セキュリティ保証要件根拠 (Security Assurance Requirements Rationale) - Xerox D110 Manual

機能要件コンポーネント
要件および要件名称
data
FMT_SMF.1
Specification of
management
functions
FMT_SMR.1
Security roles
FPT_STM.1
Reliable time stamp
FPT_TST.1
TSF testing
FTA_SSL.3
TSF-initiated
termination
FTP_ITC.1
Inter-TSF trusted
channel
FPT_FDI_EXP.1
Restricted forwarding
of data to external
interfaces
6.3.3. セキュリティ保証要件根拠 (Security Assurance Requirements Rationale)
This TOE is Hardcopy Device used in restrictive commercial information processing
environments that require a relatively high level of document security, operational
accountability, and information assurance. The TOE environment will be exposed to
only a low level of risk because it is assumed that the TOE will be located in a
restricted or monitored environment that provides almost constant protection from
unauthorized and unmanaged access to the TOE and its data interfaces.
Agents have limited or no means of infiltrating the TOE with code to effect a change,
and the TOE self-verifies its executable code to detect unintentional malfunctions. As
such, the Evaluation Assurance Level 3 is appropriate.
EAL 3 is augmented with ALC_FLR.2, Flaw reporting procedures. ALC_FLR.2 ensures
that instructions and procedures for the reporting and remediation of identified
security flaws are in place, and their inclusion is expected by the consumers of this
TOE.
Xerox D110/D125 Copier/Printer
満足している要件
なし
なし
なし
なし
なし
FMT_SMF.1
FMT_SMR.1
- 103 –
セキュリティターゲット
依存性の機能要件コンポーネント
依存性を満足していない要件とその正当性
FIA_UID.1:
FIA_UID.2 は FIA_UID.1 の上位階層の機能要件
のため、FIA_UID.1 への依存性は満たされる。
―

Copyright 2012 by Fuji Xerox Co., Ltd