Xerox WorkCentre 5030/5050 Multifunction Systems Security .
Xerox WorkCentre 5030/5050Multifunction SystemsSecurity TargetVersion 1.0Prepared by:Xerox Corporation1350 Jefferson RoadRochester, New York 14623Computer Sciences Corporation (US)7231 Parkway DriveHanover, Maryland 21076
Xerox WorkCentre 5030/5050Multifunction Systems Security TargetTable of Contents1.1 ST AND TOE IDENTIFICATION . 11.2 REFERENCES . 21.3 CONVENTIONS, TERMINOLOGY, AND ACRONYMS. 21.3.1 Conventions. 21.3.2 Terminology . 31.3.3 Acronyms. 41.4 TOE OVERVIEW . 51.5 COMMON CRITERIA CONFORMANCE CLAIM . 52.1 PRODUCT TYPE . 62.2 PHYSICAL SCOPE AND BOUNDARY . 72.3 LOGICAL SCOPE AND BOUNDARY . 82.3.1 Image Overwrite (TSF IOW) . 82.3.2 Information Flow (TSF FLOW) . 82.3.3 Authentication (TSF AUT) . 92.3.4 Security Management (TSF FMT) . 92.4 EVALUATED CONFIGURATION . 93.1 ASSUMPTIONS. 103.2 THREATS . 113.3 ORGANIZATIONAL SECURITY POLICIES . 124.1 SECURITY OBJECTIVES FOR THE TOE. 134.2 SECURITY OBJECTIVES FOR THE ENVIRONMENT . 144.2.1 Security objectives for the IT Environment. 144.2.2 Security objectives for the non IT Environment. 145.1 SECURITY POLICIES . 165.1.1 User Data Protection Policy (TSP IOW). 165.1.2 Information Flow Control Policy (TSP FLOW) . 175.2 TOE SECURITY FUNCTIONAL REQUIREMENTS . 175.2.1 Class FDP: User Data Protection. 175.2.2 Class FIA: Identification and Authentication . 225.2.3 Class FMT: Security Management . 245.3 TOE SECURITY ASSURANCE REQUIREMENTS . 285.4 SECURITY REQUIREMENTS FOR THE IT ENVIRONMENT . 285.5 SFRS WITH SOF DECLARATIONS . 296.1 TOE SECURITY FUNCTIONS . 306.1.1 Image Overwrite (TSF IOW) . 306.1.2 Information Flow (TSF FLOW) . 316.1.3 Authentication (TSF AUT) . 326.1.4 Security Management (TSF FMT) . 326.2 ASSURANCE MEASURES . 338.1 SECURITY OBJECTIVES RATIONALE . 368.2 SECURITY REQUIREMENTS RATIONALE . 38iiCopyright 2007 Xerox Corporation, All rights reserved
Xerox WorkCentre 5030/5050Multifunction Systems Security Target8.2.1 Rationale For TOE Security Requirements . 388.2.2 Rationale for Security Requirements for the Environment . 398.3 RATIONALE FOR THE ASSURANCE LEVEL . 398.4 RATIONALE FOR TOE SUMMARY SPECIFICATION . 408.5 TOE ASSURANCE REQUIREMENTS . 418.6 TOE SOF CLAIMS . 428.7 RATIONALE FOR SFR AND SAR DEPENDENCIES . 428.8 INTERNAL CONSISTENCY AND MUTUALLY SUPPORTIVE RATIONALE . 458.8.1 Internal Consistency . 458.8.2 Mutually Supportive Whole. 46iiiCopyright 2007 Xerox Corporation, All rights reserved
Xerox WorkCentre 5030/5050Multifunction Systems Security TargetList of FiguresFigure 1: Xerox WorkCentre 5030/5050 .7Figure 2: TSF FLOW.31List of TablesTable 1: Models and capabilities .6Table 2: Evaluated Software/Firmware version .8Table 3: Environmental Assumptions.10Table 4: Threats to the TOE.11Table 5: Security Objectives for the TOE.13Table 6: Security Objectives for the IT Environment.14Table 7: Security Objectives for the non-IT Environment .14Table 8: EAL2 (augmented with ALC FLR.3) Assurance Requirements .28Table 9: Assurance Measures .33Table 10: Security Objectives Rationale.36Table 11: Security Objectives Rationale for the Environment .37Table 12: TOE SFR Mapping to Objectives.38Table 13: Mapping of SFRs to Security Functions.40Table 14: Assurance Measure Compliance Matrix.41Table 15: SFR Dependencies Status .43Table 16: EAL2 (Augmented with ALC FLR.3) SAR Dependencies Satisfied.45ivCopyright 2007 Xerox Corporation, All rights reserved
Xerox WorkCentre 5030/5050Multifunction Systems Security Target1SECURITY TARGET INTRODUCTIONThis Chapter presents security target (ST) identification information and an overview of the ST.An ST contains the information technology (IT) security requirements of an identified Target ofEvaluation (TOE) and specifies the functional and assurance security measures offered by thatTOE to meet stated requirements. An ST principally defines:a) A security problem expressed as a set of assumptions about the securityaspects of the environment, a list of threats that the product is intended tocounter, and any known rules with which the product must comply (Chapter 3,TOE Security Environment).b) A set of security objectives and a set of security requirements to address thesecurity problem (Chapters 4 and 5, Security Objectives and IT SecurityRequirements, respectively).c) The IT security functions provided by the TOE that meet the set ofrequirements (Chapter 6, TOE Summary Specification).The structure and content of this ST comply with the requirements