Ricoh Aficio MP 6001 SP Security Target - Page 36
Security Objectives of Operational Environment
View all Ricoh Aficio MP 6001 SP manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 36 highlights
Page 35 of 87 O.USER.AUTHORIZED User identification and authentication The TOE shall require identification and authentication of users and shall ensure that users are authorised in accordance with security policies before allowing them to use the TOE. O.INTERFACE.MANAGED Management of external interfaces by TOE The TOE shall manage the operation of external interfaces (Operation Panel, LAN, telephone lines and USB) in accordance with security policies. The TOE shall control the access to the Operation Panel, opened LAN ports and telephone lines. Also, the TOE shall forward from external interfaces only data that are processed by the TOE. O.SOFTWARE.VERIFIED Software verification The TOE shall provide procedures to self-verify executable code in the TSF. O.AUDIT.LOGGED Management of audit log records The TOE shall create and maintain a log of TOE use and security-relevant events in the MFP and prevent its unauthorised disclosure or alteration. O.STORAGE.ENCRYPTED Encryption of storage devices The TOE shall ensure the data is encrypted first and then stored on the HDD. 4.2 Security Objectives of Operational Environment This section describes the security objectives of the operational environment. 4.2.1 IT Environment OE.AUDIT_STORAGE.PROTECTED Audit log protection in trusted IT products If audit logs are exported to a trusted IT product, the responsible manager of MFP shall ensure that those logs are protected from unauthorised access, deletion and modifications. OE.AUDIT_ACCESS.AUTHORIZED Audit log access control in trusted IT products If audit logs are exported to a trusted IT product, the responsible manager of MFP shall ensure that those logs can be accessed in order to detect potential security violations, and only by authorised persons. OE.INTERFACE.MANAGED Management of external interfaces in IT environment The IT environment shall provide protection from unmanaged access to TOE external interfaces (LAN). The responsible manager of MFP shall give an instruction to Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.