Ricoh Aficio MP C305 Security Target - Page 81

Page 80 of 91 Locked out User Locked out User who is to be released Login user name of a user who is locked out Login user name of a user who is released from Lockout - Starting and releasing Lockout - Starting and releasing Lockout (*2): If an audit event is "Failure of WIM communication", the failure will be recorded as a result. 7.2 Identification and Authentication Function The Identification and Authentication Function is to verify whether persons who intend to use the TOE are authorised users (MFP administrator, supervisor, normal users, and RC Gate) by referring to the identification and authentication information obtained from the users, so that only persons who are confirmed as authorised users are allowed to use the TOE. Verification methods for normal users include those by Basic Authentication and External Authentication. Either Basic Authentication or External Authentication will be selected when the TOE is installed. FIA_UAU.1(a) and FIA_UID.1(a): Application of Basic Authentication The TOE identifies and authenticates a user by checking the login user name and login password entered by the user. However, regarding the viewing of user job lists, WIM Help, system status, the counter and information of inquiries, execution of fax reception, and repair request notifications, the TOE identification and authentication is not required for the use of the TOE. When a user uses the Operation Panel, or uses WIM from the client computer, the screen for the user to enter his or her login user name and login password is displayed, and this screen will be displayed until the entry of the login user name and login password is complete. When the TOE is used from the printer driver or fax driver, the TOE receives the login user name and login password entered from each driver by a user. When the entered login user name is the login user name of a normal user, MFP administrator, or supervisor, the TOE checks if the entered login password match with the one pre-registered in the TOE. FIA_UAU.1(b) and FIA_UID.1(b): Application of External Authentication The TOE identifies and authenticates a user by checking the login user name and login password entered by the user. However, regarding the viewing of user job lists, WIM Help, system status, the counter and information of inquiries, execution of fax reception, and repair request notifications, the TOE identification and authentication is not required for the use of the TOE. When a user uses the Operation Panel, or uses WIM from the client computer, the screen for a user to enter his or her login user name and login password is displayed, and this screen will be displayed until the entry of the login user name and login password is complete. When the TOE is used from the printer driver or fax driver, the TOE receives the login user name and login password entered from each driver by a user. When the entered login user name is the login user name of MFP administrator or supervisor, the TOE checks if the entered login password matches with the one pre-registered by the MFP administrator or supervisor in the TOE. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.