Ricoh MP 5001 Dokumentacja

Page 1 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Aficio MP 4001/5001 series with Fax Option Type 5001 Security Target Aut

Page 10 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. SMB Server SMB server is used for the TOE to send the document data stor

Page 11 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Figure 2: Hardware configuration of TOE Operation Panel Unit (hereafter

Page 12 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Controller Board The Controller Board contains Processors, FlashROM, RAM

Page 13 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. 1.4.2 Guidance Documents The following sets of user guidance documents

Page 14 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. - Quick Reference Printer Guide - Quick Reference Scanner Guide - Man

Page 15 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. - Manuals for Administrators Security Reference Supplement 9240/9250 MP

Page 16 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. 1.4.3 User Roles This section describes the roles involved in this TOE

Page 17 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. 1.4.3.5 Customer Engineer A customer engineer (hereafter "CE"

Page 18 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Copy Function This function is for scanning originals and printing the s

Page 19 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Function. When document data is printed, the Print Setting information f

Page 2 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Revision History Version Date Author Details 1.00 2010-06-17 Yasushi

Page 20 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Audit Function This function is for checking the operational status of t

Page 21 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Table 2: Correspondence between operations authorised by permissions to

Page 22 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. 1. Management of document data ACL Allows only specified users to modif

Page 23 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. MFP Control Software Verification Function This function verifies the in

Page 24 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. a client computer to the TOE through the internal network, print data is

Page 25 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. 2 Conformance Claims This section describes the conformance claim. 2.1

Page 26 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. 3 Security Problem Definitions This section provides details of threats

Page 27 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. P.SOFTWARE (Software integrity checking) Measures shall be provided

Page 28 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. 4 Security Objectives This section describes the security objectives of

Page 29 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. O.LINE_PROTECT (Prevention of intrusion from telephone line) The TOE sh

Page 3 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Table of Contents 1 ST Introduction...

Page 30 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Table 3: Relationship between security environment and security objectiv

Page 31 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. A.NETWORK (Assumptions for network connections) As specified by A.

Page 32 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. T.TRANSIT (Data interception and tampering with communication path

Page 33 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. 5 Extended Components Definition In this ST and TOE, there are no exten

Page 34 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. 6 Security Requirements This section describes the security functional

Page 35 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Functional requirements Actions which should be auditable Auditable ev

Page 36 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Functional requirements Actions which should be auditable Auditable ev

Page 37 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Functional requirements Actions which should be auditable Auditable ev

Page 38 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. b) For each audit event type, based on the auditable event definitions o

Page 39 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. FCS_COP.1 Cryptographic operation] FCS_CKM.4 Cryptographic key destructi

Page 4 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. 4 Security Objectives...

Page 40 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Table 7: List of subjects, objects, and operations among subjects and ob

Page 41 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Deleting document data A general user process has permission to delete

Page 42 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. following types of subject and information security attributes: [assignm

Page 43 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. User authentication using TOE from client computer Web browser User auth

Page 44 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Numbers: [0-9] (10 digits) Symbols: SP (spaces) ! " # $ % & &ap

Page 45 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. administrator IDs, administrator roles and supervisor ID]. FIA_USB.1.2

Page 46 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Security attributes Operations User roles Query - General users Newly

Page 47 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Hierarchical to: No other components. Dependencies: FMT_SMR.1 Security

Page 48 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. TSF data Operations User roles Query General users, User administrator

Page 49 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Functional requirements Management requirements Management items FDP_AC

Page 5 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. 7.1.2.4 Password Registration...

Page 50 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Functional requirements Management requirements Management items - Secu

Page 51 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Functional requirements Management requirements Management items FMT_MT

Page 52 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Dependencies: No dependencies. FPT_TST.1.1 The TSF shall run a suite o

Page 53 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Table 20: Services requiring trusted paths Related persons for communica

Page 54 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. 6.2 Security Assurance Requirements The evaluation assurance level of t

Page 55 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. 6.3 Security Requirements Rationale This section describes the rational

Page 56 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. O.AUDIT O.I&A O.DOC_ACC O.MANAGE O.MEM.PROTECT O.NET.PROTECT O.GENU

Page 57 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. d) Reliable record of time of event To fulfil O.AUDIT, a reliable recor

Page 58 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. FDP_ACC.1 and FDP_ADF.1 allow the general user to perform operations on

Page 59 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. performed. For this, FMT_SMF.1 specifies the required Security Managemen

Page 6 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. List of Figures Figure 1: Example TOE environment ...

Page 60 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. O.GENUINE Protection of integrity of MFP Control Software integrity Fo

Page 61 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. TOE security functional requirements Dependencies claimed by CC Dependen

Page 62 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Rationale for Removing Dependencies on FIA_UID.1 Since this TOE employs

Page 63 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. 7 TOE Summary Specification This section provides a specification summa

Page 64 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. SF.AUDIT SF.I&A SF.DOC_ACC SF.SEC_MNG SF.CE_OPE_LOCK SF.CIPHER SF.N

Page 65 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. recorded when any kind of auditable event occurs. Expanded audit inform

Page 66 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. *1: The starting of Audit Function is substituted with the event of the

Page 67 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. 7.1.2.1 User Identification and Authentication The TOE displays a login

Page 68 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. When either of the following two Lockout release actions, (1) or (2), is

Page 69 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Numbers: [0-9] (10 digits) Symbols: SP (space) ! " # $ % & &apo

Page 7 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. 1 ST Introduction This section describes the ST reference, TOE reference

Page 70 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. By the above, FDP_ACC.1 (Subset access control) and FDP_ACF.1 (Security

Page 71 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. - General users with full control authorisation If the logged-in user i

Page 72 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. FMT_MTD.1 (Management of TSF data), FMT_SMF.1 (Specification of manageme

Page 73 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. be reading document data and modifying the document data ACL. By the abo

Page 74 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. 7.1.5 SF.CE_OPE_LOCK Service Mode Lock Function The Service Mode Lock

Page 75 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. By the above, FCS_CKM.1 (Cryptographic key generation), FCS_COP.1 (Crypt

Page 76 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. 7.1.9 SF.GENUINE MFP Control Software Verification Function At ever

Page 77 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. 8 Appendix 8.1 Definitions of Terminology For ease of reader understan

Page 78 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Terms Definitions SMTP server A server for sending e-mail using Simple

Page 79 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Terms Definitions Number of Attempts before Lockout The number of cons

Page 8 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. FCU Version : GWFCU3-19(WW) 01.00.00 Keywords : Digital MFP, Docu

Page 80 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Terms Definitions Administrator role Management Functions given to admi

Page 81 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. - CC Version 3.1 Revision 2 Evaluation Criteria: "English version&

Page 9 of 81 Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved. Figure 1: Example TOE environment The following describes non-TOE confi