Xerox Multi-Function Device Security Target
31
Copyright
2013 Xerox Corporation. All rights reserved.
Threats. Policies, and
Assumptions
OE.USER.AUTHORIZED
establishes responsibility of the
TOE Owner to appropriately grant
authorization
OE.USER.AUTHENTICATED
establishes alternative (remote)
means for user identification and
authentication as the basis for
authorization to use the TOE
Procedures will exist to
self-verify executable
code in the TSF
O.SOFTWARE.VERIFIED provides
procedures to self-verify executable
code in the TSF
An audit trail of TOE
use and security-
relevant events will be
created, maintained,
protected, and
reviewed.
O.AUDIT.LOGGED creates and
maintains a log of TOE use and
security-relevant events, and
prevents unauthorized disclosure
or alteration
O.AUDIT_STORAGE.PROTECTE
D protects internal audit records
from unauthorized access, deletion
and modifications
OE.AUDIT_STORAGE.PROTECT
ED protects exported audit records
from unauthorized access, deletion
and modifications
OE.AUDIT_ACCESS.AUTHORIZE
D establishes responsibility of, the
TOE Owner to provide appropriate
access to exported audit records
OE.AUDIT.REVIEWED establishes
responsibility of the TOE Owner to
ensure that audit logs are
appropriately reviewed
Operation of external
interfaces will be
controlled by the TOE
and its IT environment.
O.INTERFACE.MANAGED
manages the operation of external
interfaces in accordance with
security policies
OE.INTERFACE.MANAGED
establishes a protected
environment for TOE external
interfaces
To Next Page
Loading...
