Specifications
Samsung MFP Security Kit Type_B V1.5 Security Target
16
Copyright
2010 Samsung Electronics Co., Ltd., All rights reserved
System audit log
The system audit logs include system-pertinent information. Because
hackers can attack the TOE with bad intentions, the system audit logs
must be securely protected.
The audit logs that are generated by system may include system data
that might be abused; hence, it should be protected from all attack
attempts.
Image file
An image file from a copying, printing, faxing, or scanning job may
include important information that a client does not want to disclose.
Therefore, it must be securely protected.
TOE configuration data
If a hacker were to acquire TOE configuration data, which
includes the TOE security setup, the TOE might be compromised.
System administrators must securely protect the TOE
configuration data.
<Definition & Roles of User>
Users can be divided into two types: administrator and general user
The role of each user is as follows:
Administrator
Local administrator
The local administrator role manages the Samsung MFP through a
local user interface. The tasks performed by this role include
confirming MFP status information and setting system configurations.
Moreover, local administrators activate or deactivate Automatic Image
Overwrite / Manual Image Overwrite, start or stop Manual Image
Overwrite, set the number of times for Image Overwrite and change
PINs for security.
Web administrator
The web administrator role manages the web site (embedded in the
Samsung MFP) by using the web user interface. This role performs the
following:
— Activates or deactivates security audit
— Downloads the security audit log
— Activates or deactivates protocol
— Changes the port number
— Changes the administrator’s password