sec-certs.org

	SDoT Security Gateway, Version 6.2i BSI-DSZ-CC-1129-2021	Red Hat Enterprise Linux Version 7.1 BSI-DSZ-CC-0999-2016
name	SDoT Security Gateway, Version 6.2i	Red Hat Enterprise Linux Version 7.1
category	Boundary Protection Devices and Systems	Operating Systems
scheme	DE	DE
status	active	archived
not_valid_after	27.09.2026	26.09.2021
not_valid_before	27.09.2021	26.09.2016
cert_link	https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1129c_pdf.pdf
report_link	https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1129a_pdf.pdf	https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0999a_pdf.pdf
st_link	https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1129b_pdf.pdf	https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0999b_pdf.pdf
manufacturer	INFODAS Gesellschaft für Systementwicklung und informationsverarbeitung mbH	Red Hat, Inc.
manufacturer_web	https://www.infodas.de	https://www.redhat.com
security_level	EAL4+, ALC_FLR.2	EAL4+, ALC_FLR.3
dgst	4cd38b96efa2ca6b	8126b64e36fd4969
heuristics/cert_id	BSI-DSZ-CC-1129-2021	BSI-DSZ-CC-0999-2016
heuristics/cert_lab	BSI	BSI
heuristics/cpe_matches	{}	cpe:2.3:o:redhat:enterprise_linux:7.1:::::::, cpe:2.3:o:redhat:linux:7.1:::::::
heuristics/verified_cpe_matches	{}	{}
heuristics/related_cves	{}	CVE-2001-0690, CVE-2003-0247, CVE-2002-0044, CVE-2000-0701, CVE-2002-0045, CVE-2001-0889, CVE-2002-1160, CVE-2001-0787, CVE-2002-0836, CVE-2002-1155, CVE-1999-0297, CVE-2000-0017, CVE-2002-0638, CVE-2001-0886, CVE-2003-0464, CVE-2007-3103, CVE-1999-0037, CVE-2001-0872, CVE-2016-7091, CVE-2015-7833, CVE-2003-0364, CVE-2001-1383, CVE-2002-1232, CVE-1999-0894, CVE-1999-0798, CVE-2003-0434, CVE-2001-0635, CVE-2003-0188, CVE-2001-0977, CVE-2001-1002, CVE-2003-0248, CVE-2001-0859, CVE-2003-0461, CVE-2003-0041, CVE-2003-0354, CVE-2003-0194, CVE-2017-1000253, CVE-1999-1288, CVE-2002-0080, CVE-2000-1207, CVE-2002-0083, CVE-2003-0370
heuristics/direct_transitive_cves	{}	{}
heuristics/indirect_transitive_cves	{}	{}
heuristics/extracted_sars	ASE_TSS.1, ASE_SPD.1, ASE_INT.1, ASE_OBJ.2, ALC_FLR.2, ASE_CCL.1, ASE_ECD.1, ASE_REQ.2	ASE_INT.1, ALC_CMC.4, ASE_ECD.1, APE_ECD.1, ADV_IMP.1, ATE_COV.2, ASE_TSS.1, ALC_TAT.1, ASE_SPD.1, ALC_DEL.1, ALC_LCD.1, ALC_FLR.3, AGD_OPE.1, AVA_VAN.3, AGD_PRE.1, ALC_CMS.4, ATE_FUN.1, APE_REQ.2, ADV_ARC.1, ASE_OBJ.2, APE_CCL.1, ADV_TDS.3, ATE_DPT.1, ASE_REQ.2, ALC_DVS.1, ADV_INT.3, APE_INT.1, APE_SPD.1, ADV_FSP.4, ATE_IND.2, APE_OBJ.2, ASE_CCL.1, ADV_SPM.1
heuristics/extracted_versions	6.2	7.1
heuristics/prev_certificates	{}	{}
heuristics/next_certificates	{}	{}
heuristics/report_references/directly_referenced_by	{}	{}
heuristics/report_references/directly_referencing	{}	BSI-DSZ-CC-0754-2012
heuristics/report_references/indirectly_referenced_by	{}	{}
heuristics/report_references/indirectly_referencing	{}	BSI-DSZ-CC-0754-2012
heuristics/scheme_data	category: Network and Network related Devices and Systems cert_id: BSI-DSZ-CC-1129-2021 certification_date: 27.09.2021 enhanced: applicant: INFODAS Gesellschaft für Systementwicklung und Informationsverarbeitung mbH Rhonestraße 2 50765 Köln assurance_level: EAL4,ALC_FLR.2 cert_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1129c_pdf.pdf?__blob=publicationFile&v=3 certification_date: 27.09.2021 description: The TOE is part of the product SDoT Security Gateway which provides a secure interconnection between two IP networks, which could have different types of security classifications. For a secure exchange of data between these Networks, the SDoT Security Gateway serves as protection to not let confidential data, within a potentially higher classified network (HIGH), unintentionally flow to a lower classified network (LOW), which is not authorized to get hold of confidential information from the higher classified network. SDoT Security Gateway includes the TOE which provides the filtering functionalities to check security labels for the transmission of data between the two differently classified networks and provides mechanisms to validate structured data objects against a rule set. evaluation_facility: atsec information security GmbH expiration_date: 26.09.2026 product: SDoT Security Gateway, Version 6.2i report_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1129a_pdf.pdf?__blob=publicationFile&v=6 target_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1129b_pdf.pdf?__blob=publicationFile&v=4 product: SDoT Security Gateway, Version 6.2i url: https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Netzwerk_und_Kommunikationsprodukte/1129.html vendor: INFODAS Gesellschaft für Systementwicklung und Informationsverarbeitung mbH
heuristics/st_references/directly_referenced_by	{}	OCSI/CERT/SYS/06/2017/RC, 2/PC1/AC223/2024
heuristics/st_references/directly_referencing	{}	{}
heuristics/st_references/indirectly_referenced_by	{}	OCSI/CERT/SYS/06/2017/RC, 2/PC1/AC223/2024
heuristics/st_references/indirectly_referencing	{}	{}
heuristics/protection_profiles	{}	70cdc8b0cf910af7
maintenance_updates
protection_profiles
protection_profile_links	{}	https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0067b_pdf.pdf
pdf_data/cert_filename	1129c_pdf.pdf
pdf_data/cert_frontpage
pdf_data/cert_keywords/cc_cert_id	DE: BSI-DSZ-CC-1129-2021: 1
pdf_data/cert_keywords/cc_protection_profile_id
pdf_data/cert_keywords/cc_security_level	EAL: EAL 2: 1 EAL 4: 1 EAL 4 augmented: 1
pdf_data/cert_keywords/cc_sar	ALC: ALC_FLR: 1 ALC_FLR.2: 1
pdf_data/cert_keywords/cc_sfr
pdf_data/cert_keywords/cc_claims
pdf_data/cert_keywords/vendor
pdf_data/cert_keywords/eval_facility
pdf_data/cert_keywords/symmetric_crypto
pdf_data/cert_keywords/asymmetric_crypto
pdf_data/cert_keywords/pq_crypto
pdf_data/cert_keywords/hash_function
pdf_data/cert_keywords/crypto_scheme
pdf_data/cert_keywords/crypto_protocol
pdf_data/cert_keywords/randomness
pdf_data/cert_keywords/cipher_mode
pdf_data/cert_keywords/ecc_curve
pdf_data/cert_keywords/crypto_engine
pdf_data/cert_keywords/tls_cipher_suite
pdf_data/cert_keywords/crypto_library
pdf_data/cert_keywords/vulnerability
pdf_data/cert_keywords/side_channel_analysis
pdf_data/cert_keywords/technical_report_id
pdf_data/cert_keywords/device_model
pdf_data/cert_keywords/tee_name
pdf_data/cert_keywords/os_name
pdf_data/cert_keywords/cplc_data
pdf_data/cert_keywords/ic_data_group
pdf_data/cert_keywords/standard_id	ISO: ISO/IEC 15408: 2 ISO/IEC 18045: 2
pdf_data/cert_keywords/javacard_version
pdf_data/cert_keywords/javacard_api_const
pdf_data/cert_keywords/javacard_packages
pdf_data/cert_keywords/certification_process
pdf_data/cert_metadata	/Author: Bundesamt für Sicherheit in der Informationstechnik /CreationDate: D:20211004123245+02'00' /Creator: Writer /Keywords: "Common Criteria, Certification, Zertifizierung, Security Gateway, Infodas" /ModDate: D:20211004142015+02'00' /Producer: LibreOffice 6.3 /Subject: Certificate BSI-DSZ-CC-1129-2021 /Title: Certificate pdf_file_size_bytes: 250309 pdf_hyperlinks: {} pdf_is_encrypted: False pdf_number_of_pages: 1
pdf_data/report_filename	1129a_pdf.pdf	0999a_pdf.pdf
