Security Target
Page 9
... Hardware Ic Key 01020700 Ic Ctlr 03 GWFCU3-21(WW) 03.00.00 Keywords : Digital MFP, Documents, Copy, Print, Scanner, Network, Office, Fax 1.3 TOE Overview This section defines TOE Type, TOE Usage and Major Security Features of TOE. 1.3.1 TOE Type This TOE is a digital multi function product (hereafter "MFP"), which is an IT device that inputs, stores, and outputs documents. 1.3.2 TOE Usage The operational environment of...
... Hardware Ic Key 01020700 Ic Ctlr 03 GWFCU3-21(WW) 03.00.00 Keywords : Digital MFP, Documents, Copy, Print, Scanner, Network, Office, Fax 1.3 TOE Overview This section defines TOE Type, TOE Usage and Major Security Features of TOE. 1.3.1 TOE Type This TOE is a digital multi function product (hereafter "MFP"), which is an IT device that inputs, stores, and outputs documents. 1.3.2 TOE Usage The operational environment of...
Security Target
Page 14
.... The Operation Panel Control Software performs the following devices: key switches, LED indicators, an LCD touch screen, and Operation Control Board. The Fax Unit sends and receives control information about the Scanner Engine and Printer Engine to the Controller Board, and operates the Scanner Engine or Printer Engine according to print and eject paper documents, and Engine Control Board. It stores documents, login user names and login passwords of 93 and digital signature. Page 13 of normal users. Operation Panel Unit (hereafter "Operation Panel") The Operation Panel is a non...
.... The Operation Panel Control Software performs the following devices: key switches, LED indicators, an LCD touch screen, and Operation Control Board. The Fax Unit sends and receives control information about the Scanner Engine and Printer Engine to the Controller Board, and operates the Scanner Engine or Printer Engine according to print and eject paper documents, and Engine Control Board. It stores documents, login user names and login passwords of 93 and digital signature. Page 13 of normal users. Operation Panel Unit (hereafter "Operation Panel") The Operation Panel is a non...
Security Target
Page 19
.... Quick Reference Printer Guide D088-7805 - Notes for Users D060-7781 - Operating Instructions Notes on Security Functions D088-7706 - Copyright (c) 2011 RICOH COMPANY, LTD. The direct users and indirect users are described as follows: 1.4.3.1. Page 18 of Users This section defines the users related to in a Network Environment Compliant with IEEE Std. 2600.1TM-2009 D088-7707 - Manuals for Users D088-7608 - Notes for Users Aficio MP C3001/MP C3501/MP C4501/MP...
.... Quick Reference Printer Guide D088-7805 - Notes for Users D060-7781 - Operating Instructions Notes on Security Functions D088-7706 - Copyright (c) 2011 RICOH COMPANY, LTD. The direct users and indirect users are described as follows: 1.4.3.1. Page 18 of Users This section defines the users related to in a Network Environment Compliant with IEEE Std. 2600.1TM-2009 D088-7707 - Manuals for Users D088-7608 - Notes for Users Aficio MP C3001/MP C3501/MP C4501/MP...
Security Target
Page 20
... privilege File management privilege Explanation Authorised to delete and register the login password of normal user settings. Authorised to normal users. A normal user is allowed to use Copy Function, Fax Function, Scanner Function, Printer Function, and Document Server Function. This privilege allows configuration of the MFP administrator. An administrator performs management operations, which include issuing login names to manage stored documents. Authorised to specify MFP device behaviour (network behaviours excluded). Up to four MFP administrators can use...
... privilege File management privilege Explanation Authorised to delete and register the login password of normal user settings. Authorised to normal users. A normal user is allowed to use Copy Function, Fax Function, Scanner Function, Printer Function, and Document Server Function. This privilege allows configuration of the MFP administrator. An administrator performs management operations, which include issuing login names to manage stored documents. Authorised to specify MFP device behaviour (network behaviours excluded). Up to four MFP administrators can use...
Security Target
Page 23
... are called scanner documents. Scanner documents can print or delete printer documents according to the operations by e-mail, or deleted from a Web browser. - All rights reserved. It also allows users to print and delete the stored documents from the Operation Panel. - For direct print, documents received by e-mail. If locked print, hold print, and sample print. According to the guidance document, users first install the specified printer driver on the client computer. Copyright (c) 2011 RICOH COMPANY, LTD. Printing methods for...
... are called scanner documents. Scanner documents can print or delete printer documents according to the operations by e-mail, or deleted from a Web browser. - All rights reserved. It also allows users to print and delete the stored documents from the Operation Panel. - For direct print, documents received by e-mail. If locked print, hold print, and sample print. According to the guidance document, users first install the specified printer driver on the client computer. Copyright (c) 2011 RICOH COMPANY, LTD. Printing methods for...
