Microsoft Exchange Server 2007 Enterprise Edition (English), Version/Build 08.02.0176.002
Link Link by certificate ID Link by certificate nameCSV information ?
Status | archived |
---|---|
Valid from | 16.11.2009 |
Valid until | 01.09.2019 |
Scheme | 🇩🇪 DE |
Manufacturer | Microsoft Corporation |
Category | Other Devices and Systems |
Security level | EAL4+ |
Heuristics summary ?
Certificate ?
Certification report ?
Extracted keywords
Hash functions
SHA-1Protocols
TLSVendor
Microsoft, Microsoft CorporationSecurity level
EAL 4, EAL4, EAL 1, EAL 7, EAL1, EAL3, EAL5, EAL7, EAL2, EAL6, EAL 4 augmented, EAL4 augmentedSecurity Assurance Requirements (SAR)
ACM_AUT, ACM_CAP, ACM_SCP, ADO_DEL, ADO_IGS, ADV_FSP, ADV_HLD, ADV_IMP, ADV_INT, ADV_LLD, ADV_RCR, ADV_SPM, AGD_ADM, AGD_USR, ALC_FLR.3, ALC_DVS, ALC_FLR, ALC_LCD, ALC_TAT, ATE_COV, ATE_DPT, ATE_FUN, ATE_IND, AVA_CCA, AVA_MSU, AVA_SOF, AVA_VLA, AVA_VLA.2, AVA_VLA.3, AVA_VLA.4, APE_DES, APE_ENV, APE_INT, APE_OBJ, APE_REQ, APE_SRE, ASE_DES, ASE_ENV, ASE_INT, ASE_OBJ, ASE_PPC, ASE_REQ, ASE_SRE, ASE_TSSCertificates
BSI-DSZ-CC-0436-2009Evaluation facilities
TÃœV Informationstechnik, tuvitCertification process
out of scope, TOE in the certified version and configuration. The version of the help-file on the product DVD is out of scope of the certification. The TOE has to be installed and configured according to the Guidance Addendum, any client. The way external lists for filtering of messages are compiled and transferred is also out of scope of the evaluation. Some security functionality of the TOE environment, namely of the operating, 02.0176.002, EVALUATION TECHNICAL REPORT, Version 3, Date 2009-10-01, TÜV Informationstechnik GmbH (confidential document) [8] Configuration list for the TOE: Exchange Server 2007 Common Criteria Evaluation, Configuration, Server, Version: 1.05, Date: 2009-09-28; including all document as referenced in chapter 3.2. (confidential documents) [9] Microsoft Exchange Server 2007 Enterprise Edition Common Criteria Evaluation – GuidanceCertification process
out of scope, TOE in the certified version and configuration. The version of the help-file on the product DVD is out of scope of the certification. The TOE has to be installed and configured according to the Guidance Addendum, any client. The way external lists for filtering of messages are compiled and transferred is also out of scope of the evaluation. Some security functionality of the TOE environment, namely of the operating, 02.0176.002, EVALUATION TECHNICAL REPORT, Version 3, Date 2009-10-01, TÜV Informationstechnik GmbH (confidential document) [8] Configuration list for the TOE: Exchange Server 2007 Common Criteria Evaluation, Configuration, Server, Version: 1.05, Date: 2009-09-28; including all document as referenced in chapter 3.2. (confidential documents) [9] Microsoft Exchange Server 2007 Enterprise Edition Common Criteria Evaluation – GuidanceStandards
AIS 34, AIS 32, ISO/IEC 15408:2005Technical reports
BSI 7125, BSI 7148, BSI 7149File metadata
Title | Certification Report BSI-DSZ-CC-0436-2009 |
---|---|
Subject | Common Criteria Certification |
Keywords | "Microsoft Exchange Server 2007 Enterprise Edition (English) Version/Build 08.02.0176.002, Microsoft Corporation, Common Criteria, Certification, Zertifzierung" |
Author | Bundesamt für Sicherheit in der Informationstechnik |
Creation date | D:20091209111723+01'00' |
Modification date | D:20091218092509+01'00' |
Pages | 34 |
Creator | Writer |
Producer | StarOffice 9 |
Frontpage
Certificate ID | BSI-DSZ-CC-0436-2009 |
---|---|
Certified item | Microsoft Exchange Server 2007 Enterprise Edition (English) Version/Build 08.02.0176.002 |
Certification lab | BSI |
Developer | Microsoft Corporation |
Security target ?
