Microsoft Exchange Server 2007 Enterprise Edition (English), Version/Build 08.02.0176.002

Link Link by certificate ID Link by certificate name

CSV information ?

Status archived
Valid from 16.11.2009
Valid until 01.09.2019
Scheme 🇩🇪 DE
Manufacturer Microsoft Corporation
Category Other Devices and Systems
Security level EAL4+

Heuristics summary ?

Certificate ID: BSI-DSZ-CC-0436-2009

Certificate ?

Certification report ?

Extracted keywords

Hash functions
SHA-1
Protocols
TLS

Vendor
Microsoft, Microsoft Corporation

Security level
EAL 4, EAL4, EAL 1, EAL 7, EAL1, EAL3, EAL5, EAL7, EAL2, EAL6, EAL 4 augmented, EAL4 augmented
Security Assurance Requirements (SAR)
ACM_AUT, ACM_CAP, ACM_SCP, ADO_DEL, ADO_IGS, ADV_FSP, ADV_HLD, ADV_IMP, ADV_INT, ADV_LLD, ADV_RCR, ADV_SPM, AGD_ADM, AGD_USR, ALC_FLR.3, ALC_DVS, ALC_FLR, ALC_LCD, ALC_TAT, ATE_COV, ATE_DPT, ATE_FUN, ATE_IND, AVA_CCA, AVA_MSU, AVA_SOF, AVA_VLA, AVA_VLA.2, AVA_VLA.3, AVA_VLA.4, APE_DES, APE_ENV, APE_INT, APE_OBJ, APE_REQ, APE_SRE, ASE_DES, ASE_ENV, ASE_INT, ASE_OBJ, ASE_PPC, ASE_REQ, ASE_SRE, ASE_TSS
Certificates
BSI-DSZ-CC-0436-2009
Evaluation facilities
TÃœV Informationstechnik, tuvit
Certification process
out of scope, TOE in the certified version and configuration. The version of the help-file on the product DVD is out of scope of the certification. The TOE has to be installed and configured according to the Guidance Addendum, any client. The way external lists for filtering of messages are compiled and transferred is also out of scope of the evaluation. Some security functionality of the TOE environment, namely of the operating, 02.0176.002, EVALUATION TECHNICAL REPORT, Version 3, Date 2009-10-01, TÜV Informationstechnik GmbH (confidential document) [8] Configuration list for the TOE: Exchange Server 2007 Common Criteria Evaluation, Configuration, Server, Version: 1.05, Date: 2009-09-28; including all document as referenced in chapter 3.2. (confidential documents) [9] Microsoft Exchange Server 2007 Enterprise Edition Common Criteria Evaluation – Guidance

Certification process
out of scope, TOE in the certified version and configuration. The version of the help-file on the product DVD is out of scope of the certification. The TOE has to be installed and configured according to the Guidance Addendum, any client. The way external lists for filtering of messages are compiled and transferred is also out of scope of the evaluation. Some security functionality of the TOE environment, namely of the operating, 02.0176.002, EVALUATION TECHNICAL REPORT, Version 3, Date 2009-10-01, TÜV Informationstechnik GmbH (confidential document) [8] Configuration list for the TOE: Exchange Server 2007 Common Criteria Evaluation, Configuration, Server, Version: 1.05, Date: 2009-09-28; including all document as referenced in chapter 3.2. (confidential documents) [9] Microsoft Exchange Server 2007 Enterprise Edition Common Criteria Evaluation – Guidance

Standards
AIS 34, AIS 32, ISO/IEC 15408:2005
Technical reports
BSI 7125, BSI 7148, BSI 7149

File metadata

Title Certification Report BSI-DSZ-CC-0436-2009
Subject Common Criteria Certification
Keywords "Microsoft Exchange Server 2007 Enterprise Edition (English) Version/Build 08.02.0176.002, Microsoft Corporation, Common Criteria, Certification, Zertifzierung"
Author Bundesamt für Sicherheit in der Informationstechnik
Creation date D:20091209111723+01'00'
Modification date D:20091218092509+01'00'
Pages 34
Creator Writer
Producer StarOffice 9

Frontpage

Certificate ID BSI-DSZ-CC-0436-2009
Certified item Microsoft Exchange Server 2007 Enterprise Edition (English) Version/Build 08.02.0176.002
Certification lab BSI
Developer Microsoft Corporation

Security target ?

