Dell C5765DN MFP Color Laser Printer User Manual

Dell C5765dn Security Target

- 71 -

the system administrator mode, the document data and security audit log data are encrypted before

stored into the internal HDD when operating any function of copy, print, scan, Network Scan, fax,

Direct Fax, or configuring various security function settings.

(1) FCS_CKM.1 Cryptographic key generation

The TOE uses the “hard disk data encryption seed key” configured by a system administrator and

generates a 256-bit encryption key at the time of booting through FXOSENC algorithm, which is

Fuji Xerox’s standard method and a secure algorithm with sufficient complexity. (When the "hard

disk data encryption seed key" is the same, the same cryptographic key is generated.)

(2) FCS_COP.1 Cryptographic operation

Before storing the document data and security audit log data into the internal HDD, the TOE

encrypts the data using the 256-bit cryptographic key generated at the time of booting

(FCS_CKM.1) and the AES algorithm based on FIPS PUBS 197. When reading out the stored

data, the TOE decrypts the data also using the 256-bit cryptographic key generated at the time of

booting and the AES algorithm.

7.1.3. User Authentication (TSF_USER_AUTH)

Access to the TOE functions is restricted to the authorized user.

A user needs to enter his/her ID and password from the fax driver, Network Scan Utility, or Web browser

of the general user client, or MFD control panel.

A user can also use Smart Card authentication on the

control panel

After a user enters his/her ID and password, an MFD identifies and authenticates the user based on user

information stored in the MFD or an external server.

There are the following two types of authentication depending on how user information is registered.

a) Local Authentication

In local authentication, authentication is managed by using the user information registered in the

TOE.

b) Remote Authentication

Authentication is performed by remote authentication server. User information is not registered in

the TOE. In remote authentication, authentication is performed by using the user information

managed by remote authentication server (LDAP server or Kerberos server).

Only the authenticated user can use the following functions:

a) Functions controlled by the MFD control panel

Copy, fax (send), scan, network scan, Mailbox operation, and print (This print function requires

the Accounting System preset from printer driver. A user must be authenticated from the control

panel for print job.)

b) Functions controlled by Network Scan Utility of user client (with local authentication only)