Ricoh Aficio MP C3001 Security Target

Ricoh Aficio MP C3001 Manual

Get Ricoh Aficio MP C3001 PDF manuals and user guides View all Ricoh Aficio MP C3001 manuals
Add to My Manuals
Save this manual to your list of manuals

Ricoh Aficio MP C3001 manual content summary:

  • Ricoh Aficio MP C3001 | Security Target - Page 1
    Aficio MP C3001/C3501 series Security Target Author : RICOH COMPANY, LTD. Date : 2011-07-18 Version : 1.00 Portions of Aficio MP C3001/C3501 series Security Target are reprinted with written permission from IEEE, 445 Hoes Lane, Piscataway, New Jersey 08855, from IEEE 2600.1, Protection Profile for
  • Ricoh Aficio MP C3001 | Security Target - Page 2
    Page 1 of 93 Version 1.00 Date 2011-07-18 Revision History Author RICOH COMPANY, LTD. Detail Publication version. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 3
    TOE Type ...8 1.3.2 TOE Usage...8 1.3.3 Major Security Features of TOE 10 1.4 TOE Description...11 1.4.1 Physical Boundary of TOE 11 1.4.2 Guidance with TOE Type in PP 32 2.4.2 Consistency Claim with Security Problems and Security Objectives in PP ......... 32 2.4.3 Consistency Claim with
  • Ricoh Aficio MP C3001 | Security Target - Page 4
    Requirements 49 6.1.1 Class FAU: Security audit 49 6.1.2 Class FCS: Cryptographic support 52 6.1.3 Class FDP: User data protection 53 6.1.4 Class FIA: Audit Function ...80 7.2 Identification and Authentication Function 82 Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 5
    86 7.5 Network Protection Function 87 7.6 Residual Data Overwrite Function 87 7.7 Stored Data Protection Function 88 7.8 Security Management Function 88 7.9 Software Verification Function 93 7.10 Fax Line Separation Function 93 Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 6
    of User Data ...26 Table 9 : Definition of TSF Data ...27 Table 10 : Specific Terms Related to This ST 27 Table 11 : Rationale for (b 63 Table 28 : Authorised Identified Roles Allowed to Override Default Values 64 Table 29 : List of TSF Data ...65 Table RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 7
    88 Table 40 : Management of TSF Data...89 Table 41 : List of Static Initialisation for Security Attributes of Document Access Control SFP 92 Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 8
    C3001, Rex-Rotary MP C3501, MFPs Versions Software System/Copy Network Support Scanner Printer Fax RemoteFax Web Support Web Uapl NetworkDocBox animation PCL OptionPCLFont Engine 1.03 10.54 01.05 1.02 02.00.00 01.00.00 1.05 1.01 1.01 1.00 1.02 1.02 1.03:04 Copyright (c) 2011 RICOH COMPANY, LTD
  • Ricoh Aficio MP C3001 | Security Target - Page 9
    MP C3001, infotec MP C3501, Savin C9130, Savin C9135, Savin C9130G, Savin C9135G FCU name Names Options Fax 03.00.00 Keywords : Digital MFP, Documents, Copy, Print, Scanner, Network, Office, Fax 1.3 TOE Overview This section defines TOE Type, TOE Usage and RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 10
    transmission of paper documents, - Print, fax, network transmission, and deletion of the stored documents. Also, the TOE receives information via telephone lines and can store it as a document. LAN Network used in the TOE environment. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 11
    using a Web browser installed on the client computer, - Storage and printing of documents using the printer driver installed on the client computer, - Storage and faxing of documents using the fax driver installed on the client computer. Telephone line A public line for the TOE to communicate with
  • Ricoh Aficio MP C3001 | Security Target - Page 12
    Function - Security Management Function - Software Verification Function - Fax Line Separation Function Page 11 of 93 1.4 TOE Description components (shown in Figure 2): Operation Panel Unit, Engine Unit, Fax Unit, Controller Board, HDD, Ic Ctlr, Network Unit, USB Port, SD Card Slot,
  • Ricoh Aficio MP C3001 | Security Target - Page 13
    TSF data for configuring MFP operations is stored. - Ic Key A security chip that has the functions of random number generation, cryptographic key generation Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 14
    Support, Scanner, Printer, Fax, RemoteFax, Web Support, Web Uapl, NetworkDocBox, animation, PCL display instructions from Fax Unit. HDD The HDD is a hard disk drive that is a non-volatile memory medium. It stores documents, login user names and login passwords of normal users. Copyright (c) 2011 RICOH
  • Ricoh Aficio MP C3001 | Security Target - Page 15
    LD655CG/LD655CAG Aficio MP C3001/C3501/C4501/C4501A/C5501/C5501A Aficio MP C3001G/C3501G/C4501G/C4501AG/C5501G/C5501AG Operating Instructions About /LD655CAG Aficio MP C3001/C3501/C4501/C4501A/C5501/C5501A Aficio MP C3001G/C3501G/C4501G/C4501AG/C5501G/C5501AG Copyright (c) 2011 RICOH COMPANY,
  • Ricoh Aficio MP C3001 | Security Target - Page 16
    Printer Guide D088-7805 - Quick Reference Scanner Guide D088-7886 - App2Me Start Guide D085-7906B - Notes for Users D572-7010 - Notes for Users D088-7608 - Notes for Users D088-7759A - Manuals for Users Aficio MP C3001/MP C3001G/MP C3501/MP C3501G/MP C4501/MP C4501G/MP C4501A/MP
