Ricoh Aficio MP 6001 SP Security Target

Ricoh Aficio MP 6001 SP Manual

Get Ricoh Aficio MP 6001 SP PDF manuals and user guides View all Ricoh Aficio MP 6001 SP manuals
Add to My Manuals
Save this manual to your list of manuals

Ricoh Aficio MP 6001 SP manual content summary:

  • Ricoh Aficio MP 6001 SP | Security Target - Page 1
    with DataOverwriteSecurity Unit Type H Security Target Author : RICOH COMPANY, LTD. Date : 2011-04-12 Version : 1.00 Portions of Aficio MP 9001/8001/7001/6001 series with DataOverwriteSecurity Unit Type H Security Target are reprinted with written permission from IEEE, 445 Hoes Lane, Piscataway
  • Ricoh Aficio MP 6001 SP | Security Target - Page 2
    Page 1 of 87 Version 1.00 Date 2011-04-12 Revision History Author RICOH COMPANY, LTD. Detail Publication version. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 3
    28 2.4.1 Consistency Claim with TOE Type in PP 28 2.4.2 Consistency Claim with Security Problems and Security Objectives in PP .........28 2.4.3 Consistency Claim with Security Requirements in PP 28 3 Security Problem Definitions 31 Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 4
    Objectives Descriptions 38 5 Extended Components Definition 42 5.1 Restricted forwarding of data FAU: Security audit 44 6.1.2 Class FCS: Cryptographic support 47 6.1.3 Class FDP: User data protection 48 72 7 TOE Summary Specification 73 Copyright (c) 2011 RICOH COMPANY, LTD. All rights
  • Ricoh Aficio MP 6001 SP | Security Target - Page 5
    ...16 Table 6 : Definition of Users ...18 Table 7 : List of Administrative Roles ...18 Table 8: Definition of User Data ...23 Table 9: Definition of TSF Data...24 Table 10: Specific Terms Related to This Auditable Events and Audit Data 73 Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 6
    81 Table 42: List of Static Initialisation for Security Attributes of Common Access Control SFP 82 Table 43: Management of TSF Data ...83 Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 7
    Aficio MP 6001 SP, Ricoh Aficio MP 7001 SP, Ricoh Aficio MP 8001 SP, Ricoh Aficio MP 9001 SP, Gestetner MP 6001 SP, Gestetner MP 7001 SP, Gestetner MP 8001 SP, Gestetner MP 9001 SP, infotec MP 6001 SP, infotec MP 7001 SP, MFPs Versions Software System/Copy Network Support Scanner(*1) Printer
  • Ricoh Aficio MP 6001 SP | Security Target - Page 8
    MP 8001 SP, nashuatec MP 9001 SP, Rex-Rotary MP 6001 SP, Rex-Rotary MP 7001 SP, Rex-Rotary MP 8001 SP, Rex-Rotary MP 9001 SP, Savin 9060sp, Savin 9070sp, Savin 9080sp, Savin 9090sp - MFPs with S/P function as an optional feature Ricoh Aficio MP 6001, Ricoh Aficio MP 7001, Ricoh Aficio MP 8001, Ricoh
  • Ricoh Aficio MP 6001 SP | Security Target - Page 9
    equipment, the versions of Printer and Scanner are displayed only when Printer/Scanner Unit Type 9001 is installed. Keywords : Digital MFP, Documents, Copy, Print, Scanner, Network, Office, Fax the TOE is outlined in this section. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 10
    the client computer are as follows: - Various settings for the MFP using a Web browser, - Print, fax, network transmission, and deletion of user documents using a Web browser, - Store and print of documents using the printer driver, Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 11
    driver. [Telephone line] Indicates the public line for the TOE's communication with external faxes. [Firewall] A device to prevent the office environment from network attacks via the Internet. [FTP Server] A server used by the TOE for folder Definition Unit, Engine Unit, Fax Unit, Controller
  • Ricoh Aficio MP 6001 SP | Security Target - Page 12
    signature root key is installed before the TOE is shipped. - FlashROM A non-volatile memory medium in which the following software components are installed: Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 13
    is installed in the Engine Control Board. The Engine Control Software sends status information about the Scanner Engine and Printer Engine to the MFP Control Software, and operates the Scanner Engine or Printer Engine according to instructions from the MFP Control Software. Engine, which is one of
  • Ricoh Aficio MP 6001 SP | Security Target - Page 14
    Aficio MP 6001/7001/8001/9001 Operating Instructions Copy and Document Server Reference - Quick Reference Copy Guide - Quick Reference Printer Guide - Quick Reference Scanner Guide - Manuals for Users 9060/9060sp/9070/9070sp/9080/9080sp/9090/9090sp MP 6001/MP 6001 SP/MP 7001/MP 7001 SP/MP 8001/MP
  • Ricoh Aficio MP 6001 SP | Security Target - Page 15
