Certified/Validated Products List

MP C4503/C5503 (Ricoh/Lanier/nashuatec/
Rex-Rotary/Gestetner/infotec)
EA-1.00

RICOH COMPANY, LTD.
Last Updated 2013-11-14
Product Name :
MP C4503/C5503 (Ricoh/Lanier/nashuatec/Rex-Rotary/Gestetner/infotec)
Version of TOE :
EA-1.00
Product Type :
Multi Function Product
Certification No. :
C0408
Date :
2013-09-27
Version of Common Criteria:
3.1 Release3
Conformance Claim :
EAL3 Augmented with ALC_FLR.2
PP Identifier :
IEEE Std 2600.1-2009

PRODUCT DESCRIPTION

Description of TOE

This TOE is a digital multi-function product that conforms to the security requirement specification of "IEEE Std 2600.1-2009", which is an international security standard for Hardcopy devices. This product provides a secure environment for users who use the Copy, Scanner, Printer, Fax, and Document Server functions.

 

TOE security functionality

The major security functions of this TOE are as follows:

- Audit Function: Enables the TOE to record information related to security events and allows users to review it.
- Identification and Authentication Function: Enables the TOE to perform user identification and authentication, lockout, protected password feedback, and auto-logout.
- Document Access Control Function: Enables the TOE to control the operations for user documents and user jobs.
- Use-of-Feature Restriction Function: Enables the TOE to control the use of features for each user.
- Network Protection Function: Enables the TOE to protect network communications using encryption.
- Residual Data Overwrite Function: Enables the TOE to overwrite the residual information on the HDD using the specified pattern.
- Stored Data Protection Function: Enables the TOE to protect the recorded data on the HDD using encryption.
- Security Management Function: Enables the TOE administrator to control security functions.
- Software Verification Function: Enables the TOE to verify the integrity of executable codes of control software so that the software can be validated as genuine software.
- Fax Line Separation Function: Enables the TOE to prevent illegal intrusion from telephone lines.

 

Security functional requirements

This TOE implements the following security functional requirements.

Security audit Non-repudiation of origin/receipt Cryptographic functionality Access control
Data authentication Export data protection Information flow control Import data protection
Internal transfer data protection Residual information protection Rollback Stored data integrity
Transfer data confidentiality Transfer data integrity Identification and authentication Security management
Privacy Control Security functionality protection Resource utilisation management TOE access control
Trusted path/channels