Dell C5765DN MFP Color Laser Printer Manuel d'utilisateur

September 2014 Dell C5765dn Color Laser Multifunction Printer Security Target Version 1.1.4 This document is a trans

Dell C5765dn Security Target - 6 - document. When the client is connected to the MFD directly via USB and printer/fax driver is installed to the clie

Dell C5765dn Security Target - 7 - The OS of (1) general user client and (3) system administrator client are assumed to be Windows XP, Windows Vista

Dell C5765dn Security Target - 8 - 1.4. TOE Description This section describes user assumptions and logical/physical scope of this TOE. 1.4.1. User

Dell C5765dn Security Target - 9 - Figure 2: MFD Units and TOE Logical Scope 1.4.2.1. Basic Functions As shown in Table

Dell C5765dn Security Target - 10 - IOT according to the general user’s instruction from the control panel. When more than one copy of an original is

Dell C5765dn Security Target - 11 - 1.4.2.2. Security Functions The security functions provided by the TOE are the following. (1) Hard Disk Data Ov

Dell C5765dn Security Target - 12 - Figure 3 shows the authentication flow of the above functions. Figure 3: Authentication Flow

Dell C5765dn Security Target - 13 - control panel or to use Smart Card (CAC/PIV). When the user is authenticated, the document data can be scanned fr

Dell C5765dn Security Target - 14 - ・ Set the ID the password of key operator (only a key operator is privileged); ・ Refer to and set the ID of SA

Dell C5765dn Security Target - 15 - (9) Self Test The TOE can execute the self test function to verify the integrity of TSF executable code and TSF

i - Table of Contents - 1. ST INTRODUCTION ... 1 1.1. ST Reference ...

Dell C5765dn Security Target - 16 - 1.4.3. Physical Scope and Boundary The physical scope of this TOE is the MFD. Figure 4 shows configuration of ea

Dell C5765dn Security Target - 17 - connected to the IIT board and IOT board. The control panel is a panel on which buttons, lamps, and a touch scree

Dell C5765dn Security Target - 18 - 2. CONFORMANCE CLAIMS 2.1. CC Conformance Claims This ST and TOE conform to the following evaluation standards

Dell C5765dn Security Target - 19 - 3. SECURITY PROBLEM DEFINITION This chapter describes the threats, organizational security policies, and the ass

Dell C5765dn Security Target - 20 - Figure 5: Assets under and not under Protection Note) The data stored in a general client

Dell C5765dn Security Target - 21 - Categories of TOE Setting Data (Note) Data on access denial due to authentication failures of system administrato

Dell C5765dn Security Target - 22 - 3.2. Organizational Security Policies Table 6 below describes the organizational security policy the TOE must co

Dell C5765dn Security Target - 23 - 4. SECURITY OBJECTIVES This chapter describes the security objectives for the TOE and for the environment and th

Dell C5765dn Security Target - 24 - 4.2. Security Objectives for the Environment Table 9 defines the security objectives for the TOE environment. Ta

Dell C5765dn Security Target - 25 - Security Problems Security Objectives A.ADMIN A.USER A.SECMODE A.ACCESS T.RECOVER T.CONFDATA T.COMM_TAP T.DA

ii 6. SECURITY REQUIREMENTS ... 29 6.1. Security Functional Requirements ...

Dell C5765dn Security Target - 26 - Security Problem Security Objectives Rationale T.RECOVER By satisfying the following objective, T.RECOVER can be

Dell C5765dn Security Target - 27 - Security Problem Security Objectives Rationale T.DATA_SEC By satisfying the following objectives, T.DATA_SEC can

Dell C5765dn Security Target - 28 - 5. EXTENDED COMPONENTS DEFINITION 5.1. Extended Components This ST conforms to CC Part 2 and CC Part 3, and the

Dell C5765dn Security Target - 29 - 6. SECURITY REQUIREMENTS This chapter describes the security functional requirements, security assurance require

Dell C5765dn Security Target - 30 - control panel. Used document data stored in the internal HDD The remaining data in the MFD internal HDD even afte

Dell C5765dn Security Target - 31 - general user. SA identifier User ID and password used to authenticate and identify SA. Key Operator identifier

Dell C5765dn Security Target - 32 - Data on ID of key operator ID data for key operator authentication. Included in the TOE setting data. Data on pa

Dell C5765dn Security Target - 33 - Data on Hard Disk Data Encryption The data on whether to enable/disable the functions related to Hard Disk Data E

