- Product Name :
- Version of TOE :
- Product Type :
- Multifunction Peripheral
- Certification No. :
- Date :
- Version of Common Criteria:
- 3.1 Release4
- Conformance Claim :
- EAL2 Augmented by ALC_FLR.2
- PP Identifier :
- U.S. Government Approved Protection Profile - U.S. Government Protection Profile for Hardcopy Devices Version 1.0 (IEEE Std. 2600.2™-2009)
- Vendor :
- SEIKO EPSON CORPORATION
- POC :
- Hiroshi Niki
- Division :
- Printing Solutions Operations Division
P Planning & Design Department
- Phone :
- E-mail :
- Evaluation Facility :
- Mizuho Information & Research Institute, Inc.
Information Security Evaluation Office
Description of TOE
This TOE is a multifunction peripheral(MFP) that has the functions, such as copy, print, scan and FAX.
This TOE provides Security Functions required for "U.S. Government Approved Protection Profile - U.S. Government Protection Profile for Hardcopy Devices Version 1.0 (IEEE Std. 2600.2™-2009)", which is a protection profile for MFPs.
TOE Security functions
The security functions of this TOE are as follows:
|-||Identification and Authentication Function
Function to identify and authenticate users.
|-||Access Control Function for TOE Function
Function to restrict available functions for each authorized user.
|-||Document Access Control Function
Function to allow only the authorized users and the administrator to access to stored documents.
|-||Residual Data Overwrite Function
Function to overwrite and delete unnecessary document data in the HDD and the Flash ROM.
|-||Network Protection Function
Function to protect communication data using encryption communication protocols.
|-||Security Management Function
Function to allow only the administrator to manage security functions.
Function to verify the integrity of executable codes at startup.
|-|| Audit Log Function
Function to record audit logs related to security events and allow only the administrator to view that log.
Security functional requirements
The TOE implements the following security functional requirements.
|Security audit||Non-repudiation of origin/receipt||Cryptographic functionality||Access control|
|Data authentication||Export data protection||Information flow control||Import data protection|
|Internal transfer data protection||Residual information protection||Rollback||Stored data integrity|
|Transfer data confidentiality||Transfer data integrity||Identification and authentication||Security management|
|Privacy Control||Security functionality protection||Resource utilisation management||TOE access control|
|Trusted path/channels||Random number generation|