Last Updated 2021-11-12
- Product Name :
-
RICOH IM 7000/8000/9000,
SAVIN IM 7000/8000/9000,
LANIER IM 7000/8000/9000,
nashuatec IM 7000/8000/9000,
Rex Rotary IM 7000/8000/9000,
Gestetner IM 7000/8000/9000
- Version of TOE :
- E-1.00
- Product Type :
- Multi Function Product
- Certification Identification :
- JISEC-C0729
- Date :
- 2021-09-17
- Version of Common Criteria:
- 3.1 Release5
- Conformance Claim :
- EAL2 Augmented by ALC_FLR.2
- PP Identifier :
- U.S. Government Approved Protection Profile - U.S. Government Protection Profile for Hardcopy Devices Version 1.0 (IEEE Std. 2600.2™-2009)
- Vendor :
- RICOH COMPANY, LTD.
-
- POC :
- Fumihisa Kawashima
- Division :
- Ricoh Digital Products BU
- Phone :
- +81-50-3817-0046
- E-mail :
- Evaluation Facility :
- ECSEC Laboratory Inc.
Evaluation Center
- Certification/Validation
Report :
(356 KB)(2021-11-12) - CC
Certificate Image :
(172 KB)(2021-11-12) - Security Target :
(1.21 MB)(2021-11-12)
PRODUCT DESCRIPTION
Description of TOE
This TOE is a digital multi-function product that conforms to the security requirement specification of "U.S. Government Approved Protection Profile - U.S. Government Protection Profile for Hardcopy Devices Version 1.0 (IEEE Std. 2600.2™-2009)", which is a protection profile for Hardcopy devices. This product provides a secure environment for users who use the Copy, Scanner, Printer, Fax, and Document Server functions.
TOE security functionality
The major security functions of this TOE are as follows:
- | Audit Function: Enables the TOE to record information related to security events and allows users to review it. |
- | Identification and Authentication Function: Enables the TOE to perform user identification and authentication, lockout, protected password feedback, and auto-logout. |
- | Document Access Control Function: Enables the TOE to control the operations for user documents and user jobs. |
- | Use-of-Feature Restriction Function: Enables the TOE to control the use of features for each user. |
- | Network Protection Function: Enables the TOE to protect network communications using encryption. |
- | Residual Data Overwrite Function: Enables the TOE to overwrite the residual information on the HDD using the specified pattern. |
- | Stored Data Protection Function: Enables the TOE to protect the recorded data on the HDD using encryption. |
- | Security Management Function: Enables the TOE administrator to control security functions. |
- | Software Verification Function: Enables the TOE to verify the integrity of executable codes of control software so that the software can be validated as genuine software. |
- | Fax Line Separation Function: Enables the TOE to prevent illegal intrusion from telephone lines. |
Security functional requirements
This TOE implements the following security functional requirements.
Security audit | Non-repudiation of origin/receipt | Cryptographic functionality | Access control |
Data authentication | Export data protection | Information flow control | Import data protection |
Internal transfer data protection | Residual information protection | Rollback | Stored data integrity |
Transfer data confidentiality | Transfer data integrity | Identification and authentication | Security management |
Privacy Control | Security functionality protection | Resource utilisation management | TOE access control |
Trusted path/channels | Random number generation |