Ricoh Aficio MP 2851 Security Target

Ricoh Aficio MP 2851 Manual

Get Ricoh Aficio MP 2851 PDF manuals and user guides View all Ricoh Aficio MP 2851 manuals
Add to My Manuals
Save this manual to your list of manuals

Ricoh Aficio MP 2851 manual content summary:

  • Ricoh Aficio MP 2851 | Security Target - Page 1
    Page 1 of 81 Aficio MP 2851/3351 series with Fax Option Type 3351 Security Target Author Date Version : RICOH COMPANY, LTD., Yasushi FUNAKI : 2010-06-17 : 1.00 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP 2851 | Security Target - Page 2
    Revision History Version 1.00 Date 2010-06-17 Author Yasushi FUNAKI Details Released version. Page 2 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP 2851 | Security Target - Page 3
    23 1.4.5.1 Document Data 23 1.4.5.2 Print Data 24 2 Conformance Claims 25 2.1 CC conformance Claim 25 2.2 PP Claims, Package Claims 25 2.3 Conformance Rationale 25 3 Security Problem Definitions 26 3.1 Threats 26 3.2 Organisational Security Policies 26 Copyright (c) 2010 RICOH COMPANY, LTD
  • Ricoh Aficio MP 2851 | Security Target - Page 4
    34 6.1.2 Class FCS: Cryptographic support 38 6.1.3 Class FDP: User data protection 39 6.1.4 Class User Identification and Authentication Function 66 7.1.2.1 User Identification and Authentication 67 7.1.2.2 Actions in Event of Identification and Authentication Failure 67 Copyright (c) 2010 RICOH
  • Ricoh Aficio MP 2851 | Security Target - Page 5
    74 7.1.6 SF.CIPHER Encryption Function 74 7.1.6.1 Encryption of Document Data 74 7.1.7 SF.NET_PROT Network Communication Data Protection Function 75 7.1.7.1 Use of Web Service Function from Client Computer 75 7.1.7.2 Printing and Faxing from Client Computer 75 7.1.7.3 Sending by E-mail from
  • Ricoh Aficio MP 2851 | Security Target - Page 6
    Table 10: Rules Services Default value for document data ACL 69 Table 29: Operations on document data ACL and Authorised users 70 Table 30: Access to administrator information 71 Table 31: Authorised operations on general user information 72 Table 32: Administrators authorised to specify
  • Ricoh Aficio MP 2851 | Security Target - Page 7
    MP 2851, infotec MP 3351 MFP Software /Hardware Version : Software System/Copy Network Support Scanner Printer Fax Web Support Web Uapl Network Doc Box 1.00 7.29.3 01.12 1.01 01.00.00 1.01 1.03 1.00 Hardware Ic Key Ic Hdd 1100 01 FCU Name : Fax Option Type 3351 Copyright (c) 2010 RICOH
  • Ricoh Aficio MP 2851 | Security Target - Page 8
    via a network, USB connection, or fax. The output function includes printing, Fax Transmission, and transferring to networked servers or client computers. The TOE incorporates some of these functions and provides a Copy Function, Scanner Function, Printer Function, and Fax Function. Users can use
  • Ricoh Aficio MP 2851 | Security Target - Page 9
    be pre-installed on the client computer. To print and fax from the client computer via the internal network or USB connection, the PCL printer driver and fax driver must be downloaded and installed into the client computer from the website indicated in the user guidance. FTP S erver An FTP server is
  • Ricoh Aficio MP 2851 | Security Target - Page 10
    fax when the optional fax is installed. Firewall A firewall is a device that is set between the internal and the external network and protects the internal network from the external network. 1.4 TOE Description This section describes the Physical boundaries of the TOE, user guidance documents, user
  • Ricoh Aficio MP 2851 | Security Target - Page 11
    Page 11 of 81 User Document Output Document Telephone Line TTOOEE Engine Unit Operation Panel Unit Scanner Engine Printer Engine Engine Control Board Fax Unit * Optional Processor Controller Board RAM NVRAM Ic Key FlashROM HDD Ic Hdd Network Unit USB Port SD Card Slot Figure 2:
  • Ricoh Aficio MP 2851 | Security Target - Page 12
    generates random numbers and encryption user information for identification and authentication are stored. Network Unit Network Unit is an interface board for connection to an Ethernet (100BASE-TX/10BASE-T) network. USB Port The USB Port is used to connect a client computer to the TOE, print or fax
  • Ricoh Aficio MP 2851 | Security Target - Page 13
    document sets are as follows: [English version-1] - 9228/9233 MP 2851/3351 LD528/LD533 Aficio MP 2851/3351 Operating Instructions About This Machine - 9228/9233 MP 2851/3351 LD528/LD533 Aficio MP 2851/3351 Operating Instructions Troubleshooting - Notes for Users - App2Me Start Guide - Manuals for
  • Ricoh Aficio MP 2851 | Security Target - Page 14
