Security Functions - Ricoh Aficio MP 4002 Manual

@Remote Service Function
The @Remote Service Function is for the TOE to communicate with RC Gate via networks for @Remote
Service.
In this function, [Proh. Some Services] is selected for @Remote setting information. The scope of evaluation
covers the operation with a restriction of access to the protected assets and software of the TOE.
1.4.4.2.

Security Functions

The Security Functions are described as follows:
Audit Function
The Audit Function is to generate the audit log of TOE use and security-relevant events (hereafter, "audit
events"). Also, this function provides the recorded audit log in a legible fashion for users to audit. This
function can be used only by the MFP administrator to view and delete the recorded audit log. To view and
delete the audit log, the Web Function will be used.
Identification and Authentication Function
The Identification and Authentication Function is to verify persons before they use the TOE. The persons are
allowed to use the TOE only when confirmed as the authorised user.
Users can use the TOE from the Operation Panel or via the network. By the network, users can use the TOE
from a Web browser, printer/fax driver, and RC Gate.
A person who attempts to use the TOE from the Operation Panel or a Web browser will be required to enter
his or her login user name and login password so that he or she can be verified as a normal user, MFP
administrator, or supervisor.
A person who attempts to use the Printer or Fax Function from the printer or fax driver will be required to
enter his or her login user name and login password received from the printer or fax drivers, so that he or she
can be verified as a normal user.
A person who attempts to use the @Remote Service Function from the RC Gate communication interface
will be verified whether the communication request is sent from RC Gate.
Methods to verify normal users are Basic Authentication and external server authentication. The users will be
verified by the MFP administrator-specified procedure, whereas the MFP administrator and supervisor can
be verified only by the Basic Authentication.
This function includes protection functions for the authentication feedback area, where dummy characters are
displayed if a login password is entered using the Operation Panel. In addition to this and for the Basic
Authentication only, this function can be used to register passwords that fulfil the requirements of the
Minimum Character No. (i.e. minimum password length) and obligatory character types the MFP
administrator specifies, so that the lockout function can be enabled and login password quality can be
protected.
Document Access Control Function
The Document Access Control Function is to authorise the operations for documents and user jobs by the
authorised TOE users who are authenticated by Identification and Authentication Function. It allows user's
Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.
Page 23 of 93