| JISEC Home |
Background of the Scheme |
JISEC Overview |
| Certified Products | Products in Evaluation | First-Time Applicants |
| Application | Assurance Continuity | Scheme Documentation |
| Use of Logos and Notifications | Evaluation Facilities | Reference materials |
| FAQ | Contact |
Last Updated 2015-03-02
In accordance with the Common Criteria (CC), an international standard for IT security evaluation, the documentation which developers give consideration to security in developing products is checked.
The following guides for developers intend to support developers・understanding of some viewpoints that are described in the CC.
These guides serve as useful references for developers to make sure the matters to be confirmed, not only in creating the documentation for CC evaluations, but also in developing secure IT products in general.
This Research Report comprehensively identifies the security threats and vulnerabilities of MFPs for the latest security functions and operational environments, and categorizes into two types: for users to take countermeasures on the operational side and for developers to address on the functional side.
It also lists the kinds of vulnerabilities to explain the examples of their attack methods and causes, and discusses measures in terms of operation, development, and examination.
It provides references for confirming threats and vulnerabilities on MFPs, presents appropriate security requirements for procurement, and gives guidance for proper operations and management of MFPs.