Reference Guide
Page 7
Print Features The Ricoh MP 2851/3351 can also be used as they are able to your networked computer. Accessing the Print Driver 1. In the Print dialog box, select the printer ... finisher features. 3. Available options may have optional finisher features on how to select any special printing options. 3. To switch between sheets, click the tabs for specific details on your document and select 'Print' from the available options. You are produced. 1.
Print Features The Ricoh MP 2851/3351 can also be used as they are able to your networked computer. Accessing the Print Driver 1. In the Print dialog box, select the printer ... finisher features. 3. Available options may have optional finisher features on how to select any special printing options. 3. To switch between sheets, click the tabs for specific details on your document and select 'Print' from the available options. You are produced. 1.
Security Target
Page 4
...Requirements 54 6.3 Security Requirements Rationale 55 6.3.1 Tracing...55 6.3.2 Justification of Traceability 56 6.3.3 Dependency Analysis 60 6.3.4 Security Assurance Requirements Rationale 62 7 TOE Summary Specification 63 7.1 TOE Security Function 63 7.1.1 SF.AUDIT Audit Function 64 7.1.1.1 Generation of Audit Logs 64 7.1.1.2 Reading Audit Logs 66 7.1.1.3 Protection of Audit ... Function 66 7.1.2.1 User Identification and Authentication 67 7.1.2.2 Actions in Event of Identification and Authentication Failure 67 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
...Requirements 54 6.3 Security Requirements Rationale 55 6.3.1 Tracing...55 6.3.2 Justification of Traceability 56 6.3.3 Dependency Analysis 60 6.3.4 Security Assurance Requirements Rationale 62 7 TOE Summary Specification 63 7.1 TOE Security Function 63 7.1.1 SF.AUDIT Audit Function 64 7.1.1.1 Generation of Audit Logs 64 7.1.1.2 Reading Audit Logs 66 7.1.1.3 Protection of Audit ... Function 66 7.1.2.1 User Identification and Authentication 67 7.1.2.2 Actions in Event of Identification and Authentication Failure 67 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
Security Target
Page 6
...roles of security attributes 45 Table 17: Characteristics of static attribute initialisation 46 Table 18: List of TSF data management...47 Table 19: List of specifications of Management Functions 48 Table 20: Services requiring trusted paths...53 Table 21: TOE Security assurance requirements (EAL3 54 Table 22: Relationship between security ...Table 32: Administrators authorised to specify machine control data 73 Table 33: List of encryption operations on data stored on the HDD 74 Table 34: Specific terms used in this ST...77 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
...roles of security attributes 45 Table 17: Characteristics of static attribute initialisation 46 Table 18: List of TSF data management...47 Table 19: List of specifications of Management Functions 48 Table 20: Services requiring trusted paths...53 Table 21: TOE Security assurance requirements (EAL3 54 Table 22: Relationship between security ...Table 32: Administrators authorised to specify machine control data 73 Table 33: List of encryption operations on data stored on the HDD 74 Table 34: Specific terms used in this ST...77 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
Security Target
Page 35
...failure, and type of general users (Outcome: Success/Failure) Copyright (c) 2010 RICOH COMPANY, LTD. c) Detailed: The specific security attributes used in making an information flow enforcement decision. d) Detailed: Some specific subsets of any tested secret; None a) Minimal: Rejection by the SFP. Lockout... and the actions (e.g. re-enabling of document data successful 1. Fax Function: Reception a) Minimal 1. c) Detailed: The specific security attributes used in making an access check. auditing of the threshold for information flow. Lockout start 2. a) Minimal:...
...failure, and type of general users (Outcome: Success/Failure) Copyright (c) 2010 RICOH COMPANY, LTD. c) Detailed: The specific security attributes used in making an information flow enforcement decision. d) Detailed: Some specific subsets of any tested secret; None a) Minimal: Rejection by the SFP. Lockout... and the actions (e.g. re-enabling of document data successful 1. Fax Function: Reception a) Minimal 1. c) Detailed: The specific security attributes used in making an access check. auditing of the threshold for information flow. Lockout start 2. a) Minimal:...
Security Target
Page 45
...user information) Operations Query, newly create, delete User roles - administrator IDs, administrator roles and supervisor ID]. User administrator Copyright (c) 2010 RICOH COMPANY, LTD. However, the administrator cannot delete the assigned administrator role if that role is assigned to : No other administrators, and ... other components. Dependencies: [FDP_ACC.1 Subset access control, or FDP_IFC.1 Subset information flow control] FMT_SMR.1 Security roles FMT_SMF.1 Specification of users: [assignment: administrators can add their own administrator roles. All Rights Reserved.
