Page 60 of 82
Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
3.
Specify Management Functions.
To fulfil O.MANAGE, the Security Management Functions for the implemented TSF shall be
performed.
For this, FMT_SMF.1 specifies the required Security Management Functions for the Security
Function requirements.
a)
Authorised use of Security Management Functions.
To fulfil O.MANAGE, authorised users shall be associated with the security management roles, and
operation permissions for the Security Management Functions shall be maintained, since the use of the
Security Management Functions depends on the authorised user roles.
FMT_SMR.1 associates authorised users with a general user, one of the four administrator roles (user
administrator, machine administrator, file administrator, or network administrator), or the supervisor
role, and maintains this association.
O.MEM.PROTECT
Prevention of disclosure of data stored in memory
Following are the rationale behind the functional requirements corresponding to O.MEM.PROTECT in
Table 23, and these requirements are included to fulfil the O.MEM.PROTECT specification.
a)
Generate the encryption keys and perform encryption operations adequately.
To fulfil O.MEM.PROTECT , the document data stored on the HDD shall be sufficiently encrypted to
make decoding difficult unless the document data is read with normal methods using the TOE.
For this, FCS_CKM.1 generates encryption keys at a key size of 256 bits with TRNG for the
encryption key generation algorithm (based on BSI-AIS31); and FCS_COP.1 encrypts document data
when it is stored on the HDD and decrypts it when it is read from the HDD using the encryption keys
generated with the AES encryption algorithm (which corresponds to FIPS197). Additionally,
FTP_TST.1 tests at the TOE start-up the validity of encryption keys and the performance of the Ic Ctlr
where encryption is performed, and this prevents storage of unencrypted document data on the HDD.
O.NET.PROTECT
Protection of network communication data
Following are the rationale behind the functional requirements corresponding to O.NET.PROTECT in
Table 23, and these requirements are included to fulfil the O.NET.PROTECT specification.
a)
Protect assets on communication path.
To fulfil O.NET.PROTECT , document data and print data on the communication path shall be
protected from leakage, and attempts at tampering with it shall also be detected.
For this, FTP_ITC.1 uses the IPSec protocol to protect data sent from the TOE to folders on FTP or
SMB servers, to protect document data on the network from leakage, and also to detect attempts at
tampering with document data.
FTP_TRP.1 also protects document data on networks from leakage and detects attempts at tampering
by use of a trusted path (described later) between the TOE and remote users. The mail service is
protected by S/MIME, which protects data sent by e-mail from the TOE to a client computer, protects
document data or print data on the network from leakage, and detects attempts at tampering.
The SSL protocol protects document data and print data that are is travelling through a web service,
print service, or fax service from a client computer from leakage and attempts at tampering.