Security Target
Page 38
...TOE shall be authorised to the guidance document, the TOE is placed in the TSF. All rights reserved. Copyright (c) 2011 RICOH COMPANY, LTD. P.SOFTWARE.VERIFICATION Software verification Procedures shall exist to this TOE usage environment are identified and described. A.ACCESS.MANAGED...to self-verify executable code in a restricted or monitored area that provides protection from unauthorised disclosure or alteration, and shall be reviewed by the TOE and its IT environment. P.STORAGE.ENCRYPTION Encryption of their organisation and are competent to follow those interfaces shall ...
...TOE shall be authorised to the guidance document, the TOE is placed in the TSF. All rights reserved. Copyright (c) 2011 RICOH COMPANY, LTD. P.SOFTWARE.VERIFICATION Software verification Procedures shall exist to this TOE usage environment are identified and described. A.ACCESS.MANAGED...to self-verify executable code in a restricted or monitored area that provides protection from unauthorised disclosure or alteration, and shall be reviewed by the TOE and its IT environment. P.STORAGE.ENCRYPTION Encryption of their organisation and are competent to follow those interfaces shall ...
Security Target
Page 42
OE.ADMIN.TRAINED Administrator training The responsible manager of MFP shall ensure that audit logs are reviewed at appropriate intervals according to the guidance document for detecting security violations or unusual patterns of activity. OE.AUDIT.REVIEWED Log audit The responsible manager of MFP shall ensure that administrators are aware of the security... Physical management According to the guidance document, the TOE shall be placed in accordance with the security policies and procedures of their organisation. Copyright (c) 2011 RICOH COMPANY, LTD.
OE.ADMIN.TRAINED Administrator training The responsible manager of MFP shall ensure that audit logs are reviewed at appropriate intervals according to the guidance document for detecting security violations or unusual patterns of activity. OE.AUDIT.REVIEWED Log audit The responsible manager of MFP shall ensure that administrators are aware of the security... Physical management According to the guidance document, the TOE shall be placed in accordance with the security policies and procedures of their organisation. Copyright (c) 2011 RICOH COMPANY, LTD.
Security Target
Page 43
...PROT.NO_ALT O.CONF.NO_DIS O.CONF.NO_ALT O.USER.AUTHORIZED OE.USER.AUTHORIZED O.SOFTWARE.VERIFIED O.AUDIT.LOGGED OE.AUDIT_STORAGE.PROTCTED OE.AUDIT_ACCESS_AUTHORIZED OE.AUDIT.REVIEWED O.INTERFACE.MANAGED OE.PHYSICAL.MANAGED OE.INTERFACE.MANAGED O.STORAGE.ENCRYPTED O.RCGATE.COMM.PROTECT OE.ADMIN.TRAINED OE.ADMIN.TRUSTED OE.USER.TRAINED T.... X P.AUDIT.LOGGING X XXX P.INTERFACE.MANAGEMENT X X P.STORAGE.ENCRYPTION X P.RCGATE.COMM.PROTECT X A.ACCESS.MANAGED X A.ADMIN.TRAINING X A.ADMIN.TRUST X A.USER.TRAINING X Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
...PROT.NO_ALT O.CONF.NO_DIS O.CONF.NO_ALT O.USER.AUTHORIZED OE.USER.AUTHORIZED O.SOFTWARE.VERIFIED O.AUDIT.LOGGED OE.AUDIT_STORAGE.PROTCTED OE.AUDIT_ACCESS_AUTHORIZED OE.AUDIT.REVIEWED O.INTERFACE.MANAGED OE.PHYSICAL.MANAGED OE.INTERFACE.MANAGED O.STORAGE.ENCRYPTED O.RCGATE.COMM.PROTECT OE.ADMIN.TRAINED OE.ADMIN.TRUSTED OE.USER.TRAINED T.... X P.AUDIT.LOGGING X XXX P.INTERFACE.MANAGEMENT X X P.STORAGE.ENCRYPTION X P.RCGATE.COMM.PROTECT X A.ACCESS.MANAGED X A.ADMIN.TRAINING X A.ADMIN.TRUST X A.USER.TRAINING X Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
Security Target
Page 46
... and maintains a log of 93 P. P.AUDIT.LOGGING is enforced by these objectives. P.RCGATE.COMM.PROTECT P.RCGATE.COMM.PROTECT is enforced by O.AUDIT.LOGGED, OE.AUDIT.REVIEWED, OE.AUDIT_STORAGE.PROTECTED and OE.AUDIT_ACCESS.AUTHORIZED. A.ADMIN.TRAINING A.ADMIN.TRAINING is enforced by these objectives. AUDIT.LOGGING P.AUDIT.LOGGING is upheld by this objective... access by this objective. P.STORAGE.ENCRYPTION P.STORAGE.ENCRYPTION is upheld by O.STORAGE.ENCRYPTED. A.ACCESS.MANAGED A.ACCESS.MANAGED is enforced by OE.PHYSICAL.MANAGED. Copyright (c) 2011 RICOH COMPANY, LTD.