    LD390 sp Aficio MP 6001/MP 6001 SP/MP 7001/MP 7001 SP/MP 8001/MP 8001 SP/MP 9001/MP 9001 SP - Manuals for Administrators Security Reference Supplement - Notes for Users D060-7789A - Notes for Users D062-7183 - To Users of This Machine - Notes on Energy Saving Functions - Operating Instructions Notes
  • Ricoh Aficio MP 6001 SP | Security Target - Page 16
    MP 7001 SP/MP 8001/MP 8001 SP/MP 9001/MP 9001 SP - Manuals for Administrators Security Reference Supplement - Notes for Users D060-7782 - Notes for Users D062-7155 - To Users of This Machine - Safety Information for Aficio MP 6001/Aficio MP 7001/Aficio MP 8001/Aficio MP 9001 - Operating Instructions
  • Ricoh Aficio MP 6001 SP | Security Target - Page 17
    MP 6001/MP 6001 SP/MP 7001/MP 7001 SP/MP 8001/MP 8001 SP/MP 9001/MP 9001 SP Aficio MP 6001/MP 6001 SP/MP 7001/MP 7001 SP/MP 8001/MP 8001 SP/MP 9001/MP 9001 SP A - Manuals for Administrators Security Reference MP 6001/MP 6001 SP/MP 7001/MP 7001 SP/MP 8001/MP 8001 SP/MP 9001/MP 9001 SP Aficio MP 6001
  • Ricoh Aficio MP 6001 SP | Security Target - Page 18
    /MP 8001/MP 9001 MP 6001/MP 7001/MP 8001/MP 9001 Aficio MP 6001/7001/8001/9001 Operating Instructions Copy and Document Server Reference - Quick Reference Copy Guide - Quick Reference Printer Guide - Quick Reference Scanner Guide - Manuals for Users MP 6001/MP 7001/MP 8001/MP 9001 Aficio MP 6001/MP
  • Ricoh Aficio MP 6001 SP | Security Target - Page 19
    (Table 6) shows the definitions. Table 6 : Definition of Users Definition of Users Normal user Administrator Explanation A user who is allowed to use the TOE. A normal user is provided with a login user name and can use Copy Function, Fax Function, Scanner Function, Printer Function, and Document
  • Ricoh Aficio MP 6001 SP | Security Target - Page 20
    as follows: - Copy Function The Copy Function is to scan paper documents and print scanned image data according to the specified number of copies, magnification, and custom settings. It can also be used to store scanned image data in the Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 21
    driver in their own client computers, and then use this function. To use the Printer Function, normal users shall select documents to print on their client computers and send instructions to specify either document storage or direct printing. - Scanner Function The Scanner Function is to scan
  • Ricoh Aficio MP 6001 SP | Security Target - Page 22
    fax documents. From a Web browser, normal users can print and delete Document Server user documents, fax, print, download, and delete fax documents. Also, normal users can send scanner user documents to folders, send them by e-mail, download, and delete them. - Management Function The Management
  • Ricoh Aficio MP 6001 SP | Security Target - Page 23
    where the login password is entered using the Operation Panel. To use the Printer or Fax Function from the printer or fax driver, users will be can be enabled using the printer driver to specify encrypted communication. If the folder transmission function of Scanner Function is used, the protection
  • Ricoh Aficio MP 6001 SP | Security Target - Page 24
    temporary documents and their fragments on the HDD by overwriting the specific pattern. - Stored Data Protection Function The Stored Data Protection these data types. Type Document data Function data Table 8: Definition of User Data Description Digitised user documents, deleted documents,
  • Ricoh Aficio MP 6001 SP | Security Target - Page 25
    : Specific Terms Related to This ST Terms MFP Control Software Login user name Login password Lockout Definitions A software component installed in the TOE. This component is stored in FlashROM and SD Card. The components that identify the TOE include System/Copy, Network Support, Scanner, Printer
  • Ricoh Aficio MP 6001 SP | Security Target - Page 26
    stored in the Document Server using Copy Function, Document Server Function, and Printer Function. - Scanner user document: The value for the documents stored using Scanner Function. - Fax document: The value for the documents scanned and stored using Fax Function, and those stored using the LAN Fax
  • Ricoh Aficio MP 6001 SP | Security Target - Page 27
    Users for stored and received documents Folder transmission Destination folder E-mail transmission S/MIME user information LAN Fax Definitions A general term for each function the TOE provides: Copy Function, Document Server Function, Scanner Function, Printer Function, and Fax Function. An
  • Ricoh Aficio MP 6001 SP | Security Target - Page 28
    Japanese translation ver.1.0 Final) CCMB-2009-07-003 - Functional requirements: Part 2 extended - Assurance requirements: Part 3 conformance 2.2 PP Claims The PP to which this ST and TOE 2600.1-FAX conformant 2600.1-DSR conformant Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 29
    print device, and have the interface to connect telephone line. The HCDs combine these devices and equip one or more functions of Copy Function, Scanner Function, Printer written in English, the security problem definitions in chapter 3 and security objectives RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 30
    require access control to D.DOC, this ST specifies that only user documents, which are included from the Operation Panel, printer driver, Web browser or fax driver. This is not with the PP, extends the functional requirement Part 2 due to the addition of the RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 31
    also added and changed in order to realise O.STORAGE.ENCRYPTED, however, these changes do not interfere the functional requirements demanded in the PP. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 32
    Page 31 of 87 3 Security Problem Definitions This section describes Threats, Organisational Security Policies and Assumptions. 3.1 Threats Defined and login user name but without an access permission to the TSF Confidential Data. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 33
    of their organisation, are competent to correctly configure and operate the TOE in accordance with the guidance document following those policies and procedures. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 34
    A.ADMIN.TRUST Page 33 of 87 Trusted administrator The responsible manager of MFP selects administrators who do not use their privileged access rights for malicious purposes according to the guidance document. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 35
    by persons without a login user name, or by persons with a login user name but without an access permission to the TSF Confidential Data. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 36
    in IT environment The IT environment shall provide protection from unmanaged access to TOE external interfaces (LAN). The responsible manager of MFP shall give an instruction to Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 37
    from the Internet. Also, the responsible manager of MFP shall instruct the MFP administrators to close the unused LAN ports and disable the manager of MFP shall grant login user name, login password and user role (supervisor, MFP administrator or normal user RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 38
    T.CONF.ALT XXX P.USER.AUTHORIZATION XX P.SOFTWARE.VERIFICATION X P.AUDIT.LOGGING X XX X P.INTERFACE.MANAGEMENT X X P.STORAGE.ENCRYPTION X A.ACCESS.MANAGED X A.ADMIN.TRAINING X A.ADMIN.TRUST X A.USER.TRAINING X Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 39
    authorised in accordance with the security policies before being allowed to use the TOE. By O.PROT.NO_ALT, the TOE protects the TSF protected Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 40
    . By O.SOFTWARE.VERIFIED, the TOE provides measures for self-verifying the executable code of the TSF. P.SOFTWARE.VERIFICATION is enforced by this objective. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 41
    TOE appropriately controls the access to the LAN and USB. Specifically, (1) The responsible manager of MFP gives an instruction to appropriately configure the firewall to prevent attacks to the LAN .TRAINING is upheld by OE.ADMIN.TRAINED. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 42
    is upheld by this objective. A.USER.TRAINING A.USER.TRAINING is upheld by OE.USER.TRAINED. By OE.USER.TRAINED, the responsible manager of MFP instructs the users in accordance with the guidance documents to make them aware of the security policies and procedures of their organisation, and the users
  • Ricoh Aficio MP 6001 SP | Security Target - Page 43
    Definition. 5.1 Restricted forwarding of data to external interfaces (FPT_FDI_EXP) Family behaviour This family defines requirements for the TSF to restrict direct forwarding of information from one external interface to another external interface. Many products receive information on specific
  • Ricoh Aficio MP 6001 SP | Security Target - Page 44
    useful to have this functionality as a single component that allows specifying the property to disallow direct forwarding and require that only resulted in SFRs that were either too implementation-specific for a Protection Profile or too unwieldy for RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 45
