Last Updated 2018-02-02
- Product Name :
- MP C4504/C6004
(Ricoh/Savin/Lanier/nashuatec/Rex-Rotary/Gestetner/infotec),
MP C5504 (Ricoh/nashuatec/Rex-Rotary/Gestetner/infotec)
- Version of TOE :
- E-2.03
- Product Type :
- Multi Function Product
- Certification Identification :
- JISEC-C0573
- Date :
- 2017-09-14
- Version of Common Criteria:
- 3.1 Release4
- Conformance Claim :
- EAL2 Augmented with ALC_FLR.2
- PP Identifier :
- U.S. Government Approved Protection Profile - U.S. Government Protection Profile for Hardcopy Devices Version 1.0 (IEEE Std. 2600.2™-2009)
- Vendor :
- RICOH COMPANY, LTD.
-
- POC :
- Toru Matsuda
- Division :
- Office Printing Development Division
- Phone :
- +81-46-236-2400
- E-mail :
- Evaluation Facility :
- ECSEC Laboratory Inc.
Evaluation Center
- Certification/Validation
Report :
(300 KB)(2017-10-30) - CC
Certificate Image :
(112 KB)(2017-10-13) - Security Target :
(1.06 MB)(2017-10-30)
PRODUCT DESCRIPTION
Description of TOE
This TOE is a digital multi-function product that conforms to the security requirement specification of "U.S. Government Approved Protection Profile - U.S. Government Protection Profile for Hardcopy Devices Version 1.0 (IEEE Std. 2600.2™-2009)", which is a protection profile for Hardcopy devices. This product provides a secure environment for users who use the Copy, Scanner, Printer, Fax, and Document Server functions.
TOE security functionality
The major security functions of this TOE are as follows:
- | Audit Function: Enables the TOE to record information related to security events and allows users to review it. |
- | Identification and Authentication Function: Enables the TOE to perform user identification and authentication, lockout, protected password feedback, and auto-logout. |
- | Document Access Control Function: Enables the TOE to control the operations for user documents and user jobs. |
- | Use-of-Feature Restriction Function: Enables the TOE to control the use of features for each user. |
- | Network Protection Function: Enables the TOE to protect network communications using encryption. |
- | Residual Data Overwrite Function: Enables the TOE to overwrite the residual information on the HDD using the specified pattern. |
- | Stored Data Protection Function: Enables the TOE to protect the recorded data on the HDD using encryption. |
- | Security Management Function: Enables the TOE administrator to control security functions. |
- | Software Verification Function: Enables the TOE to verify the integrity of executable codes of control software so that the software can be validated as genuine software. |
- | Fax Line Separation Function: Enables the TOE to prevent illegal intrusion from telephone lines. |
Security functional requirements
This TOE implements the following security functional requirements.
Security audit | Non-repudiation of origin/receipt | Cryptographic functionality | Access control |
Data authentication | Export data protection | Information flow control | Import data protection |
Internal transfer data protection | Residual information protection | Rollback | Stored data integrity |
Transfer data confidentiality | Transfer data integrity | Identification and authentication | Security management |
Privacy Control | Security functionality protection | Resource utilisation management | TOE access control |
Trusted path/channels |