Security Target
Page 8
..., nashuatec MP 6001 SP, nashuatec MP 7001 SP, nashuatec MP 8001 SP, nashuatec MP 9001 SP, Rex-Rotary MP 6001 SP, Rex-Rotary MP 7001 SP, Rex-Rotary MP 8001 SP, Rex-Rotary MP 9001 SP, Savin 9060sp, Savin 9070sp, Savin 9080sp, Savin 9090sp - MFPs with S/P function as an optional feature Ricoh Aficio MP 6001, Ricoh Aficio MP 7001, Ricoh Aficio MP 8001, Ricoh Aficio MP 9001, Gestetner MP 6001, Gestetner MP 7001, Gestetner MP 8001, Gestetner MP 9001, infotec MP 6001, infotec MP 7001, infotec MP 8001, infotec MP 9001...
..., nashuatec MP 6001 SP, nashuatec MP 7001 SP, nashuatec MP 8001 SP, nashuatec MP 9001 SP, Rex-Rotary MP 6001 SP, Rex-Rotary MP 7001 SP, Rex-Rotary MP 8001 SP, Rex-Rotary MP 9001 SP, Savin 9060sp, Savin 9070sp, Savin 9080sp, Savin 9090sp - MFPs with S/P function as an optional feature Ricoh Aficio MP 6001, Ricoh Aficio MP 7001, Ricoh Aficio MP 8001, Ricoh Aficio MP 9001, Gestetner MP 6001, Gestetner MP 7001, Gestetner MP 8001, Gestetner MP 9001, infotec MP 6001, infotec MP 7001, infotec MP 8001, infotec MP 9001...
Security Target
Page 11
... those documents, the TOE has the following hardware components (shown in Figure 2): Operation Panel Unit, Engine Unit, Fax Unit, Controller Board, HDD, Ic Ctlr, Network Unit, USB Port, SD Card Slot, and SD Card. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved. Network Protection Function - Document Access Control Function - Fax Line Separation...
... those documents, the TOE has the following hardware components (shown in Figure 2): Operation Panel Unit, Engine Unit, Fax Unit, Controller Board, HDD, Ic Ctlr, Network Unit, USB Port, SD Card Slot, and SD Card. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved. Network Protection Function - Document Access Control Function - Fax Line Separation...
Security Target
Page 13
...that constitute the TOE, is a non-volatile memory medium. Transfers operation instructions from other fax devices using the G3 standard for the Engine Control Software. Operation Panel Unit (hereafter "Operation Panel") The Operation Panel is on the LCD touch screen according to a telephone ...The Ic Ctlr is the identifier for communication. Copyright (c) 2011 RICOH COMPANY, LTD. Engine, which is one of the TOE and are included in the Engine Control Board. During installation, this TOE. Engine Unit The Engine Unit consists of this interface is connected to print and eject ...
...that constitute the TOE, is a non-volatile memory medium. Transfers operation instructions from other fax devices using the G3 standard for the Engine Control Software. Operation Panel Unit (hereafter "Operation Panel") The Operation Panel is on the LCD touch screen according to a telephone ...The Ic Ctlr is the identifier for communication. Copyright (c) 2011 RICOH COMPANY, LTD. Engine, which is one of the TOE and are included in the Engine Control Board. During installation, this TOE. Engine Unit The Engine Unit consists of this interface is connected to print and eject ...
Security Target
Page 14
...Aficio MP 6001/7001/8001/9001 Operating Instructions Copy and Document Server Reference - Details of the document sets are as follows. [English version-1] Table 2 : Guidance for English Version-1 TOE Components MFP Guidance Documents for Users 9060/9060sp/9070/9070sp/9080/9080sp/9090/9090sp MP 6001/MP 6001 SP/MP 7001/MP 7001 SP/MP 8001/MP 8001 SP/MP 9001/MP 9001 SP Copyright (c) 2011 RICOH...English version-3], and [English version-4]. Quick Reference Copy Guide - Only the customer engineer is allowed to open the cover and insert the SD Card into the SD Card Slot that constitute the TOE...