pdf_data/report_frontpage	DE: cc_security_level: Common Criteria Part 3 conformant EAL 4 augmented by ALC_FLR.2 cc_version: Product specific Security Target Common Criteria Part 2 extended cert_id: BSI-DSZ-CC-1129-2021 cert_item: SDoT Security Gateway Version 6.2i cert_lab: BSI developer: INFODAS GmbH match_rules: ['(BSI-DSZ-CC-.+?) (?:for\|For) (.+?) from (.)'] ref_protection_profiles: None*	DE: cc_security_level: Common Criteria Part 3 conformant EAL 4 augmented by ALC_FLR.3 cc_version: PP conformant plus product specific extensions Common Criteria Part 2 extended cert_id: BSI-DSZ-CC-0999-2016 cert_item: Red Hat Enterprise Linux Version 7.1 cert_lab: BSI developer: Red Hat match_rules: ['(BSI-DSZ-CC-.+?) (?:for\|For) (.+?) from (.*)'] ref_protection_profiles: Operating System Protection Profile, Version 2.0, 01 June 2010, BSI-CC-PP-0067-2010, OSPP Extended Package – Advanced Management, Version 2.0, 28 May 2010, OSPP Extended Package – Labeled Security, Version 2.0, 28 May 2010
pdf_data/report_keywords/cc_cert_id	DE: BSI-DSZ-CC-1129-2021: 17	DE: BSI-DSZ-CC-0754-2012: 3 BSI-DSZ-CC-0999-2016: 25
pdf_data/report_keywords/cc_protection_profile_id		BSI: BSI-CC-PP-0067-2010: 4
pdf_data/report_keywords/cc_security_level	EAL: EAL 1: 1 EAL 2: 2 EAL 2+: 1 EAL 4: 5 EAL 4 augmented: 3 EAL 5: 1	EAL: EAL 1: 7 EAL 2: 4 EAL 3: 4 EAL 4: 10 EAL 4 augmented: 3 EAL 5: 6 EAL 6: 3 EAL 7: 4 EAL4: 1 ITSEC: ITSEC Evaluation: 1
pdf_data/report_keywords/cc_sar	ALC: ALC_FLR: 3 ALC_FLR.2: 4	ADV: ADV_ARC: 1 ADV_ARC.1: 1 ADV_FSP: 1 ADV_FSP.1: 1 ADV_FSP.2: 1 ADV_FSP.3: 1 ADV_FSP.4: 1 ADV_FSP.5: 1 ADV_FSP.6: 1 ADV_IMP: 1 ADV_IMP.1: 1 ADV_IMP.2: 1 ADV_INT: 1 ADV_INT.1: 1 ADV_INT.2: 1 ADV_INT.3: 1 ADV_SPM: 1 ADV_SPM.1: 1 ADV_TDS: 1 ADV_TDS.1: 1 ADV_TDS.2: 1 ADV_TDS.3: 1 ADV_TDS.4: 1 ADV_TDS.5: 1 ADV_TDS.6: 1 AGD: AGD_OPE: 1 AGD_OPE.1: 1 AGD_PRE: 1 AGD_PRE.1: 1 ALC: ALC_CMC: 1 ALC_CMC.1: 1 ALC_CMC.2: 1 ALC_CMC.3: 1 ALC_CMC.4: 1 ALC_CMC.5: 1 ALC_CMS: 1 ALC_CMS.1: 1 ALC_CMS.2: 1 ALC_CMS.3: 1 ALC_CMS.4: 1 ALC_CMS.5: 1 ALC_DEL: 1 ALC_DEL.1: 1 ALC_DVS: 1 ALC_DVS.1: 1 ALC_DVS.2: 1 ALC_FLR: 3 ALC_FLR.1: 1 ALC_FLR.2: 1 ALC_FLR.3: 5 ALC_LCD.1: 1 ALC_LCD.2: 1 ALC_TAT: 1 ALC_TAT.1: 1 ALC_TAT.2: 1 ALC_TAT.3: 1 APE: APE_CCL.1: 1 APE_ECD.1: 1 APE_INT.1: 1 APE_OBJ.1: 1 APE_OBJ.2: 1 APE_REQ.1: 1 APE_REQ.2: 1 APE_SPD.1: 1 ASE: ASE_CCL: 1 ASE_CCL.1: 1 ASE_ECD: 1 ASE_ECD.1: 1 ASE_INT: 1 ASE_INT.1: 1 ASE_OBJ: 1 ASE_OBJ.1: 1 ASE_OBJ.2: 1 ASE_REQ.1: 1 ASE_REQ.2: 1 ASE_SPD: 1 ASE_SPD.1: 1 ASE_TSS: 1 ASE_TSS.1: 1 ASE_TSS.2: 1 ATE: ATE_COV: 1 ATE_COV.1: 1 ATE_COV.2: 1 ATE_COV.3: 1 ATE_DPT: 1 ATE_DPT.1: 1 ATE_DPT.2: 1 ATE_DPT.3: 1 ATE_DPT.4: 1 ATE_FUN: 1 ATE_FUN.1: 1 ATE_FUN.2: 1 ATE_IND: 1 ATE_IND.1: 1 ATE_IND.2: 1 ATE_IND.3: 1 AVA: AVA_VAN: 3 AVA_VAN.1: 1 AVA_VAN.2: 1 AVA_VAN.3: 1 AVA_VAN.4: 1 AVA_VAN.5: 1
pdf_data/report_keywords/cc_sfr	FTP: FTP_TRP.1: 1	FCS: FCS_CKM.1: 1 FCS_RNG.1: 3 FIA: FIA_SOS.1: 1 FTP: FTP_ITC.1: 3
pdf_data/report_keywords/cc_claims	OE: OE.ACCESS: 1 OE.AUDIT_ENFORCE: 1 OE.BOOT: 1 OE.DEDICATED_ADMIN_NET: 1 OE.DIFF_NET: 1 OE.HIGH_AVAILABILITY: 1 OE.HIGH_PROTECTION: 1 OE.HSM: 1 OE.NTP_SERVER: 1 OE.PKI: 1 OE.ROLE_SEPARATION: 1 OE.TRUSTW_ONLY: 1 OE.TRUSTW_STAFF: 1 OE.USER_IDENT: 1
pdf_data/report_keywords/vendor
pdf_data/report_keywords/eval_facility	atsec: atsec: 3	atsec: atsec: 3
pdf_data/report_keywords/symmetric_crypto	AES_competition: AES: AES: 8 AES-: 1 constructions: MAC: HMAC: 5 HMAC-SHA-384: 1	AES_competition: AES: AES: 15 DES: 3DES: 3DES: 2 TDES: 3 Triple-DES: 1 constructions: MAC: HMAC: 24
pdf_data/report_keywords/asymmetric_crypto	ECC: ECDSA: ECDSA: 5 FF: DSA: DSA: 1	ECC: ECC: ECC: 6 ECDH: ECDH: 1 ECDHE: 1 ECDSA: ECDSA: 21 FF: DH: DH: 13 DHE: 1 DSA: DSA: 21
pdf_data/report_keywords/pq_crypto
pdf_data/report_keywords/hash_function	SHA: SHA2: SHA-2: 5 SHA-256: 2 SHA-384: 3 SHA-512: 2	MD: MD5: MD5: 4 PBKDF: PBKDF2: 2 SHA: SHA1: SHA-1: 24 SHA2: SHA-2: 3 SHA-256: 27 SHA-384: 19 SHA-512: 15 SHA256: 1 SHA384: 1
pdf_data/report_keywords/crypto_scheme	KA: Key agreement: 1	KA: Key agreement: 6 MAC: MAC: 4
pdf_data/report_keywords/crypto_protocol	TLS: TLS: TLS: 7 TLS1.2: 1 TLSv1.2: 2	IKE: IKE: 19 IKEv1: 7 IKEv2: 9 IPsec: IPsec: 12 PGP: PGP: 1 SSH: SSH: 13 SSHv2: 2 TLS: TLS: TLS: 7 TLS 1.1: 1 TLS v1.0: 2 TLS v1.1: 1 TLSv1.1: 4 TLSv1.2: 8
pdf_data/report_keywords/randomness		RNG: RNG: 1
pdf_data/report_keywords/cipher_mode	GCM: GCM: 7	CBC: CBC: 15 CTR: CTR: 3 GCM: GCM: 3 XTS: XTS: 2
pdf_data/report_keywords/ecc_curve	Brainpool: brainpoolP256r1: 3 brainpoolP384r1: 1 brainpoolP512r1: 3 NIST: secp256r1: 3 secp384r1: 1	NIST: NIST P-256: 12 NIST P-384: 2 NIST P-521: 3 P-256: 20 P-384: 30 P-521: 29
pdf_data/report_keywords/crypto_engine
pdf_data/report_keywords/tls_cipher_suite
pdf_data/report_keywords/crypto_library		NSS: NSS: 4 OpenSSL: OpenSSL: 1
pdf_data/report_keywords/vulnerability		CVE: CVE-2015-5157: 1
pdf_data/report_keywords/side_channel_analysis	other: JIL: 1
pdf_data/report_keywords/technical_report_id	BSI: BSI 7148: 1 BSI TR-02102: 1	BSI: BSI 7148: 1 BSI TR-02102: 1
pdf_data/report_keywords/device_model
pdf_data/report_keywords/tee_name
pdf_data/report_keywords/os_name
pdf_data/report_keywords/cplc_data
pdf_data/report_keywords/ic_data_group
pdf_data/report_keywords/standard_id	BSI: AIS 1: 1 AIS 14: 1 AIS 19: 1 AIS 23: 1 AIS 32: 1 AIS 35: 2 FIPS: FIPS180-4: 8 FIPS186-4: 5 FIPS197: 3 ISO: ISO/IEC 15408: 4 ISO/IEC 17065: 2 ISO/IEC 18045: 4 RFC: RFC2104: 3 RFC3447: 2 RFC5246: 3 RFC5288: 2 RFC5758: 2 RFC6234: 3 X509: X.509: 2 x.509: 1	BSI: AIS 20: 2 AIS 32: 1 AIS 38: 1 FIPS: FIPS 186-4: 3 FIPS180-4: 36 FIPS186-4: 30 FIPS197: 5 FIPS198-1: 6 ISO: ISO/IEC 15408: 4 ISO/IEC 17065: 2 ISO/IEC 18045: 4 NIST: SP 800-38A: 3 SP 800-67: 2 PKCS: PKCS#1: 10 RFC: RFC 4253: 1 RFC 5996: 1 RFC1321: 1 RFC2104: 3 RFC2246: 1 RFC2404: 2 RFC2409: 9 RFC2451: 1 RFC2898: 1 RFC3447: 15 RFC3526: 3 RFC3602: 1 RFC3686: 1 RFC4251: 3 RFC4252: 4 RFC4253: 12 RFC4303: 1 RFC4307: 4 RFC4344: 1 RFC4346: 5 RFC4419: 1 RFC4492: 3 RFC4595: 1 RFC4868: 1 RFC5114: 2 RFC5228: 1 RFC5246: 8 RFC5647: 1 RFC5656: 2 RFC5903: 2 RFC5930: 1 RFC5996: 6 RFC6151: 1 RFC6668: 3 RFC7427: 1
pdf_data/report_keywords/javacard_version
pdf_data/report_keywords/javacard_api_const
pdf_data/report_keywords/javacard_packages
pdf_data/report_keywords/certification_process	ConfidentialDocument: BSI-DSZ-CC-1129-2021, Version 2, 06.07.2021, SDoT Security Gateway Security Target, INFODAS GmbH (confidential document) [7] Evaluation Technical Report, Version 4, 20.09.2021, Final Evaluation Technical Report, atsec: 1 being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification: 1 sanitised public document) [9] Configuration list for the TOE, 19.07.2021, Main Configuration List (confidential document) [10] SDoT Security Gateway - Produktinformation - Anforderungen an den sicheren Betrieb Product: 1	ConfidentialDocument: 7] Evaluation Technical Report, Version: 3, Date: 2016-06-30, atsec information security GmbH (confidential document) [8] Operating System Protection Profile, Version 2.0, 01 June 2010, BSI-CC-PP-0067-2010, OSPP: 1 being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification: 1 list for the TOE: CI list for source, Date 2016-05-13, File name rhel-71-brew-logs.tar.bz2 (confidential document) [10] EAL4 Evaluated Configuration Guide for Red Hat Enterprise Linux 7.1, Version 0.25, Date: 1
