Security Target
Page 9
Copyright (c) 2009,2010 RICOH COMPANY, LTD. Internet Explorer 6.0 or later must be pre-installed on the client computer. SMB Server SMB server is used for the TOE to deliver the document data stored in the TOE to folders in ... computers.It is connected to the Internal via the internal network or USB connection, the PCL printer driver and fax driver must be downloaded and installed into the client computer from the client computer via firewall. Client Computer A Web browser of a client computer that is used for the protocol of the...
Copyright (c) 2009,2010 RICOH COMPANY, LTD. Internet Explorer 6.0 or later must be pre-installed on the client computer. SMB Server SMB server is used for the TOE to deliver the document data stored in the TOE to folders in ... computers.It is connected to the Internal via the internal network or USB connection, the PCL printer driver and fax driver must be downloaded and installed into the client computer from the client computer via firewall. Client Computer A Web browser of a client computer that is used for the protocol of the...
Security Target
Page 10
..., which consists of the following hardware (shown in the TOE to send and receive fax data from an external fax when the optional fax is installed. All Rights Reserved. Page 10 of 80 SMTP Server SMTP server is used to a client computer by e -mail. Telephone Line A telephone line is a line used... stored in Figure 2): Operation Panel Unit, Engine Unit, Fax Unit, Controller Board, IcCtlr, HDD, Network Unit, USB Port, and SD Card Slot. Copyright (c) 2009,2010 RICOH COMPANY, LTD. Figure 2 outlines the configuration of the TOE hardware.
..., which consists of the following hardware (shown in the TOE to send and receive fax data from an external fax when the optional fax is installed. All Rights Reserved. Page 10 of 80 SMTP Server SMTP server is used to a client computer by e -mail. Telephone Line A telephone line is a line used... stored in Figure 2): Operation Panel Unit, Engine Unit, Fax Unit, Controller Board, IcCtlr, HDD, Network Unit, USB Port, and SD Card Slot. Copyright (c) 2009,2010 RICOH COMPANY, LTD. Figure 2 outlines the configuration of the TOE hardware.
Security Target
Page 11
... Control Software, or in response to direct instructions from the MFP Control Software. The interface provides the MFP Control Copyright (c) 2009,2010 RICOH COMPANY, LTD. Engine Unit The Engine Unit contains a Scanner Engine, Printer Engine, and the Engine Control Board. The Operation Panel Control... the MFP Control Software. The Fax Unit has an interface to the MFP Control Software. All Rights Reserved. The Scanner Engine is installed in the Engine Control Board. Page 11 of 80 Figure 2: Hardware configuration of TOE Operation Panel Unit (hereafter "Operation Panel") The...
... Control Software, or in response to direct instructions from the MFP Control Software. The interface provides the MFP Control Copyright (c) 2009,2010 RICOH COMPANY, LTD. Engine Unit The Engine Unit contains a Scanner Engine, Printer Engine, and the Engine Control Board. The Operation Panel Control... the MFP Control Software. The Fax Unit has an interface to the MFP Control Software. All Rights Reserved. The Scanner Engine is installed in the Engine Control Board. Page 11 of 80 Figure 2: Hardware configuration of TOE Operation Panel Unit (hereafter "Operation Panel") The...
Security Target
Page 12
.... Controller Board The Controller Board contains Processors, FlashROM, RAM, NVRAM, and Ic Key. SD CARD Slot The SD CARD Slot is a slot that is installed. [RAM] A volatile memory medium used for image processing. [NVRAM] A non-volatile memory medium in which MFP Control Data for connection to instructions from...computer. It is connected to connect a client computer tothe TOE, print or fax from the MFP Control Software. Copyright (c) 2009,2010 RICOH COMPANY, LTD. When installing the TOE, the CE inserts an SD card into the SD CARD Slot to the HDD. It is located on the HDD and ...
.... Controller Board The Controller Board contains Processors, FlashROM, RAM, NVRAM, and Ic Key. SD CARD Slot The SD CARD Slot is a slot that is installed. [RAM] A volatile memory medium used for image processing. [NVRAM] A non-volatile memory medium in which MFP Control Data for connection to instructions from...computer. It is connected to connect a client computer tothe TOE, print or fax from the MFP Control Software. Copyright (c) 2009,2010 RICOH COMPANY, LTD. When installing the TOE, the CE inserts an SD card into the SD CARD Slot to the HDD. It is located on the HDD and ...
Security Target
Page 15
... The "responsible manager" of the MFP is a person who is an authorised TOE user who are selected by a user administrator. When the TOE is being installed, the administrators who is registered in each administrator one or more of the default supervisor. 1.4.3.4 General User A "general user" is registered on the document data... the settings of administrator roles Administrator role User administration Machine administration Network administration File administration Explanation about duties involved Managing general users. Copyright (c) 2009,2010 RICOH COMPANY, LTD.
... The "responsible manager" of the MFP is a person who is an authorised TOE user who are selected by a user administrator. When the TOE is being installed, the administrators who is registered in each administrator one or more of the default supervisor. 1.4.3.4 General User A "general user" is registered on the document data... the settings of administrator roles Administrator role User administration Machine administration Network administration File administration Explanation about duties involved Managing general users. Copyright (c) 2009,2010 RICOH COMPANY, LTD.