    Guide - Quick Reference Fax Guide - Quick Reference Printer Guide - Quick Reference Scanner Guide - Manuals for This Machine - Safety Information for MP 2851/MP 3351 - Notes for Users - App2Me Start Guide - Manuals for Users MP 2851/3351 Aficio MP 2851/3351 A Page 14 of 81 Copyright (c) 2010 RICOH
  • Ricoh Aficio MP 2851 | Security Target - Page 15
    - MP 2851/MP 3351 MP 2851/MP 3351 Aficio MP 2851/3351 Operating Instructions Troubleshooting - Quick Reference Copy Guide - Quick Reference FAX Guide - Quick Reference Printer Guide - Quick Reference Scanner Guide - Notes for Users - App2Me Start Guide - Manuals for Users MP 2851/3351 Aficio MP 2851
  • Ricoh Aficio MP 2851 | Security Target - Page 16
    Environment - VM Card Manuals Page 16 of 81 1.4.3 User Roles This section network connections. Managing the documents stored in the TOE. 1.4.3.3 Supervisor The "supervisor" is a user who manages administrator passwords and changes them. One supervisor must be registered for the TOE. A default
  • Ricoh Aficio MP 2851 | Security Target - Page 17
    Function Management Function Scanner Function Document Server Function Copy Function Fax Function Printer Function General user Identification and Authentication Function Web Service Function Service Mode Lock Function TOE corresponding printer driver fax driver * Audit Function SMB server FTP
  • Ricoh Aficio MP 2851 | Security Target - Page 18
    , and supervisors can use the Web Service Functions, depending on their role. Copy Function This function is for scanning originals and printing the scanned image according to the Print Settings specified by the user. Print Settings include the number of copies, magnification, and custom settings
  • Ricoh Aficio MP 2851 | Security Target - Page 19
    connected. Users can use this function by accessing the web server of the TOE from their computer's Web browser. The following TOE operations are available: 1. Printing document data stored in the D-BOX. Document data stored using the Copy Function, Document Server Function, Fax Function, or Printer
  • Ricoh Aficio MP 2851 | Security Target - Page 20
    the same particular user ID reaches the specified Number of Attempts before Lockout, this function temporarily prevents further login attempts from this user ID. - Authentication Feedback Area Protection: When a user enters their password, this function masks the password with protection characters
  • Ricoh Aficio MP 2851 | Security Target - Page 21
    explains the sending methods and their corresponding communication protocols. 1. Download document data using the Web Service Function from a client computer (SSL protocol) 2. Print or fax from a client computer (SSL protocol) 3. Deliver document data to an FTP server or SMB server from the
  • Ricoh Aficio MP 2851 | Security Target - Page 22
    data ACL is set to the document data default ACL. 2. Management of administrator information Allows specified users to register and delete administrators, to add and delete administrator roles, and change administrator IDs and passwords. Only administrators are allowed to register another
  • Ricoh Aficio MP 2851 | Security Target - Page 23
    access and leakage. Outputting Document Data Document data can be output by the following five methods: 1. Sent by e-mail to a client computer (to the e-mail address). 2. Sent to an SMB or FTP server. 3. Downloaded by a client computer. 4. Printed out. Copyright (c) 2010 RICOH COMPANY, LTD. All
  • Ricoh Aficio MP 2851 | Security Target - Page 24
    data can be detected. 1.4.5.2 Print Data Print data is data in which a print or fax image is written. It is generated from the document files in a client computer by the printer or fax drivers installed on the client computer when it is printed or faxed, respectively. Print data is imported to
  • Ricoh Aficio MP 2851 | Security Target - Page 25
    following package: Package: EAL3 conformant 2.3 Conformance Rationale Since this ST does not claim conformance to PPs, there is no rationale for PP conformance. Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP 2851 | Security Target - Page 26
    Security Problem Definitions users may breach the limits of authorised usage and access document data through the external TOE interfaces (the Operation Panel, network with document data or print data sent or received by the TOE via the internal network. T. RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP 2851 | Security Target - Page 27
    maliciously. A.NETWORK (Assumption for network connections) When the network that the TOE is connected to (the internal network) is connected to an external network such as the Internet, the internal network shall be protected from the external network. Copyright (c) 2010 RICOH COMPANY, LTD
