Ricoh Aficio MP C305 Security Target - Page 82

FIA_USB.1, FIA_ATD.1, and FMT_SMR.1, FTA_SSL.3, FIA_UAU.7, FIA_AFL.1

Get Ricoh Aficio MP C305 PDF manuals and user guides View all Ricoh Aficio MP C305 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 82 highlights

Page 81 of 91 When the entered login user name is not the login user name of the MFP administrator or supervisor, the entered login user name and login password are sent to an external authentication server for confirmation. When the sent login user name and login password are identified and authenticated, the user is allowed to use the TOE according to the identified user role. FIA_USB.1, FIA_ATD.1, and FMT_SMR.1 If a user is identified and authenticated as a result of checking FIA_UAU.1(a), FIA_UID.1(a), FIA_UAU.1(b), and FIA_UID.1(b), the use of the TOE by the user is allowed as the identified user role (normal user, MFP administrator, or supervisor). The user role assigned to the user at login will be maintained until the user logs out. If user identification and authentication fails, use of the TOE is denied. FTA_SSL.3 If a user has been logged on to the TOE from the Operation Panel, a Web browser, printer driver, fax driver, and RC Gate, the user will be logged out of the TOE when the conditions shown below are met. In case of the Operation Panel, the user is logged out of theTOE when the time that elapses since his or her final operation on the Operation Panel reaches Operation Panel auto logout time (60 to 999 seconds). In case of a Web browser, the user is logged out of the TOE when the time that elapses since his or her final operation on a Web browser reaches WIM auto logout time (30 to 60 minutes). In case of printer driver, the user is logged out of the TOE immediately after receiving the print data from the printer driver. In case of fax driver, the user is logged out of the TOE immediately after receiving the transmission information from the fax driver. In case of RC Gate, the TOE terminates a session with RC Gate immediately after the communication with RC Gate ends. FIA_UAU.7 Regarding login passwords entered by a person who intends to use the TOE from the Operation Panel or by a person who intends to use WIM from the client computer, the TOE does not display the entered login password but it displays a sequence of dummy characters whose length is the same as that of the entered password. FIA_AFL.1 When Basic Authentication is applied, the TOE counts the number of identification and authentication attempts that consecutively result in failure using the login user name of a normal user, MFP administrator, or supervisor. When External Authentication is applied, the TOE counts the number of identification and authentication attempts that consecutively result in failure using the login user name of an MFP administrator or supervisor. The TOE locks out the login user name if the number of consecutive login failures exceeds the number of attempts before lockout. If a user name is locked out, the user with that user name is not allowed to log in unless any of the following conditions is fulfilled. - The lockout time set by the MFP administrator elapses. - An "unlocking administrator" shown in Table 35 and specified for each user role releases the lockout. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
Page 81 of
91
Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
When the entered login user name is not the login user name of the MFP administrator or supervisor, the
entered login user name and login password are sent to an external authentication server for confirmation.
When the sent login user name and login password are identified and authenticated, the user is allowed to use
the TOE according to the identified user role.
FIA_USB.1, FIA_ATD.1, and FMT_SMR.1
If a user is identified and authenticated as a result of checking FIA_UAU.1(a), FIA_UID.1(a),
FIA_UAU.1(b), and FIA_UID.1(b), the use of the TOE by the user is allowed as the identified user role
(normal user, MFP administrator, or supervisor). The user role assigned to the user at login will be
maintained until the user logs out. If user identification and authentication fails, use of the TOE is denied.
FTA_SSL.3
If a user has been logged on to the TOE from the Operation Panel, a Web browser, printer driver, fax driver,
and RC Gate, the user will be logged out of the TOE when the conditions shown below are met.
In case of the Operation Panel, the user is logged out of theTOE when the time that elapses since his or her
final operation on the Operation Panel reaches Operation Panel auto logout time (60 to 999 seconds).
In case of a Web browser, the user is logged out of the TOE when the time that elapses since his or her final
operation on a Web browser reaches WIM auto logout time (30 to 60 minutes).
In case of printer driver, the user is logged out of the TOE immediately after receiving the print data from the
printer driver.
In case of fax driver, the user is logged out of the TOE immediately after receiving the transmission
information from the fax driver.
In case of RC Gate, the TOE terminates a session with RC Gate immediately after the communication with
RC Gate ends.
FIA_UAU.7
Regarding login passwords entered by a person who intends to use the TOE from the Operation Panel or by a
person who intends to use WIM from the client computer, the TOE does not display the entered login
password but it displays a sequence of dummy characters whose length is the same as that of the entered
password.
FIA_AFL.1
When Basic Authentication is applied, the TOE counts the number of identification and authentication
attempts that consecutively result in failure using the login user name of a normal user, MFP administrator,
or supervisor. When External Authentication is applied, the TOE counts the number of identification and
authentication attempts that consecutively result in failure using the login user name of an MFP administrator
or supervisor. The TOE locks out the login user name if the number of consecutive login failures exceeds the
number of attempts before lockout.
If a user name is locked out, the user with that user name is not allowed to log in unless any of the following
conditions is fulfilled.
- The lockout time set by the MFP administrator elapses.
- An "unlocking administrator" shown in Table 35 and specified for each user role releases the lockout.