6.2.
TOE Security Policies
This chapter contains the definition of security policies which must be
enforced by the TSF.
6.2.1.
IP Filter SFP
The
security
function
(TSF_FDP_FILTER) requires that network traffic to and from the TOE will be
filtered in accordance with the rules defined by the system administrator at
the Web User Interface configuration editor for IP Filtering. This policy will be
enforced on:
Subjects. External entities that send network traffic to the TOE.
Information. All IP-based traffic to and from that destination.
Operations. Pass network traffic.
Note: The TOE cannot enforce the IP Filtering SFP when it is configured for
IPv6.
6.2.2.
User Access Control SFP
The Security Function Policy (SFP) described in Table 21 and Table 22 below
is referenced by the FDP class SFRs.
Object
Attribute
D.DOC
+PRT
+SCN
+CPY
Copyright
Xerox Multi-Function Device Security Target
"User
Data
Table 21: User Access Control SFP
Operation(s)
Subject
U.NORMAL
U.ADMINISTRATOR
(Accounting
Administrator)
Read
U.ADMINISTRATOR
(System Administrator)
U.NORMAL,
Delete
U.ADMINISTRATOR
U.NORMAL,
Read, Delete
U.ADMINISTRATOR
U.NORMAL,
Read, Delete
U.ADMINISTRATOR
37
2013 Xerox Corporation. All rights reserved.
Protection
–
IP
Access Control Rule
Denied, except for
his/her own
documents
Allowed, except for
documents protected
by an optional
passcode
Denied, except when
the associated
D.FUNC is deleted.
Denied, except for
his/her own
documents
Denied, except for
his/her own
documents
Filtering"