Ricoh Aficio MP 2352SP Security Target

Ricoh Aficio MP 2352SP Manual

Get Ricoh Aficio MP 2352SP PDF manuals and user guides View all Ricoh Aficio MP 2352SP manuals
Add to My Manuals
Save this manual to your list of manuals

Ricoh Aficio MP 2352SP manual content summary:

  • Ricoh Aficio MP 2352SP | Security Target - Page 1
    /2852/3352 series Security Target Author : RICOH COMPANY, LTD. Date : 2011-12-19 Version : 1.00 Portions of Aficio MP 2352/2852/3352 series Security Target are reprinted with written permission from IEEE, 445 Hoes Lane, Piscataway, New Jersey 08855, from IEEE 2600.1, Protection Profile for
  • Ricoh Aficio MP 2352SP | Security Target - Page 2
    Page 1 of 91 Version 1.00 Date 2011-12-19 Revision History Author RICOH COMPANY, LTD. Detail Publication version. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 3
    Definition of Users ...17 1.4.3.1. Direct User ...17 1.4.3.2. Indirect User ...18 1.4.4 Functions 22 1.4.5 Protected Assets ...24 1.4.5.1. User Data ...24 1.4.5.2. TSF Data ...25 1.4.5.3. in PP 30 2.4.2 Consistency Claim with Security Problems and Security Objectives in PP ......... 30 2.4.3
  • Ricoh Aficio MP 2352SP | Security Target - Page 4
    Class FAU: Security audit 47 6.1.2 Class FCS: Cryptographic support 51 6.1.3 Class FDP: User data protection 52 6.1.4 Class FIA: Identification and authentication 56 Audit Function ...78 7.2 Identification and Authentication Function 80 Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 5
    Data Overwrite Function 85 7.7 Stored Data Protection Function 86 7.8 Security Management Function 86 7.9 Software Verification Function 91 7.10 Fax Line Separation Function 91 Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 6
    Table 25 : User Roles for Security Attributes (a 60 Table 26 : User Roles for Security Attributes (b 61 Table 27 : Authorised Identified Roles Allowed to Override Default Values 62 Table : Unlocking Administrators for Each User Role 81 Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 7
    Page 6 of 91 Table 36 : Stored Documents Access Control Rules for Normal Users 83 Table 37 : Encrypted Communications Provided by the TOE 85 Table 38 : List Static Initialisation for Security Attributes of Document Access Control SFP 90 Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 8
    Ricoh Aficio MP 2352, Ricoh Aficio MP 2852, Ricoh Aficio MP 3352, Savin MP 2352, Savin MP 2852, Savin MP 3352, Lanier MP 2352, Lanier MP 2852, Lanier MP 3352, nashuatec MP 2352, nashuatec MP 2852, nashuatec MP 3352, Rex-Rotary MP 2352, Rex-Rotary MP 2852, Rex-Rotary MP 3352, Gestetner MP 2352
  • Ricoh Aficio MP 2352SP | Security Target - Page 9
    Web Support Web Uapl animation Scanner Printer PCL PCL Font Data Erase Onb GWFCU3.5-1(WW) Engine OpePanel LANG0 LANG1 Ic Key Ic Hdd 1.00 1.01 1.00 1.00 01.01 1.02 1.00 1.12 1.03m 01.00.01 1.01:08 1.01 1.01 1.01 Hardware 01020714 01 Keywords : Digital MFP, Documents, Copy, Print, Scanner
  • Ricoh Aficio MP 2352SP | Security Target - Page 10
    and telephone lines, as shown in Figure 1. Users can operate the TOE from the Operation Panel The MFP is connected to the office LAN, and users can perform the following operations from the Operation Panel and network transmission of paper documents, - Print, fax, network transmission, and deletion of
  • Ricoh Aficio MP 2352SP | Security Target - Page 11
    Storage and printing of documents using the printer driver installed on the client computer, - Storage and faxing of documents using the fax driver installed on the user by communicating with the external authentication server via LAN. RC Gate An IT device used for @Remote. The function of RC Gate
  • Ricoh Aficio MP 2352SP | Security Target - Page 12
    TOE Description This section describes Physical Boundary of TOE, Guidance Documents, Definition of Users, Logical Boundary of TOE, and Protected Assets. 1.4.1 Physical Boundary of TOE The Network Unit, USB Port, SD Card Slot, and SD Card. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 13
    TSF data for configuring MFP operations is stored. - Ic Key A security chip that has the functions of random number generation, cryptographic key generation Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 14
    System/Copy, Network Support, Fax, RemoteFax, Web Support, Web Uapl, Printer Engine to the Controller Board, and operates the Scanner Engine or Printer Engine according to instructions user names and login passwords of normal users. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 15