Security Target
Page 18
... Function, Service Mode Lock Function, Telephone Line Intrusion Protection Function, and MFP Control Software Verification Function. Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved. Some information can be updated according to networks, user information, and information on restriction of...and the TOE and client computer are described later in "Security Management Function" in " 1.4.4.2 Security Functions". When document data is installed on the user's role (general user, administrator, or supervisor). Remote operation is possible if a Web browser is printed, the ...
... Function, Service Mode Lock Function, Telephone Line Intrusion Protection Function, and MFP Control Software Verification Function. Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved. Some information can be updated according to networks, user information, and information on restriction of...and the TOE and client computer are described later in "Security Management Function" in " 1.4.4.2 Security Functions". When document data is installed on the user's role (general user, administrator, or supervisor). Remote operation is possible if a Web browser is printed, the ...
Security Target
Page 22
...stored in the D-BOX. All Rights Reserved. From the network or from a device connected to a format that is protected from Copyright (c) 2009,2010 RICOH COMPANY, LTD. Sent to the e-mail address). 2. Document data stored in the TOE can be either stored in the TOE or output by it is...from unauthorised access and leakage. From a scanner Document data is created from the document files in a client computer by the printer or fax drivers installed on the client computer when it . Storing Document Data Document data stored inside the TOE is imported to the TOE. 2. It is generated from...
...stored in the D-BOX. All Rights Reserved. From the network or from a device connected to a format that is protected from Copyright (c) 2009,2010 RICOH COMPANY, LTD. Sent to the e-mail address). 2. Document data stored in the TOE can be either stored in the TOE or output by it is...from unauthorised access and leakage. From a scanner Document data is created from the document files in a client computer by the printer or fax drivers installed on the client computer when it . Storing Document Data Document data stored inside the TOE is imported to the TOE. 2. It is generated from...
Security Target
Page 25
...TOE interfaces (the Operation Panel, network interface, or USB Port) that are provided for organisations that demand integrity of the software installed in this section are attacks by the TOE via the internal network. T.ABUSE_SEC_MNG (Abuse of Security Management Function) Persons not authorised..., or SD card interface). T.SALVAGE (Salvaging memory) Attackers may gain access to use and environment of this TOE. Copyright (c) 2009,2010 RICOH COMPANY, LTD. T.FAX_LINE (Intrusion from telephone line) Attackers may remove the HDD from the TOE and disclose document data. Page 25 of ...
...TOE interfaces (the Operation Panel, network interface, or USB Port) that are provided for organisations that demand integrity of the software installed in this section are attacks by the TOE via the internal network. T.ABUSE_SEC_MNG (Abuse of Security Management Function) Persons not authorised..., or SD card interface). T.SALVAGE (Salvaging memory) Attackers may gain access to use and environment of this TOE. Copyright (c) 2009,2010 RICOH COMPANY, LTD. T.FAX_LINE (Intrusion from telephone line) Attackers may remove the HDD from the TOE and disclose document data. Page 25 of ...
Security Target
Page 26
... such as the Internet, the internal network shall be provided for verifying the integrity of MFP Control Software, which is installed in the FlashROM of the TOE. 3.3 Assumptions Defined and described below are the assumptions related to the use and environment...checking) Measures shall be protected from the external network. Additionally, administrators shall not abuse their permissions maliciously. Copyright (c) 2009,2010 RICOH COMPANY, LTD. A.SUPERVISOR (Assumption for administrators) Administrators shall have sufficient knowledge to operate the TOE securely in the roles assigned...
... such as the Internet, the internal network shall be provided for verifying the integrity of MFP Control Software, which is installed in the FlashROM of the TOE. 3.3 Assumptions Defined and described below are the assumptions related to the use and environment...checking) Measures shall be protected from the external network. Additionally, administrators shall not abuse their permissions maliciously. Copyright (c) 2009,2010 RICOH COMPANY, LTD. A.SUPERVISOR (Assumption for administrators) Administrators shall have sufficient knowledge to operate the TOE securely in the roles assigned...
Security Target
Page 30
... Security Management Functions) To counter this threat, the TOE performs identification and authenticationof users with O.I &A and O.MANAGE occurred. Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved. In addition, O.I&Aand O.MANAGE events are assigned to the authorised users' roles and the authorised users by O....this threat, the TOE allows onyl users who have successfully authenticated with the function to read and decode if the HDD is installed in the TOE) To counter this threat, the TOE converts the format of document data by O.MEM.PROTECT, making the document...
... Security Management Functions) To counter this threat, the TOE performs identification and authenticationof users with O.I &A and O.MANAGE occurred. Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved. In addition, O.I&Aand O.MANAGE events are assigned to the authorised users' roles and the authorised users by O....this threat, the TOE allows onyl users who have successfully authenticated with the function to read and decode if the HDD is installed in the TOE) To counter this threat, the TOE converts the format of document data by O.MEM.PROTECT, making the document...