  • Ricoh Aficio MP C3001 | Security Target - Page 17
    /LD655CG/LD655CAG Aficio MP C3001/C3501/C4501/C4501A/C5501/C5501A Aficio MP C3001G/C3501G/C4501G/C4501AG/C5501G/C5501AG Operating Instructions Troubleshooting D088-7657 - Quick Reference Copy Guide D088-7529 - Quick Reference Printer Guide D086-7800 - Quick Reference Scanner Guide D088
  • Ricoh Aficio MP C3001 | Security Target - Page 18
    Fax Guide D545-8505 - Quick Reference Printer Guide D088-7804 - Quick Reference Scanner Guide D088-7885 - App2Me Start Guide D085-7904B - Manuals for This Machine D081-7602 - Notes for Users D088-7430 - To Users of This Machine D029-7904 - Manuals for Users Aficio MP C3001/MP C3501/MP
  • Ricoh Aficio MP C3001 | Security Target - Page 19
    - MP C3001/C3501/C4501/C4501A/C5501/C5501A MP C3001/C3501/C4501/C4501A/C5501/C5501A Aficio MP C3001/C3501/C4501/C4501A/C5501/C5501A Operating Instructions Troubleshooting D088-7655A - Quick Reference Copy Guide D088-7527 - Quick Reference Printer Guide D088-7805 - Quick Reference Scanner
  • Ricoh Aficio MP C3001 | Security Target - Page 20
    login names to normal users. An IT device connected to networks. RC Gate performs the @Remote Service Function of the TOE via RC Gate communication interface. Copy Function, Fax Function, Scanner Function, Printer and register the login password of the MFP RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 21
    used. Customer engineer The customer engineer is a person who belongs to the organisation which maintains TOE operation. The customer engineer is in charge of installation, setup, and maintenance of the TOE. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 22
    of the TOE 1.4.4.1. Basic Functions The overview of the Basic Functions is described as follows: Copy Function The Copy Function is to scan paper documents and copy scanned image data from the Operation Panel. Magnification and other editorial jobs can be applied to the copy image. It can also be
  • Ricoh Aficio MP C3001 | Security Target - Page 23
    guidance document, users first install the specified printer driver on their own client computers, and then use this function. Scanner Function The Scanner Function is to scan paper documents by using the Operation Panel. The scanned documents will be sent to folders or by e-mail. The documents to
  • Ricoh Aficio MP C3001 | Security Target - Page 24
    , and send data to the folder. - Fax Reception Function A function to receive documents from external faxes via the telephone line and store printed, deleted and downloaded from a Web browser. According to the guidance document, users first install the specified fax driver on their own client
  • Ricoh Aficio MP C3001 | Security Target - Page 25
    , fax, print, download, and delete fax documents. Also, users can send scanner documents to folders or by e-mail, download and the LAN. @Remote Service Function A function for the TOE to communicate with RC Gate via networks for @Remote Service. As for the RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 26
    supervisor. To use the Printer or Fax Function from the printer or fax driver, a user will be required to enter his or her login user name and login password received from the printer or fax drivers, so that the user can be verified as a normal user. To use the @Remote Service Function from the RC
  • Ricoh Aficio MP C3001 | Security Target - Page 27
    of Scanner Function is used, the protection function can be enabled through encrypted communication with communication requirements that are specified for each e-mail address. If the LAN-Fax Transmission Function of Fax Function is used, the protection function can be enabled using the fax driver to
  • Ricoh Aficio MP C3001 | Security Target - Page 28
    as "TSF protected data". Login user name, Number of Password Complexity Setting, S/MIME user information, destination folder Support, Scanner, Printer, Fax, RemoteFax, Web Support, Web Uapl, NetworkDocBox, animation, PCL, OptionPCLFont, LANG0, LANG1 and Data Erase Std. Copyright (c) 2011 RICOH
  • Ricoh Aficio MP C3001 | Security Target - Page 29
    the login user names and the login passwords registered on the external authentication server connected to the MFP via LAN. External Authentication implemented in the TOE includes Windows Authentication, LDAP Authentication, and Integration Server Authentication. Windows Authentication supports NTLM
  • Ricoh Aficio MP C3001 | Security Target - Page 30
    sent to folders, or downloaded on the client computer from the MFP. For these operations the Scanner Function is used. One of the document data attributes. Documents copied by using Printer Function. One of the document data attributes. Documents sent by fax or to folders by using Fax Function. One
  • Ricoh Aficio MP C3001 | Security Target - Page 31
