Ricoh Aficio MP C2800 Security Target

Ricoh Aficio MP C2800 Manual

Get Ricoh Aficio MP C2800 PDF manuals and user guides View all Ricoh Aficio MP C2800 manuals
Add to My Manuals
Save this manual to your list of manuals

Ricoh Aficio MP C2800 manual content summary:

  • Ricoh Aficio MP C2800 | Security Target - Page 1
    Page 1 of 80 Aficio MP C2800/C3300 series with Fax Option Type C5000 Security Target Author Date Version : COMPANY, LTD., Yasushi FUNAKI : 2010 -07 -29 : 1.00 Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP C2800 | Security Target - Page 2
    Version 1.00 Date 2010 -0 7 -2 9 Page 2 of 80 Revision History Author Yasushi FUNAKI Details Released version Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP C2800 | Security Target - Page 3
    Security Features of TOE 8 1.3.3 Environment for TOE Usage and Non-TOE Configuration Items 8 1.4 TOE Description 10 1.4.1 Physical Boundaries of TOE 10 1.4.2 Guidance Documents...13 1.4.3 User Roles...15 1.4.3.1 Responsible Manager of MFP 15 1.4.3.2 Administrator...15 1.4.3.3 Supervisor...15
  • Ricoh Aficio MP C2800 | Security Target - Page 4
    28 4.3.2 Tracing Justification...29 5 Extended Components Definition 32 6 Security Requirements 33 6.1 Security Functional Requirements 33 6.1.1 Class FAU: Security audit...33 6.1.2 Class FCS: Cryptographic support 38 6.1.3 Class FDP: User data protection 39 6.1.4 Class FIA: Identification and
  • Ricoh Aficio MP C2800 | Security Target - Page 5
    Page 5 of 80 7.1.2.3 Password Feedback Area Protection 67 7.1.2.4 Password Registration...67 7.1.3 SF.DOC_ACC Document Data Access Control Function 68 7.1.3.1 General User Web Service Function from Client Computer 74 7.1.7.2 Printing and Faxing from Client RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP C2800 | Security Target - Page 6
    67 Table 28: Default value for document data ACL 68 Table 29: Operations of document data ACL and authorised user.s 69 Table 30: Access to administrator information 70 Table 31: Authorised operations on general user information 71 Table 32: Administrators authorised to specify machine control
  • Ricoh Aficio MP C2800 | Security Target - Page 7
    C2800, infotec MP C3300 MFP Software/Hardware Version: Software System/Copy Network Support Scanner Printer Fax Web Support Web Uapl Network Doc Box 1.22 8.27 01.23 1.22 04.00.00 1.10 1.08 1.03 Hardware Ic Key 1100 Ic Ctlr 03 FCU Name : Fax Option Type C5000 Copyright (c) 2009,2010 RICOH
  • Ricoh Aficio MP C2800 | Security Target - Page 8
    -13(WW) 04.04.00 Page 8 of 80 Keywords : Digital MFP, Documents, Copy, Print, Scanner, Fax, Network, Office 1.3 TOE Overview This section defines the TOE type, TOE usage and major security features of the TOE, the environment for the TOE usage and non -TOE configuration items. 1.3.1 TOE Type The
  • Ricoh Aficio MP C2800 | Security Target - Page 9
    pre-installed on the client computer. To print and fax from the client computer via the internal network or USB connection, the PCL printer driver and fax driver must be downloaded and installed into the client computer from the website indicated in the user guidance. FTP Server FTP server is used
  • Ricoh Aficio MP C2800 | Security Target - Page 10
    consists of the following hardware (shown in Figure 2): Operation Panel Unit, Engine Unit, Fax Unit, Controller Board, IcCtlr, HDD, Network Unit, USB Port, and SD Card Slot. Figure 2 outlines the configuration of the TOE hardware. Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP C2800 | Security Target - Page 11
    Page 11 of 80 Figure 2: Hardware configuration of TOE Operation Panel Unit (hereafter "Operation Panel") The Operation Panel is an interface device that is installed on the TOE for use by users. It features key switches, LED indicators, and LCD touch screen, and the Operation Panel Control Board.
