-
Konica Minolta 920 - page 1
Multi functional printer (digital copier) bizhub 920 / bizhub PRO 920 Security T ar get V ersion : 6 June 10, 2005 Konica Minolta Business T echnologies, Inc. Copyright© 2005 KO NICA MINOL T A BUSINESS TEC HNOLOGIES, INC., All Rights Reserved ...
-
Konica Minolta 920 - page 2
Document Revision History V ersion Description Approved by Checked by Created by 1 - Initial version 01/21/2005 Masaru Ushio 01/21/2005 Kazuo Y asuda 01/21/2005 Jun Y okobori 2 - Modification for the matters ident ified to correct 03/30/2005 Masaru Ushio 03/30/2005 Kazuo Y asuda 03/30/2005 Jun Y okobori 3 - Modification for the matters ident ified ...
-
Konica Minolta 920 - page 3
T able of Contents 1. ST Introduction ........................................................... 7 1.1. ST Identification ........................................................................................................................ 7 1.1.1. ST Identification and Manag ement ............................................................... ...
-
Konica Minolta 920 - page 4
5.1.2. T OE Security Assurance Requirements ........................................................................... 56 5.2. Security Func tional Requirem ents for the IT environment ...................................................... 57 5.3. Security Func tion S trength......................................................................... ...
-
Konica Minolta 920 - page 5
List of Figures Figure 2.1 Operating En vironment of bizhub PRO 920 Series…..………………………………... 11 Figure 2.2 T OE S tructure ................................................................................................................. 13 Figure 2.3 Processing Architectur e of Basic Function .............................. ...
-
Konica Minolta 920 - page 6
List of T ables T a ble 2.1 Correspondence betw een User Functions and Basic F unctions ....................................... 15 T able 5.1 Aud ita ble Eve nts .............................................................................................................. 34 T able 5.2 List of Managem ent Requirements .............................. ...
-
Konica Minolta 920 - page 7
1. ST Introduction 1.1. ST Iden tification 1.1.1. ST Identification and Managem ent T itle : Multi functional printer (digital copier) bizhub 920 / bizhub PRO 920 Security T arget Ve r s i o n : 6 Created on : June 10, 2005 Created by : Konica Minolta Business T ech no logies, Inc. 1.1.2. T OE Identificati on and Managem ent T itle : Japa ...
-
Konica Minolta 920 - page 8
Note ) The following references are used for Japanes e version. - Common Criteria for Information T echnology Security Evaluation Part 1 : Introduction an d gene ral model August 1999 V ersion 2.1 CCIMB-99-03 1 - Common Criteria for Information T e chnology Security Evaluation Part 2 : Security functional re quirements August 1999 V ersion 2. ...
-
Konica Minolta 920 - page 9
- Common Criteria CCIMB Interpretations-0407 - Common Criteria Addendum-0407 - ISO/IEC 15408, Information T ech nology – Security techniques – Eval uation criteria for IT security – Part1, 99/12 - ISO/IEC 15408, Information T ech nology – Security techniques – Eval uation criteria for IT security – Part2, 99/12 - ISO/IEC 15408, Informat ...
-
Konica Minolta 920 - page 10
2 . T OE Description 2.1. TOE T ype The T OE is software product with the dig ital MFP that is installed the network funct ion. 2.2. T e rminolog y No. T erm Description 1 User BOX This is the directory t o store the docum ent data (Refer to No.2 below). 2 Document data This is the electron ic data converte d from the information such as c h arac ...
-
Konica Minolta 920 - page 11
Public telephone line network Internet Mail server Client PC Firewall Office FTP server Internal network External network bizhub PRO 920 bizhub PRO 920 control software Modem Image control program Controller control program TOE Client PC Figure 2.1 Operating Environm ent of bizhub PRO 920 Series The T OE has a function to send and receive th e docu ...
-
Konica Minolta 920 - page 12
- Administrator Administrator enrolled a t the or ganization that bizhub P RO 920 series is i nstalled, carries out the operati on and m anagement of biz hub PRO 920 s eries. He/She uses the functi on of the operation and managem ent that bizhub PRO 920 series provi des. - Responsible person Responsible person enrolled at the org anization tha t bi ...
-
Konica Minolta 920 - page 13
2.5. TOE Str u c t u re Figure 2.2 shows the s tructure of this TOE. Scanning function FTP function Operation panel HDD 1 Network card bizhub PRO 920 main unit Internal network Print controlle r PC data receiving function Control range of TOE Basic function Service for admini st rator (management function) Service for CE ( CE function ) bizhub PR ...