    by using FTP protocol. The following documents can be delivered to folders: scanned documents using Scanner Function and Fax Function, and scanned and stored documents using Scanner Function and Fax Function. IPSec protects the communication for realising this function. Destination information
  • Ricoh Aficio MP C3001 | Security Target - Page 32
    and TOE conform to is EAL3+ALC_FLR.2. The selected SFR Packages from the PP are: 2600.1-PRT conformant 2600.1-SCN conformant 2600.1-CPY conformant 2600.1-FAX conformant 2600.1-DSR conformant Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 33
    HCDs consist of the scanner device and print device, Scanner Function, Printer Function or Fax Problems and Security Objectives in PP Defining all security problems problem problems and security security problem security problems and not affect any security problems and security objectives defined
  • Ricoh Aficio MP C3001 | Security Target - Page 34
    those points mentioned above, the security problems and security objectives in this ST are SFR specified by the PP. 2600.1-PRT, 2600.1-SCN, 2600.1-CPY, 2600.1-FAX, 2600.1-DSR, and 2600.1-SMI are selected from the SFR Package specified by the (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 35
    Page 34 of 93 Ownership of Received Fax Documents For the ownership of the received fax documents, the TOE has the characteristic that the ownership of to operate the TOE functions, this ST allows them to operate Fax Reception Function only, which is part of the TOE functions. Copyright (c) 2011
  • Ricoh Aficio MP C3001 | Security Target - Page 36
    to access the TOE functions. Therefore, the requirements described in FDP_ACF.1.3(b) in the PP are satisfied at the same time. The fax reception process, which is accessed when receiving from a telephone line, is regarded as a user with administrator privileges. Therefore, FDP_ACF.1.3(b) in this
  • Ricoh Aficio MP C3001 | Security Target - Page 37
    Problem login user name, or to persons with a login a login user name, or by persons with a login user a login user name, or by persons with a login user name a login user name, or by persons with a login user login user name, or to persons with a login login user name, or by persons with a login
  • Ricoh Aficio MP C3001 | Security Target - Page 38
    document and users are aware of the security policies and procedures of their organisation and are competent to follow those policies and procedures. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 39
    are competent to correctly configure and operate the TOE in accordance with the guidance document following those policies and procedures. A.ADMIN.TRUST Trusted administrator The responsible manager of MFP selects administrators who do not use their privileged access rights for malicious purposes
  • Ricoh Aficio MP C3001 | Security Target - Page 40
    login user name, or by persons with a login user login user name, or by persons with a login without a login user name, or by persons with a login user name a login user name, or by persons with a login user login user name, or by persons with a login login user name, or by persons with a login user
  • Ricoh Aficio MP C3001 | Security Target - Page 41
    manager of MFP shall ensure that those logs can be accessed in order to detect potential security violations, and only by authorised persons. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 42
    their organisation and have the competence to follow those policies and procedures. OE.ADMIN.TRAINED Administrator training The responsible manager of MFP shall ensure that administrators are violations or unusual patterns of activity. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 43
    P.USER.AUTHORIZATION X X P.SOFTWARE.VERIFICATION X P.AUDIT.LOGGING X XXX P.INTERFACE.MANAGEMENT X X P.STORAGE.ENCRYPTION X P.RCGATE.COMM.PROTECT X A.ACCESS.MANAGED X A.ADMIN.TRAINING X A.ADMIN.TRUST X A.USER.TRAINING X Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 44
    NO_ALT, the TOE protects the user jobs from unauthorised alteration by persons without a login user name, or by persons with a login user name but without an access permission to the user job. T.FUNC.ALT the TOE protects the TSF protected Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 45
    TOE protects the TSF confidential data from unauthorised disclosure by persons without a login user name, or by persons with a login user name but without an access permission to the TSF confidential data. is enforced by this objective. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 46
    monitored environment according to the guidance documents and is protected from the physical access by the unauthorised persons. A.ACCESS.MANAGED is upheld by this objective. A.ADMIN.TRAINING A.ADMIN.TRAINING is upheld by OE.ADMIN.TRAINED. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 47
    not abuse their privileges in accordance with the guidance documents. A.ADMIN.TRUST is upheld by this objective. A.USER.TRAINING A.USER.TRAINING is upheld by OE.USER.TRAINED. By OE.USER.TRAINED, the responsible manager of MFP instructs the users in accordance with the guidance documents to make them
