Security Objectives
O.AUDIT_ACCESS.A
UTHORIZED
O.CIPHER
6.3.2.
Dependencies of Security Functional Requirements
Table 42 describes the functional requirements that security functional requirements depend on
and those that do not and the reason why it is not problematic even if dependencies are not
satisfied.
Fuji Xerox C2265/C2263
Security Functional Requirements Rationale
protected from unauthorized deletion and alteration.
By FAU_STG.4, when the audit trail file is full, the oldest stored audit
record is overwritten and a new audit event is stored into the audit log file.
Thus, the functional requirements related to this objective are surely
fulfilled.
O.AUDIT_ACCESS.AUTHORIZED is the objective that enables the audit
logs to be analyzed by the authorized user only to detect potential
security violations.
This security objective can be realized by satisfying the following security
functional requirements:
By FAU_SAR.1, the authorized system administrator can read the security
audit log data from an audit log file.
By FAU_SAR.2, only the authorized system administrator can access the
audit log.
Thus, the functional requirements related to this objective are surely
fulfilled.
O. CIPHER is the objective that encrypts the document data and used
document data in the internal HDD so that they cannot be analyzed even
if retrieved.
This security objective can be realized by satisfying the following security
functional requirements:
By FCS_CKM.1, the cryptographic key is generated in accordance with the
specified cryptographic key size (256 bits).
By FCS_COP.1, the document data and used document data to be stored
into the internal HDD is encrypted and then decrypted when the data are
read, in accordance with the determined cryptographic algorithm and
cryptographic key size.
Thus, the functional requirements related to this objective are surely
fulfilled.
- 102 -
Security Target
Copyright
2016 by Fuji Xerox Co., Ltd