specified in the CommonCriteria (CC), Part 1, Annex B, and Part 3, Chapter 10.1.1ST and TOE IdentificationThis section provides information needed to identify and control this ST and its Target ofEvaluation (TOE). This ST targets Evaluation Assurance Level (EAL) 2, augmented withALC FLR.3.ST Title:ST Version:Revision Number:Publication Date:Certification Number:Authors:Sponsor:TOE Identification:CC Identification:ST Evaluator:Keywords:Xerox WorkCentre 5030/5050 Multifunction Systems SecurityTarget1.0Revision: 1.18April 15, 2008BSI-DSZ-CC-0478Computer Sciences Corporation (US) Common Criteria TestingLaboratory, Xerox CorporationXerox CorporationXerox WorkCentre 5030/5050 Multifunction SystemsCommon Criteria for Information Technology SecurityEvaluation, Version 2.3, August 2005 (also known as ISO 15408)Computer Sciences Corporation (CSC)Xerox, Multi Function Device, Image Overwrite1Copyright 2007 Xerox Corporation, All rights reserved
Xerox WorkCentre 5030/5050Multifunction Systems Security Target1.2ReferencesThe following documentation was used to prepare this ST:[CC PART1][CC PART2][CC PART3][CEM]1.3Common Criteria for Information Technology Security Evaluation –Part 1: Introduction and general model, dated August 2005, Version2.3, CCIMB-2005-08-001Common Criteria for Information Technology Security Evaluation –Part 2: Security functional requirements, dated August 2005, Version2.3, CCIMB-2005-08-002Common Criteria for Information Technology Security Evaluation –Part 3: Security assurance requirements, dated August 2005, Version2.3, CCIMB-2005-08-003Common Evaluation Methodology for Information TechnologySecurity Evaluation, dated August 2005, Version 2.3, CCIMB-200508-004Conventions, Terminology, and AcronymsThis section identifies the formatting conventions used to convey additional information andterminology. It also defines terminology and the meanings of acronyms used throughout this ST.1.3.1 ConventionsThis section describes the conventions used to denote Common Criteria (CC) operations onsecurity functional components and to distinguish text with special meaning. The notation,formatting, and conventions used in this ST are largely consistent with those used in the CC.Selected presentation choices are discussed here.The CC allows several operations to be performed on security functional or assurancecomponents; assignment, refinement, selection, and iteration as defined in paragraph 6.4.1.3.2 ofPart 1 of the CC are:a) The assignment operation is used to assign a specific value to an unspecified parameter,such as the length of a password. Showing the value in square brackets[assignment value(s)] indicates an assignment.b) The refinement operation is used to add detail to a requirement, and thus further restrictsa requirement. Refinement of security requirements is denoted by bold text.c) The selection operation is used to select one or more options provided by the CC instating a requirement. Selections are denoted by underlined italicized text.d) Iterated functional components are given unique identifiers by appending to thecomponent name, short name, and functional element name from the CC an iterationnumber inside parenthesis, i.e., FMT MTD.1 (1) and FMT MTD.1 (2).2Copyright 2007 Xerox Corporation, All rights reserved
Xerox WorkCentre 5030/5050Multifunction Systems Security Targete) Plain italicized text is used to emphasize text.1.3.2 TerminologyIn the CC, many terms are defined in Section 3 of Part 1. The following terms are a subset ofthose definitions:Authentication dataInformation used to verify the claimed identity of a user.Authorized UserA user who may, in accordance with the TOE Security Policy (TSP1),perform an operation.External IT entityAny IT product or system, untrusted or trusted, outside of the TOEthat interacts with the TOE.Human userAny person who interacts with the TOE.IdentityA representation (e.g. a string) uniquely identifying an authorizeduser, which can either be the full or abbreviated name of that user or apseudonym.ObjectAn entity within the TOE Security Function (TSF2) Scope of Control(TSC3) that contains or receives information and upon which subjectsperform operations.RoleA predefined set of rules establishing the allowed interactions betweena user and the TOE.SubjectAn entity within the TSC that causes operations to be performed.UserAny entity (human user or external IT entity) outside the TOE thatinteracts with the TOE.The following terminology is specific