3entification of 1ecurit <ea1ure1 A*CS:4S/1
A*C5 *ife Ccle Su##ort
:e2elo#er 3efine3 life-ccle <o3el A*CS*C:/1
Confor<ance clai<1 AS,SCC*/1
,@ten3e3 co<#onent1 3efinition AS,S,C:/1
S! intro3uction AS,S)(!/1
Securit obHecti2e1 AS,S'+>/2
:eri2e3 1ecurit reIuire<ent1 AS,S0,T/2
Securit #roble< 3efinition AS,SSB:/1
AS,5 Securit !ar"et ,2aluation
!', 1u<<ar 1#ecification AS,S!SS/1
Anal1i1 of co2era"e A!,SC'4/2
!e1tin"5 ba1ic 3e1i"n A!,S:B!/1
Aunctional te1tin" A!,SAU(/1
A!,5 !e1t1
)n3e#en3ent te1tin" - 1a<#le A!,S)(:/2
A4A5 4ulnerabilit A11e11<ent
4ulnerabilit anal1i1 A4AS4A(/2

6/2/ 6/2/ 6/2/ 6/2/ )! Securit 0eIuire<ent1 0ationale

6/2/1/ 6/2/1/ 6/2/1/ 6/2/1/ 0ationale for )! Securit Aunctional 0eIuire<ent1

6/2/1/1/ 6/2/1/1/ 6/2/1/1/ 6/2/1/1/ (ece11it

!he corre1#on3ence between the 1ecurit obHecti2e1 an3 the )! 1ecurit functional
reIuire<ent1 are 1hown in the followin" table/ )t 1how1 that the )! 1ecurit functional
reIuire<ent1 corre1#on3 to at lea1t one 1ecurit obHecti2e/

!able !able !able !able = == = Confor<it Confor<it Confor<it Confor<it of of of of )! )! )! )! Securit Securit Securit Securit Aunctional Aunctional Aunctional Aunctional 0eIuire<ent1 0eIuire<ent1 0eIuire<ent1 0eIuire<ent1 to to to to Securit Securit Securit Securit 'bHecti2e1 'bHecti2e1 'bHecti2e1 'bHecti2e1
Securit 'bHecti2e1

Securit
Aunctional
0eIuire<ent1
O
.
R
E
G
I
S
T
E
R
E
D
-
U
S
E
R

O
.
P
R
I
V
A
T
E
-
B
O
X

O
.
P
U
B
L
I
C
-
B
O
X

O
.
G
R
O
U
P
-
B
O
X

O
.
S
E
C
U
R
E
-
P
R
I
N
T

O
.
C
O
N
F
I
G

O
.
O
V
E
R
W
R
I
T
E
-
A
L
L

O
.
C
R
Y
P
T
O
-
K
E
Y

O
.
T
R
U
S
T
E
D
-
P
A
S
S

O
.
C
R
Y
P
T
O
-
M
A
I
L

O
.
F
A
X
-
C
O
N
T
R
O
L

O
.
A
U
T
H
-
C
A
P
A
B
I
L
I
T
Y

O
.
C
R
Y
P
T
O
-
C
A
P
A
B
I
L
I
T
Y

*

s
e
t
.
a
d
m
i
n

*

s
e
t
.
s
e
r
v
i
c
e

set.admin X X X X X X
set.service X X X X X X

67 / 112
Securit 'bHecti2e1

Securit
Aunctional
0eIuire<ent1
O
.
R
E
G
I
S
T
E
R
E
D
-
U
S
E
R

O
.
P
R
I
V
A
T
E
-
B
O
X

O
.
P
U
B
L
I
C
-
B
O
X

O
.
G
R
O
U
P
-
B
O
X

O
.
S
E
C
U
R
E
-
P
R
I
N
T

O
.
C
O
N
F
I
G

O
.
O
V
E
R
W
R
I
T
E
-
A
L
L

O
.
C
R
Y
P
T
O
-
K
E
Y

O
.
T
R
U
S
T
E
D
-
P
A
S
S

O
.
C
R
Y
P
T
O
-
M
A
I
L

O
.
F
A
X
-
C
O
N
T
R
O
L

O
.
A
U
T
H
-
C
A
P
A
B
I
L
I
T
Y

O
.
C
R
Y
P
T
O
-
C
A
P
A
B
I
L
I
T
Y

*

s
e
t
.
a
d
m
i
n

*

s
e
t
.
s
e
r
v
i
c
e

FCS_CKM.1 X X
FCS_COP.1 X
FDP_ACC.1[1] X X X X
FDP_ACC.1[2] X X
FDP_ACC.1[3] X
FDP_ACC.1[4] X X
FDP_ACF.1[1] X X X X
FDP_ACF.1[2] X X
FDP_ACF.1[3] X
FDP_ACF.1[4] X X
FDP_IFC.1 X
FDP_IFF.1 X
FIA_AFL.1[1] X
FIA_AFL.1[2] X
FIA_AFL.1[3] X
FIA_AFL.1[4] X
FIA_AFL.1[5] X
FIA_AFL.1[6] X
FIA_AFL.1[7] X
FIA_AFL.1[8] X X X X X X
FIA_AFL.1[9] X
FIA_ATD.1 X X X X X
FIA_SOS.1[1] X X X X X X
FIA_SOS.1[2] X
FIA_SOS.1[3] X
FIA_SOS.1[4] X
FIA_SOS.1[5] X X X
FIA_SOS.2 X X X
FIA_UAU.2[1] X
FIA_UAU.2[2] X X
FIA_UAU.1[1] X
FIA_UAU.2[3] X
FIA_UAU.2[4] X
FIA_UAU.1[2] X
FIA_UAU.6 X X X X X
FIA_UAU.7 X X X X X X
FIA_UID.2[1] X
FIA_UID.2[2] X X
FIA_UID.2[3] X
FIA_UID.2[4] X
FIA_UID.2[5] X
FIA_UID.2[6] X
FIA_UID.2[7] X
FIA_USB.1 X X X X X
FMT_MOF.1[1] X
FMT_MOF.1[2] X X X
FMT_MOF.1[3] X X
FMT_MSA.1[1] X X
FMT_MSA.1[2] X X

68 / 112
Securit 'bHecti2e1

Securit
Aunctional
0eIuire<ent1
O
.
R
E
G
I
S
T
E
R
E
D
-
U
S
E
R

O
.
P
R
I
V
A
T
E
-
B
O
X

O
.
P
U
B
L
I
C
-
B
O
X

O
.
G
R
O
U
P
-
B
O
X

O
.
S
E
C
U
R
E
-
P
R
I
N
T

O
.
C
O
N
F
I
G

O
.
O
V
E
R
W
R
I
T
E
-
A
L
L

O
.
C
R
Y
P
T
O
-
K
E
Y

O
.
T
R
U
S
T
E
D
-
P
A
S
S

O
.
C
R
Y
P
T
O
-
M
A
I
L

O
.
F
A
X
-
C
O
N
T
R
O
L

O
.
A
U
T
H
-
C
A
P
A
B
I
L
I
T
Y

O
.
C
R
Y
P
T
O
-
C
A
P
A
B
I
L
I
T
Y

*

s
e
t
.
a
d
m
i
n

*

s
e
t
.
s
e
r
v
i
c
e

FMT_MSA.1[3] X X
FMT_MSA.3[1] X X
FMT_MSA.3[2] X
FMT_MSA.3[3] X X X
FMT_MSA.3[4] X
FMT_MTD.1[1] X
FMT_MTD.1[2] X X
FMT_MTD.1[3] X X X X X X X
FMT_MTD.1[4] X X
FMT_MTD.1[5] X
FMT_MTD.1[6] X
FMT_MTD.1[7] X
FMT_MTD.1[8] X
FMT_MTD.1[9] X
FMT_MTD.1[10] X
FMT_MTD.1[11] X X
FMT_MTD.1[12] X
FMT_MTD.1[13] X X
FMT_SMF.1 X X X X X X X X
FMT_SMR.1[1] X X X
FMT_SMR.1[2] X X X X X X X
FMT_SMR.1[3] X X X
FMT_SMR.1[4] X
FMT_SMR.1[5] X
FMT_SMR.1[6] X
FTA_SSL.3 X X
FTP_ITC.1 X
FAD_RIP.1 X
FIT_CAP.1[1] X
FIT_CAP.1[2] X

(ote% set.admin and set.service in3icate1 the 1et of the reIuire<ent1/ An3 the 1ecurit
obHecti2e1 a11u<e3 to ha2e the corre1#on3ence an3 #re1ente3 b DCD al1o corre1#on3 to a
1erie1 of reIuire<ent 1et a11ociate3 b K 1et/a3<in an3 K 1et/1er2ice 1hown in colu<n/

6/2/1/2/ 6/2/1/2/ 6/2/1/2/ 6/2/1/2/ Sufficienc

!he )! 1ecurit functional reIuire<ent1 for the 1ecurit obHecti2e1 are 3e1cribe3 a1 follow1/

'/0,G)S!,0,: '/0,G)S!,0,: '/0,G)S!,0,: '/0,G)S!,0,:- -- -US,0 US,0 US,0 US,0 $U1a"e $U1a"e $U1a"e $U1a"e of of of of a aa a #er<itte3 #er<itte3 #er<itte3 #er<itte3 u1er% u1er% u1er% u1er%
!hi1 1ecurit obHecti2e li<it1 the utilization of MAB in1tallin" !', to onl the u1er who
1uccee3e3 in i3entification an3 authentication. an3 nee31 2ariou1 reIuire<ent1 re"ar3in"

69 / 112
u1er i3entification an3 authentication/

8(ece11ar reIuire<ent for i3entification an3 authentication of the u1er9
)t i3entifie1 an3 authenticate1 that the u1er who acce11e1 i1 a #er<itte3 u1er b A)ASU):/2 L6M
an3 A)ASUAU/1 L1M/
A)ASUAU/R return1 DKD for each entere3 character a1 fee3bac; #rotecte3 b the #anel an3
1u##ort1 the authentication/
)n the ca1e of the failure authentication fro< the #anel. A)ASAA*/1 L7M refu1e1 all in#ut
acce#tance1 fro< the #anel for 5 1econ31 in e2er failure/ When the authentication failure
reache1 1-6 ti<e1. A)ASAA*/1 LFM loc;1 the authentication function for that u1er fro< then on/
!hi1 loc; 1tatu1 i1 relea1e3 b the a3<ini1tratorJ1 relea1e o#eration/
AM!SM'A/1 L2M #er<it1 onl the a3<ini1trator the 1election of the u1er authentication
<etho31 which are DMachine authenticationD an3 D,@ternal 1er2er authenticationD/
AM!SM!:/1 L6M #er<it1 onl the a3<ini1trator the 1ettin" $<o3ification% of the thre1hol3 of
the Authentication failure freIuenc which i1 the trial freIuenc of the failure authentication
in the u1er authentication/
A)ASS'S/1 L5M 1ecure1 the Iualit 2erification of the 1e11ion infor<ation u1e3 in the u1er
authentication 2ia the networ;. an3 A)ASS'S/2 1ecure1 the Iualit of the 1e11ion infor<ation
which i1 "enerate3 an3 u1e3/

8(ece11ar reIuire<ent1 for <ana"in" 1e11ion of u1er who i1 i3entifie3 an3 authenticate39
!he 3uration of 1e11ion of the u1er who i1 i3entifie3 an3 authenticate3 contribute1 to re3uce
the chance of attac;in" a11ociate3 with unnece11ar 1e11ion connection. b en3in" the 1e11ion
after the #anel auto<atic lo"off ti<e ela#1e1 with A!ASSS*/6/ when it lo"1 in fro< the #anel/
!he chan"e in the #anel auto lo"off ti<e i1 li<ite3 to the a3<ini1trator b AM!SM!:/1 L6M/

8(ece11ar reIuire<ent for <ana"in" the i3entification an3 authentication infor<ation of the
u1er9
When Dthe <achine authenticationD i1 cho1en in a <etho3 of the u1er authentication b
AM!SM!:/1 L1M. the initial re"i1tration of a u1er #a11wor3 in the u1erJ1 re"i1tration i1
#er<itte3 onl b the a3<ini1trator/
When Dthe <achine authenticationD ha1 been 1electe3 in the <etho3 of the u1er authentication.
the re"i1tration of the u1er ):. #au1e an3 re1u<#tion of u1e in the u1er re"i1tration i1
#er<itte3 to the a3<ini1trator b AM!SM!:/1 L10M an3 AM!SM!:/1 L16M/ When the De@ternal
1er2er authenticationD $ha1 been 1electe3 in the u1er authentication <etho3. the u1er who i1
authenticate3 the i3entification i1 #er<itte3 fro< an e@ternal 1er2er an3 re"i1tere3
auto<aticall b thi1 reIuire<ent/ $!hi1 corre1#on31 to the u1er ): re"i1tration of the
De@ternal 1er2erD/% At thi1 re"i1tration. the e@ternal 1er2er acce11in" !', i1 i3entifie3 the
e@ternal 1er2er re"i1tere3 b A)ASU):/2 LRM/ !hi1 <ana"e<ent beha2ior i1 <aintaine3 a1 the
role of the e@ternal 1er2er b AM!SSM0/1 L5M/ )n a33ition. the re"i1tration function of u1er ):
i1 1#ecifie3 for the a3<ini1tration function b AM!SSMA/1/
!he re"i1tration an3 chan"e o#eration of an e@ternal 1er2er 1ettin" i1 li<ite3 to onl the
a3<ini1trator b AM!SM!:/1 L6M an3 AM!SM!:/1 L11M/

!he Iualit of the u1er #a11wor3 i1 2erifie3 b A)ASS'S/1 L6M/ When D<achine authenticationD
i1 1electe3 in the <etho3 of the u1er authentication. a chan"e of the u1er #a11wor3 i1 li<ite3 to

70 / 112
the u1er it1elf an3 the a3<ini1trator b AM!SM!:/1 L2M/ )n a33ition. when a u1er chan"e1
hi1/her own u1er #a11wor3. the u1er i1 re-authenticate3 b A)ASUAU/6/

8(ece11ar reIuire<ent to ;ee# the a3<ini1trator 1ecure9
refer to 1et/a3<in

8(ece11ar reIuire<ent to ;ee# the 1er2ice en"ineer 1ecure9
refer to 1et/1er2ice

80ole an3 <ana"e<ent function for each <ana"e<ent9
!he role to 3o the1e <ana"e<ent1 i1 <aintaine3 a1 a a3<ini1trator b AM!SSM0/1 L2M an3 a
u1er b AM!SSM0/1 L6M/ Moreo2er. the1e <ana"e<ent function1 are 1#ecifie3 b AM!SSMA/1/

!hi1 1ecurit obHecti2e i1 1ati1fie3 b the co<#letion of the1e <ulti#le functional reIuire<ent1/

'/B0)4A!, '/B0)4A!, '/B0)4A!, '/B0)4A!,- -- -+'C +'C +'C +'C $#er1onal $#er1onal $#er1onal $#er1onal u1er u1er u1er u1er bo@ bo@ bo@ bo@ acce11 acce11 acce11 acce11 control% control% control% control%
!hi1 1ecurit obHecti2e li<it1 acce11 to the #er1onal u1er bo@ an3 the u1er bo@ file in the
#er1onal u1er bo@ to onl the u1er who own1 that u1er bo@. an3 nee31 2ariou1 reIuire<ent1
that relate to the acce11 control/

8U1er bo@ acce11 control $a #er1onal u1er bo@%9
After the u1er ha1 been i3entifie3 an3 authenticate3. the u1er ): i1 a11ociate3 with the ta1;
of actin" a u1e b A)ASA!:/1 an3 A)ASUS+/1/ + A:BSACC/1 L1M an3 A:BSACA/1 L1M. the
ta1; of actin" the u1er ha1 a u1er ):. an3 i1 #er<itte3 to 3i1#la the li1t of the u1er bo@ with a
corre1#on3in" u1er attribute/ )n a33ition. after the u1er bo@ ha1 been 1electe3. when the u1er
bo@ ): i1 a11ociate3 with the ta1; of actin" a u1e b A)ASA!:/1 an3 A)ASUS+/1. the
o#eration 1uch a1 a #rint. a 3ownloa3. tran1<i11ion1. a <o2e<ent. an3 a co# i1 #er<itte3 to
the u1er bo@ file that ha1 a corre1#on3in" obHect attribute to u1er ): an3 u1er bo@ ): of the
1ubHect attribute/

8Mana"e<ent of a #er1onal u1er bo@9
AM!SMSA/1 L1M #er<it1 to the u1er an3 the a3<ini1trator the chan"e o#eration of the u1er
attribute of the u1er bo@ where the u1er ): i1 1et/
A1 for the re"i1tration of the u1er bo@. #ublic i1 a##ointe3 to the u1er attribute of the u1er bo@
b AM!SMSA/6 L1M. an3 it i1 #er<itte3 onl to the u1er an3 a3<ini1trator to "i2e the initial
2alue to chan"e the #ublic attribute/ )n a33ition. when the Hob to 1tore the non-re"i1tere3 u1er
bo@ into the u1er bo@ a##ointe3 i1 e@ecute3 3ue to the 1a<e reIuire<ent. a u1er ): of the u1er
who e@ecute1 a Hob concerne3 i1 a##ointe3 auto<aticall/
A1 for the u1er bo@ attribute of the u1er bo@ file. the 2alue con1i1tent with the u1er bo@
attribute of the u1er bo@ which wa1 1electe3 a1 the file 1a2e3 i1 1et u# b AM!SMSA/6 L6M/

refer to 1et/a3<in


71 / 112

80ole an3 controllin" function for each <ana"e<ent9
A1 the role of 3oin" the1e <ana"e<ent1. AM!SSM0/1 L2M <aintain1 an a3<ini1trator an3
AM!SSM0/1 L6M <aintain1 a u1er #er<itte3 the u1e of the u1er bo@/ AM!SSMA/1 1#ecifie1
the1e <ana"e<ent function1/

!hi1 1ecurit obHecti2e i1 1ati1fie3 b the co<#letion of the1e <ulti#le functional
reIuire<ent1/

'/BU+*)C '/BU+*)C '/BU+*)C '/BU+*)C- -- -+'C $a #ublic +'C $a #ublic +'C $a #ublic +'C $a #ublic u1er u1er u1er u1er bo@ acce11 control% bo@ acce11 control% bo@ acce11 control% bo@ acce11 control%
!hi1 1ecurit obHecti2e #er<it1 the in1#ection of the #ublic u1er bo@ to all u1er1. an3 li<it1
the 1ettin" of the #ublic u1er bo@ an3 the o#eration of the u1er function of the u1er bo@ file in
the #ublic u1er bo@ onl to the u1er who #er<itte3 the utilization of that #ublic u1er bo@/ An3
it nee31 the 2ariou1 reIuire<ent1 re"ar3in" acce11 control/