pdf_data/report_metadata	/Author: INFODAS GmbH /CreationDate: D:20211004123112+02'00' /Creator: Writer /Keywords: Common Criteria, Certification, Zertifizierung, Security Gateway, Infodas /ModDate: D:20211007093339+02'00' /Producer: LibreOffice 6.3 /Subject: Certification Report BSI-DSZ-CC-1129-2021 /Title: Certification Report pdf_file_size_bytes: 789261 pdf_hyperlinks: http://www.commoncriteriaportal.org/cc/, https://www.sogis.eu/, https://www.bsi.bund.de/AIS, http://www.commoncriteriaportal.org/, http://www.ietf.org/rfc/rfc6234.txt, https://csrc.nist.gov/publications/detail/fips/197/final, https://www.bsi.bund.de/zertifizierung, https://csrc.nist.gov/publications/detail/sp/800-38d/final, https://www.bsi.bund.de/zertifizierungsreporte, https://www.bsi.bund.de/ pdf_is_encrypted: False pdf_number_of_pages: 28	/Author: Bundesamt für Sicherheit in der Informationstechnik /CreationDate: D:20161014092452+02'00' /Creator: Writer /Keywords: "Common Criteria, Certification, Zertifizierung, Operating System Protection Profile, OSPP, Linux, Red Hat Enterprise Linux 7.1" /ModDate: D:20161020103304+02'00' /Producer: LibreOffice 4.2 /Subject: Certification Report /Title: Certification Report BSI-DSZ-CC-0999-2016 pdf_file_size_bytes: 1107217 pdf_hyperlinks: https://www.bsi.bund.de/AIS, http://www.sogisportal.eu/, http://www.commoncriteriaportal.org/, https://www.bsi.bund.de/zertifizierung, https://www.bsi.bund.de/zertifizierungsreporte, https://www.bsi.bund.de/ pdf_is_encrypted: False pdf_number_of_pages: 50
pdf_data/st_filename	1129b_pdf.pdf	0999b_pdf.pdf
pdf_data/st_frontpage
pdf_data/st_keywords/cc_cert_id	DE: BSI-DSZ-CC-1129: 1	DE: BSI-DSZ-CC-0999: 1
pdf_data/st_keywords/cc_protection_profile_id
pdf_data/st_keywords/cc_security_level	EAL: EAL4: 5 EAL4 augmented: 3 EAL4+: 1	EAL: EAL4: 3 EAL4 augmented: 1
pdf_data/st_keywords/cc_sar	ADV: ADV_ARC: 1 ADV_FSP: 1 ADV_IMP: 1 ADV_TDS: 1 AGD: AGD_OPE: 1 AGD_PRE: 1 ALC: ALC_CMC: 1 ALC_CMS: 1 ALC_DEL: 1 ALC_DVS: 1 ALC_FLR: 1 ALC_FLR.2: 3 ALC_LCD: 1 ALC_TAT: 1 ASE: ASE_CCL: 1 ASE_CCL.1: 2 ASE_ECD: 1 ASE_ECD.1: 2 ASE_INT: 1 ASE_INT.1: 3 ASE_OBJ: 1 ASE_OBJ.2: 2 ASE_REQ: 1 ASE_REQ.2: 2 ASE_SPD: 1 ASE_SPD.1: 2 ASE_TSS: 1 ASE_TSS.1: 2 ATE: ATE_COV: 1 ATE_DPT: 1 ATE_FUN: 1 ATE_IND: 1 AVA: AVA_VAN: 1	ADV: ADV_ARC.1: 1 ADV_FSP.4: 1 ADV_IMP.1: 1 ADV_TDS.3: 1 AGD: AGD_OPE.1: 1 AGD_PRE.1: 1 ALC: ALC_CMC.4: 1 ALC_CMS.4: 1 ALC_DEL.1: 1 ALC_DVS.1: 1 ALC_FLR.3: 5 ALC_LCD.1: 1 ALC_TAT.1: 1 ASE: ASE_CCL.1: 18 ASE_ECD.1: 1 ASE_INT.1: 1 ASE_OBJ.2: 1 ASE_REQ.2: 1 ASE_SPD.1: 1 ASE_TSS.1: 1 ATE: ATE_COV.2: 1 ATE_DPT.1: 1 ATE_FUN.1: 1 ATE_IND.2: 1 AVA: AVA_VAN.3: 1
pdf_data/st_keywords/cc_sfr	FAU: FAU_ARP: 1 FAU_ARP.1: 9 FAU_ARP.1.1: 1 FAU_GEN: 2 FAU_GEN.1: 17 FAU_GEN.1.1: 1 FAU_GEN.1.2: 1 FAU_GEN.2: 8 FAU_GEN.2.1: 1 FAU_SAA: 1 FAU_SAA.1: 9 FAU_SAA.1.1: 1 FAU_SAA.1.2: 1 FAU_SAR: 1 FAU_SAR.1: 9 FAU_SAR.1.1: 1 FAU_SAR.1.2: 1 FAU_SAR.2: 9 FAU_SAR.2.1: 1 FAU_STG: 1 FAU_STG.1: 6 FAU_STG.2: 11 FAU_STG.2.1: 1 FAU_STG.2.2: 1 FAU_STG.2.3: 1 FAU_STG.3: 9 FAU_STG.3.1: 1 FAU_STG.4: 7 FAU_STG.4.1: 1 FCO: FCO_NRO.2: 1 FCS: FCS_CKM: 12 FCS_CKM.1: 15 FCS_CKM.2: 8 FCS_CKM.4: 22 FCS_CKM.4.1: 1 FCS_COP: 47 FCS_COP.1: 7 FDP: FDP_ACC: 39 FDP_ACC.1: 17 FDP_ACF: 40 FDP_ACF.1: 38 FDP_IFC: 38 FDP_IFC.1: 19 FDP_IFF: 53 FDP_IFF.1: 40 FDP_IFF.3: 8 FDP_IFF.3.1: 1 FDP_ITC.1: 14 FDP_ITC.2: 15 FIA: FIA_ATD.1: 1 FIA_UAU: 1 FIA_UAU.1: 1 FIA_UAU.2: 8 FIA_UAU.2.1: 1 FIA_UID: 1 FIA_UID.1: 1 FIA_UID.2: 17 FIA_UID.2.1: 1 FMT: FMT_MSA: 1 FMT_MSA.1: 11 FMT_MSA.1.1: 1 FMT_MSA.3: 22 FMT_MSA.3.1: 1 FMT_MSA.3.2: 1 FMT_MTD: 31 FMT_MTD.1: 7 FMT_MTD.3: 7 FMT_MTD.3.1: 1 FMT_SMF: 2 FMT_SMF.1: 26 FMT_SMF.1.1: 1 FMT_SMR: 1 FMT_SMR.1: 12 FMT_SMR.2: 11 FMT_SMR.2.1: 1 FMT_SMR.2.2: 1 FMT_SMR.2.3: 1 FPT: FPT_INC: 4 FPT_INC.1: 13 FPT_INC.1.1: 2 FPT_INC.1.2: 2 FPT_INC.1.3: 2 FPT_STM: 1 FPT_STM.1: 11 FPT_STM.1.1: 1 FPT_TDC: 1 FPT_TDC.1: 7 FPT_TDC.1.1: 1 FPT_TDC.1.2: 1 FPT_TST: 1 FTP: FTP_TRP: 2 FTP_TRP.1: 8 FTP_TRP.1.1: 1 FTP_TRP.1.2: 1 FTP_TRP.1.3: 1	FAU: FAU_GEN: 3 FAU_GEN.1: 12 FAU_GEN.1.1: 1 FAU_GEN.1.2: 1 FAU_GEN.2: 6 FAU_GEN.2.1: 1 FAU_SAR.1: 9 FAU_SAR.1.1: 1 FAU_SAR.1.2: 1 FAU_SAR.2: 6 FAU_SAR.2.1: 1 FAU_SEL.1: 8 FAU_SEL.1.1: 1 FAU_STG.1: 10 FAU_STG.1.1: 1 FAU_STG.1.2: 1 FAU_STG.3: 7 FAU_STG.3.1: 1 FAU_STG.4: 8 FAU_STG.4.1: 1 FCS: FCS_CKM.1: 60 FCS_CKM.1.1: 4 FCS_CKM.2: 31 FCS_CKM.2.1: 3 FCS_CKM.4: 18 FCS_CKM.4.1: 1 FCS_COP.1: 36 FCS_COP.1.1: 5 FCS_RNG: 2 FCS_RNG.1: 64 FCS_RNG.1.1: 7 FCS_RNG.1.2: 8 FDP: FDP_ACC.1: 47 FDP_ACC.1.1: 3 FDP_ACC.2: 38 FDP_ACC.2.1: 4 FDP_ACC.2.2: 4 FDP_ACF: 1 FDP_ACF.1: 50 FDP_ACF.1.1: 7 FDP_ACF.1.2: 8 FDP_ACF.1.3: 6 FDP_ACF.1.4: 7 FDP_CDP: 5 FDP_CDP.1: 14 FDP_CDP.1.1: 2 FDP_ETC.2: 15 FDP_ETC.2.1: 2 FDP_ETC.2.2: 2 FDP_ETC.2.3: 2 FDP_ETC.2.4: 2 FDP_IFC: 1 FDP_IFC.1: 16 FDP_IFC.2: 21 FDP_IFC.2.1: 2 FDP_IFC.2.2: 2 FDP_IFF.1: 14 FDP_IFF.1.1: 1 FDP_IFF.1.2: 1 FDP_IFF.1.3: 4 FDP_IFF.1.4: 1 FDP_IFF.1.5: 1 FDP_IFF.2: 7 FDP_IFF.2.1: 1 FDP_IFF.2.2: 1 FDP_IFF.2.3: 1 FDP_IFF.2.4: 1 FDP_IFF.2.5: 1 FDP_IFF.2.6: 1 FDP_ITC.1: 14 FDP_ITC.1.1: 1 FDP_ITC.1.2: 1 FDP_ITC.1.3: 1 FDP_ITC.2: 30 FDP_ITC.2.1: 3 FDP_ITC.2.2: 3 FDP_ITC.2.3: 3 FDP_ITC.2.4: 3 FDP_ITC.2.5: 3 FDP_RIP.2: 13 FDP_RIP.2.1: 1 FDP_RIP.3: 13 FDP_RIP.3.1: 1 FDP_TDC.1: 1 FDP_UCT: 1 FIA: FIA_AFL.1: 9 FIA_AFL.1.1: 1 FIA_AFL.1.2: 1 FIA_ATD.1: 22 FIA_ATD.1.1: 2 FIA_SOS.1: 8 FIA_SOS.1.1: 1 FIA_UAU.1: 13 FIA_UAU.1.1: 1 FIA_UAU.1.2: 1 FIA_UAU.5: 11 FIA_UAU.5.1: 1 FIA_UAU.5.2: 1 FIA_UAU.7: 6 FIA_UAU.7.1: 1 FIA_UID.1: 14 FIA_UID.1.1: 1 FIA_UID.1.2: 1 FIA_UID.2: 8 FIA_UID.2.1: 1 FIA_USB.1: 1 FIA_USB.2: 10 FIA_USB.2.1: 1 FIA_USB.2.2: 1 FIA_USB.2.3: 1 FIA_USB.2.4: 1 FMT: FMT_MSA.1: 64 FMT_MSA.1.1: 7 FMT_MSA.3: 64 FMT_MSA.3.1: 9 FMT_MSA.3.2: 9 FMT_MSA.4: 6 FMT_MSA.4.1: 1 FMT_MTD.1: 121 FMT_MTD.1.1: 18 FMT_REV.1: 12 FMT_REV.1.1: 2 FMT_REV.1.2: 2 FMT_SMF.1: 31 FMT_SMF.1.1: 1 FMT_SMF_RMT.1: 3 FMT_SMR.1: 3 FMT_SMR.2: 43 FMT_SMR.2.1: 1 FMT_SMR.2.2: 1 FMT_SMR.2.3: 1 FPT: FPT_FLS.1: 27 FPT_FLS.1.1: 3 FPT_STM.1: 8 FPT_STM.1.1: 1 FPT_TDC.1: 30 FPT_TDC.1.1: 3 FPT_TDC.1.2: 3 FTA: FTA_SSL.1: 7 FTA_SSL.1.1: 1 FTA_SSL.1.2: 1 FTA_SSL.2: 7 FTA_SSL.2.1: 1 FTA_SSL.2.2: 1 FTP: FTP_ITC.1: 15 FTP_ITC.1.1: 1 FTP_ITC.1.2: 1 FTP_ITC.1.3: 1 FTP_TRP.1: 3
pdf_data/st_keywords/cc_claims	A: A.ACCESS: 4 A.AUDIT: 5 A.BOOT: 6 A.DEDICATED_ADMIN: 1 A.DEDICATED_ADMIN_NET: 5 A.DIFF_NET: 5 A.HIGH_AVAILABILITY: 5 A.HIGH_AVAILABILLITY: 1 A.HIGH_PROTECTION: 4 A.HSM: 6 A.LABEL_MAN: 1 A.NTP_SERVER: 5 A.PKI: 5 A.ROLE_SEPARATION: 4 A.TRUSTW_ONLY: 4 A.TRUSTW_STAFF: 5 A.USER_IDENT: 5 OE: OE.ACCESS: 4 OE.AUDIT_ENFORCE: 5 OE.BOOT: 5 OE.DEDICATED_ADMIN_NET: 3 OE.DIFF_NET: 7 OE.HIGH_AVAILABILITY: 5 OE.HIGH_PROTECTION: 8 OE.HSM: 2 OE.LABEL_MAN: 1 OE.NTP_SERVER: 5 OE.PKI: 5 OE.ROLE_SEPARATION: 5 OE.TRUSTW_ONLY: 4 OE.TRUSTW_STAFF: 6 OE.USER_IDENT: 2 OSP: OSP.AUDIT: 5 OSP.CONFIG_AUDIT: 5 OSP.DUAL_CONTROL: 4 OSP.FLOW_CONTROL: 5 OSP.PROTOCOLS: 6 OT: OT.AUDIT: 10 OT.AUDIT_CHANGE_LOG: 8 OT.AUDIT_LOG_AVAILABILITY: 10 OT.AUDIT_PROTECT: 8 OT.BANDWIDTH: 6 OT.DEFAULT: 4 OT.FILTER: 16 OT.FOUR_EYES: 6 OT.INIT: 10 OT.LABELS: 12 OT.PRE_FILTER: 6 OT.PROTECTION: 6 OT.PROTOCOLS: 11 OT.PROTOCOL_DENY: 11 OT.ROLE_SEPARATION: 13 OT.SANITISED_DATA: 9 OT.SECURE_CHANNEL: 8 OT.USER_AUTHENTICATION: 11 OT.WARNING: 10 T: T.AUDIT_ACCESS: 7 T.AUDIT_COLLAPSE: 6 T.AUDIT_CONTROL: 5 T.AUTH: 6 T.INSERT: 6 T.MALICIOUS_CODE: 8 T.MISCONFIG: 6 T.REVEAL_TO_LOW: 15 T.WRONG_LABEL: 6	A: A.AUTHUSER: 3 A.CONNECT: 4 A.DETECT: 3 A.IT: 3 A.KEYS: 3 A.MANAGE: 5 A.PEER: 6 A.PHYSICAL: 4 A.TRAINEDUSER: 3 O: O.AUDITING: 15 O.COMP: 37 O.CP: 19 O.CRYPTO: 19 O.DISCRETIONARY: 11 O.LS: 29 O.MANAGE: 27 O.NETWORK: 12 O.ROLE: 17 O.RUNTIME: 8 O.SUBJECT: 11 O.TRUSTED_CHANNEL: 5 OE: OE.ADMIN: 6 OE.INFO_PROTECT: 9 OE.INSTALL: 4 OE.IT: 4 OE.MAINTENANCE: 3 OE.PHYSICAL: 3 OE.RECOVER: 4 OE.REMOTE: 4 OE.TRUSTED: 4 T: T.ACCESS: 27 T.COMM: 5 T.DATA_NOT_SEPARATED: 3 T.IA: 6 T.RESTRICT: 3 T.ROLE: 6
pdf_data/st_keywords/vendor
pdf_data/st_keywords/eval_facility		atsec: atsec: 158
pdf_data/st_keywords/symmetric_crypto	AES_competition: AES: AES: 2 constructions: MAC: HMAC: 3	AES_competition: AES: AES: 14 AES-256: 2 DES: 3DES: TDES: 3 Triple-DES: 3 constructions: MAC: HMAC: 10
