This page was not yet optimized for use on mobile
devices.
EzIdentityTM mSignTM (Android v2.0.0.1 & iOS v2.0.0.1) and EzIdentityTM Authentication Platform v4.0.0.2
CSV information
| Status | archived |
|---|---|
| Valid from | 27.12.2013 |
| Valid until | 01.09.2019 |
| Scheme | 🇲🇾 MY |
| Manufacturer | EZMCOM Inc. |
| Category | Products for Digital Signatures |
| Security level | EAL2 |
Heuristics summary
Certificate ID: ISCB-5-RPT-C053-CR-v1a
Certificate
certificate could not be downloaded, no link is available.
Certification report
Extracted keywords
Symmetric Algorithms
Triple-DES, TDES, HMACAsymmetric Algorithms
RSA 2048Hash functions
SHA-1, SHA-256Security level
EAL2Security Functional Requirements (SFR)
FAU_GEN.1, FAU_SAR.1, FCO_NRO.1.1, FCO_NRO.1.2, FCO_NRO.1.3, FCS_CKM, FCS_COP, FCS_CKM.4, FDP_ACC.1, FDP_ACF.1, FIA_ATD, FIA_AFL.1, FIA_UAU.2, FIA_UID.2, FMT_SMF.1, FMT_SMR.1, FMT_MSA.3.1, FMT_MTD, FMT_MSA.3.2, FMT_MSA, FPT_ITT.1, FTA_SSL.1Certificates
ISCB-5-RPT-C053-CR-v1aCertification process
out of scope, Ref [6]) are out of scope for this evaluation, 11 All of the underlying hardware and the operating systems used by both mSign and EzIdentity are out of scope for this evaluation. 12 Figure 1 identifies the major architectural components that comprise the, by both mSign and EzIdentity as described in Section 1.4.3 of the Security Target (Ref [6]) are out of scope for this evaluation. 23 The assurance gained via evaluation applies specifically to the TOE in theStandards
FIPS 180-3, FIPS 180-2, PKCS#1, PKCS#5, RFC 2898, RFC 4226, RFC 6328, RFC 6287, ISO/IEC15408, ISO/IEC 18045File metadata
| Title | C053 Certification Report |
|---|---|
| Subject | EzIdentity™ mSign™ (Android v2.0.0.1 & iOS v2.0.0.1) and EzIdentity™ Authentication Platform v4.0.0.2 |
| Keywords | MyCB_TMP_002 |
| Author | ISCB Department |
| Creation date | D:20140106141939+08'00' |
| Modification date | D:20140106142000+08'00' |
| Pages | 42 |
| Creator | Acrobat PDFMaker 10.1 for Word |
| Producer | Adobe PDF Library 10.0 |
Security target
Extracted keywords
Symmetric Algorithms
Triple-DES, TDES, HMACHash functions
SHA-1, SHA-256, PBKDF2Vendor
STM, Thales, MicrosoftSecurity level
EAL2Claims
O.CRYPT, O.COMMSEC, O.MODIFY, O.CONTROL, O.KEYPROTECT, O.-CONTROL, T.COMINT, T.MODIFY, T.TSFDATA, T.UNAUTHORISED_A, T.UNAUTHORISED_ACCESS, A.ADMIN, A.OS, A.TIMESTAMP, A.DATACONTROL, A.UPDATE, A.PHYSICAL, OE.INSTALL, OE.ADMIN, OE.OPSYS, OE.ENVIRONMENT, OE.UPDATE, OE.TIMESTAMPSecurity Assurance Requirements (SAR)
ADV_ARC.1, ADV_FSP.2, ADV_TDS.1, AGD_OPE.1, AGD_PRE.1, ALC_CMS.2, ALC_CMC.2, ALC_DEL.1, ATE_IND.2, ATE_FUN.1, ATE_COV.1, AVA_VAN.2, ASE_INT.1, ASE_CCL.1, ASE_SPD.1, ASE_OBJ.2, ASE_REQ.2, ASE_TSS.1, ASE_ECD.1Security Functional Requirements (SFR)
FAU_GEN.1, FAU_SAR.1, FAU_SAR.1.1, FAU_SAR.1.2, FCO_NRO.1, FCO_NRO.1.1, FCO_NRO.1.2, FCO_NRO.1.3, FCS_CKM, FCS_CKM.4, FCS_COP, FCS_CKM.2, FCS_COP.1, FCS_CKM.4.1, FCS_CKM.1, FDP_IFF, FDP_ACC.1, FDP_ACF.1, FDP_ITC.1, FDP_ITC.2, FDP_ACC.1.1, FDP_ACF.1.1, FDP_ACF.1.2, FDP_ACF.1.3, FDP_ACF.1.4, FDP_IFC.1, FIA_AFL.1, FIA_ATD, FIA_UID.2, FIA_UAU.2, FIA_UID.1, FIA_AFL.1.1, FIA_AFL.1.2, FIA_UAU.1, FIA_ATD.1.1, FIA_UAU.2.1, FIA_UID.2.1, FMT_MSA, FMT_MSA.3, FMT_MTD, FMT_SMF.1, FMT_SMR.1, FMT_MSA.1.1, FMT_MSA.3.1, FMT_MSA.3.2, FMT_MTD.1.1, FMT_SMF.1.1, FMT_SMR.1.1, FMT_SMR.1.2, FMT_MSA.1, FPT_ITT.1, FPT_ITT.1.1, FPT_STM.1, FTA_SSL.1, FTA_SSL.1.1, FTA_SSL.1.2Certification process
out of scope, Please note that the RSA encryption and decryption operations performed on the EzIdentity are out of scope for this evaluation. COMMERCIAL-IN-CONFIDENCE 13 of 43 2 Conformance Claim (ASE_CCL.1) The ST andStandards
FIPS 46-3, FIPS 180-2, FIPS PUB 180-3, FIPS 180-3, PKCS#1, PKCS#5, RFC 2898, RFC 4226, RFC 6328, RFC 6287File metadata
| Title | EzIdentity™ mSign™ & EzIdentity™ Authentication Platform Security Target EAL2 Security Target |
|---|---|
| Author | Soshinee Govindasamy |
