This page was not yet optimized for use on mobile devices.
Microsoft SQL Server 2014 Database Engine Enterprise Edition x64 (English)12.0.2000.8
CSV information ?
| Status | archived |
|---|---|
| Valid from | 16.06.2015 |
| Valid until | 01.07.2020 |
| Scheme | 🇯🇵 JP |
| Manufacturer | Microsoft Corporation |
| Category | Databases |
| Security level | ALC_FLR.2, EAL2+ |
| Protection profiles |
Heuristics summary ?
Certificate ID: JISEC-CC-CRP-C0475
Certificate ?
Certification report ?
Extracted keywords
Vendor
Microsoft Corporation, MicrosoftSecurity level
EAL2, EAL2+, EAL2 augmentedClaims
T.ACCIDENTIAL_ADMIN_ERROR, T.POOR_DESIGN, T.POOR_IMPLEMENTATION, T.POOR_TEST, T.MASQUERADE, T.RESIDUAL_DATA, T.TSF_COMPROMISE, T.UNAUTHORIZED_, T.UNIDENTIFIED_, A.NO_EVIL, A.NO_GENERAL_, A.PHYSICALSecurity Assurance Requirements (SAR)
ALC_FLR.2Certificates
CRP-C0475-01, Certification No. C0475Evaluation facilities
TÜV InformationstechnikStandards
CCMB-2012-09-001, CCMB-2012-09-002, CCMB-2012-09-003, CCMB-2012-09-004File metadata
| Creation date | D:20150724094408+09'00' |
|---|---|
| Modification date | D:20150724094442+09'00' |
| Pages | 31 |
| Creator | Microsoft® Word 2010 |
| Producer | Microsoft® Word 2010 |
Security target ?
Extracted keywords
Hash functions
SHA-1Trusted Execution Environments
SEVendor
Microsoft Corporation, MicrosoftSecurity level
EAL2+, EAL2, EAL 2, EAL2 augmented, EAL 2 augmentedClaims
O.ADMIN_GUIDANCE, O.CONFIGURATION_IDENTIFICATION, O.DOCUMENTED_DESIGN, O.INTERNAL_TOE_DOMAINS, O.PARTIAL_FUNCTIONAL_TEST, O.PARTIAL_SELF_PROTECTION, O.VULNERABILITY_ANALYSIS, O.ACCESS_HISTORY, O.ADMIN_ROLE, O.AUDIT_GENERATION, O.MANAGE, O.MEDIATE, O.RESIDUAL_INFORMATION, O.TOE_ACCESS, O.RESIDUAL_INFORMAT, O.AUDIT_, O.RESIDUAL_INFORM, T.ACCIDENTIAL_ADMIN_ERROR, T.POOR_DESIGN, T.POOR_IMPLEMENTATION, T.POOR_TEST, T.MASQUERADE, T.RESIDUAL_DATA, T.TSF_COMPROMISE, T.UNAUTHORIZED_ACCESS, T.UNIDENTIFIED_ACTIONS, A.NO_EVIL, A.NO_GENERAL_PURPOSE, A.PHYSICAL, OE.NO_EVIL, OE.NO_GENERAL_, OE.PHYSICAL, OE.NO_GENERAL_PURPOSESecurity Assurance Requirements (SAR)
ADV_FSP.2, ADV_ARC.1, AGD_ADD, AGD_PRE.1, ALC_FLR.2, ALC_FLR, ALC_DEL.1, ALC_CMS.2, ATE_COV.1, ATE_IND.2, AVA_VAN.2Security Functional Requirements (SFR)
FAU_STG_EXP.5, FAU_STG, FAU_GEN, FAU_GEN.1, FAU_SEL, FAU_SEL.1, FAU_GEN.2, FAU_STG_EXP, FAU_STG.3, FAU_STG.1, FAU_STG_EXP.5.1, FAU_GEN.2.1, FAU_STG.4, FDP_ACF, FDP_ACF.1, FDP_ACC.1, FDP_RIP.1, FDP_ACC.1.1, FDP_RIP.1.1, FDP_IFC.1, FIA_UAU.2, FIA_UAU.5, FIA_UID.2, FIA_ATD.1, FIA_ATD.1.1, FIA_UAU.2.1, FIA_UAU.5.1, FIA_UAU.5.2, FIA_UID.2.1, FIA_UID.1, FMT_MSA.3, FMT_REV.1, FMT_MOF.1, FMT_MSA.1, FMT_MTD.1, FMT_SMF.1, FMT_SMR.1, FMT_MOF.1.1, FMT_MSA.1.1, FMT_MSA.3.1, FMT_MSA.3.2, FMT_MTD.1.1, FMT_REV.1.1, FMT_REV.1.2, FMT_SMF.1.1, FMT_SMR.1.1, FMT_SMR.1.2, FPT_TRC.1, FPT_TRC.1.1, FPT_TRC.1.2, FPT_STM.1, FTA_TAH.1, FTA_MCS.1, FTA_TSE.1, FTA_MCS.1.1, FTA_MCS.1.2, FTA_TAH.1.1, FTA_TAH.1.2, FTA_TAH.1.3, FTA_TSE.1.1File metadata
| Title | Security Target - SQL Server 2014 |