...user information) Operations Query, newly create, delete User roles - administrator IDs, administrator roles and supervisor ID]. User administrator Copyright (c) 2010 RICOH COMPANY, LTD. However, the administrator cannot delete the assigned administrator role if that role is assigned to : No other administrators, and ... other components. Dependencies: [FDP_ACC.1 Subset access control, or FDP_IFC.1 Subset information flow control] FMT_SMR.1 Security roles FMT_SMF.1 Specification of users: [assignment: administrators can add their own administrator roles. All Rights Reserved.
Security Target
Page 47
All Rights Reserved. Page 47 of TSF data management in Table 18] to [assignment: roles in Table 18]. FMT_SMR.1 Security roles FMT_SMF.1 Specification of Management Functions FMT_MTD.1.1 The TSF shall restrict the ability to : Dependencies: No other components. Table 18: List of TSF data management TSF data ... administrator Machine administrator General users, user administrator, network administrator, file administrator, supervisor User administrator User administrator Machine administrator Machine administrator Machine administrator Copyright (c) 2010 RICOH COMPANY, LTD.
All Rights Reserved. Page 47 of TSF data management in Table 18] to [assignment: roles in Table 18]. FMT_SMR.1 Security roles FMT_SMF.1 Specification of Management Functions FMT_MTD.1.1 The TSF shall restrict the ability to : Dependencies: No other components. Table 18: List of TSF data management TSF data ... administrator Machine administrator General users, user administrator, network administrator, file administrator, supervisor User administrator User administrator Machine administrator Machine administrator Machine administrator Copyright (c) 2010 RICOH COMPANY, LTD.
Security Target
Page 48
FMT_SMF.1.1 The TSF shall be taken in Table 19]. Copyright (c) 2010 RICOH COMPANY, LTD. Table 19: List of specifications of Management Functions Functional requirements FAU_GEN.1 FAU_SAR.1 FAU_SAR.2 FAU_STG.1 FAU_STG.4 FCS_CKM.1 FCS_COP.1 FDP_ACC.1 Management requirements ... Maintenance (deletion, modification, addition) of actions to be capable of performing the following Management Functions: [assignment: list of specifications of Management Functions described in case of audit storage failure. Dependencies: No dependencies. TSF data Operations Query Lockout Flag for ...
FMT_SMF.1.1 The TSF shall be taken in Table 19]. Copyright (c) 2010 RICOH COMPANY, LTD. Table 19: List of specifications of Management Functions Functional requirements FAU_GEN.1 FAU_SAR.1 FAU_SAR.2 FAU_STG.1 FAU_STG.4 FCS_CKM.1 FCS_COP.1 FDP_ACC.1 Management requirements ... Maintenance (deletion, modification, addition) of actions to be capable of performing the following Management Functions: [assignment: list of specifications of Management Functions described in case of audit storage failure. Dependencies: No dependencies. TSF data Operations Query Lockout Flag for ...
Security Target
Page 54
...Target evaluation ATE: Tests AVA: Vulnerability assessment Assurance components ADV_ARC.1 Security architecture description ADV_FSP.3 summary Functional specification with complete ADV_TDS.2 Architectural design AGD_OPE.1 Operational user guidance AGD_PRE.1 Preparative procedures ALC_CMC.3 Authorisation controls ... Derived security requirements ASE_SPD.1 Security problem definition ASE_TSS.1 TOE summary specification ATE_COV.2 Analysis of the TOE. sample AVA_VAN.2 Vulnerability analysis Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Page 54 of 81 6.2...
...Target evaluation ATE: Tests AVA: Vulnerability assessment Assurance components ADV_ARC.1 Security architecture description ADV_FSP.3 summary Functional specification with complete ADV_TDS.2 Architectural design AGD_OPE.1 Operational user guidance AGD_PRE.1 Preparative procedures ALC_CMC.3 Authorisation controls ... Derived security requirements ASE_SPD.1 Security problem definition ASE_TSS.1 TOE summary specification ATE_COV.2 Analysis of the TOE. sample AVA_VAN.2 Vulnerability analysis Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Page 54 of 81 6.2...