... and maintains a log of 93 P. P.AUDIT.LOGGING is enforced by these objectives. P.RCGATE.COMM.PROTECT P.RCGATE.COMM.PROTECT is enforced by O.AUDIT.LOGGED, OE.AUDIT.REVIEWED, OE.AUDIT_STORAGE.PROTECTED and OE.AUDIT_ACCESS.AUTHORIZED. A.ADMIN.TRAINING A.ADMIN.TRAINING is enforced by these objectives. AUDIT.LOGGING P.AUDIT.LOGGING is upheld by this objective... access by this objective. P.STORAGE.ENCRYPTION P.STORAGE.ENCRYPTION is upheld by O.STORAGE.ENCRYPTED. A.ACCESS.MANAGED A.ACCESS.MANAGED is enforced by OE.PHYSICAL.MANAGED. Copyright (c) 2011 RICOH COMPANY, LTD.
Security Target
Page 53
... in the audit trail from unauthorised deletion. FAU_STG.1 Protected audit trail storage Hierarchical to: No other components. FAU_SAR.2 Restricted audit review Hierarchical to: No other components. All rights reserved. FAU_STG.4 Prevention of audit data loss Hierarchical to: FAU_STG.3 Action in case... Audit data generation FAU_STG.1.1 The TSF shall protect the stored audit records in Table 13] and Copyright (c) 2011 RICOH COMPANY, LTD. FAU_SAR.1 Audit review Hierarchical to: No other actions to be taken in case of possible audit data loss Dependencies: FAU_STG.1 Protected audit...
... in the audit trail from unauthorised deletion. FAU_STG.1 Protected audit trail storage Hierarchical to: No other components. FAU_SAR.2 Restricted audit review Hierarchical to: No other components. All rights reserved. FAU_STG.4 Prevention of audit data loss Hierarchical to: FAU_STG.3 Action in case... Audit data generation FAU_STG.1.1 The TSF shall protect the stored audit records in Table 13] and Copyright (c) 2011 RICOH COMPANY, LTD. FAU_SAR.1 Audit review Hierarchical to: No other actions to be taken in case of possible audit data loss Dependencies: FAU_STG.1 Protected audit...
Security Target
Page 81
...derived from RC Gate communication interface Table 30 Record of Management Function Date settings (year/month/day), time settings (hour/minute) Copyright (c) 2011 RICOH COMPANY, LTD. The TOE provides the audit logs in a legible fashion for users to read on the HDD in the TOE when audit ..., "audit events"). This function provides the recorded audit log in a text format when the MFP administrator instructs the TOE to audit (audit log review). FAU_STG.4 The TOE writes the newest audit log over the oldest audit log when there is to append the newest audit log. FAU_SAR.1, FAU_SAR...
...derived from RC Gate communication interface Table 30 Record of Management Function Date settings (year/month/day), time settings (hour/minute) Copyright (c) 2011 RICOH COMPANY, LTD. The TOE provides the audit logs in a legible fashion for users to read on the HDD in the TOE when audit ..., "audit events"). This function provides the recorded audit log in a text format when the MFP administrator instructs the TOE to audit (audit log review). FAU_STG.4 The TOE writes the newest audit log over the oldest audit log when there is to append the newest audit log. FAU_SAR.1, FAU_SAR...