|---|---|
| Subject | Security Target |
| Keywords | CC, ST, Common Criteria, SQL, Security Target, DBMS, Database Management System |
| Author | SQL Team |
| Creation date | D:20150330143231+02'00' |
| Modification date | D:20150330143231+02'00' |
| Pages | 50 |
| Creator | Microsoft® Word 2010 |
| Producer | Microsoft® Word 2010 |
Heuristics ?
Certificate ID: JISEC-CC-CRP-C0475
Extracted SARs
ALC_FLR.2, ADV_FSP.2, ADV_ARC.1, AGD_PRE.1, ALC_CMS.2, ALC_DEL.1, ATE_IND.2, AVA_VAN.2, ATE_COV.1Similar certificates
Showing 5 out of 17.
Scheme data ?
| Cert Id | C0475 | |
|---|---|---|
| Supplier | Microsoft Corporation | |
| Toe Overseas Name | Microsoft SQL Server 2014 Database Engine Enterprise Edition x64 (English)12.0.2000.8 | |
| Expiration Date | 2020-07 | |
| Claim | EAL2+ ALC_FLR.2 PP | |
| Certification Date | 2015-06 | |
| Toe Overseas Link | https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0475_it3480.html | |
| Toe Japan Name | ----- | |
| Enhanced | ||
| Product | Microsoft SQL Server 2014 Database Engine Enterprise Edition x64 (English) | |
| Toe Version | 12.0.2000.8 | |
| Product Type | Database Management System (DBMS) | |
| Certification Date | 2015-06-16 | |
| Cc Version | 3.1 Release4 | |
| Assurance Level | EAL2 Augmented with ALC_FLR.2 | |
| Protection Profile | U.S. Government Protection Profile for Database Management Systems, Version 1.3 | |
| Vendor | Microsoft Corporation | |
| Evaluation Facility | TÜV Informationstechnik GmbH, Evaluation Body for IT-Security | |
| Report Link | https://www.ipa.go.jp/en/security/c0475_erpt.pdf | |
| Cert Link | https://www.ipa.go.jp/en/security/c0475_eimg.pdf | |
| Target Link | https://www.ipa.go.jp/en/security/c0475_est.pdf | |
| Description | PRODUCT DESCRIPTION Description of TOE The TOE is the database engine of SQL Server 2014. SQL Server is a Database Management System (DBMS). The TOE has been developed as the core module of the DBMS to store and manage data in a secure way. TOE security functionality This TOE provides the following security functionality: - The Access Control function of the TOE controls the access of users to user data and metadata stored in the TOE. - The Session Handling function of the TOE limits the possibilities of users to establish sessions with the TOE. - The Security Audit function of the TOE produces log files about all security relevant events. - The Security Management function allows authorized administrators to manage the behavior of the security functionality of the TOE. - The Identification and Authentication function of the TOE is able to identify and authenticate users. - The Residual Information Protection function of the TOE overwrites the residual information on the memory that will be used for user sessions. | |
References ?
No references are available for this certificate.
Updates ?
-
17.10.2024 The certificate data changed.
Certificate changed
The Protection Profiles of the certificate were updated.