8U1er bo@ acce11 control $a #ublic u1er bo@%9
of actin" a u1e b A)ASA!:/1 an3 A)ASUS+/1/ A:BSACC/1 L1M an3 A:BSACA/1 L1M #er<it1
the li1t 3i1#la o#eration to the u1er bo@ where #ublic i1 1et on the u1er attribute1 to the ta1;
of actin" the u1er who ha1 u1er ):/
)t i1 reIuire3 to be a u1er who i1 #er<itte3 the u1e of the u1er bo@ to o#erate the u1er bo@ file
in the #ublic u1er bo@/ A)ASU):/2 L5M an3 A)ASUAU/2 LFM i3entifie1 an3 authenticate1 that it
i1 a u1er who i1 #er<itte3 the u1e of the u1er bo@/
reache1 1-6 ti<e1. A)ASAA*/1 L6M loc;1 the authentication function for that u1er fro< then on/
!hi1 loc; 1tatu1 i1 relea1e3 b the a3<ini1tratorJ1 relea1e o#eration/
AM!SM!:/1 L6M #er<it1 onl to the a3<ini1trator the 1etu# of the thre1hol3 of the
unauthorize3 acce11 3etection 2alue that i1 the trial freIuenc of the failure authentication in
the authentication of the u1er who i1 #er<itte3 the u1e of the u1er bo@/
When A)ASA!:/1 an3 A)ASUS+/1 relate1 a u1er bo@ ): to the ta1; of actin" u1e. A:BSACC/1
L1M an3 A:BSACA/1 L1M #er<it the u1er bo@ file that ha1 a corre1#on3in" obHect attribute to
the u1er bo@ ): of the 1ubHect attribute an3 i1 1et #ublic to the u1er attribute of u1er bo@. the
o#eration 1uch a1 a #rint. a 3ownloa3. tran1<i11ion1. a <o2e<ent. an3 a co#/
A)ASS'S/1 L5M 1ecure1 the Iualit 2erification of the 1e11ion infor<ation u1e3 in the u1er bo@
authentication 2ia the networ;. an3 A)ASS'S/2 1ecure1 the Iualit of the 1e11ion infor<ation
which i1 "enerate3 an3 u1e3/

8Mana"e<ent of a #ublic u1er bo@9
AM!SMSA/1 L2M #er<it1 the u1er who i1 #er<itte3 the u1e of the u1er bo@ an3 the
a3<ini1trator to o#erate the chan"e of the u1er attribute of u1e bo@ which DBublicD i1 1et/
AM!SM!:/1 LFM #er<it1 the chan"e in the u1er bo@ #a11wor3 onl to the a3<ini1trator an3
the u1er who i1 #er<itte3 to the u1e of the u1er bo@/ A)ASS'S/1 L1M 2erifie1 the Iualit of the
u1er bo@ #a11wor3/ )f a u1er #er<itte3 to u1e a #ublic u1er bo@ chan"e1 the u1er bo@ #a11wor3

72 / 112
of the #ublic u1er bo@. A)ASUAU/6 re-authenticate1 the u1er/
A1 for the u1er bo@ re"i1tration. AM!SMSA/6 L1M 1#ecifie1 the #ublic to the u1er attribute of
the u1er bo@. an3 #er<it1 onl the u1er an3 a3<ini1trator to "i2e the initial 2alue to chan"e
the u1er attribute/ AM!SM!:/1 L5M #er<it1 the re"i1tration of the u1er bo@ #a11wor3 onl to
the u1er or the a3<ini1trator/ Aor the u1er bo@ attribute of the u1er bo@ file. the u1er bo@
attribute 2alue of the 1electe3 u1er bo@ a1 1tora"e i1 1et b AM!SMSA/6 L6M/

refer to 1et/a3<in


A1 the role of 3oin" the1e <ana"e<ent1. AM!SSM0/1L2M <aintain1 an a3<ini1trator an3
AM!SSM0/1LFM <aintain1 a u1er #er<itte3 the u1e of the u1er bo@/ AM!SSMA/1 1#ecifie1
the1e <ana"e<ent function1/

reIuire<ent1/

'/G0'UB '/G0'UB '/G0'UB '/G0'UB- -- -+'C +'C +'C +'C $Grou# $Grou# $Grou# $Grou# u1er u1er u1er u1er bo@ bo@ bo@ bo@ acce11 acce11 acce11 acce11 control control control control% % % %
!hi1 1ecurit obHecti2e #er<it1 the brow1er of the "rou# u1er bo@ onl to the u1er who i1
#er<itte3 the u1e of the account/ )t al1o li<it1 the 1et of the "rou# u1er bo@ which i1 not a
#au1e 1tatu1 of u1e an3 the o#eration of the u1er function of the u1er bo@ file in the "rou#
u1er bo@ onl to the u1er who i1 #er<itte3 the u1e of the "rou# u1er bo@. an3 reIuire1 2ariou1
reIuire<ent1 that relate to the acce11 control/

8U1er bo@ acce11 control $a "rou# u1er bo@%9
of actin" a u1e b A)ASA!:/1 an3 A)ASUS+/1/ An3 after the account ha1 been authenticate3.
the account ): i1 a11ociate3 with the ta1; of actin" a u1e b A)ASA!:/1 an3 A)ASUS+/1/
A:BSACC/1L1M an3 A:BSACA/1L1M #er<it1 a ta1; to act for the u1er to o#erate the li1t to the
u1er bo@ $"rou# u1er bo@% where the u1er attribute corre1#on3e3 with the Account (a<e
$account ):% in the 1ecurit attribute of the 1ubHect i1 1et/
)t i1 reIuire3 to be a u1er who i1 #er<itte3 the u1e of the "rou# u1er bo@ to o#erate the u1er
bo@ file in the "rou# u1er bo@ which i1 not a #au1e 1tatu1 of u1e/ When the Account
authentication <etho3 i1 Dthe <etho3 not 1nchronize3D. A)ASU):/2 L6M an3 A)ASUAU/1 L2M
i3entifie1 an3 authenticate1 that it i1 a u1er who i1 #er<itte3 the u1e of the "rou# u1er bo@/
When the account authentication <etho3 i1 D1nchronize3 <etho3D an3 the Account that u1er
belon"1 to i1 not re"i1tere3. A)ASU):/2 L6M an3 A)ASUAU/1 L2M i3entifie1 an3 authenticate1
that it i1 a u1er who i1 #er<itte3 the u1e of the account/

73 / 112
reache1 1-6 ti<e1. A)ASAA*/1 LRM loc;1 the authentication function for that account fro< then
on/ !hi1 loc; 1tatu1 i1 relea1e3 b the a3<ini1tratorJ1 relea1e o#eration/
AM!SM!:/1 L6M #er<it1 onl the a3<ini1trator the 1etu# of the thre1hol3 of the
unauthorize3 acce11 3etection 2alue that i1 the trial freIuenc of the failure authentication in
the authentication of the u1er who i1 #er<itte3 the u1e of the "rou# u1er bo@/
When A)ASA!:/1 an3 A)ASUS+/1 relate1 to the u1er bo@ ): un3er the ta1; to act for u1er.
A:BSACC/1L1M an3 A:BSACA/1L1M #er<it1 the u1er bo@ file that ha1 a corre1#on3in" obHect
attribute to the account ): an3 the u1er bo@ ): of the 1ubHect attribute the o#eration 1uch a1
#rint. 3ownloa3. tran1<i11ion1. <o2e<ent an3 co#/

8(ece11ar reIuire<ent to <ana"e the "rou# u1er bo@9
AM!SMAS/1 L6M #er<it1 the <o3ification o#eration of the u1er attribute of the u1er bo@ that
i1 1et Daccount ):D to the u1er who i1 #er<itte3 the acce11 to the "rou# u1er bo@ an3 the
a3<ini1trator/
Aor the u1er bo@ attribute of the u1er bo@ file. the u1er bo@ attribute 2alue of the 1electe3 u1er
bo@ a1 1tora"e i1 1et b AM!SMSA/6 L6M/

8(ece11ar reIuire<ent to <ana"e the 1ubHect attribute relate3 with the "rou# u1er bo@9
AM!SM!:/1L11M an3 AM!SM!:/1L16M re1trict1 the re"i1tration. #au1e of u1e an3 re1u<#tion
of u1e of the account ): an3 account #a11wor3 onl to the a3<ini1trator/ Al1o. AM!SM!:/1
L6M re1trict1 the <o3ification of the account ): an3 account #a11wor3 onl to the
a3<ini1trator/ AM!SM!:/1 L12M re1trict1 the re"i1tration of the belon"in" account a11i"ne3
to the u1er. to the a3<ini1trator an3 to the u1er who i1 #er<itte3 the u1e of the account/
A)ASS'S/1 L1M 2erifie1 the Iualit of the account #a11wor3 /

8Mana"e<ent of the account authentication <etho39
AM!SM'A/1 L6M re1trict1 the beha2ior <ana"e<ent of the account authentication function
an3 the 1to# o#eration <ana"e<ent onl to the a3<ini1trator/

refer to 1et/a3<in


AM!SSM0/1 L6M <aintain1 a u1er #er<itte3 the u1e of the "rou# u1er bo@/ AM!SSMA/1
1#ecifie1 the1e <ana"e<ent function1/

reIuire<ent1/

'/S,CU0, '/S,CU0, '/S,CU0, '/S,CU0,- -- -B0)(! B0)(! B0)(! B0)(! $ $$ $Acce11 control Acce11 control Acce11 control Acce11 control of of of of 1ecure 1ecure 1ecure 1ecure #rint file #rint file #rint file #rint file an3 an3 an3 an3 ): N #rint ): N #rint ): N #rint ): N #rint file file file file% %% %
!he1e 1ecurit obHecti2e1 e@#lain the #olic for the 1ecure #rint file/
Air1t. for 1ecure #rint file. thi1 1ecurit obHecti2e li<it1 the #rint of the 1ecure #rint file onl

74 / 112
for the u1er. who i1 #er<itte3 the u1e of the 1ecure #rint file. an3 reIuire1 2ariou1
reIuire<ent1 that relate to the acce11 control/

8Secure #rint file acce11 control9
of actin" a u1e b A)ASA!:/1 an3 A)ASUS+/1/ A:BSACC/1 L2M an3 A:BSACA/1 L2M #er<it1
the li1t 3i1#la o#eration of e2er 1ecure #rint file to the ta1; of actin" the u1er who ha1 u1er
):/
A1 it <u1t be a u1er who i1 #er<itte3 the u1e of the 1ecure #rint file to #rint it. A)ASU):/2 LFM
an3 A)ASUAU/2 L6M i3entifie1 an3 authenticate1 that it i1 a u1er who i1 #er<itte3 the u1e of
the 1ecure #rint file/
A)ASAA*/1 L7M refu1e1 all in#ut acce#tance1 fro< the #anel for 5 1econ31 in e2er failure/
When the authentication failure reache1 1-6 ti<e1. A)ASAA*/1 L5M loc;1 the authentication
function for the concerne3 1ecure #rint file/ !hi1 loc; 1tatu1 i1 relea1e3 b the a3<ini1tratorJ1
relea1e o#eration/
AM!SM!:/1 L6M #er<it1 onl to the a3<ini1trator the 1etu# of the thre1hol3 of the
authentication failure freIuenc that i1 the trial freIuenc of the failure authentication in
the authentication of the u1er who i1 #er<itte3 the u1e of the 1ecure #rint file/
When A)ASA!:/1 an3 A)ASUS+/1 relate the 1ecure #rint internal control ): to the ta1; of
actin" u1e. A:BSACC/1 L2M an3 A:BSACA/1 L2M #er<it the #rint o#eration to the 1ecure #rint
file that ha1 a corre1#on3in" obHect attribute to the 1ecure #rint internal control ): of the
1ubHect attribute/
A1 for 1ecure #rint internal control ):. AM!SMSA/6 L2M "i2e1 the 2alue uniIuel i3entifie3
when the 1ecure #rint file i1 1tore3/

8Secure #rint #a11wor39
AM!SM!:/1 L7M #er<it1 onl to the u1er the re"i1tration of the 1ecure #rint #a11wor3 u1e3
for the authentication/ A)ASS'S/1 L1M 2erifie1 the Iualit of the 1ecure #rint #a11wor3/

(e@t. for ): N #rint file. thi1 1ecurit obHecti2e li<it1 the #rint of the ): N #rint file onl for
the u1er who 1tore3 that file. 1o that 2ariou1 reIuire<ent1 re"ar3in" acce11 control are
nece11ar/

8): N #rint file acce11 control9
A:BSACC/1LFM an3 A:BSACA/1LFM #er<it the ta1; 1ub1titutin" for a u1er with a u1er ): to
li1t an3 #rint the ): N #rint file with the u1er attribute con1i1tent with the u1er ):/
Aor the u1er attribute 1et in the ): N #rint file. the u1er ): of the u1er who 1tore1 the file
when the file i1 1tore3 i1 1et b AM!SMSA/6 LFM/

8'#eration <ana"e<ent of the ): N #rint function9
Mana"e<ent of thi1 o#eration <o3e i1 li<ite3 onl to the a3<ini1trator b AM!SM'A/1 L2M/

refer to 1et/a3<in

75 / 112


AM!SSM0/1 L6M <aintain1 a u1er/ Moreo2er. AM!SSMA/1 1#ecifie1 the1e <ana"e<ent
function1/

reIuire<ent1/

'/C'(A)G '/C'(A)G '/C'(A)G '/C'(A)G $ $$ $Acce11 Acce11 Acce11 Acce11 li<itation li<itation li<itation li<itation to to to to an an an an <ana"e<ent <ana"e<ent <ana"e<ent <ana"e<ent function function function function% %% %
!hi1 1ecurit obHecti2e li<it1 the 1ettin" relate3 to the SM!B 1er2er. the 1ettin" relate3 to the
:(S 1er2er. the 1ettin" relate3 to the ,nhance3 Securit function. the bac;u# function. an3
the re1toration1 function to the a3<ini1trator. an3 nee31 2ariou1 reIuire<ent1 to li<it the
acce11 to a 1erie1 of 1ettin" function an3 the <ana"e<ent function/

8Mana"e<ent of networ; 1ettin"9
When the a3<ini1trator attribute i1 a11ociate3 with the ta1; of 1ub1titutin" the u1e.
A:BSACC/1L6M an3 A:BSACA/1L6M #er<it1 the ta1; of 1ub1titutin" the u1er to o#erate the
1ettin" of SM!B 1er2er "rou# obHect. :(S 1er2er "rou# obHect. MAB a33re11 "rou# obHect.
BC-AAC rece#tion 1ettin" obHect. an3 tran1<i11ion a33re11 3ata obHect/

8'#eration li<itation of +ac;u# an3 re1toration function9
When the a3<ini1trator attribute i1 a11ociate3 with the ta1; of actin" the u1e b A)ASA!:/1
an3 A)ASUS+/1. the ta1; of actin" the u1er i1 #er<itte3 the bac;-u# o#eration ofO
- the u1er bo@ file1 b A:BSACC/1 L1M an3 A:BSACA/1 L1M/
- the 1ecure #rint file1 b A:BSACC/1 L2M an3 A:BSACA/1 L2M/
- the ): N #rint file1 b A:BSACC/1 LFM an3 A:BSACA/1 LFM/
)n a33ition. the re1toration o#eration i1 #er<itte3 for
- SM!B 1er2er "rou# obHect. :(S 1er2er "rou# obHect. MAB a33re11 "rou# obHect. BC-AAC
o#eration 1ettin" obHect. an3 tran1<i11ion a33re11 3ata obHect b A:BSACC/1L6M an3
A:BSACA/1L6M/
Moreo2er. the re1toration o#eration $<o3ification o#eration% i1 #er<itte3 onl to the
a3<ini1trator for the followin" 3ata5
- the enhance3 1ecurit 1ettin" 3ata b AM!SM'A/1 L1M
- the o#eration 1ettin" 3ata of u1er authentication function. encr#tion 1tren"th 1ettin" 3ata
for S/M)M, function an3 the o#eration 1ettin" 3ata of S(MB #a11wor3 authentication
function b AM!SM'A/1L2M/
- the !ru1te3 Channel 1ettin" 3ata. encr#tion #a11#hra1e an3 the o#eration 1ettin" 3ata of
account authentication function b AM!SM'A/1L6M/
- the u1er1 attribute of the u1er bo@ b AM!SMSA/1 L1M. AM!SMSA/1 L2M an3 AM!SMSA/1 L6M/
- the u1er #a11wor3 b AM!SM!:/1 L2M/
- the u1er ):. the S(MB #a11wor3. the #anel auto lo"off ti<e. the authentication failure
freIuenc. the 1ecure #rint #a11wor3. the e@ternal authentication 1ettin" 3ata. the account

76 / 112
):. the account #a11wor3. the S/M)M, certificate. the belon"in" account of u1er. relea1e
ti<e of o#eration #rohibition for a3<ini1trator authentication. !S) recei2in" 1ettin". an3
Web:A4 1er2er #a11wor3 b AM!SM!:/1L6M/
- the u1er bo@ #a11wor3 b AM!SM!:/1 LFM/
AM!SM!:/1 LRM #er<it1 onl to the a3<ini1trator the bac;u# o#eration $inIuir o#eration%
of the S(MB #a11wor3. the u1er #a11wor3. the u1er bo@ #a11wor3. an3 the 1ecure #rint
#a11wor3. the account #a11wor3. an3 Web:A4 1er2er #a11wor3/

8'#erational li<itation of ,nhance3 Securit function9
AM!SM'A/1 L1M #er<it1 onl the a3<ini1trator an3 1er2ice en"ineer to 3i1able the 1ettin"
for the enhance3 1ecurit function/

8Mana"e<ent of encr#tion #a11#hra1e 9
AM!SM!:/1 L6M #er<it1 onl a3<ini1trator the <o3ification o#eration to the encr#tion
#a11#hra1e/ A)ASS'S/1 LFM 2erifie1 the Iualit of the encr#tion #a11#hra1e/

8(ece11ar reIuire<ent for acce11in" M)+ obHect9
!he SM!B 1er2er "rou# obHect. the :(S 1er2er "rou# obHect an3 the MAB a33re11 "rou#
obHect e@i1t1 a1 an M)+ obHect a1 well. 1o that the re1triction i1 nece11ar e2en in the acce11
fro< the S(MB/
A)ASU):/2 L2M an3 A)ASUAU/2 L2M i3entifie1 an3 authenticate1 that the u1er who acce11e1
the M)+ obHect i1 an a3<ini1trator/
A)ASAA*/1 L6M loc;1 the authentication function to acce11 the M)+ obHect when the failure
authentication reache1 1-6 ti<e1/ !hi1 loc; i1 relea1e3 b the loc; relea1e o#eration b the
a3<ini1trator/
AM!SM!:/1 L6M re1trict1 the thre1hol3 1ettin" of the unauthorize3 acce11 3etection 2alue
that i1 the trial freIuenc of the failure authentication in the a3<ini1trator authentication
u1in" the S(MB #a11wor3 onl to the a3<ini1trator
AM!SM!:/1 L6M re1trict1 the chan"e of the S(MB #a11wor3 to the a3<ini1trator/
A)ASS'S/1 L2M 2erifie1 the Iualit of the S(MB #a11wor3/
AM!SM'A/1 L2M re1trict1 the <etho3 of the S(MB #a11wor3 authentication function onl
to the a3<ini1trator/

80eIuire<ent1 for the counter <ana"e<ent function $acce11 b Web:A4%9
A)ASU):/2 L2M an3 A)ASUAU/2 L2M i3entif an3 authenticate that the u1er acce11in" b
Web:A4 i1 an a3<ini1trator/
AM!SM!:/1 LRM #er<it1 the i3entifie3 an3 authenticate3 a3<ini1trator to #erfor< inIuir
of u1er #a11wor31 an3 account #a11wor31/
A)ASAA*/1 L=M loc;1 the a3<ini1trator authentication function which u1e1 the Web:A4
1er2er #a11wor3 when the failure authentication reache1 1-6 ti<e1/ !hi1 loc; i1 relea1e3 b
the loc; relea1e o#eration b the a3<ini1trator/
AM!SM!:/1L6M re1trict1 the thre1hol3 1ettin" of the unauthorize3 acce11 3etection 2alue
that i1 the trial freIuenc of the failure authentication in the a3<ini1trator authentication
u1in" the Web:A4 1er2er #a11wor3 onl to the a3<ini1trator/
AM!SM!:/1 L6M re1trict1 the chan"e of the Web:A4 1er2er #a11wor3 onl to the
a3<ini1trator/ A)ASS'S/1 L1M 2erifie1 the Iualit of the Web:A4 1er2er #a11wor3/

77 / 112

8 '#erational *i<it of !ru1te3 Channel function 1ettin" 3ata9
!he beha2ior an3 the 1to# 1ettin" of !ru1te3 Channel function are #er<itte3 onl to the
a3<ini1trator b AM!SM'A/1 L6M/