  • Ricoh Aficio MP C2800 | Security Target - Page 12
    Page 12 of 80 Software with information about the status of fax communications and controls the fax communications according to instructions from RAM] A volatile memory medium used for image processing. [NVRAM] A non-volatile memory medium in which MFP Control Data for configuring the MFP operation
  • Ricoh Aficio MP C2800 | Security Target - Page 13
    LD540CG/LD550CG Aficio MP C2800/C3300/C4000/C5000/C2800G/C3300G/C4000G/C5000G Operating Instructions Troubleshooting - Notes for Users - Caution on Use of the Optional USB 2.0/SD Slot Type A (Media Slot) - Quick Reference Copy Guide - Quick Reference Fax Guide - Quick Reference Printer Guide - Quick
  • Ricoh Aficio MP C2800 | Security Target - Page 14
    Aficio MP C2800/C3300/C4000/C5000 Operating Instructions Troubleshooting - Notes for Users - Caution on Use of the Optional USB 2.0/SD Slot Type A (Media Slot) - Quick Reference Copy Guide - Quick Reference Fax Guide - Quick Reference Printer Guide - Quick Reference Scanner Guide - Manuals for Users
  • Ricoh Aficio MP C2800 | Security Target - Page 15
    supervisor is registered for the TOE as a factory setting. The person selected to be a supervisor by the responsible manager can change the supervisor ID and password of the default supervisor. 1.4.3.4 General User A "general user" is an authorised TOE user who is registered in the Address Book by
  • Ricoh Aficio MP C2800 | Security Target - Page 16
    by manufacturers, technical support service companies, and sales companies. 1.4.4 Logical Boundaries of TOE The logical boundaries of the TOE comprise the functions provided by the TOE. This section describes the "Basic Functions", which is the service provided by the TOE to users, and the "Security
  • Ricoh Aficio MP C2800 | Security Target - Page 17
    Function This function is for scanning originals and printing the scanned image accordnig to the Print Settings specified by the user. Print Settings include the number of copies, magnification, and custom settings (e.g. printing multiple pages onto a single sheet). In addition, the scanned original
  • Ricoh Aficio MP C2800 | Security Target - Page 18
    Page 18 of 80 Function. When document data is printed, the Print Setting information for the stored document data will be updated according to the user's settings. Management Function This function is for setting the following information: information for configuring operation of the machine,
  • Ricoh Aficio MP C2800 | Security Target - Page 19
    user IDs and authentication details for user identification and authentication. However, when printing or faxing from aclient computer, this function sends the user's ID and authentication details to the TOE after the users enters their user ID and authentication details from printer or fax drivers
  • Ricoh Aficio MP C2800 | Security Target - Page 20
    of the TOE. The following explains the sending methods and their corresponding communication protocols. 1. Download document data using the Web Service Function from a client computer (SSL protocol) 2. Print or fax from a client computer (SSL protocol) 3. Deliver document datato FTP server or SMB
  • Ricoh Aficio MP C2800 | Security Target - Page 21
    isor can change their supervisor ID and password. 5. Management of machine control data Each administrator is allowed to configure the items of machine control data that correspond to their administrator role (machine administrator, user administrator, or andfile administrator). Service Mode Lock
  • Ricoh Aficio MP C2800 | Security Target - Page 22
    Page (document data and print data). 1.4.5.1 Document Port Document data is created from print data received through the network or . 3. Downloaded by a client computer. 4. Printed out. 5. Sent as a fax. When fax drivers installed on the client computer when it is printed or faxed, respectively. Print
  • Ricoh Aficio MP C2800 | Security Target - Page 23
    Page 23 of 80 a client computer to the TOE through the intenr al network, print data is protected from leakage, and tampered data can be detected. Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP C2800 | Security Target - Page 24
    2 Conformance Claims This section describes the conformance claim. Page 24 of 80 2.1 CC Conformance Claim The CC conformance claim of this ST and TOE is ST does not claim conformance to PPs, there is no rationale for PP conformance. Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP C2800 | Security Target - Page 25
    Problem protected assets stored in TOE) Authorised TOE users may breach the limits of authorised usage and abuse them. T.SALVAGE (Salvaging memory) Attackers may remove the HDD leak, or tamper with document data or print data sent or received by the TOE via RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP C2800 | Security Target - Page 26
