| name |
CENTAGATE v3.010-build13 |
iDeras Unified Threat Management (UTM) v5.02 |
| category |
Other Devices and Systems |
Boundary Protection Devices and Systems |
| scheme |
MY |
MY |
| status |
archived |
archived |
| not_valid_after |
06.06.2022 |
04.11.2018 |
| not_valid_before |
06.06.2017 |
04.11.2013 |
| cert_link |
None |
None |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ISCB-5-RPT-C072-CR-v1.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ISCB-5-RPT-C045-CR-v1a.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/2017-05-08-CTG-ST-3.0.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/2013-10-18-iDeras-ST-v1.3.pdf |
| manufacturer |
SecureMetric Technology Sdn Bhd |
Infosys Gateway Sdn Bhd |
| manufacturer_web |
https://www.securemetric.com/ |
https://www.infosysgateway.com.my |
| security_level |
EAL4+, ALC_FLR.2 |
EAL2 |
| dgst |
4149b933ed4230dd |
c0bf0d3a99d94f0a |
| heuristics/cert_id |
ISCB-3-RPT-C072-CR-v1 |
ISCB-5-RPT-C045-CR-v1a |
| heuristics/cert_lab |
[] |
[] |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ADV_TDS.3, AVA_VAN.3, ASE_CCL.1, ATE_FUN.1, ASE_OBJ.2, ASE_INT.1, ALC_CMC.4, ASE_REQ.2, AGD_PRE.1, ATE_IND.2, ATE_DPT.1, ASE_ECD.1, ALC_LCD.1, ALC_FLR.2, ASE_SPD.1, ATE_COV.2, ALC_DVS.1, ALC_TAT.1, AGD_OPE.1, ALC_CMS.4, ALC_DEL.1, ASE_TSS.1, ADV_ARC.1, ADV_FSP.4, ALC_FRL.2 |
ASE_CCL.1, ATE_FUN.1, ASE_OBJ.2, ALC_CMS.2, ASE_INT.1, ASE_REQ.2, AGD_PRE.1, ATE_IND.2, ASE_ECD.1, AVA_VAN.2, ADV_TDS.1, ASE_SPD.1, ALC_CMC.2, ADV_FSP.2, ATE_COV.1, AGD_OPE.1, ALC_DEL.1, ASE_TSS.1, ADV_ARC.1 |
| heuristics/extracted_versions |
3.010 |
5.02 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
- cert_no: 2017-003-C072
- certification_date: 06.06.2017
- developer: SecureMetric Technology Sdn. Bhd.
- enhanced:
- assurance_level: EAL4+ ALC_FLR.2
- category: Other Devices and Systems
- cert_id: C072
- certification_date: 06.06.2017
- developer: Nickson YauSecureMetric Technology Sdn Bhd2-2, Incubator 2,Technology Park Malaysia,Lebuh Sg. Besi - Puchong, Bukit Jalil57000, Kuala Lumpur, Malaysia Email: [email protected]: 012 301 6966
- expiration_date: 06.06.2022
- mutual_recognition: CCRA
- product: CENTAGATE v3.010-build13
- report_link: https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C072/ISCB-5-RPT-C072-CR-v1.pdf
- scope: CENTAGATE is an enterprise class authentication solution built on JEE technology, that enforce secure authentication for protected resources such as internal web applications. It operates through web interfaces and has the functionality that enables three-factor of authentications and risk-based scoring engine through accessibility of single sign-on (SSO). It consists of Web Application Server and Mobile Applications that supports Android and iOS platform. The following security functions are implemented by the TOE: Security Token Provision; Mobile Protection; Mobile PKI; Hybrid Risk Scoring Engine (Rule-based and Case-based); Cryptographic Module; Key Management System; Authentication Module; Web Administration Module; and Mobile Management Module
- status: Archive
- target_link: https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C072/2017-05-08-CTG-ST-3.0.pdf
- type: Other devices and systems
- expiration_date: 06.06.2022
- level: EAL4+ ALC_FLR.2
- product: CENTAGATE v3.010-build13
- recognition: CCRA
- url: https://iscb.cybersecurity.my/index.php/certification/product-certification/mycc/archived-certified-products-and-systems/submission-view/143
|
- cert_no: 2013-008-C045
- certification_date: 04.11.2013
- developer: Infosys Gateway Sdn Bhd
- enhanced:
- assurance_level: EAL2
- category: Boundary Protection Devices and Systems
- cert_id: C045
- certification_date: 04.11.2013
