Security Target
Page 3
...Reference...7 1.2 TOE Reference ...7 1.3 TOE Overview ...8 1.3.1 TOE Type...8 1.3.2 TOE Usage and Major Security Features of TOE 8 1.3.3 Environment for TOE Usage and Non-TOE Configuration Items 8 1.4 TOE Description 10 1.4.1 Physical Boundaries of TOE 10 1.4.2 Guidance Documents...13 1.4.3 User Roles...15 1.4.3.1 Responsible Manager of MFP 15 1.4.3.2 Administrator...15 1.4.3.3 Supervisor... Claims 24 2.3 Conformance Rationale 24 3 Security Problem Definitions 25 3.1 Threats ...25 3.2 Organisational Security Policies 25 Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
...Reference...7 1.2 TOE Reference ...7 1.3 TOE Overview ...8 1.3.1 TOE Type...8 1.3.2 TOE Usage and Major Security Features of TOE 8 1.3.3 Environment for TOE Usage and Non-TOE Configuration Items 8 1.4 TOE Description 10 1.4.1 Physical Boundaries of TOE 10 1.4.2 Guidance Documents...13 1.4.3 User Roles...15 1.4.3.1 Responsible Manager of MFP 15 1.4.3.2 Administrator...15 1.4.3.3 Supervisor... Claims 24 2.3 Conformance Rationale 24 3 Security Problem Definitions 25 3.1 Threats ...25 3.2 Organisational Security Policies 25 Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
Security Target
Page 6
List of Figures Page 6 of 80 Figure 1: Example TOE environment...9 Figure 2: Hardware configuration of TOE...11 Figure 3: Logical boundaries of TOE...16 List of Tables Table 1: List of administrator roles...15 Table 2: Correspondence between operations authorised by permissions ... Table 33: List of encryption operations on data stored on the HDD 73 Table 34: Specific terms used in this ST...76 Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
List of Figures Page 6 of 80 Figure 1: Example TOE environment...9 Figure 2: Hardware configuration of TOE...11 Figure 3: Logical boundaries of TOE...16 List of Tables Table 1: List of administrator roles...15 Table 2: Correspondence between operations authorised by permissions ... Table 33: List of encryption operations on data stored on the HDD 73 Table 34: Specific terms used in this ST...76 Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
Security Target
Page 8
... For the Security Functions listed above, each function is described in "1.4.4.2 Security Functions". 1.3.3 Environment for TOE Usage and Non-TOE Configuration Items The TOE is an IT device that provides the functions of TOE The TOE has functions for inputting paper and electronic documents into... the TOE, storing the input document data, and outputting it. Copyright (c) 2009,2010 RICOH COMPANY, LTD. The TOE incorporates some of the assumed TOE environment. The following are the major Security Functions of the TOE in a ...
... For the Security Functions listed above, each function is described in "1.4.4.2 Security Functions". 1.3.3 Environment for TOE Usage and Non-TOE Configuration Items The TOE is an IT device that provides the functions of TOE The TOE has functions for inputting paper and electronic documents into... the TOE, storing the input document data, and outputting it. Copyright (c) 2009,2010 RICOH COMPANY, LTD. The TOE incorporates some of the assumed TOE environment. The following are the major Security Functions of the TOE in a ...
Security Target
Page 9
FTP Server FTP server is used for the protocol of the internal network. Copyright (c) 2009,2010 RICOH COMPANY, LTD. SMB Server SMB server is used for the TOE to deliver the document data stored in the TOE to folders in SMB server. .... To print and fax from the client computer via firewall. All Rights Reserved. Page 9 of 80 Figure 1: Example TOE environment The following describes non-TOE configuration: Internal Network The internal network connects the TOE with various types of servers (FTP, SMB, and SMTP servers) and client computers.It is connected to...
FTP Server FTP server is used for the protocol of the internal network. Copyright (c) 2009,2010 RICOH COMPANY, LTD. SMB Server SMB server is used for the TOE to deliver the document data stored in the TOE to folders in SMB server. .... To print and fax from the client computer via firewall. All Rights Reserved. Page 9 of 80 Figure 1: Example TOE environment The following describes non-TOE configuration: Internal Network The internal network connects the TOE with various types of servers (FTP, SMB, and SMTP servers) and client computers.It is connected to...
Security Target
Page 10
Copyright (c) 2009,2010 RICOH COMPANY, LTD. Page 10 of 80 SMTP Server SMTP server is installed. All Rights Reserved. Telephone Line A telephone line is a line used to send and ... TOE, and protected assets. 1.4.1 Physical Boundaries of TOE The physical boundary of theTOE is the MFP, which consists of the TOE hardware. Figure 2 outlines the configuration of the following hardware (shown in the TOE to a client computer by e -mail. Firewall A firewall is a device that is set between the internal and the...
Copyright (c) 2009,2010 RICOH COMPANY, LTD. Page 10 of 80 SMTP Server SMTP server is installed. All Rights Reserved. Telephone Line A telephone line is a line used to send and ... TOE, and protected assets. 1.4.1 Physical Boundaries of TOE The physical boundary of theTOE is the MFP, which consists of the TOE hardware. Figure 2 outlines the configuration of the following hardware (shown in the TOE to a client computer by e -mail. Firewall A firewall is a device that is set between the internal and the...
Security Target
Page 11
... and operates the Scanner Engine or Printer Engine according to instructions from the MFP Control Software. Page 11 of 80 Figure 2: Hardware configuration of TOE Operation Panel Unit (hereafter "Operation Panel") The Operation Panel is an interface device that has a modem function to send ... and displays information on the TOE for printing and outputting of paper documents. The interface provides the MFP Control Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved. The Printer Engine is installed in the Operation Panel Control Board. Engine Unit The Engine Unit contains...
