Security Target
Page 38
...-verify executable code in a restricted or monitored area that provides protection from unauthorised disclosure or alteration, and shall be reviewed by authorised persons. P.STORAGE.ENCRYPTION Encryption of the TOE shall be authorised to use and security-relevant events. All rights... reserved. The audit log shall be protected from physical access by unauthorised persons. Copyright (c) 2011 RICOH COMPANY, LTD. 3.2 Organisational Security Policies The following organisational security policies are taken: Page 37 of 93 P.USER.AUTHORIZATION User...
...-verify executable code in a restricted or monitored area that provides protection from unauthorised disclosure or alteration, and shall be reviewed by authorised persons. P.STORAGE.ENCRYPTION Encryption of the TOE shall be authorised to use and security-relevant events. All rights... reserved. The audit log shall be protected from physical access by unauthorised persons. Copyright (c) 2011 RICOH COMPANY, LTD. 3.2 Organisational Security Policies The following organisational security policies are taken: Page 37 of 93 P.USER.AUTHORIZATION User...
Security Target
Page 42
...their organisation; All rights reserved. and correctly configure and operate the TOE according to those policies and procedures. Copyright (c) 2011 RICOH COMPANY, LTD. have the competence to follow the guidance document; OE.USER.TRAINED User training The responsible manager of MFP ... users according to the guidance document and ensure that administrators are reviewed at appropriate intervals according to the guidance document for malicious purposes according to the guidance document. OE.AUDIT.REVIEWED Log audit The responsible manager of MFP shall ensure that provides...
...their organisation; All rights reserved. and correctly configure and operate the TOE according to those policies and procedures. Copyright (c) 2011 RICOH COMPANY, LTD. have the competence to follow the guidance document; OE.USER.TRAINED User training The responsible manager of MFP ... users according to the guidance document and ensure that administrators are reviewed at appropriate intervals according to the guidance document for malicious purposes according to the guidance document. OE.AUDIT.REVIEWED Log audit The responsible manager of MFP shall ensure that provides...
Security Target
Page 43
...PROT.NO_ALT O.CONF.NO_DIS O.CONF.NO_ALT O.USER.AUTHORIZED OE.USER.AUTHORIZED O.SOFTWARE.VERIFIED O.AUDIT.LOGGED OE.AUDIT_STORAGE.PROTCTED OE.AUDIT_ACCESS_AUTHORIZED OE.AUDIT.REVIEWED O.INTERFACE.MANAGED OE.PHYSICAL.MANAGED OE.INTERFACE.MANAGED O.STORAGE.ENCRYPTED O.RCGATE.COMM.PROTECT OE.ADMIN.TRAINED OE.ADMIN.TRUSTED OE.USER.TRAINED T.... X P.AUDIT.LOGGING X XXX P.INTERFACE.MANAGEMENT X X P.STORAGE.ENCRYPTION X P.RCGATE.COMM.PROTECT X A.ACCESS.MANAGED X A.ADMIN.TRAINING X A.ADMIN.TRUST X A.USER.TRAINING X Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
...PROT.NO_ALT O.CONF.NO_DIS O.CONF.NO_ALT O.USER.AUTHORIZED OE.USER.AUTHORIZED O.SOFTWARE.VERIFIED O.AUDIT.LOGGED OE.AUDIT_STORAGE.PROTCTED OE.AUDIT_ACCESS_AUTHORIZED OE.AUDIT.REVIEWED O.INTERFACE.MANAGED OE.PHYSICAL.MANAGED OE.INTERFACE.MANAGED O.STORAGE.ENCRYPTED O.RCGATE.COMM.PROTECT OE.ADMIN.TRAINED OE.ADMIN.TRUSTED OE.USER.TRAINED T.... X P.AUDIT.LOGGING X XXX P.INTERFACE.MANAGEMENT X X P.STORAGE.ENCRYPTION X P.RCGATE.COMM.PROTECT X A.ACCESS.MANAGED X A.ADMIN.TRAINING X A.ADMIN.TRUST X A.USER.TRAINING X Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
Security Target
Page 46
..., deletion and alteration. By OE.PHYSICAL.MANAGED, the TOE is located in order to TOE external interfaces. Copyright (c) 2011 RICOH COMPANY, LTD. P.INTERFACE.MANAGEMENT P.INTERFACE.MANAGEMENT is enforced by these objectives. P.INTERFACE.MANAGEMENT is enforced by this objective. P.STORAGE...AUDIT.LOGGING is enforced by O.INTERFACE.MANAGED and OE.INTERFACE.MANAGED. P.AUDIT.LOGGING is enforced by O.AUDIT.LOGGED, OE.AUDIT.REVIEWED, OE.AUDIT_STORAGE.PROTECTED and OE.AUDIT_ACCESS.AUTHORIZED. P.RCGATE.COMM.PROTECT P.RCGATE.COMM.PROTECT is enforced by authorised persons. All rights...
..., deletion and alteration. By OE.PHYSICAL.MANAGED, the TOE is located in order to TOE external interfaces. Copyright (c) 2011 RICOH COMPANY, LTD. P.INTERFACE.MANAGEMENT P.INTERFACE.MANAGEMENT is enforced by these objectives. P.INTERFACE.MANAGEMENT is enforced by this objective. P.STORAGE...AUDIT.LOGGING is enforced by O.INTERFACE.MANAGED and OE.INTERFACE.MANAGED. P.AUDIT.LOGGING is enforced by O.AUDIT.LOGGED, OE.AUDIT.REVIEWED, OE.AUDIT_STORAGE.PROTECTED and OE.AUDIT_ACCESS.AUTHORIZED. P.RCGATE.COMM.PROTECT P.RCGATE.COMM.PROTECT is enforced by authorised persons. All rights...
Security Target
Page 53
... the audit trail is full. FAU_SAR.1.2 The TSF shall provide the audit records in the audit trail. Dependencies: FAU_SAR.1 Audit review FAU_SAR.2.1 The TSF shall prohibit all of log items] from the audit records. Page 52 of 93 Dependencies: FAU_GEN.2.1 FAU_GEN.1.... Dependencies: FAU_GEN.1 Audit data generation FAU_STG.1.1 The TSF shall protect the stored audit records in Table 13] and Copyright (c) 2011 RICOH COMPANY, LTD. Dependencies: [FCS_CKM.2 Cryptographic key distribution, or FCS_COP.1 Cryptographic operation] FCS_CKM.4 Cryptographic key destruction FCS_CKM.1.1 The TSF shall...
... the audit trail is full. FAU_SAR.1.2 The TSF shall provide the audit records in the audit trail. Dependencies: FAU_SAR.1 Audit review FAU_SAR.2.1 The TSF shall prohibit all of log items] from the audit records. Page 52 of 93 Dependencies: FAU_GEN.2.1 FAU_GEN.1.... Dependencies: FAU_GEN.1 Audit data generation FAU_STG.1.1 The TSF shall protect the stored audit records in Table 13] and Copyright (c) 2011 RICOH COMPANY, LTD. Dependencies: [FCS_CKM.2 Cryptographic key distribution, or FCS_COP.1 Cryptographic operation] FCS_CKM.4 Cryptographic key destruction FCS_CKM.1.1 The TSF shall...
Security Target
Page 81
... be viewed and deleted only by the MFP administrator. This function provides the recorded audit log in the audit log files to audit (audit log review). FAU_STG.4 The TOE writes the newest audit log over the oldest audit log when there is accessed by the MFP administrator. Table 34 : List of... operations (*2) Success and failure of login operations from the system clock of Management Function Date settings (year/month/day), time settings (hour/minute) Copyright (c) 2011 RICOH COMPANY, LTD.
... be viewed and deleted only by the MFP administrator. This function provides the recorded audit log in the audit log files to audit (audit log review). FAU_STG.4 The TOE writes the newest audit log over the oldest audit log when there is accessed by the MFP administrator. Table 34 : List of... operations (*2) Success and failure of login operations from the system clock of Management Function Date settings (year/month/day), time settings (hour/minute) Copyright (c) 2011 RICOH COMPANY, LTD.