HP Inc.
HP LaserJet Enterprise MFP M527 Series,
Color LaserJet Enterprise MFP M577 Series, and
PageWide Enterprise Color MFP 586 Series
Firmware with Jetdirect Inside Security Target
Version: 2.0 Copyright © 2008-2016 by atsec information security corporation and HP Inc. Page 73 of 98
Last update: 2016-06-07 or its wholly owned subsidiaries
in the TSF.
is met by:
FPT_TST.1 which enforces verification of software by requiring
the TOE include self-tests.
The objective:
The TOE shall require identification and authentication of Users,
and shall ensure that Users are authorized in accordance with
security policies before allowing them to use the TOE.
is met by:
FDP_ACC.1-tfac which enforces authorization by establishing an
access control policy.
FDP_ACF.1-tfac which supports access control policy by
providing access control function.
FIA_AFL.1 which slows the number of unsuccessful Control
Panel authentication attempts made over a period of time.
FIA_ATD.1 which supports authorization by associating security
attributes with users.
FIA_SOS.1 which specifies the password/PIN strength of certain
authentication mechanisms.
FIA_UAU.1 and FIA_UAU.2 which enforce authorization by
requiring user authentication.
FIA_UID.1 and FIA_UID.2 which enforce authorization by
requiring user identification.
FIA_USB.1 which enforces authorization by distinguishing
subject security attributes associated with User Roles.
FMT_MSA.1-perm and FMT_MSA.1-tfac which support access
control function by enforcing control of security attributes.
FMT_SMR.1 which supports authorization by requiring security
roles.
FTA_SSL.3 which enforces authorization by terminating inactive
sessions.
Table 32: Security objectives for the TOE rationale
6.2.3 Security requirements dependency analysis
The following table demonstrates the dependencies of SFRs modeled in CC Part 2 and how the SFRs for
the TOE resolve those dependencies:
To Next Page
Loading...