-
Konica Minolta 920 - page 14
to FTP , scan to PC (SMB), HDD storage, HDD readout, document data deletion functions) and basic function (scanning, printing, del etion, BOX stor age, and BOX readout functions). The controller control program controls the basic funct ion such as Em ail, FTP , SMB ( *1 ) , and PC data receiving functions. ( *1 ) SMB function sends t he ima ...
-
Konica Minolta 920 - page 15
User BOX Client PC FTP server Mail server Input Output Paper document Paper document bizhub PRO 920 Readout function of document data PC-shared folder HDD1 temporary storag e/DRAM temporary storage Deletion functi on of document data Scanning function PC data receiving function Deletion function Docume nt data Document data HDD 1 HDD2 temporary s ...
-
Konica Minolta 920 - page 16
The basic functi ons shown in Figure 2.3 are describe d below . (1) Scanning functi on By request from the operation panel by a general user , the inf ormation of pa per docum ent is read from the scanner , converted to the document data, and stored into the HDD1 temporary storag e o r DRAM temporary storage. (2) PC data receiving function By reque ...
-
Konica Minolta 920 - page 17
(8) SMB function The document data gotten by the scanning functi on, which is stored temporarily into the HDD1 temporary storage or D RAM temporary storage, is sent to the shared folder of PC that is connected with the internal network via the HDD2 tempo rary sto rage. (9) Deletion func tion The docum ent data in the User BOX, associate d with the ...
-
Konica Minolta 920 - page 18
2.8 Function not provide d by the TOE The T OE does not prevent the de letion of docum ent data, bec ause the user ow ns its original data in his/ her PC o r on the paper . Copyright© 2005 K ONICA MINOL T A BUSINESS TEC HNOLOGIES, INC., All Rights Reserved 18 ...
-
Konica Minolta 920 - page 19
3. T OE Security Environment 3.1. Assumptions ASM.PLACE Installation condi tion for the TOE The T OE shall be installed in the ar ea where on ly the prod uct-related person ca n operate. ASM.NET Setting condi t ion for the internal ne tw ork The T OE shall be connected with the internal ne twork that the disc losure of doc ument data will not occur ...
-
Konica Minolta 920 - page 20
4. Security Objectives Policies 4.1. Security Objectives Po licies for the T OE O.IA Identification and authent ication when using The T OE identifies and authorizes the administr ator , CE, or general user who owns the User BOX, who try to access t he T OE. O.MANAGE Provision of the management func tion The TO E provides th e administrator wi th f ...
-
Konica Minolta 920 - page 21
OE.ADMIN Personal condition f or the administrator The responsible perso n sh al l select a person as the administrator who does n ot carry out an illegal act. OE.HDD Protection of the HDD The HDD1 and HDD2 for storing the document data shall prevent the un authorized access by means of the HDD lock password. OE.CE Assurance of the CE The responsib ...
-
Konica Minolta 920 - page 22
5. IT Security Requirements 5.1. TO E Security Requirements 5.1.1. T OE Security Funct ional Requirem ents FIA_UID.2 User identification befor e any action Hierarchical to : FIA_UID.1 FIA_UID.2.1 The TSF shall require e ach user to identif y itself before allowi ng any other TSF- mediated actions on be half of that user . Refinement : “User” ? ...
-
Konica Minolta 920 - page 23
FIA_UAU.2 User authentication befor e any action Hierarchical to : FIA_UAU.1 FIA_UAU.2.1 The TSF shall require e ach user to be su ccessfully a uthenticated befo re allowing any other TSF -m ediated actions on behalf of that user . Refinement : “User” → Administrator , CE, and General user w ho owns the User BOX Dependencies : FIA_UID.1 T imi ...
-
Konica Minolta 920 - page 24
FIA_UAU.7 Protected authentication feedback Hierarchical to : No ot her components. FIA_UAU.7.1 The TSF shall provide only [assi gnment: list of fe edback] to the user while the authentication is in progress. [assignment: list of fe edback] - Dummy characters (*) for the number of password characters e ntered by the operator Dependencies : FIA_UAU. ...
-
Konica Minolta 920 - page 25
FIA_AFL.1 Authentication failure handling Hierarchical to : No ot her components. FIA_AFL.1.1 The TSF shall detect when [assignm en t: number] unsuccessful authentica tion attempts occur relate d to [assignm ent: list of au thentication events]. [assignment: list of authentication events] - Unsuccessful auth entication to t he administrat or , CE, ...
-
Konica Minolta 920 - page 26
FIA_SOS.1[1] V erification of secrets Hierarchical to : No ot her components. FIA_SOS.1.1 The TSF shall provide a m echanism to ve rify that secrets m eet [assignment: a defined quality metric]. [assignment: a defi ned quality metric] - The qu ality metric of pass word is defined as bel ow . Length of passw ord: 8 to 64 characters T ypes of struc t ...