Extracted keywords

Symmetric Algorithms
RC4
Protocols
SSL, SSL 3.0, TLS

Vendor
Microsoft, Microsoft Corporation

Security level
EAL4, EAL4 augmented
Claims
O.DAC, O.CONBLK, O.RESTDIST, O.REDUCE_SPAM, O.MAIL_FLOW, O.QUOTA, T.AUTH_DAC, T.SPAM, T.DL_MISUSE, T.OVERFLOW, T.UNAUTH_DAC, T.UNAUTHUSE, A.COM_PROT, A.INSTALL, A.PLATFORM, A.BLOCKLIST, A.NO_EVIL_ADM, A.PHYS_PROTECT, A.NO_EVIL_ADMIN, OE.COM_PROT, OE.INSTALL, OE.PLATFORM, OE.BLOCKLIST, OE.PHYSICAL, OSP.MAIL_FLOW
Security Assurance Requirements (SAR)
ACM_AUT.1, ACM_CAP.4, ACM_SCP.2, ADO_DEL.2, ADO_IGS.1, ADV_FSP.2, ADV_HLD.2, ADV_IMP.1, ADV_LLD.1, ADV_RCR.1, ADV_SPM.1, AGD_ADD, AGD_ADM.1, AGD_USR.1, ALC_FLR.3, ALC_DVS.1, ALC_LCD.1, ALC_TAT.1, ATE_COV.2, ATE_DPT.1, ATE_FUN.1, ATE_IND.2, AVA_MSU.2, AVA_SOF.1, AVA_VLA.2
Security Functional Requirements (SFR)
FAU_GEN, FDP_ACC, FDP_ACF, FDP_IFC, FDP_IFF, FDP_ACC.1, FDP_ACF.1, FDP_IFC.1, FDP_IFF.1, FIA_AFL, FIA_UAU.8, FIA_UID.3, FIA_SOS.1, FIA_USB.1, FIA_SOS.1.1, FIA_USB.1.1, FIA_USB.1.2, FIA_USB.1.3, FIA_ATD.1, FIA_ATD.1.1, FIA_UID.1, FIA_UID.2, FIA_UAU, FIA_UID, FMT_SMF.1, FMT_MSA, FMT_MSA.1, FMT_MSA.3, FMT_SMF.1.1, FMT_SMR.1, FMT_SMR.1.1, FMT_SMR.1.2, FRU_RSA, FRU_RSA.1
Evaluation facilities
tuvit
Certification process
out of scope, it should be noted that the way these external lists are compiled and transferred to the TOE are out of scope of the evaluation. Security Target Page 14/83 2.3.4 Important functionality of the environment The

Side-channel analysis
reverse engineering
Certification process
out of scope, it should be noted that the way these external lists are compiled and transferred to the TOE are out of scope of the evaluation. Security Target Page 14/83 2.3.4 Important functionality of the environment The

Standards
RFC 2821, RFC 2822, RFC 1730, RFC 1725, RFC1730, RFC1725

File metadata

Title Exchange Server 2007 Common Criteria Evaluation Security Target
Keywords Common Criteria, Exchange, Security, Evaluation, Security Target
Author Amy Blumenfield
Creation date D:20091210164950
Modification date D:20091210164950
Pages 83
Creator Microsoft® Office Word 2007
Producer Microsoft® Office Word 2007

Heuristics ?

Certificate ID: BSI-DSZ-CC-0436-2009

Extracted SARs

ALC_LCD.1, ADV_LLD.1, ATE_FUN.1, ATE_DPT.1, ADV_FSP.2, ADV_RCR.1, ADV_HLD.2, ATE_COV.2, ALC_FLR.3, ALC_TAT.1, AGD_ADM.1, AVA_SOF.1, AVA_MSU.2, ADV_IMP.1, AGD_USR.1, ATE_IND.2, ADV_SPM.1, AVA_VLA.2, ALC_DVS.1

References ?

No references are available for this certificate.

Updates ?