Security Target
Page 56
... and ends, whenever an identification or authentication function is performed. c) Protect audit logs To fulfill O.AUDIT , audit logs should be restricted to fulfill the O.AUDIT specification. Page 56 of 81 O.AUDIT O.I&A O.DOC_ACC O.MANAGE O.MEM.PROTECT O.NET.PROTECT O.GENUINE O.LINE_PROTECT FIA_USB.1 FMT_MSA.1 FMT_MSA.3 FMT_MTD.1 FMT_SMF.1 FMT_SMR.1 FPT_STM.1 FPT_TST.1 FTP_ITC.1 FTP_TRP.1 v v v v v v v v v v ... logs over audit logs that can be audited. a) Record audit logs To fulfill O.AUDIT, the performance of each event. Copyright (c) 2010 RICOH COMPANY, LTD.
... and ends, whenever an identification or authentication function is performed. c) Protect audit logs To fulfill O.AUDIT , audit logs should be restricted to fulfill the O.AUDIT specification. Page 56 of 81 O.AUDIT O.I&A O.DOC_ACC O.MANAGE O.MEM.PROTECT O.NET.PROTECT O.GENUINE O.LINE_PROTECT FIA_USB.1 FMT_MSA.1 FMT_MSA.3 FMT_MTD.1 FMT_SMF.1 FMT_SMR.1 FPT_STM.1 FPT_TST.1 FTP_ITC.1 FTP_TRP.1 v v v v v v v v v v ... logs over audit logs that can be audited. a) Record audit logs To fulfill O.AUDIT, the performance of each event. Copyright (c) 2010 RICOH COMPANY, LTD.
Security Target
Page 57
...this , FIA_UAU.7 prevents passwords being entered, and must not be performed prior to allowing user access to fulfill the O.DOC_ACC specification. For this , FIA_UID.2 identifies users prior to the operation permissions for document data set for user authentication shall be available,... password character entered in place of the functions they are not easily guessable. a) Specify access control to fulfill the O.I&A specification. Association and maintenance of authentication attempts reaches the number specified by locking out users when their use of each type of a ...
...this , FIA_UAU.7 prevents passwords being entered, and must not be performed prior to allowing user access to fulfill the O.DOC_ACC specification. For this , FIA_UID.2 identifies users prior to the operation permissions for document data set for user authentication shall be available,... password character entered in place of the functions they are not easily guessable. a) Specify access control to fulfill the O.I&A specification. Association and maintenance of authentication attempts reaches the number specified by locking out users when their use of each type of a ...
Security Target
Page 58
... to query and specify the Lockout Flag for the document data to specified users only, and a default value shall be Copyright (c) 2010 RICOH COMPANY, LTD. The operations that are included to query the date and time of the system clock, specify the service mode lock setting...fulfill O.MANAGE, access to TSF data shall be limited to query and change general user IDs; - authorised TOE users to fulfill the O.MANAGE specification. Page 58 of document data. For this , FMT_MTD.1 allows: - the user administrator and general users with full control operation permission for ...
... to query and specify the Lockout Flag for the document data to specified users only, and a default value shall be Copyright (c) 2010 RICOH COMPANY, LTD. The operations that are included to query the date and time of the system clock, specify the service mode lock setting...fulfill O.MANAGE, access to TSF data shall be limited to query and change general user IDs; - authorised TOE users to fulfill the O.MANAGE specification. Page 58 of document data. For this , FMT_MTD.1 allows: - the user administrator and general users with full control operation permission for ...
Security Target
Page 59
...encryption key generation algorithm (based on BSI-AIS31); a) Generate the encryption keys and perform encryption operations adequately. Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. For this association. d) Authorised use of 256 bits with the security management roles, ...tampering with the AES encryption algorithm (which protects data sent by S/MIME, which corresponds to fulfill the O.MEM.PROTECT specification. O.MEM.PROTECT Prevention of disclosure of network communication data Following are the rationale behind the functional requirements corresponding to O....
...encryption key generation algorithm (based on BSI-AIS31); a) Generate the encryption keys and perform encryption operations adequately. Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. For this association. d) Authorised use of 256 bits with the security management roles, ...tampering with the AES encryption algorithm (which protects data sent by S/MIME, which corresponds to fulfill the O.MEM.PROTECT specification. O.MEM.PROTECT Prevention of disclosure of network communication data Following are the rationale behind the functional requirements corresponding to O....