    About This Machine D120-7523 - MP 2352/MP 2852/MP 3352 MP 2352/MP 2852/MP 3352 Aficio MP 2352/MP 2852/MP 3352 Operating Instructions Troubleshooting D120-7533 - Quick Reference Copy Guide D120-7517 - Quick Reference Printer Guide D595-7305 Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved
  • Ricoh Aficio MP 2352SP | Security Target - Page 16
    Fax Guide D596-7106 - Quick Reference Printer Guide D595-7304 - Quick Reference Scanner Guide D595-7316 - App2Me Start Guide D085-7904B - MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP Aficio MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP Manuals and
  • Ricoh Aficio MP 2352SP | Security Target - Page 17
    D120-7525 - MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP Aficio MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP Operating Instructions Troubleshooting D120-7535 - Quick Reference Copy Guide D120-7518 - Quick Reference Printer Guide D595-7305 - Quick
  • Ricoh Aficio MP 2352SP | Security Target - Page 18
    Page 17 of 91 - Manuals for Users MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP Aficio MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP D595-7810 - Manuals for Administrators MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP Aficio MP 2352SP/MP 2852/MP 2852SP/MP 3352/MP 3352SP D595-7801 - SOFTWARE
  • Ricoh Aficio MP 2352SP | Security Target - Page 19
    to modify the login password of the MFP administrator. Authorised to manage normal users. This privilege allows configuration of normal user settings. Authorised to specify charge of installation, setup, and maintenance of the TOE. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 20
    of the TOE 1.4.4.1. Basic Functions The overview of the Basic Functions is described as follows: Copy Function The Copy Function is to scan paper documents and copy scanned image data from the Operation Panel. Magnification and other editorial jobs can be applied to the copy image. It can also be
  • Ricoh Aficio MP 2352SP | Security Target - Page 21
    , the TOE does not delete printer documents even when printing is complete. According to the guidance document, users first install the specified printer driver on their own client computers, and then use this function. Scanner Function The Scanner Function is to scan paper documents by using the
  • Ricoh Aficio MP 2352SP | Security Target - Page 22
    documents. Paper documents will be scanned and stored using the Operation Panel. printed, deleted and downloaded from a Web browser. According to the guidance document, users first install the specified fax driver on their own client computers, and then use this function. Copyright (c) 2011 RICOH
  • Ricoh Aficio MP 2352SP | Security Target - Page 23
    Document Server documents. Also, users can print and delete fax documents. From a Web browser, users can print and delete Document Server documents, fax, print, download, and delete fax documents. Also, users can send scanner documents to folders or by e-mail, download and delete them. Management
  • Ricoh Aficio MP 2352SP | Security Target - Page 24
    or Fax Function from the printer or fax driver, a user will be required to enter his or her login user name and login password received from the printer or fax drivers, so that the user can be verified as a normal user. To use the @Remote Service Function from the RC Gate communication interface, it
  • Ricoh Aficio MP 2352SP | Security Target - Page 25
    function can be enabled using the fax driver to specify encrypted communication. When communicating with RC Gate, encrypted communication is used. Residual the TOE. Jobs specified by users. In this ST, a "user job" is referred to as a "job". Copyright (c) 2011 RICOH COMPANY, LTD. All rights
  • Ricoh Aficio MP 2352SP | Security Target - Page 26
    , Network Support, Scanner, Printer, Fax, RemoteFax, Web Support, Web Uapl, NetworkDocBox, animation, PCL, PCL Font, LANG0, LANG1 and Data Erase Onb. An identifier assigned to each normal user, MFP administrator, and supervisor. The TOE identifies users by this identifier. A password associated with
  • Ricoh Aficio MP 2352SP | Security Target - Page 27