    2600.1-2009)). The part with assignment and selection events for the [selection: not specified] level of audit; and c) type, based on the auditable event definitions of the functional components included in Web Function and folder transmission, and recipient RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 46
    on an object covered by the SFP. c) Detailed: The specific security attributes used in making an access check. a) Minimal: documents. Above described "storing, printing, downloading, faxing, e-mail transmission, folder transmission and deleting" are the RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 47
    part of a role; b) Detailed: every use of the rights of a role. a) Minimal: changes to the time; b) Detailed: providing a timestamp. a) Minimal: Termination of an interactive session by the session locking : FAU_GEN.1 Audit data generation Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 48
    explicit read-access. 6.1.2 Class FCS: Cryptographic support FCS_CKM.1 Cryptographic key generation Hierarchical to: No in Table 14] in accordance with a specified cryptographic algorithm [assignment: cryptographic algorithm shown 14]. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 49
    Operations among Subjects and Objects Delete None Delete, print, download, fax, e-mail transmission and folder transmission Delete Delete FDP_ACC.1(b) Subset access control MFP application Operations among Subjects and Objects Execute Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 50
    controlled subjects and controlled objects is allowed: [assignment: rules on user documents in Table 18 and rules on user jobs in Table 19]. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 51
    document Scanner Function Scanner user document, scanner user document (operation permission for Scanner Function is printer driver) Printer Function Document Server user document Client computer (fax driver of reading (print, download, fax, e-mail and folder transmission) and deletion are
  • Ricoh Aficio MP 6001 SP | Security Target - Page 52
    controlled subjects and controlled objects is allowed: [assignment: operations on objects by subjects and rules governing access to operations shown in Table 22]. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 53
    Authentication Attempts Authentication Events User authentication using the Operation Panel User authentication using the TOE from client computer Web browser User authentication when printing from the client computer User authentication when using LAN Fax from client computer Copyright (c) 2011
  • Ricoh Aficio MP 6001 SP | Security Target - Page 54
    a supervisor or the TOE's restart. FIA_ATD.1 User attribute definition Hierarchical to: No other components. Dependencies: No dependencies. FIA_ATD letters: [a-z] (26 letters) Numbers: [0-9] (10 digits) Symbols: SP (spaces 33 symbols) Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 55
    the Password Complexity Setting specified by the MFP administrator can be registered. The MFP administrator specifies either Level 1 or Level 2 for Password Complexity No other components. Dependencies: FIA_ATD.1 User attribute definition Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 56
    control, or FDP_IFC.1 Subset information flow control] FMT_SMR.1 Security roles FMT_SMF.1 Specification of Management Function FMT_MSA.1.1(a) The TSF shall enforce the [assignment: common owns the applicable login user name Supervisor Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 57
    the following document types: Document Server user document, scanner user document and fax document. Document user list flow control] FMT_SMR.1 Security roles FMT_SMF.1 Specification of Management Function FMT_MSA.1.1(b)The TSF shall enforce (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 58
    : Document Server user document, scanner user document, or fax document Printer Function or Document Server Function, the value is "Document Server user document". For the documents stored using Scanner Function, it is "scanner shown in Table 30] to specify alternative initial values to override
  • Ricoh Aficio MP 6001 SP | Security Target - Page 59
    : Document Server user document, scanner user document, or fax document roles for the function type] to specify alternative initial values to override the default : FMT_SMR.1 Security roles FMT_SMF.1 Specification of Management Functions FMT_MTD.1.1 The RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 60
    time Date setting (year, month, day), time setting (hour, minute) Minimum Password Length Password Complexity Setting Audit logs HDD cryptographic key S/MIME user information Destination information for folder transmission Users for stored and received documents Operation Newly create, modify
  • Ricoh Aficio MP 6001 SP | Security Target - Page 61
    MFP administrator Query of destination information for folder transmission by normal user Query and modification of users for stored and received documents by MFP administrator FMT_SMR.1 Security roles Hierarchical to: No other components. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 62
    to: No other components. Dependencies: FMT_SMF.1 Specification of Management Functions FMT_SMR.1 Security roles FPT_FDI_EXP.1.1 completion of print data reception from the printer driver, and completion of transmission information reception from the fax driver]. Copyright (c) 2011 RICOH COMPANY,
  • Ricoh Aficio MP 6001 SP | Security Target - Page 63
    Development AGD: Guidance documents ALC: Life-cycle support ASE: Security Target evaluation ADV_ARC.1 ADV_FSP.3 description Functional specification with complete definition ST introduction Security objectives Derived security requirements Security problem definition Copyright (c) 2011 RICOH
  • Ricoh Aficio MP 6001 SP | Security Target - Page 64
    ATE_FUN.1 ATE_IND.2 AVA_VAN.2 Assurance Components TOE summary specification Analysis of coverage Testing: basic design Functional testing Independent .4 FAU_SAR.1 FAU_SAR.2 FCS_CKM.1 FCS_COP.1 FDP_ACC.1(a) X X X X X X X X X X X Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 65
    To fulfil this security objective, it is required to implement the following countermeasures. (1) Specify and implement the access control to the user document. FDP_ACC.1(a) and FDP_ACF.1(a) restrict the allowed to read the user documents. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 66
    name, and available operations (query and modify) on the document user list, and a specified user is thus restricted to perform each operation. FMT_MSA.3(a) sets the defined default value to these countermeasures, O.DOC.NO_ALT is fulfilled. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 67
    (query and modify) on the document user list, and a specified user is thus restricted to perform each operation. FMT_MSA.3(a) associates the user information, destination folder and users for stored and received documents. (2) Specification of the Management RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 68
    to operate the login password of MFP administrator. The MFP administrator is only allowed to operate the audit log and HDD cryptographic key. (2) Specification of the Management Function to the protected assets of the users who are Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 69
    password from disclosure. FIA_SOS.1 accepts only passwords that satisfy the Minimum Password Length and password character combination specified of document data reception from the printer driver or fax driver. (5) Management of the security attributes RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 70
    the HDD, and decryption when reading data from the HDD. To fulfil this security objective, it is required to implement the following countermeasures. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 71
    the cryptographic keys. (4) Specification of Management Function. FMT_SMF.1 performs the required Management Functions for Security Function. (5) Specification of the roles. FMT_SMR.1 .1(a) FMT_MSA.3(a) FDP_ACC.1(b) None None None None Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 72
    key will be continuously used for the HDD and will not be deleted. Therefore, cryptographic key destruction by the standard method is unnecessary. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 73
    procedure (ALC_FLR.2). Based on the terms and costs of the evaluation, the evaluation assurance level of EAL3+ALC_FLR.2 is appropriate for this TOE. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 74
    87 7 TOE Summary Specification This section describes the procedures documents Reading user documents (print, download, fax transmission, e-mail transmission, and folder transmission) Deleting user documents Communicating IP address - - Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 75
    to generate the HDD cryptographic keys. The MFP administrator uses the Operation Panel to instruct the TOE to generate an HDD cryptographic key, and the TOE generates a 256 the HDD. The following are the specific cryptographic operations: Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 76
    of the MFP applications (Copy Function, Printer Function, Scanner Function, Fax Function and Document Server Function print and delete the Document Server user document, to e-mail, download and delete the scanner user document and deliver the scanner user document to a folder, to fax, print, download
  • Ricoh Aficio MP 6001 SP | Security Target - Page 77
    printer driver is the Printer Function, it is allowed to store the Document Server user document. - If the MFP application executed from fax driver the above-specified operations are allowed Printer Function, Scanner Function Printer Function, Scanner document exists with the specific pattern. It also
  • Ricoh Aficio MP 6001 SP | Security Target - Page 78
    attempts for that user to 0. When the number of failed consecutive attempts reaches the MFP administrator-specified Number of Attempts before Lockout, the TOE locks out that user. The MFP administrator specifies 1 to 5 as the Number of Attempts before Lockout. The TOE releases the lockout for the
  • Ricoh Aficio MP 6001 SP | Security Target - Page 79
    : SP (space 33 symbols) (2) Registrable password length: - Normal users No fewer than the Minimum Password Length specified by printing or storing user documents using Printer Function, the TOE authenticates users with the login user name and password sent from a client computer before printing
  • Ricoh Aficio MP 6001 SP | Security Target - Page 80
    password of normal user entered from the Operation Panel, Web browser, printer driver and fax driver of the client computer match the login user name and password password entered by them. When receiving a request from a client computer for printing or storing user documents using Printer Function
  • Ricoh Aficio MP 6001 SP | Security Target - Page 81
    only specified users to operate the security attributes related to the common access control SFP from the specified operation interfaces following document types: Document Server user document, scanner user document and fax document. Document user list 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 82
    documents. FMT_MSA.1(b) (Management of security attributes) The TOE allows only specified users to operate the security attributes related to the TOE function access control SFP from the when generating the object listed in Table 42. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 83
    Function: the value that identifies the Printer Function. - For Scanner Function: the value that identifies the Scanner Function. - For Fax Function: the value that identifies the Fax Function. FMT_MTD.1 (Management of TSF data) The TOE allows only specified users to operate the information of the
  • Ricoh Aficio MP 6001 SP | Security Target - Page 84
    Password Complexity Setting Audit logs HDD cryptographic key S/MIME user information Operation Panel Web browser Operation Panel Operation Panel Web browser Operation Panel Operation Panel Web browser Destination information for folder Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 85
    of 87 User Role MFP administrator FMT_SMF.1 (Specification of Management Functions) The TOE provides the following login password by MFP administrator - Query of Minimum Password Length by MFP administrator - Query of Password Complexity (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 86
    and deletion of destination folder for folder transmission by MFP administrator - Query of destination folder for folder transmission by normal user to the users. The TOE allows only specified users to operate the login user name and password, and maintains the security roles. MFP administrator
  • Ricoh Aficio MP 6001 SP | Security Target - Page 87
    after the power is specified printer driver, and provides the function to forcibly logout after it receives the print data from the printer driver. It also has the interface from the fax driver printing, fax transmission, and fax data storage from client Copyright (c) 2011 RICOH COMPANY, LTD.
  • Ricoh Aficio MP 6001 SP | Security Target - Page 88
    the TSF to protect the LAN communication between the TOE and servers for e-mailing to an SMTP Server, which are trusted IT products. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
Aficio MP 9001/8001/7001/6001 series
with DataOverwriteSecurity Unit Type H
Security Target
Author : RICOH COMPANY, LTD.
Date
: 2011-04-12
Version : 1.00
Portions
of
Aficio
MP
9001/8001/7001/6001
series
with
DataOverwriteSecurity Unit Type H Security Target are reprinted with written
permission from IEEE, 445 Hoes Lane, Piscataway, New Jersey 08855, from
IEEE 2600.1, Protection Profile for Hardcopy Devices, Operational
Environment A, Copyright © 2009 IEEE. All rights reserved.
This document is a translation of the evaluated and certified security target
written in Japanese.
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.