Certified/Validated Products List

MX-FR41
D.10

Sharp Corporation
Last Updated 2014-03-13
Product Name :
MX-FR41
Version of TOE :
D.10
Product Type :
data protection function in Multi Function Device
Certification No. :
C0424
Date :
2013-12-25
Version of Common Criteria:
3.1 Release4
Conformance Claim :
EAL3
PP Identifier :
None

PRODUCT DESCRIPTION

Description of TOE

The TOE is an IT product, composed of 2 parts, to protect data in a Multi Function Device (hereafter referred to as an "MFD").
One part is a hardware part in an MFD and provided in the form of an MFD. The other part is a firmware product and provided as an upgrade kit for the firmware of the MFD.
An MFD is an office machine that has imaging functions such as copy, printer, image scanning and fax.

 

TOE security functions

The TOE counters unauthorized disclosure of image data by:

- the encryption function, which encrypts data, such as image data that the MFD handles, before storing the data to the HDD in the MFD,
- the cryptographic key generation function, generates a seed for a cryptographic key once when the TOE is installed, and generates a constant cryptographic key from the seed whenever the MFD is powered, and stores the key in a volatile memory for the encryption function,
- the data erasure function, which automatically overwrites to erase image data no longer in use in the HDD, and overwrites to erase all data when invoked by the administrator of an MFD in use or no longer in use,
- the authentication function, which authenticates the TOE administrator with a password, and provides the TOE administrator with a management function for changing his password,
- the confidential file function, which provides image data filed by users with password protection, and
- the network protection functions, which counters malicious attempts (of unauthorized network-accesses, communication data wiretaps, and network settings falsifications), and
- the fax flow control function, which counters attempts to access to the internal network via the MFD network interface from public telephone networks on the MFD fax interface.

 

Security functional requirements

This TOE implements the following security functional requirements.

Security audit Non-repudiation of origin/receipt Cryptographic functionality Access control
Data authentication Export data protection Information flow control Import data protection
Internal transfer data protection Residual information protection Rollback Stored data integrity
Transfer data confidentiality Transfer data integrity Identification and authentication Security management
Privacy Control Security functionality protection Resource utilisation management TOE access control
Trusted path/channels