Xerox WorkCentre 5135/5150 Multifunction ... - Common Criteria
Xerox WorkCentre 5135/5150 Multifunction ... - Common Criteria
Xerox WorkCentre 5135/5150 Multifunction ... - Common Criteria
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Xerox</strong> <strong>WorkCentre</strong> <strong>5135</strong>/<strong>5150</strong><br />
<strong>Multifunction</strong> Systems Security Target<br />
3.4. Organizational Security Policies ............................................. 24<br />
4. SECURITY OBJECTIVES ................................................................ 26<br />
4.1. Security Objectives for the TOE ............................................. 26<br />
4.2. Security Objectives for the Operational Environment ............. 28<br />
4.3. Rationale for Security Objectives ........................................... 29<br />
4.3.1. Coverage of the Assumptions ............................................. 30<br />
4.3.2. Coverage of the Threats ..................................................... 31<br />
4.3.3. Implementation of Organizational Security Policies ............. 33<br />
5. SECURITY REQUIREMENTS.......................................................... 35<br />
5.1. Conventions ........................................................................... 35<br />
5.2. Security Policies ..................................................................... 35<br />
5.2.1. User Data Protection Policy (TSP_IOW) ............................. 36<br />
5.2.2. Information Flow Control Policy (TSP_FLOW) .................... 36<br />
5.2.3. SSLSec SFP (TSP_SSL) .................................................... 37<br />
5.2.4. IP Filter SFP (TSP_FILTER) ............................................... 37<br />
5.2.5. PrivUserAccess SFP (TSP_FMT) ....................................... 37<br />
5.3. Security Functional Requirements .......................................... 37<br />
5.3.1. Class FAU: Security Audit ................................................... 38<br />
5.3.2. Class FCS: Cryptographic Support .................................... 43<br />
5.3.3. Class FDP: User Data Protection ....................................... 45<br />
5.3.4. Class FIA: Identification and Authentication ........................ 54<br />
5.3.5. Class FMT: Security Management ...................................... 55<br />
5.3.6. Class FPT: Protection of the TSF ....................................... 57<br />
5.3.7. Class FTP: Trusted path/channels ...................................... 58<br />
5.4. TOE Security Assurance Requirements ................................. 58<br />
5.5. Security Requirements for the IT Environment ....................... 59<br />
5.6. Explicitly Stated Requirements for the TOE ........................... 59<br />
5.7. Rationale for Security Functional Requirements ..................... 59<br />
5.8. Rationale for Security Assurance Requirements .................... 64<br />
5.9. Rationale for Dependencies ................................................... 64<br />
5.9.1. Security Functional Requirement Dependencies ................ 65<br />
5.9.2. Security Assurance Requirement Dependencies ................ 67<br />
6. TOE SUMMARY SPECIFICATION .................................................. 69<br />
6.1. TOE Security Functions ......................................................... 69<br />
6.1.1. Image Overwrite (TSF_IOW) .............................................. 69<br />
6.1.2. Information Flow Security (TSF_FLOW) ............................. 71<br />
6.1.3. Authentication (TSF_ AUT) ................................................. 72<br />
6.1.4. Network Identification (TSF_NET_ID) ................................. 72<br />
Copyright 2009 <strong>Xerox</strong> Corporation, All rights reserved<br />
4
Change language