Ricoh Aficio MP C2800 Security Target - Page 42

Table 13, Table 14 - user manual

Get Ricoh Aficio MP C2800 PDF manuals and user guides View all Ricoh Aficio MP C2800 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 42 highlights

6.1.4 Class FIA: Identification and Authentication Page 42 of 80 FIA_AFL.1 Authentication failure handling Hierarchical to: No other components. Dependencies: FIA_UAU.1 Timing of authentication. FIA_AFL.1.1 TSF shall detect when [selection: an administrator (refinement: the machine administrator) configurable positive integer within [assignment: 1 to 5]] unsuccessful authentication attempts occur related to [assignment: the consecutive numbers of times of authentication failure for each user in the authentication events shown in : Table 13]. Table 13 : List of authentication events Authentication events User authentication using the control panel User authentication using TOE from client computer Web browser User authentication when printing from client computer User authentication when faxing from client computer FIA_AFL.1.2 When defined number of unsuccessful authentication attempts has been [selection: met], the TSF shall [assignment: Lockout the user, who has failed the authentication attempts, until one of the Lockout release actions, shown inTable 14, is taken]. Table 14: Lockout release actions Lockout release actions Auto Lockout Release Manual Lockout Release Details If the user fails to authenticate after making the number of attempts specified for Lockout release, and the Lockout time (between 1 and 9999 minutes) set in advance by the machine administrator has elapsed, then Lockout will be released upon the first successful identification and authentication by the locked-out user. The machine administrator can set the Lockout time to indefinite, and in this case, Lockout cannot be released by a time-based operation but can be released by an operation other than a time-based operation. Regardless of the time specified for the Lockout release by the machine administrator, an unlocking administrator specified for any user role of a locked-out user can release a locked-out user. FMT_MTD.1 defines the relationship between locked-out user and unlocking administrator. There is also a special Lockout release: If an administrator (any role) or a supervisor is locked out, restarting the TOE has the same effect as the Lockout release operation performed by an unlocking administrator. FIA_ATD.1 User attribute definition Hierarchical to: No other components. Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
Page 42 of 80
Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
6.1.4
Class FIA: Identification and Authentication
FIA_AFL.1
Authentication failure handling
Hierarchical to:
No other components.
Dependencies:
FIA_UAU.1 Timing of authentication.
FIA_AFL.1.1
TSF shall detect when
[selection: an
administrator (refinement: the machine
administrator) configurable positive integer within [assignment: 1 to 5]]
unsuccessful
authentication attempts occur related to
[assignment: the consecutive numbers of times of
authentication failure for each user in the authentication events shown in :
Table 13
].
Table 13: List of authentication events
Authentication events
User authentication using the control panel
User authentication using TOE from client computer Web browser
User authentication when printing from client computer
User authentication when faxing from client computer
FIA_AFL.1.2
When defined number of unsuccessful authentication attempts has been
[selection: met]
, the
TSF shall
[assignment: Lockout the user, who has failed the authentication attempts,
until one of the Lockout release actions, shown in
Table 14
, is taken].
Table 14: Lockout release actions
Lockout release actions
Details
Auto Lockout Release
If the user fails to authenticate after making the number of attempts
specified for Lockout release, and the Lockout time (between 1 and 9999
minutes) set in advance by the machine administrator has elapsed, then
Lockout will be released upon the first successful identification and
authentication by the locked-out user. The machine administrator can set
the Lockout time to indefinite, and in this case, Lockout cannot be released
by a time-based operation but can be released by an operation other than a
time-based operation.
Manual Lockout Release
Regardless of the time specified for the Lockout release by the machine
administrator, an unlocking administrator specified for any user role of a
locked-out user can release a locked-out user. FMT_MTD.1 defines the
relationship between locked-out user and unlocking administrator.
There is also a special Lockout release: If an administrator (any role) or a
supervisor is locked out, restarting the TOE has the same effect as the
Lockout release operation performed by an unlocking administrator.
FIA_ATD.1
User attribute definition
Hierarchical to:
No other components.