Inhaltszusammenfassung zur Seite Nr. 1
Multi functional printer
(digital copier)
bizhub 920 / bizhub PRO 920
Security Target
Version : 6
June 10, 2005
Konica Minolta Business Technologies, Inc.
Copyright© 2005 KONICA MINOLTA BUSINESS TECHNOLOGIES, INC., All Rights Reserved
Inhaltszusammenfassung zur Seite Nr. 2
Document Revision History Version Description Approved Checked Created by by by 1 - Initial version 01/21/2005 01/21/2005 01/21/2005 Masaru Ushio Kazuo Yasuda Jun Yokobori 2 - Modification for the matters identified to 03/30/2005 03/30/2005 03/30/2005 correct Masaru Ushio Kazuo Yasuda Jun Yokobori 3 - Modification for the matters identified to 04/18/2005 04/18/2005 04/18/2005 correct Masaru Ushio Kazuo Yasuda Jun Yokobori 4 - Modification by changing distribution 05/12/2005 05/1
Inhaltszusammenfassung zur Seite Nr. 3
Table of Contents 1. ST Introduction ...........................................................7 1.1. ST Identification ........................................................................................................................7 1.1.1. ST Identification and Management....................................................................................7 1.1.2. TOE Identification and Management.................................................................................7
Inhaltszusammenfassung zur Seite Nr. 4
5.1.2. TOE Security Assurance Requirements ...........................................................................56 5.2. Security Functional Requirements for the IT environment......................................................57 5.3. Security Function Strength.......................................................................................................59 6. TOE Summary Specification ....................................60 6.1. TOE Security Function .......................
Inhaltszusammenfassung zur Seite Nr. 5
List of Figures Figure 2.1 Operating Environment of bizhub PRO 920 Series…..………………………………... Figure 2.2 TOE Structure.................................................................................................................13 Figure 2.3 Processing Architecture of Basic Function.....................................................................15 Copyright© 2005 KONICA MINOLTA BUSINESS TECHNOLOGIES, INC., All Rights Reserved
Inhaltszusammenfassung zur Seite Nr. 6
List of Tables Table 2.1 Correspondence between User Functions and Basic Functions .......................................15 Table 5.1 Auditable Events ..............................................................................................................34 Table 5.2 List of Management Requirements ..................................................................................49 Table 5.3 List of TOE Security Assurance Requirements............................................
Inhaltszusammenfassung zur Seite Nr. 7
1. ST Introduction 1.1. ST Identification 1.1.1. ST Identification and Management Title Multi functional printer (digital copier) bizhub 920 / bizhub PRO 920 Security Target Version 6 Created on June 10, 2005 Created by Konica Minolta Business Technologies, Inc. 1.1.2. TOE Identification and Management Title Japan : bizhub PRO 920 zentai seigyo software This software consists of two components below. Gazou seigyo program (Gazou seigyo I1) Controller seigyo p
Inhaltszusammenfassung zur Seite Nr. 8
Note The following references are used for Japanese version. - Common Criteria for Information Technology Security Evaluation Part 1 Introduction and general model August 1999 Version 2.1 CCIMB-99-031 - Common Criteria for Information Technology Security Evaluation Part 2 Security functional requirements August 1999 Version 2.1 CCIMB-99-032 - Common Criteria for Information Technology Security Evaluation Part 3 Security assurance requirements August 1999 Version 2.1 CCIMB-99-033
Inhaltszusammenfassung zur Seite Nr. 9
- Common Criteria CCIMB Interpretations-0407 - Common Criteria Addendum-0407 - ISO/IEC 15408, Information Technology – Security techniques – Evaluation criteria for IT security – Part1, 99/12 - ISO/IEC 15408, Information Technology – Security techniques – Evaluation criteria for IT security – Part2, 99/12 - ISO/IEC 15408, Information Technology – Security techniques – Evaluation criteria for IT security – Part3, 99/12 Copyright©
Inhaltszusammenfassung zur Seite Nr. 10
2 TOE Description 2.1. TOE Type The TOE is software product with the digital MFP that is installed the network function. 2.2. Terminology No. Term Description 1 User BOX This is the directory to store the document data (Refer to No.2 below). 2 Document data This is the electronic data converted from the information such as characters and figures. 3 Paper document This is the paper document with the information such as characters and figures. 4 Operation panel This is the touch
Inhaltszusammenfassung zur Seite Nr. 11
