Lexmark CX735 Security White Paper - Page 59
Security Standards, Common Criteria (NIAP/CCEVS Certification, ISO 15408), Federal Information
View all Lexmark CX735 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 59 highlights
Security Standards 59 Security Standards Common Criteria (NIAP/CCEVS Certification, ISO 15408) Overview Common Criteria represents a framework to provide a validation of the security functionality of a computer system. By performing a set of rigorous and repeatable tests, the framework provides participating countries assurance that the product meets the internationally agreed-upon security functional criteria. By meeting the requirements defined in the Common Criteria framework, a product evaluated by one nation is considered to have a valid evaluation by all other nations who have signed the Common Criteria Recognition Arrangement (CCRA). This, in practice, can result in common procurement requirements for the governments that are part of the CCRA. Benefits • Third-party validation assures customers that security capabilities protect the device as claimed by the manufacturer. • Devices are validated for Information Technology Hardcopy Device and System Security, using the current protection profile associated with the Common Criteria Evaluation and Validation Scheme (CCEVS). • Two separate validations are performed on Lexmark devices: one with a hard drive and one without a hard drive. Details Lexmark devices are validated for Information Technology Hardcopy Device and System Security, using the current protection profile associated with the Common Criteria Evaluation and Validation Scheme (CCEVS). Lexmark will have devices cross listed on the National Information Assurance Partnership (NIAP) Product Compliant List (PCL). In some cases, Lexmark may have two or more separate evaluations listed with similar model numbers. This is done because some Lexmark devices ship with a hard drive or have other functional differences, which require additional security targets to validate the security capabilities of the device. Adding these other validated devices gives Lexmark customers more options when selecting the appropriate device that meets their internal security requirements. Federal Information Processing Standards (FIPS) Overview FIPS are publicly announced standardizations developed by the United States federal government for use in computer systems by all nonmilitary government agencies and by government contractors. The 140 series of FIPS are U.S. government computer security standards that specify requirements for cryptographic modules.