Specifications
Samsung MFP Security Kit Type_B V1.5 Security Target
42
Copyright
2010 Samsung Electronics Co., Ltd., All rights reserved
The TOE environment must protect user data from disclosure, or
modification, by establishing a firewall system between external and
internal network systems.
OE.TIME_STAMP
The operational environment must provide a reliable time stamp to mark
entries in the security log.
OE. SSL
In case that web system administrator’s PC communicates with TOE by
using a web interface, data should be transferred by SSL protocol to
guarantee confidentiality and integrity.
OE. IDENTIFICATION_AND_AUTHENTICATION_ON_CAC
The TOE should provide identification and authentication through CAC to
prevent access of the MFP’s services(Print/Copy/Network Scan/Fax) by
unauthorized users.
4.3 Security Objectives Rationale
This section demonstrates that all security objectives for the TOE are
traced back to aspects of the assumptions to be met, identified threats to
be countered or organizational security policies.
Table 7 : Security Objectives and Definition of Security Problems
Security
Objective
s
Definition of
Security
Problems
Security Objectives for the TOE
Security Objectives
for the Environment
O.AUDITS
O. MANAGE
O. CONTROL_DATA_ACCESS
O.
IDENTIFICATION_AND_AUTHENTICATION_ON
_ADMINISTRATOR
O. IMAGE_OVERWRITE
O. HANDLING_AUTHENTICATION_FAILURE
O. NETWORK_ACCESS_CONTROL
O. STORAGE_DATA_ENCRYPTION
O. FAXLINE
OE. PHYSICAL_SECURITY
OE. TRUSTED_ADMIN
OE. TRUSTED_NETWORK
OE. TIME_STAMP
OE.
IDEN
TIFICATION_AND_AUTHENTICATION_ON_CAC
OE. SSL