    Page 26 of 80 P.SOFTWARE (Software ADMIN (Assumption for administrators) Administrators shall have sufficient knowledge to operate the TOE securely in the roles assigned to them and will instruct ge neral users the external network. Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP C2800 | Security Target - Page 27
    security attributes. Such users are required to maintain the TOE security. O.MEM.PROTECT (Prevention of disclosure of data stored in memory) The TOE shall users with a function that verifies the integrity of the MFP Control Software, which is installedin the FlashROM. Copyright (c) 2009,2010 RICOH
  • Ricoh Aficio MP C2800 | Security Target - Page 28
    of the operational environment. OE.ADMIN (Trusted administrator) The responsible manager of the MFP shall select trusted persons as administrators and instructs them on their administrator roles. Once instructed, administrators then shall instruct general users, familiarising them with the
  • Ricoh Aficio MP C2800 | Security Target - Page 29
    to them and instruct general users to operate the TOE securely also. Additionally, administrators are unlikely to abuse their permissions. As specified by OE.ADMIN, the responsible supervisor. Therefore, A.SUPERVISOR is upheld. Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP C2800 | Security Target - Page 30
    Page The TOE also restricts management of the Security Functions to specified users only, and control of TSF data, and security attributes the TOE can counter T.ABUSE_SEC_MNG. T.SALVAGE (Salvaging memory) To counter this threat, the TOE converts the 2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP C2800 | Security Target - Page 31
    Page 31 of 80 T.TRANSIT (Data interception and tampering with communication path) To counter this threat, the TOE protects document data and Print line connected to Fax Unit to the users by O.GENUINE. Therefore, the TOE can enforce P.SOFTWARE. Copyright (c) 2009,2010 RICOH COMPANY,
  • Ricoh Aficio MP C2800 | Security Target - Page 32
    Page 32 of 80 5 Extended Components Definition In this ST and TOE, there are no extended components, i.e., the new security requirements and security assurance requirements that are
  • Ricoh Aficio MP C2800 | Security Target - Page 33
    Page 33 of 80 6 Security Requirements This section describes the security functional requirements, security assurance requirements, failure. Auditable events not recorded. Auditable events not recorded. Auditable events not recorded. Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP C2800 | Security Target - Page 34
    Page 34 of 80 Functional requirements FCS_CKM.1 FCS_COP.1 FDP_ACC.1 FDP_ACF.1 FDP_IFC.1 FDP_IFF.1 FIA_AFL.1 2. Reading of document data successful 3. Deletion of document data successful a) Minimal 1. Fax Function: Reception a) Minimal 1. Lockout start 2. Lockout release b) Basic 1. Newly creating
  • Ricoh Aficio MP C2800 | Security Target - Page 35
    of the default setting of permissive or restrictive rules. b) Basic: All modifications of the initial values of security attributes. a) Basic: All modifications to the values of TSF data. Auditable events of TOE information of general users (Outcome: Success/Failure) 2. Changing authenticatio
  • Ricoh Aficio MP C2800 | Security Target - Page 36
    Page 36 of 80 Auditable events of TOE a) Minimal: Use of the Management Functions. a) Minimal: modifications to the group of users that are part of a role; b) Detailed: every use of the rights of a role. a) Minimal: changes users (Outcome: Success/Failure) Copyright (c) 2009,2010 RICOH COMPANY
  • Ricoh Aficio MP C2800 | Security Target - Page 37
    should be auditable invocations, if available. Page 37 of 80 Auditable events of changed/deleted, Locking out users, release of user Lockout, method of Lockout release, IDs of object document data]. FAU_SAR.1 Audit review : no Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP C2800 | Security Target - Page 38
    key generation algorithm TRNG Cryptographic key size 256 bits FCS_COP.1 Cryptographic operation Hierarchical to: Dependencies: No other components. [FDP_ITC.1 Import of user data without security attributes, or FDP_ITC.2 Import of user data with security attributes, or FCS_CKM.1 Cryptographic
  • Ricoh Aficio MP C2800 | Security Target - Page 39
    6.1.3 Class FDP: User data protection Page 39 of 80 FDP_ACC.1 Subset access General user process Document data Security attributes - Administrator IDs - Administrator roles - General user ID - Document data default ACL Table 9 Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP C2800 | Security Target - Page 40
    Page 40 of 80 Subject General user process Operations on objects Storing document data Reading document data Deleting document data Rules governing access General users can store document data. When the document data is stored, the document data default ACL associated with the general user
  • Ricoh Aficio MP C2800 | Security Target - Page 41
    : List of subjects, information and operation Page 41 of 80 Subjects Information Operation - Fax process on Fax Unit - Fax reception process on Controller Board Data received attributes that explicitly deny information flows]. Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP C2800 | Security Target - Page 42
    13 : List of authentication events Authentication events User authentication using the control panel User authentication using TOE from client computer Web browser User authentication when printing from client computer User authentication when faxing from client computer FIA_AFL.1.2 When defined
  • Ricoh Aficio MP C2800 | Security Target - Page 43
    (26 letters) Lower-case letters: [a-z] (26 letters) Numbers: [0-9] (10 digits) Symbols: SP (spaces 33 symbols) (2) Registerable password length: For general users No fewer than the Minimum Password Length specified by the user a dministrator (8-32 characters) and no more than 128 characters. For
  • Ricoh Aficio MP C2800 | Security Target - Page 44
    process Supervisor process Security attributes of users General user ID, Document data default ACL Administrator ID, Administrator ro les Supervisor ID FIA_USB.1.3 The TSF shall enforce the following rules governing changes to the user security attributes associated with subjects acting
  • Ricoh Aficio MP C2800 | Security Target - Page 45
    change Query Query, add, delete Query, change Query, modify Document data default ACL (a data item of general user information) Query, modify User roles - User administrator - General users the default values when an object or information is created. Copyright (c) 2009,2010 RICOH COMPANY,
  • Ricoh Aficio MP C2800 | Security Target - Page 46
    Page 46 of 80 Object Document data stored by general users Security attribute associated with object Document data ACL Default value and its characteristic at time of object creation A value set in advance as the document data default , [assignment: register, change, entirely delete, newly create
  • Ricoh Aficio MP C2800 | Security Target - Page 47
    data Operations Que ry Minimum Password Length Password Complexity Setting HDD cryptographic key Audit logs Service mode lock setting Query, modify Query, modify Query, newly create Query, delete entirely Query, modify Query Lockout Flag for general users Lockout Flag for administrators Lockout
  • Ricoh Aficio MP C2800 | Security Target - Page 48
    Page no interfaces to change. a) Security settings of the machine control data: - Minimum Password Length - Password Complexity Setting - Security Management Function (management of general user information): management of authentication information of general Copyright (c) 2009,2010 RICOH
  • Ricoh Aficio MP C2800 | Security Target - Page 49
    Page 49 of 80 Functional requirements FIA_UAU.7 FIA_UID.2 FIA_USB.1 FMT_MSA.1 Management requirements Management items data. None a) Management of the user identities. a) An authorised administrator can define default subject security attributes. b) An authorised administrator can change subject
  • Ricoh Aficio MP C2800 | Security Target - Page 50
    that can specify the initial settings. b) Management of the document data default ACL. - Allows the user administrator to modify the document data default ACL for all general user information registered to the Address Book. - Allows general users to modify the document data default ACL of their own
  • Ricoh Aficio MP C2800 | Security Target - Page 51
    Page 51 of 80 administrator, file administrator, user administrator, and network administrator) and a supervisor]. FMT_SMR.1.2 The TSF shall be able to associate users authorised users with the provide authorised users with the service and Deliver to Folders from TOE to FTP server (IPSec) service
  • Ricoh Aficio MP C2800 | Security Target - Page 52
    TSF Remote users Services that require a trusted path E-mail service to client computer fromTOE (S/MIME) Initial user authentication (SSL) TOE web service from client PC (SSL) Printing service from client PC (SSL) Fax service from client PC (SSL) Copyright (c) 2009,2010 RICOH COMPANY, LTD
  • Ricoh Aficio MP C2800 | Security Target - Page 53
    Page 53 of 80 ADV: Development AGD: Guidance documents ALC: Life -cycle support ASE: Security Target evaluation ATE: Tests AVA: Vulnerability design Operational user guidance Preparative procedures objectives Derived security requirements Security problem definition TOE summary specification Analysis
  • Ricoh Aficio MP C2800 | Security Target - Page 54
    Page 54 of 80 6.3 Security Requirements Rationale This section describes the rationale .1 v FDP_ACC.1 v FDP_ACF.1 v FDP_IFC.1 v FDP_IFF.1 v FIA_AFL.1 v FIA_ATD.1 v FIA_SOS.1 v FIA_UAU.2 v FIA_UAU.7 v FIA_UID.2 v Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP C2800 | Security Target - Page 55
    Page 55 of 80 O.AUDIT O.I&A O.DOC_ACC O.MANAGE O.MEM.PROTECT O.NET.PROTECT O.GENUINE O.LINE_PROTECT FIA_USB.1 FMT_MSA.1 identification or authentication function is performed, whenever users operate protected assets, whenever protected assets are ,2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP C2800 | Security Target - Page 56
    Complicate decoding of passwords. To fulfil O.I&A, passwords for user authentication shall user authentication attempts from the Operation Panel, the Web browser of a client computer, or a client computer when printing or faxing data set for each type of subject associated with the users and
  • Ricoh Aficio MP C2800 | Security Target - Page 57
    time of the system clock and the service mode lock setting; - the user administrator to query and specify the Minimum Password Length, complexity setting, anda Lockout Flag for general users; - the user administrator and applicable general users to specify the authentication information of general
  • Ricoh Aficio MP C2800 | Security Target - Page 58
    , and detects attemptsat tampering. The SSL protocol protects document data and print data that are is travelling through a web service, print service, or fax service from a client computer from leakage and attempts at tampering. Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP C2800 | Security Target - Page 59
    Page 59 of 80 O.GENUINE prevented. For this, FDP_IFC.1 and FDP_IFF.1 allow fax data to pass from the fax process on the Fax Unit to the fax reception process on the Controller Board only if the None None FCS_CKM.4 FCS_CKM.4 None None Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP C2800 | Security Target - Page 60
    Page 60 of 80 TOE security functional requirements Dependencies claimed by CC Dependencies satisfied in ST Dependencies not satisfied hierarchical to FIA_UAU.1, the dependency on FIA_UAU.1 is satisfied by FIA_AFL.1 and FIA_UAU.7. Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP C2800 | Security Target - Page 61
    Page 61 of 80 Rationale for Removing Dependencies on FIA_UID.1 Since this TOE employs FIA_UID.2, which is hierarchical to FIA_UID.1, terms and costs of the evaluation, the evaluation assurance level of EAL3 is appropriate for this TOE. Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP C2800 | Security Target - Page 62
    Page 62 of SF.AUDIT Audit Function SF.I&A User Identification and Authentication Function SF.DOC_ACC Security Management Function SF.CE_OPE_LOCK Service Mode Lock Function SF. .1 v FCS_COP.1 v FDP_ACC.1 v FDP_ACF.1 v Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP C2800 | Security Target - Page 63
    Page 63 of 80 SF.AUDIT SF.I&A SF.DOC_ACC SF.SEC_MNG SF.CE_OPE_LOCK SF.CIPHER SF.NET_PROT SF.FAX_LINE SF.GENUINE FDP_IFC.1 FDP_IFF logs consist of basic audit information and expanded audit information. Basic audit information is data Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP C2800 | Security Target - Page 64
    Page 64 of 80 recorded when any kind of Login Starting Lockout Releasing Lockout (*2) Lockout release at TOE startup HDD encryption key generation Successful storage of document data Successful reading of document data (*3) Successful deletion of document data Receiving fax Changing user password
  • Ricoh Aficio MP C2800 | Security Target - Page 65
    in IDs for the operational object document data are printing, Sending by E-mail, Delive ring to Folders and downloading from Web Service Function the document data stored in D-BOX *4 When the recording events occur due to the operations by users, User IDs are set as subject identities of basic audit
  • Ricoh Aficio MP C2800 | Security Target - Page 66
    Page 66 of 80 7.1.2.1 User Identification and Authentication The TOE displays a login window when users attempt to use the TOE Security Functions from the Operation Panel or the Web Service Function. This window requires the user to enter their ID and password, and then identifies and authenticates
  • Ricoh Aficio MP C2800 | Security Target - Page 67
    , FIA_UAU.7 (Protected authentication feedback) is satisfied. 7.1.2.4 Password Registration The TOE provides a function for registering and changing the passwords of general users, administrators, and supervisor from the Operation Panel or the Web Service Function. This function uses a string of
  • Ricoh Aficio MP C2800 | Security Target - Page 68
