Specifications
Samsung MFP Security Kit Type_B V1.5 Security Target
75
Copyright
2010 Samsung Electronics Co., Ltd., All rights reserved
Evaluator action elements:
AVA_VAN.2.1E The evaluator shall confirm that the information
provided meets all requirements for content and
presentation of evidence.
AVA_VAN.2.2E The evaluator shall perform a search of public
domain sources to identify potential vulnerabilities
in the TOE.
AVA_VAN.2.3E The evaluator shall perform an independent
vulnerability analysis of the TOE using the
guidance documentation, functional specification,
TOE design and security architecture description
to identify potential vulnerabilities in the TOE.
AVA_VAN.2.4E The evaluator shall conduct penetration testing,
based on the identified potential vulnerabilities, to
determine that the TOE is resistant to attacks
performed by an attacker possessing Basic attack
potential.
5.3 Security Requirements Rationale
This section demonstrates that the security requirements are satisfied
with the security objectives for the TOE and the IT environment.
All TOE security requirements can be traced back to one or more TOE
security objectives, and all TOE security objectives are supported by at
least one security requirement.
5.3.1 Rationale for the TOE Security Requirements
This section demonstrates that the security objectives of the TOE are
satisfied by the security requirements. Table 15 provides rationale that
the security requirements are corresponding with security objectives.
Table 14 : TOE SFR Mapping to the TOE Security Objectives
TOE Security Objectives
O. AUDITS
O. MANAGE
O.CONTROL_DATA_AC
CESS
O.IDENTIFICATION_AN
D_AUTHENTICATION_O
N_ADMINISTRATOR
O.IMAGE_OVERWRITE
O.HANDLING_AUTHENT
ICATION_FAILURE
O.NETWORK_ACCESS_
CONTROL
O.
STORAGE_DATA_ENCR
YPTION
O.FAXLINE