  • 22.08.2024 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The report property was updated, with the {'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '5495fd3d0f9c2c98dabc1c0fc8042b8800244b450124ce680b73c7fc7261a07c', 'txt_hash': 'afc9d27ae3d7304e91bbdeed6d162d31fde4c23c8b5fbc9a9b6e6b29b8232619'} data.
    • The st property was updated, with the {'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '8a864c46e1eccdf9c9c8d31b615fe17ef355f4ebb70b64968080961c4f2b4448', 'txt_hash': '37895c1594875b36e8c27abe20054f5fc215785c86d8a4e57dded5b30f18d954'} data.

    The PDF extraction data was updated.

    • The report_metadata property was set to {'pdf_file_size_bytes': 966828, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 34, '/CreationDate': "D:20091209111723+01'00'", '/Subject': 'Common Criteria Certification', '/Author': 'Bundesamt für Sicherheit in der Informationstechnik', '/Creator': 'Writer', '/Keywords': '"Microsoft Exchange Server 2007 Enterprise Edition (English) Version/Build 08.02.0176.002, Microsoft Corporation, Common Criteria, Certification, Zertifzierung"', '/Producer': 'StarOffice 9', '/ModDate': "D:20091218092509+01'00'", '/Title': 'Certification Report BSI-DSZ-CC-0436-2009', 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['http://www.bsi.bund.de/']}}.
    • The st_metadata property was set to {'pdf_file_size_bytes': 876079, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 83, '/Title': 'Exchange Server 2007 Common Criteria Evaluation Security Target', '/Author': 'Amy Blumenfield', '/Keywords': 'Common Criteria, Exchange, Security, Evaluation, Security Target', '/Creator': 'Microsoft® Office Word 2007', '/CreationDate': 'D:20091210164950', '/ModDate': 'D:20091210164950', '/Producer': 'Microsoft® Office Word 2007', 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['http://en.wikipedia.org/wiki/Telephone_exchange', 'http://www.ietf.org/rfc/rfc2821.txt', 'https://secure.tuvit.de/']}}.
    • The report_frontpage property was set to {'DE': {'match_rules': ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)'], 'cert_id': 'BSI-DSZ-CC-0436-2009', 'cert_item': 'Microsoft Exchange Server 2007 Enterprise Edition (English) Version/Build 08.02.0176.002', 'developer': 'Microsoft Corporation', 'cert_lab': 'BSI'}}.
    • The report_keywords property was set to {'cc_cert_id': {'DE': {'BSI-DSZ-CC-0436-2009': 17}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL 4': 3, 'EAL4': 8, 'EAL 1': 1, 'EAL 7': 1, 'EAL1': 5, 'EAL3': 4, 'EAL5': 6, 'EAL7': 4, 'EAL2': 3, 'EAL6': 3, 'EAL 4 augmented': 2, 'EAL4 augmented': 1}}, 'cc_sar': {'ACM': {'ACM_AUT': 2, 'ACM_CAP': 2, 'ACM_SCP': 2}, 'ADO': {'ADO_DEL': 2, 'ADO_IGS': 2}, 'ADV': {'ADV_FSP': 2, 'ADV_HLD': 2, 'ADV_IMP': 2, 'ADV_INT': 2, 'ADV_LLD': 2, 'ADV_RCR': 2, 'ADV_SPM': 2}, 'AGD': {'AGD_ADM': 2, 'AGD_USR': 2}, 'ALC': {'ALC_FLR.3': 4, 'ALC_DVS': 2, 'ALC_FLR': 2, 'ALC_LCD': 1, 'ALC_TAT': 2}, 'ATE': {'ATE_COV': 2, 'ATE_DPT': 2, 'ATE_FUN': 2, 'ATE_IND': 2}, 'AVA': {'AVA_CCA': 2, 'AVA_MSU': 2, 'AVA_SOF': 3, 'AVA_VLA': 3, 'AVA_VLA.2': 1, 'AVA_VLA.3': 1, 'AVA_VLA.4': 1}, 'APE': {'APE_DES': 1, 'APE_ENV': 1, 'APE_INT': 1, 'APE_OBJ': 1, 'APE_REQ': 1, 'APE_SRE': 1}, 'ASE': {'ASE_DES': 1, 'ASE_ENV': 1, 'ASE_INT': 1, 'ASE_OBJ': 1, 'ASE_PPC': 1, 'ASE_REQ': 1, 'ASE_SRE': 1, 'ASE_TSS': 1}}, 'cc_sfr': {}, 'cc_claims': {}, 'vendor': {'Microsoft': {'Microsoft': 17, 'Microsoft Corporation': 5}}, 'eval_facility': {'TUV': {'TÃœV Informationstechnik': 3, 'tuvit': 12}}, 'symmetric_crypto': {}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 5}}}, 'crypto_scheme': {}, 'crypto_protocol': {'TLS': {'TLS': {'TLS': 1}}}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {'BSI': {'BSI 7125': 2, 'BSI 7148': 1, 'BSI 7149': 1}}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'BSI': {'AIS 