Security Target
Page 60
... of the executable code of the MFP Control Software, which is installed in ST None None None None None FCS_CKM.4 FCS_CKM.4 None None Copyright (c) 2010 RICOH COMPANY, LTD. Table 23: Correspondence of dependencies of TOE security functional requirements TOE security functional requirements FAU_GEN.1 FAU_SAR.1 FAU_SAR.2 FAU_STG.1 FAU_STG.4 FCS_CKM.1 FCS_COP.1 FDP_ACC.1 FDP_ACF... the fax reception process on the Controller Board only if the data received from the fax process on theFax Unit to fulfill the O.LINE.PROTECT specification.
... of the executable code of the MFP Control Software, which is installed in ST None None None None None FCS_CKM.4 FCS_CKM.4 None None Copyright (c) 2010 RICOH COMPANY, LTD. Table 23: Correspondence of dependencies of TOE security functional requirements TOE security functional requirements FAU_GEN.1 FAU_SAR.1 FAU_SAR.2 FAU_STG.1 FAU_STG.4 FCS_CKM.1 FCS_COP.1 FDP_ACC.1 FDP_ACF... the fax reception process on the Controller Board only if the data received from the fax process on theFax Unit to fulfill the O.LINE.PROTECT specification.
Security Target
Page 63
... SF.CIPHER SF.NET_PROT SF.FAX_LINE SF.GENUINE FAU_GEN.1 v FAU_SAR.1 v FAU_SAR.2 v FAU_STG.1 v FAU_STG.4 v FCS_CKM.1 v FCS_COP.1 v FDP_ACC.1 v FDP_ACF.1 v Copyright (c) 2010 RICOH COMPANY, LTD. Page 63 of this TOE. 7 TOE Summary Specification This section provides a specification summary of the Security Functions of 81 7.1 TOE Security Function The TOE provides the following TOE Security Funct ions...
... SF.CIPHER SF.NET_PROT SF.FAX_LINE SF.GENUINE FAU_GEN.1 v FAU_SAR.1 v FAU_SAR.2 v FAU_STG.1 v FAU_STG.4 v FCS_CKM.1 v FCS_COP.1 v FDP_ACC.1 v FDP_ACF.1 v Copyright (c) 2010 RICOH COMPANY, LTD. Page 63 of this TOE. 7 TOE Summary Specification This section provides a specification summary of the Security Functions of 81 7.1 TOE Security Function The TOE provides the following TOE Security Funct ions...
Security Target
Page 67
...the above, FIA_ATD.1 (User attribute definition), FIA_UAU.2 (User authentication before any action), FIA_UID.2 (User identification before any action), FIA_USB.1 (User-subject binding), FMT_SMF.1 (Specification of Management Functions), and FMT_SMR.1 (Security Roles) are satisfied. 7.1.2.2 Actions in "7.1.2.1 User Identification and Authentication". Page 67 of 81 7.1.2.1 User Identification and Authentication The ... the Lockout Flag for that user to the user's role. Authentication methods vary according to "Inactive" and releases the Lockout. Copyright (c) 2010 RICOH COMPANY, LTD.
...the above, FIA_ATD.1 (User attribute definition), FIA_UAU.2 (User authentication before any action), FIA_UID.2 (User identification before any action), FIA_USB.1 (User-subject binding), FMT_SMF.1 (Specification of Management Functions), and FMT_SMR.1 (Security Roles) are satisfied. 7.1.2.2 Actions in "7.1.2.1 User Identification and Authentication". Page 67 of 81 7.1.2.1 User Identification and Authentication The ... the Lockout Flag for that user to the user's role. Authentication methods vary according to "Inactive" and releases the Lockout. Copyright (c) 2010 RICOH COMPANY, LTD.
Security Target
Page 68
...letters) Numbers: [0-9] (10 digits) Symbols: SP (space 33 symbols) (2) Registerable password length: General users Copyright (c) 2010 RICOH COMPANY, LTD. If the machine administrator sets the lockout time to indefinite, lockout release will be performed only by manual lockout ...special Lockout release operation, restarting the TOE releases Lockout. From the above , FIA_AFL.1 (Authentication failure handling) and FMT_SMF.1 (Specification of Management Functions) are satisfied. 7.1.2.3 Password Feedback Area Protection The TOE display s a string of masking characters (*: asterisks or...