8'#erational *i<it for S/M)M, function9
!he re"i1tration of the S/M)M, certificate i1 #er<itte3 onl to the a3<ini1trator b
AM!SM!:/1 L11M/ !he <o3ification of the re"i1tere3 S/M)M, certificate i1 #er<itte3 onl to
the a3<ini1trator b AM!SM!:/1 L6M/ )n a33ition. the 1etu# of tran1<i11ion a33re11 3ata i1
#er<itte3 onl to the a3<ini1trator b A:BSACC/1 L6M an3 A:BSACA/1 L6M/ !he beha2ior of
the S/M)M, function i1 #er<itte3 onl to the a3<ini1trator b the AM!SM'A/1 L2M/

8'#erational *i<it for AAC function9
!he re"i1tration of the u1er bo@ to be 1tore3 in !S) rece#tion $!S) rece#tion 1ettin"% i1
#er<itte3 onl to the a3<ini1trator b AM!SM!:/1 L11M/ !he <o3ification of the re"i1tere3
!S) rece#tion 1ettin" i1 #er<itte3 onl to the a3<ini1trator b AM!SM!:/1 L6M/ )n a33ition.
the 1ettin" of the area 1tore3 when BC-AAC i1 recei2e3 $BC-AAC rece#tion 1ettin"% i1
#er<itte3 onl to the a3<ini1trator b A:BSACC/1 L6M an3 A:BSACA/1 L6M/

8(ece11ar reIuire<ent1 to ;ee# the a3<ini1trator 1ecure9
refer to 1et/a3<in

8(ece11ar reIuire<ent1 to ;ee# the 1er2ice en"ineer 1ecure9

A1 the role of 3oin" the1e <ana"e<ent1. AM!SSM0/1L1M <aintain1 a 1er2ice en"ineer an3
AM!SSM0/1L2M <aintain1 an a3<ini1trator/ Moreo2er. AM!SSMA/1 1#ecifie1 the1e
<ana"e<ent function1/

reIuire<ent1/

'/'4,0W0)!, '/'4,0W0)!, '/'4,0W0)!, '/'4,0W0)!,- -- -A** A** A** A** $ $$ $Co<#lete Co<#lete Co<#lete Co<#lete o2erwrite o2erwrite o2erwrite o2erwrite 3eletion 3eletion 3eletion 3eletion% %% %
!hi1 1ecurit obHecti2e re"ulate1 that it 3elete1 all 3ata area1 of -:: an3 initialize1 the
conceale3 infor<ation of (40AM that i1 1et b the u1er. an3 reIuire1 2ariou1 reIuire<ent1
that relate to the 3eletion/
AA:S0)B/1 "uarantee1 that the1e obHecti2e infor<ation not to be able to u1e the content of
an #re2iou1 infor<ation b the 3eletion o#eration/
!herefore. thi1 1ecurit obHecti2e i1 1ati1fie3/

'/C0YB! '/C0YB! '/C0YB! '/C0YB!' '' '- -- -&,Y &,Y &,Y &,Y $ $$ $,ncr#tion ,ncr#tion ,ncr#tion ,ncr#tion ;e ;e ;e ;e "eneration "eneration "eneration "eneration% %% %
!hi1 1ecurit obHecti2e re"ulate1 that the encr#tion ;e nece11ar to encr#t all the 3ata
written in -:: b AS)C i1 "enerate3. an3 nee31 2ariou1 reIuire<ent1 that relate to the
encr#tion ;e "eneration/
U1in" &onica Minolta -:: encr#tion ;e "eneration al"ori1< accor3in" to the &onica

78 / 112
Minolta encr#tion 1#ecification 1tan3ar3. ACSSC&M/1 "enerate1 an encr#tion ;e 127 bit1
lon"/ )n a33ition. the encr#tion ;e i1 "enerate3 on 0AM that i1 a 2olatilit <e<or with
the #ower 1u##l '( an3 i1 3i1a##eare3 with the #ower 1u##l 'AA/
!hi1 1ecurit obHecti2e i1 1ati1fie3 b thi1 functional reIuire<ent/

'/!0US!,: '/!0US!,: '/!0US!,: '/!0US!,:- -- -BASS BASS BASS BASS $U1a"e $U1a"e $U1a"e $U1a"e of of of of !ru1te3 !ru1te3 !ru1te3 !ru1te3 Channel% Channel% Channel% Channel%
!hi1 1ecurit obHecti2e "enerate1 the !ru1te3 Channel in the tran1<i11ion an3 rece#tion 1uch
a1 a u1er bo@ file. a 1ecure #rint file. an3 an ): N #rint file. an3 the reIuire<ent that relate1
with the !ru1te3 Channel i1 nece11ar/ A!BS)!C/1 "enerate1 the !ru1te3 Channel accor3in"
to the reIuire<ent fro< the other !ru1te3 )! #ro3uct. an3 it i1 a##lie3 to the tran1<i11ion
an3 rece#tion. 1uch a1 the u1er bo@ file. the 1ecure #rint file. an3 the ): N #rint file/
!hi1 1ecurit obHecti2e i1 1ati1fie3 b thi1 functional reIuire<ent.

'/C0YB!' '/C0YB!' '/C0YB!' '/C0YB!'- -- -MA)* MA)* MA)* MA)* $U1a"e $U1a"e $U1a"e $U1a"e of of of of ,ncr#tion ,ncr#tion ,ncr#tion ,ncr#tion <ail% <ail% <ail% <ail%
!hi1 1ecurit obHecti2e re"ulate1 the encr#tion of a u1er bo@ file when tran1<ittin" the u1er
bo@ file b e-<ail. an3 2ariou1 reIuire<ent1 relate3 to the encr#tion are nece11ar/
ACSSC&M/1 "enerate1 the encr#tion ;e $127. 167. 1=2 or 256 bit1% b u1in" B1eu3oran3o<
nu<ber Generation Al"orith< accor3in" to A)BS 176-2/
ACSSC'B/1 encr#t1 the u1er bo@ file b u1in" A,S $encr#tion ;e5 127. 1=2 or 256 bit1% of
A)BS BU+ 1=R $it beco<e1 a tran1<i11ion 3ata of S/M)M,%/ Al1o. the 1a<e reIuire<ent
encr#t1 the u1er bo@ file b u1in" 6-&e-!ri#le-:,S $encr#tion ;e5 167 bit1% of SB700-6R/
$+ the 1a<e to;en. it beco<e1 a tran1<i11ion 3ata of S/M)M,/% ACSSC'B/1 encr#t1 the1e
encr#tion ;e1 b 0SA of A)BS 176-2 b u1in" a #ublic ;e of S/M)M, certificate of each
3e1tination $102F. 20F7. 60R2 or F0=6 bit1%/
!hi1 1ecurit obHecti2e i1 1ati1fie3 b the co<#letion of the1e #lural functional reIuire<ent1/

'/ AAC '/ AAC '/ AAC '/ AAC- -- -C'(!0'* C'(!0'* C'(!0'* C'(!0'* $ $$ $Aa@ unit Aa@ unit Aa@ unit Aa@ unit control% control% control% control%
!hi1 1ecurit obHecti2e re"ulate1 to #rohibit an acce11 to internal networ; which the MAB
concerne3 connect1 with. fro< #ublic line 2ia the Aa@ #ublic line #ortal/
!hi1 <ean1 that co<<unication. li;e re<ote 3ia"no1tic function or ille"al o#eration
co<<an3. e@ce#t i<a"e 3ata which i1 1ent fro< #ublic line networ; an3 forwar3e3 to
internal networ; 2ia MAB i1 not forwar3e3 to internal networ;. an3 2ariou1 reIuire<ent1
relate3 to the flow control of Aa@ unit are nece11ar/
A##lin" A:BS)AC/1 an3 A:BS)AA/1. the flow control not to 1en3 3ata. e@ce#t the i<a"e 3ata
which the rece#tion function fro< a #ublic line recei2e3. to internal networ; i1 achie2e3/

' '' '/AU!- /AU!- /AU!- /AU!-- -- -C CC CABA+)*)!Y ABA+)*)!Y ABA+)*)!Y ABA+)*)!Y $ $$ $Su##ort Su##ort Su##ort Su##ort action action action action to to to to u1e u1e u1e u1e u1er u1er u1er u1er authentication authentication authentication authentication function function function function% %% %
!hi1 1ecurit obHecti2e re"ulate1 that !', 1u##ort1 the u1er authentication function u1in" an
u1er infor<ation <ana"e<ent 1er2er that i1 the entit out1i3e !',. an3 nee31 2ariou1
reIuire<ent1 that re"ulate to 1u##ort the e@ternal entit action/
A##lin" A)!SCAB/1 L1M. the inIuir an3 the acIuire<ent function for the i3entification an3
authentication obHecti2e u1er are achie2e3 for the u1er authentication function b the Acti2e
:irector of the u1er infor<ation <ana"e<ent 1er2er/


79 / 112
'/ '/ '/ '/C0YB! C0YB! C0YB! C0YB!' '' '- -- -CABA+)*)!Y CABA+)*)!Y CABA+)*)!Y CABA+)*)!Y $ $$ $Su##ort Su##ort Su##ort Su##ort action action action action to to to to u1e u1e u1e u1e the the the the -:: -:: -:: -:: encr#tion encr#tion encr#tion encr#tion func func func function tion tion tion% % % %
!hi1 1ecurit obHecti2e re"ulate1 that !', 1u##ort1 the action to encr#t the 3ata 1tore3 in
-:: b AS)C that i1 the entit out1i3e !',. an3 nee31 2ariou1 reIuire<ent1 that re"ulate1
to 1u##ort the e@ternal entit action/
A##lin" A)!SCAB/1L2M. a 1u##ort function to #roce11 all 3ata in -:: throu"h the -::
encr#tion function i<#le<ente3 b AS)C i1 achie2e3 for that -:: encr#tion function/

1et/a3<in 1et/a3<in 1et/a3<in 1et/a3<in $ $$ $Set Set Set Set of of of of nece11ar nece11ar nece11ar nece11ar reIuire<ent reIuire<ent reIuire<ent reIuire<ent t tt to oo o ;ee# ;ee# ;ee# ;ee# a3<ini1trator a3<ini1trator a3<ini1trator a3<ini1trator 1ecure 1ecure 1ecure 1ecure% %% %
8)3entification an3 Authentication of an a3<ini1trator9
A)ASU):/2 L2M an3 A)ASUAU/2 L2M i3entifie1 an3 authenticate1 that the acce11in" u1er i1 an
a3<ini1trator/
A)ASUAU/R return1 DKD for each character entere3 a1 fee3bac; #rotecte3 in the #anel. an3
A)ASAA*/1 L7M refu1e1. in ca1e of the failure authentication trie3 fro< the #anel. all the in#ut
recei#t1 fro< the #anel for fi2e 1econ31 in e2er failure/ When the failure authentication
reache1 1-6 ti<e1. A)ASAA*/1 L2M lo"off1 if itJ1 un3er authentication. an3 loc;1 all the
authentication function1 that u1e the a3<ini1trator #a11wor3 fro< then on/ !he relea1e
function i1 e@ecute3 b 1tartin" !', with turnin" 'AA an3 '( the #ower 1u##l. 1o that the
loc; i1 relea1e3 after the relea1e ti<e of o#eration #rohibition for a3<ini1trator
authentication #a11e3/
AM!SM!:/1 L6M #er<it1 onl to the a3<ini1trator the 1ettin" of the thre1hol3 of the
authentication failure freIuenc which i1 the trial freIuenc of the failure authentication in
the a3<ini1trator authentication an3 chan"e of the relea1e ti<e of o#eration #rohibition for
a3<ini1trator authentication/

8Mana"e<ent of 1e11ion of i3entifie3 an3 authenticate3 a3<ini1trator9
!he 3uration of 1e11ion of the a3<ini1trator who i1 i3entifie3 an3 authenticate3 contribute1
to re3uce the chance of attac;in" a11ociate3 with unnece11ar 1e11ion connection b en3in"
the 1e11ion after the #anel auto<atic lo"off ti<e ela#1e1 b A!ASSS*/6/ if it lo"1 in fro< the
#anel/ !he chan"e in the #anel auto lo"off ti<e i1 li<ite3 to the a3<ini1trator b
AM!SM!:/1 L6M/

8Mana"e<ent of a3<ini1tratorJ1 authentication infor<ation9
A)ASS'S/1 L1M 2erifie1 the Iualit of the a3<ini1trator #a11wor3/ Moreo2er. A)ASS'S L5M
2erifie1 the Iualit of 1e11ion infor<ation u1e3 to authenticate the a3<ini1trator 2ia the
networ;. an3 A)ASS'S/2 1ecure1 the Iualit of 1e11ion infor<ation that i1 "enerate3 an3
u1e3/ AM!SM!:/1 L6M re1trict1 the chan"e in the a3<ini1trator #a11wor3 to the
a3<ini1trator an3 the 1er2ice en"ineer/ When the a3<ini1trator chan"e1 the a3<ini1trator
#a11wor3. A)ASUAU/6 re-authenticate1 it/ )n thi1 re-authentication. when the failure
authentication reache1 1-6 ti<e1. A)ASAA*/1 L2M lo"off1 it if itJ1 un3er authentication. an3
relea1e1 the authentication 1tatu1 of the a3<ini1trator fro< then on/ An3 it loc;1 all the
authentication function1 to u1e the a3<ini1trator #a11wor3/ !he relea1e function i1 e@ecute3
b 1tartin" !', with turnin" 'AA an3 '( the #ower 1u##l. 1o that the loc; i1 relea1e3 after
the relea1e ti<e of o#eration #rohibition for a3<ini1trator authentication #a11e3/


80 / 112
AM!SSM0/1 L1M ha2e 1er2ice en"ineer <aintain the role to 3o the1e <ana"e<ent. an3
AM!SSM0/1L2M ha2e the a3<ini1trator 3o the 1a<e/ A33itionall. AM!SSMA/1 1#ecifie1 the1e
<ana"e<ent function1/

1et/1er2ice 1et/1er2ice 1et/1er2ice 1et/1er2ice $ $$ $Set Set Set Set of of of of nece11ar nece11ar nece11ar nece11ar reIuire<ent reIuire<ent reIuire<ent reIuire<ent to to to to ;ee# ;ee# ;ee# ;ee# 1er2ice 1er2ice 1er2ice 1er2ice en"ineer en"ineer en"ineer en"ineer 1ecure 1ecure 1ecure 1ecure% %% %
8)3entification an3 Authentication of a 1er2ice en"ineer9
A)ASU):/2 L1M an3 A)ASUAU/2L1M i3entifie1 an3 authenticate1 that the acce11in" u1er i1 a
1er2ice en"ineer/
A)ASUAU/R return1 DKD e2er one character entere3 a1 the fee3bac; #rotecte3 in the #anel.
an3 1u##ort1 the authentication/
A)ASAA*/1L7M refu1e1 all the in#ut recei#t1 fro< the #anel for fi2e 1econ31 at each failure.
an3 when the failure authentication reache1 1-6 ti<e1. A)ASAA*/1L1M lo"off1 it if itJ1 un3er
authentication. an3 loc;1 all the authentication function1 to u1e the C, #a11wor3/ !he C,
authentication loc; relea1e function i1 e@ecute3 an3 the relea1e ti<e of o#eration #rohibition
for C, authentication ela#1e1. 1o that thi1 loc; 1tatu1 i1 relea1e3/
AM!SM!:/1 L6M #er<it1 onl to the a3<ini1trator the 1ettin" of the thre1hol3 of the
authentication failure freIuenc that i1 the trial freIuenc of the failure authentication in the
1er2ice en"ineer authentication/ AM!SM!:/1 L=M #er<it1 onl to the 1er2ice en"ineer the
1ettin" of the relea1e ti<e of o#eration #rohibition for C, authentication/

8Mana"e<ent of 1er2ice en"ineerJ1 authentication infor<ation9
A)ASS'S/1L1M 2erifie1 the Iualit of the C, #a11wor3/ AM!SM!:/1 L=M re1trict1 the chan"e in
the C, #a11wor3 to the 1er2ice en"ineer/ Moreo2er. A)ASUAU/6 re-authenticate1 it/ )n thi1
re-authentication. when the failure authentication reache1 1-6 ti<e1. A)ASAA*/1L1M relea1e1
the authentication 1tatu1 of the 1er2ice en"ineer an3 loc;1 all the authentication function1 to
u1e the C, #a11wor3/ !he C, authentication loc; relea1e function i1 e@ecute3 an3 the relea1e
ti<e of o#eration #rohibition for C, authentication ela#1e1. 1o that thi1 loc; 1tatu1 i1
relea1e3/

AM!SSM0/1 L1M <aintain1 the role to 3o the1e <ana"e<ent1 a1 a 1er2ice en"ineer/
AM!SSMA/1 1#ecifie1 the1e <ana"e<ent function1/

6/2/1/6/ 6/2/1/6/ 6/2/1/6/ 6/2/1/6/ :e#en3encie1 of )! Securit Aunctional 0eIuire<ent1

!he 3e#en3encie1 of the )! 1ecurit functional reIuire<ent1 co<#onent1 are 1hown in the
followin" table/ When a 3e#en3enc re"ulate3 in CC Bart 2 i1 not 1ati1fie3. the rea1on i1
#ro2i3e3 in the 1ection for the D:e#en3encie1 0elation in thi1 S!/D

!able !able !able !able 10 10 10 10 :e#en3encie1 :e#en3encie1 :e#en3encie1 :e#en3encie1 of of of of )! )! )! )! Securit Securit Securit Securit Aunctional Aunctional Aunctional Aunctional 0eIuire<ent1 0eIuire<ent1 0eIuire<ent1 0eIuire<ent1 Co<#onent1 Co<#onent1 Co<#onent1 Co<#onent1
(/A 5 (ot A##licable
Aunctional
0eIuire<ent1
Co<#onent for
thi1 S!
:e#en3encie1 on CC Bart 2 :e#en3encie1 0elation in thi1 S!

