Ricoh Aficio MP C400SR Security Target

Ricoh Aficio MP C400SR Manual

Get Ricoh Aficio MP C400SR PDF manuals and user guides View all Ricoh Aficio MP C400SR manuals
Add to My Manuals
Save this manual to your list of manuals

Ricoh Aficio MP C400SR manual content summary:

  • Ricoh Aficio MP C400SR | Security Target - Page 1
    C300/C300SR/C400/C400SR series Security Target Author : RICOH COMPANY, LTD. Date : 2012-08-17 Version : 1.00 Portions of Aficio MP C300/C300SR/C400/C400SR series Security Target are reprinted with written permission from IEEE, 445 Hoes Lane, Piscataway, New Jersey 08855, from IEEE 2600.1,
  • Ricoh Aficio MP C400SR | Security Target - Page 2
    Page 1 of 91 Version 1.00 Date 2012-08-17 Revision History Author RICOH COMPANY, LTD. Detail Publication version. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 3
    Claim 29 2.2 PP Claims...29 2.3 Package Claims ...29 2.4 Conformance Claim Rationale 30 2.4.1 Consistency Claim with TOE Type in PP 30 2.4.2 Consistency Claim with Security Problems and Security Objectives in PP......... 30 2.4.3 Consistency Claim with Security Requirements in PP 31 3 Security
  • Ricoh Aficio MP C400SR | Security Target - Page 4
    Requirements 47 6.1.1 Class FAU: Security audit 47 6.1.2 Class FCS: Cryptographic support 50 6.1.3 Class FDP: User data protection 51 6.1.4 Class FIA: Audit Function ...78 7.2 Identification and Authentication Function 80 Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 5
    Data Overwrite Function 85 7.7 Stored Data Protection Function 86 7.8 Security Management Function 86 7.9 Software Verification Function 91 7.10 Fax Line Separation Function 91 Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 6
    : User Roles for Security Attributes (b 61 Table 27 : Authorised Identified Roles Allowed to Override Default Values 61 Table 28 : List of TSF Data...62 Table 29 : List of Specification of : Unlocking Administrators for Each User Role 81 Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 7
    86 Table 39 : Management of TSF Data ...87 Table 40 : List of Static Initialisation for Security Attributes of Document Access Control SFP 90 Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 8
    Names TOE Versions Ricoh Aficio MP C300, Ricoh Aficio MP C300SR, Ricoh Aficio MP C400, Ricoh Aficio MP C400SR, Savin C230, Savin C230SR, Savin C240, Savin C240SR, Lanier LD130C, Lanier LD130CSR, Lanier LD140C, Lanier LD140CSR, Lanier MP C300, Lanier MP C300SR, Lanier MP C400, Lanier MP C400SR
  • Ricoh Aficio MP C400SR | Security Target - Page 9
    Fax RemoteFax NetworkDocBox Web Support Web Uapl animation Scanner Printer PCL OptionPCLFont Data Erase Std GWFCU3-23 (WW) Engine OpePanel LANG0 LANG1 Ic Key Ic Ctlr illustrated below and the usage of the TOE is outlined in this section. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 10
    stored documents. Also, the TOE receives information via telephone lines and can store it as a document. LAN Network used in the TOE environment. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 11
    the printer driver installed on the client computer, - Storage and faxing of documents using the fax driver installed to relay communications between the MFP and maintenance centre. A transfer path to other external interface for input information from the RC RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 12
    of the TOE is the MFP, which consists of the following hardware components (shown in Figure 2): Operation Panel Unit, Engine Unit, Fax Controller Unit, Controller Board, HDD, Ic Ctlr, Network Unit, USB Port, SD Card Slot, and SD Card. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 13
    Ic Key, and FlashROM. The Controller Board sends and receives information to and from the units and devices that constitute the MFP, and this information is used to control the MFP. The random number generation, cryptographic key generation Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 14
    Printer, Fax, RemoteFax, Web Support, Web Uapl, NetworkDocBox, animation, PCL, OptionPCLFont, LANG0, and LANG1. These are part of the TOE and are included in the MFP Control Software. Operation Panel Unit Software performs the following: 1. Transfers operation instructions from the key switches and
  • Ricoh Aficio MP C400SR | Security Target - Page 15
    . Network Unit The Network Unit is an Aficio MP C300/C300SR/C400/C400SR Operating Instructions About This Machine M026-7401 - Note for Users M026-7438 - Quick Reference Copy Guide M026-7412 - Quick Reference Printer Guide M026-7429 - Quick Reference Scanner Guide M026-7434 Copyright (c) 2012 RICOH
  • Ricoh Aficio MP C400SR | Security Target - Page 16
    Page 15 of 91 - C230/C230SR/C240/C240SR LD130C/LD130CSR/LD140C/LD140CSR Aficio MP C300/C300SR/C400/C400SR Operating Instructions Troubleshooting M026-7415 - Notes for Users M026-7439 - Notes to users in the United States of America D566-7091 - About the Software on the CD-ROM M080-8547 -
  • Ricoh Aficio MP C400SR | Security Target - Page 17
    - Notes for Administrators: Using this Machine in a Network Environment Compliant with IEEE Std. 2600.1TM-2009 M026-7440 - Operating Instructions Notes on Security Functions M026-7441 - Manuals for Users Aficio MP C300/MP C300SR/MP C400/MP C400SR MP C300/MP C300SR/MP C400/MP C400SR A M026-6906
