Ricoh Aficio MP C3001 Security Target - Page 46

P. Audit.logging, P.interface.management, P.storage.encryption, P.rcgate.comm.protect, A.access.

Get Ricoh Aficio MP C3001 PDF manuals and user guides View all Ricoh Aficio MP C3001 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 46 highlights

Page 45 of 93 P. AUDIT.LOGGING P.AUDIT.LOGGING is enforced by O.AUDIT.LOGGED, OE.AUDIT.REVIEWED, OE.AUDIT_STORAGE.PROTECTED and OE.AUDIT_ACCESS.AUTHORIZED. By O.AUDIT.LOGGED, the TOE creates and maintains a log of TOE use and security-relevant events in the MFP and prevents its unauthorised disclosure or alteration. By OE.AUDIT.REVIEWED, the responsible manager of MFP reviews audit logs at appropriate intervals for security violations or unusual patterns of activity according to the guidance document. By OE.AUDIT_STORAGE.PROTECTED, if audit records are exported from the TOE to another trusted IT product, the responsible manager of MFP protects those records from unauthorised access, deletion and alteration. By OE.AUDIT_ACCESS.AUTHORIZED, the responsible manager of MFP ensures that those records can be accessed in order to detect potential security violations, and only by authorised persons. P.AUDIT.LOGGING is enforced by these objectives. P.INTERFACE.MANAGEMENT P.INTERFACE.MANAGEMENT is enforced by O.INTERFACE.MANAGED and OE.INTERFACE.MANAGED. By O.INTERFACE.MANAGED, the TOE manages the operation of the external interfaces in accordance with the security policies. By OE.INTERFACE.MANAGED, the TOE constructs the IT environment that prevents unmanaged access to TOE external interfaces. P.INTERFACE.MANAGEMENT is enforced by these objectives. P.STORAGE.ENCRYPTION P.STORAGE.ENCRYPTION is enforced by O.STORAGE.ENCRYPTED. By O.STORAGE.ENCRYPTED, the TOE shall encrypt the data to be written on the HDD, and written on the HDD shall be those encrypted data. P.STORAGE.ENCRYPTION is enforced by this objective. P.RCGATE.COMM.PROTECT P.RCGATE.COMM.PROTECT is enforced by O.RCGATE.COMM.PROTECT. By O.RCGATE.COMM.PROTECT, the TOE shall conceal the communication data on the communication path between itself and RC Gate, and detect any tampering with those communication data. P.RCGATE.COMM.PROTECT is enforced by this objective. A.ACCESS.MANAGED A.ACCESS.MANAGED is upheld by OE.PHYSICAL.MANAGED. By OE.PHYSICAL.MANAGED, the TOE is located in a restricted or monitored environment according to the guidance documents and is protected from the physical access by the unauthorised persons. A.ACCESS.MANAGED is upheld by this objective. A.ADMIN.TRAINING A.ADMIN.TRAINING is upheld by OE.ADMIN.TRAINED. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
Page 45 of
93
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
P. AUDIT.LOGGING
P.AUDIT.LOGGING is enforced by O.AUDIT.LOGGED, OE.AUDIT.REVIEWED,
OE.AUDIT_STORAGE.PROTECTED and OE.AUDIT_ACCESS.AUTHORIZED.
By O.AUDIT.LOGGED, the TOE creates and maintains a log of TOE use and security-relevant events in the
MFP and prevents its unauthorised disclosure or alteration.
By OE.AUDIT.REVIEWED, the responsible manager of MFP reviews audit logs at appropriate intervals for
security violations or unusual patterns of activity according to the guidance document.
By OE.AUDIT_STORAGE.PROTECTED, if audit records are exported from the TOE to another trusted IT
product, the responsible manager of MFP protects those records from unauthorised access, deletion and
alteration. By OE.AUDIT_ACCESS.AUTHORIZED, the responsible manager of MFP ensures that those
records can be accessed in order to detect potential security violations, and only by authorised persons.
P.AUDIT.LOGGING is enforced by these objectives.
P.INTERFACE.MANAGEMENT
P.INTERFACE.MANAGEMENT is enforced by O.INTERFACE.MANAGED and OE.INTERFACE.MANAGED.
By O.INTERFACE.MANAGED, the TOE manages the operation of the external interfaces in accordance
with the security policies. By OE.INTERFACE.MANAGED, the TOE constructs the IT environment that
prevents unmanaged access to TOE external interfaces.
P.INTERFACE.MANAGEMENT is enforced by these objectives.
P.STORAGE.ENCRYPTION
P.STORAGE.ENCRYPTION is enforced by O.STORAGE.ENCRYPTED.
By O.STORAGE.ENCRYPTED, the TOE shall encrypt the data to be written on the HDD, and written on
the HDD shall be those encrypted data.
P.STORAGE.ENCRYPTION is enforced by this objective.
P.RCGATE.COMM.PROTECT
P.RCGATE.COMM.PROTECT is enforced by O.RCGATE.COMM.PROTECT.
By O.RCGATE.COMM.PROTECT, the TOE shall conceal the communication data on the communication
path between itself and RC Gate, and detect any tampering with those communication data.
P.RCGATE.COMM.PROTECT is enforced by this objective.
A.ACCESS.MANAGED
A.ACCESS.MANAGED is upheld by OE.PHYSICAL.MANAGED.
By OE.PHYSICAL.MANAGED, the TOE is located in a restricted or monitored environment according to
the guidance documents and is protected from the physical access by the unauthorised persons.
A.ACCESS.MANAGED is upheld by this objective.
A.ADMIN.TRAINING
A.ADMIN.TRAINING is upheld by OE.ADMIN.TRAINED.