pdf_data/st_keywords/asymmetric_crypto	ECC: ECC: ECC: 1 ECDH: ECDHE: 1 ECDSA: ECDSA: 2	ECC: ECC: ECC: 1 ECDSA: ECDSA: 23 FF: DH: Diffie-Hellman: 22 DSA: DSA: 24
pdf_data/st_keywords/pq_crypto
pdf_data/st_keywords/hash_function	SHA: SHA2: SHA-2: 1 SHA-256: 1 SHA-384: 1	PBKDF: PBKDF2: 3 SHA: SHA1: SHA-1: 11 SHA2: SHA-2: 3 SHA-224: 1 SHA-256: 7 SHA-384: 4 SHA-512: 4
pdf_data/st_keywords/crypto_scheme		KA: Key agreement: 2 KEX: Key Exchange: 4 Key exchange: 1 MAC: MAC: 6
pdf_data/st_keywords/crypto_protocol	TLS: TLS: TLS: 20 TLS 1.2: 2	IKE: IKE: 19 IKEv1: 11 IKEv2: 13 IPsec: IPsec: 7 SSH: SSH: 67 SSHv2: 7 TLS: SSL: SSL: 9 TLS: TLS: 24 TLS 1.1: 2 TLS 1.2: 2 TLS v1.1: 1 TLS v1.2: 1 TLSv1.0: 1 TLSv1.1: 3 TLSv1.2: 1 VPN: VPN: 2
pdf_data/st_keywords/randomness	RNG: RNG: 1	PRNG: DRBG: 5 PRNG: 1 RNG: RNG: 21
pdf_data/st_keywords/cipher_mode	GCM: GCM: 1	CBC: CBC: 9 CTR: CTR: 5 ECB: ECB: 2 GCM: GCM: 1 XTS: XTS: 5
pdf_data/st_keywords/ecc_curve	Brainpool: brainpoolP256r1: 1 brainpoolP384r1: 1 brainpoolP512r1: 1 NIST: secp256r1: 1 secp384r1: 1	NIST: P-256: 1 P-384: 1 P-521: 1 curve P-256: 1 curve P-384: 1 curve P-521: 1
pdf_data/st_keywords/crypto_engine
pdf_data/st_keywords/tls_cipher_suite		TLS: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA: 1 TLS_DHE_DSS_WITH_AES_128_CBC_SHA: 1 TLS_DHE_DSS_WITH_AES_128_CBC_SHA256: 1 TLS_DHE_DSS_WITH_AES_128_GCM_SHA256: 1 TLS_DHE_DSS_WITH_AES_256_CBC_SHA: 1 TLS_DHE_DSS_WITH_AES_256_CBC_SHA256: 1 TLS_DHE_DSS_WITH_AES_256_GCM_SHA384: 1 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: 1 TLS_DHE_RSA_WITH_AES_128_CBC_SHA: 1 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: 1 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: 1 TLS_DHE_RSA_WITH_AES_256_CBC_SHA: 1 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: 1 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: 1 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: 1 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: 1 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: 1 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: 1 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: 1 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: 1 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: 1 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: 1 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: 1 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: 1 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: 1 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: 1 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: 1 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: 1 TLS_RSA_WITH_3DES_EDE_CBC_SHA: 1 TLS_RSA_WITH_AES_128_CBC_SHA: 1 TLS_RSA_WITH_AES_128_CBC_SHA256: 1 TLS_RSA_WITH_AES_128_GCM_SHA256: 1 TLS_RSA_WITH_AES_256_CBC_SHA: 1 TLS_RSA_WITH_AES_256_CBC_SHA256: 1 TLS_RSA_WITH_AES_256_GCM_SHA384: 1
pdf_data/st_keywords/crypto_library		NSS: NSS: 25 OpenSSL: OpenSSL: 7 libgcrypt: libgcrypt: 4
pdf_data/st_keywords/vulnerability
pdf_data/st_keywords/side_channel_analysis	FI: malfunction: 1
pdf_data/st_keywords/technical_report_id		BSI: BSI TR-02102: 1
pdf_data/st_keywords/device_model
pdf_data/st_keywords/tee_name
pdf_data/st_keywords/os_name
pdf_data/st_keywords/cplc_data
pdf_data/st_keywords/ic_data_group
pdf_data/st_keywords/standard_id	BSI: AIS 35: 1 AIS 41: 1 CC: CCMB-2017-04-002: 3 CCMB-2017-04-003: 2 CCMB-2017-04-004: 1 FIPS: FIPS 180-4: 1 FIPS 197: 1 PKCS: PKCS#1: 1 RFC: RFC 2104: 2 RFC 3447: 1 RFC 3986: 1 RFC3986: 1	BSI: AIS 20: 1 AIS 31: 1 FIPS: FIPS 140-2: 22 FIPS 180-4: 1 FIPS 186-4: 1 FIPS 197: 1 FIPS PUB 186-4: 4 FIPS140-2: 1 FIPS180-4: 2 FIPS197: 2 RFC: RFC 2460: 1 RFC 3484: 1 RFC 3542: 1 RFC 4213: 1 RFC 5246: 5 RFC 768: 1 RFC 791: 1 RFC 792: 1 RFC 793: 1 RFC2401: 2 RFC2402: 2 RFC2406: 2 RFC2407: 2 RFC2408: 2 RFC2409: 7 RFC3526: 4 RFC3602: 3 RFC4252: 10 RFC4253: 18 RFC4301: 3 RFC4303: 4 RFC4307: 5 RFC4346: 3 RFC4419: 3 RFC5114: 3 RFC5246: 5 RFC5656: 4 RFC5996: 5 RFC6668: 2 X509: X.509: 1
pdf_data/st_keywords/javacard_version
pdf_data/st_keywords/javacard_api_const
pdf_data/st_keywords/javacard_packages
pdf_data/st_keywords/certification_process		OutOfScope: DAC mechanism but may be supplemented by further restrictions. These additional restrictions are out of scope for this evaluation. Examples Page 136 of 156 Classification: public Version: 0.21 Copyright © 2016: 1 PAT) for simple as well as more complex protocols. This mechanism is out of scope for the evaluation: 1 as Port Address Translation (PAT) for simple as well as more complex protocols. This mechanism is out of scope for the evaluation. Furthermore, packet mangling support is provided with IPTables which is also: 1 out of scope: 3
pdf_data/st_metadata	/Author: INFODAS GmbH /CreationDate: D:20210906121952+02'00' /Creator: Microsoft® Word für Microsoft 365 /ModDate: D:20210906121952+02'00' /Producer: Microsoft® Word für Microsoft 365 /Subject: Security Target /Title: Security Target Lite pdf_file_size_bytes: 1989754 pdf_hyperlinks: http://www.w3.org/TR/xmldsig-core1/, http://www.w3.org/TR/xml/, http://www.xmlspif.org/ pdf_is_encrypted: False pdf_number_of_pages: 105	/Author: Stephan Mueller (generated by CCTool version 2.8.1.5) /CreationDate: D:20160817065518Z /Creator: Unknown /Keywords: Security Target, Common Criteria, Linux Distribution, Embedded Linux /ModDate: D:20160817065518Z /Producer: XEP 4.18 build 20100322 /Subject: Red Hat Enterprise Linux /Title: Red Hat Enterprise Linux, Version 7.1 (version 0.21 as of 2016-06-09) /Trapped: /False /application: CCTool version x.y pdf_file_size_bytes: 1487091 pdf_hyperlinks: http://tools.ietf.org/html/rfc2409, http://tools.ietf.org/html/rfc5114, http://tools.ietf.org/html/rfc5656, http://tools.ietf.org/html/rfc3526, http://www.ietf.org/rfc/rfc4307.txt, http://tools.ietf.org/html/rfc4301, http://tools.ietf.org/html/rfc3602, http://www.commoncriteriaportal.org/files/ccfiles/CCPART2V3.1R4.pdf, http://tools.ietf.org/html/rfc4252, http://tools.ietf.org/html/rfc2402, http://tools.ietf.org/html/rfc4253, http://www.commoncriteriaportal.org/files/ccfiles/CCPART3V3.1R4.pdf, http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf, http://www.commoncriteriaportal.org/files/ccfiles/CCPART1V3.1R4.pdf, http://tools.ietf.org/html/rfc5246, http://tools.ietf.org/html/rfc5996, http://tools.ietf.org/html/rfc4303, http://tools.ietf.org/html/rfc2406, http://tools.ietf.org/html/rfc4419, http://tools.ietf.org/html/rfc2407, http://tools.ietf.org/html/rfc2401, http://tools.ietf.org/html/rfc6668, http://tools.ietf.org/html/rfc4346, http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf, http://tools.ietf.org/html/rfc2408 pdf_is_encrypted: False pdf_number_of_pages: 156
state/cert/convert_garbage	False	False
state/cert/convert_ok	True	False
state/cert/download_ok	True	False
state/cert/extract_ok	True	False
state/cert/pdf_hash	Different	Different
state/cert/txt_hash	Different	Different
state/report/convert_garbage	False	False
state/report/convert_ok	True	True
state/report/download_ok	True	True
state/report/extract_ok	True	True
state/report/pdf_hash	Different	Different
state/report/txt_hash	Different	Different
state/st/convert_garbage	False	False
state/st/convert_ok	True	True
state/st/download_ok	True	True
state/st/extract_ok	True	True
state/st/pdf_hash	Different	Different
state/st/txt_hash	Different	Different

