Summary of the content on the page No. 1
Multi functional printer
(digital copier)
bizhub 920 / bizhub PRO 920
Security Target
Version : 6
June 10, 2005
Konica Minolta Business Technologies, Inc.
Copyright© 2005 KONICA MINOLTA BUSINESS TECHNOLOGIES, INC., All Rights Reserved
Summary of the content on the page No. 2
Document Revision History Version Description Approved Checked Created by by by 1 - Initial version 01/21/2005 01/21/2005 01/21/2005 Masaru Ushio Kazuo Yasuda Jun Yokobori 2 - Modification for the matters identified to 03/30/2005 03/30/2005 03/30/2005 correct Masaru Ushio Kazuo Yasuda Jun Yokobori 3 - Modification for the matters identified to 04/18/2005 04/18/2005 04/18/2005 correct Masaru Ushio Kazuo Yasuda Jun Yokobori 4 - Modification by changing distribution 05/12/2005 05/1
Summary of the content on the page No. 3
Table of Contents 1. ST Introduction ...........................................................7 1.1. ST Identification ........................................................................................................................7 1.1.1. ST Identification and Management....................................................................................7 1.1.2. TOE Identification and Management.................................................................................7
Summary of the content on the page No. 4
5.1.2. TOE Security Assurance Requirements ...........................................................................56 5.2. Security Functional Requirements for the IT environment......................................................57 5.3. Security Function Strength.......................................................................................................59 6. TOE Summary Specification ....................................60 6.1. TOE Security Function .......................
Summary of the content on the page No. 5
List of Figures Figure 2.1 Operating Environment of bizhub PRO 920 Series…..………………………………... Figure 2.2 TOE Structure.................................................................................................................13 Figure 2.3 Processing Architecture of Basic Function.....................................................................15 Copyright© 2005 KONICA MINOLTA BUSINESS TECHNOLOGIES, INC., All Rights Reserved
Summary of the content on the page No. 6
List of Tables Table 2.1 Correspondence between User Functions and Basic Functions .......................................15 Table 5.1 Auditable Events ..............................................................................................................34 Table 5.2 List of Management Requirements ..................................................................................49 Table 5.3 List of TOE Security Assurance Requirements............................................
Summary of the content on the page No. 7
1. ST Introduction 1.1. ST Identification 1.1.1. ST Identification and Management Title Multi functional printer (digital copier) bizhub 920 / bizhub PRO 920 Security Target Version 6 Created on June 10, 2005 Created by Konica Minolta Business Technologies, Inc. 1.1.2. TOE Identification and Management Title Japan : bizhub PRO 920 zentai seigyo software This software consists of two components below. Gazou seigyo program (Gazou seigyo I1) Controller seigyo p
Summary of the content on the page No. 8
Note The following references are used for Japanese version. - Common Criteria for Information Technology Security Evaluation Part 1 Introduction and general model August 1999 Version 2.1 CCIMB-99-031 - Common Criteria for Information Technology Security Evaluation Part 2 Security functional requirements August 1999 Version 2.1 CCIMB-99-032 - Common Criteria for Information Technology Security Evaluation Part 3 Security assurance requirements August 1999 Version 2.1 CCIMB-99-033
Summary of the content on the page No. 9
- Common Criteria CCIMB Interpretations-0407 - Common Criteria Addendum-0407 - ISO/IEC 15408, Information Technology – Security techniques – Evaluation criteria for IT security – Part1, 99/12 - ISO/IEC 15408, Information Technology – Security techniques – Evaluation criteria for IT security – Part2, 99/12 - ISO/IEC 15408, Information Technology – Security techniques – Evaluation criteria for IT security – Part3, 99/12 Copyright©
Summary of the content on the page No. 10
2 TOE Description 2.1. TOE Type The TOE is software product with the digital MFP that is installed the network function. 2.2. Terminology No. Term Description 1 User BOX This is the directory to store the document data (Refer to No.2 below). 2 Document data This is the electronic data converted from the information such as characters and figures. 3 Paper document This is the paper document with the information such as characters and figures. 4 Operation panel This is the touch
Summary of the content on the page No. 11
