Xerox WorkCentre 5632/5638/5645/5655 - Common Criteria

More documents

Recommendations

Info

Xerox WorkCentre 5632/5638/5645/5655/5665/5675/5687 Multifunction Systems Security Target FDP_IFF.1.4 FDP_IFF.1.5 The TSF shall explicitly authorise an information flow based on the following rules: [none]. The TSF shall explicitly deny an information flow based on the following rules: [ ]. The copy controller is not allowed to send fax image information to the network controller. The network controller is not allowed to send commands to the FAX board. 5.3.3.7. FDP_IFC.1 (FILTER) Subset information flow control Hierarchical to: Dependencies: No other components. FDP_IFF.1 Simple security attributes FDP_IFC.1.1 The TSF shall enforce the [IPFilter SFP] on [ Subjects: External entities that send traffic to the TOE; Information: All IP-based traffic to/from that source/destination; Operations: send or receive network traffic]. 5.3.3.8. FDP_IFF.1 (FILTER) Simple security attributes Hierarchical to: Dependencies: FDP_IFF.1.1 FDP_IFF.1.2 No other components. FDP_IFC.1 Subset information flow control FMT_MSA.3 Static attribute initialization. The TSF shall enforce the [IPFilter SFP] based on the following types of subject and information security attributes: [ Subjects: External entities that send traffic to the TOE o IP address, Information: IP Package] o Source IP address, protocol used (TCP or UDP)]. The TSF shall permit an information flow between a controlled subject and controlled information via a controlled operation if the following rules hold: [ The source IP address matches a rule in the TOE’s rule base 50 Copyright 2009 Xerox Corporation, All rights reserved
Xerox WorkCentre 5632/5638/5645/5655/5665/5675/5687 Multifunction Systems Security Target FDP_IFF.1.3 FDP_IFF.1.4 FDP_IFF.1.5 If configured, the destination transport layer port matches a rule in the TOE’s rule base.] The TSF shall enforce the [implicit allow if no rules have been defined]. The TSF shall explicitly authorize an information flow based on the following rules: [if the rule is the default all]. The TSF shall explicitly deny an information flow based on the following rules: [if there are no rules with matching security attributes]. Application Note: When custom rules have not been defined by the system administrator, the default rule (allow all traffic) will apply. Because it is a wildcard rule, all IP addresses, ports and protocols (either TCP or UDP) will be a match for allowed traffic. 5.3.3.9. FDP_IFC.1 (SSL) Subset information flow control Hierarchical to: Dependencies: No other components. FDP_IFF.1 Simple security attributes FDP_IFC.1.1 The TSF shall enforce the [SSLSec SFP] on [ Subjects: Web clients; Information: All web-based management traffic to/from that client; Operations: receiving HTTP traffic]. 5.3.3.10. FDP_IFF.1 (SSL) Simple security attributes Hierarchical to: Dependencies: FDP_IFF.1.1 No other components. FDP_IFC.1 Subset information flow control FMT_MSA.3 Static attribute initialization The TSF shall enforce the [SSLSec SFP] based on the following types of subject and information security attributes: [ Subjects: web clients and servers o IP address and/or DNS name Information: X.509 certificates o RSA public and private keys; IP address or DNS name of the owner of the certificate]. 51 Copyright 2009 Xerox Corporation, All rights reserved
Page 1 and 2: Xerox WorkCentre 5632/5638/5645/565
Page 49: Xerox WorkCentre 5632/5638/5645/565
Page 61 and 62: O.AUDITS O.RECOVER O.FAXLINE O.MANA
Page 77: Xerox WorkCentre 5632/5638/5645/565

Xerox WorkCentre 5632/5638/5645/5655 - Common Criteria

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?