Certified/Validated Products List

MP C4504/C6004 (Ricoh/Savin/Lanier/
nashuatec/Rex-Rotary/Gestetner/infotec),
MP C5504 (Ricoh/nashuatec/Rex-Rotary/
Gestetner/infotec)
E-2.03

RICOH COMPANY, LTD.
Last Updated 2018-02-02
Product Name :
MP C4504/C6004 (Ricoh/Savin/Lanier/nashuatec/Rex-Rotary/Gestetner/infotec),
MP C5504 (Ricoh/nashuatec/Rex-Rotary/Gestetner/infotec)
Version of TOE :
E-2.03
Product Type :
Multi Function Product
Certification Identification :
JISEC-C0573
Date :
2017-09-14
Version of Common Criteria:
3.1 Release4
Conformance Claim :
EAL2 Augmented with ALC_FLR.2
PP Identifier :
U.S. Government Approved Protection Profile - U.S. Government Protection Profile for Hardcopy Devices Version 1.0 (IEEE Std. 2600.2™-2009)

PRODUCT DESCRIPTION

Description of TOE

This TOE is a digital multi-function product that conforms to the security requirement specification of "U.S. Government Approved Protection Profile - U.S. Government Protection Profile for Hardcopy Devices Version 1.0 (IEEE Std. 2600.2™-2009)", which is a protection profile for Hardcopy devices. This product provides a secure environment for users who use the Copy, Scanner, Printer, Fax, and Document Server functions.

 

TOE security functionality

The major security functions of this TOE are as follows:

- Audit Function: Enables the TOE to record information related to security events and allows users to review it.
- Identification and Authentication Function: Enables the TOE to perform user identification and authentication, lockout, protected password feedback, and auto-logout.
- Document Access Control Function: Enables the TOE to control the operations for user documents and user jobs.
- Use-of-Feature Restriction Function: Enables the TOE to control the use of features for each user.
- Network Protection Function: Enables the TOE to protect network communications using encryption.
- Residual Data Overwrite Function: Enables the TOE to overwrite the residual information on the HDD using the specified pattern.
- Stored Data Protection Function: Enables the TOE to protect the recorded data on the HDD using encryption.
- Security Management Function: Enables the TOE administrator to control security functions.
- Software Verification Function: Enables the TOE to verify the integrity of executable codes of control software so that the software can be validated as genuine software.
- Fax Line Separation Function: Enables the TOE to prevent illegal intrusion from telephone lines.

 

Security functional requirements

This TOE implements the following security functional requirements.

Security audit Non-repudiation of origin/receipt Cryptographic functionality Access control
Data authentication Export data protection Information flow control Import data protection
Internal transfer data protection Residual information protection Rollback Stored data integrity
Transfer data confidentiality Transfer data integrity Identification and authentication Security management
Privacy Control Security functionality protection Resource utilisation management TOE access control
Trusted path/channels