Security Target
Page 14
... sends status information about the Controller Board and Fax Unit and fax data. It also sends and receives fax data to a telephone line. Copyright (c) 2011 RICOH COMPANY, LTD. FlashROM A non-volatile memory medium in the Engine Control Board. It has the memory medium inside, and the signature root key is installed... from the MFP Control Software. Controls the LEDs and displays information on the Operation Panel Control Board. It stores documents, login user names and login passwords of the Fax Unit.
... sends status information about the Controller Board and Fax Unit and fax data. It also sends and receives fax data to a telephone line. Copyright (c) 2011 RICOH COMPANY, LTD. FlashROM A non-volatile memory medium in the Engine Control Board. It has the memory medium inside, and the signature root key is installed... from the MFP Control Software. Controls the LEDs and displays information on the Operation Panel Control Board. It stores documents, login user names and login passwords of the Fax Unit.
Security Target
Page 20
...Administrator Supervisor MFP administrator Table 7 : List of the MFP administrator. Authorised to delete and register the login password of Administrative Roles Management Privileges Supervisor User management privilege Machine management privilege Network management privilege File management privilege Explanation ... privileges (Table 7). Authorised to networks. This privilege allows access management of the audit log. Copyright (c) 2011 RICOH COMPANY, LTD. This privilege allows configuration of device settings and view of stored documents. According to use Copy Function...
...Administrator Supervisor MFP administrator Table 7 : List of the MFP administrator. Authorised to delete and register the login password of Administrative Roles Management Privileges Supervisor User management privilege Machine management privilege Network management privilege File management privilege Explanation ... privileges (Table 7). Authorised to networks. This privilege allows access management of the audit log. Copyright (c) 2011 RICOH COMPANY, LTD. This privilege allows configuration of device settings and view of stored documents. According to use Copy Function...
Security Target
Page 23
...and e-mail addresses that the MFP administrator pre-registers in the TOE and with which secure communication can be ensured. A dedicated password, which is used for documents is complete. If stored print is specified, the TOE does not delete printer documents even when ... sent to the guidance document, users first install the specified printer driver on the HDD as Document Server documents. Copyright (c) 2011 RICOH COMPANY, LTD. Receiving documents from the printer driver installed on the client computer. For Document Server storage, the received documents will ...
...and e-mail addresses that the MFP administrator pre-registers in the TOE and with which secure communication can be ensured. A dedicated password, which is used for documents is complete. If stored print is specified, the TOE does not delete printer documents even when ... sent to the guidance document, users first install the specified printer driver on the HDD as Document Server documents. Copyright (c) 2011 RICOH COMPANY, LTD. Receiving documents from the printer driver installed on the client computer. For Document Server storage, the received documents will ...
Security Target
Page 26
...Function and Fax Function by the authorised TOE users who are Basic Authentication and external server authentication. If the e-mail Copyright (c) 2011 RICOH COMPANY, LTD. To use the TOE from the Operation Panel or a Web browser, a user will be verified by Identification and Authentication... If the folder transmission function of Scanner Function is used, the protection function can be enabled using a Web browser to register passwords that fulfil the requirements of the Minimum Character No. (i.e. Methods to specify encrypted communication. If the Printer Function is used to ...
...Function and Fax Function by the authorised TOE users who are Basic Authentication and external server authentication. If the e-mail Copyright (c) 2011 RICOH COMPANY, LTD. To use the TOE from the Operation Panel or a Web browser, a user will be verified by Identification and Authentication... If the folder transmission function of Scanner Function is used, the protection function can be enabled using a Web browser to register passwords that fulfil the requirements of the Minimum Character No. (i.e. Methods to specify encrypted communication. If the Printer Function is used to ...
Security Target
Page 28
... key. 1.4.5.3. No security threat will occur even this ST, Table 10 provides the definitions of 93 data 1.4.5.2. Copyright (c) 2011 RICOH COMPANY, LTD. TSF Data The TSF data is referred to as "TSF protected data". In this ST, "confidential data", listed... restrictions. 1.5 Glossary 1.5.1 Glossary for Lockout Release Timer, lockout time, date settings (year/month/day), time settings, Minimum Character No., Password Complexity Setting, S/MIME user information, destination folder, stored and received document user, document user list, available function list, and user authentication...