Extracted keywords
Symmetric Algorithms
RC4Protocols
SSL, SSL 3.0, TLSVendor
Microsoft, Microsoft CorporationSecurity level
EAL4, EAL4 augmentedClaims
O.DAC, O.CONBLK, O.RESTDIST, O.REDUCE_SPAM, O.MAIL_FLOW, O.QUOTA, T.AUTH_DAC, T.SPAM, T.DL_MISUSE, T.OVERFLOW, T.UNAUTH_DAC, T.UNAUTHUSE, A.COM_PROT, A.INSTALL, A.PLATFORM, A.BLOCKLIST, A.NO_EVIL_ADM, A.PHYS_PROTECT, A.NO_EVIL_ADMIN, OE.COM_PROT, OE.INSTALL, OE.PLATFORM, OE.BLOCKLIST, OE.PHYSICAL, OSP.MAIL_FLOWSecurity Assurance Requirements (SAR)
ACM_AUT.1, ACM_CAP.4, ACM_SCP.2, ADO_DEL.2, ADO_IGS.1, ADV_FSP.2, ADV_HLD.2, ADV_IMP.1, ADV_LLD.1, ADV_RCR.1, ADV_SPM.1, AGD_ADD, AGD_ADM.1, AGD_USR.1, ALC_FLR.3, ALC_DVS.1, ALC_LCD.1, ALC_TAT.1, ATE_COV.2, ATE_DPT.1, ATE_FUN.1, ATE_IND.2, AVA_MSU.2, AVA_SOF.1, AVA_VLA.2Security Functional Requirements (SFR)
FAU_GEN, FDP_ACC, FDP_ACF, FDP_IFC, FDP_IFF, FDP_ACC.1, FDP_ACF.1, FDP_IFC.1, FDP_IFF.1, FIA_AFL, FIA_UAU.8, FIA_UID.3, FIA_SOS.1, FIA_USB.1, FIA_SOS.1.1, FIA_USB.1.1, FIA_USB.1.2, FIA_USB.1.3, FIA_ATD.1, FIA_ATD.1.1, FIA_UID.1, FIA_UID.2, FIA_UAU, FIA_UID, FMT_SMF.1, FMT_MSA, FMT_MSA.1, FMT_MSA.3, FMT_SMF.1.1, FMT_SMR.1, FMT_SMR.1.1, FMT_SMR.1.2, FRU_RSA, FRU_RSA.1Evaluation facilities
tuvitCertification process
out of scope, it should be noted that the way these external lists are compiled and transferred to the TOE are out of scope of the evaluation. Security Target Page 14/83 2.3.4 Important functionality of the environment TheSide-channel analysis
reverse engineeringCertification process
out of scope, it should be noted that the way these external lists are compiled and transferred to the TOE are out of scope of the evaluation. Security Target Page 14/83 2.3.4 Important functionality of the environment TheStandards
RFC 2821, RFC 2822, RFC 1730, RFC 1725, RFC1730, RFC1725File metadata
Title | Exchange Server 2007 Common Criteria Evaluation Security Target |
---|---|
Keywords | Common Criteria, Exchange, Security, Evaluation, Security Target |
Author | Amy Blumenfield |
Creation date | D:20091210164950 |
Modification date | D:20091210164950 |
Pages | 83 |
Creator | Microsoft® Office Word 2007 |
Producer | Microsoft® Office Word 2007 |
Heuristics ?
Extracted SARs
ALC_LCD.1, ADV_LLD.1, ATE_FUN.1, ATE_DPT.1, ADV_FSP.2, ADV_RCR.1, ADV_HLD.2, ATE_COV.2, ALC_FLR.3, ALC_TAT.1, AGD_ADM.1, AVA_SOF.1, AVA_MSU.2, ADV_IMP.1, AGD_USR.1, ATE_IND.2, ADV_SPM.1, AVA_VLA.2, ALC_DVS.1Similar certificates
Name | Certificate ID | |
---|---|---|
Database Engine of Microsoft SQL Server 2005 Enterprise Edition (English) SP1, Version/Build 9.00.2047.00 | BSI-DSZ-CC-0416-2007 | Compare |
References ?