name

SDoT Security Gateway, Version 6.2i

Red Hat Enterprise Linux Version 7.1

category

Boundary Protection Devices and Systems

Operating Systems

status

active

archived

not_valid_after

27.09.2026

26.09.2021

not_valid_before

27.09.2021

26.09.2016

cert_link

https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1129c_pdf.pdf

report_link

https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1129a_pdf.pdf

https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0999a_pdf.pdf

st_link

https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1129b_pdf.pdf

https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0999b_pdf.pdf

manufacturer

INFODAS Gesellschaft für Systementwicklung und informationsverarbeitung mbH

Red Hat, Inc.

manufacturer_web

https://www.infodas.de

https://www.redhat.com

security_level

EAL4+, ALC_FLR.2

EAL4+, ALC_FLR.3

dgst

4cd38b96efa2ca6b

8126b64e36fd4969

heuristics/cert_id

BSI-DSZ-CC-1129-2021

BSI-DSZ-CC-0999-2016

heuristics/cpe_matches

{}

cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*, cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*

heuristics/related_cves

{}

CVE-2001-0690, CVE-2003-0247, CVE-2002-0044, CVE-2000-0701, CVE-2002-0045, CVE-2001-0889, CVE-2002-1160, CVE-2001-0787, CVE-2002-0836, CVE-2002-1155, CVE-1999-0297, CVE-2000-0017, CVE-2002-0638, CVE-2001-0886, CVE-2003-0464, CVE-2007-3103, CVE-1999-0037, CVE-2001-0872, CVE-2016-7091, CVE-2015-7833, CVE-2003-0364, CVE-2001-1383, CVE-2002-1232, CVE-1999-0894, CVE-1999-0798, CVE-2003-0434, CVE-2001-0635, CVE-2003-0188, CVE-2001-0977, CVE-2001-1002, CVE-2003-0248, CVE-2001-0859, CVE-2003-0461, CVE-2003-0041, CVE-2003-0354, CVE-2003-0194, CVE-2017-1000253, CVE-1999-1288, CVE-2002-0080, CVE-2000-1207, CVE-2002-0083, CVE-2003-0370

heuristics/extracted_sars

ASE_TSS.1, ASE_SPD.1, ASE_INT.1, ASE_OBJ.2, ALC_FLR.2, ASE_CCL.1, ASE_ECD.1, ASE_REQ.2

ASE_INT.1, ALC_CMC.4, ASE_ECD.1, APE_ECD.1, ADV_IMP.1, ATE_COV.2, ASE_TSS.1, ALC_TAT.1, ASE_SPD.1, ALC_DEL.1, ALC_LCD.1, ALC_FLR.3, AGD_OPE.1, AVA_VAN.3, AGD_PRE.1, ALC_CMS.4, ATE_FUN.1, APE_REQ.2, ADV_ARC.1, ASE_OBJ.2, APE_CCL.1, ADV_TDS.3, ATE_DPT.1, ASE_REQ.2, ALC_DVS.1, ADV_INT.3, APE_INT.1, APE_SPD.1, ADV_FSP.4, ATE_IND.2, APE_OBJ.2, ASE_CCL.1, ADV_SPM.1

heuristics/extracted_versions

6.2

7.1

heuristics/report_references/directly_referencing

{}

BSI-DSZ-CC-0754-2012

heuristics/report_references/indirectly_referencing

{}

BSI-DSZ-CC-0754-2012

heuristics/scheme_data

category: Network and Network related Devices and Systems
cert_id: BSI-DSZ-CC-1129-2021
certification_date: 27.09.2021
enhanced:
- applicant: INFODAS Gesellschaft für Systementwicklung und Informationsverarbeitung mbH Rhonestraße 2 50765 Köln
- assurance_level: EAL4,ALC_FLR.2
- cert_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1129c_pdf.pdf?__blob=publicationFile&v=3
- certification_date: 27.09.2021
- description: The TOE is part of the product SDoT Security Gateway which provides a secure interconnection between two IP networks, which could have different types of security classifications. For a secure exchange of data between these Networks, the SDoT Security Gateway serves as protection to not let confidential data, within a potentially higher classified network (HIGH), unintentionally flow to a lower classified network (LOW), which is not authorized to get hold of confidential information from the higher classified network. SDoT Security Gateway includes the TOE which provides the filtering functionalities to check security labels for the transmission of data between the two differently classified networks and provides mechanisms to validate structured data objects against a rule set.
- evaluation_facility: atsec information security GmbH
- expiration_date: 26.09.2026
- product: SDoT Security Gateway, Version 6.2i
- report_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1129a_pdf.pdf?__blob=publicationFile&v=6
- target_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1129b_pdf.pdf?__blob=publicationFile&v=4
product: SDoT Security Gateway, Version 6.2i
url: https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Netzwerk_und_Kommunikationsprodukte/1129.html
vendor: INFODAS Gesellschaft für Systementwicklung und Informationsverarbeitung mbH

heuristics/st_references/directly_referenced_by

{}

OCSI/CERT/SYS/06/2017/RC, 2/PC1/AC223/2024

heuristics/st_references/indirectly_referenced_by

{}

OCSI/CERT/SYS/06/2017/RC, 2/PC1/AC223/2024

heuristics/protection_profiles

{}

70cdc8b0cf910af7

protection_profile_links

{}

https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0067b_pdf.pdf

pdf_data/cert_filename

1129c_pdf.pdf

pdf_data/cert_keywords/cc_cert_id

DE:
- BSI-DSZ-CC-1129-2021: 1

pdf_data/cert_keywords/cc_protection_profile_id

pdf_data/cert_keywords/cc_security_level

EAL:
- EAL 2: 1
- EAL 4: 1
- EAL 4 augmented: 1

pdf_data/cert_keywords/cc_sar

ALC:
- ALC_FLR: 1
- ALC_FLR.2: 1

pdf_data/cert_keywords/cc_sfr

pdf_data/cert_keywords/cc_claims

pdf_data/cert_keywords/vendor

pdf_data/cert_keywords/eval_facility

pdf_data/cert_keywords/symmetric_crypto

pdf_data/cert_keywords/asymmetric_crypto

pdf_data/cert_keywords/pq_crypto

pdf_data/cert_keywords/hash_function

pdf_data/cert_keywords/crypto_scheme

pdf_data/cert_keywords/crypto_protocol

pdf_data/cert_keywords/randomness

pdf_data/cert_keywords/cipher_mode

pdf_data/cert_keywords/ecc_curve

pdf_data/cert_keywords/crypto_engine

pdf_data/cert_keywords/tls_cipher_suite

pdf_data/cert_keywords/crypto_library

pdf_data/cert_keywords/vulnerability

pdf_data/cert_keywords/side_channel_analysis

pdf_data/cert_keywords/technical_report_id

pdf_data/cert_keywords/device_model

pdf_data/cert_keywords/tee_name

pdf_data/cert_keywords/os_name

pdf_data/cert_keywords/cplc_data

pdf_data/cert_keywords/ic_data_group

pdf_data/cert_keywords/standard_id

ISO:
- ISO/IEC 15408: 2
- ISO/IEC 18045: 2

pdf_data/cert_keywords/javacard_version

pdf_data/cert_keywords/javacard_api_const

pdf_data/cert_keywords/javacard_packages

pdf_data/cert_keywords/certification_process

pdf_data/cert_metadata

/Author: Bundesamt für Sicherheit in der Informationstechnik
/CreationDate: D:20211004123245+02'00'
/Creator: Writer
/Keywords: "Common Criteria, Certification, Zertifizierung, Security Gateway, Infodas"
/ModDate: D:20211004142015+02'00'
/Producer: LibreOffice 6.3
/Subject: Certificate BSI-DSZ-CC-1129-2021
/Title: Certificate
pdf_file_size_bytes: 250309
pdf_hyperlinks: {}
pdf_is_encrypted: False
pdf_number_of_pages: 1

pdf_data/report_filename

1129a_pdf.pdf

0999a_pdf.pdf

pdf_data/report_frontpage

DE:
- cc_security_level: Common Criteria Part 3 conformant EAL 4 augmented by ALC_FLR.2
- cc_version: Product specific Security Target Common Criteria Part 2 extended
- cert_id: BSI-DSZ-CC-1129-2021
- cert_item: SDoT Security Gateway Version 6.2i
- cert_lab: BSI
- developer: INFODAS GmbH
- match_rules: ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)']
- ref_protection_profiles: None

DE:
- cc_security_level: Common Criteria Part 3 conformant EAL 4 augmented by ALC_FLR.3
- cc_version: PP conformant plus product specific extensions Common Criteria Part 2 extended
- cert_id: BSI-DSZ-CC-0999-2016
- cert_item: Red Hat Enterprise Linux Version 7.1
- cert_lab: BSI
- developer: Red Hat
- match_rules: ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)']
- ref_protection_profiles: Operating System Protection Profile, Version 2.0, 01 June 2010, BSI-CC-PP-0067-2010, OSPP Extended Package – Advanced Management, Version 2.0, 28 May 2010, OSPP Extended Package – Labeled Security, Version 2.0, 28 May 2010

pdf_data/report_keywords/cc_cert_id

DE:
- BSI-DSZ-CC-1129-2021: 17

DE:
- BSI-DSZ-CC-0754-2012: 3
- BSI-DSZ-CC-0999-2016: 25

pdf_data/report_keywords/cc_protection_profile_id

BSI:
- BSI-CC-PP-0067-2010: 4

pdf_data/report_keywords/cc_security_level

EAL:
- EAL 1: 1
- EAL 2: 2
- EAL 2+: 1
- EAL 4: 5
- EAL 4 augmented: 3
- EAL 5: 1

EAL:
- EAL 1: 7
- EAL 2: 4
- EAL 3: 4
- EAL 4: 10
- EAL 4 augmented: 3
- EAL 5: 6
- EAL 6: 3
- EAL 7: 4
- EAL4: 1
ITSEC:
- ITSEC Evaluation: 1

pdf_data/report_keywords/cc_sar

ALC:
- ALC_FLR: 3
- ALC_FLR.2: 4

ADV:
- ADV_ARC: 1
- ADV_ARC.1: 1
- ADV_FSP: 1
- ADV_FSP.1: 1
- ADV_FSP.2: 1
- ADV_FSP.3: 1
- ADV_FSP.4: 1
- ADV_FSP.5: 1
- ADV_FSP.6: 1
- ADV_IMP: 1
- ADV_IMP.1: 1
- ADV_IMP.2: 1
- ADV_INT: 1
- ADV_INT.1: 1
- ADV_INT.2: 1
- ADV_INT.3: 1
- ADV_SPM: 1
- ADV_SPM.1: 1
- ADV_TDS: 1
- ADV_TDS.1: 1
- ADV_TDS.2: 1
- ADV_TDS.3: 1
- ADV_TDS.4: 1
- ADV_TDS.5: 1
- ADV_TDS.6: 1
AGD:
- AGD_OPE: 1
- AGD_OPE.1: 1
- AGD_PRE: 1
- AGD_PRE.1: 1
ALC:
- ALC_CMC: 1
- ALC_CMC.1: 1
- ALC_CMC.2: 1
- ALC_CMC.3: 1
- ALC_CMC.4: 1
- ALC_CMC.5: 1
- ALC_CMS: 1
- ALC_CMS.1: 1
- ALC_CMS.2: 1
- ALC_CMS.3: 1
- ALC_CMS.4: 1
- ALC_CMS.5: 1
- ALC_DEL: 1
- ALC_DEL.1: 1
- ALC_DVS: 1
- ALC_DVS.1: 1
- ALC_DVS.2: 1
- ALC_FLR: 3
- ALC_FLR.1: 1
- ALC_FLR.2: 1
- ALC_FLR.3: 5
- ALC_LCD.1: 1
- ALC_LCD.2: 1
- ALC_TAT: 1
- ALC_TAT.1: 1
- ALC_TAT.2: 1
- ALC_TAT.3: 1
APE:
- APE_CCL.1: 1
- APE_ECD.1: 1
- APE_INT.1: 1
- APE_OBJ.1: 1
- APE_OBJ.2: 1
- APE_REQ.1: 1
- APE_REQ.2: 1
- APE_SPD.1: 1
ASE:
- ASE_CCL: 1
- ASE_CCL.1: 1
- ASE_ECD: 1
- ASE_ECD.1: 1
- ASE_INT: 1
- ASE_INT.1: 1
- ASE_OBJ: 1
- ASE_OBJ.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.1: 1
- ASE_REQ.2: 1
- ASE_SPD: 1
- ASE_SPD.1: 1
- ASE_TSS: 1
- ASE_TSS.1: 1
- ASE_TSS.2: 1
ATE:
- ATE_COV: 1
- ATE_COV.1: 1
- ATE_COV.2: 1
- ATE_COV.3: 1
- ATE_DPT: 1
- ATE_DPT.1: 1
- ATE_DPT.2: 1
- ATE_DPT.3: 1
- ATE_DPT.4: 1
- ATE_FUN: 1
- ATE_FUN.1: 1
- ATE_FUN.2: 1
- ATE_IND: 1
- ATE_IND.1: 1
- ATE_IND.2: 1
- ATE_IND.3: 1
AVA:
- AVA_VAN: 3
- AVA_VAN.1: 1
- AVA_VAN.2: 1
- AVA_VAN.3: 1
- AVA_VAN.4: 1
- AVA_VAN.5: 1

pdf_data/report_keywords/cc_sfr

FTP:
- FTP_TRP.1: 1

FCS:
- FCS_CKM.1: 1
- FCS_RNG.1: 3
FIA:
- FIA_SOS.1: 1
FTP:
- FTP_ITC.1: 3

pdf_data/report_keywords/cc_claims

OE:
- OE.ACCESS: 1
- OE.AUDIT_ENFORCE: 1
- OE.BOOT: 1
- OE.DEDICATED_ADMIN_NET: 1
- OE.DIFF_NET: 1
- OE.HIGH_AVAILABILITY: 1
- OE.HIGH_PROTECTION: 1
- OE.HSM: 1
- OE.NTP_SERVER: 1
- OE.PKI: 1
- OE.ROLE_SEPARATION: 1
- OE.TRUSTW_ONLY: 1
- OE.TRUSTW_STAFF: 1
- OE.USER_IDENT: 1

pdf_data/report_keywords/symmetric_crypto

AES_competition:
- AES:
  - AES: 8
  - AES-: 1
constructions:
- MAC:
  - HMAC: 5
  - HMAC-SHA-384: 1

AES_competition:
- AES:
  - AES: 15
DES:
- 3DES:
  - 3DES: 2
  - TDES: 3
  - Triple-DES: 1
constructions:
- MAC:
  - HMAC: 24

pdf_data/report_keywords/asymmetric_crypto

ECC:
- ECDSA:
  - ECDSA: 5
FF:
- DSA:
  - DSA: 1

ECC:
- ECC:
  - ECC: 6
- ECDH:
  - ECDH: 1
  - ECDHE: 1
- ECDSA:
  - ECDSA: 21
FF:
- DH:
  - DH: 13
  - DHE: 1
- DSA:
  - DSA: 21

pdf_data/report_keywords/hash_function

SHA:
- SHA2:
  - SHA-2: 5
  - SHA-256: 2
  - SHA-384: 3
  - SHA-512: 2

MD:
- MD5:
  - MD5: 4
PBKDF:
- PBKDF2: 2
SHA:
- SHA1:
  - SHA-1: 24
- SHA2:
  - SHA-2: 3
  - SHA-256: 27
  - SHA-384: 19
  - SHA-512: 15
  - SHA256: 1
  - SHA384: 1

pdf_data/report_keywords/crypto_scheme

KA:
- Key agreement: 1

KA:
- Key agreement: 6
MAC:
- MAC: 4

pdf_data/report_keywords/crypto_protocol

TLS:
- TLS:
  - TLS: 7
  - TLS1.2: 1
  - TLSv1.2: 2

IKE:
- IKE: 19
- IKEv1: 7
- IKEv2: 9
IPsec:
- IPsec: 12
PGP:
- PGP: 1
SSH:
- SSH: 13
- SSHv2: 2
TLS:
- TLS:
  - TLS: 7
  - TLS 1.1: 1
  - TLS v1.0: 2
  - TLS v1.1: 1
  - TLSv1.1: 4
  - TLSv1.2: 8

pdf_data/report_keywords/randomness

RNG:
- RNG: 1

pdf_data/report_keywords/cipher_mode

GCM:
- GCM: 7

CBC:
- CBC: 15
CTR:
- CTR: 3
GCM:
- GCM: 3
XTS:
- XTS: 2

pdf_data/report_keywords/ecc_curve

Brainpool:
- brainpoolP256r1: 3
- brainpoolP384r1: 1
- brainpoolP512r1: 3
NIST:
- secp256r1: 3
- secp384r1: 1

NIST:
- NIST P-256: 12
- NIST P-384: 2
- NIST P-521: 3
- P-256: 20
- P-384: 30
- P-521: 29

pdf_data/report_keywords/crypto_library

NSS:
- NSS: 4
OpenSSL:
- OpenSSL: 1

pdf_data/report_keywords/vulnerability

CVE:
- CVE-2015-5157: 1

pdf_data/report_keywords/side_channel_analysis

other:
- JIL: 1

pdf_data/report_keywords/standard_id

BSI:
- AIS 1: 1
- AIS 14: 1
- AIS 19: 1
- AIS 23: 1
- AIS 32: 1
- AIS 35: 2
FIPS:
- FIPS180-4: 8
- FIPS186-4: 5
- FIPS197: 3
ISO:
- ISO/IEC 15408: 4
- ISO/IEC 17065: 2
- ISO/IEC 18045: 4
RFC:
- RFC2104: 3
- RFC3447: 2
- RFC5246: 3
- RFC5288: 2
- RFC5758: 2
- RFC6234: 3
X509:
- X.509: 2
- x.509: 1

BSI:
- AIS 20: 2
- AIS 32: 1
- AIS 38: 1
FIPS:
- FIPS 186-4: 3
- FIPS180-4: 36
- FIPS186-4: 30
- FIPS197: 5
- FIPS198-1: 6
ISO:
- ISO/IEC 15408: 4
- ISO/IEC 17065: 2
- ISO/IEC 18045: 4
NIST:
- SP 800-38A: 3
- SP 800-67: 2
PKCS:
- PKCS#1: 10
RFC:
- RFC 4253: 1
- RFC 5996: 1
- RFC1321: 1
- RFC2104: 3
- RFC2246: 1
- RFC2404: 2
- RFC2409: 9
- RFC2451: 1
- RFC2898: 1
- RFC3447: 15
- RFC3526: 3
- RFC3602: 1
- RFC3686: 1
- RFC4251: 3
- RFC4252: 4
- RFC4253: 12
- RFC4303: 1
- RFC4307: 4
- RFC4344: 1
- RFC4346: 5
- RFC4419: 1
- RFC4492: 3
- RFC4595: 1
- RFC4868: 1
- RFC5114: 2
- RFC5228: 1
- RFC5246: 8
- RFC5647: 1
- RFC5656: 2
- RFC5903: 2
- RFC5930: 1
- RFC5996: 6
- RFC6151: 1
- RFC6668: 3
- RFC7427: 1

pdf_data/report_keywords/certification_process

ConfidentialDocument:
- BSI-DSZ-CC-1129-2021, Version 2, 06.07.2021, SDoT Security Gateway Security Target, INFODAS GmbH (confidential document) [7] Evaluation Technical Report, Version 4, 20.09.2021, Final Evaluation Technical Report, atsec: 1
- being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification: 1
- sanitised public document) [9] Configuration list for the TOE, 19.07.2021, Main Configuration List (confidential document) [10] SDoT Security Gateway - Produktinformation - Anforderungen an den sicheren Betrieb Product: 1

ConfidentialDocument:
- 7] Evaluation Technical Report, Version: 3, Date: 2016-06-30, atsec information security GmbH (confidential document) [8] Operating System Protection Profile, Version 2.0, 01 June 2010, BSI-CC-PP-0067-2010, OSPP: 1
- being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification: 1
- list for the TOE: CI list for source, Date 2016-05-13, File name rhel-71-brew-logs.tar.bz2 (confidential document) [10] EAL4 Evaluated Configuration Guide for Red Hat Enterprise Linux 7.1, Version 0.25, Date: 1

pdf_data/report_metadata

/Author: INFODAS GmbH
/CreationDate: D:20211004123112+02'00'
/Creator: Writer
/Keywords: Common Criteria, Certification, Zertifizierung, Security Gateway, Infodas
/ModDate: D:20211007093339+02'00'
/Producer: LibreOffice 6.3
/Subject: Certification Report BSI-DSZ-CC-1129-2021
/Title: Certification Report
pdf_file_size_bytes: 789261
pdf_hyperlinks: http://www.commoncriteriaportal.org/cc/, https://www.sogis.eu/, https://www.bsi.bund.de/AIS, http://www.commoncriteriaportal.org/, http://www.ietf.org/rfc/rfc6234.txt, https://csrc.nist.gov/publications/detail/fips/197/final, https://www.bsi.bund.de/zertifizierung, https://csrc.nist.gov/publications/detail/sp/800-38d/final, https://www.bsi.bund.de/zertifizierungsreporte, https://www.bsi.bund.de/
pdf_is_encrypted: False
pdf_number_of_pages: 28

/Author: Bundesamt für Sicherheit in der Informationstechnik
/CreationDate: D:20161014092452+02'00'
/Creator: Writer
/Keywords: "Common Criteria, Certification, Zertifizierung, Operating System Protection Profile, OSPP, Linux, Red Hat Enterprise Linux 7.1"
/ModDate: D:20161020103304+02'00'
/Producer: LibreOffice 4.2
/Subject: Certification Report
/Title: Certification Report BSI-DSZ-CC-0999-2016
pdf_file_size_bytes: 1107217
pdf_hyperlinks: https://www.bsi.bund.de/AIS, http://www.sogisportal.eu/, http://www.commoncriteriaportal.org/, https://www.bsi.bund.de/zertifizierung, https://www.bsi.bund.de/zertifizierungsreporte, https://www.bsi.bund.de/
pdf_is_encrypted: False
pdf_number_of_pages: 50

pdf_data/st_filename

1129b_pdf.pdf

0999b_pdf.pdf

pdf_data/st_keywords/cc_cert_id

DE:
- BSI-DSZ-CC-1129: 1

DE:
- BSI-DSZ-CC-0999: 1

pdf_data/st_keywords/cc_security_level

EAL:
- EAL4: 5
- EAL4 augmented: 3
- EAL4+: 1

EAL:
- EAL4: 3
- EAL4 augmented: 1

pdf_data/st_keywords/cc_sar

ADV:
- ADV_ARC: 1
- ADV_FSP: 1
- ADV_IMP: 1
- ADV_TDS: 1
AGD:
- AGD_OPE: 1
- AGD_PRE: 1
ALC:
- ALC_CMC: 1
- ALC_CMS: 1
- ALC_DEL: 1
- ALC_DVS: 1
- ALC_FLR: 1
- ALC_FLR.2: 3
- ALC_LCD: 1
- ALC_TAT: 1
ASE:
- ASE_CCL: 1
- ASE_CCL.1: 2
- ASE_ECD: 1
- ASE_ECD.1: 2
- ASE_INT: 1
- ASE_INT.1: 3
- ASE_OBJ: 1
- ASE_OBJ.2: 2
- ASE_REQ: 1
- ASE_REQ.2: 2
- ASE_SPD: 1
- ASE_SPD.1: 2
- ASE_TSS: 1
- ASE_TSS.1: 2
ATE:
- ATE_COV: 1
- ATE_DPT: 1
- ATE_FUN: 1
- ATE_IND: 1
AVA:
- AVA_VAN: 1