...Aficio MP 6001/7001/8001/9001 Operating Instructions Copy and Document Server Reference - Details of the document sets are as follows. [English version-1] Table 2 : Guidance for English Version-1 TOE Components MFP Guidance Documents for Users 9060/9060sp/9070/9070sp/9080/9080sp/9090/9090sp MP 6001/MP 6001 SP/MP 7001/MP 7001 SP/MP 8001/MP 8001 SP/MP 9001/MP 9001 SP Copyright (c) 2011 RICOH...English version-3], and [English version-4]. Quick Reference Copy Guide - Only the customer engineer is allowed to open the cover and insert the SD Card into the SD Card Slot that constitute the TOE...
Security Target
Page 20
.... Copy Function The Copy Function is described as below: Figure 3 : Logical Scope of the TOE 1.4.4.1. It can also be used . All rights reserved. Customer engineer The customer engineer is a person who is responsible for selection of the TOE administrators in the organisation where the TOE is used to store scanned image data... described as follows: - Page 19 of 87 The responsible manager of MFP is a person who belongs to the organisation which maintains TOE operation. The customer engineer is in the Copyright (c) 2011 RICOH COMPANY, LTD.
.... Copy Function The Copy Function is described as below: Figure 3 : Logical Scope of the TOE 1.4.4.1. It can also be used . All rights reserved. Customer engineer The customer engineer is a person who is responsible for selection of the TOE administrators in the organisation where the TOE is used to store scanned image data... described as follows: - Page 19 of 87 The responsible manager of MFP is a person who belongs to the organisation which maintains TOE operation. The customer engineer is in the Copyright (c) 2011 RICOH COMPANY, LTD.
Security Target
Page 22
..., normal users can print and delete fax documents. If the MFP administrator sets the Service Mode Lock Function to "ON", the customer engineer cannot use this function using the Operation Panel. - Folder Transmission Function of evaluation. - Also, they can store, print and delete Document...implemented using the Operation Panel. Also, normal users can print, delete and download those documents from the Operation Panel. Copyright (c) 2011 RICOH COMPANY, LTD. The stored documents in the TOE. Also, normal users can send scanner user documents to folders, send them by the...
..., normal users can print and delete fax documents. If the MFP administrator sets the Service Mode Lock Function to "ON", the customer engineer cannot use this function using the Operation Panel. - Folder Transmission Function of evaluation. - Also, they can store, print and delete Document...implemented using the Operation Panel. Also, normal users can print, delete and download those documents from the Operation Panel. Copyright (c) 2011 RICOH COMPANY, LTD. The stored documents in the TOE. Also, normal users can send scanner user documents to folders, send them by the...
Design Guide
Page 7
... Pict Bridge Compatible Device RC Gate Internet External Controller I/F Board File Format Converter SD Card I /F To Public Tel. Image data - data Flash ROM Operation Panel Engine Image Processing Scanning Image Processing Printing FCU FAX comm. Counters System Control SAF Line I /F Page 7 of 86 Settings - Print Controller Design Guide for Information Security...
... Pict Bridge Compatible Device RC Gate Internet External Controller I/F Board File Format Converter SD Card I /F To Public Tel. Image data - data Flash ROM Operation Panel Engine Image Processing Scanning Image Processing Printing FCU FAX comm. Counters System Control SAF Line I /F Page 7 of 86 Settings - Print Controller Design Guide for Information Security...