No references are available for this certificate.
Updates ?
-
22.08.2024 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The report property was updated, with the
{'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '5495fd3d0f9c2c98dabc1c0fc8042b8800244b450124ce680b73c7fc7261a07c', 'txt_hash': 'afc9d27ae3d7304e91bbdeed6d162d31fde4c23c8b5fbc9a9b6e6b29b8232619'}
data. - The st property was updated, with the
{'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '8a864c46e1eccdf9c9c8d31b615fe17ef355f4ebb70b64968080961c4f2b4448', 'txt_hash': '37895c1594875b36e8c27abe20054f5fc215785c86d8a4e57dded5b30f18d954'}
data.
The PDF extraction data was updated.
- The report_metadata property was set to
{'pdf_file_size_bytes': 966828, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 34, '/CreationDate': "D:20091209111723+01'00'", '/Subject': 'Common Criteria Certification', '/Author': 'Bundesamt für Sicherheit in der Informationstechnik', '/Creator': 'Writer', '/Keywords': '"Microsoft Exchange Server 2007 Enterprise Edition (English) Version/Build 08.02.0176.002, Microsoft Corporation, Common Criteria, Certification, Zertifzierung"', '/Producer': 'StarOffice 9', '/ModDate': "D:20091218092509+01'00'", '/Title': 'Certification Report BSI-DSZ-CC-0436-2009', 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['http://www.bsi.bund.de/']}}
. - The st_metadata property was set to
{'pdf_file_size_bytes': 876079, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 83, '/Title': 'Exchange Server 2007 Common Criteria Evaluation Security Target', '/Author': 'Amy Blumenfield', '/Keywords': 'Common Criteria, Exchange, Security, Evaluation, Security Target', '/Creator': 'Microsoft® Office Word 2007', '/CreationDate': 'D:20091210164950', '/ModDate': 'D:20091210164950', '/Producer': 'Microsoft® Office Word 2007', 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['http://en.wikipedia.org/wiki/Telephone_exchange', 'http://www.ietf.org/rfc/rfc2821.txt', 'https://secure.tuvit.de/']}}
. - The report_frontpage property was set to
{'DE': {'match_rules': ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)'], 'cert_id': 'BSI-DSZ-CC-0436-2009', 'cert_item': 'Microsoft Exchange Server 2007 Enterprise Edition (English) Version/Build 08.02.0176.002', 'developer': 'Microsoft Corporation', 'cert_lab': 'BSI'}}
. - The report_keywords property was set to
{'cc_cert_id': {'DE': {'BSI-DSZ-CC-0436-2009': 17}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL 4': 3, 'EAL4': 8, 'EAL 1': 1, 'EAL 7': 1, 'EAL1': 5, 'EAL3': 4, 'EAL5': 6, 'EAL7': 4, 'EAL2': 3, 'EAL6': 3, 'EAL 4 augmented': 2, 'EAL4 augmented': 1}}, 'cc_sar': {'ACM': {'ACM_AUT': 2, 'ACM_CAP': 2, 'ACM_SCP': 2}, 'ADO': {'ADO_DEL': 2, 'ADO_IGS': 2}, 'ADV': {'ADV_FSP': 2, 'ADV_HLD': 2, 'ADV_IMP': 2, 'ADV_INT': 2, 'ADV_LLD': 2, 'ADV_RCR': 2, 'ADV_SPM': 2}, 'AGD': {'AGD_ADM': 2, 'AGD_USR': 2}, 'ALC': {'ALC_FLR.3': 4, 'ALC_DVS': 2, 'ALC_FLR': 2, 'ALC_LCD': 1, 'ALC_TAT': 2}, 'ATE': {'ATE_COV': 2, 'ATE_DPT': 2, 'ATE_FUN': 2, 'ATE_IND': 2}, 'AVA': {'AVA_CCA': 2, 'AVA_MSU': 2, 'AVA_SOF': 3, 'AVA_VLA': 3, 'AVA_VLA.2': 1, 'AVA_VLA.3': 1, 'AVA_VLA.4': 1}, 'APE': {'APE_DES': 1, 'APE_ENV': 1, 'APE_INT': 1, 'APE_OBJ': 1, 'APE_REQ': 1, 'APE_SRE': 1}, 'ASE': {'ASE_DES': 1, 'ASE_ENV': 1, 'ASE_INT': 1, 'ASE_OBJ': 