Security Target
Page 38
P.INTERFACE.MANAGEMENT Management of external interfaces To prevent unauthorised use and security-relevant events. Copyright (c) 2011 RICOH COMPANY, LTD. A.USER.TRAINING User training The responsible manager of MFP trains users according to the guidance document and users are ...disclosure or alteration, and shall be encrypted. P.STORAGE.ENCRYPTION Encryption of storage devices The data stored on the HDD inside the TOE shall be reviewed by the TOE and its IT environment. A.ACCESS.MANAGED Access management According to the guidance document, the TOE is placed in the TSF. ...
P.INTERFACE.MANAGEMENT Management of external interfaces To prevent unauthorised use and security-relevant events. Copyright (c) 2011 RICOH COMPANY, LTD. A.USER.TRAINING User training The responsible manager of MFP trains users according to the guidance document and users are ...disclosure or alteration, and shall be encrypted. P.STORAGE.ENCRYPTION Encryption of storage devices The data stored on the HDD inside the TOE shall be reviewed by the TOE and its IT environment. A.ACCESS.MANAGED Access management According to the guidance document, the TOE is placed in the TSF. ...
Security Target
Page 42
...the prevention of their organisation; OE.ADMIN.TRAINED Administrator training The responsible manager of MFP shall ensure that users are reviewed at appropriate intervals according to the guidance document for malicious purposes according to those policies and procedures. and correctly ...TOE external interfaces. 4.2.2 Non-IT Environment OE.PHYSICAL.MANAGED Physical management According to follow the guidance document; Copyright (c) 2011 RICOH COMPANY, LTD. have the competence to the guidance document, the TOE shall be placed in accordance with the security policies...
...the prevention of their organisation; OE.ADMIN.TRAINED Administrator training The responsible manager of MFP shall ensure that users are reviewed at appropriate intervals according to the guidance document for malicious purposes according to those policies and procedures. and correctly ...TOE external interfaces. 4.2.2 Non-IT Environment OE.PHYSICAL.MANAGED Physical management According to follow the guidance document; Copyright (c) 2011 RICOH COMPANY, LTD. have the competence to the guidance document, the TOE shall be placed in accordance with the security policies...
Security Target
Page 43
... O.USER.AUTHORIZED OE.USER.AUTHORIZED O.SOFTWARE.VERIFIED O.AUDIT.LOGGED OE.AUDIT_STORAGE.PROTCTED OE.AUDIT_ACCESS_AUTHORIZED OE.AUDIT.REVIEWED O.INTERFACE.MANAGED OE.PHYSICAL.MANAGED OE.INTERFACE.MANAGED O.STORAGE.ENCRYPTED O.RCGATE.COMM.PROTECT OE.ADMIN.TRAINED ...X P.STORAGE.ENCRYPTION X P.RCGATE.COMM.PROTECT X A.ACCESS.MANAGED X A.ADMIN.TRAINING X A.ADMIN.TRUST X A.USER.TRAINING X Copyright (c) 2011 RICOH COMPANY, LTD. Table 11 : Rationale for upholding the assumptions, countering the threats, and enforcing the organisational security policies that are defined. 4.3.1 ...
... O.USER.AUTHORIZED OE.USER.AUTHORIZED O.SOFTWARE.VERIFIED O.AUDIT.LOGGED OE.AUDIT_STORAGE.PROTCTED OE.AUDIT_ACCESS_AUTHORIZED OE.AUDIT.REVIEWED O.INTERFACE.MANAGED OE.PHYSICAL.MANAGED OE.INTERFACE.MANAGED O.STORAGE.ENCRYPTED O.RCGATE.COMM.PROTECT OE.ADMIN.TRAINED ...X P.STORAGE.ENCRYPTION X P.RCGATE.COMM.PROTECT X A.ACCESS.MANAGED X A.ADMIN.TRAINING X A.ADMIN.TRUST X A.USER.TRAINING X Copyright (c) 2011 RICOH COMPANY, LTD. Table 11 : Rationale for upholding the assumptions, countering the threats, and enforcing the organisational security policies that are defined. 4.3.1 ...