- The new value is
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.protection_profile.ProtectionProfile', 'pp_name': 'U.S. Government Protection Profile Database Management Systems, Version 1.3', 'pp_eal': 'EAL2+', 'pp_link': 'https://www.commoncriteriaportal.org/files/ppfiles/pp_dbms_v1.3.pdf', 'pp_ids': {'_type': 'Set', 'elements': ['PP_DBMS_V1.3']}}]}.
- The new value is
-
14.10.2024 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The scheme_data property was set to
{'cert_id': 'C0475', 'supplier': 'Microsoft Corporation', 'toe_overseas_name': 'Microsoft SQL Server 2014 Database Engine Enterprise Edition x64 (English)12.0.2000.8', 'expiration_date': '2020-07', 'claim': 'EAL2+\n ALC_FLR.2\n PP', 'certification_date': '2015-06', 'toe_overseas_link': 'https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0475_it3480.html', 'toe_japan_name': '-----', 'enhanced': {'product': 'Microsoft SQL Server 2014 Database Engine Enterprise Edition x64 (English)', 'toe_version': '12.0.2000.8', 'product_type': 'Database Management System (DBMS)', 'certification_date': '2015-06-16', 'cc_version': '3.1 Release4', 'assurance_level': 'EAL2 Augmented with ALC_FLR.2', 'protection_profile': 'U.S. Government Protection Profile for Database Management Systems, Version 1.3', 'vendor': 'Microsoft Corporation', 'evaluation_facility': 'TÜV Informationstechnik GmbH, Evaluation Body for IT-Security', 'report_link': 'https://www.ipa.go.jp/en/security/c0475_erpt.pdf', 'cert_link': 'https://www.ipa.go.jp/en/security/c0475_eimg.pdf', 'target_link': 'https://www.ipa.go.jp/en/security/c0475_est.pdf', 'description': 'PRODUCT DESCRIPTION \n Description of TOE \n The TOE is the database engine of SQL Server 2014. SQL Server is a Database Management System (DBMS). The TOE has been developed as the core module of the DBMS to store and manage data in a secure way. \n \n TOE security functionality \n This TOE provides the following security functionality: \n \n \n \n - \n The Access Control function of the TOE controls the access of users to user data and metadata stored in the TOE. \n \n \n - \n The Session Handling function of the TOE limits the possibilities of users to establish sessions with the TOE. \n \n \n - \n The Security Audit function of the TOE produces log files about all security relevant events. \n \n \n - \n The Security Management function allows authorized administrators to manage the behavior of the security functionality of the TOE. \n \n \n - \n The Identification and Authentication function of the TOE is able to identify and authenticate users. \n \n \n - \n The Residual Information Protection function of the TOE overwrites the residual information on the memory that will be used for user sessions.'}}.
- The scheme_data property was set to
-
30.09.2024 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The scheme_data property was set to
None.
- The scheme_data property was set to
-
22.08.2024 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The report property was updated, with the
{'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': 'bf3d64289ba9b8366626761600d05b7766183ff7dc92f9c5f0581d1faf2e2160', 'txt_hash': '2aab8d690195e7968a1820761e268fc26514a6b22f0efeb07bcd3775340011bf'}data. - The st property was updated, with the
{'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '27bb951e648abb5a44ec818ad00ce0fac5ef7f68ee6c58c0d73a45fab982a33c', 'txt_hash': 'c9ec0cb700e0da833f51063d6cd67466d8cfa06e4486cf4bc0f944dd0840ce5e'}data.
The PDF extraction data was updated.
- The report_metadata property was set to
{'pdf_file_size_bytes': 233021, 'pdf_is_encrypted': True, 'pdf_number_of_pages': 31, '/CreationDate': "D:20150724094408+09'00'", '/Creator': 'Microsoft® Word 2010', '/ModDate': "D:20150724094442+09'00'", '/Producer': 'Microsoft® Word 2010', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}. - The st_metadata property was set to
{'pdf_file_size_bytes': 595609, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 50, '/Title': 'Security Target - SQL Server 2014', '/Author': 'SQL Team', '/Subject': 'Security Target', '/Keywords': 'CC, ST, Common Criteria, SQL, Security Target, DBMS, Database Management System', '/Creator': 'Microsoft® Word 2010', '/CreationDate': "D:20150330143231+02'00'", '/ModDate': "D:20150330143231+02'00'", '/Producer': 'Microsoft® Word 2010', 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['https://www.microsoft.com/licensing/servicecenter/default.aspx', 'https://www.microsoft.com/sqlserver/en/us/common-criteria.aspx']}}. - The report_frontpage property was set to
{}. - The report_keywords property was set to
{'cc_cert_id': {'JP': {'CRP-C0475-01': 1, 'Certification No. C0475': 1}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL2': 4, 'EAL2+': 2, 'EAL2 augmented': 3}}, 'cc_sar': {'ALC': {'ALC_FLR.2': 4}}, 'cc_sfr': {}, 'cc_claims': {'T': {'T.ACCIDENTIAL_ADMIN_ERROR': 1, 'T.POOR_DESIGN': 1, 'T.POOR_IMPLEMENTATION': 1, 'T.POOR_TEST': 1, 'T.MASQUERADE': 1, 'T.RESIDUAL_DATA': 1, 'T.TSF_COMPROMISE': 1, 'T.UNAUTHORIZED_': 1, 'T.UNIDENTIFIED_': 1}, 'A': {'A.NO_EVIL': 1, 'A.NO_GENERAL_': 1, 'A.PHYSICAL': 1}}, 'vendor': {'Microsoft': {'Microsoft Corporation': 7, 'Microsoft': 20}}, 'eval_facility': {'TUV': {'TÜV Informationstechnik': 4}}, 'symmetric_crypto': {}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {}, 'crypto_scheme': {}, 'crypto_protocol': {}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'CC': {'CCMB-2012-09-001': 2, 'CCMB-2012-09-002': 2, 'CCMB-2012-09-003': 2, 'CCMB-2012-09-004': 2}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}. - The st_keywords property was set to
{'cc_cert_id': {}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL2+': 51, 'EAL2': 2, 'EAL 2': 3, 'EAL2 augmented': 2, 'EAL 2 augmented': 1}}, 'cc_sar': {'ADV': {'ADV_FSP.2': 1, 'ADV_ARC.1': 2}, 'AGD': {'AGD_ADD': 3, 'AGD_PRE.1': 1}, 'ALC': {'ALC_FLR.2': 4, 'ALC_FLR': 1, 'ALC_DEL.1': 1, 'ALC_CMS.2': 1}, 'ATE': {'ATE_COV.1': 1, 'ATE_IND.2': 1}, 'AVA': {'AVA_VAN.2': 1}}, 'cc_sfr': {'FAU': {'FAU_STG_EXP.5': 15, 'FAU_STG': 3, 'FAU_GEN': 10, 'FAU_GEN.1': 3, 'FAU_SEL': 8, 'FAU_SEL.1': 2, 'FAU_GEN.2': 8, 'FAU_STG_EXP': 2, 'FAU_STG.3': 1, 'FAU_STG.1': 2, 'FAU_STG_EXP.5.1': 2, 'FAU_GEN.2.1': 1, 'FAU_STG.4': 1}, 'FDP': {'FDP_ACF': 8, 'FDP_ACF.1': 6, 'FDP_ACC.1': 10, 'FDP_RIP.1': 6, 'FDP_ACC.1.1': 1, 'FDP_RIP.1.1': 1, 'FDP_IFC.1': 1}, 'FIA': {'FIA_UAU.2': 8, 'FIA_UAU.5': 8, 'FIA_UID.2': 12, 'FIA_ATD.1': 10, 'FIA_ATD.1.1': 2, 'FIA_UAU.2.1': 1, 'FIA_UAU.5.1': 1, 'FIA_UAU.5.2': 1, 'FIA_UID.2.1': 1, 'FIA_UID.1': 11}, 'FMT': {'FMT_MSA.3': 8, 'FMT_REV.1': 16, 'FMT_MOF.1': 6, 'FMT_MSA.1': 6, 'FMT_MTD.1': 7, 'FMT_SMF.1': 7, 'FMT_SMR.1': 14, 'FMT_MOF.1.1': 1, 'FMT_MSA.1.1': 