Ricoh C400dn - aficio sp color laser printer User manual

Aficio MP C300/C300SR/C400/C400SR series

Security Target

Author : RICOH COMPANY, LTD.

Date : 2012-08-17

Ver ion : 1.00

Portion of Aficio

MP C300/C300SR/C400/C400SR erie Security Target are

reprinted with written permi ion from IEEE, 445 Hoe Lane, Pi cataway, New

Jer ey 08855,

from IEEE 2600.1, Protection Profile for Hardcopy Device ,

Thi document i a tran lation of the evaluated and certified ecurity target

written in Japane e.

Page 1 of

91

Revision History

Version Date Author Detail

1.00 2012-08-17 RICOH COMPANY, LTD. Publication ver ion.

Page 2 of

91

Table of Contents

1

11

1

ST Introduction

ST IntroductionST Introduction

ST Introduction ................................

................................................................

.....................................................

..........................................

..................... 7

77

7

1.1

1.11.1

1.1 ST Reference

ST ReferenceST Reference

ST Reference ................................

................................................................

..................................................

....................................

.................. 7

77

7

1.2

1.21.2

1.2 TOE Reference

TOE ReferenceTOE Reference

TOE Reference ................................

................................................................

...............................................

..............................

............... 7

77

7

1.3

1.31.3

1.3 TOE Overview

TOE OverviewTOE Overview

TOE Overview................................

................................................................

................................................

................................

................ 8

88

8

1.3.1 TOE Type..................................................................................................................... 8

1.3.2 TOE Usage................................................................................................................... 8

1.3.3 ajor Security Features of TOE...............................................................................11

1.4

1.41.4

1.4 TOE Description

TOE DescriptionTOE Description

TOE Description................................

................................................................

...........................................

......................

........... 11

1111

11

1.4.1 Physical Boundary of TOE ........................................................................................11

1.4.2 Guidance Documents................................................................................................ 14

1.4.3 Definition of Users .................................................................................................... 17

1.4.3.1. Direct User ......................................................................................................... 17

1.4.3.2. Indirect User ...................................................................................................... 18

1.4.4 Logical Boundary of TOE ......................................................................................... 19

1.4.4.1. Basic Functions.................................................................................................. 19

1.4.4.2. Security Functions............................................................................................. 22

1.4.5 Protected Assets ........................................................................................................ 24

1.4.5.1. User Data ........................................................................................................... 24

1.4.5.2. TSF Data ............................................................................................................ 25

1.4.5.3. Functions............................................................................................................ 25

1.5

1.51.5

1.5 Glossary

GlossaryGlossary

Glossary................................

................................................................

........................................................

................................................

........................ 25

2525

25

1.5.1 Glossary for This ST ................................................................................................. 25

2

22

2

Conformance Claim

Conformance ClaimConformance Claim

Conformance Claim................................

................................................................

.............................................

..........................

............. 29

2929

29

2.1

2.12.1

2.1 CC Conformance Claim

CC Conformance ClaimCC Conformance Claim

CC Conformance Claim................................

................................................................

................................ 29

2929

29

2.2

2.22.2

2.2 PP Claims

PP ClaimsPP Claims

PP Claims................................

................................................................

.....................................................

..........................................

..................... 29

2929

29

2.3

2.32.3

2.3 Package Claims

Package ClaimsPackage Claims

Package Claims ................................

................................................................

............................................

........................

............ 29

2929

29

2.4

2.42.4

2.4 Conformance Claim Rationale

Conformance Claim RationaleConformance Claim Rationale

Conformance Claim Rationale ................................

................................................................

.....................................................

..........................................

..................... 30

3030

30

2.4.1 Consistency Claim with TOE Type in PP................................................................ 30

2.4.2 Consistency Claim with Security Problems and Security Objectives in PP......... 30

2.4.3 Consistency Claim with Security Requirements in PP.......................................... 31

3

33

3

Security Problem Definitions

Security Problem DefinitionsSecurity Problem Definitions

Security Problem Definitions................................

................................................................

..............................................................

............................................................

.............................. 34

3434

34

Page 3 of

91

3.1

3.13.1

3.1 Threats

ThreatsThreats

Threats ................................

................................................................

.........................................................

..................................................

......................... 34

3434

34

3.2

3.23.2

3.2 Organisational Security Policies

Organisational Security PoliciesOrganisational Security Policies

Organisational Security Policies................................