- developer: Izzati Rasheeqa Abdullah Infosys Gateway Sdn BhdUnit 808, 8th Floor, Block E, Phileo Damansara I,No.9, Jalan 16/11, Off Jalan Damansara,46350 Petaling Jaya, Selangor Darul EhsanMALAYSIA URL: http://www.infosysgateway.com.myEmail: [email protected]: +603 7931 5800Fax: +603 7958 1930
- expiration_date: 04.11.2018
- mutual_recognition: MyCC
- product: iDeras Unified Threat Management (UTM) v5.02
- report_link: https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C045/ISCB-5-RPT-C045-CR-v1a.pdf
- scope: The Target of Evaluation (TOE) is iDeras Unified Threat Management (UTM) v5.02 or known as iDeras. The TOE is a Unified Threat Management (UTM) or hybrid solution consists of firewall packet filtering technology, offering server hosting services, network security with management features, and gateway security management within a single appliance. The scope of the evaluation only covers network gateway functions that are responsible to manage the enterprise network traffic flow. The TOE includes other supporting features that are not part of TOE scope such as Intrusion Detection/Prevention, antimalware, content filtering, VPN, network management, hosting server, and other features specified in Section 2.6.3 of the Security Target. The scope of evaluation covers major security features as follows: Identification and Authentication - TOE administrator can access TOE by providing username and password in the Webconfig interface and CLI interface. TOE administrator will be granted role based on built-in Groups, access to services and pages within Webconfig. Password for each administrator account is governed by password policy. TOE administrator is able to modify the existing configurable settings as per required by the organisational security policies implemented or enforced. User Data Protection – The TOE has capabilities of protecting internal network from external network intrusion by using information flow controls between internal and external network. The TOE will check the inbound and outbound IP network protocols, contents and ports before allowing or rejecting the IP network and packets. TOE Administrator can configure packet filter rules and policies based on the subject and information security attributes. By default, all external (internet) traffic will be blocked. TOE administrator can configure any services, ports and protocols that are accessible between Internet and internal networks. Security Management - TOE features can be managed through Webconfig and CLI by the TOE administrator. User of TOE, whom is assigned with TOE administrator roles, is configurable using built-in feature by assigning to administrator account “admin”. TOE administrator could enable, disable, modify the behaviour of services controlled by TOE packet filtering rules, user attributes values, network setting, time-of-day web access, NTP Time server, backup and restore configuration setting, restart and shutdown functions, password policies, and related functions of TOE. Security Audit - The TOE will generate audit records for selected security events in several log files and categories. Each audited events will be recorded along with date and time of event, account user who performed the event, event name, system filename related to event and other event details. Audit record can be viewed by TOE administrator but it cannot be edited. TOE Administrator could select and filter the logs for easy viewing. TOE will create a new log file to store the audit records if the size limit is reached for a single log file. Limitation of the log storage is based on the internal hard disk equipped within the TOE appliance. Protection of the TSF - The security audit functions will generate audit records of events along with date and time of event. To ensure a reliable date and time, TOE enforce the time stamps to be taken from a reliable source from the environment. TOE prevents modification of date and time manually.
