September 2014 Dell C5765dn Color Laser Multifunction Printer Security Target Version 1.1.4 This document is a trans
Dell C5765dn Security Target - 6 - document. When the client is connected to the MFD directly via USB and printer/fax driver is installed to the clie
Dell C5765dn Security Target - 7 - The OS of (1) general user client and (3) system administrator client are assumed to be Windows XP, Windows Vista
Dell C5765dn Security Target - 8 - 1.4. TOE Description This section describes user assumptions and logical/physical scope of this TOE. 1.4.1. User
Dell C5765dn Security Target - 9 - Figure 2: MFD Units and TOE Logical Scope 1.4.2.1. Basic Functions As shown in Table
Dell C5765dn Security Target - 10 - IOT according to the general user’s instruction from the control panel. When more than one copy of an original is
Dell C5765dn Security Target - 11 - 1.4.2.2. Security Functions The security functions provided by the TOE are the following. (1) Hard Disk Data Ov
Dell C5765dn Security Target - 12 - Figure 3 shows the authentication flow of the above functions. Figure 3: Authentication Flow
Dell C5765dn Security Target - 13 - control panel or to use Smart Card (CAC/PIV). When the user is authenticated, the document data can be scanned fr
Dell C5765dn Security Target - 14 - ・ Set the ID the password of key operator (only a key operator is privileged); ・ Refer to and set the ID of SA
Dell C5765dn Security Target - 15 - (9) Self Test The TOE can execute the self test function to verify the integrity of TSF executable code and TSF
i - Table of Contents - 1. ST INTRODUCTION ... 1 1.1. ST Reference ...
Dell C5765dn Security Target - 16 - 1.4.3. Physical Scope and Boundary The physical scope of this TOE is the MFD. Figure 4 shows configuration of ea
Dell C5765dn Security Target - 17 - connected to the IIT board and IOT board. The control panel is a panel on which buttons, lamps, and a touch scree
Dell C5765dn Security Target - 18 - 2. CONFORMANCE CLAIMS 2.1. CC Conformance Claims This ST and TOE conform to the following evaluation standards
Dell C5765dn Security Target - 19 - 3. SECURITY PROBLEM DEFINITION This chapter describes the threats, organizational security policies, and the ass
Dell C5765dn Security Target - 20 - Figure 5: Assets under and not under Protection Note) The data stored in a general client
Dell C5765dn Security Target - 21 - Categories of TOE Setting Data (Note) Data on access denial due to authentication failures of system administrato
Dell C5765dn Security Target - 22 - 3.2. Organizational Security Policies Table 6 below describes the organizational security policy the TOE must co
Dell C5765dn Security Target - 23 - 4. SECURITY OBJECTIVES This chapter describes the security objectives for the TOE and for the environment and th
Dell C5765dn Security Target - 24 - 4.2. Security Objectives for the Environment Table 9 defines the security objectives for the TOE environment. Ta
Dell C5765dn Security Target - 25 - Security Problems Security Objectives A.ADMIN A.USER A.SECMODE A.ACCESS T.RECOVER T.CONFDATA T.COMM_TAP T.DA
ii 6. SECURITY REQUIREMENTS ... 29 6.1. Security Functional Requirements ...
Dell C5765dn Security Target - 26 - Security Problem Security Objectives Rationale T.RECOVER By satisfying the following objective, T.RECOVER can be
Dell C5765dn Security Target - 27 - Security Problem Security Objectives Rationale T.DATA_SEC By satisfying the following objectives, T.DATA_SEC can
Dell C5765dn Security Target - 28 - 5. EXTENDED COMPONENTS DEFINITION 5.1. Extended Components This ST conforms to CC Part 2 and CC Part 3, and the
Dell C5765dn Security Target - 29 - 6. SECURITY REQUIREMENTS This chapter describes the security functional requirements, security assurance require
Dell C5765dn Security Target - 30 - control panel. Used document data stored in the internal HDD The remaining data in the MFD internal HDD even afte
Dell C5765dn Security Target - 31 - general user. SA identifier User ID and password used to authenticate and identify SA. Key Operator identifier
Dell C5765dn Security Target - 32 - Data on ID of key operator ID data for key operator authentication. Included in the TOE setting data. Data on pa
Dell C5765dn Security Target - 33 - Data on Hard Disk Data Encryption The data on whether to enable/disable the functions related to Hard Disk Data E
Dell C5765dn Security Target - 34 - 6.1. Security Functional Requirements Security functional requirements which the TOE offers are described below
Dell C5765dn Security Target - 35 - private keys). FCS_COP.1 a) Minimal: Success and failure, and the type of cryptographic operation. b) Basic:
iii - List of Figures and Tables - Figure 1: General Operational Environment ... 5 Figure 2:
Dell C5765dn Security Target - 36 - FIA_UAU.1 a) Minimal: Unsuccessful use of the authentication mechanism; b) Basic: All use of the authentication
Dell C5765dn Security Target - 37 - administrator mode FMT_SMR.1 a) Minimal: modifications to the group of users that are part of a role; b) Det
Dell C5765dn Security Target - 38 - [assignment: authorized users] - system administrator [assignment: list of audit information] - all log info
Dell C5765dn Security Target - 39 - [assignment: other actions to be taken in case of audit storage failure] - no other actions to be taken 6.1.
