NIAP: Compliant Product
NIAP/CCEVS
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - Xerox® AltaLink™ C8030 / C8035 / C8045 / C8055 / C8070

Certificate Date:  2019.07.22

Validation Report Number:  CCEVS-VR-VID10955-2019

Product Type:    Multi Function Device

Conformance Claim:  Protection Profile Compliant

PP Identifier:    Protection Profile for Hardcopy Devices Version 1.0

CC Testing Lab:  DXC.technology

Maintenance Releases:
CC Certificate [PDF] Security Target [PDF] * Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]


* This is the Security Target (ST) associated with the latest Maintenance Release.  To view previous STs for this TOE, click here.

Product Description

Product is a multi-function device that copies and prints with scan and fax capabilities.


Evaluated Configuration

The Target of Evaluation (TOE) is the Xerox multi-function device (MFD) Xerox® AltaLink™ C8030 / C8035 / C8045 / C8055 / C8070. The TOE copies and prints with scan and fax capabilities.  The Xerox Embedded Fax Accessory provides local analog fax capability over Public Switched Telephone Network (PSTN) connections and also enables LanFax.

Xerox’s Workflow Scanning Accessory is part of the TOE configuration. This accessory allows documents to be scanned at the device with the resulting image being sent via email, transferred to a remote file repository or kept in a private (scan) mailbox.


Security Evaluation Summary

The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The evaluation demonstrated that the product meets the security requirements contained in the Security Target. The criteria against which the Xerox HCD  was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 4. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1, Revision 4. Computer Sciences Corporation determined that the product is conformant to requirements for Protection Profile for Network Hardcopy Devices, Version 1.0, version 3.0.  The product satisfies all of the security functional requirements stated in the Security Target. Two validators, on behalf of the CCEVS Validation Body, monitored the evaluation carried out by DXC Technology. The evaluation was completed in Annapolis Junction, MD. Results of the evaluation can be found in Assurance Activity Report for  Xerox HCD  prepared by DXC Technology.


Environmental Strengths

The TOE logical boundary is comprised of the following security functions:

·                     Identification and Authentication

·                     Security Audit

·                 Access Control

·                     Security Management

·                     Trusted Operation

·                     Encryption

·                     Trusted Communication

·                     PSTN Fax-Network Separation

·                     Data Clearing and Purging


Vendor Information


Xerox
Alan Sukert
585-427-1413
Alan.Sukert@Xerox.com

www.xerox.com
Site Map              Contact Us              Home