Table 19: Completeness of security objectives
Threats, policies and
assumptions
T.DOC.DIS
T.DOC.ALT
T.FUNC.ALT
T.PROT.ALT
T.CONF.DIS
T.CONF.ALT
P.USER.AUTHORIZATION
P.SOFTWARE.VERIFICATION
P.AUDIT.LOGGING
P.INTERFACE.MANAGEMENT
A.ACCESS.MANAGED
A.ADMIN.TRAINING
A.ADMIN.TRUST
A.USER.TRAINING
Threats. Policies, and
Assumptions
T.DOC.DIS
Copyright
Xerox Multi-Function Device Security Target
X
X
X
X
X
Table 20: Sufficiency of security objectives
Summary
User Document Data
may be disclosed to
unauthorized persons
28
2013 Xerox Corporation. All rights reserved.
Objectives
X X
X X
X X
X X
X X
X X X
X X
X
X X X X X
Objectives and rationale
O.DOC.NO_DIS protects D.DOC
from unauthorized disclosure
O.USER.AUTHORIZED
establishes user identification and
authentication as the basis for
authorization
OE.USER.AUTHORIZED
establishes responsibility of the
TOE Owner to appropriately grant
authorization
X
X
X
X
X
X
X
X
X
X
X
X
X