ADV:
- ADV_ARC.1: 1
- ADV_FSP.4: 1
- ADV_IMP.1: 1
- ADV_TDS.3: 1
AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
ALC:
- ALC_CMC.4: 1
- ALC_CMS.4: 1
- ALC_DEL.1: 1
- ALC_DVS.1: 1
- ALC_FLR.3: 5
- ALC_LCD.1: 1
- ALC_TAT.1: 1
ASE:
- ASE_CCL.1: 18
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.2: 1
- ASE_SPD.1: 1
- ASE_TSS.1: 1
ATE:
- ATE_COV.2: 1
- ATE_DPT.1: 1
- ATE_FUN.1: 1
- ATE_IND.2: 1
AVA:
- AVA_VAN.3: 1

pdf_data/st_keywords/cc_sfr

FAU:
- FAU_ARP: 1
- FAU_ARP.1: 9
- FAU_ARP.1.1: 1
- FAU_GEN: 2
- FAU_GEN.1: 17
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FAU_GEN.2: 8
- FAU_GEN.2.1: 1
- FAU_SAA: 1
- FAU_SAA.1: 9
- FAU_SAA.1.1: 1
- FAU_SAA.1.2: 1
- FAU_SAR: 1
- FAU_SAR.1: 9
- FAU_SAR.1.1: 1
- FAU_SAR.1.2: 1
- FAU_SAR.2: 9
- FAU_SAR.2.1: 1
- FAU_STG: 1
- FAU_STG.1: 6
- FAU_STG.2: 11
- FAU_STG.2.1: 1
- FAU_STG.2.2: 1
- FAU_STG.2.3: 1
- FAU_STG.3: 9
- FAU_STG.3.1: 1
- FAU_STG.4: 7
- FAU_STG.4.1: 1
FCO:
- FCO_NRO.2: 1
FCS:
- FCS_CKM: 12
- FCS_CKM.1: 15
- FCS_CKM.2: 8
- FCS_CKM.4: 22
- FCS_CKM.4.1: 1
- FCS_COP: 47
- FCS_COP.1: 7
FDP:
- FDP_ACC: 39
- FDP_ACC.1: 17
- FDP_ACF: 40
- FDP_ACF.1: 38
- FDP_IFC: 38
- FDP_IFC.1: 19
- FDP_IFF: 53
- FDP_IFF.1: 40
- FDP_IFF.3: 8
- FDP_IFF.3.1: 1
- FDP_ITC.1: 14
- FDP_ITC.2: 15
FIA:
- FIA_ATD.1: 1
- FIA_UAU: 1
- FIA_UAU.1: 1
- FIA_UAU.2: 8
- FIA_UAU.2.1: 1
- FIA_UID: 1
- FIA_UID.1: 1
- FIA_UID.2: 17
- FIA_UID.2.1: 1
FMT:
- FMT_MSA: 1
- FMT_MSA.1: 11
- FMT_MSA.1.1: 1
- FMT_MSA.3: 22
- FMT_MSA.3.1: 1
- FMT_MSA.3.2: 1
- FMT_MTD: 31
- FMT_MTD.1: 7
- FMT_MTD.3: 7
- FMT_MTD.3.1: 1
- FMT_SMF: 2
- FMT_SMF.1: 26
- FMT_SMF.1.1: 1
- FMT_SMR: 1
- FMT_SMR.1: 12
- FMT_SMR.2: 11
- FMT_SMR.2.1: 1
- FMT_SMR.2.2: 1
- FMT_SMR.2.3: 1
FPT:
- FPT_INC: 4
- FPT_INC.1: 13
- FPT_INC.1.1: 2
- FPT_INC.1.2: 2
- FPT_INC.1.3: 2
- FPT_STM: 1
- FPT_STM.1: 11
- FPT_STM.1.1: 1
- FPT_TDC: 1
- FPT_TDC.1: 7
- FPT_TDC.1.1: 1
- FPT_TDC.1.2: 1
- FPT_TST: 1
FTP:
- FTP_TRP: 2
- FTP_TRP.1: 8
- FTP_TRP.1.1: 1
- FTP_TRP.1.2: 1
- FTP_TRP.1.3: 1

FAU:
- FAU_GEN: 3
- FAU_GEN.1: 12
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FAU_GEN.2: 6
- FAU_GEN.2.1: 1
- FAU_SAR.1: 9
- FAU_SAR.1.1: 1
- FAU_SAR.1.2: 1
- FAU_SAR.2: 6
- FAU_SAR.2.1: 1
- FAU_SEL.1: 8
- FAU_SEL.1.1: 1
- FAU_STG.1: 10
- FAU_STG.1.1: 1
- FAU_STG.1.2: 1
- FAU_STG.3: 7
- FAU_STG.3.1: 1
- FAU_STG.4: 8
- FAU_STG.4.1: 1
FCS:
- FCS_CKM.1: 60
- FCS_CKM.1.1: 4
- FCS_CKM.2: 31
- FCS_CKM.2.1: 3
- FCS_CKM.4: 18
- FCS_CKM.4.1: 1
- FCS_COP.1: 36
- FCS_COP.1.1: 5
- FCS_RNG: 2
- FCS_RNG.1: 64
- FCS_RNG.1.1: 7
- FCS_RNG.1.2: 8
FDP:
- FDP_ACC.1: 47
- FDP_ACC.1.1: 3
- FDP_ACC.2: 38
- FDP_ACC.2.1: 4
- FDP_ACC.2.2: 4
- FDP_ACF: 1
- FDP_ACF.1: 50
- FDP_ACF.1.1: 7
- FDP_ACF.1.2: 8
- FDP_ACF.1.3: 6
- FDP_ACF.1.4: 7
- FDP_CDP: 5
- FDP_CDP.1: 14
- FDP_CDP.1.1: 2
- FDP_ETC.2: 15
- FDP_ETC.2.1: 2
- FDP_ETC.2.2: 2
- FDP_ETC.2.3: 2
- FDP_ETC.2.4: 2
- FDP_IFC: 1
- FDP_IFC.1: 16
- FDP_IFC.2: 21
- FDP_IFC.2.1: 2
- FDP_IFC.2.2: 2
- FDP_IFF.1: 14
- FDP_IFF.1.1: 1
- FDP_IFF.1.2: 1
- FDP_IFF.1.3: 4
- FDP_IFF.1.4: 1
- FDP_IFF.1.5: 1
- FDP_IFF.2: 7
- FDP_IFF.2.1: 1
- FDP_IFF.2.2: 1
- FDP_IFF.2.3: 1
- FDP_IFF.2.4: 1
- FDP_IFF.2.5: 1
- FDP_IFF.2.6: 1
- FDP_ITC.1: 14
- FDP_ITC.1.1: 1
- FDP_ITC.1.2: 1
- FDP_ITC.1.3: 1
- FDP_ITC.2: 30
- FDP_ITC.2.1: 3
- FDP_ITC.2.2: 3
- FDP_ITC.2.3: 3
- FDP_ITC.2.4: 3
- FDP_ITC.2.5: 3
- FDP_RIP.2: 13
- FDP_RIP.2.1: 1
- FDP_RIP.3: 13
- FDP_RIP.3.1: 1
- FDP_TDC.1: 1
- FDP_UCT: 1
FIA:
- FIA_AFL.1: 9
- FIA_AFL.1.1: 1
- FIA_AFL.1.2: 1
- FIA_ATD.1: 22
- FIA_ATD.1.1: 2
- FIA_SOS.1: 8
- FIA_SOS.1.1: 1
- FIA_UAU.1: 13
- FIA_UAU.1.1: 1
- FIA_UAU.1.2: 1
- FIA_UAU.5: 11
- FIA_UAU.5.1: 1
- FIA_UAU.5.2: 1
- FIA_UAU.7: 6
- FIA_UAU.7.1: 1
- FIA_UID.1: 14
- FIA_UID.1.1: 1
- FIA_UID.1.2: 1
- FIA_UID.2: 8
- FIA_UID.2.1: 1
- FIA_USB.1: 1
- FIA_USB.2: 10
- FIA_USB.2.1: 1
- FIA_USB.2.2: 1
- FIA_USB.2.3: 1
- FIA_USB.2.4: 1
FMT:
- FMT_MSA.1: 64
- FMT_MSA.1.1: 7
- FMT_MSA.3: 64
- FMT_MSA.3.1: 9
- FMT_MSA.3.2: 9
- FMT_MSA.4: 6
- FMT_MSA.4.1: 1
- FMT_MTD.1: 121
- FMT_MTD.1.1: 18
- FMT_REV.1: 12
- FMT_REV.1.1: 2
- FMT_REV.1.2: 2
- FMT_SMF.1: 31
- FMT_SMF.1.1: 1
- FMT_SMF_RMT.1: 3
- FMT_SMR.1: 3
- FMT_SMR.2: 43
- FMT_SMR.2.1: 1
- FMT_SMR.2.2: 1
- FMT_SMR.2.3: 1
FPT:
- FPT_FLS.1: 27
- FPT_FLS.1.1: 3
- FPT_STM.1: 8
- FPT_STM.1.1: 1
- FPT_TDC.1: 30
- FPT_TDC.1.1: 3
- FPT_TDC.1.2: 3
FTA:
- FTA_SSL.1: 7
- FTA_SSL.1.1: 1
- FTA_SSL.1.2: 1
- FTA_SSL.2: 7
- FTA_SSL.2.1: 1
- FTA_SSL.2.2: 1
FTP:
- FTP_ITC.1: 15
- FTP_ITC.1.1: 1
- FTP_ITC.1.2: 1
- FTP_ITC.1.3: 1
- FTP_TRP.1: 3

pdf_data/st_keywords/cc_claims

A:
- A.ACCESS: 4
- A.AUDIT: 5
- A.BOOT: 6
- A.DEDICATED_ADMIN: 1
- A.DEDICATED_ADMIN_NET: 5
- A.DIFF_NET: 5
- A.HIGH_AVAILABILITY: 5
- A.HIGH_AVAILABILLITY: 1
- A.HIGH_PROTECTION: 4
- A.HSM: 6
- A.LABEL_MAN: 1
- A.NTP_SERVER: 5
- A.PKI: 5
- A.ROLE_SEPARATION: 4
- A.TRUSTW_ONLY: 4
- A.TRUSTW_STAFF: 5
- A.USER_IDENT: 5
OE:
- OE.ACCESS: 4
- OE.AUDIT_ENFORCE: 5
- OE.BOOT: 5
- OE.DEDICATED_ADMIN_NET: 3
- OE.DIFF_NET: 7
- OE.HIGH_AVAILABILITY: 5
- OE.HIGH_PROTECTION: 8
- OE.HSM: 2
- OE.LABEL_MAN: 1
- OE.NTP_SERVER: 5
- OE.PKI: 5
- OE.ROLE_SEPARATION: 5
- OE.TRUSTW_ONLY: 4
- OE.TRUSTW_STAFF: 6
- OE.USER_IDENT: 2
OSP:
- OSP.AUDIT: 5
- OSP.CONFIG_AUDIT: 5
- OSP.DUAL_CONTROL: 4
- OSP.FLOW_CONTROL: 5
- OSP.PROTOCOLS: 6
OT:
- OT.AUDIT: 10
- OT.AUDIT_CHANGE_LOG: 8
- OT.AUDIT_LOG_AVAILABILITY: 10
- OT.AUDIT_PROTECT: 8
- OT.BANDWIDTH: 6
- OT.DEFAULT: 4
- OT.FILTER: 16
- OT.FOUR_EYES: 6
- OT.INIT: 10
- OT.LABELS: 12
- OT.PRE_FILTER: 6
- OT.PROTECTION: 6
- OT.PROTOCOLS: 11
- OT.PROTOCOL_DENY: 11
- OT.ROLE_SEPARATION: 13
- OT.SANITISED_DATA: 9
- OT.SECURE_CHANNEL: 8
- OT.USER_AUTHENTICATION: 11
- OT.WARNING: 10
T:
- T.AUDIT_ACCESS: 7
- T.AUDIT_COLLAPSE: 6
- T.AUDIT_CONTROL: 5
- T.AUTH: 6
- T.INSERT: 6
- T.MALICIOUS_CODE: 8
- T.MISCONFIG: 6
- T.REVEAL_TO_LOW: 15
- T.WRONG_LABEL: 6

