| name |
HDD SecureD Version 1.6 |
SQL Server 2016 Database Engine Enterprise Edition x64 (English) 13.0.4001.0 (including Service Pack 1) |
| category |
Other Devices and Systems |
Databases |
| scheme |
US |
JP |
| status |
archived |
archived |
| not_valid_after |
06.09.2012 |
15.02.2022 |
| not_valid_before |
18.10.2006 |
15.02.2017 |
| cert_link |
|
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0537_eimg.pdf |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid9504-vr.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0537_erpt.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid9504-st.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0537_est.pdf |
| manufacturer |
High Density Devices, AS |
Microsoft Corporation |
| manufacturer_web |
https://www.hdd.no/ |
https://www.microsoft.com |
| security_level |
AVA_VLA.3, EAL4+ |
EAL2+, ALC_FLR.2 |
| dgst |
489df7e895394c90 |
a43cc3e7f97cf843 |
| heuristics/cert_id |
CCEVS-VR-0047-2006 |
JISEC-CC-CRP-C0537 |
| heuristics/cert_lab |
US |
[] |
| heuristics/cpe_matches |
{} |
cpe:2.3:a:microsoft:sql_server_2016:13.0.4001.0:*:*:*:*:*:*:* |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
CVE-2024-37326, CVE-2024-37321, CVE-2024-37333, CVE-2024-37329, CVE-2024-37318, CVE-2024-37330, CVE-2024-37328, CVE-2024-38088, CVE-2024-35256, CVE-2024-38087, CVE-2024-21449, CVE-2024-37324, CVE-2024-37323, CVE-2024-37322, CVE-2024-37332, CVE-2024-37331, CVE-2024-37320, CVE-2024-37319, CVE-2024-37336, CVE-2024-35272, CVE-2024-37327, CVE-2024-35271 |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
AVA_VLA.3, ATE_DPT.1, ALC_TAT.1, AVA_SOF.1, ATE_IND.2, AVA_MSU.2, ATE_COV.2, ADV_HLD.2, ADV_FSP.2, ADV_IMP.1, ADV_RCR.1, AGD_ADM.1, ALC_DVS.1, ALC_LCD.1, ADV_SPM.1, AGD_USR.1, ADV_LLD.1, ATE_FUN.1 |
ALC_FLR.2 |
| heuristics/extracted_versions |
1.6 |
13.0.4001.0 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
|
- cert_id: JISEC-CC-CRP-C0537
- certification_date: 01.02.2017
- claim: EAL2+ALC_FLR.2 PP
- enhanced:
- assurance_level: EAL2 Augmented with ALC_FLR.2
- cc_version: 3.1 Release4
- cert_link: https://www.ipa.go.jp/en/security/c0537_eimg.pdf
- description: PRODUCT DESCRIPTION Description of TOE The TOE is the database engine of SQL Server 2016. SQL Server is a Database Management System (DBMS). The TOE has been developed as the core module of the DBMS to store and manage data in a secure way. TOE security functionality This TOE provides the following security functionality: - The Access Control function of the TOE controls the access of users to user data and metadata stored in the TOE. - The Session Handling function of the TOE limits the possibilities of users to establish sessions with the TOE. - The Security Audit function of the TOE produces log files about all security relevant events. - The Security Management function allows authorized administrators to manage the behavior of the security functionality of the TOE. - The Identification and Authentication function of the TOE is able to identify and authenticate users. - The Residual Information Protection function of the TOE overwrites the residual information on the memory that will be used for user sessions.
