Approach to security for MFPs and Printers > Common Criteria (ISO/IEC 15408) and IEEE 2600 Certified Products

Common Criteria (ISO/IEC 15408) and IEEE 2600 Certified Products

1. Common Criteria (ISO/IEC 15408) Certification

Common Criteria (ISO/IEC 15408) is an international evaluation standard of information security. This internationally recognized standard has been created to evaluate if security functions of IT products are appropriately designed and implemented in order to sufficiently counter threats. Nowadays, governments and major large-sized corporations in many European countries and the United States of America prefer to purchase CC*1 (ISO/IEC 15408) certified products that satisfy their procurement requirements.

There are seven assurance levels defined in CC (ISO/IEC 15408). The higher the evaluation assurance level, the deeper testing and analysis will be conducted. In other words, the evaluation assurance level indicates the depth of an evaluation, not the strength of the security functionality of target of product. Appropriate assurance level can be obtained depending on operational environment of the product and protected assets handled.

*1: CC is an abbreviation for Common Criteria.


Table 1 Evaluation Assurance Level (EAL)

Evaluation Assurance Level Outline
EAL1 Functionality Tested
EAL2 Structurally Tested
EAL3 Methodically Tested and Checked
EAL4 Methodically Designed, Tested and Reviewed
EAL5 Semi formally Designed and Tested
EAL6 Semi formally Verified Designed and Tested
EAL7 Formally Verified Designed and Tested

KYOCERA Document Solutions Inc. (KYOCERA) is actively obtaining CC (ISO/IEC15408) certification. Prior to usage of the KYOCERA certified multi-function products (MFPs), customers can determine if the products meet security requirements as they requested, and can be securely used.

2. IEEE 2600

IEEE2600 is one of international standards in which security functional requirements and security assurance requirements for hardcopy devices and systems are defined by the IEEE working group comprising representatives from MFP manufacturers including KYOCERA. Before defining the IEEE 2600, security functions were specified differently subject to acquisition of the CC product certification. Because of this, MFP manufacturers gathered for the purpose of creating the uniform baseline of these different functionalities.

There is a document called Protection Profile defining security requirements and operational environments of hardcopy devices in the IEEE 2600. Various security requirements and operational environments are defined in the Protection Profile. CC certification can be obtained by applying the Protection Profile to Security Target. KYOCERA also obtains CC certification conforming to the Protection Profile, and assures that customers can securely use the certified products in operational environments such as military forces, governments, health and financial institutions.

Table 2 Assumed Operational Environment

IEEE 2600.1
Operational Environment A
Military Forces, Governments, Health and Financial Institutions
IEEE 2600.2
Operational Environment B
Large-Sized Corporations, Government and Official Agencies
IEEE 2600.3
Operational Environment C
Public Places like Library
IEEE 2600.4
Operational Environment D
Small and Home Offices

3. ISO 15408/IEEE2600.1 Certified Products Listing

Table 3 Color MFP

Model Conformance
(EAL: Evaluation Assurance Level)
IPA website
TASKalfa 8052ci / 7052ci EAL3/ IEEE 2600.1-2009 Certified products list
TASKalfa 7551ci / 6551ci EAL3/ IEEE 2600.1-2009 Certified products list
TASKalfa 6052ci / 5052ci /4052ci EAL3/ IEEE 2600.1-2009 Certified products list
TASKalfa 5551ci / 4551ci / 3551ci / 3051ci EAL3/ IEEE 2600.1-2009 Certified products list
TASKalfa 3252ci / 2552ci EAL2 Certified products list
EAL3/ IEEE 2600.1-2009 Certified products list
TASKalfa 2551ci EAL3/ IEEE 2600.1-2009 Certified products list
TASKalfa 7550ci / 6550ci EAL3 Certified products list
TASKalfa 5550ci / 4550ci / 3550ci / 3050ci EAL3 Certified products list
TASKalfa 356ci / 406ci EAL3/ IEEE 2600.1-2009 Certified products list


Table 4 Black & White MFP

Model Conformance
(EAL: Evaluation Assurance Level)
IPA website
TASKalfa 8002i / 7002i EAL3/ IEEE 2600.1-2009 Certified products list
TASKalfa 8001i / 6501i EAL3/ IEEE 2600.1-2009 Certified products list
TASKalfa 6002i / 5002i / 4002i EAL3/ IEEE 2600.1-2009 Certified products list
TASKalfa 5501i / 4501i / 3501i EAL3/ IEEE 2600.1-2009 Certified products list
TASKalfa 3511i / 3011i EAL2 Certified products list
EAL3/ IEEE 2600.1-2009 Certified products list
TASKalfa 3510i / 3010i EAL3/ IEEE 2600.1-2009 Certified products list
TASKalfa 8000i / 6500i EAL3 Certified products list
TASKalfa 5500i / 4500i / 3500i EAL3 Certified products list

 

For availability of models, please contact your local KYOCERA Document Solutions sales company.

Approach to security for MFPs and Printers PDF download: Security White Paper for KYOCERA MFPs and Printers

Approach to security for MFPs and Printers > Common Criteria (ISO/IEC 15408) and IEEE 2600 Certified Products

(C)2017 KYOCERA Document Solutions Inc.