Xerox Multi-Function Device Security Target
33
Copyright
2013 Xerox Corporation. All rights reserved.
5. Extended Components
Definition
This Security Target defines components that are extensions to Common
Criteria 3.1 Release 3, Part 2.
5.1. FPT_FDI_EXP Restricted
forwarding of data to external
interfaces
Family behaviour:
This family defines requirements for the TSF to restrict direct forwarding of
information from one external interface to another external interface.
Many products receive information on specific external interfaces and are
intended to transform and process this information before it is transmitted on
another external interface. However, some products may provide the
capability for attackers to misuse external interfaces to violate the security of
the TOE or devices that are connected to the TOE’s external interfaces.
Therefore, direct forwarding of unprocessed data between different external
interfaces is forbidden unless explicitly allowed by an authorized
administrative role. The family FPT_FDI_EXP has been defined to specify
this kind of functionality.
Component leveling:
FPT_FDI_EXP.1 Restricted forwarding of data to external interfaces, provides
for the functionality to require TSF controlled processing of data received over
defined external interfaces before this data is sent out on another external
interface. Direct forwarding of data from one external interface to another one
requires explicit allowance by an authorized administrative role.
Management: FPT_FDI_EXP.1
FPT_FDI_EXP.1 Restricted forwarding of data to external
interfaces
To Next Page
Loading...