................................................................

..................................................

....................................

.................. 35

3535

35

3.3

3.33.3

3.3 Assumptions

AssumptionsAssumptions

Assumptions................................

................................................................

.................................................

..................................

................. 35

3535

35

4

44

4

Security Objectives

Security ObjectivesSecurity Objectives

Security Objectives................................

................................................................

..............................................

............................

.............. 37

3737

37

4.1

4.14.1

4.1 Security Objectives for TOE

Security Objectives for TOESecurity Objectives for TOE

Security Objectives for TOE................................

................................................................

.........................................................

..................................................

......................... 37

3737

37

4.2

4.24.2

4.2 Security Objectives of Operational Enviro

Security Objectives of Operational EnviroSecurity Objectives of Operational Enviro

Security Objectives of Operational Environment

nmentnment

nment................................

................................................................

........................................................

................................................

........................ 38

3838

38

4.2.1 IT Environment......................................................................................................... 38

4.2.2 Non-IT Environment................................................................................................. 39

4.3

4.34.3

4.3 Security Objectives Rationale

Security Objectives RationaleSecurity Objectives Rationale

Security Objectives Rationale ................................

................................................................

......................................................

............................................

...................... 40

4040

40

4.3.1 Correspondence Table of Security Objectives ......................................................... 40

4.3.2 Security Objectives Descriptions ............................................................................. 41

5

55

5

Extended Components Definition

Extended Components DefinitionExtended Components Definition

Extended Components Definition................................

................................................................

.......................................................

..............................................

....................... 45

4545

45

5.1

5.15.1

5.1 Restricted forwarding of data to external interfaces (FPT_FDI_EXP)

Restricted forwarding of data to external interfaces (FPT_FDI_EXP)Restricted forwarding of data to external interfaces (FPT_FDI_EXP)

Restricted forwarding of data to external interfaces (FPT_FDI_EXP) .......................

..............................................

....................... 45

4545

45

6

66

6

Security Requirements

Security RequirementsSecurity Requirements

Security Requirements................................

................................................................

........................................

................

........ 47

4747

47

6.1

6.16.1

6.1 Security Functional Requirements

Security Functional RequirementsSecurity Functional Requirements

Security Functional Requirements................................

................................................................

..............................................

............................

.............. 47

4747

47

6.1.1 Class FAU: Security audit........................................................................................ 47

6.1.2 Class FCS: Cryptographic support .......................................................................... 50

6.1.3 Class FDP: User data protection ............................................................................. 51

6.1.4 Class FIA: Identification and authentication ......................................................... 55

6.1.5 Class F T: Security management........................................................................... 59

6.1.6 Class FPT: Protection of the TSF............................................................................. 65

6.1.7 Class FTA: TOE access ............................................................................................. 65

6.1.8 Class FTP: Trusted path/channels........................................................................... 65

6.2

6.26.2

6.2 Security Assurance Requirements

Security Assurance RequirementsSecurity Assurance Requirements

Security Assurance Requirements................................

................................................................

...............................................

..............................

............... 66

6666

66

6.3

6.36.3

6.3 Security Requirements Rationale

Security Requirements RationaleSecurity Requirements Rationale

Security Requirements Rationale................................

................................................................

................................................

................................

................ 67

6767

67

6.3.1 Tracing ....................................................................................................................... 67

6.3.2 Justification of Traceability...................................................................................... 68

6.3.3 Dependency Analysis ................................................................................................ 75

6.3.4 Security Assurance Requirements Rationale.......................................................... 77

7

77

7

TOE Summary Specification

TOE Summary SpecificationTOE Summary Specification

TOE Summary Specification................................

................................................................

...............................................................

..............................................................

............................... 78

7878

78

7.1

7.17.1

7.1 Audit Function

Audit FunctionAudit Function

Audit Function ................................

................................................................

.............................................

..........................

............. 78

7878

78

7.2

7.27.2

7.2 Identification and Authentication Function

Identification and Authentication FunctionIdentification and Authentication Function

Identification and Authentication Function ................................

................................................................

................................ 80

8080

80

Page 4 of

91

7.3

7.37.3

7.3 Document Access Control Function

Document Access Control FunctionDocument Access Control Function

Document Access Control Function ................................

................................................................

.............................................

..........................