1, 'ASE_PPC': 1, 'ASE_REQ': 1, 'ASE_SRE': 1, 'ASE_TSS': 1}}, 'cc_sfr': {}, 'cc_claims': {}, 'vendor': {'Microsoft': {'Microsoft': 17, 'Microsoft Corporation': 5}}, 'eval_facility': {'TUV': {'TÜV Informationstechnik': 3, 'tuvit': 12}}, 'symmetric_crypto': {}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 5}}}, 'crypto_scheme': {}, 'crypto_protocol': {'TLS': {'TLS': {'TLS': 1}}}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {'BSI': {'BSI 7125': 2, 'BSI 7148': 1, 'BSI 7149': 1}}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'BSI': {'AIS 34': 1, 'AIS 32': 1}, 'ISO': {'ISO/IEC 15408:2005': 2}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'OutOfScope': {'out of scope': 2, 'TOE in the certified version and configuration. The version of the help-file on the product DVD is out of scope of the certification. The TOE has to be installed and configured according to the Guidance Addendum': 1, 'any client. The way external lists for filtering of messages are compiled and transferred is also out of scope of the evaluation. Some security functionality of the TOE environment, namely of the operating': 1}, 'ConfidentialDocument': {'02.0176.002, EVALUATION TECHNICAL REPORT, Version 3, Date 2009-10-01, TÜV Informationstechnik GmbH (confidential document) [8] Configuration list for the TOE: Exchange Server 2007 Common Criteria Evaluation, Configuration': 1, 'Server, Version: 1.05, Date: 2009-09-28; including all document as referenced in chapter 3.2. (confidential documents) [9] Microsoft Exchange Server 2007 Enterprise Edition Common Criteria Evaluation – Guidance': 1}}}
. - The st_keywords property was set to
{'cc_cert_id': {}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL4': 9, 'EAL4 augmented': 4}}, 'cc_sar': {'ACM': {'ACM_AUT.1': 2, 'ACM_CAP.4': 1, 'ACM_SCP.2': 2}, 'ADO': {'ADO_DEL.2': 2, 'ADO_IGS.1': 2}, 'ADV': {'ADV_FSP.2': 2, 'ADV_HLD.2': 2, 'ADV_IMP.1': 2, 'ADV_LLD.1': 2, 'ADV_RCR.1': 2, 'ADV_SPM.1': 2}, 'AGD': {'AGD_ADD': 2, 'AGD_ADM.1': 2, 'AGD_USR.1': 1}, 'ALC': {'ALC_FLR.3': 8, 'ALC_DVS.1': 2, 'ALC_LCD.1': 2, 'ALC_TAT.1': 2}, 'ATE': {'ATE_COV.2': 2, 'ATE_DPT.1': 1, 'ATE_FUN.1': 2, 'ATE_IND.2': 2}, 'AVA': {'AVA_MSU.2': 2, 'AVA_SOF.1': 2, 'AVA_VLA.2': 3}}, 'cc_sfr': {'FAU': {'FAU_GEN': 2}, 'FDP': {'FDP_ACC': 26, 'FDP_ACF': 21, 'FDP_IFC': 45, 'FDP_IFF': 43, 'FDP_ACC.1': 13, 'FDP_ACF.1': 16, 'FDP_IFC.1': 17, 'FDP_IFF.1': 35}, 'FIA': {'FIA_AFL': 1, 'FIA_UAU.8': 30, 'FIA_UID.3': 34, 'FIA_SOS.1': 7, 'FIA_USB.1': 7, 'FIA_SOS.1.1': 1, 'FIA_USB.1.1': 1, 'FIA_USB.1.2': 1, 'FIA_USB.1.3': 1, 'FIA_ATD.1': 7, 'FIA_ATD.1.1': 1, 'FIA_UID.1': 3, 'FIA_UID.2': 2, 'FIA_UAU': 1, 'FIA_UID': 1}, 'FMT': {'FMT_SMF.1': 32, 'FMT_MSA': 95, 'FMT_MSA.1': 14, 'FMT_MSA.3': 22, 'FMT_SMF.1.1': 1, 'FMT_SMR.1': 22, 'FMT_SMR.1.1': 1, 'FMT_SMR.1.2': 1}, 'FRU': {'FRU_RSA': 18, 'FRU_RSA.1': 2}}, 'cc_claims': {'O': {'O.DAC': 11, 'O.CONBLK': 7, 'O.RESTDIST': 7, 'O.REDUCE_SPAM': 6, 'O.MAIL_FLOW': 5, 'O.QUOTA': 7}, 'T': {'T.AUTH_DAC': 4, 'T.SPAM': 7, 'T.DL_MISUSE': 4, 'T.OVERFLOW': 4, 'T.UNAUTH_DAC': 3, 'T.UNAUTHUSE': 3}, 'A': {'A.COM_PROT': 3, 'A.INSTALL': 3, 'A.PLATFORM': 4, 'A.BLOCKLIST': 4, 'A.NO_EVIL_ADM': 1, 'A.PHYS_PROTECT': 4, 'A.NO_EVIL_ADMIN': 2}, 'OE': {'OE.COM_PROT': 3, 'OE.INSTALL': 7, 'OE.PLATFORM': 16, 'OE.BLOCKLIST': 3, 'OE.PHYSICAL': 