Ricoh Aficio MP 5000b Dokumentacja

Page 1 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. imagio MP 4000/5000 series, Aficio MP 4000/5000 series Security

Page 10 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Table 1: List of TOE Series Name Product Name/Model Name Ricoh

Page 100 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 8.4 PP Claims Rationale This ST does not conform to any PPs.

Page 11 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. image I/O device that incorporates the functionality of copier,

Page 12 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Terms Definitions Operation Panel A display-input device that

Page 13 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Terms Definitions Administrator Role Management functions give

Page 14 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Terms Definitions Store and Print Function A function that co

Page 15 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Terms Definitions Complexity Setting for Password The minimum c

Page 16 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 2 TOE Description This chapter outlines the type of the TOE, env

Page 17 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Location for TOE The TOE is assumed to be placed in general offi

Page 18 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Connecting Internal and External Network When connecting the Int

Page 19 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Engine Unit The Engine Unit is configured with a Scanner Engine,

Page 2 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Revision History Version Date Authors Details 1.00 2008-12-16

Page 20 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Network Unit The Network Unit is an interface board for Ethernet

Page 21 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Table 3: List of Administrator Roles Administrator Roles Explan

Page 22 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Fax FunctionHDDFaxGeneral User Administrator SupervisorCEGenera

Page 23 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Figure 4: Operation Panel (for North America) In addition, Gen

Page 24 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. is operated from a client PC. Document Data stored in D-BOX for

Page 25 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 3. Check the TOE status. 2.5.2 Security Functions Security fun

Page 26 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 2.5.2.3 Document Data Access Control Function The Document Data

Page 27 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 1. Download the Document Data with the Web Service Function fro

Page 28 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 5. Management of Machine Control Data Each Administrator is per

Page 29 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 2.6.1.3 Outputting Document Data Document Data can be output by

Page 3 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Table of Contents 1 ST Introduction...

Page 30 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 3 TOE Security Environment This chapter describes the assumption

Page 31 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. T.ABUSE_SEC_MNG (Abuse of Security Management Function) Persons

Page 32 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 4 Security Objectives This chapter describes the security object

Page 33 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. O.LINE_PROTECT (Telephone Line Intrusion Protection) The TOE sh

Page 34 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 5 IT Security Requirements 5.1 TOE Security Functional Requirem

Page 35 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Functional Requirements Actions which should be auditable Audita

Page 36 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Functional Requirements Actions which should be auditable Audita

Page 37 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Functional Requirements Actions which should be auditable Audita

Page 38 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Functional Requirements Actions which should be auditable Audita

Page 39 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. FAU_STG.4 Prevention of audit data loss Hierarchical to: FA

Page 4 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 2.5.2.4 Stored Data Protection Function...

Page 40 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. shown in Table 7] and cryptographic key sizes [assignment: crypt

Page 41 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Table 9: Subjects, Objects and Security Attributes Types Subje

Page 42 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. FDP_ACF.1.3 The TSF shall explicitly authorise access of subjec

Page 43 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Table 13: Security Attributes Corresponding to Subjects or Info

Page 44 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Table 14: List of Authentication Events Authentication events U

Page 45 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. FIA_SOS.1 Verification of secrets Hierarchical to: No other

Page 46 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. actions on behalf of that user. FIA_USB.1 User-subject binding

Page 47 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. FMT_MSA.1.1 The TSF shall enforce the [assignment: MFP access co

Page 48 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Table 18: Property of static attribute initialisation Object S

Page 49 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. TSF data Operations User roles Query, modify Machine Administr

Page 5 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 6.1 TOE Security Function...

