Security Target
Page 36
... security policies and procedures of their organisation and are taken: Page 35 of TOE use the TOE. Copyright (c) 2012 RICOH COMPANY, LTD. P.SOFTWARE.VERIFICATION Software verification Procedures shall exist to self-verify executable code in a restricted or monitored area... that provides protection from unauthorised disclosure or alteration, and shall be reviewed by authorised persons. 3.2 Organisational Security Policies The following organisational security policies are competent to follow those interfaces shall be ...
... security policies and procedures of their organisation and are taken: Page 35 of TOE use the TOE. Copyright (c) 2012 RICOH COMPANY, LTD. P.SOFTWARE.VERIFICATION Software verification Procedures shall exist to self-verify executable code in a restricted or monitored area... that provides protection from unauthorised disclosure or alteration, and shall be reviewed by authorised persons. 3.2 Organisational Security Policies The following organisational security policies are competent to follow those interfaces shall be ...
Security Target
Page 40
... policies and procedures of MFP shall ensure that provides protection from physical access to those policies and procedures. Copyright (c) 2012 RICOH COMPANY, LTD. OE.ADMIN.TRAINED Administrator training The responsible manager of MFP shall ensure that users are aware of the security....TRAINED User training The responsible manager of MFP shall train users according to the guidance document and ensure that administrators are reviewed at appropriate intervals according to the guidance document for malicious purposes according to the guidance document. and correctly configure and operate...
... policies and procedures of MFP shall ensure that provides protection from physical access to those policies and procedures. Copyright (c) 2012 RICOH COMPANY, LTD. OE.ADMIN.TRAINED Administrator training The responsible manager of MFP shall ensure that users are aware of the security....TRAINED User training The responsible manager of MFP shall train users according to the guidance document and ensure that administrators are reviewed at appropriate intervals according to the guidance document for malicious purposes according to the guidance document. and correctly configure and operate...
Security Target
Page 41
...NO_ALT O.PROT.NO_ALT O.CONF.NO_DI S O.CONF.NO_ALT O.USER.AUTHORIZED OE.USER.AUTHORIZED O.SOFTWARE.VERIFIED O.AUDIT.LOGGED OE.AUDIT_STORAGE.PROTCTED OE.AUDIT_ACCESS_AUTHORIZED OE.AUDIT.REVIEWED O.INTERFACE.MANAGED OE.PHYSICAL.MANAGED OE.INTERFACE.MANAGED O.STORAGE.ENCRYPTED O.RCGATE.COMM.PROTEC T OE.ADMIN.TRAINED OE.ADMIN.TRUSTED OE.USER.TRAINED T.DOC.....VERIFICATION X P.AUDIT.LOGGING X XXX P.INTERFACE.MANAGEMENT X X P.STORAGE.ENCRYPTION X P.RCGATE.COMM.PROTECT X A.ACCESS.MANAGED X A.ADMIN.TRAINING X A.ADMIN.TRUST X A.USER.TRAINING X Copyright (c) 2012 RICOH COMPANY, LTD.
...NO_ALT O.PROT.NO_ALT O.CONF.NO_DI S O.CONF.NO_ALT O.USER.AUTHORIZED OE.USER.AUTHORIZED O.SOFTWARE.VERIFIED O.AUDIT.LOGGED OE.AUDIT_STORAGE.PROTCTED OE.AUDIT_ACCESS_AUTHORIZED OE.AUDIT.REVIEWED O.INTERFACE.MANAGED OE.PHYSICAL.MANAGED OE.INTERFACE.MANAGED O.STORAGE.ENCRYPTED O.RCGATE.COMM.PROTEC T OE.ADMIN.TRAINED OE.ADMIN.TRUSTED OE.USER.TRAINED T.DOC.....VERIFICATION X P.AUDIT.LOGGING X XXX P.INTERFACE.MANAGEMENT X X P.STORAGE.ENCRYPTION X P.RCGATE.COMM.PROTECT X A.ACCESS.MANAGED X A.ADMIN.TRAINING X A.ADMIN.TRUST X A.USER.TRAINING X Copyright (c) 2012 RICOH COMPANY, LTD.
