Ricoh Aficio MP C2800 Security Target - Page 20

Page 20 of 80 Table 2: Correspondence between operations authorised by permissions to process document data Operations possible on document data Reading document data Deleting document data Operation permissions authorised by permissions to process document data Read-only Edit Edit/delete Full control v v v v v v v: possible, blank: impossible The operation permissions for each document data can be specified for each general user. Stored Data Protection Function The Stored Data Protection Function is for protecting document data stored on the HDD from leakage, by making it difficult to understand unless the document data is accessed and read in the normal way. Network Communication Data Protection Function This function is for protecting document data and print data in transit on the network from unauthorised access. The communication protocol that is used to protect the communication data differs according to the method by which the document or print data is sent. The network administrator decides the communication protocol to apply based on the environment in which the TOE is operating and the intended usage of the TOE. The following explains the sending methods and their corresponding communication protocols. 1. Download document data using the Web Service Function from a client computer (SSL protocol) 2. Print or fax from a client computer (SSL protocol) 3. Deliver document datato FTP server or SMB server from the TOE (IPSec protocol) 4. Send document data attached to e-mail to a client computer from theTOE (S/MIME) Security Management Function This function allows administrators, supervisor, and general users who have been successfully authenticated by the previously described "Identification and Authentication Function" to perform the following operations for security management according to user role. 1. Management of document data ACL Allows only specified users to modify the document Data ACL. Modifying the document data ACL includes changing document file owners, registering new document file users forthe Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.