HP Inc.
HP LaserJet Enterprise MFP M527 Series,
Color LaserJet Enterprise MFP M577 Series, and
PageWide Enterprise Color MFP 586 Series
Firmware with Jetdirect Inside Security Target
Version: 2.0 Copyright © 2008-2016 by atsec information security corporation and HP Inc. Page 42 of 98
Last update: 2016-06-07 or its wholly owned subsidiaries
Assumptions / Threats / OSPs
T.DOC.DIS
T.DOC.ALT
T.FUNC.ALT
T.PROT.ALT
T.CONF.DIS
T.CONF.ALT
P.USER.AUTHORIZATION
OE.USERNAME.CHARACTER_SET
Table 19: Mapping of security objectives for the Operational Environment to assumptions, threats
and policies
4.3.2 Sufficiency
The following rationale provides justification that the security objectives are suitable to counter each
individual threat and that each security objective tracing back to a threat, when achieved, actually
contributes to the removal, diminishing or mitigation of that threat:
Rationale for security objectives
The threat:
User Document Data may be disclosed to unauthorized persons.
is countered by:
O.DOC.NO_DIS which protects D.DOC from unauthorized disclosure.
O.USER.AUTHORIZED which establishes user identification and
authentication as the basis for authorization.
OE.USER.AUTHORIZED which establishes responsibility of the TOE Owner to
appropriately grant authorization.
The threat:
User Document Data may be altered by unauthorized persons.
is countered by:
O.DOC.NO_ALT which protects D.DOC from unauthorized alteration.
O.USER.AUTHORIZED which establishes user identification and
To Next Page
Loading...