Security Target
Page 31
... on communication path from a telephone line connected to Fax Unit to verify the integrity of MFP Control Softwa re, which is installed in FlashROM, with communication path) To counter this threat, the TOE prevents the intrusion from leakage, and detects tampering. Therefore,... the TOE can counter T.TRANSIT. Therefore, the TOE can enforce P.SOFTWARE. Copyright (c) 2009,2010 RICOH COMPANY, LTD. Page 31 of 80 T.TRANSIT (Data interception and tampering with the TOE users by O.GENUINE. All Rights Reserved. In addition...
... on communication path from a telephone line connected to Fax Unit to verify the integrity of MFP Control Softwa re, which is installed in FlashROM, with communication path) To counter this threat, the TOE prevents the intrusion from leakage, and detects tampering. Therefore,... the TOE can counter T.TRANSIT. Therefore, the TOE can enforce P.SOFTWARE. Copyright (c) 2009,2010 RICOH COMPANY, LTD. Page 31 of 80 T.TRANSIT (Data interception and tampering with the TOE users by O.GENUINE. All Rights Reserved. In addition...
Security Target
Page 59
... 59 of 80 O.GENUINE Protection of integrity of the MFP Control Software, which is installed in ST None None None None None FCS_CKM.4 FCS_CKM.4 None None Copyright (c) 2009,2010 RICOH COMPANY, LTD. For this , FDP_IFC.1 and FDP_IFF.1 allow fax data to pass ...O.LINE_PROTECT Protection from the telephone line is fax data. 6.3.3 Dependency Analysis Table 23 shows the correspondence of the MFP Control Software, which is installed in FlashROM, shall be prevented. To fulfil O.LINE_PROTECT, unauthorised access by CC FPT_STM.1 FAU_GEN.1 FAU_SAR.1 FAU_GEN.1 FAU_STG.1 [FCS_CKM.2 or FCS_COP...
... 59 of 80 O.GENUINE Protection of integrity of the MFP Control Software, which is installed in ST None None None None None FCS_CKM.4 FCS_CKM.4 None None Copyright (c) 2009,2010 RICOH COMPANY, LTD. For this , FDP_IFC.1 and FDP_IFF.1 allow fax data to pass ...O.LINE_PROTECT Protection from the telephone line is fax data. 6.3.3 Dependency Analysis Table 23 shows the correspondence of the MFP Control Software, which is installed in FlashROM, shall be prevented. To fulfil O.LINE_PROTECT, unauthorised access by CC FPT_STM.1 FAU_GEN.1 FAU_SAR.1 FAU_GEN.1 FAU_STG.1 [FCS_CKM.2 or FCS_COP...
Security Target
Page 74
... the integrity of the MFP Control Software that is satisfied. 7.1.7.2 Printing and Faxing from Client Computer Whenever it . By the above , FTP_TRP.1 (Trusted path) is installed in the FlashROM. Copyright (c) 2009,2010 RICOH COMPANY, LTD.
... the integrity of the MFP Control Software that is satisfied. 7.1.7.2 Printing and Faxing from Client Computer Whenever it . By the above , FTP_TRP.1 (Trusted path) is installed in the FlashROM. Copyright (c) 2009,2010 RICOH COMPANY, LTD.
Security Target
Page 76
...operation of an MFP. A generic term for a set of parameters that are used, or a person in charge of an IT department.) Software installed in th e TOE that can also send document files to a fax that faxes document data from a client computer via a network or USB...devices that contains a microprocessor for encryption processing and EEPROM where a private key for secure communication is required for using S/MIME. Copyright (c) 2009,2010 RICOH COMPANY, LTD. A server for the organisation). (Examples: MFP purchaser, MFP owner, manager of "Hard Disk Drive". An abbreviation of a department...
...operation of an MFP. A generic term for a set of parameters that are used, or a person in charge of an IT department.) Software installed in th e TOE that can also send document files to a fax that faxes document data from a client computer via a network or USB...devices that contains a microprocessor for encryption processing and EEPROM where a private key for secure communication is required for using S/MIME. Copyright (c) 2009,2010 RICOH COMPANY, LTD. A server for the organisation). (Examples: MFP purchaser, MFP owner, manager of "Hard Disk Drive". An abbreviation of a department...
Security Target
Page 78
...and an identification code for identification and authentication of general users. Indicates the administrator's login name on this TOE. Copyright (c) 2009,2010 RICOH COMPANY, LTD. The Lockout Flag for printed output, including paper size, printing magnification, and custom information (such as data items that ... users as duplex or layout settings). The document files in advance by switching the Lockout Flag for the Locked-out user to be installed in the client computer in advance: a printer driver for printing and a fax driver for stored document data can be registered, and...
...and an identification code for identification and authentication of general users. Indicates the administrator's login name on this TOE. Copyright (c) 2009,2010 RICOH COMPANY, LTD. The Lockout Flag for printed output, including paper size, printing magnification, and custom information (such as data items that ... users as duplex or layout settings). The document files in advance by switching the Lockout Flag for the Locked-out user to be installed in the client computer in advance: a printer driver for printing and a fax driver for stored document data can be registered, and...