Certified/Validated Products List

bizhub C368/bizhub C308/bizhub C258/
bizhub C236DN/bizhub C230DN/bizhub C225DN/
ineo+ 368/ineo+ 308/ineo+ 258/
Sindoh D422/Sindoh D421/Sindoh D420/
Sindoh CM3091/Sindoh CM3031/Sindoh CM2071

Last Updated 2017-01-25
Product Name :
bizhub C368/bizhub C308/bizhub C258/bizhub C236DN/bizhub C230DN/bizhub C225DN/ineo+ 368/ineo+ 308/ineo+ 258/Sindoh D422/Sindoh D421/Sindoh D420/Sindoh CM3091/Sindoh CM3031/Sindoh CM2071
Version of TOE :
Product Type :
Multi-Function Printer
Certification No. :
Date :
2017-01-10(Assurance Continuity)
Version of Common Criteria:
3.1 Release4
Conformance Claim :
EAL2 Augmented with ALC_FLR.2
PP Identifier :
U.S. Government Approved Protection Profile - U.S. Government Protection Profile for Hardcopy Devices Version 1.0 (IEEE Std. 2600.2™-2009)


Description of TOE

The TOE is an MFP (Multi-Function Printer) that offers Copy, Scan, Print, Fax, and Document storage and retrieval functions.
The TOE provides security functions that conform to U.S. Government Approved Protection Profile - U.S. Government Protection Profile for Hardcopy Devices Version 1.0 (IEEE Std 2600.2™-2009) which is the MFP security requirement specification, to prevent unauthorized disclosure and alteration of user’s document data.


TOE Security functions

The TOE provides the following security functions.

- Identification and authentication
  Function to identify and authenticate users.
- User restriction control function
  Function to restrict available functions of users and to control the access to document data other than accumulated documents only to the authorized users.
- Accumulated documents access control function
  Function to control the access to accumulated documents only to the authorized users.
- HDD encryption function
  Function to encrypt the data that is stored in HDD.
- Residual information deletion function
  Function to overwrite and delete the data stored in HDD, so that they cannot be reused.
- Audit log function
  Function to record audit log related to security functions.
- Network communication protection function
  Function to encrypt communication data on the LAN.
- Self-test function
  Function to verify the integrity of executable codes of HDD encryption function and security functions.
- Security management function
  Function to control the management of security functions only to the authorized users.
- External interface separation function
  Function to prevent unauthorized transfer to LAN from external interface like public phone etc.

Security functional requirements

The TOE implements the following security functional requirements.

Security audit Non-repudiation of origin/receipt Cryptographic functionality Access control
Data authentication Export data protection Information flow control Import data protection
Internal transfer data protection Residual information protection Rollback Stored data integrity
Transfer data confidentiality Transfer data integrity Identification and authentication Security management
Privacy Control Security functionality protection Resource utilisation management TOE access control
Trusted path/channels