Security Target
Page 1
All Rights Reserved. Page 1 of 81 Aficio MP 2851/3351 series with Fax Option Type 3351 Security Target Author Date Version : RICOH COMPANY, LTD., Yasushi FUNAKI : 2010-06-17 : 1.00 Copyright (c) 2010 RICOH COMPANY, LTD.
All Rights Reserved. Page 1 of 81 Aficio MP 2851/3351 series with Fax Option Type 3351 Security Target Author Date Version : RICOH COMPANY, LTD., Yasushi FUNAKI : 2010-06-17 : 1.00 Copyright (c) 2010 RICOH COMPANY, LTD.
Security Target
Page 5
... 74 7.1.6.1 Encryption of Document Data 74 7.1.7 SF.NET_PROT Network Communication Data Protection Function 75 7.1.7.1 Use of Web Service Function from Client Computer 75 7.1.7.2 Printing and Faxing from Client Computer 75 7.1.7.3 Sending by E-mail from TOE 75 7.1.7.4 Delivering to Folders from TOE 75 7.1.8 SF.FAX_LINE Protection Function for Intrusion via Telephone Line...
... 74 7.1.6.1 Encryption of Document Data 74 7.1.7 SF.NET_PROT Network Communication Data Protection Function 75 7.1.7.1 Use of Web Service Function from Client Computer 75 7.1.7.2 Printing and Faxing from Client Computer 75 7.1.7.3 Sending by E-mail from TOE 75 7.1.7.4 Delivering to Folders from TOE 75 7.1.8 SF.FAX_LINE Protection Function for Intrusion via Telephone Line...
Security Target
Page 7
... following software/hardware version. MFP Name : Ricoh Aficio MP 2851, Ricoh Aficio MP 3351 Savin 9228, Savin 9233 Lanier LD528, Lanier LD533 Lanier MP 2851, Lanier MP 3351 Gestetner MP 2851, Gestetner MP 3351 nashuatec MP 2851, nashuatec MP 3351 Rex-Rotary MP 2851, Rex-Rotary MP 3351 infotec MP 2851, infotec MP 3351 MFP Software /Hardware Version : Software System/Copy Network Support Scanner Printer Fax Web Support Web Uapl Network Doc Box...
... following software/hardware version. MFP Name : Ricoh Aficio MP 2851, Ricoh Aficio MP 3351 Savin 9228, Savin 9233 Lanier LD528, Lanier LD533 Lanier MP 2851, Lanier MP 3351 Gestetner MP 2851, Gestetner MP 3351 nashuatec MP 2851, nashuatec MP 3351 Rex-Rotary MP 2851, Rex-Rotary MP 3351 infotec MP 2851, infotec MP 3351 MFP Software /Hardware Version : Software System/Copy Network Support Scanner Printer Fax Web Support Web Uapl Network Doc Box...
Security Target
Page 8
... Telephone Line Intrusion Protection Function 9. Users can operate the TOE from a client computer via a network, USB connection, or fax. All Rights Reserved. Document Data Access Control Function 4. MFP Control Software Verification Function For the Security Functions listed above, each... function is described in this ST: 1. Copyright (c) 2010 RICOH COMPANY, LTD. Identification and Authentication Function 3. Paper documents are input using the MFP's scanning device, and electronic documents are ...
... Telephone Line Intrusion Protection Function 9. Users can operate the TOE from a client computer via a network, USB connection, or fax. All Rights Reserved. Document Data Access Control Function 4. MFP Control Software Verification Function For the Security Functions listed above, each... function is described in this ST: 1. Copyright (c) 2010 RICOH COMPANY, LTD. Identification and Authentication Function 3. Paper documents are input using the MFP's scanning device, and electronic documents are ...
Security Target
Page 9
...a client computer that is used for the protocol of servers (FTP, SMB, and SMTP servers)and client computers. Copyright (c) 2010 RICOH COMPANY, LTD. To print and fax from the client computer via firewall. FTP S erver An FTP server is connected to the internal network allows users to folders in the... user guidance. All Rights Reserved. IPv4 is connected to the Internet via the internal network or USB connection, the PCL printer driver and fax driver must be downloaded and installed into the client computer from the website indicated in the TOE to access and operate the TOE, and...
...a client computer that is used for the protocol of servers (FTP, SMB, and SMTP servers)and client computers. Copyright (c) 2010 RICOH COMPANY, LTD. To print and fax from the client computer via firewall. FTP S erver An FTP server is connected to the internal network allows users to folders in the... user guidance. All Rights Reserved. IPv4 is connected to the Internet via the internal network or USB connection, the PCL printer driver and fax driver must be downloaded and installed into the client computer from the website indicated in the TOE to access and operate the TOE, and...
Security Target
Page 10
... in the TOE to send the document data stored in Figure 2): Operation Panel Unit, Engine Unit, Fax Unit, Controller Board, Ic Hdd, HDD, Network Unit, USB Port, and SD Card Slot. Copyright (c) 2010 RICOH COMPANY, LTD. Telephone Line A telephone line is a line used to send and receive... fax data from the external network. 1.4 TOE Description This section describes the Physical boundaries of the TOE, user guidance...
... in the TOE to send the document data stored in Figure 2): Operation Panel Unit, Engine Unit, Fax Unit, Controller Board, Ic Hdd, HDD, Network Unit, USB Port, and SD Card Slot. Copyright (c) 2010 RICOH COMPANY, LTD. Telephone Line A telephone line is a line used to send and receive... fax data from the external network. 1.4 TOE Description This section describes the Physical boundaries of the TOE, user guidance...
Security Target
Page 11
...All Rights Reserved. Engine Unit The Engine Unit contains a Scanner Engine, Printer Engine, and the Engine Control Board. Copyright (c) 2010 RICOH COMPANY, LTD. The Engine Control Software is installed in the Operation Panel Control Board. The Operation Panel Control Software controls the LEDs and... 11 of 81 User Document Output Document Telephone Line TTOOEE Engine Unit Operation Panel Unit Scanner Engine Printer Engine Engine Control Board Fax Unit * Optional Processor Controller Board RAM NVRAM Ic Key FlashROM HDD Ic Hdd Network Unit USB Port SD Card Slot Figure ...
...All Rights Reserved. Engine Unit The Engine Unit contains a Scanner Engine, Printer Engine, and the Engine Control Board. Copyright (c) 2010 RICOH COMPANY, LTD. The Engine Control Software is installed in the Operation Panel Control Board. The Operation Panel Control Software controls the LEDs and... 11 of 81 User Document Output Document Telephone Line TTOOEE Engine Unit Operation Panel Unit Scanner Engine Printer Engine Engine Control Board Fax Unit * Optional Processor Controller Board RAM NVRAM Ic Key FlashROM HDD Ic Hdd Network Unit USB Port SD Card Slot Figure ...
Security Target
Page 12
... detects any tampering with information about the status of fax communications and controls the fax communications according to the TOE, print or fax from the client computer. The following are stored. All Rights Reserved. When a CE performs Copyright (c) 2010 RICOH COMPANY, LTD. It is located on the HDD ...and decrypts information to a telephone line. SD Card S lot The SD Card Slot is a slot that has a modem function to send and receive fax data when connected to be stored on the...
... detects any tampering with information about the status of fax communications and controls the fax communications according to the TOE, print or fax from the client computer. The following are stored. All Rights Reserved. When a CE performs Copyright (c) 2010 RICOH COMPANY, LTD. It is located on the HDD ...and decrypts information to a telephone line. SD Card S lot The SD Card Slot is a slot that has a modem function to send and receive fax data when connected to be stored on the...
Security Target
Page 14
...Rights Reserved. Safety Information for Users MP 2851/3351 Aficio MP 2851/3351 A - Manuals for Aficio MP 2851/Aficio MP 3351 - Notes for Administrators Security Reference Supplement 9228/9233 MP 2851/3351 LD528/LD533 Aficio MP 2851/3351 - Quick Reference Fax Guide - Quick Reference Printer Guide -... - Manuals for MP 2851/MP 3351 - Quick Reference Scanner Guide - Safety Information for Administrators Security Reference MP 2851/3351 Aficio MP 2851/3351 - App2Me Start Guide - Manuals for Users MP 2851/3351 Aficio MP 2851/3351 A Page 14 of 81 Copyright (c) 2010 RICOH COMPANY, LTD.
...Rights Reserved. Safety Information for Users MP 2851/3351 Aficio MP 2851/3351 A - Manuals for Aficio MP 2851/Aficio MP 3351 - Notes for Administrators Security Reference Supplement 9228/9233 MP 2851/3351 LD528/LD533 Aficio MP 2851/3351 - Quick Reference Fax Guide - Quick Reference Printer Guide -... - Manuals for MP 2851/MP 3351 - Quick Reference Scanner Guide - Safety Information for Administrators Security Reference MP 2851/3351 Aficio MP 2851/3351 - App2Me Start Guide - Manuals for Users MP 2851/3351 Aficio MP 2851/3351 A Page 14 of 81 Copyright (c) 2010 RICOH COMPANY, LTD.
Security Target
Page 15
... FAX Guide - Quick Reference Scanner Guide - Manuals for Users - Manuals for Administrators Security Reference Supplement 9228/9233 MP 2851/3351 LD528/LD533 Aficio MP 2851/3351 - Manuals for Administrators Security Reference Supplement 9228/9233 MP 2851/3351 LD528/LD533 Aficio MP 2851/3351 Copyright (c) 2010 RICOH COMPANY, LTD. MP 2851/MP 3351 MP 2851/MP 3351 Aficio MP 2851/3351 Operating Instructions Troubleshooting - Notes for Administrators Security Reference MP 2851/3351 Aficio MP 2851/3351 - MP 2851/MP 3351 MP 2851/MP...
... FAX Guide - Quick Reference Scanner Guide - Manuals for Users - Manuals for Administrators Security Reference Supplement 9228/9233 MP 2851/3351 LD528/LD533 Aficio MP 2851/3351 - Manuals for Administrators Security Reference Supplement 9228/9233 MP 2851/3351 LD528/LD533 Aficio MP 2851/3351 Copyright (c) 2010 RICOH COMPANY, LTD. MP 2851/MP 3351 MP 2851/MP 3351 Aficio MP 2851/3351 Operating Instructions Troubleshooting - Notes for Administrators Security Reference MP 2851/3351 Aficio MP 2851/3351 - MP 2851/MP 3351 MP 2851/MP...
Security Target
Page 17
... server FTP server SMTP server Security Management Function Network Communication Data Protection Function Document Data Telephone Line Intrusion Access Control Function Basic Function Protection Function Fax Stored Data Protection Function HDD (To MFP Control Software in the Address Book by a user administrator. Functions for CEs Figure 3: Logical boundaries of TOE 1.4.4.1 ...is registered in FlashROM) MFP Control Software Verification Function Security Function * The performed events are operated from the Operation Panel, and the Web Copyright (c) 2010 RICOH COMPANY, LTD.
... server FTP server SMTP server Security Management Function Network Communication Data Protection Function Document Data Telephone Line Intrusion Access Control Function Basic Function Protection Function Fax Stored Data Protection Function HDD (To MFP Control Software in the Address Book by a user administrator. Functions for CEs Figure 3: Logical boundaries of TOE 1.4.4.1 ...is registered in FlashROM) MFP Control Software Verification Function Security Function * The performed events are operated from the Operation Panel, and the Web Copyright (c) 2010 RICOH COMPANY, LTD.
Security Target
Page 18
... delivered to folders, and deleted using the Fax Function or "Document Server Function", which is part of the Basic Functions and described later. Copyright (c) 2010 RICOH COMPANY, LTD. Although the MFP provides IP-Fax and Internet Fax Function as document data. General users are ...available from the Operation Panel, and also include LAN-Fax transmission, which is available from a client computer ...
... delivered to folders, and deleted using the Fax Function or "Document Server Function", which is part of the Basic Functions and described later. Copyright (c) 2010 RICOH COMPANY, LTD. Although the MFP provides IP-Fax and Internet Fax Function as document data. General users are ...available from the Operation Panel, and also include LAN-Fax transmission, which is available from a client computer ...
Security Target
Page 19
... and Authentication Function, Document Data Access Control Function, Stored Data Protection Function, Network Communication Data Protection Copyright (c) 2010 RICOH COMPANY, LTD. Checking the status of Management Functions. 6. Management Function This function is available from the Operation Panel or...is for Management Functions, security-related functions are available: 1. Document data stored using the Copy Function, Document Server Function, Fax Function, or Printer Function can be sent. 3. Sending document data stored in the D-BOX. Although the Management Function also ...
... and Authentication Function, Document Data Access Control Function, Stored Data Protection Function, Network Communication Data Protection Copyright (c) 2010 RICOH COMPANY, LTD. Checking the status of Management Functions. 6. Management Function This function is available from the Operation Panel or...is for Management Functions, security-related functions are available: 1. Document data stored using the Copy Function, Document Server Function, Fax Function, or Printer Function can be sent. 3. Sending document data stored in the D-BOX. Although the Management Function also ...
Security Target
Page 20
...in the D-BOX to specified users only. General users are outside the TOE. The machine administrator can read -only Copyright (c) 2010 RICOH COMPANY, LTD. Account Lockout: If the number of consecutive unsuccessful attempts with the same particular user ID reaches the specified Number of security...Attempts before Lockout, this function temporarily prevents further login attempts from the Operation Panel or a client computer. However, when printing or faxing from a client computer, this evaluation does not cover the functions other than those who attempt to use the TOE from this function...
...in the D-BOX to specified users only. General users are outside the TOE. The machine administrator can read -only Copyright (c) 2010 RICOH COMPANY, LTD. Account Lockout: If the number of consecutive unsuccessful attempts with the same particular user ID reaches the specified Number of security...Attempts before Lockout, this function temporarily prevents further login attempts from the Operation Panel or a client computer. However, when printing or faxing from a client computer, this evaluation does not cover the functions other than those who attempt to use the TOE from this function...
Security Target
Page 21
...each general user. Deliver document data to understand unless the document data is sent. The communication protocol that is also permitted. Print or fax from the TOE (IPSec protocol) 4. Page 21 of the TOE. Send document data attached to e-mail to process document data and... document data stored on the document data. Download document data using the Web Service Function from the TOE (S/MIME) Copyright (c) 2010 RICOH COMPANY, LTD. Network Communication Data Protection Function This function is for protecting document data and print data in the normal way. All Rights...
...each general user. Deliver document data to understand unless the document data is sent. The communication protocol that is also permitted. Print or fax from the TOE (IPSec protocol) 4. Page 21 of the TOE. Send document data attached to e-mail to process document data and... document data stored on the document data. Download document data using the Web Service Function from the TOE (S/MIME) Copyright (c) 2010 RICOH COMPANY, LTD. Network Communication Data Protection Function This function is for protecting document data and print data in the normal way. All Rights...
Security Target
Page 23
...SMB or FTP server. 3. From a scanner Document data is created from outside the TOE by various methods, and can be deleted. Copyright (c) 2010 RICOH COMPANY, LTD. Page 23 of 81 Service Mode Lock Function The M aintenance Function is used . The Service Mode Lock Function prevents the M aintenance ...to the TOE, so that the TOE can handle. Storing Document Data Document data stored inside the TOE is for devices equipped with a Fax Unit. Importing Document Data Document data can be output by CEs who receive a request from the machine administrator to perform maintenance on the ...
...SMB or FTP server. 3. From a scanner Document data is created from outside the TOE by various methods, and can be deleted. Copyright (c) 2010 RICOH COMPANY, LTD. Page 23 of 81 Service Mode Lock Function The M aintenance Function is used . The Service Mode Lock Function prevents the M aintenance ...to the TOE, so that the TOE can handle. Storing Document Data Document data stored inside the TOE is for devices equipped with a Fax Unit. Importing Document Data Document data can be output by CEs who receive a request from the machine administrator to perform maintenance on the ...
Security Target
Page 24
... tampered data can be detected. 1.4.5.2 Print Data Print data is data in a client computer by the printer or fax drivers installed on the client computer when it is written. All Rights Reserved. Copyright (c) 2010 RICOH COMPANY, LTD. Page 24 of 81 5. It is generated from leakage, and tampered data can be detected...
... tampered data can be detected. 1.4.5.2 Print Data Print data is data in a client computer by the printer or fax drivers installed on the client computer when it is written. All Rights Reserved. Copyright (c) 2010 RICOH COMPANY, LTD. Page 24 of 81 5. It is generated from leakage, and tampered data can be detected...
Security Target
Page 29
... Internet, the organisation that manages operation of the internal network shall close any unnecessary ports between the external and internal networks (e.g. Copyright (c) 2010 RICOH COMPANY, LTD. Table 3 demonstrates that each security objective corresponds to at least one threat, organisational security policy, or assumption. If all assumptions ... of intrusion from telephone line) The TOE shall prevent unauthorised access to the TOE from a telephone line connected to the Fax Unit. 4.2 Security Objectives of Operational Environment The following , the security problems defined in "3.
... Internet, the organisation that manages operation of the internal network shall close any unnecessary ports between the external and internal networks (e.g. Copyright (c) 2010 RICOH COMPANY, LTD. Table 3 demonstrates that each security objective corresponds to at least one threat, organisational security policy, or assumption. If all assumptions ... of intrusion from telephone line) The TOE shall prevent unauthorised access to the TOE from a telephone line connected to the Fax Unit. 4.2 Security Objectives of Operational Environment The following , the security problems defined in "3.
Security Target
Page 32
.... T.FAX_LINE (Intrusion via telephone line) To counter this threat, the TOE protects document data and Print Data on communication path from a telephone line connected to Fax Unit to the machine administrator so that the machine administrator verifies afterwards whether or not O.NET.PROTECT was successfully performed. In addition, the performance of... detects tampering. Page 32 of 81 T.TRANSIT (Data interception and tampering with the TOE users by O.LINE_PROTECT. Therefore, the TOE can counter T.TRANSIT. Copyright (c) 2010 RICOH COMPANY, LTD.
.... T.FAX_LINE (Intrusion via telephone line) To counter this threat, the TOE protects document data and Print Data on communication path from a telephone line connected to Fax Unit to the machine administrator so that the machine administrator verifies afterwards whether or not O.NET.PROTECT was successfully performed. In addition, the performance of... detects tampering. Page 32 of 81 T.TRANSIT (Data interception and tampering with the TOE users by O.LINE_PROTECT. Therefore, the TOE can counter T.TRANSIT. Copyright (c) 2010 RICOH COMPANY, LTD.
Security Target
Page 35
...applicable cryptographic mode(s) of a terminal). b) Basic: All requests to permit requested information flows. Storage of document data successful 2. Fax Function: Reception a) Minimal 1. Lockout release b) Basic 1. b) Basic: Rejection or acceptance by the SFP. Storage of document ... 2. Changing authentication information of document data successful 1. Reading of general users (Outcome: Success/Failure) Copyright (c) 2010 RICOH COMPANY, LTD. Deletion of 81 Actions which should be auditable information (e.g. Functional requirements FCS_COP.1 FDP_ACC.1 FDP_ACF.1 FDP_IFC.1...
...applicable cryptographic mode(s) of a terminal). b) Basic: All requests to permit requested information flows. Storage of document data successful 2. Fax Function: Reception a) Minimal 1. Lockout release b) Basic 1. b) Basic: Rejection or acceptance by the SFP. Storage of document ... 2. Changing authentication information of document data successful 1. Reading of general users (Outcome: Success/Failure) Copyright (c) 2010 RICOH COMPANY, LTD. Deletion of 81 Actions which should be auditable information (e.g. Functional requirements FCS_COP.1 FDP_ACC.1 FDP_ACF.1 FDP_IFC.1...