Xerox WorkCentre 5135/5150 Multifunction ... - Common Criteria
Xerox WorkCentre 5135/5150 Multifunction ... - Common Criteria
Xerox WorkCentre 5135/5150 Multifunction ... - Common Criteria
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Xerox</strong> <strong>WorkCentre</strong> <strong>5135</strong>/<strong>5150</strong><br />
<strong>Multifunction</strong> Systems Security Target<br />
created during processing are overwritten at the completion of the job<br />
using the 5200.28-M algorithm. The stored jobs are not overwritten until<br />
the jobs are deleted by the user, or when the System Administrator<br />
executes a full on-demand image overwrite. A standard ODIO overwrites<br />
all files written to temporary storage areas of the HDD and zeroizes the<br />
temporary storage areas of the fax card flash memory. A full ODIO<br />
overwrites those files as well as the Fax mailbox/dial directory, Scan to<br />
mailbox data, and all files that have been stored at the request of a user<br />
via Copy/Print, Store and Reprint jobs.<br />
Copy jobs are not written to the hard drive and need not to be overwritten.<br />
Copy/Print, Store and Reprint jobs are written to the hard drive so that<br />
they may be reprinted at a later time; therefore, they will be overwritten<br />
when a full on-demand image overwrite is performed. Embedded FAX<br />
jobs are written to flash memory and are overwritten at the completion of<br />
each job or on demand of the MFD system administrator. The embedded<br />
fax card flash memory overwrite is not compliant with DoD 5200.28-M.<br />
1.3.2.2. Authentication (TSF_AUT)<br />
The TOE requires a system administrator to authenticate before granting<br />
access to system administration functions. The system administrator has<br />
to enter a password at either the Web User Interface or the Local User<br />
Interface. The password will be obscured 2 as it is being entered.<br />
Identification of the system administrator at the Local User Interface is<br />
explicit -- the administrator will identify themselves by entering the<br />
username “admin” in the authentication window. Identification of the<br />
system administrator at the Web user Interface is explicit -- the<br />
administrator will identify themselves by entering the username “admin” in<br />
the authentication dialog window.<br />
1.3.2.3. Network Identification (TSF_NET_ID)<br />
The TOE can prevent unauthorized use of the installed network options<br />
(network scanning, scan-to-email, and LanFax); the network options<br />
available are determined (selectable) by the system administrator. To<br />
access a network service, the user is required to provide a user name and<br />
password, which is then validated by the designated authentication server<br />
(a trusted remote IT entity). The user is not required to login to the<br />
network; the account is authenticated by the server as a valid user. The<br />
remote authentication services supported by the TOE are: LDAP v4,<br />
Kerberos v5 (Solaris), Kerberos v5 (Windows 2000/2003), NDS (Novell<br />
2 The LUI obscures input with the asterisk character. The specific character used to obscure input at the WebUI is browser<br />
dependent<br />
14<br />
Copyright 2009 <strong>Xerox</strong> Corporation, All rights reserved