Re: [2600] P2600 Commnts
Bear in mind that STs that claim conformance to
the PP are not evaluated against specific user
requirements (stated in RFPs or
otherwise). Therefore, it probably isn't
practical for a product/ST to be evaluated with
specific user requirements in mind, unless those
requirements are specified in the ST
itself. That can be done, but in my experience
vendors are not enthusiastic to do it because it
(potentially) limits the applicability of the
evaluation to a specific opportunity.
"Deactivate" can mean many different things. If
the code executing in the MFP is different as a
result of deactivation then it is not the same as
the evaluated TOE. If it is deactivated through
setting a configuration parameter in the
evaluated code, the evaluation is much more
likely to apply. This would be a reasonable
question to bounce off the schemes to get their perspectives.
Tom
At 06:12 AM 8/10/2007, Aubry, Carmen wrote:
>I'm not sure if Ueda-san concern is 1) or 2):
>1) The user buys an HCD P2600 certified for
>print, scan and fax and decides to deactivate
>FAX related security requirements. Are the print
>and scan functionalities still P2600 print and scan certified?
>
>To answer this question, the reasoning is
>different depending on what kind of function deactivation you have in mind.
>A) When thinking at the FAX, my first thought
>was that the HCD should not loose the P2600 and
>CC certification for the other functions (print and scan).
>The functions are evaluated separately. If the
>user decides to deactivate FAX related security
>functions, the others (print, scan) are still in
>an P2600 and CC certified mode. We have included
>the completion rule (rule b in Protection
>Profile references chapter) in order to be sure
>that the HCD contains all the security
>requirements for all the functions in a given
>environment but the user takes the ultimate
>decision on what is appropriate for him. The
>product shouldn't loose the P2600 PPs certification for this.
>
>Then I have realized that the FAX function has
>security requirements in FAX and SMI PPs.
>Consequently SMI PP will also be impacted, is
>the SMI still P2600 compliant in that case?
>
>B) When looking at the other functions, thinks
>get more complicated. If deactivating security
>requirements related to print functionality then
>PRT, DSR, NVS and SMI PPs might be impacted. Is
>the product still compliant to DSR, NVS and SMI
>for the scan functionality? Mind that there is
>no notion of scan or print in DSR, NVS and SMI PPs.
>
>
>2) In order to fulfill a specific user request,
>a vendor builds a product compliant to the P2600
>requirements for print and scan but with
>different requirements for FAX. Can the vendor
>claim compliance to P2600 PPs for print and scan
>and have something (different or even nothing) for FAX?
>
>Once again, we should carefully consider the
>fact that a function might imply security
>requirements spread along several other PPs before answering this question.
>
>
>In any case, introducing the phrase "HOWEVER, IT
>CAN BE CHANGED BY THE SPECIFIC USER REQUIREMENT"
>constitutes a loophole that might allow avoiding
>security requirements because it is not clear WHETHER
> - the user (or the vendor that builds
> the product) can change the security
> requirements for a given function and still be
> P2600 certified for that function
>OR
> - the user only deactivates the
> security requirements corresponding to a given
> function and he is still P2600 certified for the others.
>
>
>Best regards,
>_________________________________________________________
>Carmen AUBRY,
>GSNA, CISSP
>Oce Print Logic Technologies S.A. -R&D -http://www.oce.com
>Phone: +33 (0)1 48 98 80 22 - Fax: +33 (0)1 48 98 54 50
>1, rue Jean Lemoine - BP 113 - 94015 Créteil Cedex - FRANCE
>_________________________________________________________
>
>-----Original Message-----
>From: Brian Smithson [mailto:Brian.Smithson@RICOH-USA.COM]
>Sent: Thursday, August 09, 2007 7:24 PM
>To: STDS-2600@listserv.ieee.org
>Subject: Re: [2600] P2600 Commnts
>
>I think that Ueda-san's Comments file contained
>only one comment, but it is an important one
>which I thought was worth highlighting so that
>P2600 member companies can consider it in advance of the Toronto meeting.
>
>Ueda-san says:
>
>"PP-A 4.Protection Profile references(APE_INT)
>[list item 'b']. I believe this sentence says
>that all the function of the HCD should be
>conformed to this PP. For example, HCD which
>have Copy,Scan,Print,Fax function can not
>declare conforming to this PP if it has
>conformed only P2600.1-PRT because this HCD has
>other functions. I agree this is important rule,
>but I also believe that user should define
>security requirement by himself and not by this
>document,or in other word user should have the
>right to choose the security function of his
>requirement. For example if the user says that
>he does not need P2600.1-FAX about the HCD which
>has FAX function, this HCD should not have
>P2600.1-FAX in it's ST. There is the way that
>user turn off the FAX related function of the
>HCD, but it turns out to force user to take risk
>for that if that HCD can guarantee conforming to
>CC only in the case that all the security
>function of the HCD is on. ~So I would like to propose to change the word !
> to "In other words, this Family of Protection
> Profiles can be used to create a security
> target or protection profile only for a target
> of evaluation that performs at least one of the
> functions that define hardcopy devices (print,
> scan, copy, or fax), and conforms to every
> Protection Profile whose Usage statement
> describes a function that is present in its
> target of evaluation. HOWEVER, IT CAN BE
> CHANGED BY THE SPECIFIC USER REQUIREMENT."
>
>
>Regards,
>--
>Brian Smithson
>Project Manager
>PMP, SSCP, CISSP, CISA, ISO 27000 PA
>Advanced Imaging and Network Technologies Ricoh Americas Corporation
>(408)346-4435
>
>New address:
>10460 Bubb Road
>Cupertino, CA 95014-4150
>
> > -----Original Message-----
> > From: ueda.shigeru@CANON.CO.JP [mailto:ueda.shigeru@CANON.CO.JP]
> > Sent: Wednesday, August 08, 2007 11:51 PM
> > To: STDS-2600@listserv.ieee.org
> > Subject: [2600] P2600 Commnts
> >
> > Hi Don
> >
> > Attached is my comment for P2600.1-28b
> >
> > Regards.
> >
> > Shigeru Ueda Canon
> >
> >
>
>
>This message and attachment(s) are intended
>solely for use by the addressee and may contain
>information that is privileged, confidential or
>otherwise exempt from disclosure under applicable law.
>
>If you are not the intended recipient or agent
>thereof responsible for delivering this message
>to the intended recipient, you are hereby
>notified that any dissemination, distribution or
>copying of this communication is strictly prohibited.
>
>If you have received this communication in
>error, please notify the sender immediately by
>telephone and with a 'reply' message.
>
>Thank you for your co-operation.