Ricoh Aficio MP C3001 Security Target - Page 89

Page 88 of 93 applies the method specified by the MFP administrator and overwrites the area on the HDD where the digital image data of the document data is stored. Also, when a user job is complete, the TOE applies the method specified by the MFP administrator and overwrites the area on the HDD where temporary documents that are created while a user job is executed or the fragments of those temporary documents are stored. For batch overwriting, the TOE collectively overwrites the HDD with the method specified by the MFP administrator. Overwriting methods include NSA method, DoD method, and random number method. An overwriting method is specified by the MEP administrator when the TOE is installed. NSA method overwrites twice by random numbers and once by Null(0). The DoD method overwrites once by fixed value, once by its complement, and further by random numbers to be verified afterwards. Random number method overwrites for three to nine times by random numbers. The MFP administrator specifies the number of times to overwrite when the TOE is installed. 7.7 Stored Data Protection Function The Stored Data Protection Function is to encrypt the data on the HDD and protect the data so that data leakage can be prevented. FCS_CKM.1 and FCS_COP.1 The TOE encrypts data before writing it on the HDD, and decrypts the encrypted data after reading it from the HDD. This process is applied to all data written on and read from the HDD. Detailed cryptographic operations are shown in Table 39. Table 39 : List of Cryptographic Operations for Stored Data Protection Encryption-triggering Operations Writing data to HDD Reading data from HDD Cryptographic Operations Encrypt Decrypt Standard FIPS197 Cryptographic Algorithm AES Key Size 256 bits Following operations by the MFP administrator, the TOE generates a cryptographic key. If a login user is the MFP administrator, the screen to generate an HDD cryptographic key is provided from the Operation Panel. If the MFP administrator gives instructions to generate an HDD cryptographic key from the Operation Panel, the TOE uses a genuine random number generator and generates random numbers that conform to the standard BSI-AIS31. 7.8 Security Management Function The Security Management Function consists of functions to 1) control operations for TSF data, 2) maintain user roles assigned to normal users, MFP administrator, or supervisor to operate the Security Management Function, and 3) set appropriate default values to security attributes, all of which accord with user role privileges or user privileges that are assigned to normal users, MFP administrator, or supervisor. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.