Security Target
Page 8
... MFP MFP Names TOE Versions Ricoh Aficio MP 2352, Ricoh Aficio MP 2852, Ricoh Aficio MP 3352, Savin MP 2352, Savin MP 2852, Savin MP 3352, Lanier MP 2352, Lanier MP 2852, Lanier MP 3352, nashuatec MP 2352, nashuatec MP 2852, nashuatec MP 3352, Rex-Rotary MP 2352, Rex-Rotary MP 2852, Rex-Rotary MP 3352, Gestetner MP 2352, Gestetner MP 2852, Gestetner MP 3352, infotec MP 2352, infotec MP 2852, infotec MP 3352 "Fax Option Type...
... MFP MFP Names TOE Versions Ricoh Aficio MP 2352, Ricoh Aficio MP 2852, Ricoh Aficio MP 3352, Savin MP 2352, Savin MP 2852, Savin MP 3352, Lanier MP 2352, Lanier MP 2852, Lanier MP 3352, nashuatec MP 2352, nashuatec MP 2852, nashuatec MP 3352, Rex-Rotary MP 2352, Rex-Rotary MP 2852, Rex-Rotary MP 3352, Gestetner MP 2352, Gestetner MP 2852, Gestetner MP 3352, infotec MP 2352, infotec MP 2852, infotec MP 3352 "Fax Option Type...
Security Target
Page 9
Copyright (c) 2011 RICOH COMPANY, LTD. NetworkDocBox Web Support Web Uapl animation Scanner Printer PCL PCL Font Data Erase Onb GWFCU3.5-1(WW) Engine OpePanel LANG0 LANG1 Ic Key Ic Hdd 1.00 1.01 1.00 1.00 01.01 1.02 1.00 1.12 1....
Copyright (c) 2011 RICOH COMPANY, LTD. NetworkDocBox Web Support Web Uapl animation Scanner Printer PCL PCL Font Data Erase Onb GWFCU3.5-1(WW) Engine OpePanel LANG0 LANG1 Ic Key Ic Hdd 1.00 1.01 1.00 1.00 01.01 1.02 1.00 1.12 1....
Security Target
Page 11
Operation of documents using the printer driver installed on the client computer, - Firewall A device to prevent the office environment from the RC Gate via the Internet. Storage and printing of documents ... communicating with external faxes. SMB Server A server used by the TOE for the MFP using the fax driver installed on the client computer, - Copyright (c) 2011 RICOH COMPANY, LTD. RC Gate An IT device used when External Authentication is connected to communicate with the external authentication server via LAN. Page 10 of...
Operation of documents using the printer driver installed on the client computer, - Firewall A device to prevent the office environment from the RC Gate via the Internet. Storage and printing of documents ... communicating with external faxes. SMB Server A server used by the TOE for the MFP using the fax driver installed on the client computer, - Copyright (c) 2011 RICOH COMPANY, LTD. RC Gate An IT device used when External Authentication is connected to communicate with the external authentication server via LAN. Page 10 of...
Security Target
Page 14
... Controller Unit sends and receives control information about the Scanner Engine and Printer Engine to the Controller Board, and operates the Scanner Engine or Printer Engine according to read paper documents, Printer Engine that constitute the TOE, is the identifier for the Engine Control... Software. Page 13 of normal users. The Engine Control Software is a non-volatile memory medium. GWFCU3.5-1(WW), which the following : 1. Copyright (c) 2011 RICOH ...
... Controller Unit sends and receives control information about the Scanner Engine and Printer Engine to the Controller Board, and operates the Scanner Engine or Printer Engine according to read paper documents, Printer Engine that constitute the TOE, is the identifier for the Engine Control... Software. Page 13 of normal users. The Engine Control Software is a non-volatile memory medium. GWFCU3.5-1(WW), which the following : 1. Copyright (c) 2011 RICOH ...
Security Target
Page 15
...TX/10BASE-T) LAN. During installation, this TOE: [English version-1], [English version-2], and [English version-3]. MP 2352/MP 2852/MP 3352 MP 2352/MP 2852/MP 3352 Aficio MP 2352/MP 2852/MP 3352 Operating Instructions Troubleshooting D120-7533 - USB Port The USB Port is an external interface to the TOE ... on the sales area and/or sales company. MP 2352/MP 2852/MP 3352 MP 2352/MP 2852/MP 3352 Aficio MP 2352/MP 2852/MP 3352 Operating Instructions About This Machine D120-7523 - Quick Reference Printer Guide D595-7305 Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved. SD Card/SD...