to this ST.FAXA generic reference to one of the Fax types supported by the Device(i.e., embedded analog fax (fax board)).Image DataInformation on a mass storage device created by the print/scan/e-mailprocess.Latent Image DataResidual information remaining on a mass storage device when aprint/scan/ e-mail job is completed, cancelled, or interrupted.Security FunctionalComponentsExpress security requirements intended to counter threats in theassumed operating environment of the TOE.SystemAdministratorAn authorized user who manages the Xerox CorporationWorkCentre/WorkCentre Pro.1 TSP – A set of rules that regulate how assets are managed, protected and distributed within a TOE.As defined in the CC, Part 1, version 2.3:2 TSF - A set consisting of all hardware, software, and firmware of the TOE that must be relied upon for the correct enforcement of the TSP.3 TSC - The set of interactions that can occur with or within a TOE and are subject to the rules of the TSP.3Copyright 2007 Xerox Corporation, All rights reserved
Xerox WorkCentre 5030/5050Multifunction Systems Security Target1.3.3 AcronymsThe following acronyms are used in this Security PSMSMFSMRSOFSTTOETSCTSFTSPDEFINITIONAuthentication Failures (CC Family)Common Criteria for Information Technology Security EvaluationCommon Evaluation Methodology for Information Technology SecurityDuplex Automated Document HandlerEvaluation Assurance LevelUser Data Protection (CC Class)Identification and Authentication (CC Class)Security Management (CC Class)Functional Specification (CC Family)Hard Disk DriveHigh Level Design (CC Family)Immediate Image OverwriteImage Overwrite SecurityImage Output TerminalInternational Standards OrganizationInformation TechnologyLocal User InterfaceMulti-function DeviceManagement of Functions (CC Family)On Demand Image OverwriteOrganization Security PolicyProtection ProfilePages Per MinutePublic Switched Telephone NetworkResidual Information Protection (CC Family)Security Assurance RequirementSecurity Function PolicySecurity Functional RequirementScanner Image ProcessorSecurity ManagementSsecurity Management Functions (CC Family)Security Management Roles (CC Family)Strength of FunctionSecurity TargetTarget of EvaluationTSF Scope of ControlTOE Security FunctionTOE Security Policy4Copyright 2007 Xerox Corporation, All rights reserved
Xerox WorkCentre 5030/5050Multifunction Systems Security TargetACRONYMUAUUIUIDWebUI1.4DEFINITIONUser Authentication (CC Family)User InterfaceUser Identification (CC Family)Web User InterfaceTOE OverviewThe TOE is a multi-function device (MFD) that provides copy and print services as well as thescan to e-mail, network scan and FAX options. A standard component of the TOE is the ImageOverwrite Security package. This function forces any temporary image files created during aprint, network scan, or scan to e-mail job to be overwritten when those files are no longerneeded, or “on demand” by the system administrator. Because copy and FAX jobs are notwritten to the hard disk drive (HDD), there are no temporary images files to be overwritten forthese services.The optional Xerox Embedded Fax accessory provides local analog FAX capability over PublicSwitched Telephone Network (PSTN) connections, if purchased by the consumer.A summary of the TOE security functions can be found in Section 2, TOE Description. Adetailed description of the security functions can be found in Section 6, TOE SummarySpecification.1.5Common Criteria Conformance ClaimThis ST conforms to CC Part 2 conformant, and is CC Part 3 conformant, EAL2 augmented(with ALC FLR.3).5Copyright 2007 Xerox Corporation, All rights reserved
Xerox WorkCentre 5030/5050Multifunction Systems Security Target2TOE DESCRIPTIONThis section provides context for the TOE evaluation by identifying the product type anddescribing the evaluated configuration.2.1Product TypeThe product is a MFD that copies and prints, with scan to e-mail, network scan and FAX option.A standard component of the TOE is the Image Overwrite Security package. This function forcesany temporary image files created during a print, network scan, or scan to e-mail job to beoverwritten when those files are no longer needed.The optional Xerox Embedded Fax accessory, when purchased and installed, provides localanalog fax capability over PSTN connections.An optional Finisher, which is not part of the TOE, provides “after print” services such asdocument collation and stapling.Table 1: Models and capabilities(X – included in all configurations; o – product options ordered separately)Scan to e11PrintCopy Network Scan FAXPrint SpeedmailUp to 30ppmWorkCentre 5030XXoooUp to 50ppmWorkCentre 5050XXooo1Copy and FAX jobs are not spooled to the HDD.A MFD stores temporary image data created during a print, network scan or scan to e-mail jobon an internal hard disk drive (HDD). This temporary image data consists of the original datasubmitted and additional files created during a job. Because copy and FAX jobs are not writtento the HDD, there are no temporary images files to be overwritten for these services.The TOE provides an Image Overwrite function to enhance the security of the MFD. The ImageOverwrite function overwrites temporary document image data as described in DoD Standard5200.28-M at the completion of each print, network scan, or scan to e-mail job, once the MFD isturned back on after a power failure or on demand of the MFD system administrator.6Copyright 2007 Xerox Corporation, All rights reserved
Xerox WorkCentre 5030/5050Multifunction Systems Security Target2.2Physical Scope and BoundaryThe TOE is a Multi-Function Device (Xerox WorkCentre model 5030 or 5050) that consists of aprinter, copier, scanner, FAX (when purchased by the consumer), and e-mail as well as allAdministrator and User guidance. The difference between the two models is their printing speed.The hardware included in the TOE is shown in Figure 1. This figure also shows an optionalFinisher connected to the TOE at the right side of the picture, which is not part of the TOE. Theoptional FAX card is not shown in this figure.4Figure 1: Xerox WorkCentre 5030/5050The various software and firmware (“Software”) that comprise the TOE are listed in Table 2. Asystem administrator can ensure that they have a TOE by printing a configuration sheet andcomparing the version numbers reported on the sheet to the table below.The UI software controls the User Interface. SIP software controls the Copy Controller and isable to interface with all other software components. IOT software controls the marking enginethat prints to paper. DADH software controls the input tray. Finisher software controls theoptional Finisher attachment. FAX software resides on the FAX board and controls some faxfunctions. The System software manages overall system function while the NetworkController software resides on the Network Controller and controls all network functions.4For installation, the optional FAX card must be fitted into the machine. After powering on the machine, the Fax Install window pops up onthe Local UI with step by step instructions for installation.7Copyright 2007 Xerox Corporation, All rights reserved
Xerox WorkCentre 5030/5050Multifunction Systems Security TargetTable 2: Evaluated Software/Firmware versionSoftwareItemSystem SoftwareNetwork Controller SoftwareWorkCentre5030/50505. 003.07.0001.08.535.01005.03.007UI SoftwareSIP SoftwareIOT Software50.06.0023.54.00DADH Software12.15.00Finisher SoftwareFAX Software09.21.0002.28.03The TOE’s physical interfaces include a power port, Ethernet port, optional USB port, serialport, FAX port (if the optional FAX card is installed), Local User Interface (LUI) with keypad, adocument scanner, a document feeder and a document output.2.3Logical Scope and BoundaryThe logical scope of the TOE includes all software and firmware that are installed on the product(see Table 2). The TOE logical boundary is composed of the security functions provided by theproduct.The following security functions are provided by the TOE: Image Overwrite (TSF IOW) Authentication (TSF AUT) Security Management (TSF FMT) Information Flow (TSF FLOW)2.3.1 Image Overwrite (TSF IOW)The TOE has an “Image Overwrite” function that overwrites files created during print, networkscan or scan to e-mail jobs. This overwrite process is implemented in accordance with DoD5200.28-M and will be activated at the completion of each print, network scan, or scan to e-mailjob, once the MFD is turned back on after a power failure or on demand of the MFD systemadministrator. Copy and FAX jobs are not written to the hard drive and need not to beoverwritten.2.3.2 Information Flow (TSF FLOW)The TOE does not allow information to flow between the PSTN port of the optional FAXprocessing board (if installed) and the network controller (which covers the information flow toand from the internal network). Data and/or commands cannot be sent to the internal network via8Copyright 2007 Xerox Corporation, All rights reserved
