Xerox WorkCentre 5135/5150 Multifunction ... - Common Criteria
Xerox WorkCentre 5135/5150 Multifunction ... - Common Criteria Xerox WorkCentre 5135/5150 Multifunction ... - Common Criteria
Xerox WorkCentre 5135/5150 Multifunction Systems Security Target 3.4. Organizational Security Policies ............................................. 24 4. SECURITY OBJECTIVES ................................................................ 26 4.1. Security Objectives for the TOE ............................................. 26 4.2. Security Objectives for the Operational Environment ............. 28 4.3. Rationale for Security Objectives ........................................... 29 4.3.1. Coverage of the Assumptions ............................................. 30 4.3.2. Coverage of the Threats ..................................................... 31 4.3.3. Implementation of Organizational Security Policies ............. 33 5. SECURITY REQUIREMENTS.......................................................... 35 5.1. Conventions ........................................................................... 35 5.2. Security Policies ..................................................................... 35 5.2.1. User Data Protection Policy (TSP_IOW) ............................. 36 5.2.2. Information Flow Control Policy (TSP_FLOW) .................... 36 5.2.3. SSLSec SFP (TSP_SSL) .................................................... 37 5.2.4. IP Filter SFP (TSP_FILTER) ............................................... 37 5.2.5. PrivUserAccess SFP (TSP_FMT) ....................................... 37 5.3. Security Functional Requirements .......................................... 37 5.3.1. Class FAU: Security Audit ................................................... 38 5.3.2. Class FCS: Cryptographic Support .................................... 43 5.3.3. Class FDP: User Data Protection ....................................... 45 5.3.4. Class FIA: Identification and Authentication ........................ 54 5.3.5. Class FMT: Security Management ...................................... 55 5.3.6. Class FPT: Protection of the TSF ....................................... 57 5.3.7. Class FTP: Trusted path/channels ...................................... 58 5.4. TOE Security Assurance Requirements ................................. 58 5.5. Security Requirements for the IT Environment ....................... 59 5.6. Explicitly Stated Requirements for the TOE ........................... 59 5.7. Rationale for Security Functional Requirements ..................... 59 5.8. Rationale for Security Assurance Requirements .................... 64 5.9. Rationale for Dependencies ................................................... 64 5.9.1. Security Functional Requirement Dependencies ................ 65 5.9.2. Security Assurance Requirement Dependencies ................ 67 6. TOE SUMMARY SPECIFICATION .................................................. 69 6.1. TOE Security Functions ......................................................... 69 6.1.1. Image Overwrite (TSF_IOW) .............................................. 69 6.1.2. Information Flow Security (TSF_FLOW) ............................. 71 6.1.3. Authentication (TSF_ AUT) ................................................. 72 6.1.4. Network Identification (TSF_NET_ID) ................................. 72 Copyright 2009 Xerox Corporation, All rights reserved 4
Xerox WorkCentre 5135/5150 Multifunction Systems Security Target 6.1.5. Security Audit (TSF_FAU) .................................................. 73 6.1.6. Cryptographic Support (TSF_FCS)..................................... 74 6.1.7. Management Data Protection – SSL (TSF_FDP_SSL) ....... 74 6.1.8. User Data Protection – IP Filtering (TSF_FDP_FILTER)..... 75 6.1.9. Security Management (TSF_FMT)...................................... 75 6.1.10. User Data Protection - AES (TSF_EXP_UDE).................... 75 7. ACRONYMS ..................................................................................... 76 Copyright 2009 Xerox Corporation, All rights reserved 5
- Page 1 and 2: Xerox WorkCentre 5135/5150 Multifun
- Page 3: Xerox WorkCentre 5135/5150 Multifun
- Page 7 and 8: Xerox WorkCentre 5135/5150 Multifun
- Page 9 and 10: Xerox WorkCentre 5135/5150 Multifun
- Page 11 and 12: Xerox WorkCentre 5135/5150 Multifun
- Page 13 and 14: Xerox WorkCentre 5135/5150 Multifun
- Page 15 and 16: Xerox WorkCentre 5135/5150 Multifun
- Page 17 and 18: Xerox WorkCentre 5135/5150 Multifun
- Page 19 and 20: Xerox WorkCentre 5135/5150 Multifun
- Page 21 and 22: Xerox WorkCentre 5135/5150 Multifun
- Page 23 and 24: Xerox WorkCentre 5135/5150 Multifun
- Page 25 and 26: Xerox WorkCentre 5135/5150 Multifun
- Page 27 and 28: Xerox WorkCentre 5135/5150 Multifun
- Page 29 and 30: Xerox WorkCentre 5135/5150 Multifun
- Page 31 and 32: Xerox WorkCentre 5135/5150 Multifun
- Page 33 and 34: Xerox WorkCentre 5135/5150 Multifun
- Page 35 and 36: Xerox WorkCentre 5135/5150 Multifun
- Page 37 and 38: Xerox WorkCentre 5135/5150 Multifun
- Page 39 and 40: Xerox WorkCentre 5135/5150 Multifun
- Page 41 and 42: Xerox WorkCentre 5135/5150 Multifun
- Page 43 and 44: Xerox WorkCentre 5135/5150 Multifun
- Page 45 and 46: Xerox WorkCentre 5135/5150 Multifun
- Page 47 and 48: Xerox WorkCentre 5135/5150 Multifun
- Page 49 and 50: Xerox WorkCentre 5135/5150 Multifun
- Page 51 and 52: Xerox WorkCentre 5135/5150 Multifun
- Page 53 and 54: Xerox WorkCentre 5135/5150 Multifun
<strong>Xerox</strong> <strong>WorkCentre</strong> <strong>5135</strong>/<strong>5150</strong><br />
<strong>Multifunction</strong> Systems Security Target<br />
6.1.5. Security Audit (TSF_FAU) .................................................. 73<br />
6.1.6. Cryptographic Support (TSF_FCS)..................................... 74<br />
6.1.7. Management Data Protection – SSL (TSF_FDP_SSL) ....... 74<br />
6.1.8. User Data Protection – IP Filtering (TSF_FDP_FILTER)..... 75<br />
6.1.9. Security Management (TSF_FMT)...................................... 75<br />
6.1.10. User Data Protection - AES (TSF_EXP_UDE).................... 75<br />
7. ACRONYMS ..................................................................................... 76<br />
Copyright 2009 <strong>Xerox</strong> Corporation, All rights reserved<br />
5