  • Ricoh Aficio MP C400SR | Security Target - Page 18
    17 of 91 - Quick Reference Copy Guide M026-7413 - Quick Reference Printer Guide M026-7429 - Quick Reference Scanner Guide M026-7435 - MP C300/C300SR/C400/C400SR MP C300/C300SR/C400/C400SR Aficio MP C300/C300SR/C400/C400SR Operating Instructions Troubleshooting M026-7417 - Notes for Users M026
  • Ricoh Aficio MP C400SR | Security Target - Page 19
    the @Remote Service Function of the TOE via RC Gate communication interface. Copy Function, Fax Function, Scanner Function, Printer Function, Explanation Authorised to modify the login password of the MFP administrator. Authorised to MFP Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 20
    and other editorial jobs can be applied to the copy image. It can also be stored on the HDD as a Document Server document. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 21
    from the printer driver installed on the client computer. The TOE receives documents from the printer driver installed on the received documents will be stored on the HDD as printer documents. A dedicated password, which is used for locked print, is not RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 22
    documents received from the fax driver installed on the client computer computer are sent by fax from the fax driver installed on the client computer. Fax documents in the TOE by operating the fax driver installed on the client computer. - Operation driver on their own client computers, and then
  • Ricoh Aficio MP C400SR | Security Target - Page 23
    Operation panel or a Web browser. Maintenance Function The Maintenance Function is to perform maintenance service for the MFP if it is malfunctioning. When analysing causes of the malfunction, a audit log, the Web Function will be used. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 24
    her login user name and login password received from the printer or fax drivers, so that the user can be verified as a normal user. To use the @Remote Service Function from the RC Gate communication function can be enabled through encrypted Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 25
    of Fax Function is used, the protection function can be enabled using the fax driver to specify encrypted communication. When communicating with RC Gate, encrypted communication is used. this ST, a "user job" is referred to as a "job". Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 26
    (year/month/day), time settings, Minimum Character No., Password Complexity Setting, S/MIME user information, destination folder, Stored TOE include System/Copy, Network Support, Scanner, Printer, Fax, RemoteFax, Web Support, Web Uapl, NetworkDocBox, animation, PCL, OptionPCLFont, LANG0, LANG1 and
  • Ricoh Aficio MP C400SR | Security Target - Page 27
    using the login user names and the login passwords registered on the TOE. One of the procedures for Authentication supports NTLM function (Copy Function, Document Server Function, Scanner Function, Printer Function and Fax Function) from beginning to end. A RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 28
    operations the Scanner Function is used. One of the document data attributes. Documents copied by using Printer Function. One of the document data attributes. Documents sent by fax or to folders by using used by users to operate the TOE. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 29
    using the fax driver on client computer. Sometimes referred to as "PC FAX". General term for remote diagnosis maintenance services for the TOE. Also called @Remote Service. The facility where time while jammed paper is not removed. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 30
    .2. The selected SFR Packages from the PP are: 2600.1-PRT conformant 2600.1-SCN conformant 2600.1-CPY conformant 2600.1-FAX conformant 2600.1-DSR conformant Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 31
    , Scanner Function, Printer Function or Fax Problems and Security Objectives in PP Defining all security problems problem definitions problems and security objectives the security problem definitions in to security problems and security do not affect any security problems and security objectives defined in
  • Ricoh Aficio MP C400SR | Security Target - Page 32
    Page 31 of 91 For those points mentioned above, the security problems and security objectives in this ST are consistent with those in the PP. 2.4.3 Consistency Claim Gate; it is not to change the security requirements specified by the PP. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 33
    privileges to operate the TOE functions, this ST allows them to operate Fax Reception Function only, which is part of the TOE functions. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 34
    accessed when receiving from a telephone line, is regarded as a user with administrator privileges. Therefore, FDP_ACF.1.3(b) in this ST satisfies FDP_ACF.1.3(b) in the PP. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 35
    Page 34 of 91 3 Security Problem Definitions This section describes Threats, Organisational Security Policies and Assumptions. 3.1 Threats Defined and a login user name but without an access permission to the TSF Confidential Data. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 36
