Xerox WorkCentre 5632/5638/5645/5655 - Common Criteria
Xerox WorkCentre 5632/5638/5645/5655 - Common Criteria
Xerox WorkCentre 5632/5638/5645/5655 - Common Criteria
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Xerox</strong> <strong>WorkCentre</strong> <strong>5632</strong>/<strong>5638</strong>/<strong>5645</strong>/<strong>5655</strong>/5665/5675/5687<br />
Multifunction Systems Security Target<br />
O.PROTECT_DAT<br />
FTP_TRP.1 ensures that the TOE provides communications channels<br />
between itself and remote trusted IT distinct from other communication<br />
channels and provides assured identification of its end points and<br />
protection of the channel data from modification or disclosure.<br />
FPT_STM.1 ensures that the TOE provides a reliable timestamp for<br />
inclusion in cryptographic operations.<br />
FCS_COP.1(UDE 1 and 2) ensures that the TOE provides the<br />
cryptographic support necessary to assure data protection for stored.<br />
FDP_RIP.1 (IOW 1) and FDP_RIP.1 (IOW2) protect data by ensuring<br />
that residual temporary document data does not remain on the mass<br />
storage device once the corresponding job has completed processing.<br />
FDP_RIP.1 (IOW 3) protects data by ensuring that stored document<br />
data and directory information does not remain on the mass storage<br />
device once the system administrator has determined that the stored<br />
jobs and data are no longer necessary.<br />
5.8. Rationale for Security Assurance<br />
Requirements<br />
This ST has been developed for multi-function digital image processing products<br />
incorporating Image Overwrite Security function, an Authentication and Authorization<br />
function, an Audit Logging function, an IP Filtering function, and cryptographic network<br />
communications protocols. The TOE environment will be exposed to only a low level of<br />
risk because the TOE sits in office space where it is under almost constant supervision.<br />
Agents cannot physically access the HDD or FAX without disassembling the TOE.<br />
Agents have no means of infiltrating the TOE with code to effect a change. As such, the<br />
Evaluation Assurance Level 3 is appropriate.<br />
That Assurance Level is augmented with ALC_FLR.3, Systematic flaw remediation.<br />
ALC_FLR.3 ensures that instructions and procedures for the reporting, configuration<br />
management, and remediation of identified security flaws are in place and their<br />
inclusion is expected by the consumers of this TOE.<br />
5.9. Rationale for Dependencies<br />
64<br />
Copyright 2009 <strong>Xerox</strong> Corporation, All rights reserved