- evaluation_facility: TÜV Informationstechnik GmbH, Evaluation Body for IT-Security
- product: SQL Server 2016 Database Engine Enterprise Edition x64 (English)
- product_type: Database Management System (DBMS)
- protection_profile: Base Protection Profile for Database Management Systems (DBMS PP), Version 2.07
- report_link: https://www.ipa.go.jp/en/security/c0537_erpt.pdf
- target_link: https://www.ipa.go.jp/en/security/c0537_est.pdf
- toe_version: 13.0.4001.0 (including Service Pack 1)
- vendor: Microsoft Corporation
- expiration_date: 01.03.2022
- supplier: Microsoft Corporation
- toe_japan_name: -----
- toe_overseas_link: https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0537_it5563.html
- toe_overseas_name: SQL Server 2016 Database Engine Enterprise Edition x64 (English)13.0.4001.0 (including Service Pack 1)
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
3f6ac99252bbf14e |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
{} |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0088b_pdf.pdf |
| pdf_data/cert_filename |
|
c0537_eimg.pdf |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
- TUV:
- TÜV Informationstechnik: 1
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
- /CreationDate: D:20170316155916+09'00'
- /Creator: Microsoft® Word 2010
- /ModDate: D:20170316160045+09'00'
- /Producer: Microsoft® Word 2010
- pdf_file_size_bytes: 415538
- pdf_hyperlinks: {}
- pdf_is_encrypted: True
- pdf_number_of_pages: 1
|
| pdf_data/report_filename |
st_vid9504-vr.pdf |
c0537_erpt.pdf |
| pdf_data/report_frontpage |
- US:
- cert_id: CCEVS-VR-06-0047
- cert_item: High Density Devices SecureD Version 1.6
- cert_lab: US NIAP
|
|
| pdf_data/report_keywords/cc_cert_id |
|
- JP:
- CRP-C0537-01: 1
- Certification No. C0537: 1
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
- EAL:
- EAL 4: 3
- EAL 4 augmented: 3
|
- EAL:
- EAL2: 4
- EAL2 augmented: 3
- EAL2+: 2
|
| pdf_data/report_keywords/cc_sar |
|
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
|
- A:
- A.AUTHUSER: 1
- A.CONNECT: 1
- A.MANAGE: 1
- A.NO_GENERAL_: 1
- A.PHYSICAL: 1
- A.SUPPORT: 1
- A.TRAINEDUSER: 1
- T:
- T.ACCESS_TSFDATA: 1
- T.ACCESS_TSFFUNC: 1
- T.IA_MASQUERADE: 1
- T.IA_USER: 1
- T.RESIDUAL_DATA: 1
- T.TSF_COMPROMISE: 1
- T.UNAUTHORIZED_: 1
|
| pdf_data/report_keywords/vendor |
|
- Microsoft:
- Microsoft: 5
- Microsoft Corporation: 7
|
| pdf_data/report_keywords/eval_facility |
|
- TUV:
- TÜV Informationstechnik: 4
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
- CC:
- CCIMB-2004-01-001: 1
- CCIMB-2004-01-002: 1
- CCIMB-2004-01-003: 1
- CCIMB-2004-01-004: 1
- FIPS:
|
- CC:
- CCMB-2012-09-001: 2
- CCMB-2012-09-002: 2
- CCMB-2012-09-003: 2
- CCMB-2012-09-004: 2
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
|
|
| pdf_data/report_metadata |
|
- /CreationDate: D:20170316160424+09'00'
- /Creator: Microsoft® Word 2010
- /ModDate: D:20170316160534+09'00'
- /Producer: Microsoft® Word 2010
- pdf_file_size_bytes: 240723
- pdf_hyperlinks: {}
