Konica Minolta BIZHUB 920 User Manual
Page 79
targeted User BOX is maintained in FMT_SMR.1. Their functions are not bypassed with FPT_
RVM.1 and the state of operating are effectively ready in FMT_MOF.1.
Therefore, O.IA can be realized by the correspondent security functional requirements.
O.MANAGE Provision of the management function
The User BOX is created by registering the User BOX identifier by the administrator in FDP_
ACC.1[2], FDP_ACF.1[2], FMT_MSA.3, and FMT_MSA.1. At the beginning, the use of User BOX
is limited because the User BOX password that no one can use is set, however, it becomes possible
to use when FMT_MTD.1[3] permits the administrator to change the User BOX password.
Thereafter the general user becomes the owner of User BOX by knowing the User BOX identifier of
this User BOX. When the User BOX password is registered, it is checked whether it obeys the
password rules specified in FIA_SOS.1[1].
FDP_MTD.1 provides the administrator with the function to change and manage the HDD lock
password of HDD1 and HDD2, therefore, the unauthorized access of HDD1 and HDD2 can be
prevented. This password is checked whether it obeys the rule specified in FDP_SOS.1.
FMT_MTD.1[5] permits the administrator to change his/her own password, therefore, the
administrator becomes possible to change his/her own password every a suitable period. When the
password of administrator is changed, the password is checked whether it obeys the password rules
specified in FIA_SOS.1[2]. The change of password makes lower the possibility that the User BOX
password entered by the general user matches.
The management of User BOX identifier, User BOX password, HDD1 and HDD2 lock password,
is specified in FMT_SMF.1. The administrator, CE, and the general user who owns the targeted User
BOX are maintained in FMT_SMR.1. Their functions are not bypassed with FPT_RVM.1.The
administrator is permitted to startup and terminate the security function in FMT_MOF.1.
Therefore, O.MANAGE can be realized by the correspondent security functional requirements.
O.CE Provision of the CE function
The CE can register the administrator password in FMT_MTD.1[1]. By registering the
administrator password, the administrator can be registered in the TOE and can start the operation as
administrator. The CE can change his/her own password in FMT_MTD.1[2], therefore, the CE
becomes possible to change the CE and administrator passwords every a suitable period. The change
of password makes lower the possibility that the CE and administrator passwords entered by the
general user matches, because the CE and administrator passwords are checked whether they
obeys the rule specified in FIA_SOS.1[2].
The management of CE password and administrator password is specified in FMT_SMF.1. The
administrator and CE are maintained in FMT_SMR.1. Their functions are not bypassed with FPT_
Copyright© 2005 KONICA MINOLTA BUSINESS TECHNOLOGIES, INC., All Rights Reserved