Last Updated 2012-05-01
- Product Name :
- TOSHIBA e-STUDIO5540C/6540C/6550C MULTIFUNCTIONAL DIGITAL SYSTEMS
- Version of TOE :
- SYS V1.0
- Product Type :
- Multifunction Peripheral
- Certification No. :
- C0327
- Date :
- 2011-10-28
- Version of Common Criteria:
- 3.1
- Conformance Claim :
- EAL3 Augmented with ALC_FLR.2
- PP Identifier :
- IEEE Std 2600.1-2009
- Vendor :
- Toshiba Tec Corporation
-
- POC :
- Yukihiko Kambe
- Division :
-
Products. Div.
Global Solutions Business Group
- Phone :
- +81-3-6422-7873
-
E-mail :
- Evaluation Facility :
- Information Technology Security Center Evaluation Department
- Certification/Validation Report :
(447 KB)(2012-05-01) - CC Certificate Image :
(409 KB)(2012-03-28) - Security Target :
(865 KB)(2012-05-01)
PRODUCT DESCRIPTION
Description of TOE
The TOE applies to complete Multifunction Peripheral (MFP) that includes the entire hardware and software components that provide the functionality for printing and scanning documents over the network, through email and on the MFP; and document storage and retrieval. It is assumed that MFP is utilized from a control panel of TOE or as for a user terminal connected to LAN or USB in TOE.
TOE Security functions
The TOE provides the following security features:
| - | User Authentication |
| The TOE prompts the user to enter the User ID and password from the control panel or client PC to execute identity authentication | |
| - | User Access Control |
| The TOE controls access to user's document data which is saved in the internal HDD | |
| - | Secure Erase |
| The TOE removes residual data with DoD secure-erase mechanism before releasing resources from HDD of TOE | |
| - | Secure Channel |
| The TOE provides support for SSL and is allowed to secure different protocols such as https. The SSL/TLS functionality also permits the TOE to be securely administered from the Web UI, as well as, being used to secure the connection between the TOE and any other external server. | |
| - | Data Encryption |
| The TOE encrypts the user's document data which is saved in the internal HDD. | |
| - | Audit Data Generation and Review |
| The TOE generates audit logs for tracking the state of the TOE at any given instance of time. All logs are available for viewing only to TOE U.AUDITOR and U.ADMINISTRATOR role. | |
| - | TSF Data Protection |
| Only an administrator role user has the capability to manage the configuration and enable/disable available services and protocols. U. ADMINISTRATOR can modify the TSF data. | |
| - | TSF Self Protection |
| The TOE performs integrity tests on its static executable and configuration files using verification of their digital signature against the known TOSHIBA signatures. This allows the TOE to detect any tampering of its trusted state. |