  • Ricoh Aficio MP C3001 | Security Target - Page 48
    checks and process data received on one external interface before such (processed) data are allowed to be transferred to another external interface. Examples Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 49
    in a Security Target. Therefore, the authors decided to define an extended component to address this functionality. This extended component protects both user data and TSF data, and it to [assignment: the LAN and telephone line]. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 50
    login user names that attempted the user identification for FIA_UID.1, communication direction of Web Function, communication IP address of the communication used for Web Function and folder transmission, recipient's e-mail address : Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 51
    . - Start and end operation of deleting document data. Those described above, "storing, printing, downloading, faxing, sending by e-mail, delivering to folder, and deleting", are the job types of additional information that are required by the PP. Original: Not recorded. b) Basic: Success
  • Ricoh Aficio MP C3001 | Security Target - Page 52
    is required by the PP as the additional information. b) Basic: Success and failure of login operation a) Minimal: Record of management items in Table 30. No record due to no User identity association Hierarchical to: No other components. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 53
    that have been granted explicit read-access. 6.1.2 Class FCS: Cryptographic support FCS_CKM.1 Cryptographic key generation Hierarchical to: No other components. Dependencies: : cryptographic key generation algorithm in Table 13] and Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 54
    shall enforce the [assignment: document access control SFP] on [assignment: list of subjects, objects, and operations among subjects and objects in Table 15]. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 55
    17]. Table 17 : Subjects, Objects and Security Attributes (a) Category Subject Subjects or Objects Normal user process Subject MFP administrator process Security Attributes - Login user name of normal user - User role - User role Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 56
    Document data attribute - Document user list - Login user name of normal user FDP_ACF.1.2(a) The , it is allowed for normal user process with login user name of normal user registered on document user it is allowed for normal user process with login user name of normal user registered on document
  • Ricoh Aficio MP C3001 | Security Target - Page 57
    created the document data. Not allowed. However, it is allowed for normal user process with login user name of normal user registered on document user list for document data. Not allowed. control FMT_MSA.3 Static attribute initialisation Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 58
    process RC Gate process MFP application Security Attributes - Login user name of normal user - Available function list additional rules: [assignment: rules that the Fax Reception Function operated using administrator permission is surely Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 59
    browser User authentication when printing from the client computer User authentication when using LAN Fax from client computer When the defined number of unsuccessful authentication attempts has been [ Table 24 for each user in Table 24]. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 60
    Login user name of normal user - User role - Available function list - User role - Login spaces 33 symbols) (2) Registrable password length: For normal users: Passwords that are composed of a combination of characters based on the password password inquiries, execution of fax reception, and repair
  • Ricoh Aficio MP C3001 | Security Target - Page 61
    Help from a Web browser, system status, counter and information of inquiries, execution of fax reception, and repair request notification] on behalf of the user to be performed before the , counter and information of inquiries, execution Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 62
    Page 61 of 93 of fax reception, and repair request subjects acting on the behalf of that user: [assignment: login user name of normal user, login user name of MFP administrator, available function list, and to: No other components. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 63
    owns the applicable login user name Supervisor - No operation permitted - Query, modify Query, modify MFP administrator, applicable normal user who stored the document data MFP administrator -: No user roles are permitted for operations by the TOE. Copyright (c) 2011 RICOH COMPANY, LTD. All
  • Ricoh Aficio MP C3001 | Security Target - Page 64
    (b) Security Attributes Login user name of normal user for Basic Authentication Login user name of administrator Normal user who owns the applicable login user name MFP administrator MFP administrator SFP] to provide [selection: restrictive] default values for security attributes that are used