    audit log shall be protected from unauthorised disclosure or alteration, and shall be reviewed by authorised persons. P.INTERFACE.MANAGEMENT Management of external interfaces To prevent unauthorised follow those policies and procedures. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 37
    The responsible manager of MFP selects administrators who do not use their privileged access rights for malicious purposes according to the guidance document. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 38
    by persons without a login user name, or by persons with a login user name but without an access permission to the TSF Confidential Data. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 39
    manager of MFP shall ensure that those logs can be accessed in order to detect potential security violations, and only by authorised persons. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 40
    use their privileged access rights for malicious purposes according to the guidance document. OE.AUDIT.REVIEWED Log audit The responsible manager of MFP shall ensure that audit logs are reviewed at appropriate intervals according to the guidance document for detecting security violations or unusual
  • Ricoh Aficio MP C400SR | Security Target - Page 41
    O.AUDIT.LOGGED OE.AUDIT_STORAGE.PROTCTED OE.AUDIT_ACCESS_AUTHORIZED OE.AUDIT.REVIEWED O.INTERFACE.MANAGED OE.PHYSICAL.MANAGED OE.INTERFACE.MANAGED O.STORAGE X A.ACCESS.MANAGED X A.ADMIN.TRAINING X A.ADMIN.TRUST X A.USER.TRAINING X Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 42
    authorised in accordance with the security policies before being allowed to use the TOE. By O.PROT.NO_ALT, the TOE protects the TSF protected Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 43
    . By O.SOFTWARE.VERIFIED, the TOE provides measures for self-verifying the executable code of the TSF. P.SOFTWARE.VERIFICATION is enforced by this objective. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 44
    MFP and prevents its unauthorised disclosure or alteration. By OE.AUDIT.REVIEWED, the responsible manager of MFP reviews audit logs at appropriate intervals for security violations or unusual patterns .TRAINING is upheld by OE.ADMIN.TRAINED. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 45
    is upheld by this objective. A.USER.TRAINING A.USER.TRAINING is upheld by OE.USER.TRAINED. By OE.USER.TRAINED, the responsible manager of MFP instructs the users in accordance with the guidance documents to make them aware of the security policies and procedures of their organisation, and the users
  • Ricoh Aficio MP C400SR | Security Target - Page 46
    : Quite often, a TOE is supposed to perform specific checks and process data received on one external interface before such (processed) data are allowed to be transferred to another external interface. Examples Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 47
    systems that require a specific work flow for the incoming data before it can be transferred. Direct forwarding of such data (i.e., without processing the data first) between different external to [assignment: the LAN and telephone line]. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 48
    shows the action (CC rules) recommended by the CC as auditable for each functional requirement and the corresponding auditable events of the TOE. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 49
    that are required by the PP. Original: Not recorded. b) Basic: Success and failure of login operation b) Basic: Success and failure of login operation Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 50
    a) Minimal: Termination of session by auto logout. a) Minimal: Failure of communication with trusted channel. FAU_GEN.2 User identity association Hierarchical to: No other components. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 51
    review FAU_SAR.2.1 The TSF shall prohibit all users read access to the audit records, except those users that have been granted explicit read-access. 6.1.2 Class FCS: Cryptographic support key generation algorithm in Table 12] and Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 52
    shall enforce the [assignment: document access control SFP] on [assignment: list of subjects, objects, and operations among subjects and objects in Table 14]. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 53
    user process Subject Subject MFP administrator process Supervisor process Security Attributes - Login user name of normal user - User role - User role - User role Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 54
    registered on document user list for document data. Not allowed. However, it is allowed for normal user process that created the document data. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 55
    RC Gate process]. FDP_ACF.1(b) Security attribute-based access control Hierarchical to: No other components. Dependencies: FDP_ACC.1 Subset access control FMT_MSA.3 Static attribute initialisation Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 56
    the resource from] the following objects: [assignment: user documents]. 6.1.4 Class FIA: Identification and authentication FIA_AFL.1 Authentication failure handling Hierarchical to: No other components. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 57
