Extended Components Definition; Fpt_Fdi_Exp Restricted Forwarding Of Data To External Interfaces - Fuji Xerox C2265 Manual

Hide thumbs Also See for C2265:

User manual (565 pages)

Administrator's manual (771 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

page of 136

/ 136
Contents
Table of Contents
Bookmarks

Table of Contents

Security Target

Fuji Xerox C2265/C2263

EXTENDED COMPONENTS DEFINITION

This Protection Profile defines components that are extensions to Common Criteria 3.1 Release

2, Part 2. These extended components are defined in the Protection Profile but are used in SFR

Packages, and therefore, are employed only in TOEs whose STs conform to those SFR Packages.

5.1.

FPT_FDI_EXP Restricted forwarding of data to external interfaces

Family behaviour:

This family defines requirements for the TSF to restrict direct forwarding of information from

one external interface to another external interface.

Many products receive information on specific external interfaces and are intended to

transform and process this information before it is transmitted on another external interface.

However, some products may provide the capability for attackers to misuse external interfaces

to violate the security of the TOE or devices that are connected to the TOE's external interfaces.

Therefore, direct forwarding of unprocessed data between different external interfaces is

forbidden unless explicitly allowed by an authorized administrative role. The family

FPT_FDI_EXP has been defined to specify this kind of functionality.

Component leveling:

FPT_FDI_EXP.1 Restricted forwarding of data to external interfaces

FPT_FDI_EXP.1 Restricted forwarding of data to external interfaces, provides for the

functionality to require TSF controlled processing of data received over defined external

interfaces before this data is sent out on another external interface. Direct forwarding of data

from one external interface to another one requires explicit allowance by an authorized

administrative role.

Management:

FPT_FDI_EXP.1

The following actions could be considered for the management functions in FMT:

a) Definition of the role(s) that are allowed to perform the management activities.

b) Management of the conditions under which direct forwarding can be allowed by an

administrative role.

c) Revocation of such an allowance.

Audit:

FPT_FDI_EXP.1

The following actions should be auditable if FAU_GEN Security Audit Data Generation is

included in the PP/ST:

There are no auditable events foreseen.

- 34 -



2016 by Fuji Xerox Co., Ltd

Table of Contents

This manual is also suitable for:

C2263

Extended Components Definition; Fpt_Fdi_Exp Restricted Forwarding Of Data To External Interfaces - Fuji Xerox C2265 Manual

EXTENDED COMPONENTS DEFINITION

FPT_FDI_EXP Restricted forwarding of data to external interfaces

Related Manuals for Fuji Xerox C2265

Related Content for Fuji Xerox C2265

This manual is also suitable for:

Table of Contents