3}, 'OSP': {'OSP.MAIL_FLOW': 3}}, 'vendor': {'Microsoft': {'Microsoft': 42, 'Microsoft Corporation': 2}}, 'eval_facility': {'TUV': {'tuvit': 1}}, 'symmetric_crypto': {'AES_competition': {'RC': {'RC4': 1}}}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {}, 'crypto_scheme': {}, 'crypto_protocol': {'TLS': {'SSL': {'SSL': 3, 'SSL 3.0': 1}, 'TLS': {'TLS': 19}}}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {'other': {'reverse engineering': 1}}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'RFC': {'RFC 2821': 11, 'RFC 2822': 7, 'RFC 1730': 1, 'RFC 1725': 1, 'RFC1730': 1, 'RFC1725': 1}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'OutOfScope': {'out of scope': 1, 'it should be noted that the way these external lists are compiled and transferred to the TOE are out of scope of the evaluation. Security Target Page 14/83 2.3.4 Important functionality of the environment The': 1}}}
. - The report_filename property was set to
0436a_pdf.pdf
. - The st_filename property was set to
0436b_pdf.pdf
.
The computed heuristics were updated.
- The cert_lab property was set to
['BSI']
. - The cert_id property was set to
BSI-DSZ-CC-0436-2009
. - The extracted_sars property was set to
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_LLD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_DPT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_RCR', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_HLD', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_FLR', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_TAT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_ADM', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_SOF', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_MSU', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_USR', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_SPM', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_VLA', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DVS', 'level': 1}]}
.
- The report property was updated, with the
-
17.08.2024 The certificate data changed.
Certificate changed
The report_link was updated.
- The new value is
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0436a_pdf.pdf
.
The st_link was updated.
- The new value is
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0436b_pdf.pdf
.
The state of the certificate object was updated.
- The st property was updated, with the
{'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None}
data.
The PDF extraction data was updated.
- The st_metadata property was set to
None
. - The st_keywords property was set to
None
. - The st_filename property was set to
None
.
The computed heuristics were updated.
- The extracted_sars property was set to
None
.
- The new value is
-
12.08.2024 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The report property was updated, with the
{'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None}
data.
The PDF extraction data was updated.
- The report_metadata property was set to
None
. - The report_frontpage property was set to
None
. - The report_keywords property was set to
None
. - The report_filename property was set to
None
.
The computed heuristics were updated.
- The cert_lab property was set to
None
. - The cert_id property was set to
None
.
