Xerox Multi-Function Device Security Target
23
Copyright
2013 Xerox Corporation. All rights reserved.
3.3. Threats
3.3.1. Threats Addressed by the TOE
This security problem definition addresses threats posed by four categories of
threat agents:
1. Persons who are not permitted to use the TOE who may attempt to
use the TOE
2. Persons who are authorized to use the TOE who may attempt to use
TOE functions for which they are not authorized.
3. Persons who are authorized to use the TOE who may attempt to
access data in ways for which they not authorized.
4. Persons who unintentionally cause a software malfunction that may
expose the TOE to unanticipated threats.
The threats and policies defined in this ST address the threats posed by
these threat agents. This section describes threats to assets described in
section 3.1.2.
Table 13: Threats to user data
User Document Data may be disclosed to
unauthorized persons
User Document Data may be altered by unauthorized
persons
User Function Data may be altered by unauthorized
persons
Table 14: Threats to TSF data
TSF Protected Data may be altered by unauthorized
persons
TSF Confidential Data may be disclosed to
unauthorized persons
TSF Confidential Data may be altered by
unauthorized persons
3.3.2. Threats Addressed by the IT Environment
There are no threats addressed by the IT Environment.
To Next Page
Loading...