Page 50 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Table 20: List of Specification of Management Functions Functio

Page 51 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. - Minimum Password Length - Complexity Setting for Password FIA_

Page 52 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Administrators and delete Administrator Roles. FMT_MSA.1 a) Man

Page 53 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. FMT_SMR.1.1 The TSF shall maintain the roles [assignment: Genera

Page 54 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 5.1.7 Class FTP: Trusted path/channels FTP_ITC.1 Inter-TSF tru

Page 55 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 5.2 Minimum Strength of Function Claim The minimum strength leve

Page 56 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 5.4 Security Requirements for the Environment There are no secu

Page 57 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 6 TOE Summary Specification This chapter describes the TOE secur

Page 58 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. SF.AUDIT SF.I&A SF.DOC_ACC SF.SEC_MNG SF.CE_OPE_LOCK SF.CIP

Page 59 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 6.1.1.1 Audit logs generation The TOE generates the audit logs

Page 6 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 8.2 Security Requirements Rationale...

Page 60 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Communication with trusted IT product Communication IP address C

Page 61 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 6.1.2.1 User Identification and Authentication The TOE displays

Page 62 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. ", the TOE resets the consecutive number of times of failur

Page 63 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. (2) Registerable Password length: For General Users No fewer tha

Page 64 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 6.1.3.2 Operations on Document Data by File Administrator The T

Page 65 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. File Users. The TOE allows the login General Users to perform th

Page 66 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 6.1.4.4 Management of General User Information Management of Ge

Page 67 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Table 31: List of Administrator for Machine Control Data Machin

Page 68 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 6.1.6.1 Encryption of Document Data The TOE encrypts the data w

Page 69 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 6.1.7.3 Sending by E-mail from TOE When sending Document Data b

Page 7 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. List of Figures Figure 1: Environment for usage of TOE...

Page 70 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. AGD depend on the region in which the TOE is sold. One of [Japan

Page 71 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Table 33: Assurance Requirements and Assurance Measures for EAL

Page 72 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Assurance classes Assurance components Assurance measures AGD: G

Page 73 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Assurance classes Assurance components Assurance measures [Engl

Page 74 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Assurance classes Assurance components Assurance measures [Engl

Page 75 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Assurance classes Assurance components Assurance measures ALC: L

Page 76 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 7 PP Claims This ST does not claim conformance to any PP.

Page 77 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 8 Rationale This chapter describes the rationale for the securit

Page 78 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. By OE.ADMIN, Responsible Manager for MFP selects trusted persons

Page 79 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Administrator. The Machine Administrator detects afterwards whet

Page 8 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Table 34: Relation between Security Environment and Security Obje

Page 80 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Table 35: Relation between Security Objectives and Functional R

Page 81 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Table 35 shows that each TOE security functional requirement co

Page 82 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. O.I&A User Identification and Authentication The details of

Page 83 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. the users, and each security attribute associated with the subje

Page 84 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. • Machine Administrators to inquire and set the Number of Attem

Page 85 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. the TOE. For this, FCS_CKM.1 generates the encryption keys at th

Page 86 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. a) Check the integrity of MFP Control Software To accomplish O.

Page 87 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 8.2.3 Dependencies of Security Functional Requirements On the T

Page 88 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. TOE Security Functional Requirements Dependencies claimed by CC

Page 89 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. The TOE consists of both hardware and software, and there are no

Page 9 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 1 ST Introduction 1.1 ST Identification This section identifies t

Page 90 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. Functional Requirements Bypass Prevention De-activation Preventi

Page 91 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 8.2.5.3 Tampering Prevention Since FPT_SEP.1 prevents interferen

Page 92 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 8.3 TOE Summary Specification Rationale 8.3.1 Rationale for TO

Page 93 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. FAU_SAR.1 (Audit review), FAU_SAR.2 (Restricted audit review)

Page 94 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. FDP_ACC.1 (Subset access control), FDP_ACF.1 (Security attribut

Page 95 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. security attributes and maintains those attributes. Therefore, F

Page 96 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. FIA_UID.2 (User identification before any action) FIA_UID.2 req

Page 97 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. SF.SEC_MNG provides the function to set the "Document Data

Page 98 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. FPT_SEP.1 (TSF domain separation) FPT_SEP.1 requires that the TS

Page 99 of 100 Copyright (c) 2008, 2009 RICOH COMPANY, LTD. All Rights Reserved. 8.3.3 Rationale for Assurance Measures The documents, which are