Canon imageRunner 1133 Specifications download pdf (Page 32)

White Pa

er: Canon ima

eRUNNER ADVANCE Securit

Section 7 — Canon Solutions & Regulatory Requirements

Canon is dedicated to providing the most secure multifunctional printers available on the market today.

Many of our products meet or exceed the requirements of government agencies and private entities as they

relate to security certifications and industry regulations.

7.1 – Common Criteria

Beginning on July 1, 2002, the Department of Defense required a broad group of commercial

hardware/software suppliers to have their products evaluated using a standard known as Common Criteria

to determine its fitness for the department’s use.

Following the development of the Common Criteria, the National Institute of Standards and Technology

and the National Security Agency, in cooperation and collaboration with the U.S. State Department,

worked closely with their partners in the CC Project to produce a mutual recognition arrangement for IT

security evaluations that use the Common Criteria. The Arrangement is officially known as the

Arrangement on the Mutual Recognition of Common Criteria Certificates in the field of IT Security. It

states that each participant will recognize evaluations performed using the Common Criteria evaluation

methodology where product certificates have been issued by the Mutually Recognized producing nations

for EAL1-EAL4 evaluations. Evaluation Assurance components found in EAL5-EAL7 are not part of the

mutual recognition arrangement.

The list of Common Criteria Recognition Arrangement members currently includes Australia, Austria,

Canada, Czech Republic, Denmark, Finland, France, Germany, Greece, Hungary, India, Israel, Italy, Japan,

Republic of Korea, Netherlands, New Zealand, Norway, Singapore, Spain, Sweden, Turkey, United

Kingdom and United States.

7.2 – Common Criteria Certification

The Common Criteria for Information Technology Security Evaluation (CC), ISO/IEC 15408 Standard,

defines general concepts and principles of IT security evaluation and presents a general model of

evaluation. It presents constructs for expressing IT security objectives, for selecting and defining IT

security requirements, and for writing high-level specifications for products and systems. It specifies

information security functional requirements and seven predefined assurance packages, known as

Evaluated Assurance Levels (EALs), against which products' functions are tested and evaluated. The seven

EALS provide both the vendor and user with flexibility to define functional and assurance requirements

that are unique to their operating environments and to obtain an evaluated product best suited to those

needs.

Hardware and software companies around the world use the Common Criteria (CC) evaluation program to

provide a means of comparison for the level of assurance that their products provide. As a cautionary note,

while the evaluation program is very effective at validating a manufacturer’s claims, it does not measure

the overall security capabilities or vulnerabilities as a whole. Therefore, Common Criteria certification

should be one of many considerations when choosing security-related products instead of being considered

the de-facto standard.

1 2 ... 27 28 29 30 31 32 33 34 35 36 37

No comments

Canon imageRunner 1133 Specifications Page 32