Aficio MP 2851/3351 Series With Fax Option Type 3351 .
Page 1 of 81Aficio MP 2851/3351 series with Fax Option Type 3351Security TargetAuthorDate: RICOH COMPANY, LTD., Yasushi FUNAKI: 2010-06-17Version: 1.00Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
Page 2 of 81Revision hiFUNAKIReleased version.Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
Page 3 of 81Table of Contents1ST Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71.1ST Reference. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71.2TOE Reference. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71.3TOE Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81.3.1TOE Type. 81.3.2TOE Usage and Major Security Features of TOE. 81.3.3Environment for TOE Usage and Non-TOE Configuration Items. 81.4TOE Description. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .101.4.1Physical Boundaries of TOE. 101.4.2Guidance Documents. 131.4.3User Roles. 161.4.3.1Responsible Manager of MFP. 161.4.3.2Administrator. 161.4.3.3Supervisor. 161.4.3.4General User. 171.4.3.5Customer Engineer. 171.4.41.4.4.1Basic Functions. 171.4.4.2Security Functions. 191.4.523Logical Boundaries of TOE. 17Protected Assets. 231.4.5.1Document Data. 231.4.5.2Print Data. 24Conformance Claims. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .252.1CC conformance Claim . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .252.2PP Claims, Package Claims. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .252.3Conformance Rationale. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25Security Problem Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263.1Threats. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .263.2Organisational Security Policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
Page 4 of 813.34Assumptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27Security Objectives. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .284.1Security Objectives for TOE. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .284.2Security Objectives of Operational Environment. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .294.3Security Objectives Rationale. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .294.3.1Tracing. 294.3.2Tracing Justification. 305Extended Components Definition. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .336Security Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .346.17Security Functional Requirements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .346.1.1Class FAU: Security audit. 346.1.2Class FCS: Cryptographic support. 386.1.3Class FDP: User data protection. 396.1.4Class FIA: Identification and authentication . 426.1.5Class FMT: Security management. 456.1.6Class FPT: Protection of the TSF. 516.1.7Class FTP: Trusted path/channels . 526.2Security Assurance Requirements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .546.3Security Requirements Rationale. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .556.3.1Tracing. 556.3.2Justification of Traceability. 566.3.3Dependency Analysis. 606.3.4Security Assurance Requirements Rationale. 62TOE Summary Specification. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 637.1TOE Security Function . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .637.1.1SF.AUDIT Audit Function. 647.1.1.1Generation of Audit Logs. 647.1.1.2Reading Audit Logs. 667.1.1.3Protection of Audit Logs. 667.1.1.4Time Stamps. 667.1.2SF.I&A User Identification and Authentication Function. 667.1.2.1User Identification and Authentication . 677.1.2.2Actions in Event of Identification and Authentication Failure. 67Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
Page 5 of 817.1.2.3Password Feedback Area Protection . 687.1.2.4Password Registration. 687.1.3SF.DOC ACC Document Data Access Control Function. 697.1.3.1General User Operations on Document Data. 697.1.3.2File Administrator Operations on Document Data. 707.1.4SF.SEC MNG Security Management Function. 707.1.4.1Management of Document Data ACL. 707.1.4.2Management of Administrator Information. 717.1.4.3Management of Supervisor Information. 727.1.4.4Management of General User Information. 727.1.4.5Management of Machine Control Data. 737.1.5SF.CE OPE LOCK Service Mode Lock Function . 747.1.6SF.CIPHER Encryption Function. 747.1.6.17.1.78Encryption of Document Data. 74SF.NET PROT Network Communication Data Protection Function. 757.1.7.1Use of Web Service Function from Client Computer. 757.1.7.2Printing and Faxing from Client Computer. 757.1.7.3Sending by E-mail from TOE. 757.1.7.4Delivering to Folders from TOE. 757.1.8SF.FAX LINE Protection Function for Intrusion via Telephone Line. 757.1.9SF.GENUINE MFP Control Software Verification Function. 76Appendix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .778.1Definitions of Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 778.2References. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .81Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
