Ricoh Aficio MP C305 Security Target

Ricoh Aficio MP C305 Manual

Get Ricoh Aficio MP C305 PDF manuals and user guides View all Ricoh Aficio MP C305 manuals
Add to My Manuals
Save this manual to your list of manuals

Ricoh Aficio MP C305 manual content summary:

  • Ricoh Aficio MP C305 | Security Target - Page 1
    COMPANY, LTD. Date : 2012-11-28 Version : 1.00 Portions of Aficio MP C305 series Security Target are reprinted with written permission from IEEE, 445 Hoes Lane, Piscataway, New Jersey 08855, from IEEE 2600.1, Protection Profile for Hardcopy Devices, Operational Environment A,
  • Ricoh Aficio MP C305 | Security Target - Page 2
    Page 1 of 91 Version 1.00 Date 2012-11-28 Revision History Author RICOH COMPANY, LTD. Detail Publication version. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C305 | Security Target - Page 3
    30 2.4.1 Consistency Claim with TOE Type in PP 30 2.4.2 Consistency Claim with Security Problems and Security Objectives in PP .........30 2.4.3 Consistency Claim with Security Requirements in PP 31 3 Security Problem Definitions 34 Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C305 | Security Target - Page 4
    forwarding of data to external interfaces (FPT_FDI_EXP 45 6 Security Requirements...47 6.1 Security Functional Requirements 47 6.1.1 Class FAU: Security audit 47 6.1.2 Class FCS: Cryptographic support 50 6.1.3 Class FDP: User data protection 51 6.1.4 Class FIA: Identification and authentication
  • Ricoh Aficio MP C305 | Security Target - Page 5
    Document Access Control Function 83 7.4 Use-of-Feature Restriction Function 85 7.5 Network Protection Function 85 7.6 Residual Data Overwrite Function 86 7.7 Stored Data Protection Function 86 7.8 Security Management Function 87 7.9 Software Verification Function 91 7.10 Fax Line Separation
  • Ricoh Aficio MP C305 | Security Target - Page 6
    Attributes (a 52 Table 17 : Rules to Control Operations on Document Data and User Jobs (a 53 Table 18 : Additional Rules to Control Operations on Document Data and User Jobs (a 54 Table 19 : Subjects, Objects and Security Attributes (b 55 Table 20 : Rule to Control Operations on MFP Applications
  • Ricoh Aficio MP C305 | Security Target - Page 7
    Page 6 of 91 Table 36 : Stored Documents Access Control Rules for Normal Users 83 Table 37 : Encrypted Communications Provided by the TOE 85 Table 38 Management of TSF Data ...87 Table 40 : List of Static Initialisation for Security Attributes of Document Access Control SFP 90 Copyright (c) 2012
  • Ricoh Aficio MP C305 | Security Target - Page 8
    : Identification Information of TOE MFP Names TOE Versions Ricoh Aficio MP C305, Savin MP C305, Lanier MP C305, nashuatec MP C305, Rex-Rotary MP C305, Gestetner MP C305, infotec MP C305 System/Copy Network Support Fax RemoteFax NetworkDocBox Web Support Web Uapl animation Scanner Software 1.08 12
  • Ricoh Aficio MP C305 | Security Target - Page 9
    PCL PCL Font Data Erase Onb GWFCU3.5-5(WW)(*1) Engine OpePanel Ic Key Ic Hdd 1.05 1.07 1.13 1.03m 03.00.00 1.08:02 1.16 Hardware 01020714 01 (*1): "Fax Option Type C305 Print, Scanner, Network, Office, Fax 1.3 TOE Overview This section defines TOE Type, TOE Usage and Major Security Features of TOE
  • Ricoh Aficio MP C305 | Security Target - Page 10
    MFP is connected to the office LAN, and users can perform the following operations from the Operation Panel of the MFP: - Various settings for the MFP, - Copy, fax, storage, and network transmission of paper documents, - Print, fax, network transmission, and deletion of the stored documents. Also
  • Ricoh Aficio MP C305 | Security Target - Page 11
    transmission of the stored documents in the TOE to its folders. SMTP Server A server used by the TOE for e-mail transmission. External Authentication Server A server that identifies and authenticates the TOE user with Windows authentication (Kerberos authentication method). This server is only used
  • Ricoh Aficio MP C305 | Security Target - Page 12
    Authentication Function - Document Access Control Function - Use-of-Feature Restriction Function - Network Protection Function - Residual Data Overwrite Function - Stored Data Protection Function - Security Management Function - Software Verification Function - Fax Line Separation Function 1.4 TOE
  • Ricoh Aficio MP C305 | Security Target - Page 13
    used to temporarily read and write internal information. - NVRAM A non-volatile memory medium in which TSF data for configuring MFP operations is stored. - Ic Key A security chip that has the functions of random number generation, cryptographic key generation Copyright (c) 2012
  • Ricoh Aficio MP C305 | Security Target - Page 14
