Ricoh Aficio MP 2851 Security Target - Page 28

Page 28 of 81 4 Security Objectives This section describes the security objectives of the TOE and its security objectives of the operational environment and their rationale. 4.1 Security Objectives for TOE The following define the security objectives of the TOE. O.AUDIT (Audit) The TOE shall record Security Function-related events in an audit log, and provides the machine administrator with a function for reading the audit logs, allowing the machine administrator to detect whether or not a security intrusion has occurred. O.I&A (Identification and authentication) The TOE shall perform identification and authentication of users prior to their use of the TOE Security Functions, and allows successfully authenticated users to use the functions for which they have permission. O. DOC_ACC (Access control to protected assets) The TOE shall ensure general users have access to document data according to their permissions to process document data. The TOE shall also allow the file administrator to delete document data stored in the D-BOX. O. MANAGE (Security management) The TOE shall only allow specified users to manage its Security Functions, TSF data, and security attributes. Such users are required to maintain the TOE security. O.MEM.PROTECT (Prevention of disclosure of data stored in memory) The TOE shall convert the format of the document data stored on the HDD into a format that is difficult to decode. O. NET.PROTECT (Protection of network communication data) The TOE shall protect document data and print data travelling over the communication network from interception, and detect any tampering. O.GENUINE (Protection of integrity of MFP Control Software) The TOE shall provide TOE users with a function that verifies the integrity of the MFP Control Software, which is installed in the FlashROM. Copyright (c) 2010 RICOH COMPANY, LTD. All Rights Reserved.