-
Konica Minolta 920 - page 27
FIA_SOS.1[2] V erification of secrets Hierarchical to : No ot her components. FIA_SOS.1.1 The TSF shall provide a m echanism to ve rify that secrets m eet [assignment: a defined quality metric]. [assignment: a defi ned quality metric] - The qu ality metric of pass word is defined as bel ow . Length of passw ord: 8 to 64 characters T ypes of struc t ...
-
Konica Minolta 920 - page 28
FDP_ACC.1[1] Subset access contro l Hierarchical to : No ot her components. FDP_ACC.1.1 The TSF shall enforc e the [assignm ent: access control S FP] on [assignment: list of subjects, objects, and operati ons among subjects and objec ts covered by th e SFP]. [assignment: l ist of subjects, ob jects, an d operations am ong subjects and objects cover ...
-
Konica Minolta 920 - page 29
FDP_ACC.1[2] Subset access contro l Hierarchical to : No ot her components. FDP_ACC.1.1 The TSF shall enforc e the [assignm ent: access control S FP] on [assignment: list of subjects, objects, and operati ons among subjects and objec ts covered by th e SFP]. [assignment: l ist of subjects, ob jects, an d operations am ong subjects and objects cover ...
-
Konica Minolta 920 - page 30
FDP_ACF .1[1] Security attr ibute based access control Hierarchical to : No ot her components. FDP_ACF .1.1 The TSF shall enforce the [assignm ent: access contr ol SFP] to objects base d on [assignment: s ecurity attributes, nam ed groups of securi ty attributes]. [assignment: s ecurity attributes, nam ed groups of securi ty attributes] - Security ...
-
Konica Minolta 920 - page 31
- None FDP_ACF .1.4 The TSF shall explicitly deny access of subjec ts to objects bas ed on the [assignment: rules, based on sec urity attributes, tha t explicitly deny access of subj ects to objects]. [assignment: r ules, based on security attrib utes, that expl icitly deny acc ess of subjects to objects] - None Dependencies : FDP_ACC.1 Subset acce ...
-
Konica Minolta 920 - page 32
FDP_ACF .1[2] Security attr ibute based access control Hierarchical to : No ot her components. FDP_ACF .1.1 The TSF shall enforce the [assignm ent: access contr ol SFP] to objects base d on [assignment: s ecurity attributes, nam ed groups of securi ty attributes]. [assignment: s ecurity attributes, nam ed groups of securi ty attributes] - Security ...
-
Konica Minolta 920 - page 33
FDP_ACF .1.4 The TSF shall explicitly deny access of subjec ts to objects bas ed on the [assignment: r ules, based on security attrib utes, that expl icitly deny acc ess of subjects to objects]. [assignment: r ules, based on security attrib utes, that expl icitly deny acc ess of subjects to objects] - None Dependencies : FDP_ACC.1 Subset access con ...
-
Konica Minolta 920 - page 34
F AU_ GEN.1 Audit da ta generation Hierarchical to : No other com ponents. F AU_ GEN.1.1 The TSF shall be able to generate an audi t record of the follow ing auditable events: a) Start-up and shut down of the audit functions; b) All auditable even ts for the [s election: m inimum, basic, det ailed, not specified] level of audit; and c) [assignment: ...
-
Konica Minolta 920 - page 35
F AU_ GEN.1.2 The TSF shall record within eac h audit record a t least the following information: a) Date and time of the event, type of event, subjec t identity, an d the outcom e (success or failure) of the e vent; and b) For each audit ev ent type, based on the auditable e vent definitions of the func tional components i ncluded in the PP/ST, [a ...
-
Konica Minolta 920 - page 36
F AU_STG .1 Pr otected audit trail storage Hierarchical to : No other com ponents. F AU_ STG .1.1 The TSF shall protect the st ored audit records from unauthorised dele tion. F AU_STG .1.2 The TSF shall be able to [sel ection: prevent, dete ct] modifications to the audit records. [selection: prevent, detect] - Prevent Dependencies : FAU_GEN.1 Audit ...
-
Konica Minolta 920 - page 37
F AU_STG .4 Prevention of audit data loss Hierarchical to : FAU_STG.3 F AU_ STG .4.1 The TSF shall [selection: ‘i g nore auditable events’, ‘p revent auditable events, except those t aken by the au thorised user w ith special ri ghts’, ‘overwrite the oldest stored audit rec ords’] and [assignm ent: other actions to be t aken in case of ...