    , hold print, and sample print using the client computer. One of the document data attributes. Documents sent to IT devices by e-mail or sent to folders, or downloaded on the client computer from the MFP. For these operations the Scanner Function is used. Copyright (c) 2011 RICOH COMPANY, LTD. All
  • Ricoh Aficio MP 2352SP | Security Target - Page 28
    MFP application Available function list Operation Panel Users for stored and received documents Definitions One of the document data attributes. Documents copied by using Printer Function. One of the document data attributes. Documents sent by fax or to folders by using Fax Function. One of the
  • Ricoh Aficio MP 2352SP | Security Target - Page 29
    be delivered to folders: scanned documents using Scanner Function and Fax Function, and scanned and stored documents services for the TOE. Also called @Remote Service. The facility where the centre server of @Remote is located. A function for users to request a repair to the maintenance centre via RC
  • Ricoh Aficio MP 2352SP | Security Target - Page 30
    .2. The selected SFR Packages from the PP are: 2600.1-PRT conformant 2600.1-SCN conformant 2600.1-CPY conformant 2600.1-FAX conformant 2600.1-DSR conformant Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 31
    scanner device and print device, and Printer RC Gate. For these reasons, these communications do not affect any security problems and security objectives defined in the PP. Therefore, P.RCGATE.COMM.PROTECT and O.RCGATE.COMM.PROTECT were augmented, yet still conform to the PP. Copyright (c) 2011 RICOH
  • Ricoh Aficio MP 2352SP | Security Target - Page 32
    the security problems and authentication of normal users of this TOE, NOTE 35, the authentications of users are assumed to be executed by RC Gate differs from the identification and authentication methods for normal users users or administrator and the identification and authentication method for RC
  • Ricoh Aficio MP 2352SP | Security Target - Page 33
    to the intended user. This is according augmented communication with RC Gate via user jobs, this ST rejects supervisor and RC Gate to operate document data and user jobs. Supervisor and RC Gate are not identified in the PP and are the special users in the PP allows users with administrator privileges
  • Ricoh Aficio MP 2352SP | Security Target - Page 34
    TOE allows the MFP administrator to delete document data and user jobs (document access control SFP, FDP_ACC.1(a) and FDP_ACF.1(a)), and accessed when receiving from a telephone line, is regarded as a user with administrator privileges. Therefore, FDP_ACF.1.3(b) in this ST satisfies FDP_ACF.1.3(b) in
  • Ricoh Aficio MP 2352SP | Security Target - Page 35
    Problem user name, or to persons with a login user user name, or by persons with a login user name but without an access permission to the document. T.FUNC.ALT User job alteration User login user name, or by persons with a login user name but login user name, or to persons with a login user name
  • Ricoh Aficio MP 2352SP | Security Target - Page 36
    User training The responsible manager of MFP trains users according to the guidance document and users are aware of the security policies and procedures of their organisation and are competent to follow those policies and procedures. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved
  • Ricoh Aficio MP 2352SP | Security Target - Page 37
    The responsible manager of MFP selects administrators who do not use their privileged access rights for malicious purposes according to the guidance document. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 38
    login user name, or by persons with a login user user job alteration The TOE shall protect user jobs from unauthorised alteration by persons without a login user name, or by persons with a login user login user name, or by persons with a login user name user name, or by persons with a login user
  • Ricoh Aficio MP 2352SP | Security Target - Page 39
    shall require identification and authentication of users and shall ensure that users are authorised in accordance with communication with RC Gate The TOE shall conceal the communication data on the communication path between itself and RC Gate, and 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 40
    access to the TOE by unauthorised persons. OE.USER.AUTHORIZED Assignment of user authority The responsible manager of MFP shall give users the authority to use the TOE in accordance with violations or unusual patterns of activity. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 41
