Organizational Security Policies; Assumptions - Fuji Xerox C2265 Manual

Hide thumbs Also See for C2265:

User manual (565 pages)

Administrator's manual (771 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

page of 136

/ 136
Contents
Table of Contents
Bookmarks

Table of Contents

3.2.

Organizational Security Policies

Table 8 below describes the organizational security policies the TOE must comply with.

Name

P.USER.AUTHORIZATION

P.SOFTWARE.VERIFICATION

P.AUDIT.LOGGING

P.INTERFACE.MANAGEMENT

P.CIPHER

3.3.

Assumptions

Table 9 shows the assumptions for the operation and use of this TOE.

Assumption

A.ACCESS.MANAGED The TOE is located in a restricted or monitored environment that provides

A.USER.TRAINING

A.ADMIN.TRAINING

A.ADMIN.TRUST

Fuji Xerox C2265/C2263

Table 8 Organizational Security Policies

Definition

To preserve operational accountability and security, Users will

be authorized to use the TOE only as permitted by the TOE

Owner

To detect corruption of the executable code in the TSF,

procedures will exist to self-verify executable code in the TSF

To preserve operational accountability and security, records that

provide an audit trail of TOE use and security-relevant events

will be created, maintained, and protected from unauthorized

disclosure or alteration, and will be reviewed by authorized

personnel

To prevent unauthorized use of the external interfaces of the

TOE, operation of the interfaces will be controlled by the TOE

and its IT environment.

To prevent unauthorized reading-out, the document data and

used document data in the internal HDD will be encrypted by

the TOE.

Table 9 Assumptions

Definition

protection from unmanaged access to the physical components and data

interfaces of the TOE.

TOE Users are aware of the security policies and procedures of their

organization, and are trained and competent to follow those policies and

procedures.

Administrators are aware of the security policies and procedures of their

organization, are trained and competent to follow the manufacturer's

guidance and documentation, and correctly configure and operate the

TOE in accordance with those policies and procedures.

Administrators do not use their privileged access rights for malicious

purposes.

Security Target

- 27 -



2016 by Fuji Xerox Co., Ltd

Table of Contents

This manual is also suitable for:

C2263

Organizational Security Policies; Assumptions - Fuji Xerox C2265 Manual

Organizational Security Policies

Assumptions

Related Manuals for Fuji Xerox C2265

Related Content for Fuji Xerox C2265

This manual is also suitable for:

Table of Contents