EasyManua.ls Logo

HP M527dn

HP M527dn
98 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
HP Inc.
HP LaserJet Enterprise MFP M527 Series,
Color LaserJet Enterprise MFP M577 Series, and
PageWide Enterprise Color MFP 586 Series
Firmware with Jetdirect Inside Security Target
Version: 2.0 Copyright © 2008-2016 by atsec information security corporation and HP Inc. Page 44 of 98
Last update: 2016-06-07 or its wholly owned subsidiaries
Threat
Rationale for security objectives
appropriately grant authorization.
Table 20: Sufficiency of objectives countering threats
The following rationale provides justification that the security objectives for the environment are suitable
to cover each individual assumption, that each security objective for the environment that traces back to
an assumption about the environment of use of the TOE, when achieved, actually contributes to the
environment achieving consistency with the assumption, and that if all security objectives for the
environment that trace back to an assumption are achieved, the intended usage is supported:
Assumption
Rationale for security objectives
A.ACCESS.MANAGED
The assumption:
The TOE is located in a restricted or monitored environment that
provides protection from unmanaged access to the physical
components and data interfaces of the TOE.
is upheld by:
OE.PHYSICAL.MANAGED which establishes a protected physical
environment for the TOE.
A.ADMIN.PC.SECURE
The assumption:
The administrative computer is in a physically secured and
managed environment and only the authorized administrator has
access to it.
is upheld by:
OE.ADMIN.PC.SECURE which establishes the responsibility of the
TOE owner to locate the administrative computer in a physically
secured and managed environment and allow only authorized
personnel access.
A.USER.PC.POLICY
The assumption:
User computers are configured and used in conformance with the
organization's security policies.
is upheld by:
OE.USER.PC.POLICY which establishes the responsibility of the
TOE owner to create a set of security policies to which user
computers will conform.
A.USER.TRAINING
The assumption:
TOE Users are aware of the security policies and procedures of
their organization, and are trained and competent to follow those
policies and procedures.
is upheld by:
OE.USER.TRAINED which establishes responsibility of the TOE

Related product manuals