Konica Minolta BIZHUB 920 User Manual

targeted User BOX is maintained in FMT_SMR.1. Their functions are not bypassed with FPT_

RVM.1 and the state of operating are effectively ready in FMT_MOF.1.

Therefore, O.IA can be realized by the correspondent security functional requirements.

O.MANAGE Provision of the management function

The User BOX is created by registering the User BOX identifier by the administrator in FDP_

ACC.1[2], FDP_ACF.1[2], FMT_MSA.3, and FMT_MSA.1. At the beginning, the use of User BOX

is limited because the User BOX password that no one can use is set, however, it becomes possible

to use when FMT_MTD.1[3] permits the administrator to change the User BOX password.

Thereafter the general user becomes the owner of User BOX by knowing the User BOX identifier of

this User BOX. When the User BOX password is registered, it is checked whether it obeys the

password rules specified in FIA_SOS.1[1].

FDP_MTD.1 provides the administrator with the function to change and manage the HDD lock

password of HDD1 and HDD2, therefore, the unauthorized access of HDD1 and HDD2 can be

prevented. This password is checked whether it obeys the rule specified in FDP_SOS.1.

FMT_MTD.1[5] permits the administrator to change his/her own password, therefore, the

administrator becomes possible to change his/her own password every a suitable period. When the

password of administrator is changed, the password is checked whether it obeys the password rules

specified in FIA_SOS.1[2]. The change of password makes lower the possibility that the User BOX

password entered by the general user matches.

The management of User BOX identifier, User BOX password, HDD1 and HDD2 lock password,

is specified in FMT_SMF.1. The administrator, CE, and the general user who owns the targeted User

BOX are maintained in FMT_SMR.1. Their functions are not bypassed with FPT_RVM.1.The

administrator is permitted to startup and terminate the security function in FMT_MOF.1.

Therefore, O.MANAGE can be realized by the correspondent security functional requirements.

O.CE Provision of the CE function

The CE can register the administrator password in FMT_MTD.1[1]. By registering the

administrator password, the administrator can be registered in the TOE and can start the operation as

administrator. The CE can change his/her own password in FMT_MTD.1[2], therefore, the CE

becomes possible to change the CE and administrator passwords every a suitable period. The change

of password makes lower the possibility that the CE and administrator passwords entered by the

general user matches, because the CE and administrator passwords are checked whether they

obeys the rule specified in FIA_SOS.1[2].

The management of CE password and administrator password is specified in FMT_SMF.1. The

administrator and CE are maintained in FMT_SMR.1. Their functions are not bypassed with FPT_

Copyright© 2005 KONICA MINOLTA BUSINESS TECHNOLOGIES, INC., All Rights Reserved