Xerox Product Data Overwrite Security Whitepaper

Similar documents
*XLGHOLQHV IRU 0HGLD 6DQLWL]DWLRQ )URP WKH 1DWLRQDO,QVWLWXWH RI 6WDQGDUGV DQG 7HFKQRORJ\ V 11, HY 1 of 18

Erasure Methods. Erasure Process

Product Security. Data Protection: Image Overwrite, Encryption and Disk Removal

Xerox Healthcare MFP Solution

Xerox Multifunction Device Scan to SMB Support Month 00, 0000

GDisk disk-wipe specifications

Version 1.1 March 22, Secure Installation and Operation of Your WorkCentre 4250/4260

Hard Drive Retention Offering for Xerox Products in the United States. May 22, 2018

R&S ZN-Z154 Calibration Unit Instrument Security Procedures

Xerox WorkCentre Statement of Volatility Version 1.0

R&S NRP2 Power Meter Instrument Security Procedures

Xerox VersaLink Enhancement Read Me

R&S SMW200A Vector Signal Generator Instrument Security Procedures

R&S SMB100A RF and Microwave Signal Generator Instrument Security Procedures

Seagate Secure TCG Enterprise SSC Self-Encrypting Drives FIPS 140 Module Security Policy

Xerox Versant 180 Press Statement of Volatility. Month 00, 0000 <Part Number>

Xerox Versant 3100 Press Statement of Volatility. Month 00, 0000 <Part Number>

Seagate Secure TCG Enterprise SSC Pulsar.2 Self-Encrypting Drive FIPS 140 Module Security Policy

DATA SECURITY END OF LIFE

Designing Secure Storage for the Cloud Jesus Molina Fujitsu Laboratories of America

R&S SMBV100A Vector Signal Generator Instrument Security Procedures

R&S SGS100A SGMA RF Source Instrument Security Procedures

Xerox Versant 180 Press

Statement of Volatility Xerox WorkCentre 4250/4260

Secure Installation and Operation of Your

Solid State Drive Security For HP Printing Devices

Revision 1 24 April 2013

The Intel SSD Pro 2500 Series Guide for Microsoft edrive* Activation

Security Features and Volatility Documentation

Seagate Secure TCG Enterprise and TCG Opal SSC Self-Encrypting Drive Common Criteria Configuration Guide

PSA-Series Spectrum Analyzers

4287A Security Features Rev. 1.0

Version 1.1 May 10, Secure Installation and Operation of Your WorkCentre 4265

WipeDrive Home 9. IMPORTANT! PLEASE READ CAREFULLY:... 3 General Information... 3 WipeDrive Overview... 3 System Requirements...

R&S NRP-Z5 USB Sensor Hub Instrument Security Procedures

Keysight N5191A/93A UXG X-Series Agile Signal Generator

Xerox and Cisco Identity Services Engine (ISE) White Paper

RSA5100A Series Real-Time Signal Analyzers Declassification and Security Instructions

Statement of Volatility WorkCentre 7220/7225

Seagate Secure TCG Enterprise SSC Self-Encrypting Drives FIPS 140 Module. Security Policy. Security Level 2. Rev. 0.

1. SAR posted for comment on January 15, Standard Drafting Team appointed on January 29, 2014

DOCUMENT CONSULTING MAXIMUM DATA SECURITY WITH UTAX GUARANTEED.

COMMON CRITERIA CERTIFICATION REPORT

Xerox Color J75 Press

Seagate Momentus Thin Self-Encrypting Drives TCG Opal FIPS 140 Module Security Policy

Statement of Volatility WorkCentre 5845/5855/5865/5875/5890

Support Assistant Installation & User Guide

Model Number(s): DSO5xxxA/DSO/MSO6xxxA. **Declassification of the 5000A/6000A Series Oscilloscope**

Xerox Nuvera. Hints and Tips Guide. Software Version May P50711

TCG. TCG Storage Interface Interactions Specification (SIIS) Specification Version 1.08 Revision 1.00 October 26, 2018

Statement of Volatility WorkCentre 7830/7835/7845/7855

TCG. TCG Storage Interface Interactions Specification (SIIS) Specification Version 1.07 Revision 1.00 January 30, 2018

Secure Installation and Operation of your

Statement of Volatility WorkCentre 7525/7530/7535/7545/7556

Complete document security

Xerox AltaLink Product Enhancement Read Me

Certification Report

Kingston SSD Manager. User Guide (V )

Xerox FreeFlow Print Server. Security White Paper. Secure solutions. for you and your customers

TCG. TCG Storage Interface Interactions Specification (SIIS) Specification Version 1.07 Revision August-17 Committee Draft

NSA/CSS STORAGE DEVICE DECLASSIFICATION MANUAL (This Manual 9 12 supersedes NSA/CSS Manual 130 2, dated 10 November 2000.