Security Target
Page 44
...is located in order to another trusted IT product, the responsible manager of MFP protects those communication data. Copyright (c) 2012 RICOH COMPANY, LTD. By OE.AUDIT_ACCESS.AUTHORIZED, the responsible manager of MFP ensures that prevents unmanaged access to be those records can... All rights reserved. P.STORAGE.ENCRYPTION is enforced by authorised persons. P.RCGATE.COMM.PROTECT is enforced by O.AUDIT.LOGGED, OE.AUDIT.REVIEWED, OE.AUDIT_STORAGE.PROTECTED and OE.AUDIT_ACCESS.AUTHORIZED. P.STORAGE.ENCRYPTION P.STORAGE.ENCRYPTION is enforced by OE.ADMIN.TRAINED. By O.INTERFACE.MANAGED, ...
...is located in order to another trusted IT product, the responsible manager of MFP protects those communication data. Copyright (c) 2012 RICOH COMPANY, LTD. By OE.AUDIT_ACCESS.AUTHORIZED, the responsible manager of MFP ensures that prevents unmanaged access to be those records can... All rights reserved. P.STORAGE.ENCRYPTION is enforced by authorised persons. P.RCGATE.COMM.PROTECT is enforced by O.AUDIT.LOGGED, OE.AUDIT.REVIEWED, OE.AUDIT_STORAGE.PROTECTED and OE.AUDIT_ACCESS.AUTHORIZED. P.STORAGE.ENCRYPTION P.STORAGE.ENCRYPTION is enforced by OE.ADMIN.TRAINED. By O.INTERFACE.MANAGED, ...
Security Target
Page 51
...The TSF shall provide the audit records in a manner suitable for the user to : No other components. Dependencies: FAU_SAR.1 Audit review FAU_SAR.2.1 The TSF shall prohibit all users read access to the audit records, except those users that caused the event. Page 50...each auditable event with a specified cryptographic key generation algorithm [assignment: cryptographic key generation algorithm in Table 12] and Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved. Dependencies: FAU_GEN.1 Audit data generation FAU_STG.1.1 The TSF shall protect the stored audit records in accordance...
...The TSF shall provide the audit records in a manner suitable for the user to : No other components. Dependencies: FAU_SAR.1 Audit review FAU_SAR.2.1 The TSF shall prohibit all users read access to the audit records, except those users that caused the event. Page 50...each auditable event with a specified cryptographic key generation algorithm [assignment: cryptographic key generation algorithm in Table 12] and Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved. Dependencies: FAU_GEN.1 Audit data generation FAU_STG.1.1 The TSF shall protect the stored audit records in accordance...
Security Target
Page 79
...instructs the TOE to read on the HDD in the TOE when audit events shown in a legible fashion for users to audit (audit log review). Audit log items include basic log items and expanded log items. Basic log items are recorded whenever audit logs are recorded, and expanded log... derived from RC Gate communication interface Table 29 Record of Management Function Date settings (year/month/day), time settings (hour/minute) Copyright (c) 2012 RICOH COMPANY, LTD. FAU_SAR.1, FAU_SAR.2, and FAU_STG.1 The TOE displays the operation menu for audit logs to be viewed and deleted only by the MFP...
...instructs the TOE to read on the HDD in the TOE when audit events shown in a legible fashion for users to audit (audit log review). Audit log items include basic log items and expanded log items. Basic log items are recorded whenever audit logs are recorded, and expanded log... derived from RC Gate communication interface Table 29 Record of Management Function Date settings (year/month/day), time settings (hour/minute) Copyright (c) 2012 RICOH COMPANY, LTD. FAU_SAR.1, FAU_SAR.2, and FAU_STG.1 The TOE displays the operation menu for audit logs to be viewed and deleted only by the MFP...