Page 6 of 81List of FiguresFigure 1: Example TOE environment .9Figure 2: Hardware configuration of TOE.11Figure 3: Logical boundaries of TOE.17List of TablesTable 1: List of administrator roles .16Table 2: Correspondence between operations authorised by permissions to process document data andoperations possible on document data.21Table 3: Relationship between security environment and security objectives.30Table 4: List of auditable events .34Table 5: List of cryptographic key generation.39Table 6: List of Cryptographic operations.39Table 7: List of subjects, objects, and operations among subjects and objects.40Table 8: Subjects, objects and security attributes.40Table 9: Rules governing access.40Table 10: Rules governing access explicitly .41Table 11: List of subjects, information and operation.41Table 12: Security attributes corresponding to subjects or information.42Table 13: List of authentication events.42Table 14: Lockout release actions .43Table 15: Rules for initial association of attributes.45Table 16: Management roles of security attributes.45Table 17: Characteristics of static attribute initialisation.46Table 18: List of TSF data management.47Table 19: List of specifications of Management Functions.48Table 20: Services requiring trusted paths.53Table 21: TOE Security assurance requirements (EAL3).54Table 22: Relationship between security objectives and functional requirements.55Table 23: Correspondence of dependencies of TOE security functional requirements.60Table 24: Relationship between TOE security functional requirements and TOE security functions.63Table 25: Auditable events and auditable information.65Table 26: User roles and authentication methods.67Table 27: Unlocking administrators for each user role .68Table 28: Default value for document data ACL .69Table 29: Operations on document data ACL and Authorised users.70Table 30: Access to administrator information.71Table 31: Authorised operations on general user information.72Table 32: Administrators authorised to specify machine control data.73Table 33: List of encryption operations on data stored on the HDD.74Table 34: Specific terms used in this ST.77Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
Page 7 of 811 ST IntroductionThis section describes the ST reference, TOE reference, TOE overview, and TOE description.1.1ST ReferenceThe following are the identification information of this ST.1.2ST Title: Aficio MP 2851/3351 series with Fax Option Type 3351 Security TargetST Version: 1.00Date: 2010-06-17Author: RICOH COMPANY, LTD., Yasushi FUNAKITOE ReferenceThis TOE is a digital multi function product (hereafter called an "MFP") with an optional product, FaxController Unit (hereafter called an "FCU"), and is identified by the name of the MFP, version ofsoftware/hardware, and the name and version of the FCU. The TOE is a combination of one of the followingMFPs and an FCU, and also matches the following software/hardware version.Manufacturer : RICOH COMPANY, LTD.MFP Name:Ricoh Aficio MP 2851, Ricoh Aficio MP 3351Savin 9228, Savin 9233Lanier LD528, Lanier LD533Lanier MP 2851, Lanier MP 3351Gestetner MP 2851, Gestetner MP 3351nashuatec MP 2851, nashuatec MP 3351Rex-Rotary MP 2851, Rex-Rotary MP 3351infotec MP 2851, infotec MP 3351MFP Software /Hardware Version :FCU NameSoftwareSystem/CopyNetwork SupportScannerPrinterFaxWeb SupportWeb UaplNetwork Doc Ic KeyIc Hdd110001: Fax Option Type 3351Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
