Ricoh Aficio MP 6001 SP Security Target - Page 80

Table 39: Functions Provided by the TOE, Identified User and Authentication Procedures

Get Ricoh Aficio MP 6001 SP PDF manuals and user guides View all Ricoh Aficio MP 6001 SP manuals
Add to My Manuals
Save this manual to your list of manuals

Page 80 highlights

Page 79 of 87 Table 39: Functions Provided by the TOE, Identified User and Authentication Procedures Identified User Normal user Administrator Authentication Procedures Checks if the login user name and password of normal user entered from the Operation Panel, Web browser, printer driver and fax driver of the client computer match the login user name and password of normal user registered in the TOE. Checks if the login user name and password of administrator entered from the Operation Panel, Web browser of client computer match the login user name and password of administrator registered in the TOE. FIA_UAU.7 (Protected authentication feedback) The TOE displays dummy letters in place of the login password entered from the Operation Panel by users in the authentication feedback area. FIA_UID.1 (Timing of identification) The TOE displays a window on the Operation Panel when no users log in from the Operation Panel. This window requires the users to enter their login user name and password. The TOE displays a window in a Web browser when the Web Function of the TOE is accessed from a client computer with no users logged in. This window also requires the users to enter their login user name and password. In both windows, the TOE identifies users with the login user name and password entered by them. When receiving a request from a client computer for printing or storing user documents using Printer Function, the TOE identifies users with the login user name of the user sent from a client computer before printing and storing the user documents. When receiving a request from a client computer for sending and storing user documents using LAN Fax, the TOE identifies users with the login user name of the user sent from a client computer before sending and storing the user documents. When receiving faxes from telephone line, the TOE does not have the function to identify users prior to the function that stores the received data as received fax document. The TOE does not receive any identification information from telephone line, but executes the fax reception function using the received data. The TOE allows any users to refer Web Image Monitor Help regardless of the user identification status when users access to a Web browser from client computer. The TOE allows the following operations regardless of the user identification status: reference of the list of user jobs, Web Image Monitor Help from a Web browser, system status, counter, and information of inquiries, and execution of fax reception. FIA_USB.1 (User-subject binding) For the successfully identified and authenticated users, the TOE binds the normal user with the normal user process, supervisor with the supervisor process, and MFP administrator with the MFP administrator process. The normal user process is associated with the login user name of normal user, application type, and available function list as security attributes. The supervisor process is associated with the login user name of supervisor, and the MFP administrator process is associated with the login user name of MFP administrator as security attributes. These associations are reflected to the operation permissions for each user role. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
Page 79 of
87
Table 39: Functions Provided by the TOE, Identified User and Authentication Procedures
Identified User
Authentication Procedures
Normal user
Checks if the login user name and password of normal user entered from the
Operation Panel, Web browser, printer driver and fax driver of the client
computer match the login user name and password of normal user registered in
the TOE.
Administrator
Checks if the login user name and password of administrator entered from the
Operation Panel, Web browser of client computer match the login user name and
password of administrator registered in the TOE.
FIA_UAU.7 (Protected authentication feedback)
The TOE displays dummy letters in place of the login password entered from the Operation Panel by users in
the authentication feedback area.
FIA_UID.1 (Timing of identification)
The TOE displays a window on the Operation Panel when no users log in from the Operation Panel. This
window requires the users to enter their login user name and password. The TOE displays a window in a
Web browser when the Web Function of the TOE is accessed from a client computer with no users logged in.
This window also requires the users to enter their login user name and password. In both windows, the TOE
identifies users with the login user name and password entered by them.
When receiving a request from a client computer for printing or storing user documents using Printer
Function, the TOE identifies users with the login user name of the user sent from a client computer before
printing and storing the user documents. When receiving a request from a client computer for sending and
storing user documents using LAN Fax, the TOE identifies users with the login user name of the user sent
from a client computer before sending and storing the user documents.
When receiving faxes from telephone line, the TOE does not have the function to identify users prior to the
function that stores the received data as received fax document. The TOE does not receive any identification
information from telephone line, but executes the fax reception function using the received data.
The TOE allows any users to refer Web Image Monitor Help regardless of the user identification status when
users access to a Web browser from client computer.
The TOE allows the following operations regardless of the user identification status: reference of the list of
user jobs, Web Image Monitor Help from a Web browser, system status, counter, and information of
inquiries, and execution of fax reception.
FIA_USB.1 (User-subject binding)
For the successfully identified and authenticated users, the TOE binds the normal user with the normal user
process, supervisor with the supervisor process, and MFP administrator with the MFP administrator process.
The normal user process is associated with the login user name of normal user, application type, and
available function list as security attributes. The supervisor process is associated with the login user name of
supervisor, and the MFP administrator process is associated with the login user name of MFP administrator
as security attributes. These associations are reflected to the operation permissions for each user role.
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.