81 / 112
Aunctional
0eIuire<ent1
Co<#onent for
thi1 S!
ACSSC&M/1
ACSSC&M/2 or ACSSC'B/1.
ACSSC&M/F
ACSSC'B/1 $onl #artial e2ent%
8!he rea1on not to fulfill #artiall ACSSC&M/2 or
ACSSC'B/19
!he cr#to"ra#hic o#eration i1 #erfor<e3 u1in" ;e
"enerate3 b &onica Minolta -:: cr#to"ra#hic ;e
"eneration al"orith< in the )! en2iron<ent b
A)!SCAB/1L1M/ !SA onl u1e1 thi1 ca#abilit. an3 there
i1 no nece11it of the 3i1tribution an3 cr#to"ra#hic
o#eration/

8!he rea1on not to a##l ACSSC&M/F9
!he encr#tion ;e te<#oraril e@i1t1 in the 2olatile
<e<or area. but there i1 no nece11it of the
encr#tion ;e cancellation 1ince it i1 auto<aticall
3e1troe3 without the nece11it of acce11 fro< the
out1i3e/

ACSSC'B/1

ACSSC&M/1 or A:BS)!C/1
or A:BS)!C/2. ACSSC&M/F

ACSSC&M/1 $onl #artial e2ent %
!he 1ati1fie3 e2ent15 !he encr#tion ;e for
enci#herin" the attache3 file b the S/M)M,
co<<unication i1 "enerate3/

8!he rea1on not to 1ati1f a #art of the ACSSC&M/1 or
A:BS)!C/1 or A:BS)!C/29
- )t 1ee<1 #ro#er to u1e A:BS)!C/1 becau1e the
#ublic ;e to encr#t the encr#tion ;e for the
3ata encr#tion of S/M)M, i1 i<#orte3 out1i3e of
!SA control area. but S/M)M, certificate i1
re"i1tere3 b the a3<ini1tratorJ1 o#eration/ )n that
ca1e. it i1 unnece11ar to con1i3er whether it
#a11e1 thorou"h the untru1te3 channel or not/
!here i1 not ine2itabilit to a##l the 1ecurit
reIuire<ent $!he u1e un3er the con3ition that
A/(,!W'0& i1 realize3% /
- Al1o. the attribute infor<ation of i<#orte3
encr#tion ;e 3oe1nJt a##l to the 1ecurit
attribute u1e3 for the acce11 control. etc/. i1 not
relate3 to the initialization. etc/. 1o there i1 no
nece11it to a##l/
- )n AM!SM!:/1L11M. it i1 e@#re11e3 a1 re"i1tration
of !SA 3ata. an3 the obHect of i<#ort o#eration i1
a11i"ne3 to an a##ro#riate role/
- A1 a re1ult. the e2ent corre1#on3in" to the ;e
<ana"e<ent i1 e@#laine3 b u1in" not the 1ecurit
reIuire<ent that i1 1howe3 in the 3e#en3encie1
but other 1ecurit reIuire<ent. 1o that itJ1 no
#roble< e2en if thi1 3e#en3enc i1 not 1ati1fie3/

8!he rea1on not a##l ACSSC&M/F9
!he encr#tion ;e te<#oraril e@i1t1 in the 2olatile
<e<or area. but there i1 no nece11it of the
encr#tion ;e cancellation 1ince it i1 auto<aticall
3e1troe3 without the nece11it of acce11 fro< the
out1i3e/
A:BSACC/1L1M A:BSACA/1 A:BSACA/1L1M

82 / 112
Aunctional
0eIuire<ent1
Co<#onent for
thi1 S!
A:BSACC/1LFM A:BSACA/1 A:BSACA/1LFM
A:BSACA/1L1M
A:BSACC/1.
AM!SMSA/6
A:BSACC/1L1M.
AM!SMSA/6L1M. AM!SMSA/6L6M
A:BSACA/1L2M
A:BSACC/1.
AM!SMSA/6
A:BSACC/1L2M
AM!SMSA/6L2M
A:BSACA/1L6M
A:BSACC/1.
AM!SMSA/6
A:BSACC/1L6M

8!he rea1on not to a##l AM!SMSA/69
!here i1 no nece11it for a##lin" thi1 reIuire<ent
becau1e the obHect attribute 3oe1nJt e@i1t/
A:BSACA/1LFM
A:BSACC/1.
AM!SMSA/6
A:BSACC/1LFM
AM!SMSA/6LFM
A:BS)AC/1 A:BS)AA/1 A:BS)AA/1
A:BS)AA/1
A:BS)AC/1.
AM!SMSA/6
A:BS)AC/1

!here i1 no nece11it for a##lin" thi1 reIuire<ent
becau1e the 1ecurit attribute i1 initialize3 on the
out1i3e/
A)ASAA*/1L1M A)ASUAU/1 A)ASUAU/2L1M
A)ASAA*/1LFM A)ASUAU/1 A)ASUAU/1L1M
A)ASAA*/1L6M A)ASUAU/1 A)ASUAU/2LFM
A)ASAA*/1LRM A)ASUAU/1 A)ASUAU/1L2M
A)ASAA*/1L7M
A)ASUAU/1 A)ASUAU/2L1M. A)ASUAU/2L2M. A)ASUAU/1L1M.
A)ASUAU/2L6M. A)ASUAU/2LFM. A)ASUAU/1L2M
A)ASAA*/1L=M A)ASUAU/1 A)ASUAU/2L2M
A)ASA!:/1 (one (/A
A)ASS'S/1L1M (one (/A
A)ASS'S/1LFM (one (/A
A)ASS'S/2 (one (/A
A)ASUAU/2L1M A)ASU):/1 A)ASU):/2L1M
A)ASUAU/2L6M A)ASU):/1 A)ASU):/2LFM
A)ASUAU/2LFM A)ASU):/1 A)ASU):/2L5M
A)ASUAU/6 (one (/A
A)ASUAU/R
A)ASUAU/1 A)ASUAU/2L1M. A)ASUAU/2L2M. A)ASUAU/1L1M.
A)ASUAU/2L6M. A)ASUAU/2LFM. A)ASUAU/1L2M
A)ASU):/2L1M (one (/A
A)ASU):/2LFM (one (/A

83 / 112
Aunctional
0eIuire<ent1
Co<#onent for
thi1 S!
A)ASU):/2L6M
(one (/A
A)ASU):/2LRM (one (/A
A)ASUS+/1 A)ASA!:/1 A)ASA!:/1
AM!SM'A/1L1M
AM!SSMA/1.
AM!SSM0/1
AM!SSMA/1.
AM!SSM0/1L1M. AM!SSM0/1L2M
AM!SM'A/1L2M
AM!SSMA/1.
AM!SSM0/1
AM!SSMA/1.
AM!SSM0/1L2M
AM!SM'A/1L6M
AM!SSMA/1.
AM!SSM0/1
AM!SSMA/1.
AM!SSM0/1L2M
AM!SMSA/1L1M
A:BSACC/1 or A:BS)AC/1.
AM!SSMA/1.
AM!SSM0/1
A:BSACC/1L1M.
AM!SSMA/1.
AM!SMSA/1L2M
AM!SSMA/1.
AM!SSM0/1
A:BSACC/1L1M.
AM!SSMA/1.
AM!SSM0/1L2M. AM!SSM0/1LFM
AM!SMSA/1L6M
AM!SSMA/1.
AM!SSM0/1
A:BSACC/1L1M.
AM!SSMA/1.
AM!SMSA/6L1M
AM!SMSA/1.
AM!SSM0/1
AM!SMSA/1L1M. AM!SMSA/1L2M.
AM!SSM0/1L6M
AM!SMSA/6L2M
AM!SMSA/1.
AM!SSM0/1
(either i1 a##licable/

!hi1 i1 the internal control ): that i1 i3entifie3
uniIuel. an3 thi1 3oe1 not reIuire the <ana"e<ent
1uch a1 chan"e or 3eletion. after thi1 i1 a11i"ne3 once/
8AM!SSM0/19
!he a11i"n<ent of AM!SMSA/6/2L2M i1 not a##licable/
AM!SSM0/1 i1 the 3e#en3enc that i1 1et relatin" to
the followin" an3 1o there i1 no nece11it of
a##lication/
AM!SMSA/6L6M
AM!SMSA/1.
AM!SSM0/1

!he u1er bo@ attribute of a u1er bo@ file alwa1 nee31
to corre1#on3 with the u1er bo@/ !herefore. the 2alue
onl ha1 to be "i2en at the ti<e of 1tora"e/ )t i1 not
nece11ar to chan"e the 2alue of thi1 attribute at the
ti<e of other o#erational ti<in"/ Accor3in"l. the
<ana"e<ent reIuire<ent i1 unnece11ar/
8AM!SSM0/19
!he a11i"n<ent of AM!SMSA/6/2L6M i1 not a##licable/
a##lication/
AM!SMSA/6LFM
AM!SMSA/1.
AM!SSM0/1

)t i1 the conce#t of ): N #rint that the obHect i1 a #rint

84 / 112
Aunctional
0eIuire<ent1
Co<#onent for
thi1 S!
obHect to which onl the #er1on who 1tore3 it can
acce11. 1o it i1 not a11u<e3 that the obHect i1
tran1ferre3 to an other u1er/ Con1eIuentl. it i1 not
nece11ar to chan"e the 2alue of the attribute when
the u1er #erfor<1 o#eration1 other than 1tore. 1o that
the <ana"e<ent reIuire<ent i1 unnece11ar/
8AM!SSM0/19
!he a11i"n<ent of AM!SMSA/6/2LFM i1 not a##licable/
a##lication/
AM!SM!:/1L1M
AM!SSMA/1.
AM!SSM0/1
AM!SSMA/1.
AM!SSM0/1L2M
AM!SM!:/1L2M
AM!SSMA/1.
AM!SSM0/1
AM!SSMA/1.
AM!SSM0/1L2M . AM!SSM0/1L6M
AM!SM!:/1L6M
AM!SSMA/1.
AM!SSM0/1
AM!SSMA/1.
AM!SSM0/1L2M
AM!SM!:/1LFM
AM!SSMA/1.
AM!SSM0/1
AM!SSMA/1.
AM!SSM0/1L2M. AM!SSM0/1LFM
AM!SM!:/1L5M
AM!SSMA/1.
AM!SSM0/1
AM!SSMA/1.
AM!SM!:/1L6M
AM!SSMA/1.
AM!SSM0/1
AM!SSMA/1.
AM!SM!:/1LRM
AM!SSMA/1.
AM!SSM0/1
AM!SSMA/1.
AM!SSM0/1L2M
AM!SM!:/1L7M
AM!SSMA/1.
AM!SSM0/1
AM!SSMA/1.
AM!SSM0/1L6M
AM!SM!:/1L=M
AM!SSMA/1.
AM!SSM0/1
AM!SSMA/1
AM!SSM0/1L1M
AM!SM!:/1L10M
AM!SSMA/1
AM!SSM0/1
AM!SSMA/1
AM!SM!:/1L11M
AM!SSMA/1
AM!SSM0/1
AM!SSMA/1
AM!SSM0/1L2M
AM!SM!:/1L12M
AM!SSMA/1
AM!SSM0/1
AM!SSMA/1
AM!SSM0/1L2M
AM!SSM0/1L6M
AM!SM!:/1L16M
AM!SSMA/1
AM!SSM0/1
AM!SSMA/1
AM!SSM0/1L2M
AM!SSMA/1 (one (/A
AM!SSM0/1L1M A)ASU):/1 A)ASU):/2L1M
AM!SSM0/1LFM A)ASU):/1 A)ASU):/2L5M
AM!SSM0/1L5M A)ASU):/1 A)ASU):/2LRM
A!ASSS*/6 (one (/A
A!BS)!C/1 (one (/A
AA:S0)B/1 (one (/A
A)!SCAB/1L1M (one (/A
A)!SCAB/1L2M
(one (/A


85 / 112

6/2/2/ 6/2/2/ 6/2/2/ 6/2/2/ 0ationale for )! Securit A11urance 0eIuire<ent1

!hi1 !', i1 in1talle3 an3 u1e3 in an en2iron<ent where a3eIuate 1ecurit i1 <aintaine3 in
ter<1 of the #h1ical. #er1onnel. an3 connecti2it/ (onethele11. a3eIuate effecti2ene11 in the
en2iron<ent where the !', i1 u1e3 <u1t be a11ure3/ A1 a "eneral co<<ercial office #ro3uct.
the e@ecution of te1t1 ba1e3 on function 1#ecification1 an3 !', 3e1i"n. an3 anal1i1 of the
1tren"th of function an3 a 1earch for 2ulnerabilitie1 are reIuire3/ )n a33ition. it i1 3e1irable that
it ha1 a 3e2elo#<ent en2iron<ent control. a confi"uration <ana"e<ent for the !', an3 a
1ecure 3i1tribution #roce3ure/ An3 therefore the 1election of ,A*6. which #ro2i3e1 an a3eIuate
a11urance le2el. i1 rea1onable/
!he 1ecure reIuire<ent 3e#en3enc anal1i1 i1 a11u<e3 to be a##ro#riate becau1e the
#ac;a"e ,A* ha1 been 1electe3. therefore 3etail1 are not 3i1cu11e3/

86 / 112

R/ R/ R/ R/ !', Su<<ar S#ecification

!he li1t of the !', 1ecurit function le3 fro< the !', 1ecurit function reIuire<ent i1 1hown
in !able 11 below/ !he 3etaile3 1#ecification i1 e@#laine3 in the #ara"ra#h1 3e1cribe3 below/

!able !able !able !able 11 11 11 11 (a<e1 an3 )3entifier1 (a<e1 an3 )3entifier1 (a<e1 an3 )3entifier1 (a<e1 an3 )3entifier1 of of of of !', !', !', !', Securit Securit Securit Securit A AA Aunction unction unction unction
(o/ !', Securit Aunction
1 A/A:M)( A3<ini1trator function
2 A/A:M)(-S(MB S(MB a3<ini1trator function
6 A/S,04)C, Ser2ice <o3e function
F A/US,0 U1er function
5 A/+'C U1er bo@ function
6 A/B0)(! Secure #rint function. ): N #rint function
R A/'4,0W0)!,-A** All area o2erwrite 3eletion function
7 A/C0YB! ,ncr#tion ;e "eneration function
= A/0,S,! Authentication Aailure AreIuenc 0e1et function
10 A/!0US!,:-BASS !ru1te3 Channel function
11 A/S/M)M, S/M)M, encr#tion #roce11in" function
12 A/AAC-C'(!0'* Aa@ unit control function
16 A/SUBB'0!-AU!- ,@ternal Ser2er authentication o#eration 1u##ort function
1F A/SUBB'0!-C0YB!' AS)C 1u##ort function
15 A/A:M)(-Web:A4 A3<ini1trator function $Counter <ana"e<ent function%

R/1/ R/1/ R/1/ R/1/ A/A:M)( $A3<ini1trator Aunction%

A/A:M)( i1 a 1erie1 of 1ecurit function that a3<ini1trator o#erate1. 1uch a1 an a3<ini1trator
i3entification authentication function in an a3<ini1trator <o3e acce11in" fro< a #anel or
throu"h a networ;. an3 a 1ecurit <ana"e<ent function that inclu3e1 a chan"e of an
a3<ini1trator #a11wor3 an3 a loc; cancellation of a loc;e3 u1er bo@/ $(e2erthele11. all function1
are not fea1ible function1 throu"h both a #anel an3 a networ;/%

R/1/1/ R/1/1/ R/1/1/ R/1/1/ A3<ini1trator )3entification Authentication Aunction

)t i3entifie1 an3 authenticate1 the acce11in" u1er a1 the a3<ini1trator in re1#on1e to the
acce11 reIue1t to the a3<ini1trator <o3e/

Bro2i3e1 the a3<ini1trator authentication <echani1< authenticatin" b the a3<ini1trator
#a11wor3 that con1i1t1 of the character 1hown in !able 12/
Bro2i3e1 the a3<ini1trator authentication <echani1< u1in" the 1e11ion infor<ation
be1i3e1 the a3<ini1trator #a11wor3. after the a3<ini1trator i1 authenticate3 to the acce11
fro< the networ;.
Accor3in" to #rotocol. u1e the 1e11ion infor<ation of <ore than 10
10
. or "enerate an3 u1e
the 1e11ion infor<ation <ore than 10
10
/
0eturn DKD for each character a1 fee3bac; for the entere3 a3<ini1trator #a11wor3/
0e1et1 the nu<ber of authentication failure when 1uccee3in" in the authentication/

87 / 112
)n the ca1e of acce11 fro< a #anel. it 3oe1nJt acce#t the in#ut fro< a #anel for fi2e 1econ31
when failin" in the authentication/
*oc;1 all the authentication function1 to u1e the a3<ini1trator #a11wor3 when 3etectin" the
authentication failure that beco<e1 1-6 ti<e1 at total in each authentication function b
u1in" the a3<ini1trator #a11wor3/ $0efu1e the acce11 to the a3<ini1trator <o3e%
!he a3<ini1trator 1#ecifie1 the failure freIuenc thre1hol3 b the unauthorize3 acce11
3etecte3 thre1hol3 1ettin" function/
A/0,S,! wor;1 an3 the loc; of authentication function i1 relea1e3/
A1 3e1cribe3 abo2e. A)ASAA*/1L2M. A)ASAA*/1L7M. A)ASS'S/1L5M. A)ASS'S/2/ A)ASUAU/2L2M.
A)ASUAU/R an3 A)ASU):/2L2M are realize3/

!able !able !able !able 12 12 12 12 C CC Character haracter haracter haracter1 11 1 an3 an3 an3 an3 ( (( (u<ber u<ber u<ber u<ber of of of of : :: :i"it1 i"it1 i"it1 i"it1 for for for for B BB Ba11wor3 a11wor3 a11wor3 a11wor3
13

'bHecti2e1 (u<ber
of 3i"it1
Character1
C, Ba11wor3
A3<ini1trator Ba11wor3
Account Ba11wor3
U1er +o@ Ba11wor3
Secure Brint Ba11wor3
Web:A4 Ser2er Ba11wor3
7 Selectable fro< =6 or <ore character1 in total
$Al#habet. nu<eric. an3 1<bol1 $So<e are not inclu3e3/%
,ncr#tion #a11#hra1e 20 Selectable fro< 76 or <ore character1 in total
U1er Ba11wor3

7 or <ore Selectable fro< 177 or <ore character1 in total
$Al#habet. nu<eric. 1<bol1 $So<e are not inclu3e3/%. an3
1#ecial character1 $So<e are not inclu3e3/%
S(MB Ba11wor3
- Bri2ac Ba11wor3
- Authentication Ba11wor3
7 or <ore

Selectable fro< =0 or <ore character1 in total

R/1/2/ R/1/2/ R/1/2/ R/1/2/ Auto *o"off Aunction of A3<ini1trator Mo3e

While acce11in" an a3<ini1trator <o3e fro< a #anel. if not acce#tin" an o#eration 3urin" the
#anel auto<atic lo"off ti<e. it lo"1 off the a3<ini1trator <o3e auto<aticall/
A1 3e1cribe3 abo2e. A)ASSS*/6 i1 realize3/

R/1/6/ R/1/6/ R/1/6/ R/1/6/ Aunction Su##orte3 in A3<ini1trator Mo3e

When a u1er i1 i3entifie3 an3 authenticate3 a1 an a3<ini1trator b the a3<ini1trator
i3entification authentication function at the acce11in" reIue1t to the a3<ini1trator <o3e. the
a3<ini1trator attribute i1 a11ociate3 with the ta1; 1ub1titutin" the u1er/ An3 the followin"
o#eration1 an3 the u1e of the function1 are #er<itte3/
A1 3e1cribe3 abo2e. A)ASA!:/1 an3 A)ASUS+/1 are realize3/

13
!able 12 1how1 the <ini<u< #a11wor3 1#ace a1 the 1ecurit 1#ecification/ !herefore. althou"h 1o<e e@clu3e3
character1 are 1hown 3e#en3in" on the #a11wor3 t#e. the e@clu3e3 character1 are #er<itte3 to u1e if #o11ible/

88 / 112

R/1/6/1/ R/1/6/1/ R/1/6/1/ R/1/6/1/ Chan"e of A3<ini1trator Ba11wor3

When a u1er i1 re-authenticate3 a1 an a3<ini1trator b the #anel an3 the new #a11wor3
1ati1fie1 the Iualit. the #a11wor3 i1 chan"e3/

Bro2i3e1 the a3<ini1trator authentication <echani1< that i1 authenticate3 b the
a3<ini1trator #a11wor3 which con1i1t1 of the character 1hown in !able 12/
0e1et1 the nu<ber of authentication failure when 1uccee3in" in the re-authentication/
0eturn DKD for each character a1 fee3bac; for the entere3 a3<ini1trator #a11wor3 in the
re-authentication/
When the authentication failure that beco<e1 1-6 ti<e1 at total in each authentication
function b u1in" the a3<ini1trator #a11wor3 i1 3etecte3. it lo"off1 the a3<ini1trator <o3e
acce11in" fro< the #anel. an3 loc;1 all the authentication function1 to u1e the a3<ini1trator
#a11wor3/ $!he acce11 to the a3<ini1trator <o3e i1 refu1e3/%
3etection thre1hol3 1ettin" function/
A/0,S,! wor;1. 1o that the loc; of the authentication function i1 relea1e3/
4erif the new a3<ini1trator #a11wor3 if the followin" Iualitie1 are 1ati1fie3/
)t i1 co<#o1e3 of the character1 an3 b the nu<ber of 3i"it1 1hown in the a3<ini1trator
#a11wor3 of !able 12/
)t 1hall not be co<#o1e3 of one ;in3 of character/
)t 3oe1nJt <atch with the current 2alue/
A1 3e1cribe3 abo2e. A)ASAA*/1L2M. A)ASS'S/1L1M. A)ASUAU/6. A)ASUAU/R. AM!SM!:/1L6M.
AM!SSMA/1 an3 AM!SSM0/1L2M are realize3/