    Be Maintained Users Normal user Supervisor List of Security Attributes - Login user name of normal user - User role - Available function list - User role Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 58
    -case letters: [a-z] (26 letters) Numbers: [0-9] (ten digits) Symbols: SP (spaces 33 symbols) (2) Registrable password length: For normal users: No fewer than the minimum character number specified by of the user to be performed before Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 59
    other TSF-mediated actions on behalf of that user. FIA_UID.2 User identification before action Hierarchical to: FIA_UID.1Timing of identification Dependencies: No dependencies. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 60
    , [assignment: newly create]] the security attributes [assignment: security attributes in Table 25] to [assignment: the user roles with operation permission in Table 25]. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 61
    , [assignment: newly create]] the security attributes [assignment: security attributes in Table 26] to [assignment: the user roles with operation permission in Table 26]. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 62
    enforce the [assignment: document access control SFP] to provide [selection: restrictive] default values for security attributes that are used to enforce the SFP. FMT_MSA.3.2(a) The - Normal user who stored the applicable document data Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 63
    identified roles] to specify alternative initial values to override the default values when an object or information is created. FMT_MTD.1 Management login password Supervisor Supervisor MFP administrator MFP administrator who owns the login password MFP administrator Copyright (c) 2012 RICOH
  • Ricoh Aficio MP C400SR | Security Target - Page 64
    day), time setting (hour, minute) Minimum character number for Basic Authentication Password complexity setting for Basic Authentication Audit logs HDD cryptographic key S/MIME user information of login user name of supervisor by supervisor Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 65
    character number by MFP administrator when the Basic Authentication is used Query of Password Complexity by MFP administrator when the Basic Authentication is used Query of Number The TSF shall be able to associate users with roles. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 66
    printer driver, completion of document data reception from the fax driver, and termination of communication with RC Gate]. 6.1.8 Class FTP: Trusted path/channels FTP_ITC.1 Inter-TSF trusted channel Hierarchical to: No other components. Dependencies: No dependencies. Copyright (c) 2012 RICOH
  • Ricoh Aficio MP C400SR | Security Target - Page 67
    Assurance Classes ADV: Development AGD: Guidance documents ALC: Life-cycle support ASE: Security Target evaluation ATE: Tests ADV_ARC.1 ADV_FSP.3 ADV_TDS.2 introduction Security objectives Derived security requirements Security problem definition TOE summary specification Analysis of coverage
  • Ricoh Aficio MP C400SR | Security Target - Page 68
    .VERIFIED O.AUDIT.LOGGED O.STORAGE.ENCRYPTED O.RCGATE.COMM.PROTECT FAU_GEN.1 FAU_GEN.2 FAU_STG.1 FAU_STG.4 FAU_SAR.1 FAU_SAR.2 FCS_CKM.1 FCS_COP.1 FDP_ACC.1(a) FDP_ACC.1(b) FDP_ACF.1(a) FDP_ACF.1(b) X X X X X X X X X X X X X X X X Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 69
    This section describes below how the TOE security objectives are fulfilled by the TOE security functional requirements corresponding to the TOE security objectives. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 70
    , query, modify and delete) on the login user name, and available operations (query and modify) on the document user list, and a specified user Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 71
    , Stored Reception File User, the minimum character number for Basic Authentication, password complexity setting for Basic Authentication, Number of Attempts before Lockout for Basic Authentication via the LAN are protected by FTP_ITC.1. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 72
    and applicable normal user to operate the login password of normal user. A supervisor is allowed to operate the login password of supervisor. The supervisor and applicable MFP for these countermeasures, O.CONF.NO_ALT is fulfilled. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 73
    makes it difficult to guess the password. For the External Authentication, this depends completion of document data reception from the printer driver or fax driver. The TOE terminates the session with RC default value to the function type. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 74
    are verified software at the start-up. By satisfying FTP_TST.1, which is the security functional requirement for this countermeasure, O.SOFTWARE.VERIFIED is fulfilled. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 75
    concealed, and any tampering on the communication path is detected. To fulfil this security objective, it is required to implement the following countermeasure. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 76
    .1 FCS_CKM.4 FDP_ACF.1(a) FDP_ACF.1(b) FDP_ACC.1(a) FMT_MSA.3(a) FDP_ACC.1(b) FMT_MSA.3(b) None FIA_UAU.1(a) None None FIA_UID.1(a) FIA_UID.1(b) None None None None None None None None None None Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 77
