Ricoh Aficio MP 8001 sec - Page 31
Security Objectives of Operational Environment, Security Objectives Rationale
View all Ricoh Aficio MP 8001 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 31 highlights
Page 30 of 82 O.LINE_PROTECT (Prevention of intrusion from telephone) The TOE shall prevent unauthorised access to the TOE from a telephone line connected to the Fax Unit. 4.2 Security Objectives of Operational Environment The following describes the security objectives of the operational environment. OE.ADMIN (Trusted administrators) The responsible manager of the MFP shall select trusted persons as administrators and instructs them on their administrator roles. Once instructed, administrators then shall instruct general users, familiarising them with the compliance rules for secure TOE operation as defined in the administrator guidance for the TOE. OE.SUPERVISOR (Trusted supervisor) The responsible manager of the MFP shall select a trusted person as a supervisor and instructs him/her on the role of supervisor. OE.NETWORK (Network environment for TOE connection) If the internal network, to which the TOE is connected, is connected to an external network such as the Internet, the organisation that manages operation of the internal network shall close any unnecessary ports between the external and internal networks (e.g. by employing a firewall) 4.3 Security Objectives Rationale This section describes the rationale of the security objectives. If all security objectives are fulfilled as explained in the following, the security problems defined in "3 Security Problem Definitions" are solved: all threats are countered, all organisational security policies enforced, and all assumptions upheld. 4.3.1 Tracing This section describes the correspondence between the previously described "3.1 Threats", "3.2 Organisational Security Policies" and "3.3 Assumptions", and either "4.1 Security Objectives for TOE" or "4.2 Security Objectives of Operational Environment" with Table 4. The "v" in the table indicates that each of the elements of the TOE Security Environment is satisfied by security objectives. Table 4 demonstrates that each security objective corresponds to at least one threat, organisational security policy, or assumption. As indicated by the shaded region in Table 4, assumptions are not upheld by TOE security objectives. Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.