Dell C5765dn Security Target - 34 - 6.1. Security Functional Requirements Security functional requirements which ｔhe TOE offers are described below

Dell C5765dn Security Target - 35 - private keys). FCS_COP.1 a) Minimal: Success and failure, and the type of cryptographic operation. b) Basic:

iii - List of Figures and Tables - Figure 1: General Operational Environment ... 5 Figure 2:

Dell C5765dn Security Target - 36 - FIA_UAU.1 a) Minimal: Unsuccessful use of the authentication mechanism; b) Basic: All use of the authentication

Dell C5765dn Security Target - 37 - administrator mode FMT_SMR.1 a) Minimal: modifications to the group of users that are part of a role; b) Det

Dell C5765dn Security Target - 38 - [assignment: authorized users] - system administrator [assignment: list of audit information] - all log info

Dell C5765dn Security Target - 39 - [assignment: other actions to be taken in case of audit storage failure] - no other actions to be taken 6.1.

Dell C5765dn Security Target - 40 - - 256bits [assignment: list of cryptographic operations] - encryption of the document data and security audit log

Dell C5765dn Security Target - 41 - Store Print Deletion of document data Retrieval of document data FDP_ACF.1 Security attribute based access c

Dell C5765dn Security Target - 42 - created. - Deletion of Personal Mailbox When the general user identifier and SA identifier of the general user

Dell C5765dn Security Target - 43 - attributes, that explicitly deny access of subjects to objects]. [assignment: rules, based on security attribut

Dell C5765dn Security Target - 44 - - Fax information flow control SFP [assignment: list of subjects and information controlled under the indicated S

Dell C5765dn Security Target - 45 - Hierarchical to: No other components Dependencies: No dependencies FDP_RIP.1.1 The TSF shall ensure that any

Dell C5765dn Security Target - 1 - 1. ST INTRODUCTION This chapter describes Security Target (ST) Reference, TOE Reference, TOE Overview, and TOE De

Dell C5765dn Security Target - 46 - operation until the main unit is cycled. FIA_AFL.1(2) Authentication failure handling Hierarchical to: No o

Dell C5765dn Security Target - 47 - [selection: [assignment: positive integer number] , an administrator configurable positive integer within [assign

Dell C5765dn Security Target - 48 - - met [assignment: list of actions] - have the control panel to display the message of “authentication was failed

Dell C5765dn Security Target - 49 - FIA_UAU.7.1 The TSF shall provide only [assignment: list of feedback] to the user while the authentication is i

Dell C5765dn Security Target - 50 - [assignment: rules for the changing of attributes]. [assignment: rules for the changing of attributes]. - none

Dell C5765dn Security Target - 51 - Self Test enable, disable Key operator, SA FMT_MSA.1 Management of security attributes Hierarchical to:

Dell C5765dn Security Target - 52 - Store Print owner identifier query, delete Key operator, SA , General userAll Store Print owner identifier que

Dell C5765dn Security Target - 53 - modify, delete, clear, [assignment: other operations]] the [assignment: list of TSF data] to [assignment: the aut

Dell C5765dn Security Target - 54 - Data on Customer Engineer Operation Restriction query, modify Key operator, SA Data on Hard Disk Data Encryption

Dell C5765dn Security Target - 55 - explicit access based decisions. Reason: Access is restricted and does not need to be managed. FDP_RIP.1 a) The

Dell C5765dn Security Target - 2 - Table 1: Function Types and Functions Provided by the TOE Function types Functions provided by the TOE Basic Fu

Dell C5765dn Security Target - 56 - interact with the functions in the TSF; Customer Engineer Operation Restriction FMT_MSA.1 a) managing the group

Dell C5765dn Security Target - 57 - 6.1.6. Class FPT: Protection of the TSF FPT_STM.1 Reliable time stamps Hierarchical to: No other compone

Dell C5765dn Security Target - 58 - 6.1.7. Class FTP: Trusted path/channels FTP_TRP.1 Trusted path Hierarchical to: No other components.

Dell C5765dn Security Target - 59 - 6.2. Security Assurance Requirements The requirements for the TOE security assurance are described in Table 22.