Design Guide
Page 9
Mgmt. Counters Controller Processing and Control Unit ・CPU ・RAM System Control USB TypeA USB TypeB Ethernet Host I/F Optional I/F: Parallel Gigabit Ethernet Wireless LAN Bluetooth IC Card Reader Pict Bridge Compatible Device RC Gate Internet SD Card I/F Page 9 of 86 Settings - Page memory - Firmware Encryption Processor HDD - data Flash ROM Operation Panel Engine Image Processing Printing TPM NVRAM - Image data - Print Controller Design Guide for Information Security 1-1-2 LP RAM -
Mgmt. Counters Controller Processing and Control Unit ・CPU ・RAM System Control USB TypeA USB TypeB Ethernet Host I/F Optional I/F: Parallel Gigabit Ethernet Wireless LAN Bluetooth IC Card Reader Pict Bridge Compatible Device RC Gate Internet SD Card I/F Page 9 of 86 Settings - Page memory - Firmware Encryption Processor HDD - data Flash ROM Operation Panel Engine Image Processing Printing TPM NVRAM - Image data - Print Controller Design Guide for Information Security 1-1-2 LP RAM -
Design Guide
Page 11
...panel LEDs, monitors panel keys and manages panel objects and display messages. Page 11 of 86 Controls host I /F ECS (Engine Control Service) MCS (Memory Control Service) IMH (Image Memory Handler) OCS (Operation Panel Control Service) NCS (Network Control Service) FCS... FCU (FAX Control Unit), which manages and controls FAX communication and telecommunications lines. Transfers data between the controller and engine. Principal Machine Functions Print Controller Design Guide for Information Security 1-2 Software Configuration SDK Copier Scanner FAX Web DocBox Printer ...
...panel LEDs, monitors panel keys and manages panel objects and display messages. Page 11 of 86 Controls host I /F ECS (Engine Control Service) MCS (Memory Control Service) IMH (Image Memory Handler) OCS (Operation Panel Control Service) NCS (Network Control Service) FCS... FCU (FAX Control Unit), which manages and controls FAX communication and telecommunications lines. Transfers data between the controller and engine. Principal Machine Functions Print Controller Design Guide for Information Security 1-2 Software Configuration SDK Copier Scanner FAX Web DocBox Printer ...
Design Guide
Page 12
...sends the data on or by e-mail Manages the Address Book data. Also receives FAX data and prints it out from the printing engine. Mediates communication between the driver UI and the host I /F. Controls the encryption and decryption functions. 1-2-2 Principal Machine Functions Copier ...data to be initiated from both the operation panel and from the printing engine. Secondary data, such as the operational link between SP settings and machine operations. Page 12 of the printer engine, scanner engine and memory resources during the authentication process, as well as well ass ...
...sends the data on or by e-mail Manages the Address Book data. Also receives FAX data and prints it out from the printing engine. Mediates communication between the driver UI and the host I /F. Controls the encryption and decryption functions. 1-2-2 Principal Machine Functions Copier ...data to be initiated from both the operation panel and from the printing engine. Secondary data, such as the operational link between SP settings and machine operations. Page 12 of the printer engine, scanner engine and memory resources during the authentication process, as well as well ass ...
Design Guide
Page 18
...use the authentication process described above (see illustrations below). Generate digital signature Private key 3. The update is performed by a field engineer in which a remote firmware update is performed, the process for which is the same as described above for remote updates as ...confirm that for the SD card-based update described above, with new files If MD1 = MD2 Digital signature Ricoh distribution server Program + digital signature Program Ricoh license server 1. Decryption Public key MD2 8. Generate MD1 using SHA-1 MD Digital signature 2. Print Controller...
...use the authentication process described above (see illustrations below). Generate digital signature Private key 3. The update is performed by a field engineer in which a remote firmware update is performed, the process for which is the same as described above for remote updates as ...confirm that for the SD card-based update described above, with new files If MD1 = MD2 Digital signature Ricoh distribution server Program + digital signature Program Ricoh license server 1. Decryption Public key MD2 8. Generate MD1 using SHA-1 MD Digital signature 2. Print Controller...