Security Target
Page 46
...IT environment that those records can be those communication data. A.ACCESS.MANAGED A.ACCESS.MANAGED is enforced by O.AUDIT.LOGGED, OE.AUDIT.REVIEWED, OE.AUDIT_STORAGE.PROTECTED and OE.AUDIT_ACCESS.AUTHORIZED. AUDIT.LOGGING P.AUDIT.LOGGING is upheld by the unauthorised persons. By OE.AUDIT_STORAGE.PROTECTED...relevant events in a restricted or monitored environment according to detect potential security violations, and only by these objectives. Copyright (c) 2011 RICOH COMPANY, LTD. By O.STORAGE.ENCRYPTED, the TOE shall encrypt the data to be written on the HDD, and written on ...
...IT environment that those records can be those communication data. A.ACCESS.MANAGED A.ACCESS.MANAGED is enforced by O.AUDIT.LOGGED, OE.AUDIT.REVIEWED, OE.AUDIT_STORAGE.PROTECTED and OE.AUDIT_ACCESS.AUTHORIZED. AUDIT.LOGGING P.AUDIT.LOGGING is upheld by the unauthorised persons. By OE.AUDIT_STORAGE.PROTECTED...relevant events in a restricted or monitored environment according to detect potential security violations, and only by these objectives. Copyright (c) 2011 RICOH COMPANY, LTD. By O.STORAGE.ENCRYPTED, the TOE shall encrypt the data to be written on the HDD, and written on ...
Security Target
Page 53
...provide the audit records in a manner suitable for the user to the stored audit records in the audit trail. FAU_SAR.2 Restricted audit review Hierarchical to: No other actions to be taken in case of the user that have been granted explicit read access to the audit ... the information. Dependencies: FAU_GEN.1 Audit data generation FAU_STG.1.1 The TSF shall protect the stored audit records in Table 13] and Copyright (c) 2011 RICOH COMPANY, LTD. FAU_STG.1 Protected audit trail storage Hierarchical to : FAU_STG.3 Action in case of audit storage failure] if the audit trail is ...
...provide the audit records in a manner suitable for the user to the stored audit records in the audit trail. FAU_SAR.2 Restricted audit review Hierarchical to: No other actions to be taken in case of the user that have been granted explicit read access to the audit ... the information. Dependencies: FAU_GEN.1 Audit data generation FAU_STG.1.1 The TSF shall protect the stored audit records in Table 13] and Copyright (c) 2011 RICOH COMPANY, LTD. FAU_STG.1 Protected audit trail storage Hierarchical to : FAU_STG.3 Action in case of audit storage failure] if the audit trail is ...
Security Target
Page 81
...35 are derived from RC Gate communication interface Table 30 Record of Management Function Date settings (year/month/day), time settings (hour/minute) Copyright (c) 2011 RICOH COMPANY, LTD. Table 34 : List of Audit Events Audit Events Start-up of the Audit Function (*1) Shutdown of the Audit Function (*1) Success and ... the audit logs. Page 80 of 93 7 TOE Summary Specification This section describes the TOE summary specification for users to audit (audit log review). FPT_STM.1 The date (year/month/day) and time (hour/minute/second) the TOE records for each security function.
...35 are derived from RC Gate communication interface Table 30 Record of Management Function Date settings (year/month/day), time settings (hour/minute) Copyright (c) 2011 RICOH COMPANY, LTD. Table 34 : List of Audit Events Audit Events Start-up of the Audit Function (*1) Shutdown of the Audit Function (*1) Success and ... the audit logs. Page 80 of 93 7 TOE Summary Specification This section describes the TOE summary specification for users to audit (audit log review). FPT_STM.1 The date (year/month/day) and time (hour/minute/second) the TOE records for each security function.