Manualshelf

Specifications

ManualsBrandsSamsung ManualsAll in One PrinterMFP SECURITY
81828384858687888990
Samsung MFP Security Kit Type_B V1.5 Security Target
90
Copyright
2010 Samsung Electronics Co., Ltd., All rights reserved
6.1.7 Network Access Control (TSF_NAC)
The MFP system including the TOE has a network interface card (network
card) connected to an external network. The MFP system can
send/receive data and MFP configuration information and, thus, is able to
configure MFP settings.
There are a couple of methods to access and communicate with the MFP
from outside of the TOE through the network; a standard communication
protocol and a port that performs as a logical network channel. These
services start up simultaneously as a system's network card boots, and
the port number is defined as a logical channel in the range of 1 to 65535.
Among these services, the service that uses upper protocol utilizes a
predefined "well-known port".
The TOE only allows access from authorized ports and connection using
authorized protocol services by configuring port number, and
enabling/disabling network services accessing the MFP system. Only the
web system administrator and telnet system administrator authorized
through login can configure these functions, and these configurations are
altered on each reboot of the network card, and, thus, the MFP system
information and electronic image data are protected from unauthorized
reading and falsification.
Relevant SFR: FDP_IFC.2(2), FDP_IFF.1(2), FMT_SMF.1, FMT_SMR.1
6.1.8 Storage Data Encryption (TSF_NVE)
The TOE provides both encrypting functions during data storage
procedure and decrypting functions in the process of accessing stored
data from hard disk drive with certain algorithm. The algorithm used is
AES 256 stated in FIPS-PUB 197, and 256-bit encryption key is randomly
generated by key generating algorithm corresponding to IEEE 802.11i.
This key is randomly generated only once when the product is installed,
and kept in a safe place. The access to this key is not allowed to any
users including system administrator.
The encrypting/decrypting targets are configuration data and all data
stored on the HDD, including electronic image data. The
encryption/decryption scheme is processed when data are stored or
accessed, and protects data from unauthorized reading and falsification
even if the HDD is stolen.
Relevant SFR: FCS_CKM.1, FCS_CKM.4, FCS_COP.1