1, 'FMT_MSA.3.1': 1, 'FMT_MSA.3.2': 1, 'FMT_MTD.1.1': 1, 'FMT_REV.1.1': 2, 'FMT_REV.1.2': 2, 'FMT_SMF.1.1': 1, 'FMT_SMR.1.1': 1, 'FMT_SMR.1.2': 1}, 'FPT': {'FPT_TRC.1': 6, 'FPT_TRC.1.1': 1, 'FPT_TRC.1.2': 1, 'FPT_STM.1': 1}, 'FTA': {'FTA_TAH.1': 8, 'FTA_MCS.1': 6, 'FTA_TSE.1': 6, 'FTA_MCS.1.1': 1, 'FTA_MCS.1.2': 1, 'FTA_TAH.1.1': 1, 'FTA_TAH.1.2': 1, 'FTA_TAH.1.3': 1, 'FTA_TSE.1.1': 1}}, 'cc_claims': {'O': {'O.ADMIN_GUIDANCE': 1, 'O.CONFIGURATION_IDENTIFICATION': 1, 'O.DOCUMENTED_DESIGN': 1, 'O.INTERNAL_TOE_DOMAINS': 1, 'O.PARTIAL_FUNCTIONAL_TEST': 1, 'O.PARTIAL_SELF_PROTECTION': 1, 'O.VULNERABILITY_ANALYSIS': 1, 'O.ACCESS_HISTORY': 5, 'O.ADMIN_ROLE': 4, 'O.AUDIT_GENERATION': 4, 'O.MANAGE': 6, 'O.MEDIATE': 5, 'O.RESIDUAL_INFORMATION': 3, 'O.TOE_ACCESS': 7, 'O.RESIDUAL_INFORMAT': 2, 'O.AUDIT_': 1, 'O.RESIDUAL_INFORM': 1}, 'T': {'T.ACCIDENTIAL_ADMIN_ERROR': 1, 'T.POOR_DESIGN': 1, 'T.POOR_IMPLEMENTATION': 1, 'T.POOR_TEST': 1, 'T.MASQUERADE': 3, 'T.RESIDUAL_DATA': 3, 'T.TSF_COMPROMISE': 3, 'T.UNAUTHORIZED_ACCESS': 3, 'T.UNIDENTIFIED_ACTIONS': 3}, 'A': {'A.NO_EVIL': 3, 'A.NO_GENERAL_PURPOSE': 3, 'A.PHYSICAL': 3}, 'OE': {'OE.NO_EVIL': 4, 'OE.NO_GENERAL_': 2, 'OE.PHYSICAL': 4, 'OE.NO_GENERAL_PURPOSE': 1}}, 'vendor': {'Microsoft': {'Microsoft Corporation': 2, 'Microsoft': 11}}, 'eval_facility': {}, 'symmetric_crypto': {}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 1}}}, 'crypto_scheme': {}, 'crypto_protocol': {}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {'IBM': {'SE': 3}}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}. - The report_filename property was set to
c0475_erpt.pdf. - The st_filename property was set to
c0475_est.pdf.
The computed heuristics were updated.
- The cert_id property was set to
JISEC-CC-CRP-C0475. - The extracted_sars property was updated, with the
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_VAN', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 1}]}values added.
- The report property was updated, with the
-
17.08.2024 The certificate data changed.
Certificate changed
The report_link was updated.
- The new value is
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0475_erpt.pdf.
The st_link was updated.
- The new value is
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0475_est.pdf.
The state of the certificate object was updated.
- The report property was updated, with the
{'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None}data. - The st property was updated, with the
{'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None}data.
The PDF extraction data was updated.
- The report_metadata property was set to
None. - The st_metadata property was set to
None. - The report_frontpage property was set to
None. - The report_keywords property was set to
None. - The st_keywords property was set to
None. - The report_filename property was set to
None. - The st_filename property was set to
None.
The computed heuristics were updated.
- The cert_id property was set to
None. - The extracted_sars property was updated, with the
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_VAN', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 1}]}values discarded.