R&S NRP USB and LAN Power Sensors Instrument Security Procedures

HP Standard for Information Protection and Security for Suppliers/Partners

Advances in Storage Security Standards

CIP Cyber Security Information Protection

National Information Assurance Partnership. Validation Report

Maximum data security with TA Triumph-Adler guaranteed.

*P *

User Guide. Storage Executive. Introduction. Storage Executive User Guide. Introduction

ConnectKey 2.0 WorkCentre 3655i 3655

Xerox ConnectKey. The ecosystem for workplace productivity.

Statement of Volatility Xerox Wide Format IJP 2000

Xerox Versant 3100 Press Xerox FreeFlow Print Server. Statement of Volatility Version 1.0

Seagate Secure TCG Enterprise SSC Self-Encrypting Drives FIPS 140 Module. Security Policy. Security Level 2. Rev. 1.0 May 11, 2015

Control Panel. Xerox AltaLink B8045/B8055/B8065/B8075/B8090 Multifunction Printer

Software Version 2.0 Version 1.0 October Xerox Print Services. Information Assurance Disclosure

User Guide. Storage Executive Command Line Interface. Introduction. Storage Executive Command Line Interface User Guide Introduction

requirements in a NERC or Regional Reliability Standard.

Software Version 2.5 Version 1.0 July Xerox Print Services. Information Assurance Disclosure

Xerox VersaLink C7000 Color Printer & VersaLink C7020/25/30 Multifunction Color Printer

Toshiba Secure TCG Opal SSC and Wipe technology. Self-Encrypting Drive Series

GreenTec Broderick Drive, Suite 155 Sterling, VA

Software Version 3.3 Version 1.0 October Xerox Print Portal. Information Assurance Disclosure

June Using Mopria with Xerox Devices Built on Xerox ConnectKey Technology User Guide

COMMON CRITERIA CERTIFICATION REPORT

8560E/EC-Series Spectrum Analyzers. Security Features and Volatility

Common Criteria Certificate

Sanitize Device Ext Command

Xerox Color 800i/1000i Press FreeFlow Print Server. Statement of Volatility Version 1.0

Interagency Advisory Board HSPD-12 Insights: Past, Present and Future. Carol Bales Office of Management and Budget December 2, 2008

Personal Cloud Self Protecting Self Encrypting Storage Devices

Version 1.3 Nov 09, Supplemental Guide -- Secure Installation and Operation of Your WorkCentre 7535/7556

Xerox Connect for Dropbox App

Evaluation. Common Criteria. Questions & Answers. Xerox Advanced Multifunction Systems. WorkCentre M35/M45/M55 WorkCentre Pro 35/45/55

Available services can vary on your printer setup. For details about services and settings, see the User Guide. Menus

Version 1.6 April 16, Secure Installation and Operation of Your WorkCentre 5030/5050

Xerox Versant 80 Press

Security Guide: For the safety use of Digital Multifunction Printer (Digital MFP) Version 1.1

Information System Profile

PageScope Box Operator Ver. 3.2 User s Guide

Transcription:

Xerox Product Data Overwrite Security Whitepaper Month 00, 0000 <Part Number> June 29, 2017

2017 Xerox Corporation. All rights reserved. Xerox, Xerox and Design and FreeFlow are trademarks of Xerox Corporation in the United States and/or other countries. Other company trademarks are also acknowledged. Document Version: 1.0 (June 2017)

