EasyManua.ls Logo

HP M527dn

HP M527dn
98 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
HP Inc.
HP LaserJet Enterprise MFP M527 Series,
Color LaserJet Enterprise MFP M577 Series, and
PageWide Enterprise Color MFP 586 Series
Firmware with Jetdirect Inside Security Target
Version: 2.0 Copyright © 2008-2016 by atsec information security corporation and HP Inc. Page 3 of 98
Last update: 2016-06-07 or its wholly owned subsidiaries
Table of Contents
1 Introduction ...................................................................................................................................... 8
1.1 Security Target Identification ...................................................................................................... 8
1.2 TOE Identification ........................................................................................................................ 8
1.3 TOE Type .................................................................................................................................... 8
1.4 TOE Overview ............................................................................................................................. 8
1.4.1 Required and optional non-TOE hardware, software, and firmware ................................................. 9
1.4.2 Intended method of use .................................................................................................................. 10
1.5 TOE Description ........................................................................................................................ 11
1.5.1 TOE architecture ............................................................................................................................ 11
1.5.2 TOE security functionality (TSF) summary ..................................................................................... 17
Auditing .................................................................................................................................................. 17 1.5.2.1
Cryptography .......................................................................................................................................... 17 1.5.2.2
Identification and authentication ............................................................................................................. 17 1.5.2.3
Data protection and access control ......................................................................................................... 19 1.5.2.4
Protection of the TSF .............................................................................................................................. 21 1.5.2.5
TOE access protection ........................................................................................................................... 21 1.5.2.6
Trusted channel communication and certificate management ................................................................. 21 1.5.2.7
User and access management ............................................................................................................... 21 1.5.2.8
1.5.3 TOE boundaries ............................................................................................................................. 22
Physical .................................................................................................................................................. 22 1.5.3.1
Logical .................................................................................................................................................... 22 1.5.3.2
Evaluated configuration .......................................................................................................................... 23 1.5.3.3
1.5.4 Security policy model ..................................................................................................................... 24
Subjects/Users ....................................................................................................................................... 24 1.5.4.1
Objects ................................................................................................................................................... 25 1.5.4.2
SFR package functions ........................................................................................................................... 27 1.5.4.3
SFR package attributes .......................................................................................................................... 28 1.5.4.4
2 CC Conformance Claim ................................................................................................................ 29
2.1 Protection Profile tailoring and additions ................................................................................... 29
2.1.1 IEEE Std 2600.2-2009; "2600.2-PP, Protection Profile for Hardcopy Devices, Operational Environment
B" (with NIAP CCEVS Policy Letter #20) ([PP2600.2]) ..................................................................................... 29
2.1.2 SFR Package for Hardcopy Device Copy Functions ([PP2600.2-CPY]) ........................................ 33
2.1.3 SFR Package for Hardcopy Device Document Storage and Retrieval (DSR) Functions ([PP2600.2-
DSR]) 33
2.1.4 SFR Package for Hardcopy Device Fax Functions ([PP2600.2-FAX)] ........................................... 34
2.1.5 SFR Package for Hardcopy Device Print Functions ([PP2600.2-PRT]) .......................................... 34
2.1.6 SFR Package for Hardcopy Device Scan Functions ([PP2600.2-SCN]) ........................................ 34
2.1.7 SFR Package for Hardcopy Device Shared-medium Interface Functions ([PP2600.2-SMI]) ......... 34
3 Security Problem Definition ......................................................................................................... 36
3.1 Introduction ............................................................................................................................... 36
3.2 Threat Environment ................................................................................................................... 36
3.2.1 Threats countered by the TOE ....................................................................................................... 36
3.3 Assumptions .............................................................................................................................. 37
3.3.1 Environment of use of the TOE ...................................................................................................... 37
Physical .................................................................................................................................................. 37 3.3.1.1
Personnel ............................................................................................................................................... 37 3.3.1.2
Connectivity ............................................................................................................................................ 37 3.3.1.3
3.4 Organizational Security Policies ............................................................................................... 37
3.4.1 Included in the PP2600.2 protection profile .................................................................................... 37
3.4.2 In addition to the PP2600.2 protection profile ................................................................................. 38
4 Security Objectives ....................................................................................................................... 39
4.1 Objectives for the TOE .............................................................................................................. 39
4.2 Objectives for the Operational Environment ............................................................................. 39

Related product manuals