34': 1, 'AIS 32': 1}, 'ISO': {'ISO/IEC 15408:2005': 2}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'OutOfScope': {'out of scope': 2, 'TOE in the certified version and configuration. The version of the help-file on the product DVD is out of scope of the certification. The TOE has to be installed and configured according to the Guidance Addendum': 1, 'any client. The way external lists for filtering of messages are compiled and transferred is also out of scope of the evaluation. Some security functionality of the TOE environment, namely of the operating': 1}, 'ConfidentialDocument': {'02.0176.002, EVALUATION TECHNICAL REPORT, Version 3, Date 2009-10-01, TÃœV Informationstechnik GmbH (confidential document) [8] Configuration list for the TOE: Exchange Server 2007 Common Criteria Evaluation, Configuration': 1, 'Server, Version: 1.05, Date: 2009-09-28; including all document as referenced in chapter 3.2. (confidential documents) [9] Microsoft Exchange Server 2007 Enterprise Edition Common Criteria Evaluation – Guidance': 1}}}.
    • The st_keywords property was set to {'cc_cert_id': {}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL4': 9, 'EAL4 augmented': 4}}, 'cc_sar': {'ACM': {'ACM_AUT.1': 2, 'ACM_CAP.4': 1, 'ACM_SCP.2': 2}, 'ADO': {'ADO_DEL.2': 2, 'ADO_IGS.1': 2}, 'ADV': {'ADV_FSP.2': 2, 'ADV_HLD.2': 2, 'ADV_IMP.1': 2, 'ADV_LLD.1': 2, 'ADV_RCR.1': 2, 'ADV_SPM.1': 2}, 'AGD': {'AGD_ADD': 2, 'AGD_ADM.1': 2, 'AGD_USR.1': 1}, 'ALC': {'ALC_FLR.3': 8, 'ALC_DVS.1': 2, 'ALC_LCD.1': 2, 'ALC_TAT.1': 2}, 'ATE': {'ATE_COV.2': 2, 'ATE_DPT.1': 1, 'ATE_FUN.1': 2, 'ATE_IND.2': 2}, 'AVA': {'AVA_MSU.2': 2, 'AVA_SOF.1': 2, 'AVA_VLA.2': 3}}, 'cc_sfr': {'FAU': {'FAU_GEN': 2}, 'FDP': {'FDP_ACC': 26, 'FDP_ACF': 21, 'FDP_IFC': 45, 'FDP_IFF': 43, 'FDP_ACC.1': 13, 'FDP_ACF.1': 16, 'FDP_IFC.1': 17, 'FDP_IFF.1': 35}, 'FIA': {'FIA_AFL': 1, 'FIA_UAU.8': 30, 'FIA_UID.3': 34, 'FIA_SOS.1': 7, 'FIA_USB.1': 7, 'FIA_SOS.1.1': 1, 'FIA_USB.1.1': 1, 'FIA_USB.1.2': 1, 'FIA_USB.1.3': 1, 'FIA_ATD.1': 7, 'FIA_ATD.1.1': 1, 'FIA_UID.1': 3, 'FIA_UID.2': 2, 'FIA_UAU': 1, 'FIA_UID': 1}, 'FMT': {'FMT_SMF.1': 32, 'FMT_MSA': 95, 'FMT_MSA.1': 14, 'FMT_MSA.3': 22, 'FMT_SMF.1.1': 1, 'FMT_SMR.1': 22, 'FMT_SMR.1.1': 1, 'FMT_SMR.1.2': 1}, 'FRU': {'FRU_RSA': 18, 'FRU_RSA.1': 2}}, 'cc_claims': {'O': {'O.DAC': 11, 'O.CONBLK': 7, 'O.RESTDIST': 7, 'O.REDUCE_SPAM': 6, 'O.MAIL_FLOW': 5, 'O.QUOTA': 7}, 'T': {'T.AUTH_DAC': 4, 'T.SPAM': 7, 'T.DL_MISUSE': 4, 'T.OVERFLOW': 4, 'T.UNAUTH_DAC': 3, 'T.UNAUTHUSE': 3}, 'A': {'A.COM_PROT': 3, 'A.INSTALL': 3, 'A.PLATFORM': 4, 'A.BLOCKLIST': 4, 'A.NO_EVIL_ADM': 1, 'A.PHYS_PROTECT': 4, 'A.NO_EVIL_ADMIN': 2}, 'OE': {'OE.COM_PROT': 3, 'OE.INSTALL': 7, 'OE.PLATFORM': 16, 'OE.BLOCKLIST': 3, 'OE.PHYSICAL': 3}, 'OSP': {'OSP.MAIL_FLOW': 3}}, 'vendor': {'Microsoft': {'Microsoft': 42, 'Microsoft Corporation': 2}}, 'eval_facility': {'TUV': {'tuvit': 1}}, 'symmetric_crypto': {'AES_competition': {'RC': {'RC4': 1}}}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {}, 'crypto_scheme': {}, 'crypto_protocol': {'TLS': {'SSL': {'SSL': 3, 'SSL 3.0': 1}, 'TLS': {'TLS': 19}}}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {'other': {'reverse engineering': 1}}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'RFC': {'RFC 2821': 11, 'RFC 2822': 7, 'RFC 1730': 1, 'RFC 1725': 1, 'RFC1730': 1, 'RFC1725': 1}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'OutOfScope': {'out of scope': 1, 'it should be noted that the way these external lists are compiled and transferred to the TOE are out of scope of the evaluation. Security Target Page 14/83 2.3.4 Important functionality of the environment The': 1}}}.
    • The report_filename property was set to 0436a_pdf.pdf.
    • The st_filename property was set to 0436b_pdf.pdf.