    O.CONF.NO_ALT O.USER.AUTHORIZED OE.USER.AUTHORIZED O.SOFTWARE. O.RCGATE.COMM.PROTECT OE.ADMIN.TRAINED OE.ADMIN.TRUSTED OE.USER.TRAINED T.DOC.DIS X X X T.DOC.ALT X X T.CONF.DIS X X X T.CONF.ALT X X X P.USER.AUTHORIZATION X X P.SOFTWARE.VERIFICATION X P.AUDIT.LOGGING X XXX P.INTERFACE
  • Ricoh Aficio MP 2352SP | Security Target - Page 42
    organisation. By O.USER.AUTHORIZED, the TOE requires identification and authentication of users, and users are authorised in accordance with the security policies before being allowed to use the TOE. By O.PROT.NO_ALT, the TOE protects the TSF protected Copyright (c) 2011 RICOH COMPANY, LTD. All
  • Ricoh Aficio MP 2352SP | Security Target - Page 43
    protects the TSF confidential data from unauthorised disclosure by persons without a login user name, or by persons with a login user name but without an access permission to the TSF confidential data. T.CONF is enforced by this objective. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 44
    .PROTECT, the TOE shall conceal the communication data on the communication path between itself and RC Gate, and detect any tampering with those communication data. P.RCGATE.COMM.PROTECT is enforced .TRAINING is upheld by OE.ADMIN.TRAINED. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 45
    manager of MFP instructs the users in accordance with the guidance documents to make them aware of the security policies and procedures of their organisation, and the users follow those policies and procedures. OE.USER.TRAINED is upheld by this objective. Copyright (c) 2011 RICOH COMPANY, LTD. All
  • Ricoh Aficio MP 2352SP | Security Target - Page 46
    checks and process data received on one external interface before such (processed) data are allowed to be transferred to another external interface. Examples Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 47
    decided to define an extended component to address this functionality. This extended component protects both user data and TSF data, and it could therefore be placed in either the FDP or the [assignment: the LAN and telephone line]. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 48
    attempted the user identification for FIA_UID.1, communication direction of Web Function, communication IP address of the communication used for Web Function and folder transmission, recipient's e-mail address used for e-mail transmission, and communication direction of communication with RC Gate
  • Ricoh Aficio MP 2352SP | Security Target - Page 49
    above, "storing, printing, downloading, faxing, sending by e-mail, delivering to folder, and deleting", are the job types of additional information that are required by the PP. Original: Not recorded. b) Basic: Success and failure of login operation Copyright (c) 2011 RICOH COMPANY, LTD. All
  • Ricoh Aficio MP 2352SP | Security Target - Page 50
    additional information. b) Basic: Success and failure of login operation. Also includes the user identification that is required by the PP as the additional information. b) Basic: Success a) Minimal: Termination of session by auto logout. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 51
    communication with trusted channel. FAU_GEN.2 User identity association Hierarchical to: No users, the TSF shall be able to associate each auditable event with the identity of the user the audit records in a manner suitable for the user to interpret the information. FAU_SAR.2 Restricted audit review
  • Ricoh Aficio MP 2352SP | Security Target - Page 52
    TSF shall prohibit all users read access to the audit records, except those users that have been granted explicit read-access. 6.1.2 Class FCS: Cryptographic support FCS_CKM.1 Cryptographic key - Decryption when reading the data from HDD Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 53
    Subjects, Objects, and Operations among Subjects and Objects (a) Subjects Objects Operations - Normal user process - MFP administrator process - Supervisor process - RC Gate process - Document data - User jobs - Read - Delete FDP_ACC.1(b) Subset access control Hierarchical to: No other components
  • Ricoh Aficio MP 2352SP | Security Target - Page 54
