Comparison between Family of PPs and PP with Packages

1. Comparison between Family of PPs and PP with Packages Brian Smithson and Ron Nevo

2. Structure Comparison table Click for details Click for details

3. Structure Comparison table (continue) Click for details

4. Structure Comparison table (continue)

5. Family of PPs / Packages – What is included in the Common/Basic PP • P2600.1-COM, Protection Profile for Common Functions in Hardcopy Devices • This Protection Profile shall be used for HCD products, and it includes common functions such • as for configuring user identification/authorization, device options, data interfaces, security, or • auditing. • Plus at least one of these four: • P2600.1-PRT, Protection Profile for Print Functions in Hardcopy Devices • P2600.1-SCN, Protection Profile for Scan Functions in Hardcopy Devices • P2600.1-CPY, Protection Profile for Copy Functions in Hardcopy Device, • P2600.1-FAX, Protection Profile for Fax Functions in Hardcopy Devices • Base HCD packages: • Base Network Printer Package to include the following functions: • Printing digital documents to paper form using a network interface • Base Network MFD Package to include the following functions: • Printing digital documents to paper form using a network interface • Copying paper documents • Scanning paper documents to digital form using a network interface The base packages are the same Go Back

6. Family of PPs / Packages – How many dependent PPs/ packages exist • 8 independent optional PPs: • P2600.1-PRT, Protection Profile for Print Functions in Hardcopy Devices, Operational • 2600.1-SCN, Protection Profile for Scan Functions in Hardcopy Devices, Operational • P2600.1-CPY, Protection Profile for Copy Functions in Hardcopy 76 Devices, Operational • P2600.1-FAX, Protection Profile for Fax Functions in Hardcopy Device, Operational • P2600.1-DSR, Protection Profile for Document Storage and Retrieval Functions in • P2600.1-NVS, Protection Profile for Nonvolatile Storage Functions in Hardcopy Devices, • P2600.1-SWI, Protection Profile for Software Installation Functions in Hardcopy Devices, • P2600.1-SMI, Protection Profile for Shared-medium Interface Functions in Hardcopy • 4 dependent optional Packages: • Nonvolatile Storage Package to include: • Persistent storage and retrieval • Non-Hardware Functional Update Package to include: • Software / Firmware / Applet installation and upgrade • Local Interface Package to include: • User data and management data I/O through local interfaces (such as USB, Copy Control and others) • Fax Package to include: • Transmitting paper or digital documents to a facsimile device using a PSTN interface • Receiving documents from a facsimile device and delivering them in paper or digital form using a PSTN interface Go Back

7. Family of PPs / Packages – How to comply To claim conformance to any of the protection profiles that are contained in this Family of Protection Profiles, the conforming security target or protection profile shall comply with three rules: a) The Common Functions Rule: Security targets and other protection profiles shall claim at least Demonstrable Conformance with the following Protection Profile listed in Section 4.1 “PP References”: P2600.1-COM. b) The Hardcopy Rule: Security targets and other protection profiles shall claim at least Demonstrable Conformance with one or more of the following Protection Profiles listed in Section 4.1 “PP References”: P2600.1-PRT, P2600.1-SCN, P2600.1-CPY, or P2600.1-FAX. c) The Complete TOE Rule: Security targets and other protection profiles shall claim at least Demonstrable Conformance with any and all Protection Profiles listed in Section 1 “PP References” whose target(s) of evaluation are representative of functions that are provided in the target of that security target or other protection profile. Demonstrable conformance requires that the security target and other protection profiles be a suitable solution to the generic security problems described in this Protection Profile. • Compliant Security Targets and other Protection Profiles shall claim at least Demonstrable Conformance with this family of Protection Profiles. Demonstrable conformance requires that the Security Target and other Protection Profiles be a suitable solution to the generic security problems described in this protection profile. • Refer to Table 1 that describe the HCD packages that addressed by this Family of Protection Profiles. • Certification Path Validation – The Base HCD Package is a dependency of the following other packages, i.e., when the following packages are included in a PP, Basic HCD package must also be included in the PP: • Base HCD Package • Either the Base Network Printer Package or Base Network MFD package • Dependent packages of base HCD package including : • Nonvolatile Storage package • Non-Hardware Functional Upgrade package • Local Interface package • Fax package • Naming of Protection Profile: • If an ST claims Demonstrable Conformance to a base Package then the PP name that the ST claims conformance to “IEEE P2600.1 Protection Profile with packages: Base Network Printer <or Base Network MFD> at EAL 3 with ALC_FLR 2 augmentation”. • If an ST claim Demonstrable Conformance to a base package (e.g. Base Network Printer) and to one of the dependency functional packages (e.g. Nonvolatile Storage package) then the PP name that the ST claims conformance to is “IEEE P2600.1 Protection Profile with packages: Base Network Printer, Nonvolatile Storage at EAL 3 with ALC_FLR 2 augmentation”. Go Back