Specifications
Samsung MFP Security Kit Type_B V1.5 Security Target
44
Copyright
2010 Samsung Electronics Co., Ltd., All rights reserved
satisfies the T.UNAUTHORIZED_ACCESS_ON_TOE, and support
A.TRUSTED_ADMINISTRATOR because the TOE is managed only by the
system administrator in a safe management environment.
O.NETWORK_ACCESS_CONTROL
This security objective prevents the access of MFP from unauthorized
network protocol service and port. Therefore, the TOE satisfies the
T.TOE_ACCESS_ON_NETWORK.
O.CONTROL_DATA_ACCESS
This security objective allows contacting the preserved files only to the
authorized user. When approaching the file, users have to enter the
correct PINs and then the user can get permission to contact with it.
Therefore, this security objective corresponds with threat:
T.DATA_ACCESS.
O.IDENTIFICATION_AND_AUTHENTICATION_ON_ADMINISTRATO
R
The security objective provides identification and authentication processes
for system administrators that access the security management function
in TOE and only allows the access of the security management function to
authorized administrator. Therefore, the TOE satisfies the
T.UNAUTHORIZED_ACCESS_ON_TOE.
O.IMAGE_OVERWRITE
The security objective provides an image overwrite function to overwrite
temporary files created during the copying, printing, network scan, scan-
to-email, or scan-to-server process for preventing information leakage.
The image overwrite function can also be invoked manually by the system
administrator. Because the removed data never can be restored, this
security objective supports the threat: T.RECOVER.
O.HANDLING_AUTHENTICATION_FAILURE
This component defends against an attack by taking proper measures if 3
wrong PIN numbers were entered in succession. Therefore, this security
objective supports the threat: T.CERTIFICATION_TRIAL_IN_A_ROW.
O.STORAGE_DATA_ENCRYPTION
The security objective provides encrypting data stored on the HDD by
using a key generated in TOE. Therefore, the TOE satisfies
T.CHANGE_AND_READ_STORAGE_DATA.
O. FAXLINE