    administrator process Supervisor process RC Gate process Document data Object User job Security Attributes - Login user name of normal user - User role - User role - User role - User role - Document data attribute - Document user list - Login user name of normal user FDP_ACF.1.2(a) The TSF shall
  • Ricoh Aficio MP 2352SP | Security Target - Page 55
    Read User jobs No setting of document data attribute Delete Normal user process Normal user process Normal user process Normal user process Normal user process Normal user process Normal user control Operations Allows. Allows. Allows. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 56
    [assignment: deny the operations on the document data and user jobs in case of supervisor process or RC Gate process]. FDP_ACF.1(b) Security attribute-based access control Hierarchical using administrator permission is surely permitted]. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 57
    in case of supervisor process or RC Gate process]. FDP_RIP.1 Subset residual User authentication using the Operation Panel User authentication using the TOE from client computer Web browser User authentication when printing from the client computer User RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 58
    and types: Upper-case letters: [A-Z] (26 letters) Lower-case letters: [a-z] (26 letters) Numbers: [0-9] (ten digits) Symbols: SP (spaces 33 symbols) (2) Registrable password length: For normal users: No fewer than the minimum character number specified by MFP administrator (8-32 characters) and no
  • Ricoh Aficio MP 2352SP | Security Target - Page 59
    use the TOE from RC Gate communication interface) before allowing other TSF-mediated actions on behalf of that user. FIA_UAU.7 Protected behalf of the user to be performed before the user is identified (refinement: identification with Basic Authentication). Copyright (c) 2011 RICOH COMPANY, LTD.
  • Ricoh Aficio MP 2352SP | Security Target - Page 60
    Supervisor process MFP administrator process RC Gate RC Gate process User Security Attributes - Login user name of normal user - User role - Available function list - User role - Login user name of MFP administrator - User role - User role Copyright (c) 2011 RICOH COMPANY, LTD. All rights
  • Ricoh Aficio MP 2352SP | Security Target - Page 61
    Operation Permission MFP administrator Normal user who owns the applicable login user name MFP administrator Supervisor MFP administrator MFP administrator who owns the applicable login user name Supervisor None No operation permitted None Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved
  • Ricoh Aficio MP 2352SP | Security Target - Page 62
    Authentication) No operation permitted No operation permitted User Roles with operation permission MFP administrator Normal user who owns the applicable login user name MFP administrator MFP administrator Applicable normal user None None Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 63
    restrictive] default values for default values when an Allowed to Override Default Values Objects Document User job Security Attributes Document data attribute Document user list Document user list Login user name of normal user restrictive] default values for override the default values when
  • Ricoh Aficio MP 2352SP | Security Target - Page 64
    time setting (hour, minute) Minimum character number for Basic Authentication Password complexity setting for Basic Authentication Audit logs HDD cryptographic key S/MIME user information Destination information for folder transmission Query Query Query Query, modify Query Query Query Query, delete
  • Ricoh Aficio MP 2352SP | Security Target - Page 65
    MFP administrator by MFP administrator Query and modification of own login user name by MFP administrator Query of login user name of MFP administrator by supervisor New creation and modification of login password of normal user by MFP administrator when the Basic Authentication is used Modification
  • Ricoh Aficio MP 2352SP | Security Target - Page 66
    for folder transmission by normal user Query and modification of users for stored and received documents by MFP administrator Query of user the roles [assignment: normal user, supervisor, MFP administrator, and RC Gate]. FMT_SMR.1.2 The TSF shall be able to associate users with roles. 6.1.6 Class
  • Ricoh Aficio MP 2352SP | Security Target - Page 67