Page 8 of 81FCU Version :Keywords1.3GWFCU3-20(WW)01.00.00: Digital MFP, Documents, Copy, Print, Scanner, Fax, Network, OfficeTOE OverviewThis section defines the TOE type, TOE usage and major security features of the TOE, the environment forthe TOE usage and non-TOE configuration items.1.3.1TOE TypeThe TOE is a digital MFP, which is an IT device that provides the functions of a copier, scanner, printer, andfax (optional). These functions are for digitising paper documents and managing and printing them.1.3.2TOE Usage and Major Security Features of TOEThe TOE has functions for inputting paper and electronic documents into the TOE, storing the inputdocument data, and outputting it. Paper documents are input using the MFP's scanning device, and electronicdocuments are input by receiving them from a client computer via a network, USB connection, or fax. Theoutput function includes printing, Fax Transmission, and transferring to networked servers or clientcomputers. The TOE incorporates some of these functions and provides a Copy Function, Scanner Function,Printer Function, and Fax Function.Users can use these functions from the Operation Panel. Users can also use some of these functions remotely.The following are the major Security Functions of the TOE in this ST:1.Audit Function2.Identification and Authentication Function3.Document Data Access Control Function4.Stored Data Protection Function5.Network Communication Data Protection Function6.Security M anagement Function7.Service Mode Lock Function8.Telephone Line Intrusion Protection Function9.MFP Control Software Verification FunctionFor the Security Functions listed above, each function is described in "1.4.4.2 Security Functions".1.3.3Environment for TOE Usage and Non-TOE Configuration ItemsThe TOE is assumed to be located in a general office. The TOE can be connected to other devices over anetwork, telephone line, or USB connection, according to users' needs. Users can operate the TOE from theOperation Panel, a client computer connected to the local network, or a client computer connected to theTOE through USB. Figure 1 shows an example of the assumed TOE environment.Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
Page 9 of 81OfficeFTP serverFirewallSMB serverInte
Manufacturer : RICOH COMPANY, LTD. MFP Name : Ricoh Aficio MP 2851, Ricoh Aficio MP 3351 Savin 9228, Savin 9233 Lanier LD528, Lanier LD533 Lanier MP 2851, Lanier MP 3351 Gestetner MP 2851, Gestetner MP 3351 nashuatec MP 2851, nashuatec MP 3351 Rex-Rotary MP 2851, Rex -Rotary MP 3351 infotec MP 2851, infotec MP 3351
RemoteFaxLanier MP 3351 02.00.00 Web Support 1.05 Web Uapl 1.03 Network DocBox 1.00 animation 1.1 MFP Product Name Ricoh Aficio MP 2851, Ricoh Aficio MP 3351, Savin 9228, Savin 9233, Lanier LD528, Lanier LD533, Lanier MP 2851, , Gestetner MP 2851 , Gestetner MP 3351 , nashuatec MP 2851, nashuatec MP 3351, Rex-Rotary MP 2851 , Option PCL 1.03
Aficio MP 5002 Aficio MP C3002 Aficio MP C3502 Aficio MP C4502 Aficio MP C5502 Aficio MP C300 Aficio MP C400 Aficio MP C2050 Aficio MP C2051 Aficio MP C2550 Aficio MP C2551 Aficio MP C2800 Aficio MP C3001 Aficio MP C3300 Aficio MP C3501 Af
Ricoh Aficio MP C2050 Ricoh Aficio MP C2550 SP C252HE BK/C/M/Y Ricoh Aficio SP C252DN 2650 2550 2450 2350 Ricoh Aficio SP C252SF SP C250HE BK/C/M/Y Ricoh Aficio SP C250DN 2750 2650 2550 2450 Ricoh Aficio SP C250SF SP-101E Ricoh Aficio
The Aficio MP 2851/3351 are designed to have up to 87% recyclable parts. Ricoh continues to develop new materials to reduce environmental impact as well as technologies to reduce paper consumption. Monitor the Aficio MP 2851/3351's green performance The Ricoh @Remote Intelligent Management System monitors Ricoh networked printers and MFDs
a.82 ricoh aficio mp c3004 ball bearing:dia17xdia26x5 207,90 a.83 ricoh aficio mp c3004 collection bottle:ass'y 346,92 a.84 ricoh aficio mp c3004 filter:preventfence:10 143,22 a.85 ricoh aficio mp c3004 paper feed belt 277,90 a.86 ricoh aficio mp c3004 pickup roller 54,88 a.87 ricoh aficio mp c3004 reverse roller:paper feed 285,88
The following Ricoh MFP models have been integration-tested with MFP Integration and VRS: Please note that only one representative of a complete MFP series has been tested! Aficio 3025/3030 Aficio 3035/3045 Aficio 3224C/3232C Aficio 3228C/3235C/3245C Aficio 3260/5560 8
Ricoh Aficio MP 4000/5000 series Refer to Table 1 about product names for "Ricoh imagio MP 4000/5000 series" and "Ricoh Aficio MP 4000/5000 series". TOE Version : "Ricoh imagio MP 4000/5000 series" and "Ricoh Aficio MP 4000/5000 series" are identified by following software and hardware. Software System/Copy 1.09 Network Support 7.23
E hub length D 1 with brake disc D.B.S.E D 2 w/o brake disc B 1 overall length with brake disc B 2 overall length w/o brake disc F H AGMA gear coupling size