- The new value is
-
23.07.2024 The certificate was first processed.
New certificate
A new Common Criteria certificate with the product name Microsoft SQL Server 2014 Database Engine Enterprise Edition x64 (English)12.0.2000.8 was processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "Databases",
"cert_link": null,
"dgst": "c225189611bed8f2",
"heuristics": {
"_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
"annotated_references": null,
"cert_id": "JISEC-CC-CRP-C0475",
"cert_lab": null,
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_COV",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_FLR",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DEL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_ARC",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_IND",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_PRE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 2
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"12.0.2000.8"
]
},
"indirect_transitive_cves": null,
"related_cves": null,
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"scheme_data": {
"cert_id": "C0475",
"certification_date": "2015-06",
"claim": "EAL2+\n ALC_FLR.2\n PP",
"enhanced": {
"assurance_level": "EAL2 Augmented with ALC_FLR.2",
"cc_version": "3.1 Release4",
"cert_link": "https://www.ipa.go.jp/en/security/c0475_eimg.pdf",
"certification_date": "2015-06-16",
"description": "PRODUCT DESCRIPTION \n Description of TOE \n The TOE is the database engine of SQL Server 2014. SQL Server is a Database Management System (DBMS). The TOE has been developed as the core module of the DBMS to store and manage data in a secure way. \n \n TOE security functionality \n This TOE provides the following security functionality: \n \n \n \n - \n The Access Control function of the TOE controls the access of users to user data and metadata stored in the TOE. \n \n \n - \n The Session Handling function of the TOE limits the possibilities of users to establish sessions with the TOE. \n \n \n - \n The Security Audit function of the TOE produces log files about all security relevant events. \n \n \n - \n The Security Management function allows authorized administrators to manage the behavior of the security functionality of the TOE. \n \n \n - \n The Identification and Authentication function of the TOE is able to identify and authenticate users. \n \n \n - \n The Residual Information Protection function of the TOE overwrites the residual information on the memory that will be used for user sessions.",
"evaluation_facility": "T\u00dcV Informationstechnik GmbH, Evaluation Body for IT-Security",
"product": "Microsoft SQL Server 2014 Database Engine Enterprise Edition x64 (English)",
"product_type": "Database Management System (DBMS)",
"protection_profile": "U.S. Government Protection Profile for Database Management Systems, Version 1.3",
"report_link": "https://www.ipa.go.jp/en/security/c0475_erpt.pdf",
"target_link": "https://www.ipa.go.jp/en/security/c0475_est.pdf",
"toe_version": "12.0.2000.8",
"vendor": "Microsoft Corporation"
},
"expiration_date": "2020-07",
"supplier": "Microsoft Corporation",
"toe_japan_name": "-----",
"toe_overseas_link": "https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0475_it3480.html",