    document data reception from the printer driver, completion of document data reception from the fax driver, and termination of communication with RC Gate]. 6.1.8 Class FTP: of components defined in evaluation assurance level 3 (EAL3). Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 68
    : Development AGD: Guidance documents ALC: Life-cycle support ASE: Security Target evaluation ATE: Tests AVA: Vulnerability design Operational user guidance Preparative Derived security requirements Security problem definition TOE summary specification (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 69
    O.FUNC.NO_ALT O.PROT.NO_ALT O.CONF.NO_DI S O.CONF.NO_ALT O.USER.AUTHORIZED O.INTERFACE.MANAGED O.SOFTWARE.VERIFIED O.AUDIT.LOGGED O.STORAGE.ENCRYPTED O. .1(b) FMT_MSA.3(a) X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 70
    user who generated the document data or the normal user who is registered on the document user list of the document data. The MFP administrator, supervisor and RC user name, and available operations (query and modify) on the document user list, and a specified user Copyright (c) 2011 RICOH COMPANY
  • Ricoh Aficio MP 2352SP | Security Target - Page 71
    and RC Gate are not allowed to delete user jobs. Deletion is the only modification operation on this TOE's user jobs. (2) Use trusted channels for sending or receiving user jobs. The user jobs sent and received by the TOE via the LAN are protected by FTP_ITC.1. Copyright (c) 2011 RICOH COMPANY
  • Ricoh Aficio MP 2352SP | Security Target - Page 72
    to manage the date, time, S/MIME user information, destination folder and users for stored and received documents. (2) normal user to operate the login password of normal user. A supervisor is allowed to operate the login password of . Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 73
    so that only valid users can use the TOE functions. The authentication failure handling and verification of secrets are the security policies for authentication using passwords when the TOE is accessed from the Operation Panel or a Web browser of client computer, documents are printed by using the
  • Ricoh Aficio MP 2352SP | Security Target - Page 74
    completion of document data reception from the printer driver or fax driver. The TOE terminates the session with RC Gate after completing the communication with RC Gate. (5) Management of the security attributes. According to FMT_MSA.1(b), the login user name and available function list of normal
  • Ricoh Aficio MP 2352SP | Security Target - Page 75
    the data to be written into the HDD is encrypted. To fulfil this security objective, it is required to implement the following countermeasures. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 76
    Specification of the roles. FMT_SMR.1 maintains the users who have the privileges. By satisfying FCS_CKM.1, and disclosure for the communication between the TOE and RC Gate. By satisfying FTP_ITC.1, which is the security None FCS_CKM.4 Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 77
    .4 None None None None None None None None None None None None None None None None None None None None None None None Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 78
    is important to appropriately remediate the flaw discovered after the start of TOE operation according to flow reporting procedure (ALC_FLR.2). Based on the terms and costs of the evaluation, the evaluation assurance level of EAL3+ALC_FLR.2 is appropriate for this TOE. Copyright (c) 2011
  • Ricoh Aficio MP 2352SP | Security Target - Page 79
    provides the recorded audit log in a legible fashion for users to audit (audit log review). The recorded audit audit logs in a text format when the MFP administrator instructs the TOE to read the audit logs. FAU_STG.4 The operations from RC Gate) Success and failure of login operations from RC Gate
  • Ricoh Aficio MP 2352SP | Security Target - Page 80
    via networks Storing document data Reading document data (print, download, fax transmission, e-mail transmission, and folder transmission) Deleting document data Success and failure of creation, modification, and deletion of S/MIME user information Success and failure of creation, modification, and
  • Ricoh Aficio MP 2352SP | Security Target - Page 81
    the TOE are authorised users (MFP administrator, supervisor, normal users, and RC Gate) by referring to printer driver or fax driver, the TOE receives the login user name and login password entered from each driver by a user. When the entered login user name is the login user name of a normal user
