EasyManua.ls Logo

HP M527dn

HP M527dn
98 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
HP Inc.
HP LaserJet Enterprise MFP M527 Series,
Color LaserJet Enterprise MFP M577 Series, and
PageWide Enterprise Color MFP 586 Series
Firmware with Jetdirect Inside Security Target
Version: 2.0 Copyright © 2008-2016 by atsec information security corporation and HP Inc. Page 45 of 98
Last update: 2016-06-07 or its wholly owned subsidiaries
Assumption
Rationale for security objectives
Owner to provide appropriate User training.
A.ADMIN.TRAINING
The assumption:
Administrators are aware of the security policies and procedures of
their organization, are trained and competent to follow the
manufacturer's guidance and documentation, and correctly
configure and operate the TOE in accordance with those policies
and procedures.
is upheld by:
OE.ADMIN.TRAINED which establishes responsibility of the TOE
Owner to provide appropriate Administrator training.
A.ADMIN.TRUST
The assumption:
Administrators do not use their privileged access rights for
malicious purposes.
is upheld by:
OE.ADMIN.TRUSTED which establishes responsibility of the TOE
Owner to have a trusted relationship with Administrators.
A.SERVICES.RELIABLE
The assumption:
When the TOE uses any of the network services SMB, FTP, DNS,
Kerberos, LDAP, SMTP, SharePoint, syslog, and/or WINS, these
services provide reliable information and responses to the TOE.
is upheld by:
OE.SERVICES.RELIABLE which, when the TOE uses the network
services SMB, FTP, DNS, Kerberos, LDAP, SMTP, SharePoint,
syslog, and/or WINS, establishes that these services provide
reliable information and responses to the TOE.
Table 21: Sufficiency of objectives holding assumptions
The following rationale provides justification that the security objectives are suitable to cover each
individual organizational security policy, that each security objective that traces back to an OSP, when
achieved, actually contributes to the implementation of the OSP, and that if all security objectives that
trace back to an OSP are achieved, the OSP is implemented:
OSP
Rationale for security objectives
P.USER.AUTHORIZATION
The OSP:
To preserve operational accountability and security,
Users will be authorized to use the TOE only as
permitted by the TOE Owner.
is enforced by:
O.USER.AUTHORIZED which establishes user

Related product manuals