Ricoh C400DN Security Target - Page 78
Security Assurance Requirements Rationale
UPC - 026649029516
View all Ricoh C400DN manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 78 highlights
Page 77 of 91 6.3.4 Security Assurance Requirements Rationale This TOE is the MFP, which is a commercially available product. The MFP is assumed that it will be used in a general office and this TOE does not assume the attackers with Enhanced-Basic or higher level of attack potential. Architectural design (ADV_TDS.2) is adequate to show the validity of commercially available products. A high attack potential is required for the attacks that circumvent or tamper with the TSF, which is not covered in this evaluation. The vulnerability analysis (AVA_VAN.2) is therefore adequate for general needs. However, protection of the secrecy of relevant information is required to make security attacks more difficult, and it is important to ensure a secure development environment. Development security (ALC_DVS.1) is therefore important also. In order to securely operate the TOE continuously, it is important to appropriately remediate the flaw discovered after the start of TOE operation according to flow reporting procedure (ALC_FLR.2). Based on the terms and costs of the evaluation, the evaluation assurance level of EAL3+ALC_FLR.2 is appropriate for this TOE. Copyright (c) 2012 RICOH COMPANY, LTD. All rights reserved.