Xerox WorkCentre 5030/5050Multifunction Systems Security Targetthe PSTN. A direct connection from the internal network to external entities by using thetelephone line of the TOE is also denied.If the optional FAX board is not installed, an information flow from or to the FAX port is notpossible at all.2.3.3 Authentication (TSF AUT)The TOE requires a system administrator to authenticate before granting access to systemadministration functions. The system administrator has to enter a PIN at either the Web UserInterface or the Local User Interface. The PIN will be obscured with asterisks as it is beingentered. Identification of the system administrator at the Local User Interface is implicit -- theadministrator will identify themselves by pressing the “Access” hard button. Identification of thesystem administrator at the Web user Interface is explicit -- the administrator will identifythemselves by entering the username “admin” in the authentication dialog window2.3.4 Security Management (TSF FMT)Only authenticated system administrators can enable or disable the Image Overwrite function,enable or disable the On Demand Image Overwrite function, change the system administratorPIN, and start or cancel an On Demand Image Overwrite operation.While IIO or ODIO can be disabled, doing so will remove the TOE from its evaluatedconfiguration.2.4Evaluated ConfigurationIn its evaluated configuration, the Image Overwrite Security Package is installed and IIO andODIO are enabled on the TOE. The FAX option, if purchased by the consumer, is installed andenabled. All other configuration parameter values are optional.9Copyright 2007 Xerox Corporation, All rights reserved
Xerox WorkCentre 5030/5050Multifunction Systems Security Target3TOE SECURITY ENVIRONMENT3.1AssumptionsThis section describes the security aspects of the intended environment for the evaluated TOE.This includes information about the physical, personnel, procedural, connectivity, and functionalaspects of the environment.The operational environment must be managed in accordance with assurance requirementdocumentation for delivery, operation, and user/system administrator guidance. The followingspecific conditions are assumed to exist in an environment where this TOE is employed.Table 3: Environmental AssumptionsAssumptionDescriptionA.INSTALLThe TOE has been delivered and installed by Xerox-authorizedrepresentatives using Xerox delivery and installation guidance. TheTOE has been configured by the system administrator in accordancewith the administrator and user guidance delivered with the TOE aswell as the security guidance found at http://www.xerox.com/security.As a part of this installation process, the system administrator haschanged the PIN from its default value. The PIN chosen by theadministrator consists of at least 8 digits and will be changed at leastevery 40 days. The Image Overwrite Security accessory is installedand enabled. IIO and ODIO are enabled.A.ACCESSThe TOE has been installed in a standard office environment. Becausethe TOE is under observation by office personnel, unauthorizedphysical modifications to the TOE and unauthorized attempts toconnect to the TOE via its physical interfaces are not possible.A.MANAGEOne or more system administrators are assigned to manage the TOE.Procedures exist for granting a system administrator access to thesystem administrator PIN for the TOE.A.NO EVIL ADM The system administrator(s) are not careless, willfully negligent orhostile, and will follow the instructions provided in the administratorand user guidance delivered with the TOE as well as the securityguidance found at http://www.xerox.com/security. The systemadministrator will not remove the TOE from its evaluatedconfiguration and will especially not disable TSF IOW.A.NETWORKThe network that the TOE is connected to will be monitored forunapproved activities and/or attempts to attack network resources(including the TOE).10Copyright 2007 Xerox Corporation, All rights reserved
Xerox WorkCentre 5030/5050Multifunction Systems Security Target3.2ThreatsTable 4 identifies the threats to the TOE. The various attackers of the TOE are considered to beeither authorized or unauthorized users of the TOE with public knowledge of how the TOEoperates. These users do not have any specialized knowledge or equipment. The authorized usershave physical access to the TOE. Mitigation to the threats is through the objectives identified inSection 4, Security Objectives.Table 4: Threats to the TOEThreatDescriptionT.RECOVERA malicious user may attempt to recover temporary document imagedata using commercially available tools to read its contents.This may occur because the attacker gets physical access to the harddisk drive (e.g. as part the life-cycle of the MFD (e.g. decommission)),or the temporary document image data can be read/recovered over thenetwork (e.g. as the result of a purposeful or inadvertent power failurebefore the data could be erased.)T.INFAXDuring times when the FAX is not in use, a malicious user mayattempt to access the internal network by connecting to the FAX cardvia PSTN and using publicly available T.30 FAX transmissionprotocol commands for the purpose of intercepting or modifyingsensitive information or data that may reside on resources connectedto the network.This threat only exists if the FAX board is installed and connected tothe PSTN.T.OUTFAXDuring times when the FAX is not in use, a malicious user mayattempt to connect to the TOE over the network and make an outgoingconnection using the FAX card, either as a method of attacking otherentities or for the purpose of sending sensitive information or data toother entities.5This threat only exists if the FAX board is installed and connected tothe PSTN.T.USER5A user, at any time, may attempt to reconfigure the TOE, for thepurpose of disabling security functions or intercepting sensitiveinformation or data, either by attempting to access the managementfunctions directly or by logging in as the system administrator.Application Note: The sending of company confidential information to external entities by Fax is not considered a threat to the TOE.11Copyright 2007 Xerox Corporation, All rights reserved
Xerox WorkCentre 5030/5050Multifunction Systems Security Target3.3Organizational Security PoliciesThere are no organizational security policies that are determined to be relevant for the TOE.
Xerox WorkCentre 5030/5050 Multifunction Systems Security Target Version 1.0 Prepared by: Xerox Corporation Computer Sciences Corporation (US) 1350 Jefferson Road 7231 Parkway Drive Rochester, New York 14623 Hanover, Maryland 21076 . Xerox WorkCentre 5030/5050 .
WorkCentre 3315/3325 Phaser 3300MFP, WorkCentre PE120i WorkCentre 3550 WorkCentre M20i, 4118, WorkCentre Pro 416/412 Phaser 3635MFP None WorkCentre 4250/4260 WorkCentre 4150 WorkCentre 5325/5330/5335 WorkCentre 5135, 5225/5230, CC/WC/WCP-M123/M128/M133 WorkCentre 5150 WorkCentre 5030/5050 WorkCentre 5740/5745/5755 WorkCentre 5735, 5135
The Target of Evaluation (TOE) are the Xerox WorkCentre 5030/5050 Multifunction Systems (Xerox WorkCentre model 5030 or 5050). The TOE is a Multifunction Device (MFD) that consists of a printer, copier, scanner, FAX (when purchased by the consumer), and email as well as all Administrator and User guidance. The difference between the two
WorkCentre 5030/5050 Detailed Specifications 7 Xerox Global Print Driver (X-GPD) A truly universal print driver that lets IT administrators install, upgrade and manage Xerox and non-Xerox devices from a single driver. It provides a consistent, easy-to-use interface for end-users, reducing the number of support
5890 / 5890i, Xerox WorkCentre 5945 / 5945i / 5955 / 5955i, Xerox WorkCentre 6655 / 6655i, Xerox WorkCentre 7220 / 7220i / 7225 / 7225i, Xerox WorkCentre 7830 / 7830i / 7835 / 7835i / 7845 / 7845i / 7855 / 7855i / EC7836 / EC7856, Xerox WorkCentre 7970 / 7970i 2016 Xerox ConnectKey Technology Purpose and Audience
Xerox WorkCentre M118, xerox workcentre m118 скачать драйвер для windows 7, xerox workcentre m118 посмотреть ip. 3 июл 2013 Во-первых у Xerox WorkCentre M118i нет родного д
Optional Features Equitrac Express , Equitrac Office , YSoft SafeQ , other network accounting solutions available through various Xerox Business Innovation Partners Xerox WorkCentre 7830i/7835i/ 7845i/7855i Color Multifunction Printer The WorkCentre 7800i Series Color Multifunction Printer is
Xerox WorkCentre 7220/7225 Multifunction Printer Meet today’s tasks, build tomorrow’s opportunities. Xerox WorkCentre 7220/7225 A3 Colour Multifunction Printer TITLE: X_27187_W
b. What is AngularJS? 2. Basic Angular Security Concepts a. Strict Contextual Auto Escaping b. The HTML Sanitizer 3. Common Security pitfalls a. Server-Side Template Injection b. Client-Side Template Injection c. Converting strings to HTML d. White- and Blacklisting URLs 4. Conclusion Agenda