............. 82

8282

82

7.4

7.47.4

7.4 Use

UseUse

Use-

--

-of

ofof

of-

--

-Feature Restriction Function

Feature Restriction FunctionFeature Restriction Function

Feature Restriction Function ................................

................................................................

...........................................

......................

........... 84

8484

84

7.5

7.57.5

7.5 Network Protection Function

Network Protection FunctionNetwork Protection Function

Network Protection Function................................

................................................................

.......................................................

..............................................

....................... 85

8585

85

7.6

7.67.6

7.6 Residual Data Ov

Residual Data OvResidual Data Ov

Residual Data Overwrite Function

erwrite Functionerwrite Function

erwrite Function................................

................................................................

..............................................

............................

.............. 85

8585

85

7.7

7.77.7

7.7 Stored Data Protection Function

Stored Data Protection FunctionStored Data Protection Function

Stored Data Protection Function ................................

................................................................

.................................................

..................................

................. 86

8686

86

7.8

7.87.8

7.8 Security anagement Function

Security anagement FunctionSecurity anagement Function

Security anagement Function ................................

................................................................

..................................................

....................................

.................. 86

8686

86

7.9

7.97.9

7.9 Software Verification Function

Software Verification FunctionSoftware Verification Function

Software Verification Function ................................

................................................................

....................................................

........................................

.................... 91

9191

91

7.10

7.107.10

7.10 Fax Line Separation Function

Fax Line Separation FunctionFax Line Separation Function

Fax Line Separation Function ................................

................................................................

.....................................................

..........................................

..................... 91

9191

91

Page 5 of

91

List of Figures

Figure 1 : Example of TOE Environment ....................................................................................................... 9

Figure 2 : Hardware Configuration of the TOE ............................................................................................ 12

Figure 3 : Logical Scope of the TOE ............................................................................................................ 19

List of Tables

Table 1 : Identification Information of MFP ................................................................................................... 7

Table 2 : Guidance for Engli h Ver ion-1 ..................................................................................................... 14

Table 3 : Guidance for Engli h Ver ion-2 ..................................................................................................... 15

Table 4 : Guidance for Engli h Ver ion-3 ..................................................................................................... 16

Table 5 : Definition of U er ......................................................................................................................... 18

Table 6 : Li t of Admini trative Role .......................................................................................................... 18

Table 7 : Definition of U er Data.................................................................................................................. 24

Table 8 : Definition of TSF Data................................................................................................................... 25

Table 9 : Specific Term Related to Thi ST................................................................................................. 25

Table 10 : Rationale for Security Objective ................................................................................................. 40

Table 11 : Li t of Auditable Event ............................................................................................................... 48

Table 12 : Li t of Cryptographic Key Generation......................................................................................... 51

Table 13 : Li t of Cryptographic Operation .................................................................................................. 51

Table 14 : Li t of Subject , Object , and Operation among Subject and Object (a)................................. 52

Table 15 : Li t of Subject , Object , and Operation among Subject and Object (b)................................. 52

Table 16 : Subject , Object and Security Attribute (a) ............................................................................... 52

Table 17 : Rule to Control Operation on Document Data and U er Job (a) ............................................. 53

Table 18 : Additional Rule to Control Operation on Document Data and U er Job (a)............................ 54

Table 19 : Subject , Object and Security Attribute (b)............................................................................... 55

Table 20 : Rule to Control Operation on MFP Application (b) .................................................................. 55

Table 21 : Li t of Authentication Event of Ba ic Authentication ................................................................ 56

Table 22 : Li t of Action for Authentication Failure.................................................................................... 56

Table 23 : Li t of Security Attribute for Each U er That Shall Be Maintained ........................................... 56

Table 24 : Rule for Initial A ociation of Attribute .................................................................................... 59

Table 25 : U er Role for Security Attribute (a) .......................................................................................... 60

Table 26 : U er Role for Security Attribute (b) .......................................................................................... 61

Table 27 : Authori ed Identified Role Allowed to Override Default Value ................................................ 61

Table 28 : Li t of TSF Data........................................................................................................................... 62

Table 29 : Li t of Specification of Management Function ........................................................................... 63

Table 30 : TOE Security A urance Requirement (EAL3+ALC_FLR.2).................................................... 66

Table 31 : Relation hip between Security Objective and Functional Requirement ................................... 67

Table 32 : Re ult of Dependency Analy i of TOE Security Functional Requirement .............................. 75

Table 33 : Li t of Audit Event ...................................................................................................................... 78

Table 34 : Li t of Audit Log Item ................................................................................................................ 79

Table 35 : Unlocking Admini trator for Each U er Role............................................................................. 81

Page 6 of

91

Table 36 : Stored Document Acce Control Rule for Normal U er ........................................................ 83

Table 37 : Encrypted Communication Provided by the TOE ...................................................................... 85

Table 38 : Li t of Cryptographic Operation for Stored Data Protection ...................................................... 86

Table 39 : Management of TSF Data ............................................................................................................ 87

Table 40 : Li t of Static Initiali ation for Security Attribute of Document Acce Control SFP ................. 90

Page 7 of

91

1 ST Introduction

Thi ection de cribe ST Reference, TOE Reference, TOE Overview and TOE De cription.

1.1 ST Reference

The following are the identification information of thi ST.

Title : Aficio MP C300/C300SR/C400/C400SR erie Security Target

Ver ion : 1.00

Date : 2012-08-17

Author : RICOH COMPANY, LTD.

1.2 TOE Reference

Thi TOE i a digital multifunction product (hereafter "MFP") with "Fax Option Type C400" option in talled.

The TOE i identified by the MFP name and the ver ion of component that con titute the TOE. The

identification information of the TOE i hown below. Although there are everal MFP product name

depending on ale area and/or ale companie , their component are identical.

Table 1 Identification Information of MFP

MFP Name Ricoh Aficio MP C300, Ricoh Aficio MP C300SR,

Ricoh Aficio MP C400, Ricoh Aficio MP C400SR,

Savin C230, Savin C230SR,

Savin C240, Savin C240SR,

Lanier LD130C, Lanier LD130CSR,

Lanier LD140C, Lanier LD140CSR,

Lanier MP C300, Lanier MP C300SR,

Lanier MP C400, Lanier MP C400SR,

na huatec MP C300, na huatec MP C300SR,

na huatec MP C400, na huatec MP C400SR,

Rex-Rotary MP C300, Rex-Rotary MP C300SR,

Rex-Rotary MP C400, Rex-Rotary MP C400SR,

Ge tetner MP C300, Ge tetner MP C300SR,

Ge tetner MP C400, Ge tetner MP C400SR,

infotec MP C300, infotec MP C300SR,

infotec MP C400, infotec MP C400SR

Software

Sy tem/Copy 2.05

TOE Ver ion

Network Support 10.57

Page 8 of

91

Fax 02.00.00

RemoteFax 01.00.00

NetworkDocBox 1.04

Web Support 1.02

Web Uapl 1.01

animation 1.00

Scanner 01.04

Printer 1.01

PCL 1.07

OptionPCLFont 1.02

Data Era e Std 1.01x

GWFCU3-23 (WW) 03.00.00

Engine 1.02:02

OpePanel 1.03

LANG0 1.03

LANG1 1.03

Hardware

Ic Key 01020700

Ic Ctlr 03

Keyword : Digital MFP, Document , Copy, Print, Scanner, Network, Office, Fax

1. TOE Overview

Thi ection define TOE Type, TOE U age and Major Security Feature of TOE.

1. .1 TOE Type

Thi TOE i an MFP, which i an IT device that input , tore , and output document .

1. .2 TOE Usage

The operational environment of the TOE i illu trated below and the u age of the TOE i outlined in thi

ection.

Page 9 of

91

Figure 1 Example of TOE Environment

The TOE i u ed by connecting to the local area network (hereafter "LAN") and telephone line , a hown in

Figure 1. U er can operate the TOE from the Operation Panel of the TOE or through LAN communication .

Below, explanation are provided for the MFP, which i the TOE it elf, and hardware and oftware other

than the TOE.

MFP

A machinery that i defined a the TOE. The MFP i connected to the office LAN, and u er can perform the

following operation from the Operation Panel of the MFP:

- Variou etting for the MFP,

- Copy, fax, torage, and network tran mi ion of paper document ,

- Print, fax, network tran mi ion, and deletion of the tored document .

Al o, the TOE receive information via telephone line and can tore it a a document.

LAN

Network u ed in the TOE environment.

Ricoh C400DN - Aficio SP Color Laser Printer User manual

Popular Printer manuals by other brands