Ricoh Aficio MP 6001 SP Security Target - Page 69
FIA_UAU.7, FIA_AFL.1, FIA_SOS.1, FTA_SSL.3, FMT_MSA.1b and FMT_MSA.3b, which are
View all Ricoh Aficio MP 6001 SP manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 69 highlights
Page 68 of 87 defined in advance, and associate the users who are successfully identified and authenticated with the access procedures. FDP_ACC.1(b) and FDP_ACF.1(b) allow the applicable normal user to use the MFP application according to the operation permission granted to the successfully identified and authenticated normal user. (3) Complicate decoding of login password. FIA_UAU.7 displays dummy letters as authentication feedback on the Operation Panel and prevents the login password from disclosure. FIA_SOS.1 accepts only passwords that satisfy the Minimum Password Length and password character combination specified by the MFP administrator, and makes it difficult to guess the password. FIA_AFL.1 does not allow the user who is unsuccessfully authenticated for certain times to access to the TOE for certain period. (4) Terminate login automatically. FTA_SSL.3 automatically logs out the user after no operation is performed from the Operation Panel and a Web browser for certain period and the auto logout time elapses. It also logs out the status of document data reception after the completion of document data reception from the printer driver or fax driver. (5) Management of the security attributes. According to FMT_MSA.1(b), the login user name and available function list of normal user are managed by the MFP administrator, and users are not allowed to operate the function type. FMT_MSA.3(b) sets the permissive default value to the available function list, and sets the restrictive default value to the function type. By satisfying FDP_ACC.1(b), FDP_ACF.1(b), FIA_UID.1, FIA_UAU.1, FIA_ATD.1, FIA_USB.1, FIA_UAU.7, FIA_AFL.1, FIA_SOS.1, FTA_SSL.3, FMT_MSA.1(b) and FMT_MSA.3(b), which are the security functional requirements for these countermeasures, O.USER.AUTHORIZED is fulfilled. The function for 2600.1-SMI (F.SMI), selected SFR Package from the PP, is used in conjunction with the function whose access control is enforced by FDP_ACC.1(b) and FDP_ACF.1(b). Therefore, the access control for F.SMI is included with the access control by FDP_ACC.1(b) and FDP_ACF.1(b) and fulfilled. O.INTERFACE.MANAGED Management of external interfaces by TOE O.INTERFACE.MANAGED is the security objective to protect the communication path when the TOE sends and receives the protected assets. To fulfil this security objective, it is required to implement the following countermeasures. (1) Identify and authenticate the users prior to use the Operation Panel and LAN interface. FIA_UID.1 identifies the users prior to their use of the Operation panel and LAN interface. FIA_UAU.1 authenticates the registered users prior to their use of the Operation Panel and LAN interface. (2) Automatically terminate the connection to the Operation Panel and LAN interface. FTA_SSL.3 terminates the session after no operation is performed from the Operation Panel or LAN interface for certain period. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.