Security Target
Page 3
...28 2.4.2 Consistency Claim with Security Problems and Security Objectives in PP .........28 2.4.3 Consistency Claim with Security Requirements in PP 28 3 Security Problem Definitions 31 Copyright (c) 2011 RICOH COMPANY, LTD. User Data...23 1.4.5.2. Indirect User...18 1.4.4 Logical Boundary of Users 17 1.4.3.1. Direct User...18 1.4.3.2. Security Functions 22 1.4.5... ...8 1.3.1 TOE Type ...8 1.3.2 TOE Usage ...8 1.3.3 Major Security Features of TOE 10 1.4 TOE Description...10 1.4.1 Physical Boundary of TOE 10 1.4.2 Guidance Documents 13 1.4.3 Definition of TOE 19 1.4.4.1.
...28 2.4.2 Consistency Claim with Security Problems and Security Objectives in PP .........28 2.4.3 Consistency Claim with Security Requirements in PP 28 3 Security Problem Definitions 31 Copyright (c) 2011 RICOH COMPANY, LTD. User Data...23 1.4.5.2. Indirect User...18 1.4.4 Logical Boundary of Users 17 1.4.3.1. Direct User...18 1.4.3.2. Security Functions 22 1.4.5... ...8 1.3.1 TOE Type ...8 1.3.2 TOE Usage ...8 1.3.3 Major Security Features of TOE 10 1.4 TOE Description...10 1.4.1 Physical Boundary of TOE 10 1.4.2 Guidance Documents 13 1.4.3 Definition of TOE 19 1.4.4.1.
Security Target
Page 4
......35 4.2.2 Non-IT Environment 36 4.3 Security Objectives Rationale 37 4.3.1 Correspondence Table of Security Objectives 37 4.3.2 Security Objectives Descriptions 38 5 Extended Components Definition 42 5.1 Restricted forwarding of data to external interfaces (FPT_FDI_EXP 42 6 Security Requirements...44 6.1 Security Functional Requirements 44 6.1.1 Class FAU: Security audit 44... Justification of Traceability 64 6.3.3 Dependency Analysis 70 6.3.4 Security Assurance Requirements Rationale 72 7 TOE Summary Specification 73 Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
......35 4.2.2 Non-IT Environment 36 4.3 Security Objectives Rationale 37 4.3.1 Correspondence Table of Security Objectives 37 4.3.2 Security Objectives Descriptions 38 5 Extended Components Definition 42 5.1 Restricted forwarding of data to external interfaces (FPT_FDI_EXP 42 6 Security Requirements...44 6.1 Security Functional Requirements 44 6.1.1 Class FAU: Security audit 44... Justification of Traceability 64 6.3.3 Dependency Analysis 70 6.3.4 Security Assurance Requirements Rationale 72 7 TOE Summary Specification 73 Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
Security Target
Page 5
... for English Version-2 ...14 Table 4 : Guidance for English Version-3 ...15 Table 5 : Guidance for English Version-4 ...16 Table 6 : Definition of Users ...18 Table 7 : List of Administrative Roles ...18 Table 8: Definition of User Data ...23 Table 9: Definition of TSF Data...24 Table 10: Specific Terms Related to This ST 24 Table 11: Rationale for Security... Functional Requirements 63 Table 35: Result of Dependency Analysis of TOE Security Functional Requirements 70 Table 36: Auditable Events and Audit Data 73 Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
... for English Version-2 ...14 Table 4 : Guidance for English Version-3 ...15 Table 5 : Guidance for English Version-4 ...16 Table 6 : Definition of Users ...18 Table 7 : List of Administrative Roles ...18 Table 8: Definition of User Data ...23 Table 9: Definition of TSF Data...24 Table 10: Specific Terms Related to This ST 24 Table 11: Rationale for Security... Functional Requirements 63 Table 35: Result of Dependency Analysis of TOE Security Functional Requirements 70 Table 36: Auditable Events and Audit Data 73 Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
Security Target
Page 11
...Management Function - Network Protection Function - Fax Line Separation Function 1.4 TOE Description This section describes Physical Boundary of TOE, Guidance Documents, Definition of Users, Logical Boundary of TOE, and Protected Assets. 1.4.1 Physical Boundary of TOE The physical boundary of the TOE is the... the stored documents in the TOE. 1.3.3 Major Security Features of -Feature Restriction Function - Software Verification Function - Copyright (c) 2011 RICOH COMPANY, LTD. Store and fax of documents using the fax driver. [Telephone line] Indicates the public line for the TOE's ...
...Management Function - Network Protection Function - Fax Line Separation Function 1.4 TOE Description This section describes Physical Boundary of TOE, Guidance Documents, Definition of Users, Logical Boundary of TOE, and Protected Assets. 1.4.1 Physical Boundary of TOE The physical boundary of the TOE is the... the stored documents in the TOE. 1.3.3 Major Security Features of -Feature Restriction Function - Software Verification Function - Copyright (c) 2011 RICOH COMPANY, LTD. Store and fax of documents using the fax driver. [Telephone line] Indicates the public line for the TOE's ...
Security Target
Page 18
... H/I - 1.4.3 Definition of 87 MP 6001/MP 7001/MP 8001/MP 9001 Aficio MP 6001/7001/8001/9001 Operating Instructions Troubleshooting - Manuals for Users MP 6001/MP 7001/MP 8001/MP 9001 Aficio MP 6001/MP 7001/MP 8001/MP 9001 - Quick Reference Copy Guide - The direct users and indirect users are described as follows: Copyright (c) 2011 RICOH COMPANY, LTD. Quick Reference Printer Guide - Notes for Administrators MP 6001/MP 7001/MP 8001/MP 9001 Aficio MP 6001/MP 7001/MP 8001/MP...
... H/I - 1.4.3 Definition of 87 MP 6001/MP 7001/MP 8001/MP 9001 Aficio MP 6001/7001/8001/9001 Operating Instructions Troubleshooting - Manuals for Users MP 6001/MP 7001/MP 8001/MP 9001 Aficio MP 6001/MP 7001/MP 8001/MP 9001 - Quick Reference Copy Guide - The direct users and indirect users are described as follows: Copyright (c) 2011 RICOH COMPANY, LTD. Quick Reference Printer Guide - Notes for Administrators MP 6001/MP 7001/MP 8001/MP 9001 Aficio MP 6001/MP 7001/MP 8001/MP...
Security Target
Page 19
.... An administrator performs management operations, which include issuing login names to manage user documents. Table 6 : Definition of Users Definition of the MFP administrator. Therefore, the different roles of normal users and administrators. Authorised to normal users....user registered for TOE management. This privilege allows configuration of MFP Copyright (c) 2011 RICOH COMPANY, LTD. Indirect User Responsible manager of normal user settings. Definition of Administrator Supervisor MFP administrator Table 7 : List of Administrative Roles Management Privileges...
.... An administrator performs management operations, which include issuing login names to manage user documents. Table 6 : Definition of Users Definition of the MFP administrator. Therefore, the different roles of normal users and administrators. Authorised to normal users....user registered for TOE management. This privilege allows configuration of MFP Copyright (c) 2011 RICOH COMPANY, LTD. Indirect User Responsible manager of normal user settings. Definition of Administrator Supervisor MFP administrator Table 7 : List of Administrative Roles Management Privileges...
Security Target
Page 24
... the following protected assets: user data, TSF data and functions. 1.4.5.1. All rights reserved. Type Document data Function data Table 8: Definition of deleted user documents, temporary documents and their fragments, which are related to as the "fax line") can be prevented. -... Jobs specified by authorised users. - Copyright (c) 2011 RICOH COMPANY, LTD. Security Management Function The Security Management Function indicates overall functions that unauthorised intrusion from the telephone lines (same as a ...
... the following protected assets: user data, TSF data and functions. 1.4.5.1. All rights reserved. Type Document data Function data Table 8: Definition of deleted user documents, temporary documents and their fragments, which are related to as the "fax line") can be prevented. -... Jobs specified by authorised users. - Copyright (c) 2011 RICOH COMPANY, LTD. Security Management Function The Security Management Function indicates overall functions that unauthorised intrusion from the telephone lines (same as a ...
Security Target
Page 25
... DocBox, animation, Option PCL, OptionPCLFont, LANG0, LANG1 and Data Erase Opt. Type Protected data Confidential data Table 9: Definition of specific terms. Table 10: Specific Terms Related to as protected assets, whose use is stored in the TOE. ... data of this data is referred to This ST Terms MFP Control Software Login user name Login password Lockout Definitions A software component installed in FlashROM and SD Card. This component is subject to deny login of 87 1.4.5.2.... data types. A password associated with each user. Copyright (c) 2011 RICOH COMPANY, LTD.
... DocBox, animation, Option PCL, OptionPCLFont, LANG0, LANG1 and Data Erase Opt. Type Protected data Confidential data Table 9: Definition of specific terms. Table 10: Specific Terms Related to as protected assets, whose use is stored in the TOE. ... data of this data is referred to This ST Terms MFP Control Software Login user name Login password Lockout Definitions A software component installed in FlashROM and SD Card. This component is subject to deny login of 87 1.4.5.2.... data types. A password associated with each user. Copyright (c) 2011 RICOH COMPANY, LTD.
Security Target
Page 26
.... Page 25 of 87 Terms Auto logout Minimum Length Password Setting Password Complexity HDD User job Documents Document user list Document type Definitions A function for automatic user logout if no access is attempted from beginning to end. The minimum number of the normal users ... browser, deleted documents, temporary documents and their fragments. Level 2 requires a password to user documents depends on the TOE. Copyright (c) 2011 RICOH COMPANY, LTD. Auto logout time for the Operation Panel: Auto logout time specified by the MFP administrator (180 seconds) Auto logout time for...
.... Page 25 of 87 Terms Auto logout Minimum Length Password Setting Password Complexity HDD User job Documents Document user list Document type Definitions A function for automatic user logout if no access is attempted from beginning to end. The minimum number of the normal users ... browser, deleted documents, temporary documents and their fragments. Level 2 requires a password to user documents depends on the TOE. Copyright (c) 2011 RICOH COMPANY, LTD. Auto logout time for the Operation Panel: Auto logout time specified by the MFP administrator (180 seconds) Auto logout time for...
Security Target
Page 27
... FTP Server by the MFP administrator. The following documents can also be delivered using S/MIME. Destination information for e-mail transmission using this function. Copyright (c) 2011 RICOH COMPANY, LTD. Page 26 of 87 Terms MFP application Application type Available function list Operation Panel Users for stored and received documents Folder transmission Destination...
... FTP Server by the MFP administrator. The following documents can also be delivered using S/MIME. Destination information for e-mail transmission using this function. Copyright (c) 2011 RICOH COMPANY, LTD. Page 26 of 87 Terms MFP application Application type Available function list Operation Panel Users for stored and received documents Folder transmission Destination...
Security Target
Page 29
...2600.1-PRT, 2600.1-SCN, 2600.1-CPY, 2600.1-FAX, 2600.1-DSR, and 2600.1-SMI, and conform to PP APPLICATION NOTE36. Copyright (c) 2011 RICOH COMPANY, LTD. The MFP is according to the intended user. This is the type of this ST are added according to PP APPLICATION NOTE7... of the document is the Hardcopy devices (hereafter, HCDs). The MFP has the devices the HCDs have the interface to the security problem definitions in chapter 4 are added according to the PP. Also, the description is neither increased nor decreased. 2.4.3 Consistency Claim with Security Requirements ...
...2600.1-PRT, 2600.1-SCN, 2600.1-CPY, 2600.1-FAX, 2600.1-DSR, and 2600.1-SMI, and conform to PP APPLICATION NOTE36. Copyright (c) 2011 RICOH COMPANY, LTD. The MFP is according to the intended user. This is the type of this ST are added according to PP APPLICATION NOTE7... of the document is the Hardcopy devices (hereafter, HCDs). The MFP has the devices the HCDs have the interface to the security problem definitions in chapter 4 are added according to the PP. Also, the description is neither increased nor decreased. 2.4.3 Consistency Claim with Security Requirements ...
Security Target
Page 32
... without a login user name, or by persons with a login user name but without an access permission to the document. Copyright (c) 2011 RICOH COMPANY, LTD. Page 31 of 87 3 Security Problem Definitions This section describes Threats, Organisational Security Policies and Assumptions. 3.1 Threats Defined and described below are unauthorised persons with a login user name...
... without a login user name, or by persons with a login user name but without an access permission to the document. Copyright (c) 2011 RICOH COMPANY, LTD. Page 31 of 87 3 Security Problem Definitions This section describes Threats, Organisational Security Policies and Assumptions. 3.1 Threats Defined and described below are unauthorised persons with a login user name...
Security Target
Page 43
.... Many products receive information on another external interface. Rationale: Copyright (c) 2011 RICOH COMPANY, LTD. Page 42 of 87 5 Extended Components Definition This section describes Extended Components Definition. 5.1 Restricted forwarding of data to external interfaces (FPT_FDI_EXP) Family behaviour This ... to another external interface. However, some products may provide the capability for the management functions in FMT: a) Definition of data received over defined external interfaces before it is forbidden unless explicitly allowed by an authorized administrative role. ...
.... Many products receive information on another external interface. Rationale: Copyright (c) 2011 RICOH COMPANY, LTD. Page 42 of 87 5 Extended Components Definition This section describes Extended Components Definition. 5.1 Restricted forwarding of data to external interfaces (FPT_FDI_EXP) Family behaviour This ... to another external interface. However, some products may provide the capability for the management functions in FMT: a) Definition of data received over defined external interfaces before it is forbidden unless explicitly allowed by an authorized administrative role. ...
Security Target
Page 45
... of Copyright (c) 2011 RICOH COMPANY, LTD. The security functional requirements are quoted from the requirement defined in the PP/ST, [assignment: types of Auditable Events Functional Requirements FDP_ACF.1(a) Actions Which Should Be Auditable Auditable Events a) Minimal: Successful requests to Original: perform an operation on the auditable event definitions of the functional components...
... of Copyright (c) 2011 RICOH COMPANY, LTD. The security functional requirements are quoted from the requirement defined in the PP/ST, [assignment: types of Auditable Events Functional Requirements FDP_ACF.1(a) Actions Which Should Be Auditable Auditable Events a) Minimal: Successful requests to Original: perform an operation on the auditable event definitions of the functional components...
Security Target
Page 54
...: Upper-case letters: [A-Z] (26 letters) Lower-case letters: [a-z] (26 letters) Numbers: [0-9] (10 digits) Symbols: SP (spaces 33 symbols) Copyright (c) 2011 RICOH COMPANY, LTD. Available function list - FIA_SOS.1.1 The TSF shall provide a mechanism to individual users: [assignment: the security attributes... listed in Table 25 for each user in Table 24]. FIA_ATD.1 User attribute definition Hierarchical to : No...
...: Upper-case letters: [A-Z] (26 letters) Lower-case letters: [a-z] (26 letters) Numbers: [0-9] (10 digits) Symbols: SP (spaces 33 symbols) Copyright (c) 2011 RICOH COMPANY, LTD. Available function list - FIA_SOS.1.1 The TSF shall provide a mechanism to individual users: [assignment: the security attributes... listed in Table 25 for each user in Table 24]. FIA_ATD.1 User attribute definition Hierarchical to : No...
Security Target
Page 55
... by MFP administrator (8-32 characters) and no more than 128 characters. FIA_UAU.7 Protected authentication feedback Hierarchical to : No other components. Dependencies: FIA_ATD.1 User attribute definition Copyright (c) 2011 RICOH COMPANY, LTD. FIA_USB.1 User-subject binding Hierarchical to : No other TSF-mediated actions on behalf of authentication Hierarchical to be successfully authenticated before the...
... by MFP administrator (8-32 characters) and no more than 128 characters. FIA_UAU.7 Protected authentication feedback Hierarchical to : No other components. Dependencies: FIA_ATD.1 User attribute definition Copyright (c) 2011 RICOH COMPANY, LTD. FIA_USB.1 User-subject binding Hierarchical to : No other TSF-mediated actions on behalf of authentication Hierarchical to be successfully authenticated before the...
Security Target
Page 63
....2 was added to the set of security measures Developer defined life-cycle model Flaw reporting procedures Conformance claims Extended components definition ST introduction Security objectives Derived security requirements Security problem definition Copyright (c) 2011 RICOH COMPANY, LTD. 6.1.8 Class FTP: Trusted path/channels Page 62 of 87 FTP_ITC.1 Inter-TSF trusted channel Hierarchical to: No...
....2 was added to the set of security measures Developer defined life-cycle model Flaw reporting procedures Conformance claims Extended components definition ST introduction Security objectives Derived security requirements Security problem definition Copyright (c) 2011 RICOH COMPANY, LTD. 6.1.8 Class FTP: Trusted path/channels Page 62 of 87 FTP_ITC.1 Inter-TSF trusted channel Hierarchical to: No...
Security Target
Page 78
... and authentication attempts made under each user role. It checks if the registering or changing password meets the conditions (2) and (3). Copyright (c) 2011 RICOH COMPANY, LTD. FIA_ATD.1 (User attribute definition) The TOE associates the normal user with a login user name of normal user and available function list, supervisor with a login user name of...
... and authentication attempts made under each user role. It checks if the registering or changing password meets the conditions (2) and (3). Copyright (c) 2011 RICOH COMPANY, LTD. FIA_ATD.1 (User attribute definition) The TOE associates the normal user with a login user name of normal user and available function list, supervisor with a login user name of...