R/1/6/2/ R/1/6/2/ R/1/6/2/ R/1/6/2/ U1er Setu#

U1er 0e"i1tration $'nl the u1er who u1e1 with the <achine authentication a1 U1er
authentication <etho3/%
U1er i1 re"i1tere3 b 1ettin" the u1er ): $!hou"h u1er ): i1 co<#o1e3 of the u1er na<e an3
the authentication 1er2er infor<ation
1F
. onl u1er na<e i1 re"i1tere3 in ca1e of the <achine
authentication/% an3 re"i1terin" the u1er #a11wor3/ )t 2erifie1 whether the u1er #a11wor3
newl 1et ha2e been 1ati1fie3 the followin" Iualitie1/
)t i1 co<#o1e3 of the character1 an3 b the nu<ber of 3i"it1. 1hown in the u1er #a11wor3
of the !able 12/
While the e@ternal 1er2er authentication i1 effecti2e. the u1er #a11wor3 cannot be re"i1tere3/
Al1o re"i1ter the belon"in" account $account ):%. an3 relate/ $!he account 1ettin" i1
nece11ar beforehan3/%

Chan"e of u1er #a11wor3 $'nl the u1er who u1e1 with the <achine authentication a1 U1er

14
)t a11ociate1 with the e@ternal 1er2er authentication 1ettin" 3ata that i1 1et in the ca1e of the u1e of the
e@ternal 1er2er $onl Acti2e :irectl <etho3 i1 a##licable% a1 the <etho3 of the u1er authentication function/
+ecau1e it 3eal1 when there are #lural u1er infor<ation <ana"e<ent 1er2er1. there i1 a ca1e in which #lural 1et1
of authentication 1er2er infor<ation are inclu3e3 in the e@ternal 1er2er infor<ation 1ettin" 3ata/

89 / 112
authentication <etho3/%
U1er #a11wor3 i1 chan"e3/ )t 2erifie1 whether the u1er #a11wor3 newl 1et ha2e been
1ati1fie3 the followin" Iualitie1/
)t i1 co<#o1e3 of the character1 an3 b the nu<ber of 3i"it1. 1hown in the u1er #a11wor3
of the !able 12/
)t 1hall not be eIual to the 2alue which i1 currentl 1et/

U1er 3eletion
U1er ): an3 u1er #a11wor3 i1 3elete3/
When a #er1onal u1er bo@ that a concerne3 u1er own1 e@i1t1. that #er1onal u1er bo@ i1
auto<aticall 1et to the #ublic u1er bo@ of Du1er attribute15 #ublic/D

Bau1e/re1u<e of U1er $'nl in the <achine authentication a1 U1er authentication <etho3/%
S#ecif the U1er ): an3 #au1e the u1er or re1u<e the u1er in the #au1e 1tate/ !he u1er in the
#au1e 1tate i1 not i3entifie3 an3 not authenticate3. 1o that the u1er cannot u1e the u1er
function after i3entification an3 authentication/

Chan"e of the belon"in" account
!he belon"in" account that relate3 to u1er i1 chan"e3
A1 3e1cribe3 abo2e. A)ASS'S/1L6M. AM!SM!:/1L1M. AM!SM!:/1L2M. AM!SM!:/1L6M.
AM!SM!:/1L10M. AM!SM!:/1L12M. AM!SM!:/1L16M. AM!SSMA/1 an3 AM!SSM0/1L2M are
realize3/

R/1/6/6/ R/1/6/6/ R/1/6/6/ R/1/6/6/ U1er +o@ Setu#

U1er +o@ 0e"i1tration
When the a3<ini1trator attribute i1 relate3. the 2iew of the li1t of u1er bo@e1 i1 #er<itte3/ A
#er1onal u1er bo@. a "rou# u1er bo@. an3 a #ublic u1er bo@ are re"i1tere3 b 1electin" the u1er
attribute to the non-re"i1tration u1er bo@ ): 1electe3 fro< the li1t of u1er bo@e1/ When the
are re"i1tere3. E#ublicP i1 1#ecifie3 on the u1er attribute of the u1er bo@ b 3efault. howe2er. a
u1er ): or an account ): can be 1electe3/
)n the ca1e of the #er1onal u1er bo@. the arbitrar u1er ): re"i1tere3 i1 1#ecifie3/
)n the ca1e of the #ublic u1er bo@. 2erif that a u1er bo@ #a11wor3 re"i1tere3 1ati1fie1 the
followin" con3ition1/
)t i1 co<#o1e3 of the character1 an3 b the nu<ber of 3i"it1. 1hown in the u1er bo@
#a11wor3 of the !able 12/
S#ecif the arbitrar account ): re"i1tere3 when "rou# u1er bo@/

Chan"e of U1er +o@ Ba11wor3
!he u1er bo@ #a11wor3 1et to the #ublic u1er bo@ i1 chan"e3/
)t 2erifie1 whether the u1er bo@ #a11wor3 newl 1et ha2e been 1ati1fie3 the followin"
Iualitie1/

90 / 112
)t 1hall not be eIual to the 2alue which i1 currentl 1et/

Chan"e of u1er attribute of u1er bo@
S#ecif the u1er attribute of a #er1onal u1er bo@ to the other u1er or the account that
re"i1tere3/
S#ecif the u1er attribute of "rou# u1er bo@ to the u1er or the other account that
re"i1tere3/
S#ecif the u1er attribute of #ublic u1er bo@ to the u1er or account that re"i1tere3/
S#ecif the u1er attribute of a #er1onal u1er bo@ or "rou# u1er bo@ to #ublic/
)f a u1er bo@ #a11wor3 i1 not re"i1tere3 at the 1a<e ti<e. the #a11wor3 1hall be
re"i1tere3. an3 the 1a<e #roce11in" a1 the chan"e of u1er bo@ #a11wor3 <entione3
abo2e i1 #erfor<e3/

A1 3e1cribe3 abo2e. A:BSACC/1L1M. A:BSACA/1L1M. A)ASS'S/1L1M. AM!SMSA/1L1M.
AM!SMSA/1L2M. AM!SMSA/1L6M. AM!SMSA/6L1M. AM!SM!:/1LFM. AM!SM!:/1L5M. AM!SSMA/1
an3 AM!SSM0/1L2M are realize3/

R/1/6/F/ R/1/6/F/ R/1/6/F/ R/1/6/F/ 0elea1e of *oc;

0e1et $clear all% the nu<ber of ti<e1 of authentication failure for each u1er1/
)f there i1 a u1er to who< acce11 i1 loc;e3. the loc; i1 relea1e3/
0e1et $clear all% the nu<ber of ti<e1 of authentication failure for all 1ecure #rint #a11wor31/
)f there i1 a 1ecure #rint #a11wor3 to which acce11 i1 loc;e3. the loc; i1 relea1e3/
0e1et $clear all% the nu<ber of ti<e1 of authentication failure of each u1er bo@e1/
)f there i1 a u1er bo@ to which acce11 i1 loc;e3. the loc; i1 relea1e3/
0e1et $clear all% the nu<ber of ti<e1 of authentication failure of each account/
)f there i1 a u1er account to which acce11 i1 loc;e3. the loc; i1 relea1e3/
0e1et $clear all% the nu<ber of ti<e1 of authentication failure of S(MB #a11wor3/
)f the acce11 to a M)+ obHect i1 loc;e3. the loc; i1 relea1e3/
0e1et $clear all% the nu<ber of ti<e1 of authentication failure of Web:A4 1er2er #a11wor3/
)f acce11in" b Web:A4 i1 loc;e3 u#. the loc; i1 relea1e3/

A1 3e1cribe3 abo2e. A)ASAA*/1 L6M. A)ASAA*/1LFM. A)ASAA*/1L5M. A)ASAA*/1L6M.
A)ASAA*/1LRM. an3 A)ASAA*/1L=M are realize3/

R/1/6/5/ R/1/6/5/ R/1/6/5/ R/1/6/5/ Setu# of U1er Authentication Aunction

Set the followin" authentication <etho3 in a u1er authentication function/
Machine authentication5 Authentication <etho3 which utilize1 a u1er #a11wor3 <ana"e3 on
MAB 1i3e1/
,@ternal 1er2er authentication 5 Authentication <etho3 which utilize1 a u1er #a11wor3
<ana"e3 with a u1er infor<ation <ana"e<ent 1er2er connecte3 throu"h a networ;/$'nl
Acti2e :irector <etho3 i1 obHect%
When e@ternal 1er2er authentication i1 u1e3. the e@ternal 1er2er authentication 1ettin"
3ata $Contain the <ulti#le authentication 1er2er infor<ation. 1uch a1 3o<ain na<e to

91 / 112
which e@ternal 1er2er belon"1% nee31 to be 1et/
Set the followin" authentication <etho3 in the account authentication function u1e3 with a
u1er authentication function/
Account authentication function 5 1nchronize3 <etho3
!he <etho3 which utilize1 an account ): a11ociate3 with u1er ): beforehan3/
Account authentication function 5 <etho3 not 1nchronize3
!he <etho3 to authenticate b the account ): an3 the account #a11wor3 at the ti<e of acce11.
without utilizin" the account ): that a11ociate3 with u1er ): beforehan3/
Account authentication function 5 not u1e
Utilize onl the authentication function b u1er ):. an3 not utilize the i3entification an3
authentication b account infor<ation/
A1 3e1cribe3 abo2e. AM!SM'A/1 L2M. AM!SM'A/1L6M. AM!SM!:/1L6M. AM!SM!:/1L11M.

R/1/6/6/ R/1/6/6/ R/1/6/6/ R/1/6/6/ Unauthorize3 Acce11 Setu#

Setu# of unauthorize3 acce11 3etection thre1hol3
!he unauthorize3 acce11 3etection thre1hol3 in the authentication o#eration #rohibition
function i1 1et for 1-6 ti<e1/
Setu# of the relea1e ti<e of o#eration #rohibition for A3<ini1trator Authentication
Set the relea1e ti<e of o#eration #rohibition for A3<ini1trator Authentication between 5-60
<inute1/
A1 3e1cribe3 abo2e. AM!SM!:/1L6M. AM!SSMA/1 an3 AM!SSM0/1L2M are realize3/

R/1/6/R/ R/1/6/R/ R/1/6/R/ R/1/6/R/ Setu# of Auto *o"off Aunction

!he #anel auto lo"off ti<e which i1 the 1ettin" 3ata of the auto lo"off function 1houl3 be 1et
within the followin" ti<e ran"e/
#anel auto lo"off ti<e 5 1 - = <inute1
A1 3e1cribe3 abo2e. AM!SM!:/1 L6M. AM!SSMA/1 an3 AM!SSM0/1L2M are realize3/

R/1/6/7/ R/1/6/7/ R/1/6/7/ R/1/6/7/ (etwor; Setu#

A 1etu# o#eration of the followin" 1ettin" 3ata i1 #erfor<e3/
A 1erie1 of 1etu# 3ata that relate1 to SM!B 1er2er $)B a33re11. Bort (u<ber. etc/%
A 1erie1 of 1etu# 3ata that relate1 to :(S 1er2er $)B a33re11. Bort (u<ber. etc/%
A 1erie1 of 1etu# 3ata that relate1 to MAB a33re11 $)B a33re11. (et+)'S (a<e. A##le!al;
Brinter (a<e. etc/%
A1 3e1cribe3 abo2e. A:BSACC/1L6M an3 A:BSACA/1L6M are realize3/

R/1/6/=/ R/1/6/=/ R/1/6/=/ R/1/6/=/ ,@ecution of +ac;-u# an3 0e1toration Aunction

All the 1ettin" 3ata 1tore3 in (40AM an3 -:: are bac;e3-u# an3 re-1tore3 e@ce#t the
a3<ini1trator #a11wor3. the C, #a11wor3. an3 encr#tion #a11#hra1e/ A1 the obHect relate3 to
1ecurit. 3ue to the relation of confi3entialit an3 co<#letene11. the one 1hown b the followin"
cla11ification1 i1 tar"ete3/

92 / 112

8!#e A5 'bHect to which bac;-u# an3 re1toration 1houl3 be li<ite39
S(MB #a11wor3
U1er #a11wor3
Account #a11wor3
Secure #rint #a11wor3
U1er +o@ #a11wor3
Web:A4 1er2er #a11wor3

8!#e +5 'bHect to which re1toration 1houl3 be li<ite39
A 1erie1 of 3ata that relate1 to SM!B 1er2er 1ettin"
A 1erie1 of 3ata that relate1 to :(S 1er2er 1ettin"
A 1erie1 of 3ata that relate1 to MAB a33re11 1ettin"
'#eration 1ettin" 3ata of S(MB #a11wor3 authentication function
Settin" 3ata of ,nhance3 Securit function
Settin" 3ata of o#eration <etho3 of u1er authentication function
'#eration 1ettin" 3ata of account authentication function
Authentication failure freIuenc thre1hol3 of authentication o#eration #rohibition function
Banel auto lo"off ti<e
U1er ):
U1er attribute of u1er bo@
Account ):
S/M)M, certificate
!ran1<i11ion a33re11 3ata
,ncr#tion 1tren"th 1ettin" 3ata in S/M)M, function
SS* certificate
+elon"in" Account of u1er
0elea1e ti<e of o#eration #rohibition for A3<ini1trator authentication
BC-AAC rece#tion 1ettin"
!S) recei2in" 1ettin" 3ata
,@ternal 1er2er authentication 1ettin" 3ata

8!#e C5 'bHect to which bac;-u# 1houl3 be li<ite39
Secure #rint file
U1er bo@ file
): N #rint file

A1 3e1cribe3 abo2e. A:BSACC/1L1M. A:BSACC/1L2M. A:BSACC/1L6M. A:BSACC/1LFM.
A:BSACA/1L1M. A:BSACA/1L2M . A:BSACA/1L6M. A:BSACA/1LFM. AM!SM'A/1L1M . AM!SM'A/1L2M .
AM!SM'A/1L6M. AM!SMSA/1L1M . AM!SMSA/1L2M . AM!SMSA/1L6M. AM!SM!:/1L2M .
AM!SM!:/1L6M . AM!SM!:/1LFM . AM!SM!:/1LRM. AM!SSMA/1 an3 AM!SSM0/1L2M are
realize3/

R/1/6/10/ R/1/6/10/ R/1/6/10/ R/1/6/10/ '#eration Setu# of -:: ,ncr#tion Aunction

8,ncr#tion Ba11#hra1e Chan"e9

93 / 112
!he encr#tion #a11#hra1e i1 chan"e3/ )t i1 chan"e3 when the newl 1etu# encr#tion
#a11#hra1e 1ati1fie1 Iualit reIuire<ent1. an3 A/C0YB!' i1 #erfor<e3
4erif that the encr#tion #a11#hra1e newl 1et 1ati1fie1 the followin" Iualitie1/
)t i1 co<#o1e3 of the character1 an3 b the nu<ber of 3i"it1 1hown in the encr#tion
#a11#hra1e of the !able 12/
)t 1hall not be <atche3 with the current 2alue/
A1 3e1cribe3 abo2e. A)ASS'S/1LFM. AM!SM!:/1L6M. AM!SSMA/1 an3 AM!SSM0/1L2M are
realize3/

R/1/6/11/ R/1/6/11/ R/1/6/11/ R/1/6/11/ Chan"e of S(MB Ba11wor3

!he S(MB #a11wor3 $Bri2ac #a11wor3 an3 Authentication #a11wor3% i1 chan"e3/ !hi1 i1
#erfor<e3 when the newl 1etu# #a11wor3 1ati1fie1 Iualit reIuire<ent1/
4erifie1 that the S(MB #a11wor3 which i1 newl 1et 1ati1fie1 the followin" Iualitie1/
)t i1 co<#o1e3 of the character1 an3 b the nu<ber of 3i"it1 1hown in S(MB #a11wor3 of
the !able 12/
A1 3e1cribe3 abo2e. A)ASS'S/1L2M. AM!SM!:/1L6M. AM!SSMA/1. an3 AM!SSM0/1L2M are
realize3/

R/1/6/12/ R/1/6/12/ R/1/6/12/ R/1/6/12/ Setu# of S(MB Ba11wor3 Authentication Aunction

!he authentication <etho3 in the S(MB #a11wor3 authentication function i1 1et to D'nl
Authentication #a11wor3D or the DAuthentication #a11wor3 an3 Bri2ac #a11wor3D/
A1 3e1cribe3 abo2e. AM!SM'A/1L2M. AM!SSMA/1 an3 AM!SSM0/1L2M are realize3/

R/1/6/16/ R/1/6/16/ R/1/6/16/ R/1/6/16/ Account Setu#

Account re"i1tration
Account i1 re"i1tere3 b 1ettin" the account ): an3 re"i1terin" the account #a11wor3/ )t
2erifie1 whether the account #a11wor3 newl 1et ha2e been 1ati1fie3 the followin" Iualitie1/
)t i1 co<#o1e3 of the character1 an3 b the nu<ber of 3i"it1. 1hown in the account

Chan"e of account ): an3 account #a11wor3
Account ): an3 account #a11wor3 i1 chan"e3/ )t 2erifie1 whether the account #a11wor3
newl 1et ha2e been 1ati1fie3 the followin" Iualitie1/
)t i1 co<#o1e3 of the character1 an3 b the nu<ber of 3i"it1. 1hown in the account
)t 1hall not be <atche3 to the current 1ettin"/

Account 3eletion

94 / 112
Account ): an3 account #a11wor3 are 3elete3/
When the "rou# u1er bo@ of the account ): e@i1t1. that "rou# u1er bo@ i1 auto<aticall 1et
to the #ublic u1er bo@ of Du1er attribute15 #ublic/D

Bau1e/re1u<e of Account
Account ): i1 1#ecifie3. an3 the u1e of the account i1 #au1e3 or the u1e of the account in the
#au1e 1tate i1 re1u<e3/ !he account in the #au1e 1tate i1 not 3one the i3entification an3
authentication. an3 beco<e1 i<#o11ible to u1e the u1er function to nee3 the i3entification
an3 authentication of account/

A1 3e1cribe3 abo2e. A)ASS'S/1L1M. AM!SMSA/1L6M. AM!SM!:/1L6M. AM!SM!:/1L11M.
AM!SM!:/1L16M. AM!SSMA/1 an3 AM!SSM0/1L2M are realize3/

R/1/6/1F/ R/1/6/1F/ R/1/6/1F/ R/1/6/1F/ Setu# of !ru1te3 Channel Aunction

Set the 1ettin" 3ata of !ru1te3 Channel function b SS*/!*S
Co<<unication ,ncr#tion Stren"th Settin" $Mo3ification of the co<<unication encr#tion
<etho3/%
'#eration an3 Sto# Settin" of the !ru1te3 Channel function

R/1/6/15/ R/1/6/15/ R/1/6/15/ R/1/6/15/ Setu# of S/M)M, !ran1<i11ion Aunction

Set the 1ettin" 3ata which are u1e3 when the u1er bo@ file i1 S/M)M, tran1<itte3/
!ran1<i11ion a33re11 3ata $e-<ail a33re11%
0e"i1tration an3 <o3ification of S/M)M, certificate
Setu# of ,ncr#tion Stren"th for S/M)M, function
A1 3e1cribe3 abo2e. A:BSACC/1L6M. A:BSACA/1L6M. AM!SM'A/1L2M. AM!SM!:/1L6M.
AM!SM!:/1L11M. AM!SSMA/1. an3 AM!SSM0/1L2M are realize3/

R/1/6/16/ R/1/6/16/ R/1/6/16/ R/1/6/16/ Setu# of AAC

Set the 1ettin" 3ata of AAC relate3 1ettin"1 a1 follow1.
BC-AAC rece#tion Settin"
Settin" either of two <o3e1 at BC-AAC o#eration which are to 1tore in each u1er bo@ an3
to 1tore in co<<on area for all u1er1 accor3in" to the 3e1i"nate3 infor<ation at AAC
tran1<i11ion/
!S) rece#tion Settin"
Settin" the 1torin" u1er bo@ at !S) rece#tion b relatin" the tran1<itterG1 tele#hone
nu<ber with the u1er bo@ a1 the i3entification infor<ation of tran1<itterG1 ter<inal/
A1 3e1cribe3 abo2e. A:BSACC/1L6M. A:BSACB/1L6M. AM!SM!:/1L6M. AM!SM!:/1L11M.