    key will be continuously used for the HDD and will not be deleted. Therefore, cryptographic key destruction by the standard method is unnecessary. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 78
    procedure (ALC_FLR.2). Based on the terms and costs of the evaluation, the evaluation assurance level of EAL3+ALC_FLR.2 is appropriate for this TOE. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 79
    log in a legible fashion for users to audit (audit log review). The recorded audit log can be viewed and deleted only by provides the audit logs in a text format when the MFP administrator instructs the TOE to read the audit logs. FAU_STG.4 The TOE writes the RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 80
    Function communication - Folder transmission - Printing via networks - LAN Fax via networks - Communication with RC Gate - E-mail transmission Basic Log Items Expanded Log Items Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 81
    the login user name and login password entered by the user. However, password is complete. When the TOE is used from the printer driver or fax driver, the TOE receives the login user name and login password entered from each driver the login user name and login password entered by the user. However,
  • Ricoh Aficio MP C400SR | Security Target - Page 82
    the print data from the printer driver. The TOE logs out immediately after receiving the transmission information from the fax driver. The TOE terminates a session with RC Gate immediately after the communication with RC Gate is complete. FIA_UAU.7 Regarding login passwords entered by a person who
  • Ricoh Aficio MP C400SR | Security Target - Page 83
    : [0-9] (ten digits) Symbols: SP (space 33 symbols) (2) Registrable password length: - For normal users No less than the minimum character number for password (8-32 characters) specified by the (1) Access control rule on document data Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 84
    job owner to view and delete the document data handled as a user job while Copy Function, Printer Function, Scanner Function, Fax Function, or Document Server Function is being used. While no interface transmission Print Delete Print Delete Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 85
    Server documents Scanner documents Fax transmission documents Printer documents Fax reception documents Print Delete E-mail -Feature Restriction Function is to authorise TOE users to use Copy Function, Printer Function, Scanner Function, Document Server Function and Fax Function in accordance with
  • Ricoh Aficio MP C400SR | Security Target - Page 86
    TOE verifies the role for an authorised TOE user who attempts to start operating Copy Function, Printer Function, Scanner Function, Document Server Function, and Fax Function. If the role is that of the user deletes document data, the TOE Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 87
    is provided from the Operation Panel. If the MFP administrator gives instructions to generate an HDD cryptographic key from the Operation Panel, the supervisor to operate the Security Management Function, and 3) set appropriate default values to security attributes, all of which accord with user role
  • Ricoh Aficio MP C400SR | Security Target - Page 88
    scanner document, fax document and printer document (with stored print) Document user list Stored document type is fax received document(*2) Default values of the document user stored the documents MFP administrator Applicable normal user Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 89
    Time Operation Panel, Web browser Minimum character number of password for Basic Authentication Password complexity setting for Basic Authentication Audit log HDD cryptographic key MFP administrator MFP administrator MFP administrator Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP C400SR | Security Target - Page 90
    data is received fax document, the list will be modified to the values of the Stored Reception File User. FMT_MSA.3(a) and FMT_MSA.3(b) The TOE sets default values for objects according to the rules described in Table 40 when those objects are generated. Copyright (c) 2012
  • Ricoh Aficio MP C400SR | Security Target - Page 91
    document type is printer document) Document application (Copy Function, Printer Function, Scanner Function name of normal user Function type Default values +PRT: Documents printed print from the client computer. Default values of a document user Printer Function, values to identify Printer Function
  • Ricoh Aficio MP C400SR | Security Target - Page 92
    is disconnected. Since the TOE is set to prohibit forwarding of received fax data during installation, received fax data will not be forwarded. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
Aficio MP C300/C300SR/C400/C400SR series
Security Target
Author : RICOH COMPANY, LTD.
Date
: 2012-08-17
Version : 1.00
Portions of Aficio MP C300/C300SR/C400/C400SR series Security Target are
reprinted with written permission from IEEE, 445 Hoes Lane, Piscataway, New
Jersey 08855, from IEEE 2600.1, Protection Profile for Hardcopy Devices,
Operational Environment A, Copyright © 2009 IEEE. All rights reserved.
This document is a translation of the evaluated and certified security target
written in Japanese.