Security Target
Page 24
... to the folder. - The MFP administrator must pre-register the destination server that the MFP administrator pre-registers, and send data to the telephone numbers that are pre-registered in the TOE. Fax Reception Function A function to folders. Documents can be printed and deleted using the Operation Panel, while they also can be printed, deleted, and sent to receive documents from external faxes via the telephone line and store the received documents in the TOE. - Documents can be...
... to the folder. - The MFP administrator must pre-register the destination server that the MFP administrator pre-registers, and send data to the telephone numbers that are pre-registered in the TOE. Fax Reception Function A function to folders. Documents can be printed and deleted using the Operation Panel, while they also can be printed, deleted, and sent to receive documents from external faxes via the telephone line and store the received documents in the TOE. - Documents can be...
Security Target
Page 25
... access to operate documents stored in a legible fashion for the target of evaluation. Copyright (c) 2011 RICOH COMPANY, LTD. This function can print and delete Document Server documents, fax, print, download, and delete fax documents. Security Functions The Security Functions are allowed to control the MFP's overall behaviour. If the MFP administrator sets the Service Mode Lock Function to "ON", the customer engineer cannot use and security-relevant events (hereafter, "audit events"). From a Web browser, users can be implemented using the Operation Panel...
... access to operate documents stored in a legible fashion for the target of evaluation. Copyright (c) 2011 RICOH COMPANY, LTD. This function can print and delete Document Server documents, fax, print, download, and delete fax documents. Security Functions The Security Functions are allowed to control the MFP's overall behaviour. If the MFP administrator sets the Service Mode Lock Function to "ON", the customer engineer cannot use and security-relevant events (hereafter, "audit events"). From a Web browser, users can be implemented using the Operation Panel...
Security Target
Page 26
... a normal user. The persons are allowed to enter his or her login user name and login password received from the RC Gate communication interface, it will be required to use the Printer or Fax Function from a Web browser, printer/fax driver, and RC Gate. minimum password length) and obligatory character types the MFP administrator specifies, so that the user can be verified as the authorised user. The protection function can be enabled using the Operation Panel.
... a normal user. The persons are allowed to enter his or her login user name and login password received from the RC Gate communication interface, it will be required to use the Printer or Fax Function from a Web browser, printer/fax driver, and RC Gate. minimum password length) and obligatory character types the MFP administrator specifies, so that the user can be verified as the authorised user. The protection function can be enabled using the Operation Panel.
Security Target
Page 28
...types. Copyright (c) 2011 RICOH COMPANY, LTD. Table 9 defines TSF data according to the public. Login user name, Number of Attempts before Lockout, settings for This ST For clear understanding of specific terms. Terms MFP Control Software Table 10 : Specific Terms Related to as "TSF protected data". This data must be protected from changes by users without viewing permissions. Functions The MFP applications (Copy Function, Document Server Function, Printer Function, Scanner Function, and Fax Function) that identify the TOE include System/Copy, Network Support, Scanner, Printer...
...types. Copyright (c) 2011 RICOH COMPANY, LTD. Table 9 defines TSF data according to the public. Login user name, Number of Attempts before Lockout, settings for This ST For clear understanding of specific terms. Terms MFP Control Software Table 10 : Specific Terms Related to as "TSF protected data". This data must be protected from changes by users without viewing permissions. Functions The MFP applications (Copy Function, Document Server Function, Printer Function, Scanner Function, and Fax Function) that identify the TOE include System/Copy, Network Support, Scanner, Printer...
Security Target
Page 29
.... Windows Authentication supports NTLM Authentication and Kerberos Authentication. The minimum number of the document data attributes. Attributes of document data, such as "fixed auto logout time". Password Complexity Setting Basic Authentication External Authentication HDD User job Documents Document data attributes +PRT Definitions An identifier assigned to as +PRT, +SCN, +CPY, +FAXOUT, +FAXIN, and +DSR. One of registrable password digits. A type of each login user name. If a user job is attempted from the Operation Panel or Web Function...
.... Windows Authentication supports NTLM Authentication and Kerberos Authentication. The minimum number of the document data attributes. Attributes of document data, such as "fixed auto logout time". Password Complexity Setting Basic Authentication External Authentication HDD User job Documents Document data attributes +PRT Definitions An identifier assigned to as +PRT, +SCN, +CPY, +FAXOUT, +FAXIN, and +DSR. One of registrable password digits. A type of each login user name. If a user job is attempted from the Operation Panel or Web Function...
Security Target
Page 30
... MFP administrators whose access to IT devices by using Copy Function, Scanner Function, Document Server Function, and Fax Data Storage Function. Documents stored in the TOE when Document Server storage is selected as an attribute of the normal users whose "users cannot be identified". A list of document data. Page 29 of 93 Terms +SCN +CPY +FAXOUT +FAXIN +DSR Document user list Stored documents Stored document type Document Server documents Printer documents Scanner documents Fax documents Received fax documents MFP application Available function list Operation Panel Definitions...
... MFP administrators whose access to IT devices by using Copy Function, Scanner Function, Document Server Function, and Fax Data Storage Function. Documents stored in the TOE when Document Server storage is selected as an attribute of the normal users whose "users cannot be identified". A list of document data. Page 29 of 93 Terms +SCN +CPY +FAXOUT +FAXIN +DSR Document user list Stored documents Stored document type Document Server documents Printer documents Scanner documents Fax documents Received fax documents MFP application Available function list Operation Panel Definitions...
Security Target
Page 31
... MFP administrator. S/MIME protects the communication for the TOE. General term for remote diagnosis maintenance services for realising this function include: scanned documents using Scanner Function, and scanned and stored document data using this function. Destination information for a certain period of time while jammed paper is registered and managed by using the fax driver on the Operation Panel if paper jams frequently occur, or if the door or cover of the TOE is located. A function for users to request a repair...
... MFP administrator. S/MIME protects the communication for the TOE. General term for remote diagnosis maintenance services for realising this function include: scanned documents using Scanner Function, and scanned and stored document data using this function. Destination information for a certain period of time while jammed paper is registered and managed by using the fax driver on the Operation Panel if paper jams frequently occur, or if the door or cover of the TOE is located. A function for users to request a repair...
Security Target
Page 73
... permission to delete document data (there is no "editing operation" of the document data, and the MFP administrator. FDP_ACC.1(a) and FDP_ACF.1(a) allow the following countermeasures. (1) Specify and implement the access control to delete user jobs. The user jobs sent and received by the TOE via the LAN interface are protected by FTP_ITC.1. FDP_ACC.1(a) and FDP_ACF.1(a) allow the MFP administrator to delete user jobs, and the normal user with a login user name but without a login user name...
... permission to delete document data (there is no "editing operation" of the document data, and the MFP administrator. FDP_ACC.1(a) and FDP_ACF.1(a) allow the following countermeasures. (1) Specify and implement the access control to delete user jobs. The user jobs sent and received by the TOE via the LAN interface are protected by FTP_ITC.1. FDP_ACC.1(a) and FDP_ACF.1(a) allow the MFP administrator to delete user jobs, and the normal user with a login user name but without a login user name...
Security Target
Page 82
... Termination of session by auto logout Web Function communication Folder transmission E-mail transmission Printing via networks LAN Fax via networks Storing document data Reading document data (print, download, fax transmission, e-mail transmission, and folder transmission) Deleting document data Success and failure of creation, modification, and deletion of S/MIME user information Success and failure of creation, modification, and deletion of destination folders Communication with RC Gate (*1): The start-up event. (*2): Login operation by the user or TOE Audit...
... Termination of session by auto logout Web Function communication Folder transmission E-mail transmission Printing via networks LAN Fax via networks Storing document data Reading document data (print, download, fax transmission, e-mail transmission, and folder transmission) Deleting document data Success and failure of creation, modification, and deletion of S/MIME user information Success and failure of creation, modification, and deletion of destination folders Communication with RC Gate (*1): The start-up event. (*2): Login operation by the user or TOE Audit...
Security Target
Page 86
... documents Fax reception documents Operations displayed on document data The TOE provides users with the interface for Users Document Server Function Document Server Function Printer Function Scanner Function Fax Function Fax Function Types of the stored documents that allow users to cancel user jobs is being used. Page 85 of 93 (1) Access control rule on the Menu Print Delete Print Delete Print Delete E-mail transmission Folder transmission Delete Fax transmission Folder transmission Print Delete Print Delete Copyright (c) 2011 RICOH COMPANY, LTD. When the MFP administrator...
... documents Fax reception documents Operations displayed on document data The TOE provides users with the interface for Users Document Server Function Document Server Function Printer Function Scanner Function Fax Function Fax Function Types of the stored documents that allow users to cancel user jobs is being used. Page 85 of 93 (1) Access control rule on the Menu Print Delete Print Delete Print Delete E-mail transmission Folder transmission Delete Fax transmission Folder transmission Print Delete Print Delete Copyright (c) 2011 RICOH COMPANY, LTD. When the MFP administrator...
