6.1.4
Class FIA: Identification and Authentication
FIA_AFL.1
Authentication failure handling
Hierarchical to:
Dependencies:
FIA_AFL.1.1 TSF shall detect when [selection: an administrator (refinement: the machine
administrator) configurable positive integer within [assignment: 1 to 5]] unsuccessful
authentication attempts occur related to [assignment: the consecutive numbers of times of
authentication failure for each user in the authentication events shown in :
User authentication using the control panel
User authentication using TOE from client computer Web browser
User authentication when printing from client computer
User authentication when faxing from client computer
FIA_AFL.1.2 When defined number of unsuccessful authentication attempts has been [selection: met], the
TSF shall [assignment: Lockout the user, who has failed the authentication attempts,
until one of the Lockout release actions, shown in
Lockout release actions
Auto Lockout Release
Manual Lockout Release
FIA_ATD.1
User attribute definition
Hierarchical to:
Copyright (c) 2009,2010 RICOH COMPANY, LTD. All Rights Reserved.
No other components.
FIA_UAU.1 Timing of authentication.
Table 13: List of authentication events
Authentication events
Table 14: Lockout release actions
If the user fails to authenticate after making the number of attempts
specified for Lockout release, and the Lockout time (between 1 and 9999
minutes) set in advance by the machine administrator has elapsed, then
Lockout will be released upon the first successful identification and
authentication by the locked-out user. The machine administrator can set
the Lockout time to indefinite, and in this case, Lockout cannot be released
by a time-based operation but can be released by an operation other than a
time-based operation.
Regardless of the time specified for the Lockout release by the machine
administrator, an unlocking administrator specified for any user role of a
locked-out user can release a locked-out user. FMT_MTD.1 defines the
relationship between locked-out user and unlocking administrator.
There is also a special Lockout release: If an administrator (any role) or a
supervisor is locked out, restarting the TOE has the same effect as the
Lockout release operation performed by an unlocking administrator.
No other components.
Table 14
, is taken].
Details
Page 42 of 80
Table 13
].