Ricoh Aficio MP 6001 SP Security Target - Page 41

P. Audit.logging, P.interface.management, P.storage.encryption, A.access.managed, A.admin.training

Get Ricoh Aficio MP 6001 SP PDF manuals and user guides View all Ricoh Aficio MP 6001 SP manuals
Add to My Manuals
Save this manual to your list of manuals

Page 41 highlights

Page 40 of 87 P. AUDIT.LOGGING P.AUDIT.LOGGING is enforced by O.AUDIT.LOGGED, OE.AUDIT.REVIEWED, OE.AUDIT_STORAGE.PROTECTED and OE.AUDIT_ACCESS.AUTHORIZED. By O.AUDIT.LOGGED, the TOE creates and maintains a log of TOE use and security-relevant events in the MFP and prevents its unauthorised disclosure or alteration. By OE.AUDIT.REVIEWED, the responsible manager of MFP reviews audit logs at appropriate intervals for security violations or unusual patterns of activity according to the guidance document. By OE.AUDIT_STORAGE.PROTECTED, if audit records are exported from the TOE to another trusted IT product, the responsible manager of MFP protects those records from unauthorised access, deletion and alteration. By OE.AUDIT_ACCESS.AUTHORIZED, the responsible manager of MFP ensures that those records can be accessed in order to detect potential security violations, and only by authorised persons. P.AUDIT.LOGGING is enforced by these objectives. P.INTERFACE.MANAGEMENT P.INTERFACE.MANAGEMENT is enforced by O.INTERFACE.MANAGED and OE.INTERFACE.MANAGED. By O.INTERFACE.MANAGED, the TOE manages the operation of the external interfaces (the Operation Panel, LAN, USB and telephone line) in accordance with the security policies. The TOE controls the access to the Operation Panel and the opened LAN ports, and limits the functions which are available from telephone line. By OE.INTERFACE.MANAGED, the TOE appropriately controls the access to the LAN and USB. Specifically, (1) The responsible manager of MFP gives an instruction to appropriately configure the firewall to prevent attacks to the LAN from the Internet, (2) The responsible manager of MFP instructs the MFP administrators to close the unused LAN ports, (3) The use of USB is deactivated at the time of installation. P.INTERFACE.MANAGEMENT is enforced by these objectives. P.STORAGE.ENCRYPTION P.STORAGE.ENCRYPTION is enforced by O.STORAGE.ENCRYPTED. By OE.PHYSICAL.MANAGED, the TOE encrypts and decrypts the data written into/read from the HDD, and ensures that the only encrypted data is written into the HDD. P.STORAGE.ENCRYPTION is enforced by this objective. A.ACCESS.MANAGED A.ACCESS.MANAGED is upheld by OE.PHYSICAL.MANAGED. By OE.PHYSICAL.MANAGED, the TOE is located in a restricted or monitored environment according to the guidance documents and is protected from the physical access by the unauthorised persons. A.ACCESS.MANAGED is upheld by this objective. A.ADMIN.TRAINING A.ADMIN.TRAINING is upheld by OE.ADMIN.TRAINED. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
Page 40 of
87
P. AUDIT.LOGGING
P.AUDIT.LOGGING is enforced by O.AUDIT.LOGGED, OE.AUDIT.REVIEWED,
OE.AUDIT_STORAGE.PROTECTED and OE.AUDIT_ACCESS.AUTHORIZED.
By O.AUDIT.LOGGED, the TOE creates and maintains a log of TOE use and security-relevant events in the
MFP and prevents its unauthorised disclosure or alteration.
By OE.AUDIT.REVIEWED, the responsible manager of MFP reviews audit logs at appropriate intervals for
security violations or unusual patterns of activity according to the guidance document.
By OE.AUDIT_STORAGE.PROTECTED, if audit records are exported from the TOE to another trusted IT
product, the responsible manager of MFP protects those records from unauthorised access, deletion and
alteration. By OE.AUDIT_ACCESS.AUTHORIZED, the responsible manager of MFP ensures that those
records can be accessed in order to detect potential security violations, and only by authorised persons.
P.AUDIT.LOGGING is enforced by these objectives.
P.INTERFACE.MANAGEMENT
P.INTERFACE.MANAGEMENT is enforced by O.INTERFACE.MANAGED and OE.INTERFACE.MANAGED.
By O.INTERFACE.MANAGED, the TOE manages the operation of the external interfaces (the Operation
Panel, LAN, USB and telephone line) in accordance with the security policies. The TOE controls the access
to the Operation Panel and the opened LAN ports, and limits the functions which are available from
telephone line. By OE.INTERFACE.MANAGED, the TOE appropriately controls the access to the LAN and
USB. Specifically,
(1)
The responsible manager of MFP gives an instruction to appropriately configure the firewall to
prevent attacks to the LAN from the Internet,
(2)
The responsible manager of MFP instructs the MFP administrators to close the unused LAN ports,
(3)
The use of USB is deactivated at the time of installation.
P.INTERFACE.MANAGEMENT is enforced by these objectives.
P.STORAGE.ENCRYPTION
P.STORAGE.ENCRYPTION is enforced by O.STORAGE.ENCRYPTED.
By OE.PHYSICAL.MANAGED, the TOE encrypts and decrypts the data written into/read from the HDD,
and ensures that the only encrypted data is written into the HDD.
P.STORAGE.ENCRYPTION is enforced by this objective.
A.ACCESS.MANAGED
A.ACCESS.MANAGED is upheld by OE.PHYSICAL.MANAGED.
By OE.PHYSICAL.MANAGED, the TOE is located in a restricted or monitored environment according to
the guidance documents and is protected from the physical access by the unauthorised persons.
A.ACCESS.MANAGED is upheld by this objective.
A.ADMIN.TRAINING
A.ADMIN.TRAINING is upheld by OE.ADMIN.TRAINED.
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.