...TX/10BASE-T) LAN. During installation, this TOE: [English version-1], [English version-2], and [English version-3]. MP 2352/MP 2852/MP 3352 MP 2352/MP 2852/MP 3352 Aficio MP 2352/MP 2852/MP 3352 Operating Instructions Troubleshooting D120-7533 - USB Port The USB Port is an external interface to the TOE ... on the sales area and/or sales company. MP 2352/MP 2852/MP 3352 MP 2352/MP 2852/MP 3352 Aficio MP 2352/MP 2852/MP 3352 Operating Instructions About This Machine D120-7523 - Quick Reference Printer Guide D595-7305 Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved. SD Card/SD...
Security Target
Page 16
... on Security Functions D120-7556 - Quick Reference Copy Guide D120-7516 - MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP Aficio MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP Manuals and Safety Information for Users MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP Aficio MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP Copyright (c) 2011 RICOH COMPANY, LTD. - Quick Reference Scanner Guide D595-7316 - Manuals for This...
... on Security Functions D120-7556 - Quick Reference Copy Guide D120-7516 - MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP Aficio MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP Manuals and Safety Information for Users MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP Aficio MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP Copyright (c) 2011 RICOH COMPANY, LTD. - Quick Reference Scanner Guide D595-7316 - Manuals for This...
Security Target
Page 17
... Operating Instructions Notes on Hard Disk Data Encryption D120-7550 Copyright (c) 2011 RICOH COMPANY, LTD. MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP Aficio MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP Operating Instructions Troubleshooting D120-7535 - Quick Reference Copy Guide D120-7518... for English Version-3 TOE Components MFP Guidance Documents for Administrators Security Reference MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP Aficio MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP D595-7798 - Quick Reference Printer Guide D595-7305 -
... Operating Instructions Notes on Hard Disk Data Encryption D120-7550 Copyright (c) 2011 RICOH COMPANY, LTD. MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP Aficio MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP Operating Instructions Troubleshooting D120-7535 - Quick Reference Copy Guide D120-7518... for English Version-3 TOE Components MFP Guidance Documents for Administrators Security Reference MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP Aficio MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP D595-7798 - Quick Reference Printer Guide D595-7305 -
Security Target
Page 18
... the definitions of 91 - Notes for Users MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP Aficio MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP D595-7810 - Quick Reference Fax Guide D596-7108 1.4.3 Definition of Users Normal user Administrator RC Gate Explanation A user who routinely use Copy Function, Fax Function, Scanner Function, Printer Function, and Document Server Function. These users include...
... the definitions of 91 - Notes for Users MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP Aficio MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP D595-7810 - Quick Reference Fax Guide D596-7108 1.4.3 Definition of Users Normal user Administrator RC Gate Explanation A user who routinely use Copy Function, Fax Function, Scanner Function, Printer Function, and Document Server Function. These users include...
Security Target
Page 21
...computer. Operating from a Web browser The TOE can be ensured. Scanner documents can print or delete printer documents according to folders or by the TOE will be printed. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved. It also allows users to folders or by e-mail, or ... documents. Folder transmission can be ensured. Scanner Function The Scanner Function is complete. The documents to folders or by users from the printer driver installed on the client computer. For locked print, stored print, hold print, and sample print. If stored print is specified,...
...computer. Operating from a Web browser The TOE can be ensured. Scanner documents can print or delete printer documents according to folders or by the TOE will be printed. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved. It also allows users to folders or by e-mail, or ... documents. Folder transmission can be ensured. Scanner Function The Scanner Function is complete. The documents to folders or by users from the printer driver installed on the client computer. For locked print, stored print, hold print, and sample print. If stored print is specified,...
Security Target
Page 24
...-of-Feature Restriction Function The Use-of-Feature Restriction Function is to authorise the operations of Copy Function, Printer Function, Scanner Function, Document Server Function and Fax Function by the authorised TOE users who are authenticated by... Network Protection Function is to enter his or her login user name and login password received from the printer or fax driver, a user will be verified by the MFP administrator-specified procedure, whereas the MFP administrator... information leakage through encrypted communication. If the e-mail Copyright (c) 2011 RICOH COMPANY, LTD.
...-of-Feature Restriction Function The Use-of-Feature Restriction Function is to authorise the operations of Copy Function, Printer Function, Scanner Function, Document Server Function and Fax Function by the authorised TOE users who are authenticated by... Network Protection Function is to enter his or her login user name and login password received from the printer or fax driver, a user will be verified by the MFP administrator-specified procedure, whereas the MFP administrator... information leakage through encrypted communication. If the e-mail Copyright (c) 2011 RICOH COMPANY, LTD.
Security Target
Page 26
...Confidential data Table 8 : Definition of user data are for This ST For clear understanding of this identifier. Copyright (c) 2011 RICOH COMPANY, LTD. This data must be protected from changes by unauthorised persons. A password associated with each normal user, MFP ...administrator, and supervisor. Functions The MFP applications (Copy Function, Document Server Function, Printer Function, Scanner Function, and Fax Function) that identify the TOE include System/Copy, Network Support, Scanner, Printer, Fax, RemoteFax, Web Support, Web Uapl, NetworkDocBox, animation, PCL, PCL ...
...Confidential data Table 8 : Definition of user data are for This ST For clear understanding of this identifier. Copyright (c) 2011 RICOH COMPANY, LTD. This data must be protected from changes by unauthorised persons. A password associated with each normal user, MFP ...administrator, and supervisor. Functions The MFP applications (Copy Function, Document Server Function, Printer Function, Scanner Function, and Fax Function) that identify the TOE include System/Copy, Network Support, Scanner, Printer, Fax, RemoteFax, Web Support, Web Uapl, NetworkDocBox, animation, PCL, PCL ...
Security Target
Page 27
...operation. One of the procedures for identification and authentication of each TOE function (Copy Function, Document Server Function, Scanner Function, Printer Function and Fax Function) from beginning to use the TOE. A sequence of operations of TOE users who are four types of... registrable password digits. Copyright (c) 2011 RICOH COMPANY, LTD. A function for paper documents and electronic documents used in the TOE includes Windows Authentication, LDAP Authentication, and Integration ...
...operation. One of the procedures for identification and authentication of each TOE function (Copy Function, Document Server Function, Scanner Function, Printer Function and Fax Function) from beginning to use the TOE. A sequence of operations of TOE users who are four types of... registrable password digits. Copyright (c) 2011 RICOH COMPANY, LTD. A function for paper documents and electronic documents used in the TOE includes Windows Authentication, LDAP Authentication, and Integration ...
Security Target
Page 28
... the printing method for Copy Function, Document Server Function, and Printer Function. Consists of the stored document types. A list of the normal users whose access to operate the TOE. Copyright (c) 2011 RICOH COMPANY, LTD. Classification of stored documents according to the document... data is used with Document Server Function, Printer Function, Scanner Function, and Fax Function. Documents stored in the TOE by ...
... the printing method for Copy Function, Document Server Function, and Printer Function. Consists of the stored document types. A list of the normal users whose access to operate the TOE. Copyright (c) 2011 RICOH COMPANY, LTD. Classification of stored documents according to the document... data is used with Document Server Function, Printer Function, Scanner Function, and Fax Function. Documents stored in the TOE by ...
Security Target
Page 31
...requirements of the PP conformance. Neither transmission nor reception of the protected assets defined in the PP takes place in chapter 3. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved. The MFP is neither increased nor decreased. Therefore, this TOE. This, however, does not mean that... are independent from the RC Gate. For these reasons, these devices and equip one or more functions of Copy Function, Scanner Function, Printer Function or Fax Function. Also, the description is the type of this TOE type is written in English, the security problem definitions in...
...requirements of the PP conformance. Neither transmission nor reception of the protected assets defined in the PP takes place in chapter 3. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved. The MFP is neither increased nor decreased. Therefore, this TOE. This, however, does not mean that... are independent from the RC Gate. For these reasons, these devices and equip one or more functions of Copy Function, Scanner Function, Printer Function or Fax Function. Also, the description is the type of this TOE type is written in English, the security problem definitions in...
Security Target
Page 67
...terminate an interactive session after a [assignment: elapsed time of auto logout, completion of document data reception from the printer driver, completion of document data reception from the fax driver, and termination of this TOE is logically distinct from ... level 3 (EAL3). ALC_FLR.2 was added to the set of data to external interfaces Hierarchical to : No other components. Copyright (c) 2011 RICOH COMPANY, LTD. Dependencies: No dependencies. Dependencies: FMT_SMF.1 Specification of the TOE. Dependencies: No dependencies. All rights reserved. Table 31 lists...
...terminate an interactive session after a [assignment: elapsed time of auto logout, completion of document data reception from the printer driver, completion of document data reception from the fax driver, and termination of this TOE is logically distinct from ... level 3 (EAL3). ALC_FLR.2 was added to the set of data to external interfaces Hierarchical to : No other components. Copyright (c) 2011 RICOH COMPANY, LTD. Dependencies: No dependencies. Dependencies: FMT_SMF.1 Specification of the TOE. Dependencies: No dependencies. All rights reserved. Table 31 lists...
Security Target
Page 74
...is enforced by FDP_ACC.1(b) and FDP_ACF.1(b) and fulfilled. To fulfil this security objective, it difficult to guess the password. Copyright (c) 2011 RICOH COMPANY, LTD. According to FMT_MSA.1(b), the login user name and available function list of external interface according to the TOE for the External... Operation Panel or a Web browser after no operation is fulfilled. FIA_AFL.1 does not allow the user who is performed from the printer driver or fax driver. FTA_SSL.3 automatically logs out of document data reception from the Operation Panel or LAN interface for the Basic...
