Ricoh Aficio MP 6001 SP Security Target - Page 78
Table 38: Unlocking Administrators for Each User Role
View all Ricoh Aficio MP 6001 SP manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 78 highlights
Page 77 of 87 FIA_AFL.1 (Authentication failure handling) The TOE counts the number of failed identification and authentication attempts made under each login user name. When a user authenticates successfully, the TOE resets the number of available authentication attempts for that user to 0. When the number of failed consecutive attempts reaches the MFP administrator-specified Number of Attempts before Lockout, the TOE locks out that user. The MFP administrator specifies 1 to 5 as the Number of Attempts before Lockout. The TOE releases the lockout for the user who satisfies any of the following: (1) Lockout release by a time-based operation If a user fails to authenticate after making the number of attempts specified to initiate lockout, and the lockout time has elapsed, then lockout will be released. The MFP administrator specifies the lockout time (60 minutes by default). The elapsed time from the initiation of lockout is timed for each locked out user. (2) Lockout release by unlocking administrator The unlocking administrator specified for each user role releases the lockout. Table 38 shows the unlocking administrators for each user role. Table 38: Unlocking Administrators for Each User Role User Roles (Locked out Users) Normal user Supervisor MFP administrator Unlocking Administrators MFP administrator MFP administrator Supervisor (3) Lockout release by turning on/off the TOE If the administrators (MFP administrator and supervisor) are locked out, restarting the TOE releases the lockout for them. FIA_ATD.1 (User attribute definition) The TOE associates the normal user with a login user name of normal user and available function list, supervisor with a login user name of supervisor, and MFP administrator with a login user name of MFP administrator, as security attributes, and it maintains these associations. FIA_SOS.1 (Verification of secrets) The TOE provides a function for registering and changing the login passwords of normal users, MFP administrators, and supervisor. This function uses the characters described below in (1). It checks if the registering or changing password meets the conditions (2) and (3). If it does, the TOE registers the login password. If it does not, it does not register the login password and displays an error message. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.