-
Konica Minolta 920 - page 38
F AU_ SAR.1 Audit review Hierarchical to : No other com ponents. F AU_ SAR.1.1 The TSF shall provide [assi gnm ent: authorised users] with t he capability to read [assignment: list of audit inform ation] from the au dit records. [assignment: auth orised users] - Administrator [assignment: l ist of audit inf ormation] - Audit information s hown in ? ...
-
Konica Minolta 920 - page 39
F AU_SAR.2 Restricted au dit review Hierarchical to : No other com ponents. F AU_ SAR.2.1 The TSF shall prohibit all users read acce ss to the audit records , except those users that have been grante d explicit read-access. Dependencies : FAU_SAR.1 Audit review Copyright© 2005 K ONICA MINOL T A BUSINESS TEC HNOLOGIES, INC., All Rights Reserved 39 ...
-
Konica Minolta 920 - page 40
FMT_MTD.1[1] Management of TSF data Hierarchical to : No other com ponents. FMT_MTD.1.1 The TSF shall restrict the a bility to [se lection: chan ge_default, query, modify, delete, clear, [assig nment: other operat ions]] the [assign ment: list of TSF data] to [assignm ent: the authoris ed identified roles]. [assignment: list of TSF data] - Administ ...
-
Konica Minolta 920 - page 41
FMT_MTD.1[2] Management of TSF data Hierarchical to : No other com ponents. FMT_MTD.1.1 The TSF shall restrict the a bility to [se lection: chan ge_default, query, modify, delete, clear, [assig nment: other operat ions]] the [assign ment: list of TSF data] to [assignm ent: the authoris ed identified roles]. [assignment: list of TSF data] - CE passw ...
-
Konica Minolta 920 - page 42
FMT_MTD.1[3] Management of TSF data Hierarchical to : No other com ponents. FMT_MTD.1.1 The TSF shall restrict the a bility to [se lection: chan ge_default, query, modify, delete, clear, [assig nment: other operat ions]] the [assign ment: list of TSF data] to [assignm ent: the authoris ed identified roles]. [assignment: list of TSF data] - User BOX ...
-
Konica Minolta 920 - page 43
FMT_MTD.1[4] Management of TSF data Hierarchical to : No other com ponents. FMT_MTD.1.1 The TSF shall restrict the a bility to [se lection: chan ge_default, query, modify, delete, clear, [assig nment: other operat ions]] the [assign ment: list of TSF data] to [assignm ent: the authoris ed identified roles]. [assignment: list of TSF data] - User BOX ...
-
Konica Minolta 920 - page 44
FMT_MTD.1[5] Management of TSF data Hierarchical to : No other com ponents. FMT_MTD.1.1 The TSF shall restrict the a bility to [se lection: chan ge_default, query, modify, delete, clear, [assig nment: other operat ions]] the [assign ment: list of TSF data] to [assignm ent: the authoris ed identified roles]. [assignment: list of TSF data] - Administ ...
-
Konica Minolta 920 - page 45
FMT_MSA.1 Management of security attributes Hierarchical to : No other com ponents. FMT_MSA.1.1 The TSF shall enforce the [assignm ent: access contr ol SFP, inform ation flow control SFP] to restrict the ability to [selection: change_default, query, modify, delete, [assignment: other op erati ons]] the security attri b utes [ass ignment: list of se ...
-
Konica Minolta 920 - page 46
FMT_MSA.3 Static attribute initialisatio n Hierarchical to : No other com ponents. FMT_MSA.3.1 The TSF shall enforce the [assignm ent: access contr ol SFP, inform ation flow control SFP] to provide [s election: restrictive, pe rmissive, other property] default values for security attributes that are used to enforce the SFP. [selection: restricti ve ...
-
Konica Minolta 920 - page 47
FMT_SMR.1 Security roles Hierarchical to : No other com ponents. FMT_SMR.1.1 The TSF shall maintain the r oles [assignment: the aut horised identifie d roles]. [assignment: t he authorised ide ntified roles] - Administrator - CE - Role of the genera l user who owns User BOX FMT_SMR.1.2 The TSF shall be able to ass ociate users with r oles. Dependen ...
-
Konica Minolta 920 - page 48
FMT_MOF .1 Management of s ecurity functions behaviour Hierarchical to : No other com ponents. FMT_MOF .1.1 The TSF shall restrict the a bility to [se lection: determ ine the beha viour of, disable, enabl e, modify the beh aviour of] the f unctions [assig nment: list of functions] to [assignm ent: the authorised i dentified roles] . [assignment: l ...
-
Konica Minolta 920 - page 49
FMT_SMF .1 Specification of management functions Hierarchical to : No other com ponents. FMT_SMF .1.1 The TSF shall be capab le of perform ing the followi ng security m anagement functions: [assignm ent: list o f security m anagement funct ions to be pro vided by the TSF]. [assignment: l ist of security m anagement functi ons to be prov ided by the ...
-
Konica Minolta 920 - page 50
Required function Required managem ent Management item FDP_SOS.1 Managem ent of the scale used for the validation of s ecret for IT environment There is no managem ent item since the scale used for the validat ion of secret for IT environm ent cannot be changed. Management of th e threshold value for unsuccessful authentica tion trial There is no m ...
-
Konica Minolta 920 - page 51
Required function Required managem ent Management item FMT_MTD.1[4] Management of th e group that has a role that may af fect TSF da ta with each ot her There is no managem ent item since the role of general us er who owns U ser BOX is fixed. FMT_MTD.1[5] Management of th e group that has a role that may af fect TSF da ta with each ot her There is ...
-
Konica Minolta 920 - page 52
FPT_R VM.1 Non-bypassability of the T SP Hierarchical to : No other com ponents. FPT_R VM.1.1 The TSF shall ensure that TSP enforcem ent functions are invoked a nd succeed before each functio n within the TSC is a llowed to procee d. Dependencies : No dependencies Copyright© 2005 K ONICA MINOL T A BUSINESS TEC HNOLOGIES, INC., All Rights Reserved ...
-
Konica Minolta 920 - page 53
This ST newly creates and uses the T OE s ecurity functional requirements (FDP_MTD.1 Management of adm inistrator data an d FDP_SOS.1 V erification of secrets of IT en vironment) without referring to CCPart 2. Th e administrator data means the control data of securit y function for IT environment t o which only the administrator can access. FDP_MTD ...
-
Konica Minolta 920 - page 54
FPT_STM.1 Reliable time stamps Hierarchical to : No other com ponents. FPT_STM.1.1 The TSF shall be able t o provide reliable time stam ps for its own use. . Dependencies : No dependencies Copyright© 2005 K ONICA MINOL T A BUSINESS TEC HNOLOGIES, INC., All Rights Reserved 54 ...
-
Konica Minolta 920 - page 55
FDP_SOS.1 V erification of secrets of IT envir onment FDP_SOS.1 Verification of secrets of IT environm ent requ ires the TSF to verify that secrets of IT environment m eet defined qua lity m etrics. Management: FDP_SOS.1 The following act ions could be c onsidered for the management fun ctions in FMT. a) the managem ent of the metric use d to verif ...
-
Konica Minolta 920 - page 56
5.1.2. T OE Security Assurance Requirements This T OE asserts EAL3 that is a suff icient level as quality assuran ce for commercial of fice products. T able 5.3 summarizes t he applied T OE securit y assurance requirem ents to EAL3. T able 5.3 List of T OE Security Assurance Requirements Assurance class Assurance requirement ACM_CAP .3 Authent icat ...
-
Konica Minolta 920 - page 57
5.2. Security Functional Requirem ents for the IT environment FIA_UID.2[E] User identification befor e any action Hierarchical to : FIA_UID.1 F IA _UID.2.1[E] The TSF shall require each user to identif y its elf before allowing an y other TSF-med iated actions on beh alf of that user. Refinement: “TSF” → “HDD” Dependencies : No depend ...
-
Konica Minolta 920 - page 58
FIA_UAU.2[E] User authentication befor e any action Hierarchical to : FIA_UAU.1 FIA_UAU.2.1[E] The TSF shall require each user to be su c cessfully authenticated bef ore allowing any other TSF-mediated acti ons on behalf of that user. Refinement: “TSF” → “HDD” Dependencies : FIA_UID.1 T iming of identificatio n Copyright© 2005 K ONICA ...
-
Konica Minolta 920 - page 59
5.3. Security Functio n Stre ngth The following three password mechanism s are tar g eted for the claim of TO E function strength, and the subsequence seven com ponents of T OE functions are targ eted for this ST . Password mechanism s and corresponding TOE function com ponents 1 User BOX password authenticatio n function FIA_UID.2, FIA_UAU.2, FIA_ ...
-
Konica Minolta 920 - page 60
6. T OE Summary Specification 6.1. TO E Security Function 6.1.1. Identifica ti on and Authentication Function The identificatio n and authenticat ion function pro vid es the fo llowing a grou p of security func tions. Function title Specification of sec urity function TOE security functional requirement IA.ADM_ADD Registration of administrator IA.A ...