...letters) Numbers: [0-9] (10 digits) Symbols: SP (space 33 symbols) (2) Registerable password length: General users Copyright (c) 2010 RICOH COMPANY, LTD. If the machine administrator sets the lockout time to indefinite, lockout release will be performed only by manual lockout ...special Lockout release operation, restarting the TOE releases Lockout. From the above , FIA_AFL.1 (Authentication failure handling) and FMT_SMF.1 (Specification of Management Functions) are satisfied. 7.1.2.3 Password Feedback Area Protection The TOE display s a string of masking characters (*: asterisks or...
Security Target
Page 69
... a general user Default value for document data ACL Document data default ACL By the above , FIA_SOS.1 (Verification of secrets) and FMT_SMF.1 (Specification of the ID. Table 28: Default value for a document data ACL, the TOE allows that allows users to access document data based on... general users who has been successfully authenticated by the user administrator (8-32 characters) and no more than 128 characters. Copyright (c) 2010 RICOH COMPANY, LTD. Page 69 of 81 No fewer than the Minimum Password Length specified by the Identification and Authentication Function, or the ...
... a general user Default value for document data ACL Document data default ACL By the above , FIA_SOS.1 (Verification of secrets) and FMT_SMF.1 (Specification of the ID. Table 28: Default value for a document data ACL, the TOE allows that allows users to access document data based on... general users who has been successfully authenticated by the user administrator (8-32 characters) and no more than 128 characters. Copyright (c) 2010 RICOH COMPANY, LTD. Page 69 of 81 No fewer than the Minimum Password Length specified by the Identification and Authentication Function, or the ...
Security Target
Page 71
...Security roles) are satisfied. Administrator information includes administrator IDs, administrator authentication information, and administrator roles. Copyright (c) 2010 RICOH COMPANY, LTD. Page 71 of 81 If the logged-in Table 30, respectively. Table 30 shows the relationship ..., FIA_USB.1 (User-subject binding), FMT_MSA.1 (Management of security attributes), FMT_MTD.1 (Management of TSF data), FMT_SMF.1 (Specification of new administrators, querying and changing administrator IDs, changing administrator authentication information, and querying, adding and deleting administrator roles....
...Security roles) are satisfied. Administrator information includes administrator IDs, administrator authentication information, and administrator roles. Copyright (c) 2010 RICOH COMPANY, LTD. Page 71 of 81 If the logged-in Table 30, respectively. Table 30 shows the relationship ..., FIA_USB.1 (User-subject binding), FMT_MSA.1 (Management of security attributes), FMT_MTD.1 (Management of TSF data), FMT_SMF.1 (Specification of new administrators, querying and changing administrator IDs, changing administrator authentication information, and querying, adding and deleting administrator roles....
Security Target
Page 72
Copyright (c) 2010 RICOH COMPANY, LTD. By the above, FMT_MSA.1 (Management of security attributes), FMT_MTD.1 (Management of TSF data), FMT_SMF.1 (Specification of management functions), and FMT_SMR.1 (Security roles) are satisfied. 7.1.4.4 Management of General User Information Management of general user information allows only specified users to perform ...
Copyright (c) 2010 RICOH COMPANY, LTD. By the above, FMT_MSA.1 (Management of security attributes), FMT_MTD.1 (Management of TSF data), FMT_SMF.1 (Specification of management functions), and FMT_SMR.1 (Security roles) are satisfied. 7.1.4.4 Management of General User Information Management of general user information allows only specified users to perform ...
Security Target
Page 73
... Service Function By the above , FMT_MSA.1 (Management of security attributes), FMT_MTD.1 (Management of TSF data), FMT_SMF.1 (Specification of management functions), and FMT_SMR.1 (Security roles) are satisfied. The TOE also allows the user administrator and general users... authorised to Folder function. All Rights Reserved. Copyright (c) 2010 RICOH COMPANY, LTD. Page 73 of 81 By the above , FIA_AFL.1 (Authentication failure handling), FMT_MTD.1 (Management of TSF data), FMT_SMF.1 (Specification of management function), and FMT_SMR.1 (Security roles) are satisfied....
... Service Function By the above , FMT_MSA.1 (Management of security attributes), FMT_MTD.1 (Management of TSF data), FMT_SMF.1 (Specification of management functions), and FMT_SMR.1 (Security roles) are satisfied. The TOE also allows the user administrator and general users... authorised to Folder function. All Rights Reserved. Copyright (c) 2010 RICOH COMPANY, LTD. Page 73 of 81 By the above , FIA_AFL.1 (Authentication failure handling), FMT_MTD.1 (Management of TSF data), FMT_SMF.1 (Specification of management function), and FMT_SMR.1 (Security roles) are satisfied....