  • Ricoh Aficio MP 2851 | Security Target - Page 28
    communication data) The TOE shall protect document data and print data travelling over the communication network from interception, and detect any tampering. O.GENUINE (Protection of integrity of MFP Control Software) The TOE shall provide TOE users with a function that verifies the integrity
  • Ricoh Aficio MP 2851 | Security Target - Page 29
    line connected to the Fax Unit. 4.2 Security Objectives of Operational Environment The following describes the security objectives of the operational environment. OE.ADMIN (Trusted administrators) The responsible manager of the MFP shall select trusted persons as administrators and instructs them
  • Ricoh Aficio MP 2851 | Security Target - Page 30
    Environment A.ADMIN A.SUPERVISOR A.NETWORK T.ILLEGAL_USE NET.PROTECT O.GENUINE O.LINE_PROTECT OE.ADMIN OE.SUPERVISOR OE.NETWORK v vv vv v vv v instruct general users to operate the TOE securely also. Additionally, administrators are unlikely to abuse their permissions. As specified by OE.ADMIN
  • Ricoh Aficio MP 2851 | Security Target - Page 31
    Page 31 of 81 A.NETWORK (Assumptions for network connections) As specified by A.NETWORK, when the network that the TOE is connected to (the internal network) is connected to an external network such as the Internet, the internal network shall be protected from unauthorised communications
  • Ricoh Aficio MP 2851 | Security Target - Page 32
    this threat, the TOE protects document data and Print Data on communication path from leakage prevents the intrusion from a telephone line connected to Fax Unit to the TOE by O.LINE_PROTECT. In users by O.GENUINE. Therefore, the TOE can enforce P.SOFTWARE. Copyright (c) 2010 RICOH COMPANY, LTD
  • Ricoh Aficio MP 2851 | Security Target - Page 33
    new security requirements and security assurance requirements that are not described in the CC, which is claimed the conformance in "2.1 CC conformance Claim". Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP 2851 | Security Target - Page 34
    Start-up and shutdown of the Audit Functions; b) All auditable events for the [selection: not specified] level of audit; and c) [assignment: auditable events of the TOE shown in Table 4]. 1. HDD cryptographic key generation (Outcome: Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP 2851 | Security Target - Page 35
    1. Storage of document data successful 2. Reading of document data successful 3. Deletion of document data successful a) Minimal 1. Fax Function: Reception a) Minimal 1. Lockout start 2. Lockout release b) Basic 1. Newly creating authentication information of general users (Outcome: Success/Failure
  • Ricoh Aficio MP 2851 | Security Target - Page 36
    Basic 1. Login (Outcome: Success/Failure) 1. Adding and deleting administrator roles 2. Changing document data ACL Auditable events not recorded. 1. Newly creating authentication information of general users. 2. Changing
  • Ricoh Aficio MP 2851 | Security Target - Page 37
    trusted channel functions. b) Minimal: Identification of the initiator and target of failed trusted channel functions. c) Basic: All attempted uses of the trusted /Failure, Communication IP address) 1. Communication with remote users (Outcome: Success/Failure
  • Ricoh Aficio MP 2851 | Security Target - Page 38
    address, IDs of persons whose authentication information is created/changed/deleted, Locking out users, release of user Lockout, method of Lockout release, IDs of object document data]. FAU_SAR.1 Audit review . 6.1.2 Class FCS: Cryptographic support FCS_CKM.1 Cryptographic key generation Hierarchical
  • Ricoh Aficio MP 2851 | Security Target - Page 39
    algorithm hs own in Table 5] and specified cryptographic key size [assignment: cryptographic key bits Cryptographic operations - Encryption when writing the document data on HDD - Encryption when reading the document data from HDD 6.1.3 Class FDP: User 2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP 2851 | Security Target - Page 40
    with the general user process matches either the document file owner ID or the document file user ID in the document data ACL associated with the document data, and if the matched ID has viewing, editing, editing/deleting, or full control permission. Copyright (c) 2010 RICOH COMPANY, LTD. All
  • Ricoh Aficio MP 2851 | Security Target - Page 41
    document data if the general user ID associated with the general user process matches either the document file owner ID or a document file user ID in the document data ACL associated with the document data, and if the matched ID has permission for editing - Fax process on Fax Unit - Fax reception