    Network Support, Fax, RemoteFax, NetworkDocBox, Web Support, Web Uapl, animation, Scanner, Printer, PCL, PCL or Printer Engine according to instructions from the MFP Control Software. login user names and login passwords of normal users. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C305 | Security Target - Page 15
    It is provided with functions for HDD encryption realisation. Network Unit The Network Unit is an external interface to an Ethernet (100BASE- users is used by users to print documents in the SD Card. The slot is set to disabled at the installation. 1.4.2 Guidance Documents The following sets of user
  • Ricoh Aficio MP C305 | Security Target - Page 16
    C305SP/MP C305SPF A D118-7576 - Printer/Scanner Drivers and Utilities RICOH Aficio MP C305SP/MP C305SPF LANIER MP C305SP/MP C305SPF SAVIN MP C305SP/MP C305SPF D118-7570A - SOFTWARE LICENSE AGREEMENT D645-7901 - Notes for Users D127-7523 - Notes for Administrators: Using this Machine in a Network
  • Ricoh Aficio MP C305 | Security Target - Page 17
    /Aficio MP C305SP/MP C305SPF A D118-7576 - Printer/Scanner Drivers and Utilities RICOH Aficio MP C305SP/MP C305SPF MP C305SP/MP C305SPF infotec MP C305SP/MP C305SPF D118-7571A - Notes for Users D127-7801 - Safety Information A232-8561A - Notes for Administrators: Using this Machine in a Network
  • Ricoh Aficio MP C305 | Security Target - Page 18
    to perform user management, machine management, network management, and User management privilege Explanation Authorised to modify the login password of the MFP administrator. Authorised to manage normal users. This privilege allows configuration of normal user settings. Copyright (c) 2012 RICOH
  • Ricoh Aficio MP C305 | Security Target - Page 19
    of the audit log. Authorised to manage networks and configure LAN settings. This privilege allows configuration of network settings. Authorised to manage stored documents. This privilege allows access management of stored documents. 1.4.3.2. Indirect User Responsible manager of MFP The responsible
  • Ricoh Aficio MP C305 | Security Target - Page 20
    a Document Server document. Printer Function The Printer Function is to print or store the documents received from the printer driver installed on the client computer. It also allows users to print and delete the documents stored in the TOE from the Operation Panel or the client computer. Copyright
  • Ricoh Aficio MP C305 | Security Target - Page 21
    password, users first install the specified printer driver on their own client computers, and then use this function. Scanner Function The Scanner Function is for users to scan secure communication can be ensured. Users, who receive e-mails sent by e-mail transmission of the URL, can download
  • Ricoh Aficio MP C305 | Security Target - Page 22
    the client computer by fax, the fax driver specified in the guidance documents must be secure communication with the TOE for folder transmission. Users sets the Service Mode Lock Function to "ON", the customer engineer cannot use this function. In this ST, the Service Mode Lock Function is set
  • Ricoh Aficio MP C305 | Security Target - Page 23
    the Operation Panel or via the network. By the network, users can use the TOE from a Web browser, printer/fax driver, and RC Gate. A person who attempts to use the TOE from the Operation Panel or a Web browser will be required to enter his or her login user name and login password so that he or she
  • Ricoh Aficio MP C305 | Security Target - Page 24
    functions based on the user role and the operation permissions for each user. Network Protection Function The Network Protection Function is to function can be enabled using the printer driver to specify encrypted communication. If the folder transmission function of Scanner Function is used,
  • Ricoh Aficio MP C305 | Security Target - Page 25
    below, is referred to as "TSF protected data". Login user name, Number of Attempts before Lockout, settings for Lockout Release Timer, lockout time, date settings (year/month/day), time settings, Minimum Character No., Password Complexity Setting, Operation Panel auto logout time, WIM auto logout
  • Ricoh Aficio MP C305 | Security Target - Page 26
    to This ST Terms MFP Control Software FCU Control Software Login user name Login password Lockout Auto Logout function Operation Panel auto logout time WIM auto logout time Minimum Character No. Password Complexity Setting Basic Authentication Definitions A software component installed in the TOE
  • Ricoh Aficio MP C305 | Security Target - Page 27