R/1/6/1R/ R/1/6/1R/ R/1/6/1R/ R/1/6/1R/ Aunction 0elate3 to ,nhance3 Securit Aunction

!he function that influence1 the 1etu# of the ,nhance3 Securit function that the

95 / 112
a3<ini1trator o#erate1 i1 a1 follow1/ $K )t ha1 e@#laine3 the influence of the bac;u# an3
re1toration function in R/1/6/=/%
'#erational 1etu# of ,nhance3 Securit function
Aunction to 1et 2ali3 or in2ali3 of ,nhance3 Securit function/
-:: lo"ical for<at function
Aunction to write the 3efault 2alue of <ana"e<ent 3ata u1in" the file 11te< of -::/ Alon"
with the e@ecution of thi1 lo"ical for<at. the 1etu# of the ,nhance3 Securit function i1
in2ali3ate3/
All area o2erwrite 3eletion function
!he 1etu# 3ata of enhance3 1ecurit function are in2ali3ate3 b e@ecutin" the o2erwrite
3eletion of all area

R/1/6/17/ R/1/6/17/ R/1/6/17/ R/1/6/17/ Aunction 0elate3 to Ba11wor3 )nitialization Aunction

!he function that relate1 to the initialization of the #a11wor3 that the a3<ini1trator o#erate1
i1 a1 follow1/
All area o2erwrite 3eletion function
!he 1ettin"1 of the a3<ini1trator #a11wor3. the S(MB #a11wor3 an3 the Web:A4 1er2er
#a11wor3 are initialize3 to the 2alue1 at factor 1hi#<ent b e@ecutin" the o2erwrite 3eletion
of all area/
A1 3e1cribe3 abo2e. AM!SM!:/1L6M . AM!SM!:/1L6M. AM!SSMA/1 an3 AM!SSM0/1L2M are
realize3/

R/1/6/1=/ R/1/6/1=/ R/1/6/1=/ R/1/6/1=/ Chan"e of Web:A4 Ser2er Ba11wor3

!he Web:A4 1er2er #a11wor3 i1 chan"e3/ !hi1 i1 #erfor<e3 when the newl 1etu# Web:A4
1er2er #a11wor3 1ati1fie1 the Iualit/
4erifie1 that the Web:A4 1er2er #a11wor3 which i1 newl 1et 1ati1fie1 the followin"
Iualitie1/
)t i1 co<#o1e3 of the character1 an3 b the nu<ber of 3i"it1. 1hown in the Web:A4 1er2er
)t 1hall not be <atche3 to the current 1ettin"/
A1 3e1cribe3 abo2e. A)ASS'S/1L1M. AM!SM!:/1L6M. AM!SSMA/1. an3 AM!SSM0/1L2M are
realize3/

R/1/6/20/ R/1/6/20/ R/1/6/20/ R/1/6/20/ '#erational Setu# of the ): N Brint Aunction

!he o#eration <o3e1 of the ): N #rint function are 1et u# a1 follow15
): N #rint auto<atic o#eration <o3e
An o#eration <o3e that 1tore1 a #rint file 1ent fro< a client BC a1 an ): N #rint file e2en if
#rintin" i1 reIue1te3 b the nor<al #rint 1etu#/
): N #rint 1#ecifie3 o#eration <o3e
An o#eration <o3e that 1tore1 a #rint file 1ent fro< a client BC a1 an ): N #rint file onl
when it i1 reIue1te3 to 1tore that file a1 an ): N #rint file/

96 / 112
A1 3e1cribe3 abo2e. AM!SM'A/1L2M. AM!SSMA/1. an3 AM!SSM0/1L2M are realize3/

R/2/ R/2/ R/2/ R/2/ A/A:M)(-S(MB $S(MB A3<ini1trator Aunction%

A/A:M)(-S(MB i1 a 1ecurit function. which i3entifie1 an3 authenticate1 the a3<ini1trator
in the acce11 throu"h the networ; b u1in" S(MB fro< client BC. an3 then #er<it1 the
o#eration of a 1ettin" function of the networ; onl to the a3<ini1trator who1e i3entification an3
authentication wa1 1uccee3e3/

R/2/1/ R/2/1/ R/2/1/ R/2/1/ )3entification an3 Authentication Aunction b S(MB Ba11wor3

)t i3entifie1 an3 authenticate1 b the S(MB #a11wor3. that the u1er who acce11e1 the M)+
obHect throu"h the networ; with the u1e of S(MB i1 an a3<ini1trator
Bro2i3e1 the S(MB authentication <echani1< which authenticate1 b the S(MB #a11wor3
that con1i1t1 of the character 1hown in !able 12/
'nl Authentication #a11wor3 or both the Bri2ac #a11wor3 an3 the Authentication
#a11wor3 i1 u1e3/
)n the ca1e of S(MB. the S(MB #a11wor3 i1 u1e3 for e2er 1e11ion without reIuirin" the
a3<ini1trator authentication <echani1< b the 1e#arate 1e11ion infor<ation/
0e1et the authentication failure freIuenc if it 1uccee31 in authentication/
)n the ca1e of both the Bri2ac #a11wor3 an3 the Authentication #a11wor3 are u1e3. the
authentication failure freIuenc i1 re1et onl when both #a11wor31 to"ether 1uccee3e3 in
the authentication/
When the authentication failure that beco<e1 the 1-6 ti<e1 at total in each authentication
function b u1in" the S(MB #a11wor3 i1 3etecte3. all the authentication function1 to u1e the
S(MB #a11wor3 are loc;e3/ $!he acce11 to the M)+ obHect i1 refu1e3/%
)n the ca1e of both the Bri2ac #a11wor3 an3 the Authentication #a11wor3 are utilize3.
e2en thou"h both #a11wor31 to"ether fail in authentication. it i1 3etecte3 a1 one failure/
!he loc; 1tatu1 i1 relea1e3 when the loc; relea1e function to the M)+ obHect of A/ A:M)( i1
#erfor<e3/
A1 3e1cribe3 abo2e. A)ASAA*/1L6M . A)ASUAU/2L2M an3 A)ASU):/2L2M are realize3/

R/2/2/ R/2/2/ R/2/2/ R/2/2/ Mana"e<ent Aunction u1in" S(MB

When it i1 i3entifie3 an3 authenticate3 that the u1er i1 an a3<ini1trator b the S(MB
#a11wor3. the acce11 to the M)+ obHect i1 #er<itte3. an3 then the o#eration of the 1ettin" 3ata
1hown below i1 #er<itte3 to be 3one/

$1% (etwor; Setu#
Setu# o#eration of the followin" 1ettin" 3ata i1 #erfor<e3/
Settin" 3ata that relate1 to SM!B 1er2er $)B a33re11. #ort nu<ber. etc/%
Settin" 3ata that relate1 to :(S 1er2er $)B a33re11. #ort nu<ber. etc/%
A 1erie1 of 1ettin" 3ata that relate1 to MAB a33re11 $)B a33re11. (et+)'S na<e. A##le!al;

97 / 112
#rinter na<e. etc/%
A1 3e1cribe3 abo2e. A:BSACC/1L6M an3 A:BSACA/1L6M are realize3

$2% Chan"e of S(MB #a11wor3
!he S(MB #a11wor3 $Bri2ac #a11wor3 an3 Authentication #a11wor3% i1 chan"e3/ 4erif that
the S(MB #a11wor3 newl 1et 1ati1fie1 the followin" Iualitie1/
)t i1 co<#o1e3 of the character1 an3 b the nu<ber of 3i"it1 1hown in the S(MB #a11wor3
of the !able 12/
!hi1 #a11wor3 i1 not co<#o1e3 of one character onl/
!hi1 #a11wor3 i1 not <atche3 to the currentl 1etu# #a11wor3/
A1 3e1cribe3 abo2e. A)ASS'S/1L2M. AM!SM!:/1L6M . AM!SSMA/1 an3 AM!SSM0/1L2M are
realize3/

$6% Setu# of S(MB #a11wor3 authentication function
!he authentication <etho3 in the S(MB #a11wor3 authentication function i1 1et to the
DAuthentication #a11wor3 onlD or the DBri2ac #a11wor3 an3 the Authentication #a11wor3D/
A1 3e1cribe3 abo2e. AM!SM'A/1L2M . AM!SSMA/1 an3 AM!SSM0/1L2M are realize3/

R/6/ R/6/ R/6/ R/6/ A/S,04)C, $Ser2ice Mo3e Aunction%

A/S,04)C, i1 a 1erie1 of 1ecurit function that the 1er2ice en"ineer o#erate1. 1uch a1 the
1er2ice en"ineer i3entification authentication function in 1er2ice <o3e acce11in" fro< a #anel.
an3 a 1ecurit <ana"e<ent function that inclu3e1 a chan"e in the C, #a11wor3 an3 the
a3<ini1trator #a11wor3/

R/6/1/ R/6/1/ R/6/1/ R/6/1/ Ser2ice ,n"ineer )3entification Authentication Aunction

)t i1 i3entifie3 an3 authenticate3 the acce11in" u1er a1 the 1er2ice en"ineer in re1#on1e to the
acce11 reIue1t to the 1er2ice <o3e fro< the #anel/
Bro2i3e1 the C, authentication <echani1< that i1 authenticate3 b the C, #a11wor3 that
con1i1t1 of the character 1hown in !able 12/
!he C, authentication <echani1< b the 1e#arate 1e11ion infor<ation i1 not reIuire3
becau1e the 1er2ice <o3e can onl be acce11e3 fro< the #anel/
0eturn EKP for each character a1 fee3bac; for the entere3 C, #a11wor3/
0e1et1 the nu<ber of the authentication failure when 1uccee3in" in the authentication/
(ot acce#t the in#ut fro< the #anel for fi2e 1econ31 when the authentication faile3/
function b u1in" the C, #a11wor3 i1 3etecte3. it loc;1 all the authentication function1 to u1e
the C, #a11wor3/ $!he acce11 to the 1er2ice <o3e i1 refu1e3/%
*oc; of authentication function i1 relea1e3 with A/0,S,! function o#erate3/
A1 3e1cribe3 abo2e. A)ASAA*/1L1M. A)ASAA*/1L7M. A)ASUAU/2L1M. A)ASUAU/R an3
A)ASU):/2L1M are realize3/


98 / 112
R/6/2/ R/6/2/ R/6/2/ R/6/2/ Aunction Su##orte3 in Ser2ice Mo3e

When a u1er i1 i3entifie3 an3 authenticate3 a1 a 1er2ice en"ineer b the 1er2ice en"ineer
i3entification authentication function at the acce11 reIue1t to the 1er2ice <o3e. the u1e of the
followin" function1 i1 #er<itte3/

R/6/2/1/ R/6/2/1/ R/6/2/1/ R/6/2/1/ Chan"e of C, Ba11wor3

When a u1er i1 re-authenticate3 a1 a 1er2ice en"ineer an3 the new #a11wor3 1ati1fie1 the
Iualit. it i1 chan"e3/
Bro2i3e1 the C, authentication <echani1< that i1 re-authenticate3 b the C, #a11wor3 that
con1i1t1 of the character1 1hown in !able 12/
0e1et1 the authentication failure freIuenc when 1uccee3in" in the re-authentication/
0eturn DKD for each character a1 fee3bac; for the entere3 C, #a11wor3 in the
re-authentication/
function b u1in" the C, #a11wor3 i1 3etecte3. it lo"off1 the 1er2ice <o3e acce11in" fro< the
#anel. an3 loc;1 all the authentication function1 to u1e the C, #a11wor3/ $!he acce11 to the
1er2ice <o3e i1 refu1e3/%
!he A/0,S,! function unloc;1 the authentication function/
)t 2erifie1 that the C, #a11wor3 newl 1et 1ati1fie1 the followin" Iualitie1/
)t i1 co<#o1e3 of the character1 an3 b the nu<ber of 3i"it1. 1hown in the C, #a11wor3 of
the !able 12/
A1 3e1cribe3 abo2e. A)ASAA*/1L1M. A)ASS'S/1L1M. A)ASUAU/6. A)ASUAU/R. AM!SM!:/1L=M.

R/6/2/2/ R/6/2/2/ R/6/2/2/ R/6/2/2/ Chan"e of A3<ini1trator Ba11wor3

Chan"e the a3<ini1trator #a11wor3/ 4erif that the a3<ini1trator #a11wor3 newl 1et
1ati1fie1 the followin" Iualitie1/
)t i1 co<#o1e3 of the character1 an3 b the nu<ber of 3i"it1. 1hown in the a3<ini1trator
A1 3e1cribe3 abo2e. A)ASS'S/1L1M. AM!SM!:/1L6M. AM!SSMA/1 an3 AM!SSM0/1L1M are
realize3/

R/6/2/6/ R/6/2/6/ R/6/2/6/ R/6/2/6/ Setu# of the relea1e ti<e of o#eration #rohibition for C, Authentication

Set the relea1e ti<e of o#eration #rohibition for C, Authentication between 5 - 60 <inute1/
A1 3e1cribe3 abo2e. AM!SM!:/1L=M. AM!SSMA/1 an3 AM!SSM0/1L1M are realize3/


99 / 112
R/6/2/F/ R/6/2/F/ R/6/2/F/ R/6/2/F/ Aunction 0elate3 to ,nhance3 Securit Aunction

!he function1 that influence the 1ettin" of the ,nhance3 Securit function that the 1er2ice
en"ineer o#erate1 are a1 follow1/
-:: lo"ical for<at function
Aunction to write the initial 2alue of <ana"e<ent 3ata u1in" the file 11te< of -::/ !he
1ettin" of the ,nhance3 Securit function i1 in2ali3ate3 alon" with the e@ecution of thi1
lo"ical for<at/
-:: #h1ical for<at function
Aunction to rewrite the entire 3i1; in -:: with a re"ulate3 #attern inclu3in" the 1i"nal row1
1uch a1 the trac; an3 1ector infor<ation/ !he 1ettin" of the ,nhance3 Securit function i1
in2ali3ate3 alon" with the e@ecution of thi1 #h1ical for<at/
)nitialization function
Aunction to re1et e2er 1ettin" 2alue written in (40AM to the factor 3efault/ !he 1etu# of
the ,nhance3 Securit function i1 in2ali3ate3 b e@ecutin" thi1 initialization function/

R/F/ R/F/ R/F/ R/F/ A/US,0 $U1er Aunction%

A/US,0 i3entifie1 an3 authenticate1 the u1er for the u1e of MAB 2ariou1 function/ !o the
i3entifie3 an3 authenticate3 u1er. it #ro2i3e1 the <ana"e<ent function of the u1er #a11wor3
that i1 <ana"e3 in the MAB at the ti<e of <achine authentication. be1i3e1 the #er<i11ion of the
u1e of function1 1uch a1 A/+'C an3 A/B0)(!/

R/F/1/ R/F/1/ R/F/1/ R/F/1/ U1er Authentication Aunction

8Account Authentication5 U1er i3entification an3 authentication in the 1nchronize3 <etho39
When the acce11 reIue1t for the u1er bo@ an3 the 1tore reIue1t for the 1ecure #rint file. it i1
i3entifie3 an3 authenticate3 to be a #er<itte3 u1er/ Account (a<e $account ):% i1 a11ociate3
with the concerne3 u1er ): that i1 1et u# beforehan3 be1i3e1 the u1er ): for the i3entifie3 an3
authenticate3 u1er. an3 the u1e of A/+'C an3 A/B0)(! i1 #er<itte3 to the i3entifie3 an3
authenticate3 u1er/
0eturn DKD for each character a1 fee3bac; for the entere3 u1er #a11wor3/
(ot acce#t the acce11 fro< the #anel for fi2e 1econ31 when the authentication faile3/
When the authentication failure that beco<e1 1-6 ti<e1 at total for the concerne3 u1er i1
3etecte3. it loc;1 all the authentication function1 to the u1er/
!he a3<ini1trator 1#ecifie1 the failure freIuenc thre1hol3 b the o#eration 1ettin" of
the authentication o#eration #rohibition function/
!he loc; of authentication function i1 relea1e3 b #erfor<in" the loc; relea1e function to the
concerne3 u1er of A/A:M)(/
A1 3e1cribe3 abo2e. A)ASAA*/1LFM. A)ASAA*/1L7M. A)ASA!:/1. A)ASUAU/ 1L1M. A)ASUAU/R
A)ASU):/2L6M an3 A)ASUS+/1 are realize3/

8 Account authentication5 Account re"i1tration function when the belon"in" account of u1er i1
not re"i1tere3 in the 1nchronize3 <etho39

100 / 112
0eIuire the Account authentication after U1er i3entification an3 authentication/
0e"i1ter the 1ucce11ful account ): a1 account na<e when 1uccee3in" in the account
authentication/ $+ thi1. AM!SM!:/1L12M. AM!SSMA/1 an3 AM!SSM0/1L6M are realize3/%
$!he 3etail of the account authentication i1 the 1a<e a1 #roce11in" of the ite<1 e@#laine3 in
the followin" 8 Account authentication5 U1er i3entification an3 authentication in the
authentication <etho3 not 1nchronize39%

8 Account authentication5 U1er i3entification an3 authentication in the authentication <etho3
not 1nchronize39
When the acce11 reIue1t for the u1er bo@ an3 the 1tore reIue1t for the 1ecure #rint file. it i1
i3entifie3 an3 authenticate3 to be a #er<itte3 u1er/ !he 3etail of u1er authentication i1 the 1a<e
a1 account authentication5 u1er i3entification an3 authentication in the 1nchronize3 <etho3/ )n
the ca1e of the acce11 fro< the #anel. the account authentication i1 reIuire3. Account (a<e i1
a11ociate3 with the u1er ): if 1uccee3in" the account authentication. an3 the u1e of A/+'C an3
A/B0)(! i1 #er<itte3 to the u1er who i1 i3entifie3 an3 authenticate3/
Bro2i3e1 account authentication <echani1< that i1 authenticate3 the account b the
account #a11wor3 that con1i1t1 of the character1 1hown in !able 12/
0eturn DKD for each character a1 fee3bac; for the entere3 account #a11wor3/
(ot acce#t the acce11 fro< the #anel for fi2e 1econ31 when the authentication faile3/
When the authentication failure that beco<e1 1-6 ti<e1 at total for the concerne3 account i1
3etecte3. it loc;1 all the authentication function1 to the account/
!he a3<ini1trator 1#ecifie1 the failure freIuenc thre1hol3 b the o#eration 1ettin" of
the authentication o#eration #rohibition function/
!he loc; of the authentication function i1 relea1e3 b #erfor<in" the loc; relea1e function to
the concerne3 account of A/A:M)(/
A1 3e1cribe3 abo2e. A)ASAA*/1LRM. A)ASAA*/1L7M. A)ASA!:/1. A)ASUAU/1L2M. A)ASUAU/R