  • Ricoh Aficio MP 2851 | Security Target - Page 42
    Fax process on Fax Unit No security attributes Subject Fax line and indicates whether this is fax or non-fax data.) FDP_IFF.1.2 The TSF shall is recognised as fax data, the fax process on the Fax Unit allows Fax Reception on the numbers of times of authentication failure for each user
  • Ricoh Aficio MP 2851 | Security Target - Page 43
    Lockout release actions Auto Lockout Release Manual Lockout Release Details If the user fails to authenticate after making the number of attempts specified for Lockout security attributes belonging to individual users: [assignment: general user IDs, document data default ACL, administrator IDs,
  • Ricoh Aficio MP 2851 | Security Target - Page 44
    Page 44 of 81 Numbers: [0-9] (10 digits) Symbols: SP (spaces 33 symbols) (2) Registerable password length: For general users No fewer than the Minimum Password Length specified by the user administrator (8-32 characters) and no more than 128 characters. For administrators and a supervisor No fewer
  • Ricoh Aficio MP 2851 | Security Target - Page 45
    of users General user ID, Document data default ACL Administrator ID, Administrator roles Supervisor ID FIA_USB.1.3 The TSF shall enforce the following rules governing changes to the user security attributes associated with subjects acting on the behalf of users: [assignment: administrators can add
  • Ricoh Aficio MP 2851 | Security Target - Page 46
    data default ACL for the applicable general user (document file owner). This value can be set arbitrarily by the user administrator or the general user, and it has neither a restrictive nor permissive property, only the specified prop erty. FMT_MTD.1 Management of TSF data Copyright (c) 2010 RICOH
  • Ricoh Aficio MP 2851 | Security Target - Page 47
    Length Password Complexity Setting HDD cryptographic key Audit logs Service mode lock setting Query, modify Query, modify Query, newly create Query, delete entirely Query, modify User roles User administrator Applicable general users of general user information Supervisor Supervisor Applicable
  • Ricoh Aficio MP 2851 | Security Target - Page 48
    User roles General users, User administrator, Network administrator, File administrator, Supervisor User administrator Page 48 of 81 Supervisor Machine administrator User administrator Applicable general users of S/MIME user information General users User RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP 2851 | Security Target - Page 49
    machine control data): management of the Number of Attempts before Lockout by machine Password Length - Password Complexity Setting - Security Management Function (management of general user information): management of authentication information of general users by the user (c) 2010 RICOH COMPANY, LTD
  • Ricoh Aficio MP 2851 | Security Target - Page 50
    ACL for all general user information registered to the Address Book. - Allows general users to modify the document data default ACL of their own general user information. c) None: No rules by which security attributes inherit specified values. Copyright (c) 2010 RICOH COMPANY, LTD. All Rights
  • Ricoh Aficio MP 2851 | Security Target - Page 51
    initial start-up, regular interval, or under specified conditions. b) Management of the time interval if appropriate. a) Configuring the actions that require trusted channel, if supported. a) Configuring the actions that require trusted path, if supported. Management items Page 51 of 81 None
  • Ricoh Aficio MP 2851 | Security Target - Page 52
    The TSF shall provide authorised users with the capability to verify the integrity of stored TSF executable code. 6.1.7 Class FTP: Trusted : initial user authentication, [assignment: TOE web service, printing service from a client computer, fax service from a client computer, and e-mail service to a
  • Ricoh Aficio MP 2851 | Security Target - Page 53
    TSF Remote users Services that require a trusted path E-mail service to client computer from TOE (S/MIME) Initial user authentication (SSL) TOE web service from client PC (SSL) Printing service from client PC (SSL) Fax service from client PC (SSL) Copyright (c) 2010 RICOH COMPANY, LTD
  • Ricoh Aficio MP 2851 | Security Target - Page 54
    (EAL3) Assurance classes ADV: Development AGD: Guidance documents ALC: Life-cycle support ASE: Security Target evaluation ATE: Tests AVA: objectives ASE_REQ.2 Derived security requirements ASE_SPD.1 Security problem definition ASE_TSS.1 TOE summary specification ATE_COV.2 Analysis
  • Ricoh Aficio MP 2851 | Security Target - Page 55
    FAU_GEN.1 v FAU_SAR.1 v FAU_SAR.2 v FAU_STG.1 v FAU_STG.4 v FCS_CKM.1 v FCS_COP.1 v FDP_ACC.1 v FDP_ACF.1 v FDP_IFC.1 v FDP_IFF.1 v FIA_AFL.1 v FIA_ATD.1 v FIA_SOS.1 v FIA_UAU.2 v FIA_UAU.7 v FIA_UID.2 v Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP 2851 | Security Target - Page 56
    starts and ends, whenever an identification or authentication function is performed, whenever users operate protected assets, whenever protected assets are encrypted, and whenever a major over audit logs that have the oldest time stamp. Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP 2851 | Security Target - Page 57
    passwords by locking out users when their number of authentication attempts reaches the number specified by the machine administrator. The authentication attempts include user authentication attempts from the Operation Panel, the Web browser of a client computer, or a client computer when printing
  • Ricoh Aficio MP 2851 | Security Target - Page 58
    .3 specifies the default value of the document data ACL for storage of new document data. b) Management and protection of TSF data. To fulfill O.MANAGE, access to TSF data shall be limited to specified users. For this, FMT_MTD.1 allows: - the machine administrator to query and specify the Number of
  • Ricoh Aficio MP 2851 | Security Target - Page 59
    data on the network from leakage, and detects attempts at tampering. The SSL protocol protects document data and print data that are is travelling through a web service, print service, or fax service from a client computer from leakage and attempts at tampering. Copyright (c) 2010 RICOH COMPANY, LTD
  • Ricoh Aficio MP 2851 | Security Target - Page 60
    requirements are included to fulfill the O.GENUINE sp ecification. a) Check the integrity of FPT_TST.1 tests the integrity of the executable code of the MFP Control Software, which is installed PROTECT specification. a) Prohibit intrusion via the fax line. To fulfill O.LINE_PROTECT , unauthorised
  • Ricoh Aficio MP 2851 | Security Target - Page 61
    Dependencies on FIA_UAU.1 Since this TOE employs FIA_UAU.2, which is hierarchical to FIA_UAU.1, the dependency on FIA_UAU.1 is satisfied by FIA_AFL.1 and FIA_UAU.7. Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP 2851 | Security Target - Page 62
    therefore important also. Based on the terms and costs of the evaluation, the evaluation assurance level of EAL3 is appropriate for this TOE. Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP 2851 | Security Target - Page 63
    User Identification and Authentication Function SF.DOC_ACC Document Data Access Control Function SF.SEC_MNG Security M anagement Function SF.CE_OPE_LOCK Service M ode Lock Function SF.CIPHER Encryption Function SF.NET_PROT Network Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP 2851 | Security Target - Page 64
    Page 64 of 81 SF.AUDIT SF.I&A SF.DOC_ACC SF.SEC_MNG SF.CE_OPE_LOCK SF.CIPHER SF.NET_PROT SF.FAX_LINE SF.GENUINE FDP_IFC.1 FDP_IFF.1 logs consist of basic audit information and expanded audit information. Basic audit information is data Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP 2851 | Security Target - Page 65
    Ending Audit Function (*1) Login Starting Lockout Releasing Lockout (*2) Lockout release at TOE startup HDD encryption key generation Successful storage of document data Successful reading of document data (*3) Successful deletion of document data Receiving fax Changing user password (including new
  • Ricoh Aficio MP 2851 | Security Target - Page 66
    be recorded in IDs for the operational object document data are printing, Sending by E-mail, Delivering to Folders and downloading from Web Service Function the document data stored in D-BOX *4 When the recording events occur due to the operations by users, User IDs are set as subject identities of
  • Ricoh Aficio MP 2851 | Security Target - Page 67
    methods Check if the general user ID and password entered by the user match a general user ID and corresponding password registered in the Address Book. Check if the administrator ID and password entered by the user match an administrator ID and corresponding password registered to the TOE. Check
  • Ricoh Aficio MP 2851 | Security Target - Page 68
    appears. (1) Usable characters and its types: Upper-case letters: [A-Z] (26 letters) Lower-case letters: [a-z] (26 letters) Numbers: [0-9] (10 digits) Symbols: SP (space 33 symbols) (2) Registerable password length: General users Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP 2851 | Security Target - Page 69