Dell C5765dn Security Target - 40 - - 256bits [assignment: list of cryptographic operations] - encryption of the document data and security audit log
Dell C5765dn Security Target - 41 - Store Print Deletion of document data Retrieval of document data FDP_ACF.1 Security attribute based access c
Dell C5765dn Security Target - 42 - created. - Deletion of Personal Mailbox When the general user identifier and SA identifier of the general user
Dell C5765dn Security Target - 43 - attributes, that explicitly deny access of subjects to objects]. [assignment: rules, based on security attribut
Dell C5765dn Security Target - 44 - - Fax information flow control SFP [assignment: list of subjects and information controlled under the indicated S
Dell C5765dn Security Target - 45 - Hierarchical to: No other components Dependencies: No dependencies FDP_RIP.1.1 The TSF shall ensure that any
Dell C5765dn Security Target - 1 - 1. ST INTRODUCTION This chapter describes Security Target (ST) Reference, TOE Reference, TOE Overview, and TOE De
Dell C5765dn Security Target - 46 - operation until the main unit is cycled. FIA_AFL.1(2) Authentication failure handling Hierarchical to: No o
Dell C5765dn Security Target - 47 - [selection: [assignment: positive integer number] , an administrator configurable positive integer within [assign
Dell C5765dn Security Target - 48 - - met [assignment: list of actions] - have the control panel to display the message of “authentication was failed
Dell C5765dn Security Target - 49 - FIA_UAU.7.1 The TSF shall provide only [assignment: list of feedback] to the user while the authentication is i
Dell C5765dn Security Target - 50 - [assignment: rules for the changing of attributes]. [assignment: rules for the changing of attributes]. - none
Dell C5765dn Security Target - 51 - Self Test enable, disable Key operator, SA FMT_MSA.1 Management of security attributes Hierarchical to:
Dell C5765dn Security Target - 52 - Store Print owner identifier query, delete Key operator, SA , General userAll Store Print owner identifier que
Dell C5765dn Security Target - 53 - modify, delete, clear, [assignment: other operations]] the [assignment: list of TSF data] to [assignment: the aut
Dell C5765dn Security Target - 54 - Data on Customer Engineer Operation Restriction query, modify Key operator, SA Data on Hard Disk Data Encryption
Dell C5765dn Security Target - 55 - explicit access based decisions. Reason: Access is restricted and does not need to be managed. FDP_RIP.1 a) The
Dell C5765dn Security Target - 2 - Table 1: Function Types and Functions Provided by the TOE Function types Functions provided by the TOE Basic Fu
Dell C5765dn Security Target - 56 - interact with the functions in the TSF; Customer Engineer Operation Restriction FMT_MSA.1 a) managing the group
Dell C5765dn Security Target - 57 - 6.1.6. Class FPT: Protection of the TSF FPT_STM.1 Reliable time stamps Hierarchical to: No other compone
Dell C5765dn Security Target - 58 - 6.1.7. Class FTP: Trusted path/channels FTP_TRP.1 Trusted path Hierarchical to: No other components.
Dell C5765dn Security Target - 59 - 6.2. Security Assurance Requirements The requirements for the TOE security assurance are described in Table 22.