| Creation date | D:20131121122329+08'00' |
| Modification date | D:20131121122329+08'00' |
| Pages | 43 |
| Creator | Microsoft® Word 2010 |
| Producer | Microsoft® Word 2010 |
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.Certificate ID
ISCB-5-RPT-C053-CR-v1aExtracted SARs
ADV_ARC.1, ADV_FSP.2, ADV_TDS.1, AGD_OPE.1, AGD_PRE.1, ALC_CMC.2, ALC_CMS.2, ALC_DEL.1, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_TSS.1, ATE_COV.1, ATE_FUN.1, ATE_IND.2, AVA_VAN.2Similar certificates
Showing 5 out of 6.
Scheme data
| Cert No | 2013-013-C053 | |
|---|---|---|
| Developer | EZMCOM Inc. | |
| Level | EAL2 | |
| Product | EzIdentityTM mSignTM (Android v2.0.0.1 & iOS v2.0.0.1) and EzIdentityTM Authentication Platform v4.0.0.2 | |
| Certification Date | 27.12.2013 | |
| Expiration Date | 27.12.2018 | |
| Recognition | CCRA | |
| Url | https://iscb.cybersecurity.my/index.php/certification/product-certification/mycc/archived-certified-products-and-systems/submission-view/83 | |
| Enhanced | ||
| Developer | Anupam Ratha2B-23A-3, Block 2B,Plaza Sentral, Jalan Stesen Sentral 5,50470 Kuala Lumpur,MALAYSIA URL: http://www.ezmcom.comEmail: [email protected]: +6012-570-1114 | |
| Status | Archive | |
| Scope | EzIdentity™ mSign™ (Android v2.0.0.1 & iOS v2.0.0.1) and EzIdentity™ Authentication Platform v4.0.0.2 (hereafter referred as mSign and EzIdentity Platform) from EZMCOM Inc. are the Target of Evaluation (TOE) for this Evaluation Assurance Level (EAL) 2 evaluation. The TOE is consists of two components as follows: Client side: EzIdentity™ mSign. mSign is a smartphone based application that provides users with the ability to apply digital signatures to documents and data that the users receive. The application allows for the generation of a digital signature, which can then be used to approve and sign transactions (such as internet banking, funds transfers, etc.). In addition, the application supports the generation of One Time Password (OTP) for software initialisation and challenge response code in order to unblock the blocked user. Server side: EzIdentity™ Authentication Platform. EzIdentity platform supports an organisations deployment of the mSign application by providing a back-end platform to manage and control deployment and configuration. The platform assists in the transfer of transaction data to be signed between third parties and mSign users, provides user and role management, security and management functions and allows organisations to manage and configure all aspects of both the EzIdentity platform and mSign application deployment. The scope of evaluation covers major security functions described as follows: Security Audit - EzIdentity platform generates audit records for security events. The Administrator, Super Operator and Operator who have roles with access to the audit report module are allowed to view the audit trail. Data Protection - User data such as device ID, user PIN and signature data that is stored within mSign application is encrypted with Triple-DES encryption to prevent from data modification and unauthorised access. Identification and Authentication - The TOE, both mSign and EzIdentity platform, enforce user identification and authentication mechanism prior to allow user to any user action or information flow being permitted. mSign user is required to enter user PIN before permitted to perform any actions. On the EzIdentity platform, users such as Administrators, Super Operators, and Operators must be authenticated using correct combination of username and password before permitted to perform any administrative functions. Security Management - EzIdentity platform provides a wide range of security management function for Administrators including TOE configuration, manage mSign client application, managing users, assign the information flow policy, and audit management among other routine maintenance activities. TOE Access - TOE provides session termination based on time limitation set on user inactivity. The TOE also enforce user blocking session if the user have wrongly entered user PIN after certain number of invalid authentication attempts are made. In order to unblock the session, user is required to request Challenge Response Code which will be sent to his or her registered mobile phone or email as defined during user registration process. Cryptographic Operation - Both mSign and EzIdentity platform provide users with functionality to digitally sign files, data and sensitive transaction (such as internet banking transfer) to provide integrity and non-repudiation. It also provides One Time Password (OTP) generation, secure transit of data between TOE components and secure storage of user data on device. | |
| Cert Id | C053 | |
| Category | Products for Digital Signatures | |
| Assurance Level | EAL2 | |
| Product | EzIdentityTM mSignTM (Android v2.0.0.1 & iOS v2.0.0.1) and EzIdentityTM Authentication Platform v4.0.0.2 | |
| Certification Date | 27.12.2013 | |
| Expiration Date | 27.12.2018 | |
| Mutual Recognition | CCRA | |
| Target Link | https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C053/EZMCOM%20EzIdentity%20Security%20Target%20v1.1.pdf | |
| Report Link | https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C053/ISCB-5-RPT-C053-CR-v1a.pdf | |
| Type | Software product used for digital signing of data, file, or transaction that includes the client and server components of the EzIdentityTM.Software product used for digital signing of data, file, or transaction that includes the client and server components of the EzIdentityTM. | |
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "Products for Digital Signatures",
"cert_link": null,
"dgst": "80a30e9889a58515",
"heuristics": {
"_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
"annotated_references": null,
"cert_id": "ISCB-5-RPT-C053-CR-v1a",
"cert_lab": null,
"cpe_matches": null,
"direct_transitive_cves": null,
"eal": "EAL2",
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DEL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_ARC",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_ECD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_TDS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_FUN",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMC",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_INT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_OPE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_REQ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_COV",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_TSS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_OBJ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_CCL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_IND",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_SPD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_PRE",
"level": 1
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"2.0.0.1",
"4.0.0.2"
]
},
"indirect_transitive_cves": null,
"next_certificates": null,
"prev_certificates": null,
"protection_profiles": null,
"related_cves": null,
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"scheme_data": {
"cert_no": "2013-013-C053",
"certification_date": "2013-12-27",
"developer": "EZMCOM Inc.",
"enhanced": {
"assurance_level": "EAL2",
"category": "Products for Digital Signatures",
"cert_id": "C053",
"certification_date": "2013-12-27",
"developer": "Anupam Ratha2B-23A-3, Block 2B,Plaza Sentral, Jalan Stesen Sentral 5,50470 Kuala Lumpur,MALAYSIA URL: http://www.ezmcom.comEmail: [email protected]: +6012-570-1114",
"expiration_date": "2018-12-27",
"mutual_recognition": "CCRA",
"product": "EzIdentityTM mSignTM (Android v2.0.0.1 \u0026 iOS v2.0.0.1) and EzIdentityTM Authentication Platform v4.0.0.2",
"report_link": "https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C053/ISCB-5-RPT-C053-CR-v1a.pdf",