- pdf_is_encrypted: True
- pdf_number_of_pages: 33
|
| pdf_data/st_filename |
st_vid9504-st.pdf |
c0537_est.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
- EAL:
- EAL 4: 2
- EAL4: 10
- EAL4+: 2
|
- EAL:
- EAL 2: 3
- EAL 2 augmented: 1
- EAL2: 1
- EAL2 augmented: 1
- EAL2+: 66
|
| pdf_data/st_keywords/cc_sar |
- ACM:
- ACM_AUT.1: 3
- ACM_CAP.4: 3
- ACM_SCP.2: 3
- ADO:
- ADO_DEL.2: 3
- ADO_IGS.1: 6
- ADV:
- ADV_FSP.2: 3
- ADV_HLD.2: 3
- ADV_IMP.1: 3
- ADV_LLD.1: 3
- ADV_RCR.1: 3
- ADV_SPM.1: 4
- AGD:
- AGD_ADM.1: 6
- AGD_USR.1: 6
- ALC:
- ALC_DVS.1: 3
- ALC_LCD.1: 3
- ALC_TAT.1: 3
- ATE:
- ATE_COV.2: 3
- ATE_DPT.1: 3
- ATE_FUN.1: 3
- ATE_IND.2: 3
- AVA:
- AVA_MSU.2: 7
- AVA_SOF.1: 2
- AVA_VLA.2: 2
- AVA_VLA.3: 11
|
|
| pdf_data/st_keywords/cc_sfr |
- FCS:
- FCS_CKM: 3
- FCS_CKM.1: 13
- FCS_CKM.1.1: 4
- FCS_CKM.4: 12
- FCS_CKM.4.1: 2
- FCS_COP: 2
- FCS_COP.1: 19
- FCS_COP.1.1: 8
- FDP:
- FDP_IFC: 1
- FDP_IFC.1: 13
- FDP_IFC.1.1: 6
- FDP_IFF: 1
- FDP_IFF.1: 14
- FDP_IFF.1.1: 4
- FDP_IFF.1.2: 4
- FDP_IFF.1.3: 4
- FDP_IFF.1.4: 4
- FDP_IFF.1.5: 4
- FDP_IFF.1.6: 4
- FIA:
- FIA_UID: 1
- FIA_UID.1: 9
- FIA_UID.1.1: 3
- FIA_UID.1.2: 3
- FMT:
- FMT_MSA: 3
- FMT_MSA.1: 14
- FMT_MSA.1.1: 6
- FMT_MSA.2: 10
- FMT_MSA.2.1: 2
- FMT_MSA.3: 12
- FMT_MSA.3.1: 4
- FMT_MSA.3.2: 4
- FMT_SMF.1: 12
- FMT_SMF.1.1: 2
- FMT_SMR: 2
- FMT_SMR.1: 10
- FMT_SMR.1.1: 3
- FMT_SMR.1.2: 3
- FPT:
- FPT_RVM: 1
- FPT_RVM.1: 11
- FPT_RVM.1.1: 2
- FPT_SEP: 2
- FPT_SEP.1: 9
- FPT_SEP.1.1: 3
- FPT_SEP.1.2: 3
- FTP:
- FTP_ITC: 1
- FTP_ITC.1: 7
- FTP_ITC.1.1: 2
- FTP_ITC.1.2: 2
- FTP_ITC.1.3: 2
- FTP_TRP.1: 1
|
- FAU:
- FAU_GEN.1: 9
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FAU_GEN.2: 6
- FAU_GEN.2.1: 1
- FAU_SEL.1: 7
- FAU_SEL.1.1: 1
- FDP:
- FDP_ACC.1: 15
- FDP_ACC.1.1: 1
- FDP_ACF.1: 8
- FDP_ACF.1.1: 2
- FDP_ACF.1.2: 1
- FDP_ACF.1.3: 1
- FDP_ACF.1.4: 1
- FDP_IFC.1: 1
- FDP_RIP.1: 6
- FDP_RIP.1.1: 1
- FIA:
- FIA_ATD.1: 15
- FIA_ATD.1.1: 3
- FIA_UAU.1: 7
- FIA_UAU.1.1: 1
- FIA_UAU.1.2: 1
- FIA_UID.1: 14
- FIA_UID.1.1: 1
- FIA_UID.1.2: 1
- FIA_USB.1: 5
- FMT:
- FMT_MOF.1: 6
- FMT_MOF.1.1: 1
- FMT_MSA.1: 7
- FMT_MSA.1.1: 1
- FMT_MSA.3: 8
- FMT_MSA.3.1: 1
- FMT_MSA.3.2: 1
- FMT_MTD.1: 6
- FMT_MTD.1.1: 1
- FMT_REV.1: 12
- FMT_REV.1.1: 2
- FMT_REV.1.2: 2
- FMT_SMF.1: 11
- FMT_SMF.1.1: 1
- FMT_SMR.1: 18
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FPT:
- FPT_ITT.1: 1
- FPT_STM.1: 1
- FPT_TRC.1: 6
- FPT_TRC.1.1: 1
- FPT_TRC.1.2: 1
- FTA:
- FTA_MCS.1: 7
- FTA_MCS.1.1: 1
- FTA_MCS.1.2: 1
- FTA_TAH: 1
- FTA_TSE.1: 6
- FTA_TSE.1.1: 1
|
| pdf_data/st_keywords/cc_claims |
|
- A:
- A.AUTHUSER: 3
- A.CONNECT: 4
- A.MANAGE: 3
- A.NO_GENERAL_PURPOSE: 3
- A.PHYSICAL: 3
- A.SUPPORT: 4
- A.TRAINEDUSER: 3
- O:
- O.ACCESS_HISTORY: 9
- O.ADMIN_ROLE: 8
- O.AUDIT_GENERATI: 1
- O.AUDIT_GENERATION: 6
- O.DISCRETIONARY_: 1
- O.DISCRETIONARY_ACCESS: 5
- O.MANAGE: 11
- O.MEDIATE: 8
- O.RESIDUAL_INFOR: 1
- O.RESIDUAL_INFORMATION: 8
- O.TOE_ACCESS: 18
- OE:
- OE.ADMIN: 12