Dell C5765dn Security Target - 60 - 6.3. Security Requirement Rationale 6.3.1. Security Functional Requirements Rationale Table 23 lists security f
Dell C5765dn Security Target - 61 - Security Objectives Security Functional Requirements O.AUDITS O.CIPHER O.COMM_SEC O.FAX_SEC O.MANAGE O.RESIDU
Dell C5765dn Security Target - 62 - Security Objectives Security Functional Requirements Rationale log file. By FPT_STM.1, the auditable events ar
Dell C5765dn Security Target - 63 - Security Objectives Security Functional Requirements Rationale local authentication) reaches the defined number
Dell C5765dn Security Target - 64 - Security Objectives Security Functional Requirements Rationale By FIA_UAU.7, unauthorized disclosure of the auth
Dell C5765dn Security Target - 65 - Security Objectives Security Functional Requirements Rationale By FMT_SMR.1, the role of general user and system
Dell C5765dn Security Target - 3 - 1.3.1.3. Usage and Major Security Features of TOE The TOE is mainly used to perform the following functions: ・ C
Dell C5765dn Security Target - 66 - Functional Requirement Dependencies of Functional Requirements Requirement and its name Requirement that is depe
Dell C5765dn Security Target - 67 - Functional Requirement Dependencies of Functional Requirements Requirement and its name Requirement that is depe
Dell C5765dn Security Target - 68 - Functional Requirement Dependencies of Functional Requirements Requirement and its name Requirement that is depe
Dell C5765dn Security Target - 69 - 7. TOE SUMMARY SPECIFICATION This chapter describes the summary specifications of the security functions provide
Dell C5765dn Security Target - 70 - Security Functions Security Functional Requirements TSF_IOW TSF_CIPHER TSF_USER_AUTH TSF_FMT TSF_CE_LIMIT TSF
Dell C5765dn Security Target - 71 - the system administrator mode, the document data and security audit log data are encrypted before stored into the
Dell C5765dn Security Target - 72 - Function to retrieve document data from Mailbox. c) Functions controlled by Configuration Web Tool Display of
Dell C5765dn Security Target - 73 - authentication which is performed before using the MFD functions. When the entered password does not match the on
Dell C5765dn Security Target - 74 - With the authenticated ID, TOE associates the roles of key operator, SA, and general user with the subjects.
Dell C5765dn Security Target - 75 - FDP_ACF.1 Security attribute based access control With the user authentication function, the TOE permits the auth
Dell C5765dn Security Target - 4 - A user can also use Smart Card authentication (CAC/PIV) for identification and authentication. (4) System Adminis
Dell C5765dn Security Target - 76 - document data can be scanned from IIT and stored into the internal HDD according to the user’s instruction from t
Dell C5765dn Security Target - 77 - 7.1.4. System Administrator’s Security Management (TSF_FMT) To grant a privilege to a specific user, this functi
Dell C5765dn Security Target - 78 - With Configuration Web Tool, the settings of the following TOE security functions can be referred to and changed
Dell C5765dn Security Target - 79 - from referring to / changing the settings related to System Administrator’s Security Management (TSF_FMT). This f
Dell C5765dn Security Target - 80 - Logged Events Description Status Shutdown requested User operation (Local) Start/End Self Test Successful/Fai
Dell C5765dn Security Target - 81 - (2) FAU_SAR.1 Audit review It is assured that all the information recorded in the audit log can be retrieved. Se
Dell C5765dn Security Target - 82 - the communication data from modification or disclosure. a) SSL/TLS According to the SSL/TLS communication which
Dell C5765dn Security Target - 83 - Cryptographic key generated as IPSec (ESP: Encapsulating Security Payload) at every session Specifically, one of
Dell C5765dn Security Target - 84 - Secret-key cryptographic method generated as S/MIME for every mail Cryptographic Method and Size of Secret Key 3
Dell C5765dn Security Target - 85 - 8. ACRONYMS AND TERMINOLOGY 8.1. Acronyms The following acronyms are used in this ST: Acronym Definition ADF
Dell C5765dn Security Target - 5 - Figure 1: General Operational Environment 1.3.3. Required Non-TOE Hardware and Softwar
Dell C5765dn Security Target - 86 - 8.2. Terminology The following terms are used in this ST: Term Definition User Any entity outside the TOE who
Dell C5765dn Security Target - 87 - Term Definition Print Data The data written in PDL, a readable format for MFD, which are to be converted into bi
Dell C5765dn Security Target - 88 - Term Definition of users, access denial due to authentication failure of system administrator, Internal Network
Dell C5765dn Security Target - 89 - Term Definition stored in Smart Card (CAC/PIV). OCSP Server The OCSP (Online Certificate Status Protocol) is a p
Dell C5765dn Security Target - 90 - 9. REFERENCES The following documentation was used to prepare this ST. Short Name Document Title [CC Part 1] P
Comments to this Manuals