"scope": "EzIdentity\u2122 mSign\u2122 (Android v2.0.0.1 \u0026 iOS v2.0.0.1) and EzIdentity\u2122 Authentication Platform v4.0.0.2 (hereafter referred as mSign and EzIdentity Platform) from EZMCOM Inc. are the Target of Evaluation (TOE) for this Evaluation Assurance Level (EAL) 2 evaluation. The TOE is consists of two components as follows: Client side: EzIdentity\u2122 mSign. mSign is a smartphone based application that provides users with the ability to apply digital signatures to documents and data that the users receive. The application allows for the generation of a digital signature, which can then be used to approve and sign transactions (such as internet banking, funds transfers, etc.). In addition, the application supports the generation of One Time Password (OTP) for software initialisation and challenge response code in order to unblock the blocked user. Server side: EzIdentity\u2122 Authentication Platform. EzIdentity platform supports an organisations deployment of the mSign application by providing a back-end platform to manage and control deployment and configuration. The platform assists in the transfer of transaction data to be signed between third parties and mSign users, provides user and role management, security and management functions and allows organisations to manage and configure all aspects of both the EzIdentity platform and mSign application deployment. The scope of evaluation covers major security functions described as follows: Security Audit - EzIdentity platform generates audit records for security events. The Administrator, Super Operator and Operator who have roles with access to the audit report module are allowed to view the audit trail. Data Protection - User data such as device ID, user PIN and signature data that is stored within mSign application is encrypted with Triple-DES encryption to prevent from data modification and unauthorised access. Identification and Authentication - The TOE, both mSign and EzIdentity platform, enforce user identification and authentication mechanism prior to allow user to any user action or information flow being permitted. mSign user is required to enter user PIN before permitted to perform any actions. On the EzIdentity platform, users such as Administrators, Super Operators, and Operators must be authenticated using correct combination of username and password before permitted to perform any administrative functions. Security Management - EzIdentity platform provides a wide range of security management function for Administrators including TOE configuration, manage mSign client application, managing users, assign the information flow policy, and audit management among other routine maintenance activities. TOE Access - TOE provides session termination based on time limitation set on user inactivity. The TOE also enforce user blocking session if the user have wrongly entered user PIN after certain number of invalid authentication attempts are made. In order to unblock the session, user is required to request Challenge Response Code which will be sent to his or her registered mobile phone or email as defined during user registration process. Cryptographic Operation - Both mSign and EzIdentity platform provide users with functionality to digitally sign files, data and sensitive transaction (such as internet banking transfer) to provide integrity and non-repudiation. It also provides One Time Password (OTP) generation, secure transit of data between TOE components and secure storage of user data on device.",
"status": "Archive",
"target_link": "https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C053/EZMCOM%20EzIdentity%20Security%20Target%20v1.1.pdf",
"type": "Software product used for digital signing of data, file, or transaction that includes the client and server components of the EzIdentityTM.Software product used for digital signing of data, file, or transaction that includes the client and server components of the EzIdentityTM."
