Ricoh Aficio MP 8001 sec - Page 23

Page 22 of 82 Identification and Authentication Function This function is for those who attempt to use the TOE from the Operation Panel or a client computer. It prompts the users to enter their user IDs and authentication details for user identification and authentication. However, when printing or faxing from a client computer, this function sends the user's ID and authentication details to the TOE after the users enters their user ID and authentication details from printer or fax drivers, which are outside the TOE. The TOE then attempts to identify and authenticate the user with the received user ID and authentication information. The Identification and Authentication Function includes the following: - Account Lockout: If the number of consecutive unsuccessful attempts with the same particular user ID reaches the specified Number of Attempts before Lockout, this function temporarily prevents further login attempts from this user ID. - Authentication Feedback Area Protection: When a user enters their password, this function masks the password with protection characters as it appears in the authentication feedback area, in order to prevent the password being viewed by others. - Password Quality Maintenance: This forces users to register passwords that satisfy both the Minimum Password Length and Password Complexity Setting, which the user administrator sets in advance. Although this TOE has other Identification and Authentication Functions, this evaluation does not cover the functions other than those listed above. Document Data Access Control Function This function restricts operations on document data stored in the D-BOX to specified users only. Operations on document data include reading and deleting. Each of these operations is as follows: Reading document data: Read document data stored in the D-BOX. Deleting document data: Delete document data stored in the D-BOX. The TOE allows specified users, (file administrators, and general users) to perform operations on document data. File administrators are allowed to delete any document data. General users are allowed to perform only operations that are authorised by the permissions to process document data. The operation permissions in document data include read-only, edit, edit/delete, and full control. For editing permission, the same operation on document data is permitted as the read-only permission, and changing the Print Settings is also permitted. Table 3 shows the relationship between the operation authorised by the permissions to process document data and the operations possible on the document data. Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.