Ricoh MP 3350B Instrukcje Operacyjne Pobierz pdf (Strona 61)

Page 61 of 83

- The User Administrator and General Users to query S/MIME User Information and

destination information for Deliver to Folder,

- Supervisor to query and set Lockout Flag for Administrators, and set Supervisor

Authentication Information, and

- Supervisor and the applicable Administrators to change Administrator Authentication

Information.

c) Specify management functions.

To accomplish O.MANAGE, the Security Management Functions for the implemented TSF shall be

performed.

For this, FMT_SMF.1 specifies the required Security Management Functions for the security functional

requirements.

d) Authorised use of Security Management Functions

To accomplish O.MANAGE, the authorised users shall be associated with the security management

roles and the operation permissions for the Security Management Functions and be maintained since the

use of the Security Management Functions depends on the authorised user roles.

FMT_SMR.1 associates the authorised users with General User, one of four Administrator Roles (User

Administrator, Machine Administrator, File Administrator and Network Administrator), or the

Supervisor role, and maintains such associations.

O.MEM.PROTECT Prevention of Data Disclosure Stored in Memory

The following are the rationale for the functional requirements that correspond to O.MEM.PROTECT in

Table 23 being appropriate to satisfy O.MEM.PROTECT.

a) Generate the encryption keys and perform encryption operations adequately.

To accomplish O.MEM.PROTECT, the format of the Document Data stored on HDD shall be made

difficult so that the decoding is difficult unless the Document Data is read with the normal methods

using the TOE.

For this, FCS_CKM.1 generates the encryption keys at the key size of 256 bit with TRNG for the

encryption key generation algorithm based on BSI-AIS31, and FCS_COP.1 encrypts Document Data

when it is stored on HDD, and decrypts Document Data when it is read from HDD using the generated

encryption keys with the encryption algorithm AES that corresponds to FIPS197. Additionally,

FTP_TST.1 tests the validity of encryption keys and the performance of Ic Hdd that performs the

encryption operation at the TOE start-up, and it prevents storing Document Data on HDD without being

encrypted.

O.NET.PROTECT Protection for Network Communication Data

The following are the rationale for the functional requirements that correspond to O.NET.PROTECT in

Table 23 being appropriate to satisfy O.NET.PROTECT.

a) Protect the assets on communication path.

To accomplish O.NET.PROTECT, Document Data or Print Data on the communication path shall be

protected from leakage, and tampering shall be detected.

For this, FTP_ITC.1 uses the IPSec protocol for Deliver to Folders on either an FTP server or SMB

server from the TOE, protects Document Data on networks from leakage, and detects tampering.

1 2 ... 56 57 58 59 60 61 62 63 64 65 66 ... 82 83

Brak uwag

Ricoh MP 3350B Instrukcje Operacyjne Strona 61