},
"expiration_date": "2018-12-27",
"level": "EAL2",
"product": "EzIdentityTM mSignTM (Android v2.0.0.1 \u0026 iOS v2.0.0.1) and EzIdentityTM Authentication Platform v4.0.0.2",
"recognition": "CCRA",
"url": "https://iscb.cybersecurity.my/index.php/certification/product-certification/mycc/archived-certified-products-and-systems/submission-view/83"
},
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": []
},
"manufacturer": "EZMCOM Inc.",
"manufacturer_web": "https://www.ezmcom.com/",
"name": "EzIdentityTM mSignTM (Android v2.0.0.1 \u0026 iOS v2.0.0.1) and EzIdentityTM Authentication Platform v4.0.0.2",
"not_valid_after": "2019-09-01",
"not_valid_before": "2013-12-27",
"pdf_data": {
"_type": "sec_certs.sample.cc.CCCertificate.PdfData",
"cert_filename": null,
"cert_frontpage": null,
"cert_keywords": null,
"cert_metadata": null,
"report_filename": "ISCB-5-RPT-C053-CR-v1a.pdf",
"report_frontpage": {},
"report_keywords": {
"asymmetric_crypto": {
"RSA": {
"RSA 2048": 1
}
},
"cc_cert_id": {
"MY": {
"ISCB-5-RPT-C053-CR-v1a": 41
}
},
"cc_claims": {},
"cc_protection_profile_id": {},
"cc_sar": {},
"cc_security_level": {
"EAL": {
"EAL2": 9
}
},
"cc_sfr": {
"FAU": {
"FAU_GEN.1": 1,
"FAU_SAR.1": 1
},
"FCO": {
"FCO_NRO.1.1": 1,
"FCO_NRO.1.2": 1,
"FCO_NRO.1.3": 1
},
"FCS": {
"FCS_CKM": 2,
"FCS_CKM.4": 1,
"FCS_COP": 5
},
"FDP": {
"FDP_ACC.1": 1,
"FDP_ACF.1": 1
},
"FIA": {
"FIA_AFL.1": 1,
"FIA_ATD": 2,
"FIA_UAU.2": 1,
"FIA_UID.2": 1
},
"FMT": {
"FMT_MSA": 2,
"FMT_MSA.3.1": 1,
"FMT_MSA.3.2": 1,
"FMT_MTD": 2,
"FMT_SMF.1": 1,
"FMT_SMR.1": 1
},
"FPT": {
"FPT_ITT.1": 1
},
"FTA": {
"FTA_SSL.1": 1
}
},
"certification_process": {
"OutOfScope": {
"11 All of the underlying hardware and the operating systems used by both mSign and EzIdentity are out of scope for this evaluation. 12 Figure 1 identifies the major architectural components that comprise the": 1,
"Ref [6]) are out of scope for this evaluation": 1,
"by both mSign and EzIdentity as described in Section 1.4.3 of the Security Target (Ref [6]) are out of scope for this evaluation. 23 The assurance gained via evaluation applies specifically to the TOE in the": 1,
"out of scope": 2
}
},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 4
},
"SHA2": {
"SHA-256": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 180-2": 1,
"FIPS 180-3": 1
},
"ISO": {
"ISO/IEC 18045": 2,
"ISO/IEC15408": 2
},
"PKCS": {
"PKCS#1": 3,
"PKCS#5": 2
},
"RFC": {
"RFC 2898": 2,
"RFC 4226": 2,
"RFC 6287": 2,
"RFC 6328": 2
}
},
"symmetric_crypto": {
"DES": {
"3DES": {
"TDES": 3,
"Triple-DES": 5
}
},
"constructions": {
"MAC": {
"HMAC": 3
}
}
},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"report_metadata": {
"/Author": "ISCB Department",
"/Category": "PUBLIC",
"/Caveat": "FINAL",
"/Classification": "PUBLIC",
"/Company": "CyberSecurity Malaysia",
"/CreationDate": "D:20140106141939+08\u002700\u0027",
"/Creator": "Acrobat PDFMaker 10.1 for Word",
