Lexmark C4342 Security White Paper - Page 59

Security Standards, Common Criteria (NIAP/CCEVS Certification, ISO 15408), Federal Information

Get Lexmark C4342 PDF manuals and user guides View all Lexmark C4342 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 59 highlights

Security Standards 59 Security Standards Common Criteria (NIAP/CCEVS Certification, ISO 15408) Overview Common Criteria represents a framework to provide a validation of the security functionality of a computer system. By performing a set of rigorous and repeatable tests, the framework provides participating countries assurance that the product meets the internationally agreed-upon security functional criteria. By meeting the requirements defined in the Common Criteria framework, a product evaluated by one nation is considered to have a valid evaluation by all other nations who have signed the Common Criteria Recognition Arrangement (CCRA). This, in practice, can result in common procurement requirements for the governments that are part of the CCRA. Benefits • Third-party validation assures customers that security capabilities protect the device as claimed by the manufacturer. • Devices are validated for Information Technology Hardcopy Device and System Security, using the current protection profile associated with the Common Criteria Evaluation and Validation Scheme (CCEVS). • Two separate validations are performed on Lexmark devices: one with a hard drive and one without a hard drive. Details Lexmark devices are validated for Information Technology Hardcopy Device and System Security, using the current protection profile associated with the Common Criteria Evaluation and Validation Scheme (CCEVS). Lexmark will have devices cross listed on the National Information Assurance Partnership (NIAP) Product Compliant List (PCL). In some cases, Lexmark may have two or more separate evaluations listed with similar model numbers. This is done because some Lexmark devices ship with a hard drive or have other functional differences, which require additional security targets to validate the security capabilities of the device. Adding these other validated devices gives Lexmark customers more options when selecting the appropriate device that meets their internal security requirements. Federal Information Processing Standards (FIPS) Overview FIPS are publicly announced standardizations developed by the United States federal government for use in computer systems by all nonmilitary government agencies and by government contractors. The 140 series of FIPS are U.S. government computer security standards that specify requirements for cryptographic modules.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
Security Standards
Common Criteria (NIAP/CCEVS Certification, ISO 15408)
Overview
Common Criteria represents a framework to provide a validation of the security functionality of a computer
system. By performing a set of rigorous and repeatable tests, the framework provides participating countries
assurance that the product meets the internationally agreed-upon security functional criteria. By meeting the
requirements defined in the Common Criteria framework, a product evaluated by one nation is considered to
have a valid evaluation by all other nations who have signed the Common Criteria Recognition Arrangement
(CCRA). This, in practice, can result in common procurement requirements for the governments that are part of
the CCRA.
Benefits
Third-party validation assures customers that security capabilities protect the device as claimed by the
manufacturer.
Devices are validated for Information Technology Hardcopy Device and System Security, using the current
protection profile associated with the Common Criteria Evaluation and Validation Scheme (CCEVS).
Two separate validations are performed on Lexmark devices: one with a hard drive and one without a hard
drive.
Details
Lexmark devices are validated for Information Technology Hardcopy Device and System Security, using the
current protection profile associated with the Common Criteria Evaluation and Validation Scheme (CCEVS).
Lexmark will have devices cross listed on the National Information Assurance Partnership (NIAP) Product
Compliant List (PCL).
In some cases, Lexmark may have two or more separate evaluations listed with similar model numbers. This is
done because some Lexmark devices ship with a hard drive or have other functional differences, which require
additional security targets to validate the security capabilities of the device. Adding these other validated
devices gives Lexmark customers more options when selecting the appropriate device that meets their internal
security requirements.
Federal Information Processing Standards (FIPS)
Overview
FIPS are publicly announced standardizations developed by the United States federal government for use in
computer systems by all nonmilitary government agencies and by government contractors. The 140 series of
FIPS are U.S. government computer security standards that specify requirements for cryptographic modules.
Security Standards
59