Stored Data Protection Function; Security Management Function; Table 35 : List Of Cryptographic Operations For Stored Data Protection - Ricoh Aficio MP C7501SP Manual

applies the method specified by the MFP administrator and overwrites the area on the HDD where the digital
image data of the document data is stored. Also, when a user job is complete, the TOE applies the method
specified by the MFP administrator and overwrites the area on the HDD where temporary documents that are
created while a user job is executed or the fragments of those temporary documents are stored.
For batch overwriting, the TOE collectively overwrites the HDD with the method specified by the MFP
administrator.
Overwriting methods include NSA method, DoD method, and random number method. An overwriting
method is specified by the MEP administrator when the TOE is installed. NSA method overwrites twice by
random numbers and once by Null(0). The DoD method overwrites once by fixed value, once by its
complement, and further by random numbers to be verified afterwards. Random number method overwrites
for three to nine times by random numbers. The MFP administrator specifies the number of times to
overwrite when the TOE is installed.
7.7

Stored Data Protection Function

The Stored Data Protection Function is to encrypt the data on the HDD and protect the data so that data
leakage can be prevented.
FCS_CKM.1 and FCS_COP.1
The TOE encrypts data before writing it on the HDD, and decrypts the encrypted data after reading it from
the HDD. This process is applied to all data written on and read from the HDD. Detailed cryptographic
operations are shown in Table 35.

Table 35 : List of Cryptographic Operations for Stored Data Protection

Encryption-triggering
Operations
Writing data to HDD
Reading data from HDD
Following operations by the MFP administrator, the TOE generates a cryptographic key. If a login user is the
MFP administrator, the screen to generate an HDD cryptographic key is provided from the Operation Panel.
If the MFP administrator gives instructions to generate an HDD cryptographic key from the Operation Panel,
the TOE uses a genuine random number generator and generates random numbers that conform to the
standard BSI-AIS31.
7.8

Security Management Function

The Security Management Function consists of functions to 1) control operations for TSF data, 2) maintain
user roles assigned to normal users, MFP administrator, or supervisor to operate the Security Management
Function, and 3) set appropriate default values to security attributes, all of which accord with user role
privileges or user privileges that are assigned to normal users, MFP administrator, or supervisor.
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
Cryptographic
Standard
Operations
Encrypt
FIPS197
Decrypt
Page 84 of 89
Cryptographic
Algorithm
AES 256 bits
Key
Size