Design Guide
Page 27
...once may not be set from the MFP/LP, a third party would not be activated on the MFP/LP, a service or sales engineer must perform the setup procedure. Under these conditions, all three methods render the data equally indiscernible. Regardless of which ensure that the HDD ... verify Page 27 of 86 Department of the original data. If the SD card is performed once). National Security Agency The Ricoh randomized value method, a Ricoh-original method which overwrites data using randomly-generated values Note: The DoD and NSA methods automatically perform three passes, using a ...
...once may not be set from the MFP/LP, a third party would not be activated on the MFP/LP, a service or sales engineer must perform the setup procedure. Under these conditions, all three methods render the data equally indiscernible. Regardless of which ensure that the HDD ... verify Page 27 of 86 Department of the original data. If the SD card is performed once). National Security Agency The Ricoh randomized value method, a Ricoh-original method which overwrites data using randomly-generated values Note: The DoD and NSA methods automatically perform three passes, using a ...
Design Guide
Page 28
... to their default values, this operation makes it impossible to the HDD for purposes of MFP/LP internal processing only, of the HDD in SP mode and UP mode. IP address, control lists and other operation that was intentionally saved to the HDD, such as the value of the...actually running. Auto Erase Memory The main purpose of the HDD, i.e. In addition, it to the processing region of this feature does not clear engine-related information such as Document Server documents. Erase All Memory This function overwrites the contents of every region of the HDD and initializes the contents...
... to their default values, this operation makes it impossible to the HDD for purposes of MFP/LP internal processing only, of the HDD in SP mode and UP mode. IP address, control lists and other operation that was intentionally saved to the HDD, such as the value of the...actually running. Auto Erase Memory The main purpose of the HDD, i.e. In addition, it to the processing region of this feature does not clear engine-related information such as Document Server documents. Erase All Memory This function overwrites the contents of every region of the HDD and initializes the contents...
Design Guide
Page 29
...prevent the leakage of the contents of the data, even in the event the encrypted data were stolen. For MFP models, a field engineer must perform the installation of 86 personal information, network configuration parameters, and other confidential information) HDD: All data, including the format ...management data Flash ROM: As mentioned above . There are encrypted: NVRAM: All data, except the engine adjustment parameters and some Copier screen display parameters (i.e. This function is provided to three MFP/LP storage media: HDD, NVRAM, and flash ROM...
...prevent the leakage of the contents of the data, even in the event the encrypted data were stolen. For MFP models, a field engineer must perform the installation of 86 personal information, network configuration parameters, and other confidential information) HDD: All data, including the format ...management data Flash ROM: As mentioned above . There are encrypted: NVRAM: All data, except the engine adjustment parameters and some Copier screen display parameters (i.e. This function is provided to three MFP/LP storage media: HDD, NVRAM, and flash ROM...
Design Guide
Page 31
... must be performed by the NVRAM storage key) is kept in order to decrypt the NVRAM back-up data. This key is encrypted by a field engineer. When Encryption Key Update is executed, a new encryption key is then deleted. Finally, the old key (if the data had already been encrypted) is generated...
... must be performed by the NVRAM storage key) is kept in order to decrypt the NVRAM back-up data. This key is encrypted by a field engineer. When Encryption Key Update is executed, a new encryption key is then deleted. Finally, the old key (if the data had already been encrypted) is generated...
Design Guide
Page 43
Principal Machine Functions 2-1 Copier (MFP Models Only) 2-1-1 Overview of Copier Operations When a copy job is initiated, the scanning engine scans the original and forwards this time, the image data is also stored in progress that was initiated by a different user who had ... the HDD. filename). User Codes can successfully cancel the job are the Machine Administrator and the user who can be printed out from the printing engine. The only individuals who initiated the job. View, Edit, Delete, Full-Access). Print Controller Design Guide for storage to the HDD, requiring the ...
