Dell C5765DN MFP Color Laser Printer User Manual

Page 68

Advertising
background image

Dell C5765dn Security Target

- 64 -

Security Objectives

Security Functional Requirements Rationale

By FIA_UAU.7, unauthorized disclosure of the authentication

information (password) is prevented because the authentication feedback

is protected.

O.USER

O.USER is the objective that identifies the TOE user and allows only the

authorized user to retrieve, and delete the document data and to change

password.

By satisfying the following security requirements, O.USER can be

realized:

By FDP_ACC.1 and FDP_ACF.1, user authentication is performed. Only

authorized user is allowed to operate the objects.

By FIA_AFL.1 (1), successive attacks are prevented because the power

needs to be cycled when the number of key operator authentication

failures reaches the defined number of times.

By FIA_AFL.1 (2), successive attacks are prevented because the power

needs to be cycled when the number of SA authentication failures (at

local authentication) reaches the defined number of times.

By FIA_AFL.1 (3), when general user authentication fails, “incorrect

password” message is displayed, requesting password re-entry.

By FIA_AFL.1 (4), when SA authentication fails (at remote

authentication), “incorrect password” message is displayed, requesting

password re-entry.

By FIA_ATD.1 and FIA_USB.1, each role of key operator, SA, and

general user is maintained and only the authorized users are associated

with the subjects.

By FIA_SOS1, the minimum length of password for SA and general user

is limited.

By FIA_UAU.1 and FIA_UID.1, user authentication is performed to

identify an authorized general user and system administrator.

By FIA_UAU.7, unauthorized disclosure of the authentication

information (password) is prevented because the authentication feedback

is protected.

By FMT_MSA.1, the query, modify, deletion, and creation of security

attributes are managed.

By FMT_MSA.3, the suitable default values are managed.

By FMT_MTD.1, the setting of password for key operator is limited to

key operator, that for SA is limited to key operator and SA, and that for

general user is limited to system administrator and the general user

(when it is his/her own).

By FMT_SMF.1, TOE security management functions are provided for

authorized users.

Advertising
Popular Brands
Popular manuals