Class Fia: Identification And Authentication; Table 14: List Of Authentication Events; Table 15: Lockout Release Actions - Ricoh Aficio MP 8001 Manual

6.1.4

Class FIA: Identification and authentication

FIA_AFL.1 Authentication failure handling
Hierarchical to:
Dependencies:
FIA_AFL.1.1 TSF shall detect when [selection: an administrator (refinement: the machine
administrator) configurable positive integer within [assignment: 1 to 5]] unsuccessful
authentication attempts occur related to [assignment: the consecutive numbers of times of
authentication failure for each user in the authentication events shown in Table 14].
User authentication using the Operation Panel
User authentication using TOE from client computer Web browser
User authentication when printing from client computer
User authentication when faxing from client computer
FIA_AFL.1.2 When defined number of unsuccessful authentication attempts has been [selection: met], the
TSF shall [assignment: Lockout the user, who has failed the authentication attempts,
until one of the Lockout release actions, shown in Table 15, is taken].
Lockout release actions
Auto Lockout Release
Manual Lockout Release
FIA_ATD.1 User attribute definition
Hierarchical to:
Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
No other components.
FIA_UAU.1 Timing of authentication.

Table 14: List of authentication events

Authentication events

Table 15: Lockout release actions

If the user fails to authenticate after making the number of attempts
specified for Lockout release, and the Lockout time (between 1 and 9999
minutes) set in advance by the machine administrator has elapsed, then
Lockout will be released upon the first successful identification and
authentication by the locked-out user. The machine administrator can set
the Lockout time to indefinite, and in this case, Lockout cannot be released
by a time-based operation but can be released by an operation other than a
time-based operation.
Regardless of the time specified for the Lockout release by the machine
administrator, an unlocking administrator specified for any user role of a
locked-out user can release a locked-out user. FMT_MTD.1 defines the
relationship between locked-out user and unlocking administrator.
There is also a special Lockout release: If an administrator (any role) or a
supervisor is locked out, restarting the TOE has the same effect as the
Lockout release operation performed by an unlocking administrator.
No other components.
Details
Page 44 of 82