A:
- A.AUTHUSER: 3
- A.CONNECT: 4
- A.DETECT: 3
- A.IT: 3
- A.KEYS: 3
- A.MANAGE: 5
- A.PEER: 6
- A.PHYSICAL: 4
- A.TRAINEDUSER: 3
O:
- O.AUDITING: 15
- O.COMP: 37
- O.CP: 19
- O.CRYPTO: 19
- O.DISCRETIONARY: 11
- O.LS: 29
- O.MANAGE: 27
- O.NETWORK: 12
- O.ROLE: 17
- O.RUNTIME: 8
- O.SUBJECT: 11
- O.TRUSTED_CHANNEL: 5
OE:
- OE.ADMIN: 6
- OE.INFO_PROTECT: 9
- OE.INSTALL: 4
- OE.IT: 4
- OE.MAINTENANCE: 3
- OE.PHYSICAL: 3
- OE.RECOVER: 4
- OE.REMOTE: 4
- OE.TRUSTED: 4
T:
- T.ACCESS: 27
- T.COMM: 5
- T.DATA_NOT_SEPARATED: 3
- T.IA: 6
- T.RESTRICT: 3
- T.ROLE: 6

pdf_data/st_keywords/eval_facility

atsec:
- atsec: 158

pdf_data/st_keywords/symmetric_crypto

AES_competition:
- AES:
  - AES: 2
constructions:
- MAC:
  - HMAC: 3

AES_competition:
- AES:
  - AES: 14
  - AES-256: 2
DES:
- 3DES:
  - TDES: 3
  - Triple-DES: 3
constructions:
- MAC:
  - HMAC: 10

pdf_data/st_keywords/asymmetric_crypto

ECC:
- ECC:
  - ECC: 1
- ECDH:
  - ECDHE: 1
- ECDSA:
  - ECDSA: 2

ECC:
- ECC:
  - ECC: 1
- ECDSA:
  - ECDSA: 23
FF:
- DH:
  - Diffie-Hellman: 22
- DSA:
  - DSA: 24

pdf_data/st_keywords/hash_function

SHA:
- SHA2:
  - SHA-2: 1
  - SHA-256: 1
  - SHA-384: 1

PBKDF:
- PBKDF2: 3
SHA:
- SHA1:
  - SHA-1: 11
- SHA2:
  - SHA-2: 3
  - SHA-224: 1
  - SHA-256: 7
  - SHA-384: 4
  - SHA-512: 4

pdf_data/st_keywords/crypto_scheme

KA:
- Key agreement: 2
KEX:
- Key Exchange: 4
- Key exchange: 1
MAC:
- MAC: 6

pdf_data/st_keywords/crypto_protocol

TLS:
- TLS:
  - TLS: 20
  - TLS 1.2: 2

IKE:
- IKE: 19
- IKEv1: 11
- IKEv2: 13
IPsec:
- IPsec: 7
SSH:
- SSH: 67
- SSHv2: 7
TLS:
- SSL:
  - SSL: 9
- TLS:
  - TLS: 24
  - TLS 1.1: 2
  - TLS 1.2: 2
  - TLS v1.1: 1
  - TLS v1.2: 1
  - TLSv1.0: 1
  - TLSv1.1: 3
  - TLSv1.2: 1
VPN:
- VPN: 2

pdf_data/st_keywords/randomness

RNG:
- RNG: 1

PRNG:
- DRBG: 5
- PRNG: 1
RNG:
- RNG: 21

pdf_data/st_keywords/cipher_mode

GCM:
- GCM: 1

CBC:
- CBC: 9
CTR:
- CTR: 5
ECB:
- ECB: 2
GCM:
- GCM: 1
XTS:
- XTS: 5

pdf_data/st_keywords/ecc_curve

Brainpool:
- brainpoolP256r1: 1
- brainpoolP384r1: 1
- brainpoolP512r1: 1
NIST:
- secp256r1: 1
- secp384r1: 1

NIST:
- P-256: 1
- P-384: 1
- P-521: 1
- curve P-256: 1
- curve P-384: 1
- curve P-521: 1

pdf_data/st_keywords/tls_cipher_suite

TLS:
- TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA: 1
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA: 1
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA256: 1
- TLS_DHE_DSS_WITH_AES_128_GCM_SHA256: 1
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA: 1
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA256: 1
- TLS_DHE_DSS_WITH_AES_256_GCM_SHA384: 1
- TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: 1
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA: 1
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: 1
- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: 1
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA: 1
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: 1
- TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: 1
- TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: 1
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: 1
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: 1
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: 1
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: 1
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: 1
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: 1
- TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: 1
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: 1
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: 1
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: 1
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: 1
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: 1
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: 1
- TLS_RSA_WITH_3DES_EDE_CBC_SHA: 1
- TLS_RSA_WITH_AES_128_CBC_SHA: 1
- TLS_RSA_WITH_AES_128_CBC_SHA256: 1
- TLS_RSA_WITH_AES_128_GCM_SHA256: 1
- TLS_RSA_WITH_AES_256_CBC_SHA: 1
- TLS_RSA_WITH_AES_256_CBC_SHA256: 1
- TLS_RSA_WITH_AES_256_GCM_SHA384: 1

pdf_data/st_keywords/crypto_library

NSS:
- NSS: 25
OpenSSL:
- OpenSSL: 7
libgcrypt:
- libgcrypt: 4

pdf_data/st_keywords/side_channel_analysis

FI:
- malfunction: 1

pdf_data/st_keywords/technical_report_id

BSI:
- BSI TR-02102: 1

pdf_data/st_keywords/standard_id

BSI:
- AIS 35: 1
- AIS 41: 1
CC:
- CCMB-2017-04-002: 3
- CCMB-2017-04-003: 2
- CCMB-2017-04-004: 1
FIPS:
- FIPS 180-4: 1
- FIPS 197: 1
PKCS:
- PKCS#1: 1
RFC:
- RFC 2104: 2
- RFC 3447: 1
- RFC 3986: 1
- RFC3986: 1

BSI:
- AIS 20: 1
- AIS 31: 1
FIPS:
- FIPS 140-2: 22
- FIPS 180-4: 1
- FIPS 186-4: 1
- FIPS 197: 1
- FIPS PUB 186-4: 4
- FIPS140-2: 1
- FIPS180-4: 2
- FIPS197: 2
RFC:
- RFC 2460: 1
- RFC 3484: 1
- RFC 3542: 1
- RFC 4213: 1
- RFC 5246: 5
- RFC 768: 1
- RFC 791: 1
- RFC 792: 1
- RFC 793: 1
- RFC2401: 2
- RFC2402: 2
- RFC2406: 2
- RFC2407: 2
- RFC2408: 2
- RFC2409: 7
- RFC3526: 4
- RFC3602: 3
- RFC4252: 10
- RFC4253: 18
- RFC4301: 3
- RFC4303: 4
- RFC4307: 5
- RFC4346: 3
- RFC4419: 3
- RFC5114: 3
- RFC5246: 5
- RFC5656: 4
- RFC5996: 5
- RFC6668: 2
X509:
- X.509: 1

pdf_data/st_keywords/certification_process

OutOfScope:
- DAC mechanism but may be supplemented by further restrictions. These additional restrictions are out of scope for this evaluation. Examples Page 136 of 156 Classification: public Version: 0.21 Copyright © 2016: 1
- PAT) for simple as well as more complex protocols. This mechanism is out of scope for the evaluation: 1
- as Port Address Translation (PAT) for simple as well as more complex protocols. This mechanism is out of scope for the evaluation. Furthermore, packet mangling support is provided with IPTables which is also: 1
- out of scope: 3

pdf_data/st_metadata

/Author: INFODAS GmbH
/CreationDate: D:20210906121952+02'00'
/Creator: Microsoft® Word für Microsoft 365
/ModDate: D:20210906121952+02'00'
/Producer: Microsoft® Word für Microsoft 365
/Subject: Security Target
/Title: Security Target Lite
pdf_file_size_bytes: 1989754
pdf_hyperlinks: http://www.w3.org/TR/xmldsig-core1/, http://www.w3.org/TR/xml/, http://www.xmlspif.org/
pdf_is_encrypted: False
pdf_number_of_pages: 105

/Author: Stephan Mueller (generated by CCTool version 2.8.1.5)
/CreationDate: D:20160817065518Z
/Creator: Unknown
/Keywords: Security Target, Common Criteria, Linux Distribution, Embedded Linux
/ModDate: D:20160817065518Z
/Producer: XEP 4.18 build 20100322
/Subject: Red Hat Enterprise Linux
/Title: Red Hat Enterprise Linux, Version 7.1 (version 0.21 as of 2016-06-09)
/Trapped: /False
/application: CCTool version x.y
pdf_file_size_bytes: 1487091
pdf_hyperlinks: http://tools.ietf.org/html/rfc2409, http://tools.ietf.org/html/rfc5114, http://tools.ietf.org/html/rfc5656, http://tools.ietf.org/html/rfc3526, http://www.ietf.org/rfc/rfc4307.txt, http://tools.ietf.org/html/rfc4301, http://tools.ietf.org/html/rfc3602, http://www.commoncriteriaportal.org/files/ccfiles/CCPART2V3.1R4.pdf, http://tools.ietf.org/html/rfc4252, http://tools.ietf.org/html/rfc2402, http://tools.ietf.org/html/rfc4253, http://www.commoncriteriaportal.org/files/ccfiles/CCPART3V3.1R4.pdf, http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf, http://www.commoncriteriaportal.org/files/ccfiles/CCPART1V3.1R4.pdf, http://tools.ietf.org/html/rfc5246, http://tools.ietf.org/html/rfc5996, http://tools.ietf.org/html/rfc4303, http://tools.ietf.org/html/rfc2406, http://tools.ietf.org/html/rfc4419, http://tools.ietf.org/html/rfc2407, http://tools.ietf.org/html/rfc2401, http://tools.ietf.org/html/rfc6668, http://tools.ietf.org/html/rfc4346, http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf, http://tools.ietf.org/html/rfc2408
pdf_is_encrypted: False
pdf_number_of_pages: 156

state/cert/convert_ok

True

False

state/cert/download_ok

True

False

state/cert/extract_ok

True

False

state/cert/pdf_hash

Different

state/cert/txt_hash

Different

state/report/pdf_hash

Different

state/report/txt_hash

Different

state/st/pdf_hash

Different

state/st/txt_hash

Different

Comparing certificates Experimental feature