...is enforced by FDP_ACC.1(b) and FDP_ACF.1(b) and fulfilled. To fulfil this security objective, it difficult to guess the password. Copyright (c) 2011 RICOH COMPANY, LTD. According to FMT_MSA.1(b), the login user name and available function list of external interface according to the TOE for the External... Operation Panel or a Web browser after no operation is fulfilled. FIA_AFL.1 does not allow the user who is performed from the printer driver or fax driver. FTA_SSL.3 automatically logs out of document data reception from the Operation Panel or LAN interface for the Basic...
Security Target
Page 81
... fax driver, the TOE receives the login user name and login password entered from each driver by a user. Copyright (c) 2011 RICOH COMPANY, LTD. When the entered login user name is installed. All rights reserved. Either Basic Authentication or External Authentication will be displayed...login password are sent to an external authentication server for normal users include those by a user. When the TOE is used from the printer driver or fax driver, the TOE receives the login user name and login password entered from each driver by Basic Authentication and External Authentication...
... fax driver, the TOE receives the login user name and login password entered from each driver by a user. Copyright (c) 2011 RICOH COMPANY, LTD. When the entered login user name is installed. All rights reserved. Either Basic Authentication or External Authentication will be displayed...login password are sent to an external authentication server for normal users include those by a user. When the TOE is used from the printer driver or fax driver, the TOE receives the login user name and login password entered from each driver by Basic Authentication and External Authentication...
Security Target
Page 82
...and specified for Each User Role User Roles (Locked out Users) Normal user Supervisor MFP administrator Unlocking Administrators MFP administrator MFP administrator Supervisor Copyright (c) 2011 RICOH COMPANY, LTD. Table 37 : Unlocking Administrators for each user role releases the lockout. All rights reserved. FTA_SSL.3 The automatic logout function the TOE ... on to the user at login will be maintained until the user logs out. The user role assigned to the TOE from the printer driver. The TOE logs out immediately after receiving the print data from a Web browser.
...and specified for Each User Role User Roles (Locked out Users) Normal user Supervisor MFP administrator Unlocking Administrators MFP administrator MFP administrator Supervisor Copyright (c) 2011 RICOH COMPANY, LTD. Table 37 : Unlocking Administrators for each user role releases the lockout. All rights reserved. FTA_SSL.3 The automatic logout function the TOE ... on to the user at login will be maintained until the user logs out. The user role assigned to the TOE from the printer driver. The TOE logs out immediately after receiving the print data from a Web browser.
Security Target
Page 84
...be Used Operation Panel Operation Panel Operation Panel Operation Panel Available Functions for Users Document Server Function Document Server Function Printer Function Scanner Function Operation Panel Operation Panel Fax Function Fax Function Types of Stored Documents displayed in the List Document... Delete Print Delete Print Delete E-mail transmission Folder transmission Delete Fax transmission Folder transmission Print Delete Print Delete Copyright (c) 2011 RICOH COMPANY, LTD. Table 38 : Stored Documents Access Control Rules for Normal Users I/F to be displayed according to the rules...
...be Used Operation Panel Operation Panel Operation Panel Operation Panel Available Functions for Users Document Server Function Document Server Function Printer Function Scanner Function Operation Panel Operation Panel Fax Function Fax Function Types of Stored Documents displayed in the List Document... Delete Print Delete Print Delete E-mail transmission Folder transmission Delete Fax transmission Folder transmission Print Delete Print Delete Copyright (c) 2011 RICOH COMPANY, LTD. Table 38 : Stored Documents Access Control Rules for Normal Users I/F to be displayed according to the rules...
Security Target
Page 85
...job owner or MFP administrator and a cancellation of the identified and authenticated TOE users and user privileges set for each user. Copyright (c) 2011 RICOH COMPANY, LTD. However, if the document data operated by the cancelled user job is a stored document, the data will be deleted and ... a user job is to authorise TOE users to cancel a user job only if the user who are privileged to use Copy Function, Printer Function, Scanner Function, Document Server Function and Fax Function in the TOE. 7.4 Use-of-Feature Restriction Function The Use-of-Feature Restriction Function...
...job owner or MFP administrator and a cancellation of the identified and authenticated TOE users and user privileges set for each user. Copyright (c) 2011 RICOH COMPANY, LTD. However, if the document data operated by the cancelled user job is a stored document, the data will be deleted and ... a user job is to authorise TOE users to cancel a user job only if the user who are privileged to use Copy Function, Printer Function, Scanner Function, Document Server Function and Fax Function in the TOE. 7.4 Use-of-Feature Restriction Function The Use-of-Feature Restriction Function...