Application Note: When custom rules have not been defined by the system
administrator, the default rule (allow all traffic) will apply. Because it is a
wildcard rule, all IP addresses, ports and protocols (either TCP or UDP) will
be a match for allowed traffic.
22.214.171.124. FDP_RIP.1 Subset residual information protection
Class FIA: Identification and authentication
Xerox Multi-Function Device Security Target
Information: IP Packet
o Source IP address, protocol used (TCP or
UDP), destination TCP or UDP port].
The TSF shall permit an information flow between
a controlled subject and controlled information via a
controlled operation if the following rules hold: [
The source IP address matches a rule in the TOE's
If configured, the destination transport layer port
matches a rule in the TOE's rule base.]
The TSF shall enforce the [implicit allow if no rules
have been defined].
The TSF shall explicitly authorize an information
flow based on the following rules: [if the rule is the default
The TSF shall explicitly deny an information flow
based on the following rules: [if there are no rules with
matching security attributes or if a rule explicitly denies an
No other components.
The TSF shall ensure that any previous information
content of a resource is made unavailable upon the
deallocation of the resource from the following objects:
User attribute definition
No other components
The TSF shall maintain the following list of security
attributes belonging to individual users: [username,
2013 Xerox Corporation. All rights reserved.