"/Developer": "EZMCOM Inc",
"/Document Type": "CR",
"/Identifier": "ISCB-5-RPT-C053-CR-v1a",
"/Index": "MyCB_TMP_002",
"/Keywords": "MyCB_TMP_002",
"/ModDate": "D:20140106142000+08\u002700\u0027",
"/Phase": "Release",
"/Producer": "Adobe PDF Library 10.0",
"/Project Code": "C053",
"/Released": "27 December 2013",
"/ST Date": "18 November 2013",
"/ST Title": "EzIdentity\u2122 mSign\u2122 \u0026 EzIdentity\u2122 Authentication Platform Security Target",
"/ST Version": "v1.1",
"/SourceModified": "D:20140106061916",
"/Sponsor": "EZMCOM Inc",
"/Subject": "EzIdentity\u2122 mSign\u2122 (Android v2.0.0.1 \u0026 iOS v2.0.0.1) and EzIdentity\u2122 Authentication Platform v4.0.0.2",
"/TOE Name": "EzIdentity\u2122 mSign\u2122 and EzIdentity\u2122 Authentication Platform",
"/TOE Version": "EzIdentity\u2122 mSign\u2122 (Android v2.0.0.1 \u0026 iOS v2.0.0.1) and EzIdentity\u2122 Authentication Platform v4.0.02",
"/Title": "C053 Certification Report",
"/Version": "v1a",
"pdf_file_size_bytes": 398084,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://www.commoncriteriaportal.org/",
"mailto:[email protected]",
"http://www.cybersecurity.my/mycc"
]
},
"pdf_is_encrypted": true,
"pdf_number_of_pages": 42
},
"st_filename": "EZMCOM EzIdentity Security Target v1.1.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {},
"cc_claims": {
"A": {
"A.ADMIN": 2,
"A.DATACONTROL": 2,
"A.OS": 2,
"A.PHYSICAL": 2,
"A.TIMESTAMP": 3,
"A.UPDATE": 2
},
"O": {
"O.-CONTROL": 1,
"O.COMMSEC": 4,
"O.CONTROL": 3,
"O.CRYPT": 4,
"O.KEYPROTECT": 3,
"O.MODIFY": 4
},
"OE": {
"OE.ADMIN": 2,
"OE.ENVIRONMENT": 3,
"OE.INSTALL": 1,
"OE.OPSYS": 2,
"OE.TIMESTAMP": 2,
"OE.UPDATE": 2
},
"T": {
"T.COMINT": 3,
"T.MODIFY": 3,
"T.TSFDATA": 3,
"T.UNAUTHORISED_A": 1,
"T.UNAUTHORISED_ACCESS": 2
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"ADV": {
"ADV_ARC.1": 1,
"ADV_FSP.2": 1,
"ADV_TDS.1": 1
},
"AGD": {
"AGD_OPE.1": 1,
"AGD_PRE.1": 1
},
"ALC": {
"ALC_CMC.2": 1,
"ALC_CMS.2": 1,
"ALC_DEL.1": 1
},
"ASE": {
"ASE_CCL.1": 4,
"ASE_ECD.1": 1,
"ASE_INT.1": 4,
"ASE_OBJ.2": 4,
"ASE_REQ.2": 4,
"ASE_SPD.1": 4,
"ASE_TSS.1": 4
},
"ATE": {
"ATE_COV.1": 1,
"ATE_FUN.1": 1,
"ATE_IND.2": 1
},
"AVA": {
"AVA_VAN.2": 1
}
},
"cc_security_level": {
"EAL": {
"EAL2": 9
}
},
"cc_sfr": {
"FAU": {
"FAU_GEN.1": 5,
"FAU_SAR.1": 4,
"FAU_SAR.1.1": 1,
"FAU_SAR.1.2": 1
},
"FCO": {
"FCO_NRO.1": 6,
"FCO_NRO.1.1": 1,
"FCO_NRO.1.2": 1,
"FCO_NRO.1.3": 1
},
"FCS": {
"FCS_CKM": 14,
"FCS_CKM.1": 13,
"FCS_CKM.2": 4,
"FCS_CKM.4": 23,
"FCS_CKM.4.1": 1,
"FCS_COP": 28,
"FCS_COP.1": 5
},
"FDP": {
"FDP_ACC.1": 17,
"FDP_ACC.1.1": 1,
"FDP_ACF.1": 6,
"FDP_ACF.1.1": 1,
"FDP_ACF.1.2": 1,
"FDP_ACF.1.3": 1,
"FDP_ACF.1.4": 1,
"FDP_IFC.1": 5,
"FDP_IFF": 2,
"FDP_ITC.1": 12,
"FDP_ITC.2": 12
},
"FIA": {
"FIA_AFL.1": 7,
"FIA_AFL.1.1": 1,
"FIA_AFL.1.2": 1,
"FIA_ATD": 8,
"FIA_ATD.1.1": 2,
"FIA_UAU.1": 4,
"FIA_UAU.2": 9,
"FIA_UAU.2.1": 1,
