Xerox WorkCentre 5632/5638/5645/5655 - Common Criteria
Xerox WorkCentre 5632/5638/5645/5655 - Common Criteria
Xerox WorkCentre 5632/5638/5645/5655 - Common Criteria
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>Xerox</strong> <strong>WorkCentre</strong> <strong>5632</strong>/<strong>5638</strong>/<strong>5645</strong>/<strong>5655</strong>/5665/5675/5687<br />
Multifunction Systems Security Target<br />
O.CONTROL_<br />
ACCESS<br />
O.PROTECT_CO<br />
M<br />
SFP so that only system administrators have the capability to query,<br />
modify, delete, create, or install specified security attributes, keys and<br />
certificates, and IP filter rules.<br />
FIA_AFL.1 (AUT 3) uses the rules defined by remote network<br />
authentication assets to deny a user access after failed logins.<br />
FAU_GEN.1 ensures that the TOE is able to generate time-stamped<br />
audit records of a specified set of security-relevant events related to<br />
TOE operations.<br />
FDP_ACC.1 and FDP_ACF.1 ensure that the TOE enforces the<br />
PrivUserAccess SFP on subjects, objects, information, and operations<br />
and applies specific rules on all operations involving controlled subjects<br />
and objects, limiting access to management interfaces to the System<br />
Administrator.<br />
FDP_IFC.1 (FILTER) and FDP_IFF.1 (FILTER) ensure that the IP_Filter<br />
SFP is enforced to control and protect information flow between<br />
controlled subjects (IP address, protocol) based on specific subject and<br />
information security attributes to enable the transmission and receipt of<br />
user data in a protected manner.<br />
FMT_SMF.1 requires that there is a possibility to invoke the IP Filter<br />
function. FMT_MOF.1 specifies that the function can be enabled or<br />
disabled by the system administrator. FMT_SMR.1 manages the role<br />
“system administrator”.<br />
FMT_MTD.1 (FILTER) ensures that the TOE enforces the<br />
PrivUserAccess SFP so that only system administrators have the<br />
capability to query, modify, delete, or create IP filter rules.<br />
FAU_GEN.1 ensures that the TOE is able to generate time-stamped<br />
audit records of a specified set of security-relevant events related to<br />
TOE operations.<br />
FCS_COP.1 (all but UDE1 and 2) ensure that the TOE provides the<br />
cryptographic support capabilities necessary to assure secure<br />
communication between TOE components and remote trusted.<br />
FDP_IFC.1 (SSL), FDP_IFF.1 (SSL), FDP_UCT.1, and FDP_UIT.1, and<br />
SSLSec SFP are enforced to control and protect information flow<br />
between controlled subjects based on specific subject and information<br />
security attributes to enable the transmission and receipt of<br />
management data in a protected manner.<br />
FMT_SMF.1 requires that there is a possibility to invoke the SSL, and IP<br />
Filtering functions. FMT_MOF.1 specifies that these functions can be<br />
enabled or disabled by the system administrator. FMT_SMR.1<br />
manages the role “system administrator”.<br />
63<br />
Copyright 2009 <strong>Xerox</strong> Corporation, All rights reserved