- The report property was updated, with the
-
23.07.2024 The certificate was first processed.
New certificate
A new Common Criteria certificate with the product name Microsoft Exchange Server 2007 Enterprise Edition (English), Version/Build 08.02.0176.002 was processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "Other Devices and Systems",
"cert_link": null,
"dgst": "95badceef1b711cb",
"heuristics": {
"_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
"annotated_references": null,
"cert_id": "BSI-DSZ-CC-0436-2009",
"cert_lab": [
"BSI"
],
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_FLR",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_DPT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_FUN",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_SOF",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_MSU",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_ADM",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DVS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_HLD",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_LLD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_IND",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_COV",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_USR",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_LCD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VLA",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_TAT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_RCR",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_SPM",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_IMP",
"level": 1
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"08.02.0176.002"
]
},
"indirect_transitive_cves": null,
"related_cves": null,
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"scheme_data": null,
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": []
},
"manufacturer": "Microsoft Corporation",
"manufacturer_web": "https://www.microsoft.com",
"name": "Microsoft Exchange Server 2007 Enterprise Edition (English), Version/Build 08.02.0176.002",
"not_valid_after": "2019-09-01",
"not_valid_before": "2009-11-16",
"pdf_data": {
"_type": "sec_certs.sample.cc.CCCertificate.PdfData",
"cert_filename": null,
"cert_frontpage": null,
"cert_keywords": null,
"cert_metadata": null,
"report_filename": "0436a_pdf.pdf",
"report_frontpage": {
"DE": {
"cert_id": "BSI-DSZ-CC-0436-2009",
"cert_item": "Microsoft Exchange Server 2007 Enterprise Edition (English) Version/Build 08.02.0176.002",
"cert_lab": "BSI",
"developer": "Microsoft Corporation",
"match_rules": [
"(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)"
]
}
},
"report_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-0436-2009": 17
}
},
"cc_claims": {},
"cc_protection_profile_id": {},
"cc_sar": {
"ACM": {
"ACM_AUT": 2,
"ACM_CAP": 2,
"ACM_SCP": 2
},
"ADO": {
"ADO_DEL": 2,
"ADO_IGS": 2
},
"ADV": {
"ADV_FSP": 2,
"ADV_HLD": 2,
"ADV_IMP": 2,
"ADV_INT": 2,
"ADV_LLD": 2,
"ADV_RCR": 2,
"ADV_SPM": 2
},
"AGD": {
"AGD_ADM": 2,
"AGD_USR": 2
},
"ALC": {
"ALC_DVS": 2,
"ALC_FLR": 2,
"ALC_FLR.3": 4,
"ALC_LCD": 1,
"ALC_TAT": 2
},
"APE": {
"APE_DES": 1,
"APE_ENV": 1,
"APE_INT": 1,
"APE_OBJ": 1,
"APE_REQ": 1,
"APE_SRE": 1
},
"ASE": {
"ASE_DES": 1,
"ASE_ENV": 1,
"ASE_INT": 1,
"ASE_OBJ": 1,
"ASE_PPC": 1,
"ASE_REQ": 1,
"ASE_SRE": 1,
"ASE_TSS": 1
},
"ATE": {
"ATE_COV": 2,
"ATE_DPT": 2,
"ATE_FUN": 2,
"ATE_IND": 2
},
"AVA": {
"AVA_CCA": 2,