    The computed heuristics were updated.

    • The cert_lab property was set to ['BSI'].
    • The cert_id property was set to BSI-DSZ-CC-0436-2009.
    • The extracted_sars property was set to {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_LLD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_DPT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_RCR', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_HLD', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_FLR', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_TAT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_ADM', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_SOF', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_MSU', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_USR', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_SPM', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_VLA', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DVS', 'level': 1}]}.
  • 17.08.2024 The certificate data changed.
    Certificate changed

    The report_link was updated.

    • The new value is https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0436a_pdf.pdf.

    The st_link was updated.

    • The new value is https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0436b_pdf.pdf.

    The state of the certificate object was updated.

    • The st property was updated, with the {'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None} data.

    The PDF extraction data was updated.

    • The st_metadata property was set to None.
    • The st_keywords property was set to None.
    • The st_filename property was set to None.

    The computed heuristics were updated.

    • The extracted_sars property was set to None.
  • 12.08.2024 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The report property was updated, with the {'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None} data.

    The PDF extraction data was updated.

    • The report_metadata property was set to None.
    • The report_frontpage property was set to None.
    • The report_keywords property was set to None.
    • The report_filename property was set to None.

    The computed heuristics were updated.

    • The cert_lab property was set to None.
    • The cert_id property was set to None.
  • 23.07.2024 The certificate was first processed.
    New certificate

    A new Common Criteria certificate with the product name Microsoft Exchange Server 2007 Enterprise Edition (English), Version/Build 08.02.0176.002 was processed.

