Ricoh Aficio MP C3501 Security Target - Page 33

2600.1-SMI conformant Page 32 of 93 2.4 Conformance Claim Rationale 2.4.1 Consistency Claim with TOE Type in PP The targeted product type by the PP is the Hardcopy devices (hereafter, HCDs). The HCDs consist of the scanner device and print device, and have the interface to connect telephone line. The HCDs combine these devices and equip one or more functions of Copy Function, Scanner Function, Printer Function or Fax Function. The Document Server Function is also available when installing the non-volatile memory medium, such as hard disk drive, as additional equipments. The MFP is the type of this TOE. The MFP has the devices the HCDs have, and equips the functions that HCDs equip including the additional equipments. Therefore, this TOE type is consistent with the TOE type in the PP. 2.4.2 Consistency Claim with Security Problems and Security Objectives in PP Defining all security problems in the PP, P.STORAGE_ENCRYPTION and P.RCGATE.COMM.PROTECT were augmented to the security problem definitions in chapter 3. Defining all security objectives in the PP, O.STORAGE.ENCRYPTED and O.RCGATE.COMM.PROTECT were augmented to the security objectives in chapter 4. Described below are the rationale for these augmented security problems and security objectives that conform to the PP. Although the PP is written in English, the security problem definitions in chapter 3 and security objectives in chapter 4 are translated from English into Japanese. If the literal translation of the PP was thought to be difficult for readers to understand the PP in Japanese, the translation was made comprehensible. This, however, does not mean that its description deviates from the requirements of the PP conformance. Also, the description is neither increased nor decreased. Augmentation of P.STORAGE_ENCRYPTION and O.STORAGE.ENCRYPTED P.STORAGE_ENCRYPTION and O.STORAGE.ENCRYPTED encrypt data on HDD and satisfy both other organisational security policies in the PP and security objectives of the TOE. Therefore, P.STORAGE_ENCRYPTION and O.STORAGE.ENCRYPTED were augmented but still conform to the PP. Augmentation of P.RCGATE.COMM.PROTECT and O.RCGATE.COMM.PROTECT P.RCGATE.COMM.PROTECT and O.RCGATE.COMM.PROTECT refer to security problems and security objectives respectively, both of which are concerned with communications between the TOE and RC Gate. These communications are not assumed in the PP, so that they are independent from the PP. Neither transmission nor reception of the protected assets defined in the PP takes place in the communication between the TOE and RC Gate. Also, the protected assets are not operated from the RC Gate. For these reasons, these communications do not affect any security problems and security objectives defined in the PP. Therefore, P.RCGATE.COMM.PROTECT and O.RCGATE.COMM.PROTECT were augmented, yet still conform to the PP. Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.