"AVA_MSU": 2,
"AVA_SOF": 3,
"AVA_VLA": 3,
"AVA_VLA.2": 1,
"AVA_VLA.3": 1,
"AVA_VLA.4": 1
}
},
"cc_security_level": {
"EAL": {
"EAL 1": 1,
"EAL 4": 3,
"EAL 4 augmented": 2,
"EAL 7": 1,
"EAL1": 5,
"EAL2": 3,
"EAL3": 4,
"EAL4": 8,
"EAL4 augmented": 1,
"EAL5": 6,
"EAL6": 3,
"EAL7": 4
}
},
"cc_sfr": {},
"certification_process": {
"ConfidentialDocument": {
"02.0176.002, EVALUATION TECHNICAL REPORT, Version 3, Date 2009-10-01, T\u00dcV Informationstechnik GmbH (confidential document) [8] Configuration list for the TOE: Exchange Server 2007 Common Criteria Evaluation, Configuration": 1,
"Server, Version: 1.05, Date: 2009-09-28; including all document as referenced in chapter 3.2. (confidential documents) [9] Microsoft Exchange Server 2007 Enterprise Edition Common Criteria Evaluation \u2013 Guidance": 1
},
"OutOfScope": {
"TOE in the certified version and configuration. The version of the help-file on the product DVD is out of scope of the certification. The TOE has to be installed and configured according to the Guidance Addendum": 1,
"any client. The way external lists for filtering of messages are compiled and transferred is also out of scope of the evaluation. Some security functionality of the TOE environment, namely of the operating": 1,
"out of scope": 2
}
},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"TLS": {
"TLS": {
"TLS": 1
}
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"TUV": {
"T\u00dcV Informationstechnik": 3,
"tuvit": 12
}
},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 5
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"BSI": {
"AIS 32": 1,
"AIS 34": 1
},
"ISO": {
"ISO/IEC 15408:2005": 2
}
},
"symmetric_crypto": {},
"technical_report_id": {
"BSI": {
"BSI 7125": 2,
"BSI 7148": 1,
"BSI 7149": 1
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Microsoft": {
"Microsoft": 17,
"Microsoft Corporation": 5
}
},
"vulnerability": {}
},
"report_metadata": {
"/Author": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"/CreationDate": "D:20091209111723+01\u002700\u0027",
"/Creator": "Writer",
"/Keywords": "\"Microsoft Exchange Server 2007 Enterprise Edition (English) Version/Build 08.02.0176.002, Microsoft Corporation, Common Criteria, Certification, Zertifzierung\"",
"/ModDate": "D:20091218092509+01\u002700\u0027",
"/Producer": "StarOffice 9",
"/Subject": "Common Criteria Certification",
"/Title": "Certification Report BSI-DSZ-CC-0436-2009",
"pdf_file_size_bytes": 966828,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://www.bsi.bund.de/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 34
},
"st_filename": "0436b_pdf.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {},
"cc_claims": {
"A": {
"A.BLOCKLIST": 4,
"A.COM_PROT": 3,
"A.INSTALL": 3,
"A.NO_EVIL_ADM": 1,
"A.NO_EVIL_ADMIN": 2,
"A.PHYS_PROTECT": 4,
"A.PLATFORM": 4
},
"O": {
"O.CONBLK": 7,
"O.DAC": 11,
"O.MAIL_FLOW": 5,
"O.QUOTA": 7,
"O.REDUCE_SPAM": 6,
"O.RESTDIST": 7
},
"OE": {
"OE.BLOCKLIST": 3,
"OE.COM_PROT": 3,
"OE.INSTALL": 7,
"OE.PHYSICAL": 3,
"OE.PLATFORM": 16
},
"OSP": {
"OSP.MAIL_FLOW": 3
},
"T": {
"T.AUTH_DAC": 4,
"T.DL_MISUSE": 4,
"T.OVERFLOW": 4,
"T.SPAM": 7,
"T.UNAUTHUSE": 3,
"T.UNAUTH_DAC": 3
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"ACM": {
"ACM_AUT.1": 2,
"ACM_CAP.4": 1,
"ACM_SCP.2": 2
},
"ADO": {
"ADO_DEL.2": 2,
"ADO_IGS.1": 2
},
"ADV": {
"ADV_FSP.2": 2,
"ADV_HLD.2": 2,
"ADV_IMP.1": 2,
"ADV_LLD.1": 2,
"ADV_RCR.1": 2,
"ADV_SPM.1": 2
},
"AGD": {
