Xerox Multi-Function Device Security Target
48
Copyright
2013 Xerox Corporation. All rights reserved.
- Information: IP Packet
o Source IP address, protocol used (TCP or
UDP), destination TCP or UDP port].
FDP_IFF.1.2 (FILTER) The TSF shall permit an information flow between
a controlled subject and controlled information via a
controlled operation if the following rules hold: [
- The source IP address matches a rule in the TOE’s
rule base
- If configured, the destination transport layer port
matches a rule in the TOE’s rule base.]
FDP_IFF.1.3 (FILTER) The TSF shall enforce the [implicit allow if no rules
have been defined].
FDP_IFF.1.4 (FILTER) The TSF shall explicitly authorize an information
flow based on the following rules: [if the rule is the default
all].
FDP_IFF.1.5 (FILTER) The TSF shall explicitly deny an information flow
based on the following rules: [if there are no rules with
matching security attributes or if a rule explicitly denies an
information flow].
Application Note: When custom rules have not been defined by the system
administrator, the default rule (allow all traffic) will apply. Because it is a
wildcard rule, all IP addresses, ports and protocols (either TCP or UDP) will
be a match for allowed traffic.
6.3.4.7. FDP_RIP.1 Subset residual information protection
Hierarchical to: No other components.
Dependencies: No dependencies
FDP_RIP.1.1 The TSF shall ensure that any previous information
content of a resource is made unavailable upon the
deallocation of the resource from the following objects:
[D.DOC].
6.3.5. Class FIA: Identification and authentication
6.3.5.1. FIA_ATD.1 User attribute definition
Hierarchical to: No other components
Dependencies: No dependencies
FIA_ATD.1.1 The TSF shall maintain the following list of security
attributes belonging to individual users: [username,
password, role].
To Next Page
Loading...