Security Target
Page 87
...Folder transmission Download Delete (Operations above are authorised only if normal users are privileged to use Scanner Function) Fax transmission Download Print Delete (Operations above are authorised only if normal users are privileged to use Fax Function) Print Delete Print Download Delete (Operations above are authorised only if normal users are not allowed to use Document Server Function) (2) Access control rule on user jobs The TOE displays on the Operation Panel a menu to cancel a user job only if the user who logs in from the Operation Panel is a user job owner or MFP administrator...
...Folder transmission Download Delete (Operations above are authorised only if normal users are privileged to use Scanner Function) Fax transmission Download Print Delete (Operations above are authorised only if normal users are privileged to use Fax Function) Print Delete Print Download Delete (Operations above are authorised only if normal users are not allowed to use Document Server Function) (2) Access control rule on user jobs The TOE displays on the Operation Panel a menu to cancel a user job only if the user who logs in from the Operation Panel is a user job owner or MFP administrator...
Security Target
Page 88
... not allowed. 7.5 Network Protection Function The Network Protection Function is to provide network monitoring to prevent information leakage when LAN is discovered. If the role is that of normal user, the user can operate Fax Reception Function that of supervisor and RC Gate, using any existing residual data is used and to start operating Copy Function, Printer Function, Scanner Function, Document Server Function, and Fax Function. If the user deletes document data, the TOE Copyright (c) 2011 RICOH COMPANY, LTD. Page 87 of...
... not allowed. 7.5 Network Protection Function The Network Protection Function is to provide network monitoring to prevent information leakage when LAN is discovered. If the role is that of normal user, the user can operate Fax Reception Function that of supervisor and RC Gate, using any existing residual data is used and to start operating Copy Function, Printer Function, Scanner Function, Document Server Function, and Fax Function. If the user deletes document data, the TOE Copyright (c) 2011 RICOH COMPANY, LTD. Page 87 of...
Security Target
Page 90
... administrator Applicable normal user MFP administrator Supervisor MFP administrator Applicable MFP administrator Supervisor - Table 40 : Management of TSF Data TSF Data Login user names of normal users when Basic Authentication is applied Login user names of normal users when External Authentication is applied (*1) Login user name of supervisor Login user name of MFP administrator Document data attributes Document user list Stored document types are Document Server document, scanner document, fax document and printer document (with stored print) Document user list Stored document type...
... administrator Applicable normal user MFP administrator Supervisor MFP administrator Applicable MFP administrator Supervisor - Table 40 : Management of TSF Data TSF Data Login user names of normal users when Basic Authentication is applied Login user names of normal users when External Authentication is applied (*1) Login user name of supervisor Login user name of MFP administrator Document data attributes Document user list Stored document types are Document Server document, scanner document, fax document and printer document (with stored print) Document user list Stored document type...
Security Target
Page 93
...) Document data (stored document type is printer document) Document data (stored document type is available. Document user list Login user name of a normal user who stored the document data. Login user name of normal user Available function lists Login user name of a normal user included in the TOE by using Document Server printing or stored print from a telephone line. +DSR: Documents stored in the stored and received document user list. Copyright (c) 2011 RICOH COMPANY, LTD. Default values of a document user list assigned to folders from the MFP. +CPY: Documents copied using...
...) Document data (stored document type is printer document) Document data (stored document type is available. Document user list Login user name of a normal user who stored the document data. Login user name of normal user Available function lists Login user name of a normal user included in the TOE by using Document Server printing or stored print from a telephone line. +DSR: Documents stored in the stored and received document user list. Copyright (c) 2011 RICOH COMPANY, LTD. Default values of a document user list assigned to folders from the MFP. +CPY: Documents copied using...
Security Target
Page 94
... the integrity of received faxes so that unauthorised intrusion from telephone lines. Each MFP application (Copy Function, Printer Function, Scanner Function, Document Server Function and Fax Function) Function type Page 93 of 93 The values specified for integrity verification so that the integrity of the FCU Control Software can be verified. To check the integrity of the FCU Control Software, the information the TOE outputs will not be forwarded. Copyright (c) 2011 RICOH COMPANY, LTD. If...
... the integrity of received faxes so that unauthorised intrusion from telephone lines. Each MFP application (Copy Function, Printer Function, Scanner Function, Document Server Function and Fax Function) Function type Page 93 of 93 The values specified for integrity verification so that the integrity of the FCU Control Software can be verified. To check the integrity of the FCU Control Software, the information the TOE outputs will not be forwarded. Copyright (c) 2011 RICOH COMPANY, LTD. If...