bizhub PRO 920 Office bizhub PRO 920 control software TOE Modem Image Controller control control Mail FTP program program server server Public telephone line network Client PC Firewall Client PC Internal network Internet External network Figure 2.1 Operating Environment of bizhub PRO 920 Series The TOE has a function to send and receive the document data in the internal network, therefore, bizhub PRO 920 series including the TOE is connected with the internal network and public teleph
Summary of the content on the page No. 12
- Administrator Administrator enrolled at the organization that bizhub PRO 920 series is installed, carries out the operation and management of bizhub PRO 920 series. He/She uses the function of the operation and management that bizhub PRO 920 series provides. - Responsible person Responsible person enrolled at the organization that bizhub PRO 920 series is installed, appoints the administrator. - CE CE enrolled at the company undertaken the maintenance of bizhub PRO 920 series, carri
Summary of the content on the page No. 13
2.5. TOE Structure Figure 2.2 shows the structure of this TOE. bizhub PRO 920 bizhub PRO 920 control software Controller CE Image control Manageme function control nt function program program Printer Copier HDD storage HDD readout function function function function Scan to FTP Scan to Email Scan to PC(SMB) PC data receiving function function function function Deletion function of document data Email FTP function function SMB Scanning Printing Deletion BOX readout BOX storag
Summary of the content on the page No. 14
to FTP, scan to PC (SMB), HDD storage, HDD readout, document data deletion functions) and basic function (scanning, printing, deletion, BOX storage, and BOX readout functions). The controller control program controls the basic function such as Email, FTP, SMB *1 , and PC data receiving functions. *1 SMB function sends the image data by means of SMB protocol *2 . *2 SMB protocol Server Message Block protocol , used with Microsoft-OS series such as DOS and Windows, is for the fi
Summary of the content on the page No. 15
Input bizhub PRO 920 Output HDD1 temporary storage/DRAM temporary storage Docume Document nt data data Paper Printer document Scanning Printing Document Paper Scanner function function data Document document data HDD BOX BOX access storage readout Client PC data function function function Network PC receiving card function HDD FTP FTP function server User BOX HDD2 Network HDD2 temporary card Mail temporary Sub BOX Email storage storage server function Centro Document
Summary of the content on the page No. 16
The basic functions shown in Figure 2.3 are described below. (1) Scanning function By request from the operation panel by a general user, the information of paper document is read from the scanner, converted to the document data, and stored into the HDD1 temporary storage or DRAM temporary storage. (2) PC data receiving function By request through the internal network or Centronics from the client PC by a general user, the document data is stored into the HDD2 temporary storage, exe
Summary of the content on the page No. 17
(8) SMB function The document data gotten by the scanning function, which is stored temporarily into the HDD1 temporary storage or DRAM temporary storage, is sent to the shared folder of PC that is connected with the internal network via the HDD2 temporary storage. (9) Deletion function The document data in the User BOX, associated with the User BOX identifier, is deleted. 2.6.2. Management Function The management function can be permitted to use by the administrator, only after the
Summary of the content on the page No. 18
2.8 Function not provided by the TOE The TOE does not prevent the deletion of document data, because the user owns its original data in his/her PC or on the paper. Copyright© 2005 KONICA MINOLTA BUSINESS TECHNOLOGIES, INC., All Rights Reserved
Summary of the content on the page No. 19
3. TOE Security Environment 3.1. Assumptions ASM.PLACE Installation condition for the TOE The TOE shall be installed in the area where only the product-related person can operate. ASM.NET Setting condition for the internal network The TOE shall be connected with the internal network that the disclosure of document data will not occur. ASM.ADMIN Reliable administrator The administrator shall not carry out an illegal act. ASM.CE Personal condition for the CE The CE shall not
Summary of the content on the page No. 20
4. Security Objectives Policies 4.1. Security Objectives Policies for the TOE O.IA Identification and authentication when using The TOE identifies and authorizes the administrator, CE, or general user who owns the User BOX, who try to access the TOE. O.MANAGE Provision of the management function The TOE provides the administrator with functions to manage securely the User BOX and the HDD that stores the document data (i.e. functions to manage and set the HDD lock password). O.CE