  • Ricoh Aficio MP 2352SP | Security Target - Page 82
    if the fixed auto logout time (30 minutes by default) elapses after the final operation from a Web browser by the user who logs on to the TOE from a Web browser. The TOE logs out immediately after receiving the print data from the printer driver. The TOE logs out immediately after receiving the
  • Ricoh Aficio MP 2352SP | Security Target - Page 83
    digits) Symbols: SP (space 33 symbols) (2) Registrable password length: - For normal users No less than the minimum character number for password (8-32 characters) TOE so that the IT device is identified as RC Gate, the IT device whose user role is RC Gate is allowed to use the TOE. FPT_FDI_EXP.1
  • Ricoh Aficio MP 2352SP | Security Target - Page 84
    documents to be printed, downloaded to the client computers, sent by fax, sent by e-mail, sent to folders, and deleted. The interface enables users to delete all the stored documents. Users authorised to operate stored documents are MFP administrator and normal users. The supervisor and RC Gate are
  • Ricoh Aficio MP 2352SP | Security Target - Page 85
    Printer documents Fax reception documents Print Delete E-mail transmission Folder transmission Download Delete (E-mail transmission and folder transmission are authorised for normal users document data operated by the cancelled user job is a stored document, users to use Copy Function, Printer
  • Ricoh Aficio MP 2352SP | Security Target - Page 86
    user who attempts to start operating Copy Function, Printer Function, Scanner Function, Document Server Function, and Fax Function. If the role is that of normal user, the user authentication server RC Gate SSL3 user deletes document data, the TOE Copyright (c) 2011 RICOH COMPANY, LTD. All
  • Ricoh Aficio MP 2352SP | Security Target - Page 87
    to operate the Security Management Function, and 3) set appropriate default values to security attributes, all of which accord with user role privileges or user privileges that are assigned to normal users, MFP administrator, or supervisor. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • Ricoh Aficio MP 2352SP | Security Target - Page 88
    and printer document (with stored print) Document user list Stored document type is fax received document(*2) Default values of the document user MFP administrator, applicable normal user who stored the documents MFP administrator Applicable normal user Copyright (c) 2011 RICOH COMPANY, LTD. All
  • Ricoh Aficio MP 2352SP | Security Target - Page 89
    User roles Login passwords of normal users when Basic Authentication is applied Login password of supervisor Login password of password for Basic Authentication Password complexity setting administrator Applicable normal user Supervisor Supervisor MFP user MFP administrator Supervisor, normal user
  • Ricoh Aficio MP 2352SP | Security Target - Page 90
    folder Users for stored and received documents User authentication procedures Operation Panel, Web browser Operation Panel, Web browser Operation Panel, Web browser Page 89 of 91 Query, (Query operation for a user received document users. FMT_MSA.3(a) and FMT_MSA.3(b) The TOE sets default values
  • Ricoh Aficio MP 2352SP | Security Target - Page 91
    Function) Document user list Document user list Document user list Login user name of normal user Function type Default values +PRT: Documents printed from the client computer with direct print, locked print, hold print, and sample print. +SCN: Documents sent by e-mail or to folders from the MFP
  • Ricoh Aficio MP 2352SP | Security Target - Page 92
    is disconnected. Since the TOE is set to prohibit forwarding of received fax data during installation, received fax data will not be forwarded. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
Aficio MP 2352/2852/3352 series
Security Target
Author : RICOH COMPANY, LTD.
Date
: 2011-12-19
Version : 1.00
Portions of Aficio MP 2352/2852/3352 series Security Target are reprinted
with written permission from IEEE, 445 Hoes Lane, Piscataway, New Jersey
08855, from IEEE 2600.1, Protection Profile for Hardcopy Devices,
Operational Environment A, Copyright © 2009 IEEE. All rights reserved.
This document is a translation of the evaluated and certified security target
written in Japanese.