Xerox WorkCentre 5632/5638/5645/5655 - Common Criteria
Xerox WorkCentre 5632/5638/5645/5655 - Common Criteria
Xerox WorkCentre 5632/5638/5645/5655 - Common Criteria
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Xerox</strong> <strong>WorkCentre</strong> <strong>5632</strong>/<strong>5638</strong>/<strong>5645</strong>/<strong>5655</strong>/5665/5675/5687<br />
Multifunction Systems Security Target<br />
Objectives<br />
O.RECOVER<br />
O.FAXLINE<br />
O.MANAGE<br />
O.CONTROL_ACCES<br />
S<br />
Description<br />
Temporary document image data from a print, network<br />
scan, scan-to-email job, LanFax, the Fax mailbox and/or<br />
dial directory, Scan to mailbox data, or stored document<br />
image data from a Copy/Print, Store and Reprint job must<br />
be overwritten on the hard disk drive in accordance with<br />
DoD 5200.28-M immediately after that job is completed or<br />
once the TOE is turned back on after a power failure.<br />
Temporary document image data from a FAX job must be<br />
zeroized in the fax card flash memory immediately after that<br />
job is completed or once the TOE is turned back on after a<br />
power failure. The embedded fax card flash memory<br />
zeroization is not compliant with DoD 5200.28-M.<br />
Temporary document image data from the jobs stored on<br />
the HDD must also be overwritten on demand in<br />
accordance with DoD 5200.28-M (Standard or Full ODIO).<br />
The temporary storage for Embedded Faxes (compact<br />
flash) must be zeroized at the command (“on demand”) of<br />
the system administrator when a standard or full ODIO is<br />
run. The Fax mailbox and dial directory are only zeroized<br />
when the system administrator runs a full ODIO. The<br />
embedded fax card flash memory zeroization is not<br />
compliant with DoD 5200.28-M. Copy and Embedded FAX<br />
(if installed) jobs must not be written to the hard drive at all.<br />
The TOE will not allow access to the internal network from<br />
the telephone line via the TOE’s FAX modem (if installed).<br />
Likewise, the TOE will not allow accessing the PSTN port of<br />
the TOE’s FAX modem (if installed) from the internal<br />
network.<br />
The TOE will provide the functions and facilities necessary<br />
to support system administrators responsible for the<br />
management of the TOE.<br />
The TOE must require that system administrator(s)<br />
authenticate with a password before allowing access to<br />
management functions. The password must be obscured<br />
as it is entered by the system administrator. The Local UI<br />
will be locked for 3 minutes once 3 invalid login attempts<br />
have been detected. The WebUI will send an error code<br />
after every invalid authentication attempt.<br />
The TOE must require authorized users to be identified and<br />
authenticated before providing access to installed network<br />
options of the TOE.<br />
The TOE will provide the system administrator with the<br />
ability to determine network access/information flow to the<br />
TOE for trusted remote IT products.<br />
27<br />
Copyright 2009 <strong>Xerox</strong> Corporation, All rights reserved