Table 38: Unlocking Administrators For Each User Role - Ricoh Aficio MP 7001 SP Manual

With dataoverwritesecurity unit type h security target
Hide thumbs Also See for Aficio MP 7001 SP:
Table of Contents

Advertisement

FIA_AFL.1 (Authentication failure handling)
The TOE counts the number of failed identification and authentication attempts made under each login user
name. When a user authenticates successfully, the TOE resets the number of available authentication
attempts for that user to 0.
When the number of failed consecutive attempts reaches the MFP administrator-specified Number of
Attempts before Lockout, the TOE locks out that user.
The MFP administrator specifies 1 to 5 as the Number of Attempts before Lockout.
The TOE releases the lockout for the user who satisfies any of the following:
(1) Lockout release by a time-based operation
If a user fails to authenticate after making the number of attempts specified to initiate lockout, and the
lockout time has elapsed, then lockout will be released. The MFP administrator specifies the lockout
time (60 minutes by default). The elapsed time from the initiation of lockout is timed for each locked out
user.
(2) Lockout release by unlocking administrator
The unlocking administrator specified for each user role releases the lockout. Table 38 shows the
unlocking administrators for each user role.
User Roles (Locked out Users)
(3) Lockout release by turning on/off the TOE
If the administrators (MFP administrator and supervisor) are locked out, restarting the TOE releases the
lockout for them.
FIA_ATD.1 (User attribute definition)
The TOE associates the normal user with a login user name of normal user and available function list,
supervisor with a login user name of supervisor, and MFP administrator with a login user name of MFP
administrator, as security attributes, and it maintains these associations.
FIA_SOS.1 (Verification of secrets)
The TOE provides a function for registering and changing the login passwords of normal users, MFP
administrators, and supervisor. This function uses the characters described below in (1).
It checks if the registering or changing password meets the conditions (2) and (3). If it does, the TOE
registers the login password. If it does not, it does not register the login password and displays an error
message.
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.

Table 38: Unlocking Administrators for Each User Role

Normal user
Supervisor
MFP administrator
Unlocking Administrators
MFP administrator
MFP administrator
Supervisor
Page 77 of 87

Advertisement

Table of Contents
loading

Table of Contents