Raw data

{
  "_type": "sec_certs.sample.cc.CCCertificate",
  "category": "Other Devices and Systems",
  "cert_link": null,
  "dgst": "95badceef1b711cb",
  "heuristics": {
    "_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
    "annotated_references": null,
    "cert_id": "BSI-DSZ-CC-0436-2009",
    "cert_lab": [
      "BSI"
    ],
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_sars": {
      "_type": "Set",
      "elements": [
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_FLR",
          "level": 3
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_DPT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_FUN",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AVA_SOF",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_FSP",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AVA_MSU",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_ADM",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_DVS",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_HLD",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_LLD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_IND",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_COV",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_USR",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_LCD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AVA_VLA",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_TAT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_RCR",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_SPM",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_IMP",
          "level": 1
        }
      ]
    },
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "08.02.0176.002"
      ]
    },
    "indirect_transitive_cves": null,
    "related_cves": null,
    "report_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "scheme_data": null,
    "st_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "verified_cpe_matches": null
  },
  "maintenance_updates": {
    "_type": "Set",
    "elements": []
  },
  "manufacturer": "Microsoft Corporation",
  "manufacturer_web": "https://www.microsoft.com",
  "name": "Microsoft Exchange Server 2007 Enterprise Edition (English), Version/Build 08.02.0176.002",
  "not_valid_after": "2019-09-01",
  "not_valid_before": "2009-11-16",
  "pdf_data": {
    "_type": "sec_certs.sample.cc.CCCertificate.PdfData",
    "cert_filename": null,
    "cert_frontpage": null,
    "cert_keywords": null,
    "cert_metadata": null,
    "report_filename": "0436a_pdf.pdf",
    "report_frontpage": {
      "DE": {
        "cert_id": "BSI-DSZ-CC-0436-2009",
        "cert_item": "Microsoft Exchange Server 2007 Enterprise Edition (English) Version/Build 08.02.0176.002",
        "cert_lab": "BSI",
        "developer": "Microsoft Corporation",
        "match_rules": [
          "(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)"
        ]
      }
    },
    "report_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {
        "DE": {
          "BSI-DSZ-CC-0436-2009": 17
        }
      },
      "cc_claims": {},
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ACM": {
          "ACM_AUT": 2,
          "ACM_CAP": 2,
          "ACM_SCP": 2
        },
        "ADO": {
          "ADO_DEL": 2,
          "ADO_IGS": 2
        },
        "ADV": {
          "ADV_FSP": 2,
          "ADV_HLD": 2,
          "ADV_IMP": 2,
          "ADV_INT": 2,
          "ADV_LLD": 2,
          "ADV_RCR": 2,
          "ADV_SPM": 2
        },
        "AGD": {
          "AGD_ADM": 2,
          "AGD_USR": 2
        },
        "ALC": {
          "ALC_DVS": 2,
          "ALC_FLR": 2,
          "ALC_FLR.3": 4,
          "ALC_LCD": 1,
          "ALC_TAT": 2
        },
        "APE": {
          "APE_DES": 1,
          "APE_ENV": 1,
          "APE_INT": 1,
          "APE_OBJ": 1,
          "APE_REQ": 1,
          "APE_SRE": 1
        },
        "ASE": {
          "ASE_DES": 1,
          "ASE_ENV": 1,
          "ASE_INT": 1,
          "ASE_OBJ": 1,
          "ASE_PPC": 1,
          "ASE_REQ": 1,
          "ASE_SRE": 1,
          "ASE_TSS": 1
        },
        "ATE": {
          "ATE_COV": 2,
          "ATE_DPT": 2,
          "ATE_FUN": 2,
          "ATE_IND": 2
        },
        "AVA": {
          "AVA_CCA": 2,
          "AVA_MSU": 2,
          "AVA_SOF": 3,
          "AVA_VLA": 3,
          "AVA_VLA.2": 1,
          "AVA_VLA.3": 1,
          "AVA_VLA.4": 1
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 1": 1,
          "EAL 4": 3,
          "EAL 4 augmented": 2,
          "EAL 7": 1,
          "EAL1": 5,
          "EAL2": 3,