When acce11in" fro< a networ;. the account i1 not authenticate3 after the u1er authentication
but the u1er an3 the account are #roce11e3 with one 1eIuence/ When authenticatin" the account.
the account ): i1 a11ociate3 with the u1er ):. an3 the u1er ): an3 the account ): are <ea1ure3
b the 1e11ion infor<ation which i1 the 1a<e a1 u1er i3entification an3 authentication in the
account authentication5 the 1nchronize3 <etho3/
Bro2i3e1 the u1er authentication <echani1< that authenticate1 the u1er b the u1er
#a11wor3 that con1i1t1 of the character1 1hown in !able 12/
After the u1er i1 authenticate3 to the acce11 fro< the networ;. the u1er authentication
<echani1< u1in" 1e11ion infor<ation be1i3e1 the u1er #a11wor3 i1 #ro2i3e3/
Accor3in" to the #rotocol. it u1e1 the 1e11ion infor<ation <ore than 10
10
or it "enerate1
an3 u1e1 the 1e11ion infor<ation <ore than 10
10
/
A1 3e1cribe3 abo2e. A)ASA!:/1. A)ASS'S/1L5M. A)ASS'S/2 an3 A)ASUS+/1 are realize3/

8Account authentication5 U1er i3entification an3 authentication when it 3oe1 not u1e39
When the acce11 reIue1t for the u1er bo@ an3 the 1tore reIue1t of the 1ecure #rint file. it i1
i3entifie3 an3 authenticate3 to be a #er<itte3 u1er/ !he 3etail of the u1er authentication i1 the
1a<e a1 account authentication5 u1er i3entification an3 authentication in the 1nchronize3

101 / 112
<etho3/ !he u1e of A/+'C an3 A/B0)(! i1 #er<itte3 to the u1er who i1 i3entifie3 an3
authenticate3/
A1 3e1cribe3 abo2e. A)ASAA*/1LFM. A)ASAA*/1L7M. A)ASA!:/1. A)ASUAU/ 1L1M. A)ASUAU/R

8Auto<atic re"i1tration of the U1er ):9
)n the ca1e of the E,@ternal 1er2er authenticationP ha1 been 1electe3 a1 the u1er
authentication <etho3. the i3entifie3 an3 authenticate3 u1er i1 re"i1tere3 a1 a u1er ): with the
u1er na<e an3 authentication 1er2er infor<ation that wa1 u1e3 with i3entification an3
authentication/
A1 3e1cribe3 abo2e. A)ASU):/2LRM. AM!SM!:/1L10M. AM!SSMA/1 an3 AM!SSM0/1L5M are
realize3/

R/F/2/ R/F/2/ R/F/2/ R/F/2/ Auto *o"off Aunction in U1er )3entification an3 Authentication :o<ain

While the u1er who i1 i3entifie3 an3 authenticate3 i1 acce11in" fro< a #anel. if it 3oe1 not
acce#t an o#eration1 for <ore than the D#anel auto<atic lo"off ti<eD. it lo"1 off fro< a u1er
i3entification an3 authentication 3o<ain auto<aticall/
A1 3e1cribe3 abo2e. A!ASSS*/6 i1 realize3/

R/F/6/ R/F/6/ R/F/6/ R/F/6/ Mo3ification Aunction of U1er Ba11wor3

When the i3entification an3 authentication are 1uccee3e3. an3 the acce11 to the u1er
i3entification an3 authentication 3o<ain i1 #er<itte3. the u1er i1 #er<itte3 to chan"e it1 own
#a11wor3/ When the e@ternal 1er2er authentication i1 effecti2e. thi1 function cannot be a##lie3/
!he u1er #a11wor3 i1 chan"e3 when it i1 re-authenticate3 that the u1er i1 a u1er an3 the newl
1etu# #a11wor3 1ati1fie1 the Iualit/
Bro2i3e1 u1er authentication <echani1< that i1 authenticate3 the u1er b the u1er
#a11wor3 that con1i1t1 of the character1 1hown in !able 12/
0eturn EKP for each character a1 fee3bac; for the entere3 u1er #a11wor3. in the ca1e of acce11
fro< the #anel at the re-authentication/
When the authentication failure that beco<e1 1-6 ti<e1 at total for the concerne3 account i1
3etecte3 b each authentication function utilizin" the u1er #a11wor3. all the authentication
function1 utilizin" the u1er #a11wor3 of the u1er are loc;e3 out/ $*o"in b the u1er i1 3enie3/
Chan"e o#eration of the u1er #a11wor3 i1 3enie3/%
!he loc; of the authentication function i1 relea1e3 b #erfor<in" the loc; relea1e function
to the concerne3 account of A/A:M)(
Chan"e3 when the u1er #a11wor3 newl 1et 1ati1fie1 the followin" Iualitie1/
)t i1 co<#o1e3 of the character1 an3 b the nu<ber of 3i"it1. 1hown in the u1er #a11wor3 of
the !able 12/
A1 3e1cribe3 abo2e. A)ASAA*/1LFM. A)ASS'S/1L6M. A)ASUAU/6. A)ASUAU/R. AM!SM!:/1L2M.

102 / 112
AM!SSMA/1. an3 AM!SSM0/1L6M are realize3/

R/5/ R/5/ R/5/ R/5/ A/+'C $U1er +o@ Aunction%

A/+'C #er<it1 a u1er who wa1 i3entifie3 an3 authenticate3 a1 a #er<itte3 u1er to o#erate an3
<ana"e hi1/her #er1onal u1er bo@/ When the account authentication i1 u1e3. A/+'C #er<it1 the
u1er to o#erate an3 <ana"e the "rou# u1er bo@ a11ociate3 with the account to which the u1er
belon"1/ A/+'C i1 a 1erie1 of 1ecurit function 1uch a1 the acce11 control function allowin" that
the u1er i1 #er<itte3 to u1e the #ublic u1er bo@ when he/1he trie1 to acce11 that #ublic u1er bo@
an3 #er<ittin" 2ariou1 o#eration1 of the #ublic u1er bo@ an3 the u1er bo@ file1 after the
authentication 1uccee31/

80e"i1tration of u1er bo@ b u1er o#eration9
!o re"i1ter a #er1onal u1er bo@. a "rou# u1er bo@ or #ublic u1er bo@ b 1electin" the u1er
attribute to the non-re"i1tration u1er bo@ ): 1electe3/ When itJ1 re"i1tere3. it i1 #o11ible to 1elect
DU1er ):D or DAccount ):D in the u1er attribute of the u1er bo@ which ha2e been 1#ecifie3 DBublicD
a1 a 3efault 2alue/
)n the ca1e of the #er1onal u1er bo@. the arbitrar u1er ): re"i1tere3 i1 1#ecifie3/
)n the ca1e of the #ublic u1er bo@. 2erif that a u1er bo@ #a11wor3 re"i1tere3 1ati1fie1 the
followin" con3ition1/
)n the ca1e of "rou# u1er bo@. the arbitrar account ): re"i1tere3 i1 1#ecifie3/
A1 3e1cribe3 abo2e. A)ASS'S/1L1M. AM!SMSA/6L1M. AM!SM!:/1L5M. AM!SSMA/1 an3
AM!SSM0/1L6M are realize3/

8Auto<atic re"i1tration of u1er bo@9
)n the u1er bo@ o#eration to 1tore of the co# Hob an3 the #rint Hob. when the 1#ecifie3 u1er bo@
i1 unre"i1tere3. the #er1onal u1er bo@ which i1 1et the u1er ): of the u1er who o#erate1 the
Hob concerne3 i1 auto<aticall re"i1tere3/
A1 3e1cribe3 abo2e. AM!SMSA/6L1M an3 AM!SSMA/1 are realize3/

8Storin" of u1er bo@ file9
)n the new 1torin" o#eration. <o2e or co# o#eration of u1er bo@ file. the u1er bo@ ):
eIui2alent to the u1er bo@ 1#ecifie3 a1 tar"et 1tora"e i1 1et to the u1er bo@ attribute a1 the
u1er bo@ file/
A1 3e1cribe3 abo2e. AM!SMSA/6L6M i1 realize3/

R/5/1/ R/5/1/ R/5/1/ R/5/1/ Ber1onal U1er +o@ Aunction

R/5/1/1/ R/5/1/1/ R/5/1/1/ R/5/1/1/ Acce11 Control Aunction to Ber1onal U1er +o@

!he ta1; to act for the i3entifie3 an3 authenticate3 u1er ha1 DU1er ):D of the u1er who i1
i3entifie3 an3 authenticate3 for the u1er attribute/ !hi1 ta1; i1 #er<itte3 the 3i1#la of the li1t

103 / 112
of the #er1onal u1er bo@ which ha1 a corre1#on3in" u1er attribute with thi1 u1er attribute/
A1 3e1cribe3 abo2e. A)ASA!:/1. A)ASUS+/1. A:BSACC/1L1M an3 A:BSACA/1L1M are realize3/

R/5/1/2/ R/5/1/2/ R/5/1/2/ R/5/1/2/ Acce11 Control Aunction to U1er +o@ Aile in Ber1onal U1er +o@

When the u1er bo@ to o#erate i1 1electe3. DU1er +o@ ):D of the u1er bo@ i1 a11ociate3 with the
ta1; a1 a u1er bo@ attribute in a33ition to the u1er attribute/ !hi1 ta1; i1 #er<itte3. to the u1er
bo@ file with the u1er bo@ attribute corre1#on3in" to the u1er bo@ attribute of it1elf. the #rintin".
the ,-<ail tran1<i11ion $inclu3e the S/M)M, tran1<i11ion%. the A!B tran1<i11ion. the AAC
tran1<i11ion. the SM+ tran1<i11ion. Web:A4 tran1<i11ion. 3ownloa3. the re<o2in" to other
u1er bo@e1. the co# o#eration1 to other u1er bo@e1. an3 the co# o#eration1 to an e@ternal
<e<or/

R/5/1/6/ R/5/1/6/ R/5/1/6/ R/5/1/6/ U1er Attribute Chan"e of Ber1onal U1er +o@

!he u1er attribute1 can be chan"e3/
)f another re"i1tere3 u1er i1 1#ecifie3. it beco<e1 a #er1onal u1er bo@ that another u1er
<ana"e1/
)f #ublic i1 1#ecifie3. it beco<e1 a #ublic u1er bo@/ )t i1 nece11ar to re"i1ter the u1er bo@
#a11wor3/ )n thi1 ca1e. it i1 2erifie3 that the u1er bo@ #a11wor3 1ati1fie1 the followin"
reIuire<ent1/
)t i1 co<#o1e3 of the character1 an3 b the nu<ber of 3i"it1 1hown in the u1er bo@
)f account ): i1 1#ecifie3. it beco<e1 a "rou# u1er bo@ that can be acce11e3 b a u1er who i1
#er<itte3 the u1e of the concerne3 account/
A1 3e1cribe3 abo2e. A)ASS'S/1L1M. AM!SMSA1/L1M. AM!SSMA/1 an3 AM!SSM0/1L6M are
realize3/

R/5/2/ R/5/2/ R/5/2/ R/5/2/ Bublic U1er +o@ Aunction

When the u1er i1 i3entifie3 an3 authenticate3 a1 a #er<itte3 u1er. the ta1; to act for the u1er
who i1 i3entifie3 an3 authenticate3 ha1 DU1er ):D of the i3entifie3 an3 authenticate3 u1er a1 the
u1er attribute/ !hi1 ta1; i1 #er<itte3 the 3i1#la of the li1t of the #ublic u1er bo@ which i1 1et the
#ublic a1 the u1er attribute/ !he o#eration 1#ecification of each #ublic u1er bo@ i1 a1 follow1/
$A1 3e1cribe3 abo2e. A)ASA!:/1. A)ASUS+/1. A:BSACC/1L1M an3 A:BSACA/1L1M are realize3/%

R/5/2/1/ R/5/2/1/ R/5/2/1/ R/5/2/1/ Authentication Aunction in Acce11 to Bublic U1er +o@

Aor the acce11 reIue1t for each #ublic u1er bo@. after the abo2e-<entione3 2erification function
i1 o#erate3. the u1er who acce11e1 i1 authenticate3 that it i1 a u1er #er<itte3 the u1e of a u1er
bo@ concerne3 re1#ecti2el/
Bro2i3e1 the u1er bo@ authentication <echani1< that i1 authenticate3 b the u1er bo@
#a11wor3 that con1i1t1 of the character 1hown in !able 12/
After the u1er bo@ i1 authenticate3 to the acce11 fro< the networ;. it #ro2i3e1 the u1er bo@

104 / 112
authentication <echani1< u1in" the 1e11ion infor<ation be1i3e1 the u1er bo@ #a11wor3/
Accor3in" to #rotocol. it utilize1 the 10
10
1e11ion infor<ation or <ore. or "enerate3 an3
u1e1 the 10
10
1e11ion infor<ation or <ore/
0eturn DKD for each character a1 fee3bac; for the entere3 u1er bo@ #a11wor3/
)n ca1e of the acce11 fro< the #anel. when it fail1 in the authentication. an in#ut fro< the
#anel i1 not acce#te3 for fi2e 1econ31/
When the authentication failure that beco<e1 the 1-6 ti<e1 in total i1 3etecte3 for the
#ublic u1er bo@ concerne3. the authentication function to the #ublic u1er bo@ concerne3 i1
loc;e3/
!he loc; of the authentication function i1 relea1e3 b the loc; relea1e function to the #ublic
u1er bo@ of A/A:M)( e@ecute3/
A1 3e1cribe3 abo2e. A)ASAA*/1L6M. A)ASAA*/1L7M. A)ASS'S/1L5M. A)ASS'S/2. A)ASUAU/2LFM.
A:BSUAU/R an3 A)ASU):/2L5M are realize3/

!he followin" i1 a function that the u1er who i1 #er<itte3 the u1e of the u1er bo@ i1 #ro2i3e3 in
the u1er bo@ i3entification an3 authentication 3o<ain of the u1er bo@/

R/5/2/2/ R/5/2/2/ R/5/2/2/ R/5/2/2/ Acce11 Control to U1er +o@ Aile in Bublic U1er +o@

!he ta1; to act for the u1er i1 relate3 the DU1er +o@ ):D of the u1er bo@ a1 a u1er bo@ attribute
in a33ition to the u1er attribute/ !hi1 ta1; i1 #er<itte3 the u1er bo@ file. which ha2e a
corre1#on3in" u1er bo@ attribute to the u1er bo@ attribute of the 1ubHect attribute. to 3o the
#rintin". the ,-<ail tran1<i11ion $inclu3e the S/M)M, tran1<i11ion%. the A!B tran1<i11ion. the
AAC tran1<i11ion. the SM+ tran1<i11ion. the Web:A4 tran1<i11ion. 3ownloa3. the <o2e<ent
to other u1er bo@e1. the co# o#eration1 to other u1er bo@e1. an3 the co# o#eration1 to an
e@ternal <e<or/

R/5/2/6/ R/5/2/6/ R/5/2/6/ R/5/2/6/ U1er attribute chan"e of Bublic U1er +o@

!he u1er attribute of the u1er bo@ can be chan"e3/
S#ecif the re"i1tere3 u1er. an3 chan"e to a #er1onal u1er bo@ for the re"i1tere3 u1er/
S#ecif the account ):. an3 then it beco<e1 a "rou# u1er bo@ that can be acce11e3 b a u1er
who i1 #er<itte3 the u1e of the concerne3 account/
A1 3e1cribe3 abo2e. AM!SMSA/1L2M. AM!SSMA/1 an3 AM!SSM0/1LFM are realize3/

R/5/2/F/ R/5/2/F/ R/5/2/F/ R/5/2/F/ Chan"e of Bublic U1er +o@ Ba11wor3

!he u1er bo@ #a11wor3 of the #ublic u1er bo@ i1 chan"e3/ !hi1 i1 #erfor<e3 when it i1
re-authenticate3 that the u1er ha1 a #er<i11ion to u1e the #ublic u1er bo@ an3 the u1er bo@
#a11wor3 newl 1et 1ati1fie1 the followin" Iualit5
Bro2i3e1 the u1er bo@ authentication <echani1< which authenticate1 the u1er b u1er bo@
#a11wor3 con1i1tin" of the character1 1hown in !able 12/

105 / 112
0eturn EKP for each character a1 fee3bac; for the entere3 u1er bo@ #a11wor3. in the ca1e of
acce11 fro< the #anel at the re-authentication/
When the authentication failure that beco<e1 1-6 ti<e1 at total for the concerne3 #ublic
u1er bo@ i1 3etecte3 b each authentication function utilizin" the u1er #a11wor3. all the
authentication function1 utilizin" the u1er bo@ #a11wor3 of the #ublic u1er bo@ are loc;e3
out/ $:en the lo"in of the #ublic u1er bo@/ :en the chan"e o#eration of the u1er bo@
#a11wor3 of the #ublic u1er bo@/%
!he loc; of the authentication function i1 relea1e3 b the loc; relea1e function to the #ublic
u1er bo@ of A/A:M)( e@ecute3/
Chan"e3 when the u1er bo@ #a11wor3 newl 1et 1ati1fie1 the followin" Iualitie1/
)t i1 co<#o1e3 of the character1 an3 b the nu<ber of 3i"it1. 1hown in the u1er #a11wor3 of
the !able 12/
A1 3e1cribe3 abo2e. A)ASAA*/1L6M. A)ASS'S/1L1M. A)ASUAU/6. A)ASUAU/R. AM!SM!:/1LFM.
AM!SSMA/1. an3 AM!SSM0/1LFM are realize3/

R/5/6/ R/5/6/ R/5/6/ R/5/6/ Grou# U1er +o@ Aunction

R/5/6/1/ R/5/6/1/ R/5/6/1/ R/5/6/1/ Acce11 Control Aunction for Grou# U1er +o@

!he ta1; to act for the i3entifie3 an3 authenticate3 u1er ha1 the EAccount ):D a1 the Account
(a<e that i1 a11ociate3 with the i3entifie3 an3 authenticate3 u1er/ !hi1 ta1; i1 #er<itte3 the
3i1#la of the li1t of the "rou# u1er bo@ which ha1 a corre1#on3in" u1er attribute with thi1
account ):/

R/5/6/2/ R/5/6/2/ R/5/6/2/ R/5/6/2/ Acce11 Control Aunction to U1er +o@ Aile in Grou# U1er +o@

When the u1er bo@ to o#erate i1 1electe3. DU1er +o@ ):D of the u1er bo@ i1 a11ociate3 with the
ta1; a1 a u1er bo@ attribute in a33ition to the u1er attribute/ !hi1 ta1; i1 #er<itte3. to the u1er
bo@ file with the u1er bo@ attribute corre1#on3in" to the u1er bo@ attribute of 1ubHect attribute.
the #rintin". the ,-<ail tran1<i11ion $inclu3e the S/M)M, tran1<i11ion%. the A!B tran1<i11ion.
the AAC tran1<i11ion. the SM+ tran1<i11ion. Web:A4 tran1<i11ion. 3ownloa3. the re<o2in"
to other u1er bo@e1. the co# o#eration1 to other u1er bo@e1. an3 the co# o#eration1 to an
e@ternal <e<or/
A1 3e1cribe3 abo2e. A)ASA!:/1. A)ASUS+/1. A:BSACC/1 L1M an3 A:BSACA/1L1M are realize3/

R/5/6/6/ R/5/6/6/ R/5/6/6/ R/5/6/6/ U1er Attribute Chan"e of Grou# U1er +o@

!he u1er attribute1 can be chan"e3/
)f another account ): i1 1#ecifie3. it beco<e1 a "rou# u1er bo@ that the u1er of another
Account (a<e can acce11/