  • Ricoh Aficio MP C3001 | Security Target - Page 65
    Authorised Identified Roles Allowed to Override Default Values Objects Document data Document data user list Document user list Login user name of normal user restrictive to the user role]] default values for security attributes that are values to override the default values when an object
  • Ricoh Aficio MP C3001 | Security Target - Page 66
    who owns the login password MFP administrator MFP administrator MFP administrator MFP administrator Supervisor, normal user MFP administrator MFP administrator MFP administrator MFP administrator MFP administrator Normal user MFP administrator Normal user Copyright (c) 2011 RICOH COMPANY, LTD. All
  • Ricoh Aficio MP C3001 | Security Target - Page 67
    login password of supervisor by supervisor Modification of login password of MFP administrator by supervisor New creation of login password of MFP administrator by MFP administrator Modification of own login password Authentication is used Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 68
    query and deletion of destination information for folder transmission by MFP administrator Query of destination information for folder transmission by normal user Query and modification : [assignment: the stored TSF executable code]]. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 69
    auto logout, completion of document data reception from the printer driver, completion of document data reception from the fax driver, and termination of communication with RC Gate]. 6.1.8 defined in evaluation assurance level 3 (EAL3). Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 70
    ADV: Development AGD: Guidance documents ALC: Life-cycle support ASE: Security Target evaluation ATE: Tests AVA: Vulnerability assessment objectives Derived security requirements Security problem definition TOE summary specification Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 71
    FIA_SOS.1 FIA_UAU.1(a) FIA_UAU.1(b) FIA_UAU.2 FIA_UAU.7 FIA_UID.1(a) FIA_UID.1(b) FIA_UID.2 FIA_USB.1 FPT_FDI_EXP.1 FMT_MSA.1(a) X X X FMT_MSA.1(b) FMT_MSA.3(a) X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 72
    documents from unauthorised disclosure by persons without a login user name, or by persons with a login user name but without an access permission to the available operations (newly create, query, modify and delete) on the login user name, and available operations (query and modify) on the document
  • Ricoh Aficio MP C3001 | Security Target - Page 73
    objective to prevent the user jobs from unauthorised alteration by persons without a login user name, or by persons with a login user name but without an access permission to the user job. To fulfil via the LAN are protected by FTP_ITC.1. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 74
    the date, time, S/MIME user information, destination folder and users for stored and received documents. (2) Specification to operate the login password of normal user. A supervisor is allowed to operate the login password of supervisor. The Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 75
    user to operate the login password of normal user. A supervisor is allowed to operate the login password of supervisor. The , documents are printed by using the client computer, and faxed by LAN fax from the client computer. To fulfil this security objective, RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 76
    login password from disclosure. FIA_SOS.1 accepts only passwords that satisfy the minimum character number and password reception from the printer driver or fax driver. The TOE default value to the available function list, and sets the restrictive default RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 77
    the data to be written into the HDD is encrypted. To fulfil this security objective, it is required to implement the following countermeasures. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 78
    Satisfied in ST FPT_STM.1 FAU_GEN.1 FIA_UID.1 FAU_GEN.1 FAU_STG.1 FAU_GEN.1 FAU_SAR.1 FCS_COP.1 Dependencies Not Satisfied in ST None None None None None None FCS_CKM.4 Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 79
    .4 None None None None None None None None None None None None None None None None None None None None None None None Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 80
    is important to appropriately remediate the flaw discovered after the start of TOE operation according to flow reporting procedure (ALC_FLR.2). Based on the terms and costs of the evaluation, the evaluation assurance level of EAL3+ALC_FLR.2 is appropriate for this TOE. Copyright (c) 2011
  • Ricoh Aficio MP C3001 | Security Target - Page 81
    The TOE provides the audit logs in a text format when the MFP administrator instructs the TOE to read the audit logs. FAU_STG.4 The TOE writes the newest Audit Function (*1) Success and failure of login operations (*2) Success and failure of login operations from RC Gate communication interface Table
  • Ricoh Aficio MP C3001 | Security Target - Page 82
    Folder transmission E-mail transmission Printing via networks LAN Fax via networks Storing document data Reading document data (print, download, fax transmission, e-mail transmission, and folder identity Outcome Communication directions Communicating IP address Setting Values of Audit Log Items Values
  • Ricoh Aficio MP C3001 | Security Target - Page 83
    until the entry of the login user name and login password is complete. When the TOE is used from the printer driver or fax driver, the TOE receives the login user name and login password entered from each driver by a user. When the entered login user name is the login user name of MFP administrator
  • Ricoh Aficio MP C3001 | Security Target - Page 84
    the print data from the printer driver. The TOE logs out immediately after receiving the transmission information from the fax driver. The TOE terminates a session with RC Gate immediately after the communication with RC Gate is complete. FIA_UAU.7 Regarding login passwords entered by a person who
  • Ricoh Aficio MP C3001 | Security Target - Page 85
    administrator MFP administrator Supervisor Page 84 of 93 FIA_SOS.1 Login passwords for users can be registered only if these passwords meet the following conditions: (1) Usable characters and types: (2) access control rule on user jobs. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 86
    Printer documents Scanner documents Fax transmission documents Fax reception documents Operations displayed on the Menu Print Delete Print Delete Print Delete E-mail transmission Folder transmission Delete Fax transmission Folder transmission Print Delete Print Delete Copyright (c) 2011 RICOH
  • Ricoh Aficio MP C3001 | Security Target - Page 87
    Server Function Web browser Printer Function Web browser Fax Function Page 86 of 93 Document Server documents Scanner documents Fax transmission documents Printer documents Fax reception documents Print Delete E-mail transmission Folder transmission Download Delete (Operations above are
  • Ricoh Aficio MP C3001 | Security Target - Page 88
    for an authorised TOE user who attempts to start operating Copy Function, Printer Function, Scanner Function, Document Server Function, and Fax Function. If the role is that of normal user, the user If the user deletes document data, the TOE Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 89
    login user is the MFP administrator, the screen to generate an HDD cryptographic key is provided from the Operation Panel. If the MFP administrator gives instructions to operate the Security Management Function, and 3) set appropriate default values to security attributes, all of which accord with
  • Ricoh Aficio MP C3001 | Security Target - Page 90
    supervisor Login user name of MFP administrator Document data attributes Document user list Stored document types are Document Server document, scanner document, fax document and printer document (with stored print) Document user list Stored document type is fax received document(*2) Default values
  • Ricoh Aficio MP C3001 | Security Target - Page 91
    of normal users when Basic Authentication is applied Login password of supervisor Login password of MFP administrator No operation interfaces available No operation administrator MFP administrator MFP administrator MFP administrator Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C3001 | Security Target - Page 92
    folder creates, modifies, and deletes the login user name of the normal user of document data is received fax document, the list will be modified default values for objects and subjects according to the rules described in Table 41 when those objects and subjects are generated. Copyright (c) 2011 RICOH
  • Ricoh Aficio MP C3001 | Security Target - Page 93
    Document Server document, scanner document and fax document) Document data (stored document type is printer document) Document data (stored document type is fax received document) User jobs Normal user Security attributes Document data attribute Document user list Default values +PRT: Documents
  • Ricoh Aficio MP C3001 | Security Target - Page 94
    Printer Function, values to identify Printer Function. For Scanner Function, values to identify Scanner Function. For Fax Function, values to identify Fax can be verified. 7.10 Fax Line Separation Function The Fax Line Separation Function is to receive only faxes as input information from telephone
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
Aficio MP C3001/C3501 series
Security Target
Author : RICOH COMPANY, LTD.
Date
: 2011-07-18
Version : 1.00
Portions of Aficio MP C3001/C3501 series Security Target are reprinted with
written permission from IEEE, 445 Hoes Lane, Piscataway, New Jersey
08855, from IEEE 2600.1, Protection Profile for Hardcopy Devices,
Operational Environment A, Copyright © 2009 IEEE. All rights reserved.
This document is a translation of the evaluated and certified security target
written in Japanese.