HP Inc.
HP LaserJet Enterprise MFP M527 Series,
Color LaserJet Enterprise MFP M577 Series, and
PageWide Enterprise Color MFP 586 Series
Firmware with Jetdirect Inside Security Target
Version: 2.0 Copyright © 2008-2016 by atsec information security corporation and HP Inc. Page 17 of 98
Last update: 2016-06-07 or its wholly owned subsidiaries
Figure 2: HCD logical diagram
1.5.2 TOE security functionality (TSF) summary
Auditing 1.5.2.1
The TOE performs auditing of security relevant functions. Both the Jetdirect Inside and HCD System
firmware generate audit records. The TOE connects and sends audit records to a syslog server for long-
term storage and audit review. (The syslog server is part of the Operational Environment.)
Cryptography 1.5.2.2
The TOE uses IPsec to protect its communications channels. The QuickSec cryptographic library, which
is part of the Operational Environment, is used to supply the cryptographic algorithms for IPsec. See
section 1.5.2.7 for more information.
The TOE supports the decrypting of print jobs encrypted using the Job Encryption Password. The
decryption algorithm used by the TOE for this is included in the TOE. See section 1.5.2.4 for more
information.
The product includes functionality to encrypt certain types of scan jobs using the Adobe PDF
specification. This encryption functionality is not part of the claimed security functions of the TOE.
Instead, the TOE uses IPsec to protect its communication channels.
The product includes functionality to encrypt email using S/MIME and X.509v3 certificates. This
encryption functionality is not part of the claimed security functions of the TOE. Instead, the TOE uses
IPsec to protect its communication channels.
1.5.2.2.1 Cryptography outside the scope of the TOE
This section exists to inform the reader that the HCD contains other cryptography that is outside the
scope of the TOE, is not part of this evaluation, and is not used to fulfill any of the [PP2600.2]
requirements.
The HP High Performance Secure Hard Disk provides hardware-based cryptography and persistent
storage to securely manage sensitive print data. Data on this drive is encrypted and the encryption key is
locked to the device. The cryptographic functionality is transparent to the TOE and to the user. Not all
MFP models in this evaluation contain this storage drive. The MFP models that do not, instead contain an
eMMC.
Certain areas of the eMMC are encrypted under the control of the TOE using the HCD's hardware. Each
time the TOE is power-cycled, the cryptographic keys are destroyed and new keys generated to encrypt
the storage drive. Because of this, the jobs in Job Storage are effectively erased upon power-cycling the
HCD.
Identification and authentication 1.5.2.3
1.5.2.3.1 Control Panel I&A
The HCD has a Control Panel used to select a function (a.k.a. Control Panel application) to be performed.
The Control Panel supports both local and remote sign-in methods.
The mechanism for the local sign-in method, which is part of the TOE firmware, is called:
Local Device Sign In
Remote sign-in methods used by the TOE are:
LDAP Sign In
To Next Page
Loading...