-
Konica Minolta 920 - page 61
changed in IA _P ASS. IA.ADM_AUTH identificates that he/she is the adm inistrator by the in dication of int erface for the identification and authentication of administrator , and authorizes that he/she is the va lid administrator usin g the entered password. When the administrator e nters the password, dummy characters (*) are displayed i n stead ...
-
Konica Minolta 920 - page 62
Administrator : Administrator password, User BOX password General user who ow ns User BOX : User BOX password of his/ her own User BOX For the password entered by the product-r elated persons, the permitted value is valida ted according to the followi ng rules. - CE and administrator pass words of 8 characters - User BOX password of 8 t o 64 ch ...
-
Konica Minolta 920 - page 63
- Reading out and printing o f docum ent data In case of unsuccessf ul identificati on and authentication, the interface for the identification and a uthentication is allowed to be valid after five seconds. 6.1.3. Audit Function The audit func tion provides the followin g a group of secu rity functions. Function title Specification of sec urity fun ...
-
Konica Minolta 920 - page 64
6.1.4. Managem ent Support Function The management f unction p rovides the f ollowing a grou p of security functi ons. Function title Specification of sec urity function T OE security functional requirement MNG .MODE Setting of security reinforcement mode MNG .MODE perm its only the a dministrator to execu te only the administrat or the check funct ...
-
Konica Minolta 920 - page 65
(year/month/ day/hour/m inute/second) of events occurrence, operat ional subjective identification, and the result of events . It is displayed in a form that t he administrator can refer . MNG .HDD HDD lock password function MNG .HDD permits only the administrator to execute the following operatio ns. ・ Change of HDD lock password For the HDD loc ...
-
Konica Minolta 920 - page 66
6.3. Assurance Measures The developer shall develop according to t he assu rance requirem ents and the developm ent rules regulated by t he developm ent or ganizati on. T able 6.1 shows the compone nts and the related requirements of security assurance requirem ents that fulfill EAL3. T able 6.1 Assurance Requirements and Related Documents for EAL3 ...
-
Konica Minolta 920 - page 67
Distribution and operation ADO_DEL.1 bizhub 920/ bizhub PRO 920 Distrib ution Regulations (Japanese) bizhub 920/ bizh ub PRO 920 Installatio n Manu al (Japanese) bizhub 920/bizh ub PRO 920 User ’ s Gui de Copier (Japanese) bizhub 920/ bizh ub PRO 920 User’s Guide POD Administrator’s Reference ( Japanese) bizhub 920/bizh ub PRO 920 User ’ s ...
-
Konica Minolta 920 - page 68
ADO_IGS.1 bizhub 920/ bizhub PRO 920 Int rodu ction and Operation Regulations (Japanese) bizhub 920/ bizh ub PRO 920 Installatio n Manu al (Japanese) bizhub 920/bizh ub PRO 920 User ’ s Gui de Copier (Japanese) bizhub 920/ bizh ub PRO 920 User’s Guide POD Administrator’s Reference ( Japanese) bizhub 920/bizh ub PRO 920 User ’ s Gu i de Netw ...
-
Konica Minolta 920 - page 69
Guidanc e document AGD_ADM.1 bizhub 920/ bizh ub PRO 920 Installatio n Manu al (Japanese) bizhub 920/bizh ub PRO 920 User ’ s Gui de Copier (Japanese) bizhub 920/ bizh ub PRO 920 User’s Guide POD Administrator’s Reference ( Japanese) bizhub 920/bizh ub PRO 920 User ’ s Gu i de Network Scanner (Japanese) bizhub 920/bizh ub PRO 920 User ’ s ...
-
Konica Minolta 920 - page 70
AGD_USR.1 bizhub 920/bizh ub PRO 920 User ’ s Gui de Copier (Japanese) bizhub 920/ bizh ub PRO 920 User’s Guide POD Administrator’s Reference ( Japanese) bizhub 920/bizh ub PRO 920 User ’ s Gu i de Network Scanner (Japanese) bizhub 920/bizh ub PRO 920 User ’ s Gui de Security (Japanese) IC203 User ’ s Guide (Jap anese) bizhub PRO 920 Us ...
-
Konica Minolta 920 - page 71
A V A_MSU.1 bizhub 920/ bizh ub PRO 920 Installatio n and Operation Regulations (Japanese) bizhub 920/ bizh ub PRO 920 Installatio n Manu al (Japanese) bizhub 920/bizh ub PRO 920 User ’ s Gui de Copier (Japanese) bizhub 920/ bizh ub PRO 920 User’s Guide POD Administrator’s Reference ( Japanese) bizhub 920/bizh ub PRO 920 User ’ s Gu i de Ne ...
-
Konica Minolta 920 - page 72
7. PP Claim There is no applicab le PP in this ST . Copyright© 2005 K ONICA MINOL T A BUSINESS TEC HNOLOGIES, INC., All Rights Reserved 72 ...
-
Konica Minolta 920 - page 73
8. Rationale 8.1. Security Objectives Policies Rationale T able 8.1 shows the corres pondence rela tion of the security objectives policy to the threat and assumptions. T able 8.1 Correspondence between Thre ats, Assu mptions, and Security Objectives Policies Threat/Assumption/ or ganizational security policy Security objectives policy T ・ H D D ...
-
Konica Minolta 920 - page 74
The following show s the rationale for T able 8.1. T . HDDACCESS : Unauthorized access to the HDD TSF changes and manages th e HDD lo ck password of HDD1 and HDD2 in the manage ment function of O.MANAGE by the v alid administrator identified in O.IA. Moreover TSF makes it possible to det ect the trial of unauthorized use to the appl icable manage ...
-
Konica Minolta 920 - page 75
ASM.PLACE : Installation condition for the TOE In OE.PLACE, T OE is ins talled in the are a where only t he product-related person can operate, therefore, the access to T OE is lim ited to only the product-related person. As above mentio ned, the ass umption - ASM.PLACE can b e realized by OE .PLACE of security objectives pol icy . ASM.NET : Se ...
-
Konica Minolta 920 - page 76
8.2. Security Requirem ents Rationale 8.2.1. Security Func tional Require ments Rationa le 8.2.1.1. Reaso n for the adoption of security functiona l requirements FDP_MTD .1 and FDP_SOS.1 Requirement : The control of security function a nd the validation of se cret for IT environment are executed in TOE se curity functional re quirements TSF is nece ...
-
Konica Minolta 920 - page 77
T able 8.2 Corr espondence between Security Objectiv es Policies and IT Security Functional Requirements Security objectives policy IT security functional requirement O ・ I A O ・ M A N A G E O ・ C E O ・ D A T A A C C E S S O ・ A U D I T O E ・ H D D FIA_UID.2 ✔ FIA_UAU.2 ✔ FIA_UAU.7 ✔ FIA_AFL.1 ✔ FIA_SOS.1[1] ✔✔ FIA_SOS.1[2] ...
-
Konica Minolta 920 - page 78
FMT_MSA.1 ✔ FMT_MSA.3 ✔ FMT_SMR.1 ✔ ✔ ✔ ✔ FMT_MOF .1 ✔ ✔ ✔ ✔ ✔ FPT_R VM.1 ✔ ✔ ✔ ✔ ✔ FMT_SMF .1 ✔ ✔ ✔ ✔ FPT_STM.1 ✔ FDP_MTD.1 ✔ FIA_UID.2[E] ✔ Security functional requirement for IT environment FIA.UAU.2[E] ✔ The following show s the rationale for T able 8.2 Correspondence between Security Objectives P ...
-
Konica Minolta 920 - page 79
targete d User BOX is maintained in FM T_SMR.1. Their functions are not bypassed with FPT_ R VM.1 and the state of oper ating ar e ef fectively ready in FMT_MOF .1. Therefore, O.IA can be realized by the cor r espondent s ecurity functio nal requirem ents. O.MANAGE : Provision of the management function The User BOX is created by registering the ...
-
Konica Minolta 920 - page 80
R VM.1 and the state of operati ng ef fectively is ready in FMT_MOF .1. Therefore, O.CE can be rea lized by the c orrespondent security func tional requirements. O.DA T AACCESS : Access limit to the document data The access control to User BOX is reali zed using FDP_ACC.1[ 1] and FDP_ACF . 1[1]. O.DA T AACCESS permits the user recepti on function ...
-
Konica Minolta 920 - page 81
are successfully identified and authenticated . It prevents the HDD1 and HDD2 from the unauthorized access. Therefore, OE.HDD can be realized by the corre spondent security func tional requirements. 8.2.1.3. A dequateness for supportin g of security functional re quirem ents - FDP_MTD.1 and FDP_SOS.1 by assurance requirem ent FDP_MTD.1 execut es on ...
-
Konica Minolta 920 - page 82
9 FDP_ACC.1[2] None FDP_ACF .1 1 1 10 FDP_ACF .1[1] None FDP_ACC.1 FMT_MSA.3 8 11 FMT_MSA.3 is fulfilled with depend ent relation ship of FDP_ACF .1[2] that is access control for the identical obje ct. 1 1 FDP_ACF .1[2] None FDP_ACC.1 FMT_MSA.3 9 23 12 F AU_GEN.1 None FPT_STM.1 28 13 F AU_STG .1 None F AU_GEN.1 1 2 14 F AU_STG .4 F AU_STG .3 F AU_S ...
