There are two configurations of the TOE with identical security functionality. The base configuration is a digital copier (DC) that provides only copy functions, represented by the CopyCentre models. The other configuration is a multi-function device (MFD) that copies, prints, scans to email, network scans, and network faxes, represented by the WorkCentre Pro models. An additional optional component is the Image Overwrite Security package. The Image Overwrite Security package causes any temporary image files created during a print, network scan, scan-to-email, network fax (MFD), or copy (MFD/DC) job to be overwritten from the internal hard disk drive(s) when those files are no longer needed or on demand at the discretion of the system administrator.
","evaluation_configuration":null,"security_evaluation_summary":"The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The evaluation demonstrated that the product meets the security requirements contained in the Security Target. The criteria against which the Xerox CopyCentre C65/C75/C90 Copier and WorkCentre Pro 65/75/90 Advanced Multifunction System including Image Overwrite Security was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.1. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 1.0. Computer Sciences Corporation determined that the evaluation assurance level (EAL) for the product is EAL 2. The product, when configured and installed according to supplied guidance, satisfies all of the security functional requirements stated in the Security Target. A validator, on behalf of the CCEVS Validation Body, monitored the evaluation carried out by Computer Sciences Corporation. The evaluation was completed in January 2005. Results of the evaluation can be found in the Evaluation Technical Report for a Target of Evaluation for Xerox CopyCentre C65/C75/C90 Copier and WorkCentre Pro 65/75/90 Advanced Multifunction System including Image Overwrite Security prepared by Computer Sciences Corporation.
","environmental_strengths":"The TOE provides the following security features:
\r\nImage Overwrite: The CopyCentre and WorkCentre Pro models implement an image overwrite security function that causes temporary image files created during a print, network scan, scan-to-email, network fax (MFD), or copy (MFD/DC) job to be overwritten using a three pass overwrite procedure as described in DOD 5800.28-M from the internal hard disk drive(s) when those files are no longer needed or upon action by the system administrator using the "On-Demand" Image Overwrite (ODIO) function.
\r\nOnce invoked, ODIO cancels all print, network scan, scan-to-email, or network fax jobs, halts the printer interface (WorkCentre Pro models), and overwrites the contents of the sections for temporary image files on the internal hard disk drive(s). The entire machine then reboots. If the System Administrator attempts to activate diagnostics mode while ODIO is in progress, the request will be queued until the ODIO completes and then the system will enter diagnostic mode.
\r\nSecurity Management: The TOE utilizes a simple authentication function through the front panel or web interface. Only authenticated system administrators have the capability to invoke or abort the ODIO function, enable or disable the IIO function, and change the system administrator PIN.
","features":[]}