"FIA_UID.1": 6,
"FIA_UID.2": 6,
"FIA_UID.2.1": 1
},
"FMT": {
"FMT_MSA": 6,
"FMT_MSA.1": 3,
"FMT_MSA.1.1": 2,
"FMT_MSA.3": 8,
"FMT_MSA.3.1": 1,
"FMT_MSA.3.2": 1,
"FMT_MTD": 12,
"FMT_MTD.1.1": 2,
"FMT_SMF.1": 14,
"FMT_SMF.1.1": 1,
"FMT_SMR.1": 24,
"FMT_SMR.1.1": 1,
"FMT_SMR.1.2": 1
},
"FPT": {
"FPT_ITT.1": 5,
"FPT_ITT.1.1": 1,
"FPT_STM.1": 2
},
"FTA": {
"FTA_SSL.1": 5,
"FTA_SSL.1.1": 1,
"FTA_SSL.1.2": 1
}
},
"certification_process": {
"OutOfScope": {
"Please note that the RSA encryption and decryption operations performed on the EzIdentity are out of scope for this evaluation. COMMERCIAL-IN-CONFIDENCE 13 of 43 2 Conformance Claim (ASE_CCL.1) The ST and": 1,
"out of scope": 1
}
},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {
"PBKDF": {
"PBKDF2": 2
},
"SHA": {
"SHA1": {
"SHA-1": 7
},
"SHA2": {
"SHA-256": 4
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 180-2": 1,
"FIPS 180-3": 1,
"FIPS 46-3": 1,
"FIPS PUB 180-3": 1
},
"PKCS": {
"PKCS#1": 6,
"PKCS#5": 3
},
"RFC": {
"RFC 2898": 2,
"RFC 4226": 2,
"RFC 6287": 2,
"RFC 6328": 2
}
},
"symmetric_crypto": {
"DES": {
"3DES": {
"TDES": 7,
"Triple-DES": 7
}
},
"constructions": {
"MAC": {
"HMAC": 5
}
}
},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Microsoft": {
"Microsoft": 1
},
"STMicroelectronics": {
"STM": 1
},
"Thales": {
"Thales": 1
}
},
"vulnerability": {}
},
"st_metadata": {
"/Author": "Soshinee Govindasamy",
"/CreationDate": "D:20131121122329+08\u002700\u0027",
"/Creator": "Microsoft\u00ae Word 2010",
"/ModDate": "D:20131121122329+08\u002700\u0027",
"/Producer": "Microsoft\u00ae Word 2010",
"/Title": "EzIdentity\u2122 mSign\u2122 \u0026 EzIdentity\u2122 Authentication Platform Security Target EAL2 Security Target",
"pdf_file_size_bytes": 928180,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 43
}
},
"protection_profile_links": {
"_type": "Set",
"elements": []
},
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ISCB-5-RPT-C053-CR-v1a.pdf",
"scheme": "MY",
"security_level": {
"_type": "Set",
"elements": [
"EAL2"
]
},
"st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/EZMCOM%20EzIdentity%20Security%20Target%20v1.1.pdf",
"state": {
"_type": "sec_certs.sample.cc.CCCertificate.InternalState",
"cert": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": false,
"download_ok": false,
"extract_ok": false,
"json_hash": null,
"pdf_hash": null,
"txt_hash": null
},
"report": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"json_hash": null,
"pdf_hash": "56ae235210872827b94af81907dcc2e6069a531331fe79b138f7e2806374f770",
"txt_hash": "f9b6da6d3ed30a7a1b59c95f30b66250dc569cd2e2b07ef2366d8a4738e9e363"
},
"st": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"json_hash": null,
"pdf_hash": "c4b58c015b176a0a7e01812c2ba212bda9c3209d1542b010c2c5497e410a6d1b",
"txt_hash": "175f6ebdca3654eff335ed0c127a1dd565df9d90dd285ba6c8dcc65ef3e3f30f"
}
},
"status": "archived"
}