-
Konica Minolta 920 - page 83
27 FPT_R VM.1 None None 28 FPT_STM.1 None None 29 FDP_MTD.1 None FMT_SMR.1 FMT_SMF .1 26 25 30 FIA_UID.2[E] FIA_UID.1 No ne 31 FIA_UAU.2[E] FIA_UAU.1 FIA_UID.1[E] 30 As the mediate action of FIA_UID.1 is unnecessary , FIA_UID.2 is used. 8.2.3. T OE Security Funct ional Requirem ents Interaction Function that prov ides defense No TOE security functi ...
-
Konica Minolta 920 - page 84
22 FMT_MSA.1 FPT_R VM.1 FMT_MOF .1 23 FMT_MSA.3 FPT_R VM.1 FMT_MOF .1 24 FMT_MOF .1 FPT_R VM.1 25 FMT_SMF .1 None FMT_MOF .1 26 FMT_SMR.1 None FMT_MOF .1 27 FPT_R VM.1 FMT_MOF .1 28 FPT_STM.1 None None 29 FDP_MTD.1 FPT_R VM.1 FMT_MOF .1 < D e t o u r > F P T _ R V M . 1 When the management functi on an d CE functi on of the T O E is us e d, t ...
-
Konica Minolta 920 - page 85
assumed. And it assumes to be operated under the adequate sec urity condition i n terms of the physical and human. Therefore, in “5.3. Securi ty S t rength”, the security strength claims SOF-Basic that can adequat ely resist for attacking from the threat age nt with the att ack capabili ty of low level. The following shows the operat ional m ea ...
-
Konica Minolta 920 - page 86
8.3. T OE Summary Specificati on Rationale 8.3.1. Conform ity of Security Functional Requ irements to TOE Summary Specifica tion T able 8.4 sho ws the relationshi p of security function al requirements conform ed to T OE summary specification. T able 8.4 Corr espondence between IT Securi ty Functions and Security Functional Requirements IT security ...
-
Konica Minolta 920 - page 87
FMT_MTD.1[2] ✔ FMT_MTD.1[3] ✔ FMT_MTD.1[4] ✔ FMT_MTD.1[5] ✔ FMT_MSA.1 ✔ FMT_MSA.3 ✔ FMT_MOF .1 ✔ FMT_SMF .1 ✔ ✔ ✔ FMT_SMR.1 ✔ ✔ ✔ FPT_R VM.1 ✔✔✔✔✔✔✔✔✔ ✔ FPT_STM.1 ✔ FDP_MTD.1 ✔ The following show s the rationale for T able 8.4. FIA_UID.2 For administrator , the identification of administra tor is ex ...
-
Konica Minolta 920 - page 88
FIA_SOS.1[1] For the registrati on and the cha nge of User BO X password, whether t he password is w ithin the coverage of perm itted value alo ng the password rules is judged in MN G .ADM and IA.P ASS respect- ively . Therefore, FIA_SOS.1[1] is realized by implem enting MNG .ADM and IA.P ASS. FIA_SOS.1[2] For the registrati on of administrator pas ...
-
Konica Minolta 920 - page 89
FDP_ACF .1[2] MNG .ADM creates the User BOX accor ding to Access control policy 2. Therefore, FDP_ACF .1[2] is r ealized by implem enting MNG .ADM. F AU_ GEN.1 The audit information regarding the operation of security function is recorded in AUD.LOG . Therefore, F AU_ GEN.1 is real ized by implementing AUD.LOG . F AU_ STG .1 The function t o enable ...
-
Konica Minolta 920 - page 90
FMT_MTD.1[3] In MNG .ADM, the change of use BOX password is perm itted and executed by only the administrator . Therefore, FMT_MTD.1[3] is realized by implem enting MNG .ADM. FMT_MTD.1[4] In IA.P ASS, the change of User BOX password is permitted and executed by only the gen eral user who owns User BO X. Therefore, FMT_MTD.1[4] is realized by implem ...
-
Konica Minolta 920 - page 91
FMT_SMR.1 The maintenance of role is realized by realizing the registration of User BOX identifier and User BOX password, and the c hange of CE, ad ministrator , and User BOX passwords. The registration of administrator , the registration of general user w ho owns User BO X, and the chang e of administrato r , CE, User BOX passwords, are implemente ...
Do you have a question concerning Konica Minolta 920?
Use the form below
If you did not solve your problem by using a manual Konica Minolta 920, ask a question using the form below. If a user had a similar problem with Konica Minolta 920 it is likely that he will want to share the way to solve it.