    the login user names and the login passwords registered on the external authentication server connected to the MFP via LAN. External Authentication implemented in the TOE includes Windows Authentication, LDAP Authentication, and Integration Server Authentication. Windows Authentication supports NTLM
  • Ricoh Aficio MP C305 | Security Target - Page 28
    MIME. Also, this information consists of e-mail address, user certificate, and encryption setting (S/MIME setting). Uniquely provided for each e-mail address, the S/MIME user information is registered and managed by the MFP administrator. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C305 | Security Target - Page 29
    the fax driver on client computer. Sometimes referred to as "PC FAX". General term for remote diagnosis maintenance services for the TOE. Also called @Remote Service. Information for the TOE to determine whether the @Remote Service is used with [Proh. Some Services] selected, or set to [Prohibit
  • Ricoh Aficio MP C305 | Security Target - Page 30
    functional components July 2009 Version 3.1 Revision 3 Final (Japanese translation ver.1.0 Final) CCMB-2009-07-002 Part 3: Security assurance components July 2009 Version 3.1 Revision 3 Final (Japanese translation ver.1.0 Final) CCMB-2009-07-003 - Functional requirements: Part 2 extended - Assurance
  • Ricoh Aficio MP C305 | Security Target - Page 31
    equips the functions that HCDs equip including the additional equipments. Therefore, this TOE type is consistent with the TOE type in the PP. 2.4.2 Consistency Claim with Security Problems and Security Objectives in PP Defining all security problems in the PP, P.STORAGE_ENCRYPTION and P.RCGATE.COMM
  • Ricoh Aficio MP C305 | Security Target - Page 32
    security problems and security objectives in this ST are consistent with those in the PP. 2.4.3 Consistency Claim with Security Requirements in PP The SFRs for this TOE consist of the Common Security to PP APPLICATION NOTE 35, the authentications of users are assumed to be executed by the TOE or
  • Ricoh Aficio MP C305 | Security Target - Page 33
    for each document data attribute, which is the security attribute for objects. This is not a deviation from the PP but an instantiation of the PP. Although FDP_ACF.1.3(a) in the PP has no additional rules on access control of document data and user jobs, this ST allows the MFP administrator to
  • Ricoh Aficio MP C305 | Security Target - Page 34
    TOE allows the MFP administrator to delete document data and user jobs (document access control SFP, FDP_ACC.1(a) and FDP_ACF.1(a)), and accessed when receiving from a telephone line, is regarded as a user with administrator privileges. Therefore, FDP_ACF.1.3(b) in this ST satisfies FDP_ACF.1.3(b) in
  • Ricoh Aficio MP C305 | Security Target - Page 35
    Page 34 of 91 3 Security Problem Definitions This section describes Threats, Organisational Security Policies and Assumptions. 3.1 Threats TOE management may be disclosed to persons without a login user name, or to persons with a login user name but without an access permission to the TSF
  • Ricoh Aficio MP C305 | Security Target - Page 36
    TOE use and security-relevant events. The audit log shall be protected from unauthorised disclosure or alteration, and shall be reviewed by authorised A.USER.TRAINING User training The responsible manager of MFP trains users according to the guidance document and users are aware of the security
  • Ricoh Aficio MP C305 | Security Target - Page 37
    training Administrators are aware of the security policies and procedures of their organisation, are competent to correctly configure and operate the TOE in accordance with the guidance document following those policies and procedures. A.ADMIN.TRUST Trusted administrator The responsible manager
  • Ricoh Aficio MP C305 | Security Target - Page 38
    Objectives for TOE This section describes the security objectives for the TOE. O.DOC.NO_DIS Protection of document disclosure The TOE shall protect documents from unauthorised disclosure by persons without a login user name, or by persons with a login user name but without an access permission to
  • Ricoh Aficio MP C305 | Security Target - Page 39
    identification and authentication The TOE shall require identification and authentication of users and shall ensure that users are authorised in accordance with security policies before allowing them to use the TOE. O.INTERFACE.MANAGED Management of external interfaces by TOE The TOE shall manage
  • Ricoh Aficio MP C305 | Security Target - Page 40
    according to the guidance document and ensure that users are aware of the security policies and procedures of their organisation and have the competence to follow those policies and procedures. OE.ADMIN.TRAINED Administrator training The responsible manager of MFP shall ensure that administrators