- status: Archive
- target_link: https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C045/2013-10-18-iDeras-ST-v1.3.pdf
- type: Boundary Protection Devices and Systems
- expiration_date: 04.11.2018
- level: EAL2
- product: iDeras Unified Threat Management (UTM) v5.02
- recognition: MyCC
- url: https://iscb.cybersecurity.my/index.php/certification/product-certification/mycc/archived-certified-products-and-systems/submission-view/59
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
{} |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
{} |
{} |
| pdf_data/cert_filename |
None |
None |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
|
| pdf_data/report_filename |
ISCB-5-RPT-C072-CR-v1.pdf |
ISCB-5-RPT-C045-CR-v1a.pdf |
| pdf_data/report_frontpage |
|
|
| pdf_data/report_keywords/cc_cert_id |
- MY:
- ISCB-3-RPT-C072-CR-v1: 28
|
- MY:
- ISCB-5-RPT-C045-CR-v1a: 31
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
- EAL:
- EAL4: 5
- EAL4 augmented: 1
- EAL4+: 4
|
|
| pdf_data/report_keywords/cc_sar |
|
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
|
|
| pdf_data/report_keywords/vendor |
|
|
| pdf_data/report_keywords/eval_facility |
|
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
- ISO:
- ISO/IEC 18045: 2
- ISO/IEC15408: 2
|
- ISO:
- ISO/IEC 18045: 2
- ISO/IEC15408: 2
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
- OutOfScope:
- OTP Hardware token, where this is out of the evaluation. SMS service to register the device is also out of scope. 18 Potential consumers of the TOE are advised that some functions and services may not have been: 1
- out of scope: 1
|
|
| pdf_data/report_metadata |
- /Author: ISCB Department
- /CreationDate: D:20170720054033+00'00'
- /Creator: Microsoft Word
- /Keywords: MyCB_TMP_002
- /ModDate: D:20170720054033+00'00'
- /Subject: CENTAGATE v3.0.10-build13
- /Title: C072 Certification Report
- pdf_file_size_bytes: 649341
- pdf_hyperlinks: mailto:[email protected], http://www.cybersecurity.my/mycc
- pdf_is_encrypted: False
- pdf_number_of_pages: 29
|
- /Author: Norhazimah
- /CreationDate: D:20131112100545+08'00'
- /Creator: PScript5.dll Version 5.2.2
- /ModDate: D:20131112100545+08'00'
- /Producer: Acrobat Distiller 10.1.8 (Windows)
- /Title: Microsoft Word - ISCB-5-RPT-C045-CR-v1a _web_
- pdf_file_size_bytes: 337164
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 31
|
| pdf_data/st_filename |
2017-05-08-CTG-ST-3.0.pdf |
2013-10-18-iDeras-ST-v1.3.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
- EAL:
- EAL 4: 1
- EAL 4 augmented: 1
- EAL4: 3
- EAL4 augmented: 1
|
|
| pdf_data/st_keywords/cc_sar |
- ADV:
- ADV_ARC.1: 1
- ADV_FSP.4: 1
- ADV_IMP: 1
- ADV_TDS.3: 1
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.4: 1
- ALC_CMS.4: 1
- ALC_DEL.1: 1
- ALC_DVS.1: 1
- ALC_FLR.2: 2
- ALC_FRL.2: 1
- ALC_LCD.1: 1
- ALC_TAT.1: 1
- ASE:
- ASE_CCL.1: 1
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.2: 1
- ASE_SPD.1: 1
- ASE_TSS.1: 1
- ATE:
- ATE_COV.2: 1
- ATE_DPT.1: 1
- ATE_FUN.1: 1
- ATE_IND.2: 1
- AVA:
|
- ADV:
- ADV_ARC.1: 1
- ADV_FSP.2: 1
