Ricoh Aficio MP C305 Security Target - Page 23
Remote Service Function, Audit Function, Identification and Authentication Function
View all Ricoh Aficio MP C305 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 23 highlights
Page 22 of 91 To use this function, the TOE user needs to install the designated Web browser on the client computer following the guidance documents and connect the client computer to the TOE via the LAN. @Remote Service Function The @Remote Service Function is for the TOE to communicate with RC Gate via networks for @Remote Service. In this function, [Proh. Some Services] is selected for @Remote setting information. The scope of evaluation covers the operation with a restriction of access to the protected assets and software of the TOE. 1.4.4.2. Security Functions The Security Functions are described as follows: Audit Function The Audit Function is to generate the audit log of TOE use and security-relevant events (hereafter, "audit events"). Also, this function provides the recorded audit log in a legible fashion for users to audit. This function can be used only by the MFP administrator to view and delete the recorded audit log. To view and delete the audit log, WIM will be used. Identification and Authentication Function The Identification and Authentication Function is to verify persons before they use the TOE. The persons are allowed to use the TOE only when confirmed as the authorised user. Users can use the TOE from the Operation Panel or via the network. By the network, users can use the TOE from a Web browser, printer/fax driver, and RC Gate. A person who attempts to use the TOE from the Operation Panel or a Web browser will be required to enter his or her login user name and login password so that he or she can be verified as a normal user, MFP administrator, or supervisor. A person who attempts to use the Printer or Fax Function from the printer or fax driver will be required to enter his or her login user name and login password received from the printer or fax drivers, so that he or she can be verified as a normal user. A person who attempts to use the @Remote Service Function from the RC Gate communication interface will be verified whether the communication request is sent from RC Gate. Methods to verify normal users are Basic Authentication and external server authentication. The users will be verified by the MFP administrator-specified procedure, whereas the MFP administrator and supervisor can be verified only by the Basic Authentication. This function includes protection functions for the authentication feedback area, where dummy characters are displayed if a login password is entered using the Operation Panel. In addition to this and for the Basic Authentication only, this function can be used to register passwords that fulfil the requirements of the Minimum Character No. (i.e. minimum password length) and obligatory character types the MFP administrator specifies, so that the lockout function can be enabled and login password quality can be protected. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.