          "EAL3": 4,
          "EAL4": 8,
          "EAL4 augmented": 1,
          "EAL5": 6,
          "EAL6": 3,
          "EAL7": 4
        }
      },
      "cc_sfr": {},
      "certification_process": {
        "ConfidentialDocument": {
          "02.0176.002, EVALUATION TECHNICAL REPORT, Version 3, Date 2009-10-01, T\u00dcV Informationstechnik GmbH (confidential document) [8] Configuration list for the TOE: Exchange Server 2007 Common Criteria Evaluation, Configuration": 1,
          "Server, Version: 1.05, Date: 2009-09-28; including all document as referenced in chapter 3.2. (confidential documents) [9] Microsoft Exchange Server 2007 Enterprise Edition Common Criteria Evaluation \u2013 Guidance": 1
        },
        "OutOfScope": {
          "TOE in the certified version and configuration. The version of the help-file on the product DVD is out of scope of the certification. The TOE has to be installed and configured according to the Guidance Addendum": 1,
          "any client. The way external lists for filtering of messages are compiled and transferred is also out of scope of the evaluation. Some security functionality of the TOE environment, namely of the operating": 1,
          "out of scope": 2
        }
      },
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "TLS": {
          "TLS": {
            "TLS": 1
          }
        }
      },
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {
        "TUV": {
          "T\u00dcV Informationstechnik": 3,
          "tuvit": 12
        }
      },
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 5
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {
        "BSI": {
          "AIS 32": 1,
          "AIS 34": 1
        },
        "ISO": {
          "ISO/IEC 15408:2005": 2
        }
      },
      "symmetric_crypto": {},
      "technical_report_id": {
        "BSI": {
          "BSI 7125": 2,
          "BSI 7148": 1,
          "BSI 7149": 1
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "Microsoft": {
          "Microsoft": 17,
          "Microsoft Corporation": 5
        }
      },
      "vulnerability": {}
    },
    "report_metadata": {
      "/Author": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "/CreationDate": "D:20091209111723+01\u002700\u0027",
      "/Creator": "Writer",
      "/Keywords": "\"Microsoft Exchange Server 2007 Enterprise Edition (English) Version/Build 08.02.0176.002, Microsoft Corporation, Common Criteria, Certification, Zertifzierung\"",
      "/ModDate": "D:20091218092509+01\u002700\u0027",
      "/Producer": "StarOffice 9",
      "/Subject": "Common Criteria Certification",
      "/Title": "Certification Report BSI-DSZ-CC-0436-2009",
      "pdf_file_size_bytes": 966828,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "http://www.bsi.bund.de/"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 34
    },
    "st_filename": "0436b_pdf.pdf",
    "st_frontpage": null,
    "st_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {},
      "cc_claims": {
        "A": {
          "A.BLOCKLIST": 4,
          "A.COM_PROT": 3,
          "A.INSTALL": 3,
          "A.NO_EVIL_ADM": 1,
          "A.NO_EVIL_ADMIN": 2,
          "A.PHYS_PROTECT": 4,
          "A.PLATFORM": 4
        },
        "O": {
          "O.CONBLK": 7,
          "O.DAC": 11,
          "O.MAIL_FLOW": 5,
          "O.QUOTA": 7,
          "O.REDUCE_SPAM": 6,
          "O.RESTDIST": 7
        },
        "OE": {
          "OE.BLOCKLIST": 3,
          "OE.COM_PROT": 3,
          "OE.INSTALL": 7,
          "OE.PHYSICAL": 3,
          "OE.PLATFORM": 16
        },
        "OSP": {
          "OSP.MAIL_FLOW": 3
        },
        "T": {
          "T.AUTH_DAC": 4,
          "T.DL_MISUSE": 4,
          "T.OVERFLOW": 4,
          "T.SPAM": 7,
          "T.UNAUTHUSE": 3,
          "T.UNAUTH_DAC": 3
        }
      },
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ACM": {
          "ACM_AUT.1": 2,
          "ACM_CAP.4": 1,
          "ACM_SCP.2": 2
        },
        "ADO": {
          "ADO_DEL.2": 2,
          "ADO_IGS.1": 2
        },
        "ADV": {
          "ADV_FSP.2": 2,
          "ADV_HLD.2": 2,
          "ADV_IMP.1": 2,
          "ADV_LLD.1": 2,
          "ADV_RCR.1": 2,
          "ADV_SPM.1": 2
        },
        "AGD": {
          "AGD_ADD": 2,
          "AGD_ADM.1": 2,
          "AGD_USR.1": 1
        },
        "ALC": {
          "ALC_DVS.1": 2,
          "ALC_FLR.3": 8,
          "ALC_LCD.1": 2,
          "ALC_TAT.1": 2
        },
        "ATE": {
          "ATE_COV.2": 2,
          "ATE_DPT.1": 1,
          "ATE_FUN.1": 2,
          "ATE_IND.2": 2
        },
