EasyManuals Logo

Ricoh Aficio MP 8001 Manual

Ricoh Aficio MP 8001
83 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #69 background imageLoading...
Page #69 background image
Page 68 of 82
Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.
Following are the explanations of each functional item in "SF.I&A User Identification and
Authentication Function" and their corresponding security functional requirements.
7.1.2.1 User Identification and Authentication
The TOE displays a login window when users attempt to use the TOE Security Functions from the
Operation Panel or the Web Service Function. This window requires the user to enter their ID and password,
and then identifies and authenticates the user based on the entered user IDs and passwords.
The TOE also identifies and authenticates the user based on the user ID and password sent from the client
computer when the TOE receives a request from the client computer for printing or transmitting faxes.
The TOE binds successfully authenticated users to the processes available to them (general user processes,
administrator processes, or supervisor processes) according to their user roles (general users, administrators,
or a supervisor), associates each process with the security attributes of that role, and maintains those
bindings and associations. If the user is a general user, the TOE binds the general user to general user
processes, associates general user processes with a general user ID and the document data default ACL, and
maintains those bindings and associations. If the user is an administrator, the TOE binds the administrator
to administrator processes, associates administrator processes with the administrator ID and the
administrator roles, and maintains those bindings and associations. If the user is a supervisor, the TOE
binds the supervisor to supervisor processes, associates supervisor processes with the supervisor ID, and
maintains those bindings and associations.
Authentication methods vary according to the user's role. Table 27 shows the authentication methods for
each user role.
Table 27: User roles and authentication methods
User roles Authentication methods
General users
Check if the general user ID and password entered by the user match a general
user ID and corresponding password registered in the Address Book.
Administrators
Check if the administrator ID and password entered by the user match an
administrator ID and corresponding password registered to the TOE.
Supervisor
Check if the supervisor ID and password entered by the user match a supervisor
ID and corresponding password registered to the TOE.
By the above, FIA_ATD.1 (User attribute definition), FIA_UAU.2 (User authentication before any action),
FIA_UID.2 (User identification before any action), FIA_USB.1 (User-subject binding), FMT_SMF.1
(Specification of Management Functions), and FMT_SMR.1 (Security Roles) are satisfied.
7.1.2.2 Actions in Event of Identification and Authentication Failure
The TOE counts the number of failed identification and authentication attempts made under each ID, as
described in "7.1.2.1 User Identification and Authentication". When the number of failed consecutive
attempts reaches the machine administrator-specified Number of Attempts before Lockout, the TOE locks
out the user, and sets the Lockout Flag for that user to "Active". The machine administrator can specify 1 to
5 as the Number of Attempts before Lockout.
When a user authenticates successfully, as described in "7.1.2.1 User Identification and Authentication", the

Table of Contents

Other manuals for Ricoh Aficio MP 8001

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Ricoh Aficio MP 8001 and is the answer not in the manual?

Ricoh Aficio MP 8001 Specifications

General IconGeneral
BrandRicoh
ModelAficio MP 8001
CategoryAll in One Printer
LanguageEnglish

Related product manuals