Ricoh Aficio MP 2851 Security Target - Page 43

FIA_ATD.1, User attribute definition, FIA_SOS.1, Verification of secrets

Get Ricoh Aficio MP 2851 PDF manuals and user guides View all Ricoh Aficio MP 2851 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 43 highlights

User authentication using TOE from client computer Web browser User authentication when printing from client computer User authentication when faxing from client computer Page 43 of 81 FIA_AFL.1.2 When defined number of unsuccessful authentication attempts has been [selection: met], the TSF shall [assignment: Lockout the user, who has failed the authentication attempts, until one of the Lockout release actions, shown in Table 14, is taken]. Table 14: Lockout release actions Lockout release actions Auto Lockout Release Manual Lockout Release Details If the user fails to authenticate after making the number of attempts specified for Lockout release, and the Lockout time (between 1 and 9999 minutes) set in advance by the machine administrator has elapsed, then Lockout will be released upon the first successful identification and authentication by the locked-out user. The machine administrator can set the Lockout time to indefinite, and in this case, Lockout cannot be released by a time-based operation but can be released by an operation other than a time-based operation. Regardless of the time specified for the Lockout release by the machine administrator, an unlocking administrator specified for any user role of a locked-out user can release a locked-out user. FMT_MTD.1 defines the relationship between locked-out user and unlocking administrator. There is also a special Lockout release: If an administrator (any role) or a supervisor is locked out, restarting the TOE has the same effect as the Lockout release operation performed by an unlocking administrator. FIA_ATD.1 User attribute definition Hierarchical to: No other components. Dependencies: No dependencies. FIA_ATD.1.1 The TSF shall maintain the following list of security attributes belonging to individual users: [assignment: general user IDs, document data default ACL, administrator IDs, administrator roles and supervisor ID]. FIA_SOS.1 Verification of secrets Hierarchical to: No other components. Dependencies: No dependencies. FIA_SOS.1.1 The TSF shall provide a mechanism to verify that secrets meet[assignment: following quality metrics]. (1) Usable characters and its types: Upper-case letters: [A-Z] (26 letters) Lower-case letters: [a-z] (26 letters) Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
Page 43 of 81
Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
User authentication using TOE from client computer Web browser
User authentication when printing from client computer
User authentication when faxing from client computer
FIA_AFL.1.2 When defined number of unsuccessful authentication attempts has been
[selection: met]
, the
TSF shall
[assignment: Lockout the user, who has failed the authentication attempts,
until one of the Lockout release actions, shown in
Table 14
, is taken].
Table 14: Lockout release actions
Lockout release actions
Details
Auto Lockout Release
If the user fails to authenticate after making the number of attempts
specified for Lockout release, and the Lockout time (between 1 and 9999
minutes) set in advance by the machine administrator has elapsed, then
Lockout will be released upon the first successful identification and
authentication by the locked-out user. The machine administrator can set
the Lockout time to indefinite, and in this case, Lockout cannot be released
by a time-based operation but can be released by an operation other than a
time-based operation.
Manual Lockout Release
Regardless of the time specified for the Lockout release by the machine
administrator, an unlocking administrator specified for any user role of a
locked-out user can release a locked-out user. FMT_MTD.1 defines the
relationship between locked-out user and unlocking administrator.
There is also a special Lockout release: If an administrator (any role) or a
supervisor is locked out, restarting the TOE has the same effect as the
Lockout release operation performed by an unlocking administrator.
FIA_ATD.1
User attribute definition
Hierarchical to:
No other components.
Dependencies:
No dependencies.
FIA_ATD.1.1
The TSF shall maintain the following list of security attributes belonging to individual users:
[assignment: general user IDs, document data default ACL, administrator IDs,
administrator roles and supervisor ID].
FIA_SOS.1
Verification of secrets
Hierarchical to:
No other components.
Dependencies:
No dependencies.
FIA_SOS.1.1 The TSF shall provide a mechanism to verify that secrets meet
[assignment: following
quality metrics]
.
(1)
Usable characters and its types:
Upper-case letters: [A-Z] (26 letters)
Lower-case letters: [a-z] (26 letters)