Xerox VersaLink C505/C605 Color Multifunction Printer Xerox VersaLink C505/C605 Color Multifunction

  • View
    0

  • Download
    0

Embed Size (px)

Text of Xerox VersaLink C505/C605 Color Multifunction Printer Xerox VersaLink C505/C605 Color Multifunction

  • July 2018

    Xerox VersaLink C505/C605 Color Multifunction Printer models

    with Hard Disk,Fax Security Target

    Version 1.1.8

    This document is a translation of the evaluated and certified security target written in Japanese.

  • - i -

    - Table of Contents - 1. ST INTRODUCTION ................................................................................................................ 1

    1.1. ST Reference .................................................................................................................................................. 1 1.2. TOE Reference ............................................................................................................................................... 1 1.3. TOE Overview ................................................................................................................................................ 2

    1.3.1. TOE Type and Major Security Features ...................................................................................................... 2 1.3.2. Environment Assumptions ............................................................................................................................... 4 1.3.3. Required Non-TOE Hardware and Software ............................................................................................ 5

    1.4. TOE Description ............................................................................................................................................ 7 1.4.1. User Assumptions ................................................................................................................................................ 7 1.4.2. Logical Scope and Boundary .......................................................................................................................... 7 1.4.3. Physical Scope and Boundary ..................................................................................................................... 15 1.4.4. Guidance .............................................................................................................................................................. 16

    2. CONFORMANCE CLAIM ..................................................................................................... 17 2.1. CC Conformance Claim .......................................................................................................................... 17 2.2. PP claim, Package Claim ........................................................................................................................ 17

    2.2.1. PP Claim ............................................................................................................................................................... 17 2.2.2. Package Claim.................................................................................................................................................... 17 2.2.3. Conformance Rationale ................................................................................................................................. 18

    3. SECURITY PROBLEM DEFINITION ................................................................................ 20 3.1. Threats .......................................................................................................................................................... 20

    3.1.1. Assets Protected by TOE ................................................................................................................................ 20 3.1.2. Threats agents ................................................................................................................................................... 23 3.1.3. Threats .................................................................................................................................................................. 23

    3.2. Organizational Security Policies .......................................................................................................... 24 3.3. Assumptions ............................................................................................................................................... 24

    4. Security Objectives ................................................................................................................ 25 4.1. Security Objectives for the TOE ........................................................................................................... 25 4.2. Security Objectives for the Environment ......................................................................................... 26 4.3. Security Objectives Rationale .............................................................................................................. 27

    5. EXTENDED COMPONENTS DEFINITION .................................................................... 31 5.1. FPT_FDI_EXP Restricted forwarding of data to external interfaces .................................... 31

    6. SECURITY REQUIREMENTS .............................................................................................. 33 6.1. Security Functional Requirements ..................................................................................................... 37

    6.1.1. Class FAU: Security Audit .............................................................................................................................. 40

  • - ii -

    6.1.2. Class FCS: Cryptographic Support ............................................................................................................. 46 6.1.3. Class FDP: User Data Protection ................................................................................................................ 47 6.1.4. Class FIA: Identification and Authentication ....................................................................................... 60 6.1.5. Class FMT: Security Management ............................................................................................................ 63 6.1.6. Class FPT: Protection of the TSF ................................................................................................................ 79 6.1.7. Class FTA: TOE Access ..................................................................................................................................... 80 6.1.8. Class FTP: Trusted Path/Channels ............................................................................................................. 80

    6.2. Security Assurance Requirements ...................................................................................................... 82 6.3. Security Requirement Rationale ......................................................................................................... 83

    6.3.1. Security Functional Requirements Rationale ........................................................................................ 83 6.3.2. Dependencies of Security Functional Requirements ......................................................................... 91 6.3.3. Security Assurance Requirements Rationale ........................................................................................ 95

    7. TOE SUMMARY SPECIFICATION .................................................................................... 96 7.1. Security Functions .................................................................................................................................... 96

    7.1.1. Hard Disk Data Overwrite (TSF_IOW) ..................................................................................................... 98 7.1.2. Hard Disk Data Encryption (TSF_CIPHER) ............................................................................................. 98 7.1.3. User Authentication (TSF_USER_AUTH) ............................................................................................... 98 7.1.4. System Administrator’s Security Management (TSF_FMT) ........................................................ 103 7.1.5. Customer Engineer Operation Restriction (TSF_CE_LIMIT) ........................................................ 104 7.1.6. Security Audit Log (TSF_FAU) ................................................................................................................... 105 7.1.7. Internal Network Data Protection (TSF_NET_PROT) ...................................................................... 107 7.1.8. Information Flow Security (TSF_INF_FLOW) ..................................................................................... 110 7.1.9. Self Test (TSF_S_TEST) ................................................................................................................................ 111

    8. ACRONYMS AND TERMINOLOGY ............................................................................... 112 8.1. Acronyms .................................................................................................................................................. 112 8.2. Terminology ............................................................................................................................................. 113

    9. REFERENCES ........................................................................................................................ 116

  • - iii -

    - List of Figures and Tables -

    Figure 1 General Operational Environment .................................................................................................. 5 Figure 2 MFD Units and TOE Logical Scope ....................................................

Related documents