Xerox Multi-Function Device Security Target
72
Copyright
2013 Xerox Corporation. All rights reserved.
card authentication, LDAP v4, Kerberos v5 (Solaris) and Kerberos v5
(Windows 2000/2003/2008).
When a user authenticates using the smart card method a PIN number is
used instead of a password. The PIN is authenticated by the smart card. If a
smart card is used for authentication, by default the LUI will terminate a
session that has been inactive for 6 minutes.
The TOE maintains the username from a successful authentication during the
context of the job, and this value is entered into the audit log as the
username.
7.1.5. Security Audit (TSF_FAU)
FAU_GEN.1, FAU_GEN.2, FAU_STG.1, FAU_STG.4, FMT_MTD.1
(MGMT1), FPT_STM.1
The TOE generates audit logs that track events/actions (e.g., print/scan/fax
job submission) to logged-in users, and each log entry contains a timestamp.
The audit logs are only available to TOE administrators and can be
downloaded via the web interface for viewing and analysis.
The TOE implements an internal time reference with which to timestamp
auditable events. The time reference is hardware based (CPU clock). The
system administrator must set the time.
The audit log tracks user identification and authentication, system
administrator actions, and failure of trusted channels. By adopting a policy of
regularly downloading and saving the audit logs, users can satisfy the
tracking requirements for transmission of data outside of the local
environment, as required by such legislation as HIPAA, Sarbanes-Oxley,
Gramm-Leach-Bliley, etc.
The Web UI presents the only access to the audit log; the audit log is not
viewable from the LUI. The system administrator must be logged in to
download the audit log.
The TOE can store a maximum of 15,000 audit log entries. The TOE
overwrites oldest events first if the maximum is reached. When the TOE
reaches 13,500 entries (90% full) an email warning is sent to a set of
administrator defined email addresses. Subsequent warnings will be emailed
after every 15,000 entries if the audit log has not been cleared.
Application Note: For print and LanFax jobs not submitted from the Web UI,
the network username associated with the logged in user at the client
workstation will be recorded in the audit log.
7.1.6. Cryptographic Operations (TSF_FCS)
FCS_COP.1, FCS_CKM.1, FCS_CKM.2, FCS_CKM.4
To Next Page
Loading...
