Ricoh Aficio MP 3350B Security Target - Page 67

Page 67 of 83 7.1.1.1 Audit logs generation The TOE generates the audit logs when auditable events occur, and appends them to the audit log files. Audit logs consist of Basic Audit Information and Expanded Audit Information. The Basic Audit Information is a data item recorded for the occurrence of any kinds of auditable events, and the Expanded Audit Information is a data item recorded for generating auditable events that require additional information for audit. Table 26 shows the audit information for each auditable event. If there is no free space in the audit log files to append new audit logs, the oldest audit logs in terms of the time/date information are overwritten with new audit logs. Table 26: Auditable Events and Auditable Information Auditable events Starting Audit Function (*1) Ending Audit Function (*1) Login Starting Lockout Releasing Lockout (*2) Lockout release at the TOE startup HDD encryption key generation Successful storage of Document Data Successful reading of Document Data (*3) Successful deletion of Document Data Receiving fax Changing user password (include newly creating and deleting password) Deleting Administrator Role Adding Administrator Role Changing Document Data ACL Changing date and time of system clock Audit logs Basic Audit Information Expanded Audit Information - Date/time of the events - Types of the events (Auditable events in this table) - Subject identity (*4) - Outcome Locked out User Locked out User who is to be released Release methods (Auto Lockout Release/Manual Lockout Release) - ID of object Document Data ID of object Document Data ID of object Document Data - In the case of newly creating/changing/deleting the user authentication information of others, the ID of the person making the change - - ID of object Document Data - Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.