Security Assurance Requirements Rationale - Ricoh Aficio MP 7001 SP Manual
With dataoverwritesecurity unit type h security target
Hide thumbs
Also See for Aficio MP 7001 SP:
- Control panel use manual (1 page) ,
- Service manual (1351 pages) ,
- Troubleshooting manual (160 pages)
Table of Contents
Advertisement
Page 72 of 87
6.3.4
Security Assurance Requirements Rationale
This TOE is software for the MFP, which is a commercially available product. The MFP is assumed that it
will be used in a general office and this TOE does not assume the attackers with the possibility of moderate
or greater level attacks.
Architectural design (ADV_TDS.2) is adequate to show the validity of commercially available products. A
high attack potential is required for the attacks that circumvent or tamper with the TSF, which is not covered
in this evaluation. The vulnerability analysis (AVA_VAN.2) is therefore adequate for general needs.
However, protection of the secrecy of relevant information is required to make security attacks more difficult,
and it is important to ensure a secure development environment. Development security (ALC_DVS.1) is
therefore important also.
In order to securely operate the TOE continuously, it is important to appropriately remediate the flaw
discovered after the start of TOE operation according to flow reporting procedure (ALC_FLR.2).
Based on the terms and costs of the evaluation, the evaluation assurance level of EAL3+ALC_FLR.2 is
appropriate for this TOE.
Copyright (c) 2011 RICOH COMPANY, LTD. All rights reserved.
Advertisement
Table of Contents