  • Ricoh Aficio MP C305 | Security Target - Page 41
    .VERIFIED O.AUDIT.LOGGED OE.AUDIT_STORAGE.PROTCTED OE.AUDIT_ACCESS_AUTHORIZED OE.AUDIT.REVIEWED O.INTERFACE.MANAGED OE.PHYSICAL.MANAGED OE.INTERFACE.MANAGED O.STORAGE.ENCRYPTED O.RCGATE.COMM.PROTECT OE.ADMIN.TRAINED OE.ADMIN.TRUSTED OE.USER.TRAINED T.DOC.DIS X XX T.DOC.ALT X XX T.FUNC.ALT
  • Ricoh Aficio MP C305 | Security Target - Page 42
    and authentication of users, and users are authorised in accordance with the security policies before being allowed to use the TOE. By O.FUNC.NO_ALT, the TOE protects the user jobs from unauthorised alteration by persons without a login user name, or by persons with a login user name but without
  • Ricoh Aficio MP C305 | Security Target - Page 43
    and authentication of users, and users are authorised in accordance with the security policies before being allowed to use the TOE. By O.CONF.NO_DIS, the TOE protects the TSF confidential data from unauthorised disclosure by persons without a login user name, or by persons with a login user name but
  • Ricoh Aficio MP C305 | Security Target - Page 44
    . By OE.AUDIT.REVIEWED, the responsible manager of MFP reviews audit logs at appropriate intervals for security violations or unusual patterns upheld by this objective. A.ADMIN.TRAINING A.ADMIN.TRAINING is upheld by OE.ADMIN.TRAINED. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved
  • Ricoh Aficio MP C305 | Security Target - Page 45
    the guidance documents. A.ADMIN.TRUST is upheld by this objective. A.USER.TRAINING A.USER.TRAINING is upheld by OE.USER.TRAINED. By OE.USER.TRAINED, the responsible manager of MFP instructs the users in accordance with the guidance documents to make them aware of the security policies and procedures
  • Ricoh Aficio MP C305 | Security Target - Page 46
    on another external interface. However, some products may provide the capability for attackers to misuse external interfaces to violate the security of the TOE or devices that are connected to the TOE's external interfaces. Therefore, direct forwarding of unprocessed data between different
  • Ricoh Aficio MP C305 | Security Target - Page 47
    too implementation-specific for a Protection Profile or too unwieldy for refinement in a Security Target. Therefore, the authors decided to define an extended component to address this functionality. This extended component protects both user data and TSF data, and it could therefore be placed in
  • Ricoh Aficio MP C305 | Security Target - Page 48
    6.1.1 Class FAU: Security audit FAU_GEN.1 Audit login user names that attempted the user folder transmission, recipient's e-mail address used for e-mail transmission of attachments, communication direction of communication with RC Gate, lockout operation type, Locked out User, and Locked out User
  • Ricoh Aficio MP C305 | Security Target - Page 49
    downloading, faxing, sending attachments by e-mail, sending to folder, and deleting", are the job types of additional information that are required by the PP. Original: Not recorded. a) Minimal: Starting and releasing lockout b) Basic: Success and failure of login operation Copyright (c) 2012 RICOH
  • Ricoh Aficio MP C305 | Security Target - Page 50
    and failure of login operation. Also includes the user identification that is required by the PP as the additional information. b) Basic: Success and failure of login operation a) Minimal: Record of management items in Table 29. No record due to no modification. a) Minimal: Settings of Year-Month
  • Ricoh Aficio MP C305 | Security Target - Page 51
    : No other components. Dependencies: FAU_SAR.1 Audit review FAU_SAR.2.1 The TSF shall prohibit all users read access to the audit records, except those users that have been granted explicit read-access. 6.1.2 Class FCS: Cryptographic support FCS_CKM.1 Cryptographic key generation Hierarchical to
  • Ricoh Aficio MP C305 | Security Target - Page 52
    Cryptographic operation Hierarchical to: No other components. Dependencies: [FDP_ITC.1 Import of user data without security attributes, or FDP_ITC.2 Import of user data with security attributes, or FCS_CKM.1 Cryptographic key generation] FCS_CKM.4 Cryptographic key destruction FCS_COP.1.1 The
  • Ricoh Aficio MP C305 | Security Target - Page 53
    Subject Subjects or Objects Normal user process Subject Subject Subject MFP administrator process Supervisor process RC Gate process Security Attributes - Login user name of normal user - User role - User role - User role - User role Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved
  • Ricoh Aficio MP C305 | Security Target - Page 54
