Certified/Validated Products List

SYS V1.0

Toshiba Tec Corporation
Last Updated 2016-10-12
Product Name :
Version of TOE :
SYS V1.0
Product Type :
Multifunction Peripheral
Certification No. :
Date :
Version of Common Criteria:
3.1 Release4
Conformance Claim :
EAL3 Augmented with ALC_FLR.2
PP Identifier :
IEEE Std 2600.1™-2009


Description of TOE

The TOE is a Multifunction Peripheral (MFP) that has the functions, such as copy, print, scan, filing, and internet fax.
In general office environment, it is assumed that MFPs are utilized from the control panel of the TOE or the user terminal connected to LAN or USB with the TOE.


TOE Security functions

The TOE provides the following security features:

- User Authentication function
Function that allows the use of the TOE to only users who succeeded in the identification and authentication.
- User Access Control function
Function to perform the control of permit deny for the operation of various functions and user data, based on the privileges granted to the users who are identified and authenticated.
- Secure Erase function
Function to erase and overwrite the area in the HDD, where the document data has been stored, upon completion of copy function, etc.
- Secure Channel function
Function to protect communication data using the TLS protocol when the TOE communicates with the various servers or client PC.
- Audit Data Generation and Review function
Function to generate security audit log when security events occurred to be audited, and to allow only specific administrators to view that log.
- TSF Data Protection function
Function that allows the change of TOE configuration information only to the TOE administrator.
- TSF Self Protection function
Function to verify the integrity of the executable code of the security features. If any abnormalities are detected TOE will be unusable.

Security functional requirements

This TOE implements the following security functional requirements.

Security audit Non-repudiation of origin/receipt Cryptographic functionality Access control
Data authentication Export data protection Information flow control Import data protection
Internal transfer data protection Residual information protection Rollback Stored data integrity
Transfer data confidentiality Transfer data integrity Identification and authentication Security management
Privacy Control Security functionality protection Resource utilisation management TOE access control
Trusted path/channels