- OE.INFO_PROTECT: 19
- OE.IT_REMOTE: 10
- OE.IT_TRUSTED_SYSTEM: 9
- OE.NO_GENERAL_: 2
- OE.NO_GENERAL_PURPOSE: 6
- OE.PHYSICAL: 8
- T:
- T.ACCESS_TSFDATA: 3
- T.ACCESS_TSFFUNC: 3
- T.IA_MASQUERADE: 4
- T.IA_USER: 3
- T.RESIDUAL_DATA: 3
- T.TSF_COMPROMISE: 4
- T.UNAUTHORIZED_ACCESS: 4
|
| pdf_data/st_keywords/vendor |
|
- Microsoft:
- Microsoft: 10
- Microsoft Corporation: 3
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
|
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
|
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
- CC:
- CCIMB-2004-01-001: 1
- CCIMB-2004-01-002: 1
- CCIMB-2004-01-003: 1
- CCIMB-2004-01-004: 1
- FIPS:
- FIPS 140-2: 3
- FIPS PUB 140-2: 4
|
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
- OutOfScope:
- or permutational mechanism in the form of the cryptographic operations. However, this is out of scope for a CC evaluation, therefore, HDD did not perform a Strength-of-Function analysis because the: 1
- out of scope: 2
- that are probabilistic or permutational in nature. Evaluation of SOF claims for cryptography is out of scope of the CC, therefore this Security Target can make no explicit claims regarding the SOF of the: 1
|
|
| pdf_data/st_metadata |
- /Author: Tormod Fjellgård
- /CreationDate: D:20061020122409-04'00'
- /Creator: Acrobat PDFMaker 7.0 for Word
- /ModDate: D:20061020122436-04'00'
- /Producer: Acrobat Distiller 7.0 (Windows)
- /Subject: HDD SecureD CC Evaluation
- /Title: SecureD Security Target
- /_AdHocReviewCycleID: 1184451715
- /_AuthorEmail: [email protected]
- /_AuthorEmailDisplayName: Haskell, Franklin
- /_EmailSubject: EAL 4 ST & ETRs for HDD SecureD, VID10085
- pdf_file_size_bytes: 462435
- pdf_hyperlinks: http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf, http://www.ata-atapi.com/, http://www.yourwindow.to/information-security/gl_confidentialityintegrityandavailabili.htm, http://www.informit.com/index.asp, http://csrc.nist.gov/cryptval/140-1/1401val2005.html, http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf, http://cs-www.ncsl.nist.gov/publications/fips/fips140-2/fips1402.pdf, http://cs-www.ncsl.nist.gov/publications/fips/fips197/fips-197.pdf, http://privacy.med.miami.edu/index.htm, http://www.informit.com/articles/article.asp?p=26952&redir=1, http://privacy.med.miami.edu/glossary/xd_confidentiality_integrity_availability.htm, http://csrc.nist.gov/cryptval/aes/aesval.html, http://www.yourwindow.to/information-security/index.htm, http://csrc.nist.gov/cryptval/des/tripledesval.html, http://niap.nist.gov/cc-scheme/cc_docs/cem_v12.pdf, http://niap.nist.gov/cc-scheme/cc_docs/cc_v22_part1.pdf
- pdf_is_encrypted: False
- pdf_number_of_pages: 74
|
|
| state/cert/convert_garbage |
False |
False |
| state/cert/convert_ok |
False |
True |
| state/cert/download_ok |
False |
True |
| state/cert/extract_ok |
False |
True |
| state/cert/pdf_hash |
Different |
Different |
| state/cert/txt_hash |
Different |
Different |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |