Transcription of MP C3003/C3503 …
1 Copyright (c) 2013 RICOH COMPANY, LTD. All rights reserved. MP C3003/C3503 (Ricoh/Savin/Lanier/nashuatec/Rex-Rotary /Gestetner/infotec), MP C3003G/C3503G (Ricoh/Savin/Lanier) Security Target Author : RICOH COMPANY, LTD. Date : 2013-07-31 Version : Portions of MP C3003/C3503 (Ricoh/Savin/Lanier/nashuatec/Rex-Rotary /Gestetner/ infotec), MP C3003G/C3503G (Ricoh/Savin/Lanier) Security Target are reprinted with written permission from IEEE, 445 Hoes Lane, Piscataway, New Jersey 08855, from IEEE , Protection Profile for Hardcopy Devices, Operational Environment A, Copyright 2009 IEEE. All rights reserved. This document is a translation of the evaluated and certified security target written in Japanese.
2 Page 1 of 93 Copyright (c) 2013 RICOH COMPANY, LTD. All rights reserved. Revision History Version Date Author Detail 2013-07-31 RICOH COMPANY, LTD. Publication version. Page 2 of 93 Copyright (c) 2013 RICOH COMPANY, LTD. All rights reserved. Table of Contents 1111 ST IntroductionST IntroductionST IntroductionST ST ReferenceST ReferenceST ReferenceST TOE ReferenceTOE ReferenceTOE ReferenceTOE TOE OverviewTOE OverviewTOE OverviewTOE TOE TOE Major Security Features of TOE DescriptionTOE DescriptionTOE DescriptionTOE Physical Boundary of Guidance Definition of Direct Indirect Logical Boundary of Basic Security Protected User TSF Glossary for This 2222 Conformance ClaimConformance ClaimConformance ClaimConformance CC Conformance ClaimCC Conformance
3 ClaimCC Conformance ClaimCC Conformance PP ClaimsPP ClaimsPP ClaimsPP Package ClaimsPackage ClaimsPackage ClaimsPackage Conformance Claim RationaleConformance Claim RationaleConformance Claim RationaleConformance Claim Consistency Claim with TOE Type in Consistency Claim with Security Problems and Security Objectives in Consistency Claim with Security Requirements in 3333 Security PrSecurity PrSecurity PrSecurity Problem Definitionsoblem Definitionsoblem Definitionsoblem Page 3 of 93 Copyright (c) 2013 RICOH COMPANY, LTD. All rights reserved. Organisational Security PoliciesOrganisational Security PoliciesOrganisational Security PoliciesOrganisational Security 4444 Security ObjectivesSecurity ObjectivesSecurity ObjectivesSecurity Security Objectives for TOES ecurity Objectives for TOES ecurity Objectives for TOES ecurity Objectives for Security Objectives of Operational EnvironmentSecurity Objectives of Operational EnvironmentSecurity Objectives of Operational EnvironmentSecurity Objectives of Operational IT Non-IT Security Objectives RationaleSecurity Objectives RationaleSecurity Objectives RationaleSecurity Objectives
4 Correspondence Table of Security Security Objectives 5555 Extended Components DefinitionExtended Components DefinitionExtended Components DefinitionExtended Components Restricted forwRestricted forwRestricted forwRestricted forwarding of data to external interfaces (FPT_FDI_EXP)arding of data to external interfaces (FPT_FDI_EXP)arding of data to external interfaces (FPT_FDI_EXP)arding of data to external interfaces (FPT_FDI_EXP)..45454545 6666 Security RequirementsSecurity RequirementsSecurity RequirementsSecurity Security Functional RequirementsSecurity Functional RequirementsSecurity Functional RequirementsSecurity Functional Class FAU: Security Class FCS: Cryptographic Class FDP: User data Class FIA: Identification and Class FMT: Security Class FPT: Protection of the Class FTA: TOE Class FTP.
5 Trusted Security Assurance RequirementsSecurity Assurance RequirementsSecurity Assurance RequirementsSecurity Assurance Security RequirementSecurity RequirementSecurity RequirementSecurity Requirements Rationales Rationales Rationales Justification of Dependency Security Assurance Requirements 7777 TOE Summary SpecificationTOE Summary SpecificationTOE Summary SpecificationTOE Summary Audit FunctionAudit FunctionAudit FunctionAudit Identification and Authentication FunctionIdentification and Authentication FunctionIdentification and Authentication FunctionIdentification and Authentication Page 4 of 93 Copyright (c) 2013 RICOH COMPANY, LTD.
6 All rights reserved. Document Access Control FunctionDocument Access Control FunctionDocument Access Control FunctionDocument Access Control UseUseUseUse----ofofofof----Feature Restriction FunctionFeature Restriction FunctionFeature Restriction FunctionFeature Restriction network Protection FunctionNetwork Protection FunctionNetwork Protection FunctionNetwork Protection Residual Data Overwrite FunctionResidual Data Overwrite FunctionResidual Data Overwrite FunctionResidual Data Overwrite Stored Data Protection FunctionStored Data Protection FunctionStored Data Protection FunctionStored Data Protection Security Management
7 FunctionSecurity Management FunctionSecurity Management FunctionSecurity Management Software Verification FunctionSoftware Verification FunctionSoftware Verification FunctionSoftware Verification Fax Line Separation FunctionFax Line Separation FunctionFax Line Separation FunctionFax Line Separation Page 5 of 93 Copyright (c) 2013 RICOH COMPANY, LTD. All rights reserved. List of Figures Figure 1 : Example of TOE Environment .. 8 Figure 2 : Hardware Configuration of the TOE .. 11 Figure 3 : Logical Scope of the TOE .. 19 List of Tables Table 1: Guidance for English Version-1 .. 14 Table 2: Guidance for English Version-2.
8 15 Table 3: Guidance for English Version-3 .. 16 Table 4: Guidance for English Version-4 .. 17 Table 5 : Definition of 17 Table 6 : List of Administrative Roles .. 18 Table 7 : Definition of User Data .. 24 Table 8 : Definition of TSF 24 Table 9 : Specific Terms Related to This ST .. 25 Table 10 : Rationale for Security 40 Table 11 : List of Auditable Events .. 48 Table 12 : List of Cryptographic Key 51 Table 13 : List of Cryptographic Operation .. 51 Table 14 : List of Subjects, Objects, and Operations among Subjects and Objects (a).. 52 Table 15 : List of Subjects, Objects, and Operations among Subjects and Objects (b).. 52 Table 16 : Subjects, Objects and Security Attributes (a).
9 53 Table 17 : Rules to Control Operations on Document Data and User Jobs (a) .. 53 Table 18 : Additional Rules to Control Operations on Document Data and User Jobs (a).. 54 Table 19 : Subjects, Objects and Security Attributes (b).. 55 Table 20 : Rule to Control Operations on MFP Applications (b) .. 55 Table 21 : List of Authentication Events of Basic Authentication .. 56 Table 22 : List of Actions for Authentication 56 Table 23 : List of Security Attributes for Each User That Shall Be Maintained .. 57 Table 24 : Rules for Initial Association of Attributes .. 59 Table 25 : User Roles for Security Attributes (a) .. 60 Table 26 : User Roles for Security Attributes (b).
10 61 Table 27 : Authorised Identified Roles Allowed to Override Default 62 Table 28 : List of TSF 63 Table 29 : List of Specification of Management 64 Table 30 : TOE Security Assurance Requirements (EAL3+ ).. 67 Table 31 : Relationship between Security Objectives and Functional Requirements .. 68 Table 32 : Results of Dependency Analysis of TOE Security Functional Requirements .. 76 Table 33 : List of Audit 76 Table 34 : List of Audit Log Items .. 76 Table 35 : Unlocking Administrators for Each User 76 Page 6 of 93 Copyright (c) 2013 RICOH COMPANY, LTD. All rights reserved. Table 36 : Stored Documents Access Control Rules for Normal Users.
