Ricoh Aficio MP 2851 Security Target - Page 59

Page 59 of 81 performed. For this, FMT_SMF.1 specifies the required Security Management Functions for the Security Function requirements. d) Authorised use of Security Management Functions. To fulfill O.MANAGE, authorised users shall be associated with the security management roles, and operation permissions for the Security Management Functions shall be maintained, since the use of the Security Management Functions depends on the authorised user roles. FMT_SMR.1 associates authorised users with a general user, one of the four administrator roles (user administrator, machine administrator, file administrator, or network administrator), or the supervisor role, and maintains this association. O.MEM.PROTECT Prevention of disclosure of data stored in memory Following are the rationale behind the functional requirements corresponding to O.MEM.PROTECT in Table 22, and these requirements are included to fulfill the O.MEM.PROTECT specification. a) Generate the encryption keys and perform encryption operations adequately. To fulfill O.MEM.PROTECT, the document data stored on the HDD shall be sufficiently encrypted to make decoding difficult unless the document data is read with normal methods using the TOE. For this, FCS_CKM.1 generates encryption keys at a key size of 256 bits with TRNG for the encryption key generation algorithm (based on BSI-AIS31); and FCS_COP.1 encrypts document data when it is stored on the HDD and decrypts it when it is read from the HDD using the encryption keys generated with the AES encryption algorithm (which corresponds to FIPS197). Additionally, FTP_TST.1 tests at the TOE start -up the validity of encryption keys and the performance of the Ic Hdd where encryption is performed, and this prevents storage of unencrypted document data on the HDD. O.NET.PROTECT Protection of network communication data Following are the rationale behind the functional requirements corresponding to O.NET.PROTECT inTable 22, and these requirements are included to fulfill the O.NET.PROTECT specification. a) Protect assets on communication path. To fulfill O.NET.PROTECT , document data and print data on the communication path shall be protected from leakage, and attempts at tampering with itshall also be detected. For this, FTP_ITC.1 uses the IPSec protocol to protect datasent from the TOE to folders on FTP or SMB servers, to protect document data on the network from leakage, and also to detect attempts at tampering with document data. FTP_TRP.1 also protects document data on networks from leakage and detects attempts at tampering by use of a trusted path (described later) between the TOE and remote users. The mail service is protected by S/MIME, which protects data sent by e-mail from the TOE to a client computer, protects document data or print data on the network from leakage, and detects attempts at tampering. The SSL protocol protects document data and print data that are is travelling through a web service, print service, or fax service from a client computer from leakage and attempts at tampering. Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.