- ADV_TDS.1: 1
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.2: 1
- ALC_CMS.2: 1
- ALC_DEL.1: 1
- ASE:
- ASE_CCL.1: 1
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.2: 1
- ASE_SPD.1: 1
- ASE_TSS.1: 1
- ATE:
- ATE_COV.1: 1
- ATE_FUN.1: 1
- ATE_IND.2: 1
- AVA:
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FAU_ARP: 3
- FAU_ARP.1: 5
- FAU_ARP.1.1: 1
- FAU_GEN: 2
- FAU_GEN.1: 10
- FAU_GEN.1.1: 2
- FAU_GEN.1.2: 1
- FAU_GEN.2: 4
- FAU_GEN.2.1: 1
- FAU_SAA: 1
- FAU_SAA.1: 8
- FAU_SAA.1.1: 1
- FAU_SAA.1.2: 1
- FAU_SAA.2: 6
- FAU_SAA.2.1: 1
- FAU_SAA.2.2: 1
- FAU_SAA.2.3: 1
- FAU_SAR: 2
- FAU_SAR.1: 5
- FAU_SAR.1.1: 1
- FAU_SAR.1.2: 1
- FAU_SAR.2: 3
- FAU_SAR.2.1: 1
- FCS:
- FCS_CKM.1: 13
- FCS_CKM.1.1: 1
- FCS_CKM.2: 10
- FCS_CKM.2.1: 1
- FCS_CKM.4: 13
- FCS_CKM.4.1: 1
- FCS_COP.1: 11
- FCS_COP.1.1: 1
- FDP:
- FDP_ACC.1: 12
- FDP_ACC.1.1: 1
- FDP_ACF.1: 12
- FDP_ACF.1.1: 1
- FDP_ACF.1.2: 1
- FDP_ACF.1.3: 1
- FDP_ACF.1.4: 1
- FDP_IFC.1: 1
- FDP_ITC.1: 3
- FDP_ITC.2: 3
- FIA:
- FIA_AFL.1: 6
- FIA_AFL.1.1: 1
- FIA_AFL.1.2: 1
- FIA_ATD.1: 7
- FIA_ATD.1.1: 1
- FIA_UAU.1: 8
- FIA_UAU.1.1: 1
- FIA_UAU.1.2: 1
- FIA_UAU.2: 3
- FIA_UAU.2.1: 1
- FIA_UAU.5: 9
- FIA_UAU.5.1: 1
- FIA_UAU.5.2: 1
- FIA_UAU.6: 7
- FIA_UAU.6.1: 1
- FIA_UID.1: 13
- FIA_UID.1.1: 1
- FIA_UID.1.2: 1
- FIA_UID.2: 7
- FIA_UID.2.1: 1
- FMT:
- FMT_MSA.1: 5
- FMT_MSA.1.1: 1
- FMT_MSA.3: 5
- FMT_MSA.3.1: 1
- FMT_MSA.3.2: 1
- FMT_SMF.1: 5
- FMT_SMF.1.1: 1
- FMT_SMR.1: 12
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FPT:
- FTA:
|
- FAU:
- FAU_GEN: 2
- FAU_GEN.1: 3
- FAU_GEN.1.1: 1
- FAU_GEN.3: 10
- FAU_GEN.3.1: 2
- FAU_GEN.3.2: 2
- FAU_SAR.1: 5
- FAU_SAR.1.1: 1
- FAU_SAR.1.2: 1
- FAU_SAR.3: 5
- FAU_SAR.3.1: 1
- FAU_STG: 1
- FAU_STG.1: 7
- FAU_STG.1.1: 1
- FAU_STG.1.2: 1
- FAU_STG.3: 1
- FAU_STG.4: 4
- FAU_STG.4.1: 1
- FCS:
- FDP:
- FDP_ACC.1: 2
- FDP_IFC.1: 8
- FDP_IFC.1.1: 1
- FDP_IFF.1: 5
- FDP_IFF.1.1: 3
- FDP_IFF.1.2: 1
- FDP_IFF.1.3: 1
- FDP_IFF.1.4: 1
- FDP_IFF.1.5: 1
- FIA:
- FIA_ATD.1: 7
- FIA_ATD.1.1: 3
- FIA_SOS.1: 4
- FIA_SOS.1.1: 1
- FIA_UAU.1: 1
- FIA_UAU.2: 5
- FIA_UAU.2.1: 1
- FIA_UID.1: 5
- FIA_UID.2: 10
- FIA_UID.2.1: 1
- FMT:
- FMT_MOF.1: 5
- FMT_MOF.1.1: 3
- FMT_MSA.1: 6
- FMT_MSA.1.1: 1
- FMT_MSA.3: 6
- FMT_MSA.3.1: 1
- FMT_MSA.3.2: 1
- FMT_MTD.1: 4
- FMT_MTD.1.1: 1
- FMT_SAE.1: 1
- FMT_SMF.1: 10
- FMT_SMF.1.1: 1
- FMT_SMR.1: 11
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FPT:
- FPT_STM: 1
- FPT_STM.1: 1
- FPT_STM.2: 10
- FPT_STM.2.1: 2
|
| pdf_data/st_keywords/cc_claims |
- A:
- A.COMPENT_ADMIN: 1
- A.COMPENT_ADMINSTRATORS: 1
- A.FIREWALL: 2
- A.MAIL_SERVER: 2
- A.MALICIOUS_CODE: 1
- A.NO_EVIL: 2
- A.OPERATING_SYSTEM: 1
- A.PORT_PROTECT: 2
- A.TIME_STAMP: 2
- D:
- O:
- O.ALERT: 6
- O.AUDIT: 7
- O.AUTH_MECH: 8
- O.MOBILE_SENSITVE: 2
- O.MOBILE_SENSITVE_: 1
- O.MOBILE_SENSITVE_PROTECTION: 5
- O.TRAFFIC_PROTECTION: 23
- O.USER_ACC: 1
- O.USER_ACC_CONTROL: 19
- OE:
- OE.COMPENT_: 1
- OE.COMPENT_ADMINSTRATORS: 1
- OE.FIREWALL: 2
- OE.MAIL_SERVER: 2
- OE.MALICIOUS_CODE_N: 1
- OE.MALICIOUS_CODE_NOT_SIGN: 1
- OE.NO_EVIL: 2
