Konica Minolta BIZHUB 920 User Manual
Page 74
The following shows the rationale for Table 8.1.
T.HDDACCESS Unauthorized access to the HDD
TSF changes and manages the HDD lock password of HDD1 and HDD2 in the management
function of O.MANAGE by the valid administrator identified in O.IA. Moreover TSF makes it
possible to detect the trial of unauthorized use to the applicable management function by anyone
except the administrator, because it records the failed identification and authentication of
administrator as audit information in O.AUDIT. In OE.HDD, the HDD1 and HDD2 execute the
identification and authentication, then the access is limited to only the TOE that is valid user,
therefore, the unauthorized access to HDD1 and HDD2 is prevented. As above mentioned, the
threat - T.HDDACCESS can be resisted by O.IA, O.MANAGE, O.AUDIT, and OE.HDD of the
security objectives policies.
T.ACCESS Unauthorized access to the BOX
TSF permits only the valid general user, who owns the User BOX identified and authenticated in
O.IA, to read out the document data in the User BOX in O.DATAACCESS. Moreover TOE makes it
possible to detect the unauthorized operation to the document data in the User BOX that the
general user owns, because it records the operation regarding the access function to the document
data that is “asset to be protected” as audit information in O.AUDIT. As above mentioned, the threat
- T.ACCESS can be resisted by O.IA, O.DATAACCESS, and O.AUDIT of the security objectives
policies.
T.IMPADMIN Impersonation of the CE and administrator
TSF identifies and authorizes the CE in O.IA. TSF provides the valid CE identified and
Authenticated with the function to decide the administrator in O.CE. TSF identifies and authorizes
the decided administrator in O.IA. TSF provides the valid administrator identified and authenticated
with the function to manage the User BOX in O.MANAGE. The administrator decides the owner of
User BOX using this funtion. TSF permits only the valid general user who owns the User BOX
identified and authenticated in O.IA, to read out the document data in the User BOX in
O.DATAACCESS. Moreover TSF makes it possible to detect the conduct operated to impersonate
the administrator, because it records the failed identification and authentication of CE and
administrator as audit information in O.AUDIT.
As above mentioned, the threat - T.IMPADMIN can be resisted by O.IA, O.CE, O.MANAGE,
O.DATAACCESS, and O.AUDIT of security objectives policies.
Copyright© 2005 KONICA MINOLTA BUSINESS TECHNOLOGIES, INC., All Rights Reserved