Xerox WorkCentre 5845 User Information page 74

Xerox Multi-Function Device Security Target
7.1.10.1. Management Security Functions
Section 6.3.6.9 of the ST (FMT_SMF.1.1) provides a list of the security
management functions provided by the TOE. Management of the security
functions and attributes is restricted to system administrators.
7.1.10.2. Controlling Access to MFD Functions
The TOE enforces a system administrator defined role based access control
policy. Only authenticated users assigned to roles with the necessary
privileges are allowed to perform copy, print, scan or fax on the TOE via the
Web UI or the LUI.
Unauthenticated users can submit print or LanFax jobs to the TOE via
printing protocols. Release of unauthenticated print jobs to the hardcopy
output handler is dependent on the system administrator defined policy.
7.1.10.3. Copy
Copy has to be performed at the local user interface. A user can only read
physical copies of the documents (D.DOC +CPY Read). During job setup, a
copy job (D.FUNC +CPY Delete, Modify) or image (D.DOC +CPY Read,
Delete) can be read, modified or deleted. Once a job is committed, the job
(D.FUNC +CPY Delete, Modify) can only be canceled (deleted) during its
execution. Once completed, the job is removed.
7.1.10.4. Print
Print jobs can be submitted remotely via printing protocols (e.g. lpr, port 9100)
or from the WebUI. Print jobs may also be submitted at the LUI from a USB
storage device. Once submitted to the TOE, there is no way for anyone to
modify the job (D.FUNC +PRT Modify) or the document (D.DOC +PRT
Delete). None of the jobs will be processed until the job owner starts a user
session at the local user interface. The authenticated job owner can release
printing of the document (D.DOC +PRT Read) or delete the print job
(D.FUNC +PTR Delete) at the local user interface. The owner may also
choose to delete a job (submitted from the Web UI) through the Web UI
before it is released.
Users have the option to assign a passcode to a print job during its
submission (known as Secure Print). When required to enter the passcode,
the user will need to be authenticated at the LUI in order to do so. The TOE
can be configured to release Secure Print jobs with or without the associated
passcode for the job owner who is authenticated at the LUI.
A system administrator has the capability to delete (D.FUNC +PRT Delete)
print jobs at the LUI or Web UI. The Web UI only allows deletion of jobs
submitted via the Web UI. Deletion of a Secure Print job requires knowledge
of the associated passcode.
74

Copyright 2013 Xerox Corporation. All rights reserved.