bizhub PRO 920 Office bizhub PRO 920 control software TOE Modem Image Controller control control Mail FTP program program server server Public telephone line network Client PC Firewall Client PC Internal network Internet External network Figure 2.1 Operating Environment of bizhub PRO 920 Series The TOE has a function to send and receive the document data in the internal network, therefore, bizhub PRO 920 series including the TOE is connected with the internal network and public teleph
Inhaltszusammenfassung zur Seite Nr. 12
- Administrator Administrator enrolled at the organization that bizhub PRO 920 series is installed, carries out the operation and management of bizhub PRO 920 series. He/She uses the function of the operation and management that bizhub PRO 920 series provides. - Responsible person Responsible person enrolled at the organization that bizhub PRO 920 series is installed, appoints the administrator. - CE CE enrolled at the company undertaken the maintenance of bizhub PRO 920 series, carri
Inhaltszusammenfassung zur Seite Nr. 13
2.5. TOE Structure Figure 2.2 shows the structure of this TOE. bizhub PRO 920 bizhub PRO 920 control software Controller CE Image control Manageme function control nt function program program Printer Copier HDD storage HDD readout function function function function Scan to FTP Scan to Email Scan to PC(SMB) PC data receiving function function function function Deletion function of document data Email FTP function function SMB Scanning Printing Deletion BOX readout BOX storag
Inhaltszusammenfassung zur Seite Nr. 14
to FTP, scan to PC (SMB), HDD storage, HDD readout, document data deletion functions) and basic function (scanning, printing, deletion, BOX storage, and BOX readout functions). The controller control program controls the basic function such as Email, FTP, SMB *1 , and PC data receiving functions. *1 SMB function sends the image data by means of SMB protocol *2 . *2 SMB protocol Server Message Block protocol , used with Microsoft-OS series such as DOS and Windows, is for the fi
Inhaltszusammenfassung zur Seite Nr. 15
Input bizhub PRO 920 Output HDD1 temporary storage/DRAM temporary storage Docume Document nt data data Paper Printer document Scanning Printing Document Paper Scanner function function data Document document data HDD BOX BOX access storage readout Client PC data function function function Network PC receiving card function HDD FTP FTP function server User BOX HDD2 Network HDD2 temporary card Mail temporary Sub BOX Email storage storage server function Centro Document
Inhaltszusammenfassung zur Seite Nr. 16
The basic functions shown in Figure 2.3 are described below. (1) Scanning function By request from the operation panel by a general user, the information of paper document is read from the scanner, converted to the document data, and stored into the HDD1 temporary storage or DRAM temporary storage. (2) PC data receiving function By request through the internal network or Centronics from the client PC by a general user, the document data is stored into the HDD2 temporary storage, exe
Inhaltszusammenfassung zur Seite Nr. 17
(8) SMB function The document data gotten by the scanning function, which is stored temporarily into the HDD1 temporary storage or DRAM temporary storage, is sent to the shared folder of PC that is connected with the internal network via the HDD2 temporary storage. (9) Deletion function The document data in the User BOX, associated with the User BOX identifier, is deleted. 2.6.2. Management Function The management function can be permitted to use by the administrator, only after the
Inhaltszusammenfassung zur Seite Nr. 18
2.8 Function not provided by the TOE The TOE does not prevent the deletion of document data, because the user owns its original data in his/her PC or on the paper. Copyright© 2005 KONICA MINOLTA BUSINESS TECHNOLOGIES, INC., All Rights Reserved
Inhaltszusammenfassung zur Seite Nr. 19
3. TOE Security Environment 3.1. Assumptions ASM.PLACE Installation condition for the TOE The TOE shall be installed in the area where only the product-related person can operate. ASM.NET Setting condition for the internal network The TOE shall be connected with the internal network that the disclosure of document data will not occur. ASM.ADMIN Reliable administrator The administrator shall not carry out an illegal act. ASM.CE Personal condition for the CE The CE shall not
Inhaltszusammenfassung zur Seite Nr. 20
4. Security Objectives Policies 4.1. Security Objectives Policies for the TOE O.IA Identification and authentication when using The TOE identifies and authorizes the administrator, CE, or general user who owns the User BOX, who try to access the TOE. O.MANAGE Provision of the management function The TOE provides the administrator with functions to manage securely the User BOX and the HDD that stores the document data (i.e. functions to manage and set the HDD lock password). O.CE