Xerox WorkCentre 5632/5638/5645/5655 - Common Criteria

More documents

Recommendations

Info

Xerox WorkCentre 5632/5638/5645/5655/5665/5675/5687 Multifunction Systems Security Target Objectives O.PROTECT_COM O.PROTECT_DAT Description The TOE must protect management data from disclosure, or modification, by establishing a trusted channel between the TOE and another trusted IT product over which the management data is transported. The TOE must protect from disclosure or modification: user data temporarily stored for the purpose of reprinting in the future, temporary spool files created from print, fax and scan jobs, and swap files. 4.2. Security Objectives for the Operational Environment Table 9: Security Objectives for the IT Environment Objectives OE. NETWORK OE.NETWORK_I&A OE.PROTECT_CO M Description The network that the TOE is connected to will be monitored for unapproved activities and/or attempts to attack network resources (including the TOE). This includes a high number of logon tries to the web interface of the TOE. The TOE environment shall provide, per site specific policy, the correct and accurately functioning Identification and Authentication, and NTP mechanism(s) that are compatible with, and for external use by, the TOE. These mechanisms will be under the same management and physical control as the TOE and are covered by the same management and security policy as the TOE. These I&A assets may also maintain authorization information (access and/or permissions lists) for users who are authenticated by the environment. The TOE environment (product) and remote trusted IT products (which support the external half of all RFCcompliant communications and protocols) must protect user print jobs and scan-to-mailbox job data from disclosure, or modification. The TOE environment and remote trusted IT products must also prevent management data from being disclosed. 28 Copyright 2009 Xerox Corporation, All rights reserved
Xerox WorkCentre 5632/5638/5645/5655/5665/5675/5687 Multifunction Systems Security Target Objectives OE.INSTALL OE.ACCESS OE.ADMIN OE.EXTERNAL_SV C Description System administrator oversees installation, configuration and operation of the TOE by Xerox-authorized representatives in accordance with the Xerox delivery and installation guidance. The TOE must be configured by the system administrator in accordance with the system administration and user guidance as well as with the security guidance found at http://www.xerox.com/security. As part of the installation process, the system administrator has to change the password from its default value to a value with at least 8 alphanumeric characters. The system administrator has to change the password at least every 40 days. The “secure print” option has been configured to remove jobs that are unprinted after 72 hours. The “Copy/Print, Store and Reprint” option is configured to remove stored documents after no more than 72 hours. Image Overwrite Security accessory is installed and enabled, and IIO and ODIO are enabled. The system administrator ensures that the TOE will be configured according to the configuration under evaluation and will not remove the TOE from its evaluated configuration. The TOE will be located in an office environment where it will be monitored by the office personnel for unauthorized physical connections, manipulation or interference. At least one responsible and trustworthy individual (system administrator) will be assigned, according to onsite procedures for granting access to the password, to manage the TOE and other trusted IT products that the TOE interacts with, enable SSL, and review audit logs. The IT environment will provide the TOE with the following services: Network Time Protocol (NTP) Identification and Authentication Authorization (LDAP, ADS, or other methods of delegating user groups) 4.3. Rationale for Security Objectives 29 Copyright 2009 Xerox Corporation, All rights reserved
Page 1 and 2: Xerox WorkCentre 5632/5638/5645/565
Page 27: Xerox WorkCentre 5632/5638/5645/565
Page 61 and 62: O.AUDITS O.RECOVER O.FAXLINE O.MANA
Page 77: Xerox WorkCentre 5632/5638/5645/565

Xerox WorkCentre 5632/5638/5645/5655 - Common Criteria

Create successful ePaper yourself

Delete template?

Save as template?