Specifications
Samsung MFP Security Kit Type_B V1.5 Security Target
84
Copyright
2010 Samsung Electronics Co., Ltd., All rights reserved
6 TOE SUMMARY SPECIFICATION
This section presents an overview of the security functions implemented
by the TOE and the assurance measures applied to ensure their correct
implementation.
6.1 TOE Security Functions
This section presents the security functions performed by the TOE to
satisfy the identified SFRs in Section 5.2.
• Data Access Control (TSF_DAC)
• Security Audit (TSF_FAU)
• Security Management (TSF_FMT)
• System Authentication (TSF_SAU)
• Image Overwrite (TSF_IOW)
• Information Flow (TSF_FLW)
• Network Access Control (TSF_NAC)
• Storage Data Encryption (TSF_NVE)
6.1.1 Data Access Control (TSF_DAC)
The TOE controls data access to the Stored Document that a user stored
as Secured. In the Stored Documents feature, the documents can be
stored using two methods: Public or Secured. When a user stores
documents as Public, all users can access and use the files. Files stored as
Secured only allow the user who stored the file to access the file with a
PIN. When storing a Secured file, the user must enter a PIN to secure the
file. When accessing the file, the user must enter the PIN again.
Relevant SFR: FIA_UAU.2(2), FIA_UAU.7
6.1.2 Security Audit (TSF_FAU)
The TOE tracks events/actions (e.g., print/scan/fax job submission) to
login users. The audit logs are created for each event in fixed size. Each
audit log provides the user’s identification, event number, date, time, ID,
description, and data. The audit logs are available to web administrators
and can be exported for review and analysis by using the web user
interface.
Table 16 : Security Event
Audit log consists of the following fixed-size input data.
Input Number (An integer number from 1 to the number of log data)