"AGD_ADD": 2,
"AGD_ADM.1": 2,
"AGD_USR.1": 1
},
"ALC": {
"ALC_DVS.1": 2,
"ALC_FLR.3": 8,
"ALC_LCD.1": 2,
"ALC_TAT.1": 2
},
"ATE": {
"ATE_COV.2": 2,
"ATE_DPT.1": 1,
"ATE_FUN.1": 2,
"ATE_IND.2": 2
},
"AVA": {
"AVA_MSU.2": 2,
"AVA_SOF.1": 2,
"AVA_VLA.2": 3
}
},
"cc_security_level": {
"EAL": {
"EAL4": 9,
"EAL4 augmented": 4
}
},
"cc_sfr": {
"FAU": {
"FAU_GEN": 2
},
"FDP": {
"FDP_ACC": 26,
"FDP_ACC.1": 13,
"FDP_ACF": 21,
"FDP_ACF.1": 16,
"FDP_IFC": 45,
"FDP_IFC.1": 17,
"FDP_IFF": 43,
"FDP_IFF.1": 35
},
"FIA": {
"FIA_AFL": 1,
"FIA_ATD.1": 7,
"FIA_ATD.1.1": 1,
"FIA_SOS.1": 7,
"FIA_SOS.1.1": 1,
"FIA_UAU": 1,
"FIA_UAU.8": 30,
"FIA_UID": 1,
"FIA_UID.1": 3,
"FIA_UID.2": 2,
"FIA_UID.3": 34,
"FIA_USB.1": 7,
"FIA_USB.1.1": 1,
"FIA_USB.1.2": 1,
"FIA_USB.1.3": 1
},
"FMT": {
"FMT_MSA": 95,
"FMT_MSA.1": 14,
"FMT_MSA.3": 22,
"FMT_SMF.1": 32,
"FMT_SMF.1.1": 1,
"FMT_SMR.1": 22,
"FMT_SMR.1.1": 1,
"FMT_SMR.1.2": 1
},
"FRU": {
"FRU_RSA": 18,
"FRU_RSA.1": 2
}
},
"certification_process": {
"OutOfScope": {
"it should be noted that the way these external lists are compiled and transferred to the TOE are out of scope of the evaluation. Security Target Page 14/83 2.3.4 Important functionality of the environment The": 1,
"out of scope": 1
}
},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"TLS": {
"SSL": {
"SSL": 3,
"SSL 3.0": 1
},
"TLS": {
"TLS": 19
}
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"TUV": {
"tuvit": 1
}
},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {
"other": {
"reverse engineering": 1
}
},
"standard_id": {
"RFC": {
"RFC 1725": 1,
"RFC 1730": 1,
"RFC 2821": 11,
"RFC 2822": 7,
"RFC1725": 1,
"RFC1730": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"RC": {
"RC4": 1
}
}
},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Microsoft": {
"Microsoft": 42,
"Microsoft Corporation": 2
}
},
"vulnerability": {}
},
"st_metadata": {
"/Author": "Amy Blumenfield",
"/CreationDate": "D:20091210164950",
"/Creator": "Microsoft\u00ae Office Word 2007",
"/Keywords": "Common Criteria, Exchange, Security, Evaluation, Security Target",
"/ModDate": "D:20091210164950",
"/Producer": "Microsoft\u00ae Office Word 2007",
"/Title": "Exchange Server 2007 Common Criteria Evaluation Security Target",
"pdf_file_size_bytes": 876079,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://en.wikipedia.org/wiki/Telephone_exchange",
"https://secure.tuvit.de/",
"http://www.ietf.org/rfc/rfc2821.txt"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 83
}
},
"protection_profiles": {
"_type": "Set",
"elements": []
},
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0436a_pdf.pdf",
"scheme": "DE",
"security_level": {
"_type": "Set",
"elements": [
"EAL4+"
]
},
"st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0436b_pdf.pdf",
"state": {
"_type": "sec_certs.sample.cc.CCCertificate.InternalState",
"cert": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": false,
"download_ok": false,
"extract_ok": false,
"pdf_hash": null,
"txt_hash": null
},
"report": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "5495fd3d0f9c2c98dabc1c0fc8042b8800244b450124ce680b73c7fc7261a07c",
"txt_hash": "afc9d27ae3d7304e91bbdeed6d162d31fde4c23c8b5fbc9a9b6e6b29b8232619"
},
"st": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "8a864c46e1eccdf9c9c8d31b615fe17ef355f4ebb70b64968080961c4f2b4448",
"txt_hash": "37895c1594875b36e8c27abe20054f5fc215785c86d8a4e57dded5b30f18d954"
}
},
"status": "archived"
}