"toe_overseas_name": "Microsoft SQL Server 2014 Database Engine Enterprise Edition x64 (English)12.0.2000.8"
},
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": []
},
"manufacturer": "Microsoft Corporation",
"manufacturer_web": "https://www.microsoft.com",
"name": "Microsoft SQL Server 2014 Database Engine Enterprise Edition x64 (English)12.0.2000.8",
"not_valid_after": "2020-07-01",
"not_valid_before": "2015-06-16",
"pdf_data": {
"_type": "sec_certs.sample.cc.CCCertificate.PdfData",
"cert_filename": null,
"cert_frontpage": null,
"cert_keywords": null,
"cert_metadata": null,
"report_filename": "c0475_erpt.pdf",
"report_frontpage": {},
"report_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {
"JP": {
"CRP-C0475-01": 1,
"Certification No. C0475": 1
}
},
"cc_claims": {
"A": {
"A.NO_EVIL": 1,
"A.NO_GENERAL_": 1,
"A.PHYSICAL": 1
},
"T": {
"T.ACCIDENTIAL_ADMIN_ERROR": 1,
"T.MASQUERADE": 1,
"T.POOR_DESIGN": 1,
"T.POOR_IMPLEMENTATION": 1,
"T.POOR_TEST": 1,
"T.RESIDUAL_DATA": 1,
"T.TSF_COMPROMISE": 1,
"T.UNAUTHORIZED_": 1,
"T.UNIDENTIFIED_": 1
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"ALC": {
"ALC_FLR.2": 4
}
},
"cc_security_level": {
"EAL": {
"EAL2": 4,
"EAL2 augmented": 3,
"EAL2+": 2
}
},
"cc_sfr": {},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"TUV": {
"T\u00dcV Informationstechnik": 4
}
},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"CC": {
"CCMB-2012-09-001": 2,
"CCMB-2012-09-002": 2,
"CCMB-2012-09-003": 2,
"CCMB-2012-09-004": 2
}
},
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Microsoft": {
"Microsoft": 20,
"Microsoft Corporation": 7
}
},
"vulnerability": {}
},
"report_metadata": {
"/CreationDate": "D:20150724094408+09\u002700\u0027",
"/Creator": "Microsoft\u00ae Word 2010",
"/ModDate": "D:20150724094442+09\u002700\u0027",
"/Producer": "Microsoft\u00ae Word 2010",
"pdf_file_size_bytes": 233021,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": true,
"pdf_number_of_pages": 31
},
"st_filename": "c0475_est.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {},
"cc_claims": {
"A": {
"A.NO_EVIL": 3,
"A.NO_GENERAL_PURPOSE": 3,
"A.PHYSICAL": 3
},
"O": {
"O.ACCESS_HISTORY": 5,
"O.ADMIN_GUIDANCE": 1,
"O.ADMIN_ROLE": 4,
"O.AUDIT_": 1,
"O.AUDIT_GENERATION": 4,
"O.CONFIGURATION_IDENTIFICATION": 1,
"O.DOCUMENTED_DESIGN": 1,
"O.INTERNAL_TOE_DOMAINS": 1,
"O.MANAGE": 6,
"O.MEDIATE": 5,
"O.PARTIAL_FUNCTIONAL_TEST": 1,
"O.PARTIAL_SELF_PROTECTION": 1,
"O.RESIDUAL_INFORM": 1,
"O.RESIDUAL_INFORMAT": 2,
"O.RESIDUAL_INFORMATION": 3,
"O.TOE_ACCESS": 7,
"O.VULNERABILITY_ANALYSIS": 1
},
"OE": {
"OE.NO_EVIL": 4,
"OE.NO_GENERAL_": 2,
"OE.NO_GENERAL_PURPOSE": 1,
"OE.PHYSICAL": 4
},
"T": {
"T.ACCIDENTIAL_ADMIN_ERROR": 1,
"T.MASQUERADE": 3,
"T.POOR_DESIGN": 1,
"T.POOR_IMPLEMENTATION": 1,
"T.POOR_TEST": 1,
"T.RESIDUAL_DATA": 3,
"T.TSF_COMPROMISE": 3,
"T.UNAUTHORIZED_ACCESS": 3,
"T.UNIDENTIFIED_ACTIONS": 3
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"ADV": {
"ADV_ARC.1": 2,
"ADV_FSP.2": 1
},
"AGD": {
"AGD_ADD": 3,
"AGD_PRE.1": 1
},
"ALC": {
"ALC_CMS.2": 1,
"ALC_DEL.1": 1,
"ALC_FLR": 1,
"ALC_FLR.2": 4
},
"ATE": {
"ATE_COV.1": 1,
"ATE_IND.2": 1
},
"AVA": {
"AVA_VAN.2": 1
}
},
"cc_security_level": {
"EAL": {
"EAL 2": 3,
"EAL 2 augmented": 1,
"EAL2": 2,
"EAL2 augmented": 2,
"EAL2+": 51
}
},
"cc_sfr": {
"FAU": {