106 / 112
)f #ublic i1 1#ecifie3. it beco<e1 a #ublic u1er bo@/ )t i1 nece11ar to re"i1ter the u1er bo@
#a11wor3/ )n thi1 ca1e. it i1 2erifie3 that the u1er bo@ #a11wor3 1ati1fie1 the followin"
reIuire<ent1/
)t i1 co<#o1e3 of the character1 an3 b the nu<ber of 3i"it1 1hown in the u1er bo@
S#ecif a re"i1tere3 u1er. an3 chan"e to a #er1onal u1er bo@ for the re"i1tere3 u1er/
A1 3e1cribe3 abo2e. A)ASS'S/1 L1M. AM!SMSA/1L6M. AM!SSMA/1 an3 AM!SSM0/1L6M are
realize3/

R/6/ R/6/ R/6/ R/6/ A/B0)(! $Secure Brint Aunction. ): N Brint Aunction%

A/B0)(! i1 a 1ecurit function relate3 to the 1ecure #rint function an3 ): N #rint function/
)t #ro2i3e1 the acce11 control function that allow1 the #rintin" an3 3i1#lain" the li1t of the
1ecure #rint file after authenticatin" if a u1er i1 the authorize3 #er1on to u1e the 1ecure #rint file
for the acce11 to the 1ecure #rint file fro< the #anel to the i3entifie3 an3 authenticate3 u1er/
Moreo2er. for the u1er who wa1 i3entifie3 an3 authenticate3 a1 a #er<itte3 u1er. when ): N
#rint file1 are acce11e3 fro< the #anel. A/B0)(! #ro2i3e1 the acce11 control function that allow1
the #rintin" an3 3i1#lain" the li1t of onl the one1 1tore3 b the u1er/

R/6/1/ R/6/1/ R/6/1/ R/6/1/ Secure Brint Aunction

R/6/1/1/ R/6/1/1/ R/6/1/1/ R/6/1/1/ Authentication Aunction b Secure Brint Ba11wor3

When the u1er i1 i3entifie3 an3 authenticate3 a1 the #er<itte3 u1er. it authenticate1 that the
acce11in" u1er i1 a u1er to who< the u1e of the 1ecure #rint file i1 #er<itte3. in re1#on1e to the
acce11 reIue1t to each 1ecure #rint file/
Bro2i3e1 the 1ecure #rint authentication <echani1< that i1 authenticate3 b the 1ecure
#rint #a11wor3 that con1i1t1 of the character 1hown in !able 12/
!he 1ecure #rint authentication <echani1< b the 1e#arate 1e11ion infor<ation i1 not
nee3e3 becau1e it beco<e1 onl an acce11 fro< the #anel in the ca1e of the 1ecure #rint/
0eturn DKD for each character a1 fee3bac; for the entere3 1ecure #rint #a11wor3/
!he acce11 fro< the #anel i1 not acce#te3 for 5 1econ31 when the authentication i1 faile3/
When the authentication failure that beco<e1 the 1-6 ti<e1 in total for the 1ecure #rint file
concerne3 i1 3etecte3. the authentication function to the 1ecure #rint file i1 loc;e3/
!he loc; i1 relea1e3 b the loc; relea1e function to the 1ecure #rint file of A/A:M)(
e@ecute3/
A1 3e1cribe3 abo2e. A)ASAA*/1L5M. A)ASAA*/1L7M. A)ASUAU/2L6M. A)ASUAU/R an3
A)ASU):/2LFM are realize3/

R/6/1/2/ R/6/1/2/ R/6/1/2/ R/6/1/2/ Acce11 Control Aunction to Secure Brint Aile

!he 1ecure #rint file acce11 control o#erate1 when it i1 authenticate3/

107 / 112
!he ta1; to act for the u1er who i1 i3entifie3 an3 authenticate3 ha1 the authenticate3
1ecure #rint internal control ): a1 the file attribute/
!hi1 ta1; i1 #er<itte3 the #rintin" to the 1ecure #rint file with a corre1#on3in" file
attribute to the file attribute of thi1 ta1;/
A1 3e1cribe3 abo2e. A)ASA!:/1. A)ASUS+/1. A:BSACC/1 L2M an3 A:BSACA/1L2M are realize3/

R/6/1/6/ R/6/1/6/ R/6/1/6/ R/6/1/6/ 0e"i1tration Aunction of Secure Brint Aile

When it i1 authenticate3 a1 a #er<itte3 u1er in the 1tore reIue1t of the 1ecure #rint file. the
u1er i1 #er<itte3 to re"i1ter the 1ecure #rint #a11wor3 with the concerne3 1ecure #rint file/

0e"i1tration of the 1ecure #rint #a11wor3
!he re"i1tere3 1ecure #rint #a11wor3 i1 2erifie3 to <eet the followin" reIuire<ent1/
)t i1 co<#o1e3 of the character1 an3 b the nu<ber of 3i"it1 1hown in !able 12/

Gi2in" of the 1ecure #rint internal control ):
When the 2erification of the 1ecure #rint #a11wor3 i1 co<#lete3 in a 1tore reIue1t of the
1ecure #rint file. the 1ecure #rint internal control ): uniIuel i3entifie3 i1 1et to the
concerne3 1ecure #rint file/
A1 3e1cribe3 abo2e. AM!SS'S/1 L1M. AM!SMSA/6L2M. AM!SM!:/1L7M. AM!SSMA/1 an3
AM!SSM0/1L6M are realize3/

R/6/2/ R/6/2/ R/6/2/ R/6/2/ ): N #rint Aunction

R/6/2/1/ R/6/2/1/ R/6/2/1/ R/6/2/1/ ): N Brint Aile 0e"i1tration Aunction

Aor the 1torin" reIue1t of ): N #rint file. if the u1er i1 authenticate3 a1 a re"i1tere3 u1er. ): N
#rint file i1 1tore3/
!he u1er ): of the u1er who trie1 to 1tore the file i1 1et a1 a u1er attribute of that ): N #rint
file/
A1 3e1cribe3 abo2e. A)ASMSA/6 LFM i1 realize3.

R/6/2/2/ R/6/2/2/ R/6/2/2/ R/6/2/2/ ): N Brint Aile Acce11 Control Aunction

When the u1er i1 authenticate3. the ): N #rint file acce11 control o#erate1/
!he ta1; 1ub1titutin" for the i3entifie3 an3 authenticate3 u1er ha1 a u1er ): a1 a u1er
attribute/
!hi1 ta1; i1 allowe3 to li1t an3 #rint ): N #rint file1 with the u1er attribute which i1 eIual
to thi1 u1er attribute/
A1 3e1cribe3 abo2e. A)ASA!:/1. A)ASUS+/1. A:BSACC/1LFM. an3 A:BSACA/1LFM are realize3.

R/R/ R/R/ R/R/ R/R/ A/'4,0W0)!,-A** $All Area '2erwrite :eletion Aunction%

A/'4,0W0)!,-A** e@ecute1 the o2erwrite 3eletion in the 3ata area of -::. an3 initialize1
the 1ettin"1 1uch a1 #a11wor31 on (40AM a1 well/ !he obHect for the 3eletion or the

108 / 112
initialization i1 a1 follow1/

<'bHect for the 3eletion 5 -::9
Secure #rint file
U1er bo@ file
): N #rint file
'n-<e<or i<a"e file
Store3 i<a"e file
-:: re<ainin" i<a"e file
)<a"e relate3 file
!ran1<i11ion a33re11 3ata file
U1er ):
U1er #a11wor3
U1er bo@ #a11wor3
Secure #rint #a11wor3
Account ):
Account #a11wor3
S/M)M, certificate
SS* certificate

8'bHect for the initialization5 (40AM9
A3<ini1trator Ba11wor3
S(MB #a11wor3
Web:A4 1er2er #a11wor3
,ncr#tion #a11#hra1e --- ,ncr#tion Ba11#hra1e i1 3elete3. an3 the
o#erational 1ettin" of -:: encr#tion function i1
turne3 'AA/

!he 3eletion <etho31 1uch a1 the 3ata o2erwritten in -:: an3 the writin" freIuenc i1
e@ecute3 accor3in" to the 3eletion <etho3 of the o2erall area o2erwrite 3eletion function 1et b
A/A:M)( $!able 16%/ Aor the -:: encr#tion function. the encr#tion #a11#hra1e which wa1 1et
i1 3i1able3 b turnin" off the o#erational 1etu#/ !he 1etu# of the ,nhance3 Securit function
beco<e1 in2ali3 in the e@ecution of thi1 function/ $0efer to the 3e1cri#tion for the o#erational
1etu# of the ,nhance3 Securit function in A/A:M)(/%
A1 3e1cribe3 abo2e. AA:S0)B/1 i1 realize3/

!able !able !able !able 16 16 16 16 !#e1 !#e1 !#e1 !#e1 an3 Metho31 an3 Metho31 an3 Metho31 an3 Metho31 of of of of ' '' '2erwrite 2erwrite 2erwrite 2erwrite : :: :eletion eletion eletion eletion of of of of '2er '2er '2er '2erall all all all A AA Area rea rea rea
Metho3 '2erwritten 3ata t#e an3 their or3er
Mo3e51 0@00
Mo3e52 0an3o< nu<ber1 0an3o< nu<ber1 0@00
Mo3e56 0@00 0@AA 0an3o< nu<ber1 4erification
Mo3e5F 0an3o< nu<ber1 0@00 0@AA
Mo3e55 0@00 0@AA 0@00 0@AA
Mo3e56 0@00 0@AA 0@00 0@AA 0@00 0@AA 0an3o< nu<ber1
Mo3e5R 0@00 0@AA 0@00 0@AA 0@00 0@AA 0@AA

109 / 112
Metho3 '2erwritten 3ata t#e an3 their or3er
Mo3e57 0@00 0@AA 0@00 0@AA 0@00 0@AA 0@AA 4erification

R/7/ R/7/ R/7/ R/7/ A/C0YB! $,ncr#tion &e Generation Aunction%

A/C0YB! "enerate1 an encr#tion ;e to encr#t all 3ata written in -:: b u1in" the &onica
Minolta -:: encr#tion ;e "eneration al"orith< that i1 re"ulate3 b the &onica Minolta
encr#tion 1#ecification 1tan3ar3/
When the encr#tion #a11#hra1e i1 3eci3e3 in the -:: encr#tion functional o#eration
1ettin" to which the acce11 i1 re1tricte3 in A/A:M)(. an encr#tion ;e 127 bit1 lon" i1
"enerate3 fro< the encr#tion #a11#hra1e b a##lin" the &onica Minolta -:: encr#tion ;e
"eneration al"orith</
A1 3e1cribe3 abo2e. ACSSC&M/1 i1 realize3/

R/=/ R/=/ R/=/ R/=/ A/0,S,! $Authentication Aailure AreIuenc 0e1et Aunction%

A/0,S,! i1 a function that relea1e1 the loc; b re1ettin" the authentication failure freIuenc
when the account loc;1 in the a3<ini1trator authentication an3 C, authentication/

$1% C, Authentication function loc; relea1e #roce11in" function
!he function i1 e@ecute3 b the 1#ecific o#eration. an3 the loc; i1 relea1e3 b clearin" the
failure freIuenc of the C, authentication to 0 after the relea1e ti<e of o#eration #rohibition
for C, authentication/
A1 3e1cribe3 abo2e. A)ASAA*/1L1M i1 realize3/

$2% A3<ini1trator authentication function loc; relea1e #roce11in" function
!he function i1 e@ecute3 b 'AA/'( of the <ain #ower 1u##l. an3 the loc; i1 relea1e3 b
clearin" the failure freIuenc of the a3<ini1trator authentication to 0 after the relea1e ti<e of
o#eration #rohibition for A3<ini1trator authentication/
A1 3e1cribe3 abo2e. A)ASAA*/1L2M i1 realize3/

R/10/ R/10/ R/10/ R/10/ A/!0US!,:-BASS $!ru1t Channel Aunction%

A/!0US!,:-BASS i1 a function that "enerate1 an3 achie2e1 the !ru1te3 Channel b u1in"
SS* or !S* #rotocol when tran1<ittin" an3 recei2in" the followin" i<a"e file between client BC
an3 MAB/
U1er bo@ file $3ownloa3 fro< MAB to client BC%
)<a"e file that will be 1tore3 a1 a u1er bo@ file $u#loa3 fro< client BC to MAB%
)<a"e file that will be 1tore3 a1 Secure Brint file $u#loa3 fro< client BC to MAB%
)<a"e file that will be 1tore3 a1 an ): N #rint file $u#loa3 fro< client BC to MAB%
A1 3e1cribe3 abo2e. A!BS)!C/1 i1 realize3/

R/11/ R/11/ R/11/ R/11/ A/S/M)M, $S/M)M, ,ncr#tion Broce11in" Aunction%

A/S/M)M, i1 a function to encr#t the u1er bo@ file when tran1<ittin" the u1er bo@ file a1
S/M)M,/

110 / 112

8U1er bo@ file ,ncr#tion &e "eneration9
!he ,ncr#tion ;e i1 "enerate3 to encr#t the u1er bo@ file b the #1eu3oran3o< nu<ber
Generation Al"orith< which A)BS 176-2 #ro2i3e1/ $,ncr#tion ;e len"th i1 127. 167. 1=2
or 256 bit1/%
A1 3e1cribe3 abo2e. ACSSC&M/1 i1 realize3/

8,ncr#tion of U1er bo@ file 9
)t i1 encr#te3 b A,S which A)BS BU+ 1=R #ro2i3e1 b u1in" encr#tion ;e $127. 1=2 an3
256 bit1% to encr#t the u1er bo@ file/
)t i1 encr#te3 b the 6-&e-!ri#le-:,S which SB700-6R #ro2i3e1 b u1in" the encr#tion
;e $167 bit1% to encr#t the u1er bo@ file/
A1 3e1cribe3 abo2e. ACSSC'B/1 i1 realize3/

8,ncr#tion of U1er bo@ file1 ,ncr#tion ;e9
!he encr#tion ;e to encr#t the u1er bo@ file i1 encr#te3 b 0SA which A)BS 176-2
#ro2i3e1/
!he ;e len"th of the encr#tion ;e u1e3 in thi1 ca1e i1 102F. 20F7. 60R2 or F0=6 bit1/
A1 3e1cribe3 abo2e. ACSSC'B/1 i1 realize3/

R/12/ R/12/ R/12/ R/12/ A/AAC-C'(!0'* $AAC Unit Control Aunction%

A/AAC-C'(!0'* i1 the function that #rohibit1 an acce11 to internal networ; connecte3 to
MAB throu"h the AAC unit b !', control/
!', control1 the function that tran1fer the 3ata recei2e3 fro< #ublic line to internal *A(/
!he #rohibition of acce11 $3ata forwar3in" e@ce#t i<a"e 3ata% fro< #ublic line to internal
networ; i1 realize3 b !', control/
A1 3e1cribe3 abo2e. A:BS)AC/1 an3 A:BS)AA/1 are realize3/

R/16/ R/16/ R/16/ R/16/ A/SUBB'0!-AU!- $,@ternal Ser2er Authentication '#eration Su##ort Aunction%

A/SUBB'0!-AU!- i1 the function that realize1 the u1er authentication function in
coo#eration with the u1er infor<ation <ana"e<ent 1er2er of Acti2e :irector/ $the function that
o#erate1 with A/US,0/%
When the Ee@ternal 1er2er authenticationP i1 1electe3 for u1er authentication <etho3. the
inIuir for the authentication infor<ation of the u1er i1 3one for the u1er infor<ation
<ana"e<ent 1er2er un3er the u1erJ1 reIue1t of the i3entification an3 authentication #roce11/
After thi1 inIuir. the u1er i3entification an3 authentication #roce11 i1 realize3 b "ettin" the
u1er authentication infor<ation returne3 bac; fro< u1er infor<ation <ana"e<ent 1er2er/
A1 3e1cribe3 abo2e. ACSSCAB/1 L1M i1 realize3/

R/1F/ R/1F/ R/1F/ R/1F/ A/SUBB'0!-C0YB!' $AS)C Su##ort Aunction%

A/SUBB'0!-C0YB!' i1 the function that o#erate1 the -:: encr#tion function that utilize1
AS)C fro< !',/
Aor all 3ata written in -::. an encr#tion ;e "enerate3 b A/C0YB!' i1 1et in AS)C. an3

111 / 112
encr#tion i1 #erfor<e3 b the AS)C/ 'n the other han3. for the encr#te3 3ata rea3 out of the
-::. the encr#tion ;e "enerate3 b A/C0YB!' i1 1et in AS)C in the 1a<e <anner a1 abo2e.
an3 3ecr#tion i1 #erfor<e3 b the AS)C/
A1 3e1cribe3 abo2e. ACSSCAB/1 L2M i1 realize3/

R/15/ R/15/ R/15/ R/15/ A/A:M)(-Web:A4 $A3<ini1trator Aunction $Counter Mana"e<ent Aunction%%

A/A:M)(-Web:A4 i1 the 1ecurit function that i3entifie1 an3 authenticate1 a3<ini1trator
when acce11e3 2ia a networ; fro< a client BC u1in" Web:A4. an3 #er<it1 onl the
a3<ini1trator who wa1 i3entifie3 an3 authenticate3 1ucce11full to o#erate the counter
<ana"e<ent function/ $!he counter <ana"e<ent function inclu3e1 !SA 3ata/ !hi1 i1 3e1cribe3
in 3etail below/%

R/15/1/ R/15/1/ R/15/1/ R/15/1/ )3entification an3 Authentication Aunction b Web:A4 Ser2er Ba11wor3

)t i1 i3entifie3 an3 authenticate3 b the Web:A4 1er2er #a11wor3 that a u1er acce11in" 2ia a
networ; u1in" Web:A4 i1 an a3<ini1trator/
Bro2i3e1 the Web:A4 authentication <echani1< which authenticate1 the u1er b the
Web:A4 1er2er #a11wor3 con1i1tin" of the character1 1hown in !able 12/
Aor Web:A4. no 1e#arate <echani1< to authenticate the a3<ini1trator ba1e3 on the
1e11ion infor<ation. but a Web:A4 1er2er #a11wor3 i1 u1e3 for each 1e11ion/
When the authentication failure that beco<e1 the 1econ3. fourth. an3 1i@th in total i1
3etecte3 b each authentication function utilizin" a Web:A4 1er2er #a11wor3. all the
authentication function1 utilizin" a Web:A4 1er2er #a11wor3 i1 loc;e3/ $:en the acce11
u1in" Web:A4/%
!he loc; i1 relea1e3 b the loc; relea1e function to the Web:A4 authentication of A/A:M)(
e@ecute3/
A1 3e1cribe3 abo2e. A)ASAA*/1L=M. A)ASUAU/2L2M. an3 A)ASU):/2L2M are realize3/

R/15/2/ R/15/2/ R/15/2/ R/15/2/ Mana"e<ent Aunction Utilizin" Web:A4

When it i1 i3entifie3 an3 authenticate3 that the u1er i1 an a3<ini1trator b the Web:A4
1er2er #a11wor3. acce11 utilizin" Web:A4 i1 #er<itte3. an3 the 1etu# o#eration of the followin"
1ettin" 3ata i1 #er<itte3/

R/15/2/1/ R/15/2/1/ R/15/2/1/ R/15/2/1/ 'btention of U1er Ba11wor3

U1er #a11wor3 i1 obtaine3 for each re"i1tere3 u1er/
A1 3e1cribe3 abo2e. AM!SM!:/1LRM. AM!SSMA/1. an3 AM!SSM0/1L2M are realize3/

R/15/2/2/ R/15/2/2/ R/15/2/2/ R/15/2/2/ 'btention of Account Ba11wor3

Account #a11wor3 i1 obtaine3 for each re"i1tere3 account/

112 / 112
A1 3e1cribe3 abo2e. AM!SM!:/1LRM. AM!SSMA/1. an3 AM!SSM0/1L2M are realize3/

Service Manual Firmware KM652

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Service Manual Firmware KM652

Uploaded by

Copyright:

Available Formats

bizhub 652 / bizhub 602 / bizhub 552 / bizhub 502 / ineo 652 / ineo 602 / ineo 552 / ineo

You might also like