... and operates the Scanner Engine or Printer Engine according to instructions from the MFP Control Software. Page 11 of 80 Figure 2: Hardware configuration of TOE Operation Panel Unit (hereafter "Operation Panel") The Operation Panel is an interface device that has a modem function to send ... and displays information on the TOE for printing and outputting of paper documents. The interface provides the MFP Control Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved. The Printer Engine is installed in the Operation Panel Control Board. Engine Unit The Engine Unit contains...
Security Target
Page 12
...Control Software is installed. [RAM] A volatile memory medium used for image processing. [NVRAM] A non-volatile memory medium in which MFP Control Data for configuring the MFP operation is normally covered. When installing the TOE, the CE inserts an SD card into the SD CARD Slot to the Operation Panel...side of the TOE, and is stored. [Ic Key] A security chip that encrypts information to be read from the HDD. Copyright (c) 2009,2010 RICOH COMPANY, LTD. The IcCtlr is located on the HDD and decrypts information to connect a client computer tothe TOE, print or fax from the MFP ...
...Control Software is installed. [RAM] A volatile memory medium used for image processing. [NVRAM] A non-volatile memory medium in which MFP Control Data for configuring the MFP operation is normally covered. When installing the TOE, the CE inserts an SD card into the SD CARD Slot to the Operation Panel...side of the TOE, and is stored. [Ic Key] A security chip that encrypts information to be read from the HDD. Copyright (c) 2009,2010 RICOH COMPANY, LTD. The IcCtlr is located on the HDD and decrypts information to connect a client computer tothe TOE, print or fax from the MFP ...
Security Target
Page 18
... This section describes these functions. Sending document data stored in the D-BOX. 4. Document data stored using the Scanner Function can be downloaded. 5. Copyright (c) 2009,2010 RICOH COMPANY, LTD. Remote operation is possible if a Web browser is available from the Operation Panel or by accessing the web server of document data. Page... Function can be updated according to the user's settings. 2. Subset of the machine, information for connecting the TOE to manage this document is for configuring operation of Management Functions. 6. All Rights Reserved.
... This section describes these functions. Sending document data stored in the D-BOX. 4. Document data stored using the Scanner Function can be downloaded. 5. Copyright (c) 2009,2010 RICOH COMPANY, LTD. Remote operation is possible if a Web browser is available from the Operation Panel or by accessing the web server of document data. Page... Function can be updated according to the user's settings. 2. Subset of the machine, information for connecting the TOE to manage this document is for configuring operation of Management Functions. 6. All Rights Reserved.
Security Target
Page 21
... ID and password. 5. Management of supervisor information Superv isor can change administrator IDs and passwords. Copyright (c) 2009,2010 RICOH COMPANY, LTD. Administrators and supervisor can change their own general user information that correspond to their administrator information will be ...administrator, user administrator, or andfile administrator). All Rights Reserved. Management of machine control data Each administrator is allowed to configure the items of machine control data that is permitted to add ana dministrator role to perform maintenance on the TOE ...
... ID and password. 5. Management of supervisor information Superv isor can change administrator IDs and passwords. Copyright (c) 2009,2010 RICOH COMPANY, LTD. Administrators and supervisor can change their own general user information that correspond to their administrator information will be ...administrator, user administrator, or andfile administrator). All Rights Reserved. Management of machine control data Each administrator is allowed to configure the items of machine control data that is permitted to add ana dministrator role to perform maintenance on the TOE ...
Security Target
Page 42
FIA_AFL.1.1 TSF shall detect when [selection: an administrator (refinement: the machine administrator) configurable positive integer within [assignment: 1 to 5]] unsuccessful authentication attempts occur related to [assignment: the consecutive numbers of times of authentication failure...release actions Lockout release actions Auto Lockout Release Manual Lockout Release Details If the user fails to : No other components. Copyright (c) 2009,2010 RICOH COMPANY, LTD. There is also a special Lockout release: If an administrator (any user role of attempts specified for each user in the ...
FIA_AFL.1.1 TSF shall detect when [selection: an administrator (refinement: the machine administrator) configurable positive integer within [assignment: 1 to 5]] unsuccessful authentication attempts occur related to [assignment: the consecutive numbers of times of authentication failure...release actions Lockout release actions Auto Lockout Release Manual Lockout Release Details If the user fails to : No other components. Copyright (c) 2009,2010 RICOH COMPANY, LTD. There is also a special Lockout release: If an administrator (any user role of attempts specified for each user in the ...
Security Target
Page 50
... FPT_STM.1 FPT_TST.1 FTP_ITC.1 FTP_TRP.1 a) Managing the group of their own general user information. b) Management of time interval. a) Configuring the actions that require trusted paths are fixed. Data of administrator roles by administrators. None: Actions that require trusted path, if...specify initial values; FMT_SMR.1.1 The TSF shall maintain the roles [assignment: general users, administrators (machine Copyright (c) 2009,2010 RICOH COMPANY, LTD. a) Managing the group of machine control data): The machine administrator manages the following setting items for a given...
... FPT_STM.1 FPT_TST.1 FTP_ITC.1 FTP_TRP.1 a) Managing the group of their own general user information. b) Management of time interval. a) Configuring the actions that require trusted paths are fixed. Data of administrator roles by administrators. None: Actions that require trusted path, if...specify initial values; FMT_SMR.1.1 The TSF shall maintain the roles [assignment: general users, administrators (machine Copyright (c) 2009,2010 RICOH COMPANY, LTD. a) Managing the group of machine control data): The machine administrator manages the following setting items for a given...