"FAU_GEN": 10,
"FAU_GEN.1": 3,
"FAU_GEN.2": 8,
"FAU_GEN.2.1": 1,
"FAU_SEL": 8,
"FAU_SEL.1": 2,
"FAU_STG": 3,
"FAU_STG.1": 2,
"FAU_STG.3": 1,
"FAU_STG.4": 1,
"FAU_STG_EXP": 2,
"FAU_STG_EXP.5": 15,
"FAU_STG_EXP.5.1": 2
},
"FDP": {
"FDP_ACC.1": 10,
"FDP_ACC.1.1": 1,
"FDP_ACF": 8,
"FDP_ACF.1": 6,
"FDP_IFC.1": 1,
"FDP_RIP.1": 6,
"FDP_RIP.1.1": 1
},
"FIA": {
"FIA_ATD.1": 10,
"FIA_ATD.1.1": 2,
"FIA_UAU.2": 8,
"FIA_UAU.2.1": 1,
"FIA_UAU.5": 8,
"FIA_UAU.5.1": 1,
"FIA_UAU.5.2": 1,
"FIA_UID.1": 11,
"FIA_UID.2": 12,
"FIA_UID.2.1": 1
},
"FMT": {
"FMT_MOF.1": 6,
"FMT_MOF.1.1": 1,
"FMT_MSA.1": 6,
"FMT_MSA.1.1": 1,
"FMT_MSA.3": 8,
"FMT_MSA.3.1": 1,
"FMT_MSA.3.2": 1,
"FMT_MTD.1": 7,
"FMT_MTD.1.1": 1,
"FMT_REV.1": 16,
"FMT_REV.1.1": 2,
"FMT_REV.1.2": 2,
"FMT_SMF.1": 7,
"FMT_SMF.1.1": 1,
"FMT_SMR.1": 14,
"FMT_SMR.1.1": 1,
"FMT_SMR.1.2": 1
},
"FPT": {
"FPT_STM.1": 1,
"FPT_TRC.1": 6,
"FPT_TRC.1.1": 1,
"FPT_TRC.1.2": 1
},
"FTA": {
"FTA_MCS.1": 6,
"FTA_MCS.1.1": 1,
"FTA_MCS.1.2": 1,
"FTA_TAH.1": 8,
"FTA_TAH.1.1": 1,
"FTA_TAH.1.2": 1,
"FTA_TAH.1.3": 1,
"FTA_TSE.1": 6,
"FTA_TSE.1.1": 1
}
},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {},
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {
"IBM": {
"SE": 3
}
},
"tls_cipher_suite": {},
"vendor": {
"Microsoft": {
"Microsoft": 11,
"Microsoft Corporation": 2
}
},
"vulnerability": {}
},
"st_metadata": {
"/Author": "SQL Team",
"/CreationDate": "D:20150330143231+02\u002700\u0027",
"/Creator": "Microsoft\u00ae Word 2010",
"/Keywords": "CC, ST, Common Criteria, SQL, Security Target, DBMS, Database Management System",
"/ModDate": "D:20150330143231+02\u002700\u0027",
"/Producer": "Microsoft\u00ae Word 2010",
"/Subject": "Security Target",
"/Title": "Security Target - SQL Server 2014",
"pdf_file_size_bytes": 595609,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://www.microsoft.com/sqlserver/en/us/common-criteria.aspx",
"https://www.microsoft.com/licensing/servicecenter/default.aspx"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 50
}
},
"protection_profiles": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.protection_profile.ProtectionProfile",
"pp_eal": "EAL2+",
"pp_ids": {
"_type": "Set",
"elements": [
"PP_DBMS_V1.3"
]
},
"pp_link": "https://www.commoncriteriaportal.org/files/ppfiles/pp_dbms_v1.3.pdf",
"pp_name": "U.S. Government Protection Profile Database Management Systems, Version 1.3"
}
]
},
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0475_erpt.pdf",
"scheme": "JP",
"security_level": {
"_type": "Set",
"elements": [
"EAL2+",
"ALC_FLR.2"
]
},
"st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0475_est.pdf",
"state": {
"_type": "sec_certs.sample.cc.CCCertificate.InternalState",
"cert": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": false,
"download_ok": false,
"extract_ok": false,
"pdf_hash": null,
"txt_hash": null
},
"report": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "bf3d64289ba9b8366626761600d05b7766183ff7dc92f9c5f0581d1faf2e2160",
"txt_hash": "2aab8d690195e7968a1820761e268fc26514a6b22f0efeb07bcd3775340011bf"
},
"st": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "27bb951e648abb5a44ec818ad00ce0fac5ef7f68ee6c58c0d73a45fab982a33c",
"txt_hash": "c9ec0cb700e0da833f51063d6cd67466d8cfa06e4486cf4bc0f944dd0840ce5e"
}
},
"status": "archived"
}