Dell C5765dn Security Target - 60 - 6.3. Security Requirement Rationale 6.3.1. Security Functional Requirements Rationale Table 23 lists security f

Dell C5765dn Security Target - 61 - Security Objectives Security Functional Requirements O.AUDITS O.CIPHER O.COMM_SEC O.FAX_SEC O.MANAGE O.RESIDU

Dell C5765dn Security Target - 62 - Security Objectives Security Functional Requirements Rationale log file. By FPT_STM.1, the auditable events ar

Dell C5765dn Security Target - 63 - Security Objectives Security Functional Requirements Rationale local authentication) reaches the defined number

Dell C5765dn Security Target - 64 - Security Objectives Security Functional Requirements Rationale By FIA_UAU.7, unauthorized disclosure of the auth

Dell C5765dn Security Target - 65 - Security Objectives Security Functional Requirements Rationale By FMT_SMR.1, the role of general user and system

Dell C5765dn Security Target - 3 - 1.3.1.3. Usage and Major Security Features of TOE The TOE is mainly used to perform the following functions: ・ C

Dell C5765dn Security Target - 66 - Functional Requirement Dependencies of Functional Requirements Requirement and its name Requirement that is depe

Dell C5765dn Security Target - 67 - Functional Requirement Dependencies of Functional Requirements Requirement and its name Requirement that is depe

Dell C5765dn Security Target - 68 - Functional Requirement Dependencies of Functional Requirements Requirement and its name Requirement that is depe

Dell C5765dn Security Target - 69 - 7. TOE SUMMARY SPECIFICATION This chapter describes the summary specifications of the security functions provide

Dell C5765dn Security Target - 70 - Security Functions Security Functional Requirements TSF_IOW TSF_CIPHER TSF_USER_AUTH TSF_FMT TSF_CE_LIMIT TSF

Dell C5765dn Security Target - 71 - the system administrator mode, the document data and security audit log data are encrypted before stored into the

Dell C5765dn Security Target - 72 - Function to retrieve document data from Mailbox. c) Functions controlled by Configuration Web Tool Display of

Dell C5765dn Security Target - 73 - authentication which is performed before using the MFD functions. When the entered password does not match the on

Dell C5765dn Security Target - 74 - With the authenticated ID, TOE associates the roles of key operator, SA, and general user with the subjects.

Dell C5765dn Security Target - 75 - FDP_ACF.1 Security attribute based access control With the user authentication function, the TOE permits the auth

Dell C5765dn Security Target - 4 - A user can also use Smart Card authentication (CAC/PIV) for identification and authentication. (4) System Adminis

Dell C5765dn Security Target - 76 - document data can be scanned from IIT and stored into the internal HDD according to the user’s instruction from t

Dell C5765dn Security Target - 77 - 7.1.4. System Administrator’s Security Management (TSF_FMT) To grant a privilege to a specific user, this functi

Dell C5765dn Security Target - 78 - With Configuration Web Tool, the settings of the following TOE security functions can be referred to and changed

Dell C5765dn Security Target - 79 - from referring to / changing the settings related to System Administrator’s Security Management (TSF_FMT). This f

Dell C5765dn Security Target - 80 - Logged Events Description Status Shutdown requested User operation (Local) Start/End Self Test Successful/Fai

Dell C5765dn Security Target - 81 - (2) FAU_SAR.1 Audit review It is assured that all the information recorded in the audit log can be retrieved. Se

Dell C5765dn Security Target - 82 - the communication data from modification or disclosure. a) SSL/TLS According to the SSL/TLS communication which

Dell C5765dn Security Target - 83 - Cryptographic key generated as IPSec (ESP: Encapsulating Security Payload) at every session Specifically, one of

Dell C5765dn Security Target - 84 - Secret-key cryptographic method generated as S/MIME for every mail Cryptographic Method and Size of Secret Key 3

Dell C5765dn Security Target - 85 - 8. ACRONYMS AND TERMINOLOGY 8.1. Acronyms The following acronyms are used in this ST: Acronym Definition ADF

Dell C5765dn Security Target - 5 - Figure 1: General Operational Environment 1.3.3. Required Non-TOE Hardware and Softwar

Dell C5765dn Security Target - 86 - 8.2. Terminology The following terms are used in this ST: Term Definition User Any entity outside the TOE who

Dell C5765dn Security Target - 87 - Term Definition Print Data The data written in PDL, a readable format for MFD, which are to be converted into bi

Dell C5765dn Security Target - 88 - Term Definition of users, access denial due to authentication failure of system administrator, Internal Network

Dell C5765dn Security Target - 89 - Term Definition stored in Smart Card (CAC/PIV). OCSP Server The OCSP (Online Certificate Status Protocol) is a p

Dell C5765dn Security Target - 90 - 9. REFERENCES The following documentation was used to prepare this ST. Short Name Document Title ［CC Part 1］ P