HP Inc.
HP LaserJet Enterprise MFP M527 Series,
Color LaserJet Enterprise MFP M577 Series, and
PageWide Enterprise Color MFP 586 Series
Firmware with Jetdirect Inside Security Target
Version: 2.0 Copyright © 2008-2016 by atsec information security corporation and HP Inc. Page 46 of 98
Last update: 2016-06-07 or its wholly owned subsidiaries
Rationale for security objectives
identification and authentication as the basis for
authorization to use the TOE.
OE.USER.AUTHORIZED which establishes
responsibility of the TOE Owner to appropriately grant
authorization.
The OSP:
To detect corruption of the executable code in the TSF,
procedures will exist to self-verify executable code in the
TSF.
is enforced by:
O.SOFTWARE.VERIFIED which provides procedures to
self-verify executable code in the TSF.
The OSP:
To preserve operational accountability and security,
records that provide an audit trail of TOE use and
security-relevant events will be created, maintained, and
protected from unauthorized disclosure or alteration, and
will be reviewed by authorized personnel.
is enforced by:
O.AUDIT.LOGGED which creates and maintains a log of
TOE use and security-relevant events, and prevents
unauthorized disclosure or alteration.
OE.AUDIT_STORAGE.PROTECTED which protects
exported audit records from unauthorized access,
deletion and modifications.
OE.AUDIT_ACCESS.AUTHORIZED which establishes
responsibility of the TOE Owner to provide appropriate
access to exported audit records.
OE.AUDIT.REVIEWED which establishes responsibility
of the TOE Owner to ensure that audit logs are
appropriately reviewed.
The OSP:
To prevent unauthorized use of the external interfaces of
the TOE, operation of those interfaces will be controlled
by the TOE and its IT environment.
is enforced by:
O.INTERFACE.MANAGED which manages the
operation of external interfaces in accordance with
security policies.
OE.INTERFACE.MANAGED which establishes a
To Next Page
Loading...