    No fewer than the Minimum Password Length specified by the user administrator (8-32 characters) and no more than 32 characters. (3) Rule: Passwords that are composed of a combination of characters based on the Password Complexity Setting specified by the user administrator can be registered. The
  • Ricoh Aficio MP C2800 | Security Target - Page 69
    data ACL allows operations on the document data ACL from the Operation Panel or Web Service Function to be restricted to specified users only. Operations on the document data ACL include changing the document file owner and the document file owner's operation permissions for the document data
  • Ricoh Aficio MP C2800 | Security Target - Page 70
    Page 70 of 80 If the logged-in user is a file administrator, the TOE allows that user to perform operations on all document data ACLs, including changing document file owners and their access rights, and newly registering and deleting document file users and changing their access rights. If the
  • Ricoh Aficio MP C2800 | Security Target - Page 71
    the operations involved in creating, changing, and deleting general user information from the Operation Panel or Web Service Function. General user information includes general user IDs, general user authentication information, document data default ACL, and S/MIME user information. If the logged-in
  • Ricoh Aficio MP C2800 | Security Target - Page 72
    Page 72 of 80 7.1.4.5 Management of Machine Control Data Management of machine control data allows setting of machine control data by specified users only. The TOE allows only specified users to use the functions that set the machine control data from specified operation interfaces. Table 32 shows
  • Ricoh Aficio MP C2800 | Security Target - Page 73
    Page 73 of 80 The TOE allows the machine administrator to set the Service Mode Lock Function from the Operation Panel, and allows all authorised users to view the value of the setting. If the Service Mode Lock Function is set to "Off", the TOE allows only the CE to use the Maintenance Functions. If
  • Ricoh Aficio MP C2800 | Security Target - Page 74
    Page 74 of 80 This protects document data and print Printing and Faxing from Client Computer Whenever it receives a request from a client computer for printing or transmitting faxes as S/MIME user information within general user information. Users can send e- RICOH COMPANY, LTD. All Rights Reserved.
  • Ricoh Aficio MP C2800 | Security Target - Page 75
    . The TOE become s available for users only if the integrity of the control software can be verified. If integrity cannot be verified, it indicates that theMFP Control Software is not correct . By the above, FPT_TST.1 (TSF testing) is satisfied. Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights
  • Ricoh Aficio MP C2800 | Security Target - Page 76
    , network support, scanner, printer, fax, Web support, Web user that is required for using S/MIME. Includes e-mail address, user certificates, and a specified value for S/MIME use. A server for sharing files with a client computer using Server Message Block Protocol. Copyright (c) 2009,2010 RICOH
  • Ricoh Aficio MP C2800 | Security Target - Page 77
    ID Supervisor authentication information Network administration Network control data Minim um Password Length Password Complexity Setting Fax process on Fax Unit Deliver to Folder Sending by E-mail Memory Transmission User administration Definitions A server for sending e-mail using Simple Mail
  • Ricoh Aficio MP C2800 | Security Target - Page 78
    general user ID, general user authentication information, document data default ACL, and S/MIME user information A password for identification and authentication of a general user. The document files in a client computer that are sent to the TOE from a client computer to be printed or faxed. Drivers
  • Ricoh Aficio MP C2800 | Security Target - Page 79
    of the following operations. 1. Scanning from paper and digitising. 2. Received as print data and then converted by the MFP into a format that can be processed by the MFP. An item of general user information. The default value that is set for the document data ACL of a new document data to be stored
  • Ricoh Aficio MP C2800 | Security Target - Page 80
    8.2 References Page 80 of 80 Following are the documents referenced in this document. - CC Version 3.1 Revision Information Technology Security Evaluation version 3.1 Evaluation Methodology Revision 2 [Japanese translation ver. 2.0] Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
Page 1 of 80
Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
Aficio MP C2800/C3300 series
with Fax Option Type C5000
Security Target
Author
:
RICOH
COMPANY, LTD., Yasushi FUNAKI
Date
: 2010 -07 -29
Version
: 1.00