    data ACL Type of document data Document data stored by a general user Default value for document data ACL Document data default ACL By the above, FDP_ACC.1 (Subset access control) and FDP_ACF.1 (Security attribute based access control) are satisfied. Copyright (c) 2010 RICOH COMPANY, LTD. All
  • Ricoh Aficio MP 2851 | Security Target - Page 70
    Web Service Function to be restricted to specified users only. Operations on the document data ACL include changing the document file owner and the document file owner's operation permissions for the document data, newly registering and deleting document file users, and changing document file users
  • Ricoh Aficio MP 2851 | Security Target - Page 71
    of Administrator Information Management of administrator information allows only specified users to perform operations on administrator information from the Operation Panel or Web Service Function. Administrator information includes administrator IDs, administrator authentication information
  • Ricoh Aficio MP 2851 | Security Target - Page 72
    , and S/MIME user information) Edit general user information registered to Address Book (authentication information of general users, document data default ACL, S/MIME user information) Query general user information registered to Address Book (general user ID, document data default ACL, S/MIME
  • Ricoh Aficio MP 2851 | Security Target - Page 73
    users to query the destination information when using the Deliver to Folder function. Table 32: Administrators authorised to specify machine control data Machine control data items Number of Attempts before Lockout Setting for Lockout Release Timer Lockout time Minimum Password Length Password
  • Ricoh Aficio MP 2851 | Security Target - Page 74
    Service Mode Lock Function setting specified by the machine administrator. The TOE allows the machine administrator to set the Service Mode Lock Function from the Operation Panel, and allows all authorised users Document instruct the TOE to generate an HDD encryption key, the TOE generates a 256-bit
  • Ricoh Aficio MP 2851 | Security Target - Page 75
    .1 (Management of TSF data), and FPT_TST.1 (TSF testing) are satisfied. 7.1.7 SF.NET_PROT Network Communication Data Protection Function This protects document data and print data in transit on internal networks from leakage, and also detects attempts at tampering. Following are explanations of
  • Ricoh Aficio MP 2851 | Security Target - Page 76
    MFP Control Software that is installed in the FlashROM. The TOE verifies the integrity of the executable code of the MFP Control Software each time the TOE starts up. The TOE becomes available for users only if the integrity of the control software can be verified. If integrity cannot be verified
  • Ricoh Aficio MP 2851 | Security Target - Page 77
    MFP. A function that faxes document data from a client computer via the TOE when the client computer is connected to the TOE via a network or USB Ports. Information about each general user that is required for using S/MIME. Includes e-mail address, user certificates, and a specified value for S/MIME
  • Ricoh Aficio MP 2851 | Security Target - Page 78
    support service company, or a sales company. MFP Control Software embedded on the Controller Board. It receives information on the status of fax communications from the Fax Unit, and provides the Fax Unit with instructions for fax communication. One of the authorised TOE users who manages a password
  • Ricoh Aficio MP 2851 | Security Target - Page 79
    default ACL, and S/MIME user information A password for identification and authentication of a general user. The document files in a client computer that are sent to the TOE from a client computer to be printed or faxed. Drivers must be installed in the client computer in advance: a printer driver
  • Ricoh Aficio MP 2851 | Security Target - Page 80
    Protection Function Store and Print Function Stored Documents Fax Transmission Direct Print Function Immediate Transmission Internal networks Document file owner Document data Document data default ACL Document data ACL File administration Document file user Definitions Management Functions given
  • Ricoh Aficio MP 2851 | Security Target - Page 81
    8.2 Reference s Page 81 of 81 Following are the documents referenced in this document. - CC Version 3.1 Revision 2 Evaluation Criteria: "English version" Common 3.1 Evaluation Methodology Revision 2 [Japanese translation ver. 2.0] Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
Page 1 of 81
Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
Aficio MP 2851/3351 series with Fax Option Type 3351
Security Target
Author
: RICOH COMPANY, LTD., Yasushi FUNAKI
Date
: 2010-06-17
Version
: 1.00