Xerox WorkCentre 5632/5638/5645/5655 - Common Criteria
Xerox WorkCentre 5632/5638/5645/5655 - Common Criteria
Xerox WorkCentre 5632/5638/5645/5655 - Common Criteria
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Xerox</strong> <strong>WorkCentre</strong> <strong>5632</strong>/<strong>5638</strong>/<strong>5645</strong>/<strong>5655</strong>/5665/5675/5687<br />
Multifunction Systems Security Target<br />
FDP_IFF.1.3<br />
FDP_IFF.1.4<br />
FDP_IFF.1.5<br />
<br />
If configured, the destination transport layer port matches<br />
a rule in the TOE’s rule base.]<br />
The TSF shall enforce the [implicit allow if no rules have<br />
been defined].<br />
The TSF shall explicitly authorize an information flow based<br />
on the following rules: [if the rule is the default all].<br />
The TSF shall explicitly deny an information flow based on<br />
the following rules: [if there are no rules with matching<br />
security attributes].<br />
Application Note: When custom rules have not been defined by the system<br />
administrator, the default rule (allow all traffic) will apply. Because it is a wildcard<br />
rule, all IP addresses, ports and protocols (either TCP or UDP) will be a match<br />
for allowed traffic.<br />
5.3.3.9. FDP_IFC.1 (SSL) Subset information flow control<br />
Hierarchical to:<br />
Dependencies:<br />
No other components.<br />
FDP_IFF.1 Simple security attributes<br />
FDP_IFC.1.1 The TSF shall enforce the [SSLSec SFP] on [<br />
<br />
<br />
<br />
Subjects: Web clients;<br />
Information: All web-based management traffic to/from<br />
that client;<br />
Operations: receiving HTTP traffic].<br />
5.3.3.10. FDP_IFF.1 (SSL) Simple security attributes<br />
Hierarchical to:<br />
Dependencies:<br />
FDP_IFF.1.1<br />
No other components.<br />
FDP_IFC.1 Subset information flow control<br />
FMT_MSA.3 Static attribute initialization<br />
The TSF shall enforce the [SSLSec SFP] based on the<br />
following types of subject and information security attributes:<br />
[<br />
<br />
<br />
Subjects: web clients and servers<br />
o IP address and/or DNS name<br />
Information: X.509 certificates<br />
o RSA public and private keys; IP address or DNS<br />
name of the owner of the certificate].<br />
51<br />
Copyright 2009 <strong>Xerox</strong> Corporation, All rights reserved