Introduction to IEEE 2600.1
Hardcopy Devices (HCD) may contain or process valuable or sensitive assets that need to be protected from unauthorized disclosure and alteration. The utility of the device itself may be considered a valuable asset which also needs to be protected. There is also a need to ensure that the HCD cannot be misused in such a way that it causes harm to devices with which it shares network connections. Businesses today are increasingly aware of the need to protect the data stored on their office equipment.
The IEEE2600 standard identifies security exposures for HCD and systems and instructs manufacturers and software developers on appropriate security capabilities to include in devices and systems. It also instructs users on appropriate ways to use these security capabilities.
Technically, the IEEE 2600.1 Common Criteria Certification standard is a Protection Profile for HCDs used in “Operational Environment A”, which is generally characterized as a restrictive commercial information processing environment in which a relatively high level of document security, operational accountability, and information assurance are required. Typical information processed in “Operational Environment A” is trade secret, mission-critical, or subject to legal and regulatory considerations such as for privacy or governance. The IEEE2600.1 standard verifies that the security functions implemented meet its high standards. It also evaluates the processes for product design, manufacturing, and delivery. The IEEE 2600.1 standard fulfills all of the requirements of the US Government Approved Protection Profile for HCDs.
The class of HCD products encompasses a wide variety of functions and configurations, from small non-networked printers to large networked multifunction devices. To accommodate such a wide variety of products, this Standard for a Protection Profile is structured as a common Protection Profile that applies to all HCDs and a set of named Security Functional Requirements (SFR) packages that may apply to some HCD configurations.
The HCDs considered in this Protection Profile are used for the purpose of converting hardcopy documents into digital form (scanning), converting digital documents into hardcopy form (printing), transmitting hardcopy documents over telephone lines (faxing), or duplicating hardcopy documents (copying). Hardcopy documents are commonly in paper form, but they can also take other forms such as positive or negative transparencies or film.
This certification recognises a manufacturer of HCD's ongoing commitment to secure information management in the office, for general office use up to highly confidential materials for legal or government use.
Some of the companies which financially contributed to this standard include Canon, Fuji-Xerox, HP, InfoPrint Solutions, Konica Minolta, Kyocera-Mita, Lexmark, Océ, Oki Data, Ricoh, Samsung, Sharp, Toshiba and Xerox.
The IEEE2600 standard identifies security exposures for HCD and systems and instructs manufacturers and software developers on appropriate security capabilities to include in devices and systems. It also instructs users on appropriate ways to use these security capabilities.
Technically, the IEEE 2600.1 Common Criteria Certification standard is a Protection Profile for HCDs used in “Operational Environment A”, which is generally characterized as a restrictive commercial information processing environment in which a relatively high level of document security, operational accountability, and information assurance are required. Typical information processed in “Operational Environment A” is trade secret, mission-critical, or subject to legal and regulatory considerations such as for privacy or governance. The IEEE2600.1 standard verifies that the security functions implemented meet its high standards. It also evaluates the processes for product design, manufacturing, and delivery. The IEEE 2600.1 standard fulfills all of the requirements of the US Government Approved Protection Profile for HCDs.
The class of HCD products encompasses a wide variety of functions and configurations, from small non-networked printers to large networked multifunction devices. To accommodate such a wide variety of products, this Standard for a Protection Profile is structured as a common Protection Profile that applies to all HCDs and a set of named Security Functional Requirements (SFR) packages that may apply to some HCD configurations.
The HCDs considered in this Protection Profile are used for the purpose of converting hardcopy documents into digital form (scanning), converting digital documents into hardcopy form (printing), transmitting hardcopy documents over telephone lines (faxing), or duplicating hardcopy documents (copying). Hardcopy documents are commonly in paper form, but they can also take other forms such as positive or negative transparencies or film.
This certification recognises a manufacturer of HCD's ongoing commitment to secure information management in the office, for general office use up to highly confidential materials for legal or government use.
Some of the companies which financially contributed to this standard include Canon, Fuji-Xerox, HP, InfoPrint Solutions, Konica Minolta, Kyocera-Mita, Lexmark, Océ, Oki Data, Ricoh, Samsung, Sharp, Toshiba and Xerox.
Comments
Post a Comment