HP Inc.
HP LaserJet Enterprise MFP M527 Series,
Color LaserJet Enterprise MFP M577 Series, and
PageWide Enterprise Color MFP 586 Series
Firmware with Jetdirect Inside Security Target
Version: 2.0 Copyright © 2008-2016 by atsec information security corporation and HP Inc. Page 68 of 98
Last update: 2016-06-07 or its wholly owned subsidiaries
Security functional requirements
O.CONF.NO_ALT,
O.CONF.NO_DIS,
O.DOC.NO_ALT,
O.DOC.NO_DIS,
O.FUNC.NO_ALT,
O.PROT.NO_ALT
Table 31: Mapping of security functional requirements to security objectives
6.2.2 Sufficiency
The following rationale provides justification for each security objective for the TOE, showing that the
security functional requirements are suitable to meet and achieve the security objectives:
The objective:
The TOE shall create and maintain a log of TOE use and
security-relevant events, and prevent its unauthorized disclosure
or alteration.
is met by:
FAU_GEN.1 which enforces audit policies by requiring logging of
relevant events.
FAU_GEN.2 which enforces audit policies by requiring logging of
information associated with audited events.
FIA_UID.1 and FIA_UID.2 which support audit policies by
associating user identity with events
FPT_STM.1 which supports audit policies by requiring time
stamps associated with events.
The objective:
The TOE shall protect TSF Confidential Data from unauthorized
alteration.
is met by:
FCS_CKM.1 which specifies the type of cryptographic keys
generated by the TOE for use with HMAC algorithms in IPsec.
FCS_CKM.2 which specifies the cryptographic key distribution
methods used by the TOE in IKEv1 and IKEv2 in IPsec.
FCS_COP.1-ipsec which specifies the RSA decryption
algorithms and HMAC algorithms used by the TOE.
FIA_UID.1 and FIA_UID.2 which support access control and
security roles by requiring user identification.
FMT_MTD.1-auth and FMT_MTD.1-users which enforce
To Next Page
Loading...