fuji xerox apeosport 5570/4570/3570/5570 g/4570 g security ... · pdf file fuji xerox ....

Click here to load reader

Post on 21-Mar-2021

3 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

  • January 2021

    Fuji Xerox ApeosPort

    5570/4570/3570/5570 G/4570 G models with Copy, Print, Fax, Scan and

    Overwrite Storage Security Target

    Version 1.01

    This document is a translation of the evaluated and certified security target written in Japanese.

  • - i -

    - Table of Contents -

    1. ST INTRODUCTION ................................................................................................................ 1 1.1. ST Reference ..................................................................................................................................................... 1 1.2. TOE Reference .................................................................................................................................................. 1 1.3. TOE Overview .................................................................................................................................................... 3

    TOE Type ..................................................................................................................................................................... 3 Usage and Major Security Features of TOE .................................................................................................. 3 Required Non-TOE Hardware and Software .................................................................................................. 4

    1.4. TOE Description ............................................................................................................................................... 6 Users Assumptions .................................................................................................................................................. 6 Logical Boundary of the TOE .............................................................................................................................. 7 Physical Boundary of the TOE ............................................................................................................................ 9

    2. CONFORMANCE CLAIM ..................................................................................................... 12 2.1. CC Conformance Claim ............................................................................................................................. 12 2.2. PP claim, Package Claim ........................................................................................................................... 12

    PP Claim ................................................................................................................................................................... 12 Package Claim ....................................................................................................................................................... 12 Conformance Rationale ..................................................................................................................................... 12

    3. SECURITY PROBLEM DEFINITION ................................................................................ 13 3.1. Threats ............................................................................................................................................................. 13

    Assets Protected by TOE .................................................................................................................................... 13 Threats ..................................................................................................................................................................... 13

    3.2. Organizational Security Policies ............................................................................................................ 14 3.3. Assumptions................................................................................................................................................... 15

    4. Security Objectives ................................................................................................................ 16

    5. EXTENDED COMPONENTS DEFINITION .................................................................... 17 5.1. Extended Functional Requirements Definition ............................................................................... 17

    Class FAU: Security Audit .................................................................................................................................. 17 Class FCS: Cryptographic Support .................................................................................................................. 18 Class FDP: User Data Protection ..................................................................................................................... 23 Class FIA: Identification and Authentication ............................................................................................ 25 Class FPT: Protection of the TSF ..................................................................................................................... 26

    6. SECURITY REQUIREMENTS .............................................................................................. 30 6.1. Notation .......................................................................................................................................................... 30 6.2. Security Functional Requirements........................................................................................................ 30

    Class FAU: Security Audit .................................................................................................................................. 30 Class FCS: Cryptographic Support .................................................................................................................. 33

  • - ii -

    Class FDP: User Data Protection ..................................................................................................................... 41 Class FIA: Identification and Authentication ............................................................................................ 45 Class FMT: Security Management ................................................................................................................. 47 Class FPT: Protection of the TSF ..................................................................................................................... 51 Class FTA: TOE Access ......................................................................................................................................... 52 Class FTP: Trusted Paths/Channels ................................................................................................................ 53

    6.3. Security Assurance Requirements ........................................................................................................ 55 6.4. Security Requirement Rationale ........................................................................................................... 56

    Dependencies of Security Functional Requirements .............................................................................. 56 Security Assurance Requirements Rationale .............................................................................................. 60

    7. TOE Summary Specification ............................................................................................. 61 7.1. Security Functions ....................................................................................................................................... 61

    Identification and Authentication................................................................................................................. 63 Security Audit ........................................................................................................................................................ 65 Access Control ....................................................................................................................................................... 69 Security management ........................................................................................................................................ 71 Trusted Operation ................................................................................................................................................ 73 Data Encryption .................................................................................................................................................... 74 Trusted Communications .................................................................................................................................. 80 PSTN Fax-Network Separation ........................................................................................................................ 83 Overwrite Storage ................................................................................................................................................ 83

    8. ACRONYMS AND TERMINOLOGY .................................................................................. 84 8.1. Acronyms ......................................................................................................................................................... 84 8.2. Terminology ................................................................................................................................................... 84

    9. REFERENCES ...........................................................................................................................

View more