Fuji Xerox C2265/C2263 Security Target
- 122 - Copyright
2016 by Fuji Xerox Co., Ltd
from Web browser to access the security audit log data.
(5) FAU_STG.1 Protected audit trail storage
The security audit log data are to be read only, and not to be deleted or modified, thus
protected by unauthorized falsification and alternation.
(6) FAU_STG.4 Prevention of audit data loss
When security audit log data are full, the oldest stored audit record is overwritten with the
new data so that the new data are not lost but surely recorded.
Auditable events are stored with time stamps into NVRAM. When the number of stored
events reaches 50, the 50 logs on NVRAM is stored into one file (“audit log file”) within the
internal HDD. Up to 15,000 events can be stored. When the number of recorded events
exceeds 15,000, the oldest audit log file is overwritten and a new audit event is stored.
(7) FPT_STM.1 Reliable time stamps
The time stamp of TOE’s clock function is issued when the defined auditable event is
recorded in the audit log file.
By TSF_FMT, only a system administrator is enabled to change the clock setting.
7.1.7. Internal Network Data Protection (TSF_NET_PROT)
Internal Network Data Protection is provided by the following four protocols which are
configured by a system administrator using the system administrator mode:
(1) FTP_ITC.1 Inter-TSF trusted channel
The document data, and Mailbox (user function data), security audit log data, and TOE
setting data are protected by the encryption communication protocol that ensures secure
data communication between the TOE and the IT products (communication service via Web,
communication service for printer driver, communication service and other services which
require trusted path). This trusted path is logically distinct from other communication paths
and provides assured identification of its endpoints and protection of the communication
data from modification or disclosure.
a) SSL/TLS
According to the SSL/TLS communication which is configured by a system administrator
using the system administrator mode, SSL/TLS ensuring secure data transmission is
supported. This protects the security of document data, security audit log data, and TOE
setting data on the internal network.
By supporting SSL/TLS, the TOE can act as SSL/TLS server or SSL/TLS client. Moreover,
SSL/TLS can protect data transmission between the TOE and the remote from interception
and alteration. Protection from interception is realized by encrypting transmission data with
the following cryptographic keys. A cryptographic key is generated at the time of starting a
To Next Page
Loading...