Principal Machine Functions 2-1 Copier (MFP Models Only) 2-1-1 Overview of Copier Operations When a copy job is initiated, the scanning engine scans the original and forwards this time, the image data is also stored in progress that was initiated by a different user who had ... the HDD. filename). User Codes can successfully cancel the job are the Machine Administrator and the user who can be printed out from the printing engine. The only individuals who initiated the job. View, Edit, Delete, Full-Access). Print Controller Design Guide for storage to the HDD, requiring the ...
Design Guide
Page 47
... pages, the data is then sent to image data page by page. Once this is done, the data is interpreted and converted to the printing engine for Information Security 2-2 Printer 2-2-1 Overview of the HDD. Before it is completed. Print Controller Design Guide for printing out. The entry is registered... 2) Printing out this , the data is sent to the HDD. Following this image data onto the paper in which it is compressed in Ricoh original compression format, and stored in the HDD page by page in the order in accordance with the specified job settings. Note: The Document Server...
... pages, the data is then sent to image data page by page. Once this is done, the data is interpreted and converted to the printing engine for Information Security 2-2 Printer 2-2-1 Overview of the HDD. Before it is completed. Print Controller Design Guide for printing out. The entry is registered... 2) Printing out this , the data is sent to the HDD. Following this image data onto the paper in which it is compressed in Ricoh original compression format, and stored in the HDD page by page in the order in accordance with the specified job settings. Note: The Document Server...
Design Guide
Page 59
...network in the Document Server for each transmission and reception job. Page 59 of 86 The incoming document is then forwarded on to the printer engine for printing out. • It is possible to store transmission files in non-volatile memory, and can be viewed by a predetermined code.... data is stored in the Document Server for transmission as an Internet FAX is converted into image data and then forwarded on to the printer engine for printing out. • For Internet FAX transmission, the scanned image data is converted into a format for sending at a later time. Conversely,...
...network in the Document Server for each transmission and reception job. Page 59 of 86 The incoming document is then forwarded on to the printer engine for printing out. • It is possible to store transmission files in non-volatile memory, and can be viewed by a predetermined code.... data is stored in the Document Server for transmission as an Internet FAX is converted into image data and then forwarded on to the printer engine for printing out. • For Internet FAX transmission, the scanned image data is converted into a format for sending at a later time. Conversely,...
Design Guide
Page 75
... (size, image density, etc.) will depend on which the document was created, or the name of the user who created the document. As the scanning engine scans the image, the Copy Data Security Unit examines the data for the event itself is stored in the access log, along with the username...
... (size, image density, etc.) will depend on which the document was created, or the name of the user who created the document. As the scanning engine scans the image, the Copy Data Security Unit examines the data for the event itself is stored in the access log, along with the username...
Design Guide
Page 79
...image file stored on the MFP/LP HDD, and then retrieving or printing out the file. MFP/LP Hardware Configuration Host I /F Scanning Engine MFP only Printing Engine FCU MFP only HDD Fig. 3: DSDK - Searching for development of SDK application Image Library VAS SAS GW-API SDK Application libwww AP... DMP GWWS FCS ECS MCS OCS NCS DCS UCS CCS NRS LCS MIRS DESS SCS MFP only Shared Service Layers SRM libc IMH NetBSD Engine I /F Page 79 of 86 Vendors are provided with an image library, which simplifies complex internal MFP/LP operational flows into concise, predefined...
...image file stored on the MFP/LP HDD, and then retrieving or printing out the file. MFP/LP Hardware Configuration Host I /F Scanning Engine MFP only Printing Engine FCU MFP only HDD Fig. 3: DSDK - Searching for development of SDK application Image Library VAS SAS GW-API SDK Application libwww AP... DMP GWWS FCS ECS MCS OCS NCS DCS UCS CCS NRS LCS MIRS DESS SCS MFP only Shared Service Layers SRM libc IMH NetBSD Engine I /F Page 79 of 86 Vendors are provided with an image library, which simplifies complex internal MFP/LP operational flows into concise, predefined...