Ricoh Aficio MP 8001 sec - Page 68

Page 67 of 82 Communication with remote user Deletion of entire audit log - -: No applicable expanded audit information *1: The starting of Audit Function is substituted with the event of the TOE startup. This TOE does not record the ending of Audit Function. The starting and ending of Audit Function audit the state of inactivity of Audit Function. Since Audit Function works as long as the TOE works and it is not necessary to audit the state of inactivity of Audit Function, it is appropriate not to record the ending of Audit Function. *2: Lockout release for administrators and supervisor by the TOE's restart, which is the special Lockout release operation, is substituted with the event of the TOE startup. *3: For the successful reading of the document data, the objects to be recorded in IDs for the operational object document data are printing, Sending by E-mail, Delivering to Folders and downloading from Web Service Function the document data stored in D-BOX *4 When the recording events occur due to the operations by users, user IDs are set as subject identities of basic audit information, and when the recording events occur due to the TOE, IDs that do not duplicate the user IDs but can identify systems are set. Since there are no interfaces on the TOE for modifying audit logs, unauthorised modification for the audit logs are not performed and the machine administrator who can delete the audit logs will not carry out any malicious acts using administrator privileges. By the above, FAU_GEN.1 (Audit data generation), FAU_STG.1 (Protected audit trail storage), and FAU_STG.4 (Prevention of audit data loss) are satisfied. 7.1.1.2 Reading Audit Logs The TOE allows only the machine administrator to read the audit logs in a text format using theWeb Service Function. By the above, FAU_SAR.1 (Audit review), FAU_SAR.2 (Restricted audit review), and FMT_MTD.1 (Management of TSF data) are satisfied. 7.1.1.3 Protection of Audit Logs The TOE allows only the machine administrator to delete entire audit logs using the OperationPanel or the Web Service Function. By the above, FAU_SAR.1 (Audit review), FAU_SAR.2 (Restricted audit review), and FMT_MTD.1 (Management of TSF data) are satisfied. 7.1.1.4 Time Stamps The TOE logs the date and time of events by referencing the date and time of the internal system clock. By the above, FPT_STM.1 (Reliable time stamps) is satisfied. 7.1.2 SF.I&A User Identification and Authentication Function To allow authorised users to operate the TOE according to their roles and authorisation, the TOE identifies and authenticates users prior to their use of the TOE Security Functions. Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.