
FDP_ACF.1[1] Security attribute based access control 
Hierarchical to: No other components. 
FDP_ACF.1.1 
The TSF shall enforce the [assignment: access control SFP] to objects based on 
[assignment: security attributes, named groups of security attributes]. 
[assignment: security attributes, named groups of security attributes] 
- Security attribute: User BOX identifier 
- Named group of security attribute: None 
[assignment: access control SFP] 
- Access control policy 1 
FDP_ACF.1.2 
The TSF shall enforce the following rules to determine if an operation among 
controlled subjects and controlled objects is allowed: [assignment: rules governing 
access among controlled subjects and controlled objects using controlled operations 
on controlled objects]. 
[assignment: rules governing access among controlled subjects and controlled objects 
using controlled operations on controlled objects]
Reading out the document data in the User BOX specified below is permitted. 
- The User BOX identifier associated with the user reception function 1 corresponds to the  
User BOX identifier associated with the User BOX. 
FDP_ACF.1.3 
The TSF shall explicitly authorise access of subjects to objects based on the following 
additional rules: [assignment: rules, based on security attributes, that explicitly authorise 
access of subjects to objects]. 
[assignment: rules, based on security attributes, that explicitly authorise access of subjects 
to objects] 
Copyright© 2005 KONICA MINOLTA BUSINESS TECHNOLOGIES, INC., All Rights Reserved