Security objectives policies, Security objectives policies for the toe, Security objectives policies for the environment – Konica Minolta BIZHUB 920 User Manual

4. Security Objectives Policies

4.1.

Security Objectives Policies for the TOE

O.IA

Identification and authentication when using

The TOE identifies and authorizes the administrator, CE, or general user who owns the User

BOX, who try to access the TOE.

O.MANAGE

Provision of the management function

The TOE provides the administrator with functions to manage securely the User BOX and the

HDD that stores the document data (i.e. functions to manage and set the HDD lock password).

O.CE

Provision of the CE function

The TOE provides the CE with the function that allow the administrator to use the management

function.

O.DATAACCESS Access limit to the document data

The TOE permits to read out the document data in the User BOX only for the general user who

owns that User BOX.

O.AUDIT

Record of the audit information

The TOE records the event related with the access function to “asset to be protected” as the audit

information. The reference of audit information is limited only for the administrator.

4.2.

Security Objectives Policies for the Environment

OE.PLACE

Management of the installed place

The administrator shall install the TOE in the area where only the product-related person can

operate.

OE.NET

Management of the network

The administrator shall connect the TOE with the internal network protected with Firewall so that

the document data does not disclose, by using the equipment capable for secure communication.

OE.USR

Instruction for the general user

The administrator shall instruct a general user not to disclose the User BOX password.

Copyright© 2005 KONICA MINOLTA BUSINESS TECHNOLOGIES, INC., All Rights Reserved