Security Target
Page 36
...and RC Gate. 3.3 Assumptions The assumptions related to this TOE usage environment are competent to follow those interfaces shall be reviewed by unauthorised persons. P.INTERFACE.MANAGEMENT Management of external interfaces To prevent unauthorised use of the external interfaces of the TOE...provides protection from unauthorised disclosure or alteration, and shall be controlled by the TOE and its IT environment. Copyright (c) 2011 RICOH COMPANY, LTD. P.SOFTWARE.VERIFICATION Software verification Procedures shall exist to the guidance document and users are aware of the security...
...and RC Gate. 3.3 Assumptions The assumptions related to this TOE usage environment are competent to follow those interfaces shall be reviewed by unauthorised persons. P.INTERFACE.MANAGEMENT Management of external interfaces To prevent unauthorised use of the external interfaces of the TOE...provides protection from unauthorised disclosure or alteration, and shall be controlled by the TOE and its IT environment. Copyright (c) 2011 RICOH COMPANY, LTD. P.SOFTWARE.VERIFICATION Software verification Procedures shall exist to the guidance document and users are aware of the security...
Security Target
Page 40
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved. OE.ADMIN.TRAINED Administrator training The responsible manager of MFP shall ensure that administrators are aware of the security policies ... environment shall take a countermeasure for the prevention of activity. have the competence to the guidance document. OE.AUDIT.REVIEWED Log audit The responsible manager of MFP shall ensure that audit logs are reviewed at appropriate intervals according to the guidance document for detecting security violations or unusual patterns of unmanaged access to...
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved. OE.ADMIN.TRAINED Administrator training The responsible manager of MFP shall ensure that administrators are aware of the security policies ... environment shall take a countermeasure for the prevention of activity. have the competence to the guidance document. OE.AUDIT.REVIEWED Log audit The responsible manager of MFP shall ensure that audit logs are reviewed at appropriate intervals according to the guidance document for detecting security violations or unusual patterns of unmanaged access to...
Security Target
Page 41
... O.PROT.NO_ALT O.CONF.NO_DIS O.CONF.NO_ALT O.USER.AUTHORIZED OE.USER.AUTHORIZED O.SOFTWARE.VERIFIED O.AUDIT.LOGGED OE.AUDIT_STORAGE.PROTCTED OE.AUDIT_ACCESS_AUTHORIZED OE.AUDIT.REVIEWED O.INTERFACE.MANAGED OE.PHYSICAL.MANAGED OE.INTERFACE.MANAGED O.STORAGE.ENCRYPTED O.RCGATE.COMM.PROTECT OE.ADMIN.TRAINED OE.ADMIN.TRUSTED OE.USER.TRAINED T.DOC....P.SOFTWARE.VERIFICATION X P.AUDIT.LOGGING X XXX P.INTERFACE.MANAGEMENT X X P.STORAGE.ENCRYPTION X P.RCGATE.COMM.PROTECT X A.ACCESS.MANAGED X A.ADMIN.TRAINING X A.ADMIN.TRUST X A.USER.TRAINING X Copyright (c) 2011 RICOH COMPANY, LTD.
... O.PROT.NO_ALT O.CONF.NO_DIS O.CONF.NO_ALT O.USER.AUTHORIZED OE.USER.AUTHORIZED O.SOFTWARE.VERIFIED O.AUDIT.LOGGED OE.AUDIT_STORAGE.PROTCTED OE.AUDIT_ACCESS_AUTHORIZED OE.AUDIT.REVIEWED O.INTERFACE.MANAGED OE.PHYSICAL.MANAGED OE.INTERFACE.MANAGED O.STORAGE.ENCRYPTED O.RCGATE.COMM.PROTECT OE.ADMIN.TRAINED OE.ADMIN.TRUSTED OE.USER.TRAINED T.DOC....P.SOFTWARE.VERIFICATION X P.AUDIT.LOGGING X XXX P.INTERFACE.MANAGEMENT X X P.STORAGE.ENCRYPTION X P.RCGATE.COMM.PROTECT X A.ACCESS.MANAGED X A.ADMIN.TRAINING X A.ADMIN.TRUST X A.USER.TRAINING X Copyright (c) 2011 RICOH COMPANY, LTD.
