Ricoh Aficio MP 5002 Security Target - Page 26

Table 8 : Definition of User Data, Description, Table 9 : Definition of TSF Data

Get Ricoh Aficio MP 5002 PDF manuals and user guides View all Ricoh Aficio MP 5002 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 26 highlights

1.4.5 Protected Assets Assets to be protected by the TOE are user data, TSF data, and functions. Page 25 of 93 1.4.5.1. User Data The user data is classified into two types: document data and function data. Table 8 defines user data according to these data types. Table 8 : Definition of User Data Type Document data Function data Description Digitised documents, deleted documents, temporary documents and their fragments, which are managed by the TOE. Jobs specified by users. In this ST, a "user job" is referred to as a "job". 1.4.5.2. TSF Data The TSF data is classified into two types: protected data and confidential data. Table 9 defines TSF data according to these data types. Type Protected data Confidential data Table 9 : Definition of TSF Data Description This data must be protected from changes by unauthorised persons. No security threat will occur even this data is exposed to the public. In this ST, "protected data", listed below, is referred to as "TSF protected data". Login user name, Number of Attempts before Lockout, settings for Lockout Release Timer, lockout time, date settings (year/month/day), time settings, Minimum Character No., Password Complexity Setting, auto logout time of the Operation Panel, S/MIME user information, destination folder, Stored Reception File User, document user list, available function list, user authentication method, IPSec setting information, @Remote setting information, and Device Certificate. This data must be protected from changes by unauthorised persons and reading by users without viewing permissions. In this ST, "confidential data", listed below, is referred to as "TSF confidential data". Login password, audit log, and HDD cryptographic key. 1.4.5.3. Functions The MFP applications (Copy Function, Document Server Function, Printer Function, Scanner Function, and Fax Function) that are for management of the document data of user data are classified as protected assets, whose use is subject to restrictions. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
Page 25 of
93
Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
1.4.5
Protected Assets
Assets to be protected by the TOE are user data, TSF data, and functions.
1.4.5.1.
User Data
The user data is classified into two types: document data and function data. Table 8 defines user data
according to these data types.
Table 8 : Definition of User Data
Type
Description
Document data
Digitised documents, deleted documents, temporary documents and their
fragments, which are managed by the TOE.
Function data
Jobs specified by users. In this ST, a "user job" is referred to as a "job".
1.4.5.2.
TSF Data
The TSF data is classified into two types: protected data and confidential data. Table 9 defines TSF data
according to these data types.
Table 9 : Definition of TSF Data
Type
Description
Protected data
This data must be protected from changes by unauthorised persons. No security
threat will occur even this data is exposed to the public. In this ST, "protected
data", listed below, is referred to as "TSF protected data".
Login user name, Number of Attempts before Lockout, settings for Lockout
Release Timer, lockout time, date settings (year/month/day), time settings,
Minimum Character No., Password Complexity Setting, auto logout time of the
Operation Panel, S/MIME user information, destination folder, Stored Reception
File User, document user list, available function list, user authentication method,
IPSec setting information, @Remote setting information, and Device Certificate.
Confidential data
This data must be protected from changes by unauthorised persons and reading by
users without viewing permissions. In this ST, "confidential data", listed below, is
referred to as "TSF confidential data".
Login password, audit log, and HDD cryptographic key.
1.4.5.3.
Functions
The MFP applications (Copy Function, Document Server Function, Printer Function, Scanner Function, and
Fax Function) that are for management of the document data of user data are classified as protected assets,
whose use is subject to restrictions.