    with login user name of normal user registered on document user list for document data. Not allowed. However, it is allowed for normal user process that created the document data. Not allowed. However, it is allowed for normal user process that created the document data. Copyright (c) 2012 RICOH
  • Ricoh Aficio MP C305 | Security Target - Page 55
    . However, it is allowed for normal user process with login user name of normal user, which is the security attribute of user jobs. FDP_ACF.1.3(a) The TSF shall explicitly authorise access of subjects to objects based on the following additional rules: [assignment: rules to control operations
  • Ricoh Aficio MP C305 | Security Target - Page 56
    user process Object Supervisor process RC Gate process MFP application Security Attributes - Login user name of normal user - Available function list - User role - User role - User access of subjects to objects based on the following additional rules: [assignment: deny an operation on MFP
  • Ricoh Aficio MP C305 | Security Target - Page 57
    22]. Table 22 : List of Actions for Authentication Failure Unsuccessfully Authenticated Users Normal user Supervisor MFP administrator Actions for Authentication Failure The lockout for the normal user is released by the lockout time set by the MFP administrator, or release operation by the MFP
  • Ricoh Aficio MP C305 | Security Target - Page 58
    : List of Security Attributes for Each User That Shall Be Maintained Users Normal user Supervisor MFP administrator RC Gate List of Security Attributes - Login user name of normal user - User role - Available function list - User role - Login user name of MFP administrator - User role - User role
  • Ricoh Aficio MP C305 | Security Target - Page 59
    the list of user jobs, WIM Help user to be performed before the user user that user. user the list of user jobs, WIM user to be performed before the user is identified (refinement: identification with Basic Authentication). FIA_UID.1.2(a) The TSF shall require each user the list of user jobs, WIM
  • Ricoh Aficio MP C305 | Security Target - Page 60
    Initial Association of Attributes Users Subjects User Security Attributes Normal user Normal user process - Login user name of normal user - User role - Available function list Supervisor Supervisor process - User role MFP administrator MFP administrator process - Login user name of MFP
  • Ricoh Aficio MP C305 | Security Target - Page 61
    in Table 25]. Table 25 : User Roles for Security Attributes (a) Security Attributes Operations Login user name of normal user for Basic Authentication Login user name of normal user for External Authentication Login user name of supervisor Login user name of MFP administrator Document data
  • Ricoh Aficio MP C305 | Security Target - Page 62
    User Roles for Security Attributes (b) Security Attributes Login user name of normal user for Basic Authentication Login user name of normal user for External Authentication Available function list Function type User [selection: restrictive] default values for security attributes that are used
  • Ricoh Aficio MP C305 | Security Target - Page 63
    : restrictive] default values for security attributes that Login password of normal user for Basic Authentication Operations Newly create, modify Modify Login password of supervisor Modify User Roles MFP administrator Normal user who owns the login password Supervisor Copyright (c) 2012 RICOH
  • Ricoh Aficio MP C305 | Security Target - Page 64
    for Basic Authentication Password complexity setting for Basic Authentication Operation Panel auto logout time WIM auto logout time Audit logs HDD cryptographic key S/MIME user information Destination information for folder transmission Stored Reception File User User authentication method IPSec
  • Ricoh Aficio MP C305 | Security Target - Page 65
    login user name by MFP administrator Query of login user name of MFP administrator by supervisor New creation and modification of login password of normal user of Lockout Release Timer Setting by MFP administrator when own available function list by normal user when the Basic Authentication is used
  • Ricoh Aficio MP C305 | Security Target - Page 66
    administrator Query of destination information for folder transmission by normal user Query and modification of Stored Reception File User by MFP administrator Query of user authentication method by MFP administrator Query and modification of IPSec setting information by MFP administrator Query of
  • Ricoh Aficio MP C305 | Security Target - Page 67