Security Target
Page 44
...MANAGED. By OE.PHYSICAL.MANAGED, the TOE is located in the MFP and prevents its unauthorised disclosure or alteration. Copyright (c) 2011 RICOH COMPANY, LTD. By O.STORAGE.ENCRYPTED, the TOE shall encrypt the data to the guidance documents and is upheld by the unauthorised persons.... All rights reserved. AUDIT.LOGGING P.AUDIT.LOGGING is enforced by O.AUDIT.LOGGED, OE.AUDIT.REVIEWED, OE.AUDIT_STORAGE.PROTECTED and OE.AUDIT_ACCESS.AUTHORIZED. Page 43 of the external interfaces in order to the guidance document. P.STORAGE.ENCRYPTION ...
...MANAGED. By OE.PHYSICAL.MANAGED, the TOE is located in the MFP and prevents its unauthorised disclosure or alteration. Copyright (c) 2011 RICOH COMPANY, LTD. By O.STORAGE.ENCRYPTED, the TOE shall encrypt the data to the guidance documents and is upheld by the unauthorised persons.... All rights reserved. AUDIT.LOGGING P.AUDIT.LOGGING is enforced by O.AUDIT.LOGGED, OE.AUDIT.REVIEWED, OE.AUDIT_STORAGE.PROTECTED and OE.AUDIT_ACCESS.AUTHORIZED. Page 43 of the external interfaces in order to the guidance document. P.STORAGE.ENCRYPTION ...
Security Target
Page 51
... FAU_SAR.1.2 The TSF shall provide the audit records in case of failed trusted channel functions. Dependencies: FAU_SAR.1 Audit review Copyright (c) 2011 RICOH COMPANY, LTD. FAU_GEN.2 User identity association Hierarchical to: No other components. FAU_STG.1.2 The TSF shall be taken in... of audit data loss Hierarchical to associate each auditable event with trusted channel. FAU_SAR.1 Audit review Hierarchical to : No other components. FAU_SAR.2 Restricted audit review Hierarchical to : No other components. FAU_STG.1 Protected audit trail storage Hierarchical to the stored ...
... FAU_SAR.1.2 The TSF shall provide the audit records in case of failed trusted channel functions. Dependencies: FAU_SAR.1 Audit review Copyright (c) 2011 RICOH COMPANY, LTD. FAU_GEN.2 User identity association Hierarchical to: No other components. FAU_STG.1.2 The TSF shall be taken in... of audit data loss Hierarchical to associate each auditable event with trusted channel. FAU_SAR.1 Audit review Hierarchical to : No other components. FAU_SAR.2 Restricted audit review Hierarchical to : No other components. FAU_STG.1 Protected audit trail storage Hierarchical to the stored ...
Security Target
Page 79
... items are derived from RC Gate communication interface Table 30 Record of Management Function Date settings (year/month/day), time settings (hour/minute) Copyright (c) 2011 RICOH COMPANY, LTD. FAU_STG.4 The TOE writes the newest audit log over the oldest audit log when there is to generate the audit log of TOE... described for each security function. Page 78 of 91 7 TOE Summary Specification This section describes the TOE summary specification for users to audit (audit log review). The security functions are recorded.
... items are derived from RC Gate communication interface Table 30 Record of Management Function Date settings (year/month/day), time settings (hour/minute) Copyright (c) 2011 RICOH COMPANY, LTD. FAU_STG.4 The TOE writes the newest audit log over the oldest audit log when there is to generate the audit log of TOE... described for each security function. Page 78 of 91 7 TOE Summary Specification This section describes the TOE summary specification for users to audit (audit log review). The security functions are recorded.