Reading Audit Logs; Protection Of Audit Logs; Time Stamps; Sf.i&A User Identification And Authentication Function - Ricoh Gestetner MP 4001 Manual

*1: The starting of Audit Function is substituted with the event of the TOE startup. This TOE does not record
the ending of Audit Function. The starting and ending of Audit Function audit the state of inactivity of Audit
Function. Since Audit Function works as long as the TOE works and it is not necessary to audit the state of
inactivity of Audit Function, it is appropriate not to record the ending of Audit Function.
*2: Lockout release for administrators and supervisor by the TOE 's restart, which is t he special Lockout
release operation, is substituted with the event of the TOE startup.
*3: For the successful reading of the document data, the objects to be recorded in IDs for the operational
object document data are printing, Sending by E-mail, Delivering to Folders and downloading from Web
Service Function the document data stored in D-BOX
*4 When the recording events occur due to the operations by users, User IDs are set as subject identities of
basic audit information, and when the recording events occur due to the TOE, IDs that do not duplicate the
user IDs but can identify systems are set.
Since there are no interfaces on the TOE for modifying audit logs, unauthorised modification for the audit
logs are not performed and the machine administrator who can delete the audit logs will not carry out any
malicious acts using administrator privileges.
By the above, FAU_GEN.1 (Audit data generation), FAU_STG.1 (Protected audit trail storage), and
FAU_STG.4 (Prevention of audit data loss) are satisfied.
7.1.1.2

Reading Audit Logs

The TOE allows only the machine administrator to read the audit logs in a text format using the Web
Service Function.
By the above, FAU_SAR.1 (Audit review), FAU_SAR.2 (Restricted audit review), and FMT_MTD.1
(Management of TSF data) are satisfied.
7.1.1.3

Protection of Audit Logs

The TOE allows only the machine administrator to delete entire audit logs using the Operation Panel or the
Web Service Function.
By the above, FAU_SAR.1 (Audit review), FAU_SAR.2 (Restricted audit review), and FMT_MTD.1
(Management of TSF data) are satisfied.
7.1.1.4

Time Stamps

The TOE logs the date and time of events by referencing the date and time of the internal system clock.
By the above, FPT_STM.1 (Reliable time stamps) is satisfied.
7.1.2 SF.I&A
To allow authorised users to operate the TOE according to their roles and authorisation, the TOE identifies
and authenticates users prior to their use of the TOE Security Functions.
Following are the explanations of each functional item in "SF.I&A
Authentication Function" and their corresponding functional requirements.
Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
User Identification and Authentication Function
Page 66 of 81
User Identification and