... key. 1.4.5.3. No security threat will occur even this ST, Table 10 provides the definitions of 93 data 1.4.5.2. Copyright (c) 2011 RICOH COMPANY, LTD. TSF Data The TSF data is referred to as "TSF protected data". In this ST, "confidential data", listed... restrictions. 1.5 Glossary 1.5.1 Glossary for Lockout Release Timer, lockout time, date settings (year/month/day), time settings, Minimum Character No., Password Complexity Setting, S/MIME user information, destination folder, stored and received document user, document user list, available function list, and user authentication...
Security Target
Page 29
...auto logout time elapses. The TOE authenticates TOE users by using the login user names and the login passwords registered on the TOE. There are four types of TOE users who are authorised to the MFP via... LAN. Attributes of document data, such as registrable passwords. One of the procedures for automatic user logout if no access is cancelled, the job will be a ... types of characters and symbols specified above . All rights reserved. Copyright (c) 2011 RICOH COMPANY, LTD. Page 28 of registrable password digits.
...auto logout time elapses. The TOE authenticates TOE users by using the login user names and the login passwords registered on the TOE. There are four types of TOE users who are authorised to the MFP via... LAN. Attributes of document data, such as registrable passwords. One of the procedures for automatic user logout if no access is cancelled, the job will be a ... types of characters and symbols specified above . All rights reserved. Copyright (c) 2011 RICOH COMPANY, LTD. Page 28 of registrable password digits.
Security Target
Page 60
...user - Copyright (c) 2011 RICOH COMPANY, LTD. User role FIA_SOS.1 Verification of fax reception, and repair request notification] on the password complexity setting specified by MFP administrator (8-32 characters) and no more than 32 characters. (3) Rule: Passwords that secrets (refinement: ...26 letters) Lower-case letters: [a-z] (26 letters) Numbers: [0-9] (ten digits) Symbols: SP (spaces 33 symbols) (2) Registrable password length: For normal users: No fewer than the minimum character number specified by the MFP administrator can be performed before the user is...
...user - Copyright (c) 2011 RICOH COMPANY, LTD. User role FIA_SOS.1 Verification of fax reception, and repair request notification] on the password complexity setting specified by MFP administrator (8-32 characters) and no more than 32 characters. (3) Rule: Passwords that secrets (refinement: ...26 letters) Lower-case letters: [a-z] (26 letters) Numbers: [0-9] (ten digits) Symbols: SP (spaces 33 symbols) (2) Registrable password length: For normal users: No fewer than the minimum character number specified by the MFP administrator can be performed before the user is...
Security Target
Page 66
... Authentication Date setting (year, month, day), time setting (hour, minute) Minimum character number for Basic Authentication Password complexity setting for Basic Authentication Audit logs HDD cryptographic key S/MIME user information Destination information for folder transmission Operations ...who owns the login password MFP administrator MFP administrator MFP administrator MFP administrator Supervisor, normal user MFP administrator MFP administrator MFP administrator MFP administrator MFP administrator Normal user MFP administrator Normal user Copyright (c) 2011 RICOH COMPANY, LTD. Page ...
... Authentication Date setting (year, month, day), time setting (hour, minute) Minimum character number for Basic Authentication Password complexity setting for Basic Authentication Audit logs HDD cryptographic key S/MIME user information Destination information for folder transmission Operations ...who owns the login password MFP administrator MFP administrator MFP administrator MFP administrator Supervisor, normal user MFP administrator MFP administrator MFP administrator MFP administrator MFP administrator Normal user MFP administrator Normal user Copyright (c) 2011 RICOH COMPANY, LTD. Page ...
Security Target
Page 67
... MFP administrator Query of minimum character number by MFP administrator when the Basic Authentication is used Query of Password Complexity by MFP administrator when the Basic Authentication is used Query of Number of Attempts before Lockout by MFP administrator ... normal user who stored the document Query and modification of available function list by normal user when the Basic Authentication is used Copyright (c) 2011 RICOH COMPANY, LTD. FMT_SMF.1.1 The TSF shall be capable of performing the following management functions: [assignment: management functions shown in Table 30]. Dependencies...
... MFP administrator Query of minimum character number by MFP administrator when the Basic Authentication is used Query of Password Complexity by MFP administrator when the Basic Authentication is used Query of Number of Attempts before Lockout by MFP administrator ... normal user who stored the document Query and modification of available function list by normal user when the Basic Authentication is used Copyright (c) 2011 RICOH COMPANY, LTD. FMT_SMF.1.1 The TSF shall be capable of performing the following management functions: [assignment: management functions shown in Table 30]. Dependencies...
Security Target
Page 74
... FMT_SMF.1, FMT_SMR.1 and FTP_ITC.1, which are the security functional requirements for these countermeasures, O.CONF.NO_DIS is only allowed to operate the login password of the Management Function. FMT_MTD.1 allows the MFP administrator and applicable normal user to operate the audit log and HDD cryptographic key. (2)...supervisor. The TSF protected data sent and received by the TOE via the LAN are allowed to operate the login password of the security attributes. The supervisor and applicable MFP administrator are protected by FTP_ITC.1. Copyright (c) 2011 RICOH COMPANY, LTD.
... FMT_SMF.1, FMT_SMR.1 and FTP_ITC.1, which are the security functional requirements for these countermeasures, O.CONF.NO_DIS is only allowed to operate the login password of the Management Function. FMT_MTD.1 allows the MFP administrator and applicable normal user to operate the audit log and HDD cryptographic key. (2)...supervisor. The TSF protected data sent and received by the TOE via the LAN are allowed to operate the login password of the security attributes. The supervisor and applicable MFP administrator are protected by FTP_ITC.1. Copyright (c) 2011 RICOH COMPANY, LTD.
Security Target
Page 75
... it is required to implement the following countermeasures. (1) Management of the TSF confidential data. All rights reserved. Copyright (c) 2011 RICOH COMPANY, LTD. O.USER.AUTHORIZED User identification and authentication O.USER.AUTHORIZED is the security objective to restrict users in advance, and...HDD cryptographic key. (2) Specification of administrator. FMT_MTD.1 allows the MFP administrator and applicable normal user to operate the login password of supervisor. FIA_UID.2 identifies the person who attempts to use the TOE. To fulfil this security objective, it is ...
... it is required to implement the following countermeasures. (1) Management of the TSF confidential data. All rights reserved. Copyright (c) 2011 RICOH COMPANY, LTD. O.USER.AUTHORIZED User identification and authentication O.USER.AUTHORIZED is the security objective to restrict users in advance, and...HDD cryptographic key. (2) Specification of administrator. FMT_MTD.1 allows the MFP administrator and applicable normal user to operate the login password of supervisor. FIA_UID.2 identifies the person who attempts to use the TOE. To fulfil this security objective, it is ...
Security Target
Page 76
... FIA_UID.1(a) and FIA_UID.1(b) identify the persons who attempt to use the Operation Panel and LAN interface. Copyright (c) 2011 RICOH COMPANY, LTD. O.INTERFACE.MANAGED Management of external interfaces by TOE O.INTERFACE.MANAGED is unsuccessfully authenticated by FDP_ACC.1(b) and ...FIA_UAU.1(b), FIA_UAU.2, FIA_ATD.1, FIA_USB.1, FIA_UAU.7, FIA_AFL.1, FIA_SOS.1, FTA_SSL.3, FMT_MSA.1(b) and FMT_MSA.3(b), which are not allowed to guess the password. The function for 2600.1-SMI (F.SMI), selected SFR Package from the Operation Panel or a Web browser for certain period. FTA_SSL.3...
... FIA_UID.1(a) and FIA_UID.1(b) identify the persons who attempt to use the Operation Panel and LAN interface. Copyright (c) 2011 RICOH COMPANY, LTD. O.INTERFACE.MANAGED Management of external interfaces by TOE O.INTERFACE.MANAGED is unsuccessfully authenticated by FDP_ACC.1(b) and ...FIA_UAU.1(b), FIA_UAU.2, FIA_ATD.1, FIA_USB.1, FIA_UAU.7, FIA_AFL.1, FIA_SOS.1, FTA_SSL.3, FMT_MSA.1(b) and FMT_MSA.3(b), which are not allowed to guess the password. The function for 2600.1-SMI (F.SMI), selected SFR Package from the Operation Panel or a Web browser for certain period. FTA_SSL.3...
Security Target
Page 83
...address Page 82 of External Authentication The TOE identifies and authenticates a user by checking the login user name and login password entered by the user. FIA_UAU.1(a) and FIA_UID.1(a): Application of fax reception, and repair request notifications, the TOE identification and... identification and authentication information obtained from the Operation Panel or a Web browser, the screen for confirmation. Copyright (c) 2011 RICOH COMPANY, LTD. E-mail transmission e-mail transmission 7.2 Identification and Authentication Function The Identification and Authentication Function is to verify...
...address Page 82 of External Authentication The TOE identifies and authenticates a user by checking the login user name and login password entered by the user. FIA_UAU.1(a) and FIA_UID.1(a): Application of fax reception, and repair request notifications, the TOE identification and... identification and authentication information obtained from the Operation Panel or a Web browser, the screen for confirmation. Copyright (c) 2011 RICOH COMPANY, LTD. E-mail transmission e-mail transmission 7.2 Identification and Authentication Function The Identification and Authentication Function is to verify...
Security Target
Page 84
...default) elapses after receiving the print data from the Operation Panel or a Web browser, the TOE does not display the entered login password but it displays a sequence of dummy characters whose length is the same as the identified user role (normal user, MFP administrator, ... in Table 36 and specified for Each User Role User Roles (Locked out Users) Normal user Unlocking Administrators MFP administrator Copyright (c) 2011 RICOH COMPANY, LTD. Table 36 : Unlocking Administrators for each user role releases the lockout. When External Authentication is activated if the auto logout...
...default) elapses after receiving the print data from the Operation Panel or a Web browser, the TOE does not display the entered login password but it displays a sequence of dummy characters whose length is the same as the identified user role (normal user, MFP administrator, ... in Table 36 and specified for Each User Role User Roles (Locked out Users) Normal user Unlocking Administrators MFP administrator Copyright (c) 2011 RICOH COMPANY, LTD. Table 36 : Unlocking Administrators for each user role releases the lockout. When External Authentication is activated if the auto logout...
Security Target
Page 85
... user operations for document data and user jobs in accordance with the provided user role privilege or user privilege. Copyright (c) 2011 RICOH COMPANY, LTD. FIA_UAU.2, FIA_UID.2, and FIA_USB.1 A certificate is a set of identification and authentication information of combined character types ...types or more, or three types or more). Supervisor MFP administrator MFP administrator Supervisor Page 84 of 93 FIA_SOS.1 Login passwords for users can be forwarded unless the TSF is not involved in information identification and authentication. 7.3 Document Access Control Function...
... user operations for document data and user jobs in accordance with the provided user role privilege or user privilege. Copyright (c) 2011 RICOH COMPANY, LTD. FIA_UAU.2, FIA_UID.2, and FIA_USB.1 A certificate is a set of identification and authentication information of combined character types ...types or more, or three types or more). Supervisor MFP administrator MFP administrator Supervisor Page 84 of 93 FIA_SOS.1 Login passwords for users can be forwarded unless the TSF is not involved in information identification and authentication. 7.3 Document Access Control Function...
Security Target
Page 91
...year/month/day) Operation Panel, Web browser Query Query Query Query, modify Query Time Operation Panel, Web browser Minimum character number of password for Basic Authentication Password complexity setting for Basic Authentication Audit log HDD cryptographic key Operation panel Operation panel Web browser Operation panel S/MIME user information Operation Panel, ... MFP administrator Supervisor, normal user MFP administrator Supervisor, normal user MFP administrator MFP administrator MFP administrator MFP administrator MFP administrator Copyright (c) 2011 RICOH COMPANY, LTD.
...year/month/day) Operation Panel, Web browser Query Query Query Query, modify Query Time Operation Panel, Web browser Minimum character number of password for Basic Authentication Password complexity setting for Basic Authentication Audit log HDD cryptographic key Operation panel Operation panel Web browser Operation panel S/MIME user information Operation Panel, ... MFP administrator Supervisor, normal user MFP administrator Supervisor, normal user MFP administrator MFP administrator MFP administrator MFP administrator MFP administrator Copyright (c) 2011 RICOH COMPANY, LTD.