    of Management Functions FMT_SMR.1 Security roles FPT_FDI_EXP.1.1 The TSF from the printer driver, completion of document data reception from the fax driver, and termination of communication with RC Gate via the LAN]. 6.2 Security Assurance Requirements The evaluation assurance level of this TOE
  • Ricoh Aficio MP C305 | Security Target - Page 68
    : Guidance documents ALC: Life-cycle support ASE: Security Target evaluation ATE: Tests AVA: Security architecture description Functional specification with complete summary Architectural design Operational user Security objectives Derived security requirements Security problem definition
  • Ricoh Aficio MP C305 | Security Target - Page 69
    Page 68 of 91 Table 31 : Relationship between Security Objectives and Functional Requirements O.DOC.NO_DIS O.DOC.NO_ALT O.FUNC.NO_ALT O.PROT.NO_ALT O.CONF.NO_DIS O.CONF.NO_ALT O.USER.AUTHORIZED O.INTERFACE.MANAGED O.SOFTWARE.VERIFIED O.AUDIT.LOGGED O.STORAGE.ENCRYPTED O.RCGATE.COMM.PROTECT FAU_GEN
  • Ricoh Aficio MP C305 | Security Target - Page 70
    objective to prevent the documents from unauthorised disclosure by persons without a login user name, or by persons with a login user name but without an access permission to the document. To fulfil this security objective, it is required to implement the following countermeasures. (1) Specify and
  • Ricoh Aficio MP C305 | Security Target - Page 71
    , query, modify and delete) on the login user name, and available operations (query and modify) on the document user list, and a specified user is thus restricted to perform each operation. FMT_MSA.3(a) surely sets the restrictive value to the security attributes of document data (object) when the
  • Ricoh Aficio MP C305 | Security Target - Page 72
    operation (newly create, query, modify and delete) for the login user name to specified users only. FMT_MSA.3(a) sets the restrictive value to the security attributes of user jobs (object) when the user jobs are generated. By satisfying FDP_ACC.1(a), FDP_ACF.1(a), FTP_ITC.1, FMT_MSA.1(a) and
  • Ricoh Aficio MP C305 | Security Target - Page 73
    this security objective, it is required to implement the following countermeasures. (1) Management of the TSF confidential data. FMT_MTD.1 allows the MFP administrator and applicable normal user to operate the login password of normal user. A supervisor is allowed to operate the login password of
  • Ricoh Aficio MP C305 | Security Target - Page 74
    RC Gate. (5) Management of the security attributes. According to FMT_MSA.1(b), the login user name and available function list of normal user are managed by the MFP administrator, and users are not allowed to operate the function type. FMT_MSA.3(b) sets the restrictive default value to the function
  • Ricoh Aficio MP C305 | Security Target - Page 75
    .1 checks if the MFP Control Software and FCU Control Software are verified software at the start-up. By satisfying FTP_TST.1, which is the security functional requirement for this countermeasure, O.SOFTWARE.VERIFIED is fulfilled. O.AUDIT.LOGGED Management of audit log records O.AUDIT.LOGGED is the
  • Ricoh Aficio MP C305 | Security Target - Page 76
    keys. (4) Specification of Management Function. FMT_SMF.1 performs the required Management Functions for Security Function. (5) Specification of the roles. FMT_SMR.1 maintains the users who have the privileges. By satisfying FCS_CKM.1, FCS_COP.1, FMT_MTD.1, FMT_SMF.1 and FMT_SMR.1, which
  • Ricoh Aficio MP C305 | Security Target - Page 77
    FCS_CKM.4 FCS_CKM.4 None None None None None None None None None None None None None None None None None None None None None Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C305 | Security Target - Page 78
    is therefore important also. In order to securely operate the TOE continuously, it is important to appropriately remediate the flaw discovered after the start of TOE operation according to flow reporting procedure (ALC_FLR.2). Based on the terms and costs of the evaluation, the evaluation assurance
  • Ricoh Aficio MP C305 | Security Target - Page 79
    security-relevant events (hereafter, "audit events"). This function provides the recorded audit log in a legible fashion for users to audit (audit log review when the MFP administrator instructs the TOE to read login operations (Login attempts from RC Gate are excluded) Success and failure of login
  • Ricoh Aficio MP C305 | Security Target - Page 80
    (year/month/day), time settings (hour/minute) Termination of session by auto logout Failure of WIM communication Folder transmission E-mail transmission of attachments Printing via networks LAN Fax via networks Storing document data Reading document data (print, download, fax transmission, e-mail
  • Ricoh Aficio MP C305 | Security Target - Page 81
    login password entered from each driver by a user. When the entered login user name is the login user name of MFP administrator or supervisor, the TOE checks if the entered login password matches with the one pre-registered by the MFP administrator or supervisor in the TOE. Copyright (c) 2012 RICOH
  • Ricoh Aficio MP C305 | Security Target - Page 82
    driver. In case of fax driver, the user is logged out of the TOE immediately after receiving the transmission information from the fax driver. In case of RC Gate, the TOE terminates a session with RC Gate immediately after the communication with RC Gate ends. FIA_UAU.7 Regarding login passwords
  • Ricoh Aficio MP C305 | Security Target - Page 83
    User Role User Roles (Locked out Users) Normal user Supervisor MFP administrator Unlocking Administrators MFP administrator MFP administrator Supervisor FIA_SOS.1 Login passwords for users can be registered only if these passwords is a set of identification RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C305 | Security Target - Page 84
    downloaded to the client computers, sent by fax, sent by e-mail as attachments, sent to folders, and deleted. The interface enables users to delete all the stored documents. Users documents that register the login user names of the normal users who logged in to the document user list, and an
  • Ricoh Aficio MP C305 | Security Target - Page 85
    Print Delete (Fax transmission is authorised for normal users who are privileged to use Fax Function) Print Delete Print Download Delete (Operations above are authorised only if normal users are privileged to use Document Server Function) Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C305 | Security Target - Page 86
    function list set for each normal user. If the role is that of MFP administrator, the user can operate Fax Reception Function that corresponds to MFP management. If the role is that of supervisor and RC Gate, using any functions is not allowed. 7.5 Network Protection Function The Network Protection
  • Ricoh Aficio MP C305 | Security Target - Page 87
    on the HDD where the digital image data of the document data is stored. Also, when a user job is complete, the TOE applies the method specified by the MFP administrator and overwrites the area cryptographic operations are shown in Table 38. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C305 | Security Target - Page 88
    operations for TSF data, 2) maintain user roles assigned to normal users, MFP administrator, or supervisor to operate the Security Management Function, and 3) set appropriate default values to security attributes, all of which accord with user role privileges or user privileges that are assigned to
  • Ricoh Aficio MP C305 | Security Target - Page 89
    document(*2) Default values of the document user list No operation interfaces available Operation Panel, Web browser Operation Panel, Web browser Operation Panel, Web browser Available function list Operation Panel, Web browser Function types User roles Login passwords of normal users when
  • Ricoh Aficio MP C305 | Security Target - Page 90
    password for Basic Authentication Password complexity setting user information Operation Panel, Web browser Destination folder Stored Reception File User User authentication method IPSec setting information @Remote setting user MFP administrator Supervisor, normal user for a user certificate is
  • Ricoh Aficio MP C305 | Security Target - Page 91
    User. FMT_MSA.3(a) and FMT_MSA.3(b) The TOE sets default values Default values of a document user list assigned to each user. Login user name of a normal user who stored the document data. Login user name of a normal user included in the Stored Reception File User list. Copyright (c) 2012 RICOH
  • Ricoh Aficio MP C305 | Security Target - Page 92
    Fax Function) Login user name of normal user Function type Page 91 of 91 Login user name of a normal user who newly creates a user job. The values performed, the line is disconnected. Since the TOE is set to prohibit forwarding of received fax data during installation, received fax data will
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
Aficio MP C305 series
Security Target
Author : RICOH COMPANY, LTD.
Date
: 2012-11-28
Version : 1.00
Portions of Aficio MP C305 series Security Target are reprinted with written
permission from IEEE, 445 Hoes Lane, Piscataway, New Jersey 08855, from
IEEE 2600.1, Protection Profile for Hardcopy Devices, Operational
Environment A, Copyright © 2009 IEEE. All rights reserved.
This document is a translation of the evaluated and certified security target
written in Japanese.