- OE.OPERATING_SYSTEM: 1
- OE.PHYSICAL_PROTECTION: 1
- OE.PORT_PROTECT: 2
- OE.TIME_STAMP: 2
- T:
- T.CUMMUNICATION: 1
- T.CUMMUNICATION_ATTACK: 1
- T.DATA_ACCESS: 2
- T.MOBILE: 1
- T.MOBILE_ATTACK: 1
- T.USER_ACC_CONTROL: 1
- T.WEB_ATTACK: 2
|
- A:
- A.ADMIN: 2
- A.CONN: 2
- A.FLOW: 2
- A.MGMT: 2
- A.PHY: 2
- A.TIMEBACK: 2
- A.USER: 2
- O:
- O.ACCESSLOG: 3
- O.AUDIT: 3
- O.CONFIG: 4
- O.EXPLOIT: 4
- O.NOAUTH: 4
- OE:
- OE.ADMIN: 3
- OE.CONN: 3
- OE.FLOW: 2
- OE.MGMT: 3
- OE.PHY: 2
- OE.TIMEBACK: 2
- OE.USER: 3
- T:
- T.ACCESSLOG: 2
- T.AUDIT: 2
- T.CONFIG: 2
- T.EXPLOIT: 2
- T.NOAUTH: 2
- T.REMOTE: 2
- T.SPOOF: 2
|
| pdf_data/st_keywords/vendor |
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
|
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
|
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
|
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
- OutOfScope:
- Out of Scope: 1
- issuer certificate validity, certificate status, and the certificate owner Mobile audio pass (Out of Scope) TOE will generate challenge and PKI certificate will be used to sign the challenge. The signature: 1
- out of scope: 5
- procedure. Table 21: Authentication Components Authentication Method of authentication PKI token (out of scope) The user prompted to select the valid certificate from the list, and then TOE will verify the: 1
- serial number / fingerprint that stored in the DB. Hardware CR OTP (out of scope) User needs to have CR OTP token to use this feature. User will request for a challenge from the: 1
- then be sent back to the TOE by the mobile application and verified for its validity. FIDO (out of scope) User need to plugged in the token then click on the button of the token to submit the validation: 1
- token. This is out of the scope of the evaluation. Also, using SMS to register the device is also out of scope of evaluation. SecureMetric Technology Sdn Bhd 2016 Page 17 of 76 For QR code registration: 1
- which will then be used by the user to generate the OTP. Hardware OTP (out of scope) User needs to have OTP token to use this feature. User will generate an OTP from the OTP token and: 1
|
|
| pdf_data/st_metadata |
- /Author: Rajiv;Biau
- /CreationDate: D:20170523024954+00'00'
- /Creator: Microsoft Word
- /Keywords: ST
- /ModDate: D:20170720134505+08'00'
- /Title: Centagat Security Target
- pdf_file_size_bytes: 1592329
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 76
|
- /CreationDate: D:20131018102426+08'00'
- /Producer: doPDF Ver 7.3 Build 387 (Windows 7 Enterprise Edition (SP 1) - Version: 6.1.7601 (x86))
- pdf_file_size_bytes: 275746
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 45
|
| state/cert/convert_garbage |
None |
None |
| state/cert/convert_ok |
False |
False |
| state/cert/download_ok |
False |
False |
| state/cert/extract_ok |
False |
False |
| state/cert/pdf_hash |
Equal |
Equal |
| state/cert/txt_hash |
Equal |
Equal |
| state/report/convert_garbage |
None |
None |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
None |
None |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |