xerox multi-function device security target ?· xerox multi-function device security target...

Download Xerox Multi-Function Device Security Target ?· Xerox Multi-Function Device Security Target Xerox®…

Post on 03-Aug-2018

212 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

  • Document Version 1.2

    Xerox Multi-Function Device Security Target

    Xerox WorkCentre 6655/6655i 2016 Xerox ConnectKey Technology

    Prepared by:

    Xerox Corporation Computer Sciences Corporation 800 Phillips Road 7231 Parkway Drive Webster, New York 14580 Hanover, Maryland 21076

  • ii

    Copyright 2016 Xerox Corporation. All rights reserved.

    2016 Xerox Corporation. All rights reserved. Xerox and the sphere of connectivity design are trademarks of Xerox Corporation in the United States and/or other counties. All copyrights referenced herein are the property of their respective owners. Other company trademarks are also acknowledged. Document Version: 1.2 (July 2016).

  • Xerox Multi-Function Device Security Target

    iii

    Copyright 2016 Xerox Corporation. All rights reserved.

    Table of Contents 1. INTRODUCTION ........................................................................................................ 1

    1.1. ST AND TOE IDENTIFICATION ..................................................................................................................... 1 1.2. TOE OVERVIEW ...................................................................................................................................... 2

    1.2.1. Usage and Security Features .......................................................................................................... 2 1.2.2. TOE Type ........................................................................................................................................ 4 1.2.3. Required Non-TOE Hardware, Software and Firmware ................................................................. 4

    1.3. TOE DESCRIPTION ................................................................................................................................... 4 1.3.1. Physical Scope of the TOE .............................................................................................................. 4 1.3.2. Logical Scope of the TOE ................................................................................................................ 5

    1.4. EVALUATED CONFIGURATION ..................................................................................................................... 8

    2. CONFORMANCE CLAIMS ........................................................................................ 9

    2.1. COMMON CRITERIA.................................................................................................................................. 9 2.2. PROTECTION PROFILE CLAIMS .................................................................................................................... 9 2.3. PACKAGE CLAIMS..................................................................................................................................... 9

    3. SECURITY PROBLEM DEFINITION ....................................................................... 10

    3.1. DEFINITIONS ......................................................................................................................................... 10 3.1.1. Users ............................................................................................................................................ 10 3.1.2. Objects (Assets) ............................................................................................................................ 10 3.1.3. Operations .................................................................................................................................... 12 3.1.4. Channels ....................................................................................................................................... 12

    3.2. ASSUMPTIONS ....................................................................................................................................... 13 3.3. THREATS .............................................................................................................................................. 13

    3.3.1. Threats Addressed by the TOE ..................................................................................................... 14 3.3.2. Threats Addressed by the IT Environment .................................................................................... 14

    3.4. ORGANIZATIONAL SECURITY POLICIES ........................................................................................................ 14

    4. SECURITY OBJECTIVES ....................................................................................... 16

    4.1. SECURITY OBJECTIVES FOR THE TOE .......................................................................................................... 16 4.2. SECURITY OBJECTIVES FOR THE OPERATIONAL ENVIRONMENT ........................................................................ 17 4.3. SECURITY OBJECTIVES FOR THE NON-IT ENVIRONMENT................................................................................. 18 4.4. RATIONALE FOR SECURITY OBJECTIVES ....................................................................................................... 18

    5. EXTENDED COMPONENTS DEFINITION ............................................................. 24

    5.1. FPT_FDI_EXP RESTRICTED FORWARDING OF DATA TO EXTERNAL INTERFACES .................................................. 24

    6. SECURITY REQUIREMENTS ................................................................................. 26

    6.1. CONVENTIONS....................................................................................................................................... 26 6.2. TOE SECURITY POLICIES .......................................................................................................................... 26

    6.2.1. IP Filter SFP ................................................................................................................................... 26 6.2.2. User Access Control SFP ............................................................................................................... 27 6.2.3. TOE Function Access Control SFP ................................................................................................. 29

    6.3. SECURITY FUNCTIONAL REQUIREMENTS ..................................................................................................... 29 6.3.1. Class FAU: Security audit .............................................................................................................. 30 6.3.2. Class FCO: Communication........................................................................................................... 32 6.3.3. Class FCS: Cryptographic support ................................................................................................. 32 6.3.4. Class FDP: User data protection ................................................................................................... 35

  • Xerox Multi-Function Device Security Target

    iv

    Copyright 2016 Xerox Corporation. All rights reserved.

    6.3.5. Class FIA: Identification and authentication ................................................................................ 38 6.3.6. Class FMT: Security management ................................................................................................ 39 6.3.7. Class FPR: Privacy ......................................................................................................................... 42 6.3.8. Class FPT: Protection of the TSF ................................................................................................... 43 6.3.9. Class FTA: TOE access ................................................................................................................... 43 6.3.10. Class FTP: Trusted paths/channels .......................................................................................... 43

    6.4. EXPLICITLY STATED REQUIREMENTS FOR THE TOE ........................................................................................ 44 6.4.1. FPT_FDI_EXP.1 Restricted forwarding of data to external interfaces .......................................... 44

    6.5. TOE SECURITY ASSURANCE REQUIREMENTS ............................................................................................... 44 6.6. RATIONALE FOR SECURITY FUNCTIONAL REQUIREMENTS................................................................................ 45

    FMT_SMF.1................................................................................................................................................. 52 Supports purge function by enabling administrator to invoke purge. ........................................................ 52

    6.7. RATIONALE FOR SECURITY ASSURANCE REQUIREMENTS ................................................................................. 52 6.8. RATIONALE FOR DEPENDENCIES ................................................................................................................ 52

    6.8.1. Security Functional Requirement Dependencies .......................................................................... 52 6.8.2. Security Assurance Requirement Dependencies........................................................................... 55

    7. TOE SUMMARY SPECIFICATION .......................................................................... 57

    7.1. TOE SECURITY FUNCTIONS ...................................................................................................................... 57 7.1.1. Image Overwrite & Purge (TSF_IOW_PURGE) ............................................................................. 57 7.1.2. Information Flow Security (TSF_FLOW) ....................