Xerox D110 Manual page 34

Threats, policies, and
assumptions
T.CONF.ALT
P.USER.AUTHORIZATI
ON
P.SOFTWARE.VERIFIC
ATION
P.AUDIT.LOGGING
Xerox D110/D125 Copier/Printer
Summary
Data may be
disclosed to
unauthorized
persons.
TSF Confidential
Data may be altered
by unauthorized
persons.
Users will be
authorized to use
the TOE.
Procedures will
exist to selfverify
executable code in
the TSF.
An audit trail of TOE
use and
security-relevant
events will be
created,
maintained,
protected, and
reviewed.
- 28 –
セキュリティターゲット
Objectives and rationale
unauthorized disclosure.
O.USER.AUTHORIZED establishes user
identification and authentication as the
basis for authorization.
OE.USER.AUTHORIZED establishes
responsibility of the TOE Owner to
appropriately grant authorization
O.CONF.NO_ALT protects D.CONF from
unauthorized alteration.
O.USER.AUTHORIZED establishes user
identification and authentication as the
basis for authorization.
OE.USER.AUTHORIZED establishes
responsibility of the TOE Owner to
appropriately grant authorization
O.USER.AUTHORIZED establishes user
authorization to use the TOE.identification
and authentication as the basis for
OE.USER.AUTHORIZED establishes
responsibility of the TOE Owner to
appropriately grant authorization
O.SOFTWARE.VERIFIED provides
procedures to self-verify executable code in
the TSF.
O.AUDIT.LOGGED creates and maintains a
log of TOE use and security-relevant events
and prevents unauthorized disclosure or
alteration.
OE.AUDIT.REVIEWED establishes
responsibility of the TOE Owner to ensure
that audit logs are appropriately reviewed.
O.AUDIT_STORAGE.PROTECTED protects
audit logs from unauthorized access,
deletion, and alteration for the TOE.
O.AUDIT_ACCESS.AUTHORIZED enables
the analysis of audit logs only by authorized
users to detect potential security violations
for the TOE.

Copyright 2012 by Fuji Xerox Co., Ltd