        "AVA": {
          "AVA_MSU.2": 2,
          "AVA_SOF.1": 2,
          "AVA_VLA.2": 3
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL4": 9,
          "EAL4 augmented": 4
        }
      },
      "cc_sfr": {
        "FAU": {
          "FAU_GEN": 2
        },
        "FDP": {
          "FDP_ACC": 26,
          "FDP_ACC.1": 13,
          "FDP_ACF": 21,
          "FDP_ACF.1": 16,
          "FDP_IFC": 45,
          "FDP_IFC.1": 17,
          "FDP_IFF": 43,
          "FDP_IFF.1": 35
        },
        "FIA": {
          "FIA_AFL": 1,
          "FIA_ATD.1": 7,
          "FIA_ATD.1.1": 1,
          "FIA_SOS.1": 7,
          "FIA_SOS.1.1": 1,
          "FIA_UAU": 1,
          "FIA_UAU.8": 30,
          "FIA_UID": 1,
          "FIA_UID.1": 3,
          "FIA_UID.2": 2,
          "FIA_UID.3": 34,
          "FIA_USB.1": 7,
          "FIA_USB.1.1": 1,
          "FIA_USB.1.2": 1,
          "FIA_USB.1.3": 1
        },
        "FMT": {
          "FMT_MSA": 95,
          "FMT_MSA.1": 14,
          "FMT_MSA.3": 22,
          "FMT_SMF.1": 32,
          "FMT_SMF.1.1": 1,
          "FMT_SMR.1": 22,
          "FMT_SMR.1.1": 1,
          "FMT_SMR.1.2": 1
        },
        "FRU": {
          "FRU_RSA": 18,
          "FRU_RSA.1": 2
        }
      },
      "certification_process": {
        "OutOfScope": {
          "it should be noted that the way these external lists are compiled and transferred to the TOE are out of scope of the evaluation. Security Target Page 14/83 2.3.4 Important functionality of the environment The": 1,
          "out of scope": 1
        }
      },
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "TLS": {
          "SSL": {
            "SSL": 3,
            "SSL 3.0": 1
          },
          "TLS": {
            "TLS": 19
          }
        }
      },
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {
        "TUV": {
          "tuvit": 1
        }
      },
      "hash_function": {},
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {
        "other": {
          "reverse engineering": 1
        }
      },
      "standard_id": {
        "RFC": {
          "RFC 1725": 1,
          "RFC 1730": 1,
          "RFC 2821": 11,
          "RFC 2822": 7,
          "RFC1725": 1,
          "RFC1730": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "RC": {
            "RC4": 1
          }
        }
      },
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "Microsoft": {
          "Microsoft": 42,
          "Microsoft Corporation": 2
        }
      },
      "vulnerability": {}
    },
    "st_metadata": {
      "/Author": "Amy Blumenfield",
      "/CreationDate": "D:20091210164950",
      "/Creator": "Microsoft\u00ae Office Word 2007",
      "/Keywords": "Common Criteria, Exchange, Security, Evaluation, Security Target",
      "/ModDate": "D:20091210164950",
      "/Producer": "Microsoft\u00ae Office Word 2007",
      "/Title": "Exchange Server 2007 Common Criteria Evaluation Security Target",
      "pdf_file_size_bytes": 876079,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "http://en.wikipedia.org/wiki/Telephone_exchange",
          "https://secure.tuvit.de/",
          "http://www.ietf.org/rfc/rfc2821.txt"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 83
    }
  },
  "protection_profiles": {
    "_type": "Set",
    "elements": []
  },
  "report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0436a_pdf.pdf",
  "scheme": "DE",
  "security_level": {
    "_type": "Set",
    "elements": [
      "EAL4+"
    ]
  },
  "st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0436b_pdf.pdf",
  "state": {
    "_type": "sec_certs.sample.cc.CCCertificate.InternalState",
    "cert": {
      "_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
      "convert_garbage": false,
      "convert_ok": false,
      "download_ok": false,
      "extract_ok": false,
      "pdf_hash": null,
      "txt_hash": null
    },
    "report": {
      "_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
      "convert_garbage": false,
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "pdf_hash": "5495fd3d0f9c2c98dabc1c0fc8042b8800244b450124ce680b73c7fc7261a07c",
      "txt_hash": "afc9d27ae3d7304e91bbdeed6d162d31fde4c23c8b5fbc9a9b6e6b29b8232619"
    },
    "st": {
      "_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
      "convert_garbage": false,
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "pdf_hash": "8a864c46e1eccdf9c9c8d31b615fe17ef355f4ebb70b64968080961c4f2b4448",
      "txt_hash": "37895c1594875b36e8c27abe20054f5fc215785c86d8a4e57dded5b30f18d954"
    }
  },
  "status": "archived"
}