Ricoh Aficio MP 6001 SP Security Target - Page 80
Table 39: Functions Provided by the TOE, Identified User and Authentication Procedures
View all Ricoh Aficio MP 6001 SP manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 80 highlights
Page 79 of 87 Table 39: Functions Provided by the TOE, Identified User and Authentication Procedures Identified User Normal user Administrator Authentication Procedures Checks if the login user name and password of normal user entered from the Operation Panel, Web browser, printer driver and fax driver of the client computer match the login user name and password of normal user registered in the TOE. Checks if the login user name and password of administrator entered from the Operation Panel, Web browser of client computer match the login user name and password of administrator registered in the TOE. FIA_UAU.7 (Protected authentication feedback) The TOE displays dummy letters in place of the login password entered from the Operation Panel by users in the authentication feedback area. FIA_UID.1 (Timing of identification) The TOE displays a window on the Operation Panel when no users log in from the Operation Panel. This window requires the users to enter their login user name and password. The TOE displays a window in a Web browser when the Web Function of the TOE is accessed from a client computer with no users logged in. This window also requires the users to enter their login user name and password. In both windows, the TOE identifies users with the login user name and password entered by them. When receiving a request from a client computer for printing or storing user documents using Printer Function, the TOE identifies users with the login user name of the user sent from a client computer before printing and storing the user documents. When receiving a request from a client computer for sending and storing user documents using LAN Fax, the TOE identifies users with the login user name of the user sent from a client computer before sending and storing the user documents. When receiving faxes from telephone line, the TOE does not have the function to identify users prior to the function that stores the received data as received fax document. The TOE does not receive any identification information from telephone line, but executes the fax reception function using the received data. The TOE allows any users to refer Web Image Monitor Help regardless of the user identification status when users access to a Web browser from client computer. The TOE allows the following operations regardless of the user identification status: reference of the list of user jobs, Web Image Monitor Help from a Web browser, system status, counter, and information of inquiries, and execution of fax reception. FIA_USB.1 (User-subject binding) For the successfully identified and authenticated users, the TOE binds the normal user with the normal user process, supervisor with the supervisor process, and MFP administrator with the MFP administrator process. The normal user process is associated with the login user name of normal user, application type, and available function list as security attributes. The supervisor process is associated with the login user name of supervisor, and the MFP administrator process is associated with the login user name of MFP administrator as security attributes. These associations are reflected to the operation permissions for each user role. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.