Introduction Xerox multifunction devices have the ability to permanently erase and securely overwrite customer image data contained on the hard drive of a device. This document describes the process used for secure overwrite in Xerox products, and how it complies with secure overwrite requirements documented in NIST publication SP.800-88r1 and DOD NISPOM 5220.22-M. Note: This information is valid only for ConnectKey, AltaLink and VersaLink products. Details of the implementation in earlier Xerox products may differ. NIST SP.800-88r1 Overwrite Requirement As documented in Table 5 regarding ATA Hard Disk Drives: Clear Overwrite media by using organizationally approved and validated overwriting technologies/methods/tools. The Clear pattern should be at least a single write pass with a fixed data value, such as all zeros. Multiple write passes or more complex values may optionally be used. Purge Four options are available: 1. Use one of the ATA Sanitize Device feature set commands, if supported, to perform a Sanitize operation. One or both of the following options may be available: a. The overwrite EXT command. Apply one write pass of a fixed pattern across the media surface. Some examples of fixed patterns include all zeros or a pseudorandom pattern. A single write pass should suffice to purge the media. Optionally: Instead of one write pass, use three total write passes of a pseudorandom pattern, leveraging the invert option so that the second write pass is the inverted version of the pattern specified. b. If the device supports encryption and the technical specifications described in this document have been satisfied, the Cryptographic Erase (also known as CRYPTO SCRAMBLE EXT) command. Optionally: After Cryptographic Erase is successfully applied to a device, use the overwrite command (if supported) to write one pass of zeros or a pseudorandom pattern across the media. If the overwrite command is not supported, the Secure Erase or the Clear procedure could alternatively be applied following Cryptographic Erase. 2. Use the ATA Security feature set s SECURE ERASE UNIT command, if support, in Enhanced Erase mode. The ATA Sanitize Device feature set commands are preferred

over the over the ATA Security feature set SECURITY ERASE UNIT command when supported by the ATA device. 3. Cryptographic Erase through the Trusted Computing Group (TCG) Opal Security Subsystem Class (SSC) or Enterprise SSC interface by issuing commands as necessary to cause all MEKs to be changed (if the requirements described in this document have been satisfied). Refer to the TCG and device manufacturers for more information. Optionally: After Cryptographic Erase is successfully applied to a device, use the overwrite command (if supported) to write one pass of zeros or a pseudorandom pattern across the media. If the overwrite command is not supported, the Secure Erase or the Clear procedure could alternatively be applied following Cryptographic Erase. 4. Degauss in an organizationally approved automatic degausser or disassemble the hard disk drive and Purge the enclosed platters with an organizationally approved degaussing wand. Department of Defense NISPOM 5220.22-M Common Requirements As documented in Chapter 8. Information Systems Security. This is an older standard but some Xerox documentation may still reference it. 8-301. Clearing and Sanitization. Instructions on clearing, sanitization and release of IS media shall be issued by the accrediting CSA. a. Clearing. Clearing is the process of eradicating the data on media before reusing the media in an environment that provides an acceptable level of protection for the data that was on the media before clearing. All internal memory, buffer, or other reusable memory shall be cleared to effectively deny access to previously stored information. b. Sanitization. Sanitization is the process of removing the data from media before reusing the media in an environment that does not provide an acceptable level of protection for the data that was in the media before sanitizing. IS resources shall be sanitized before they are released from classified information controls or released for use at a lower classification level. Xerox Overwrite Process The process used to overwrite data in ConnectKey, AltaLink and VersaLink products complies with NIST SP.800-88-r1 Purge option 1a. This process meets or exceeds the requirements of the Clear function. The process also complies with DOD NISPOM 5220.22-M section 8-301. This process may be invoked at the end of a job (IIO), where it will overwrite the files used for that job, or on demand (ODIO), where it will overwrite temporary user image data files. The on demand feature can be scheduled as well. It can also optionally overwrite fax dial directories and fax mailboxes:

1. When the operation is started, a start indication is recorded in the audit log. 2. This process is executed on multiple partitions, depending on the type of overwrite enabled. 3. A single pattern is written to the entire partition. 4. The inverse of the pattern above (ones-complement) is written to the entire partition. 5. A unique new pattern is then written to the entire partition. 6. Starting at a random starting position, 10% of the partition is sampled for the occurrence of the last pattern. The 10% block is continuous. 7. If the sample check fails, then the operation terminates, and indicates a failed condition via a persistent message on the device user interface. When the device restarts, this message persists until an overwrite procedure is repeated. A failed indication will be recorded in the audit log. 8. If the sample succeeds, then the next partition in the list is used, and the process repeats, at step 3). 9. When all the partitions in the list have completed, a success is recorded, and the device is rebooted. 10. After the reboot, the device may print a confirmation sheet, if it was enabled. 11. The success or failure of the process is recorded in the audit log. References NIST Special Publication 800-88r1: http://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-88r1.pdf DOD NISPOM 5220-22-M: http://www.dss.mil/documents/odaa/nispom2006-5220.pdf

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback