| name |
EROAD System |
uCosminexus Application Server 07-00 |
| category |
Other Devices and Systems |
Access Control Devices and Systems |
| scheme |
NO |
JP |
| status |
archived |
archived |
| not_valid_after |
25.06.2020 |
07.10.2013 |
| not_valid_before |
25.06.2015 |
22.03.2007 |
| cert_link |
None |
None |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/20150625_SERTIT-059_CR_v10.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0086_ecvr.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ST_EROAD_v1.3_FINAL.pdf |
|
| manufacturer |
EROAD |
Hitachi, Ltd. |
| manufacturer_web |
https://www.eroad.com/ |
https://www.hitachi.com/ |
| security_level |
EAL2+, ALC_FLR.1 |
EAL2+, ALC_FLR.1 |
| dgst |
69552df11adc055e |
3a2713aa094e7f64 |
| heuristics/cert_id |
SERTIT-059 |
JISEC-CC-CRP-C0086 |
| heuristics/cert_lab |
[] |
[] |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ASE_CCL.1, ATE_FUN.1, ASE_OBJ.2, ALC_CMS.2, ASE_INT.1, ASE_REQ.2, AGD_PRE.1, ATE_IND.2, ASE_ECD.1, AVA_VAN.2, ALC_FLR.1, ADV_TDS.1, ASE_SPD.1, ALC_CMC.2, ADV_FSP.2, ATE_COV.1, AGD_OPE.1, ALC_DEL.1, ASE_TSS.1, ADV_ARC.1 |
ALC_FLR.1 |
| heuristics/extracted_versions |
- |
00, 07 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
- category: Other Devices and Systems
- certification_date: 25.06.2015
- developer: EROAD
- enhanced:
- category: Other Devices and Systems
- cert_id: SERTIT-059
- certification_date: 25.06.2015
- description: EROAD is a fully integrated technology, tolling and services provider. EROAD is the first company in the world to implement a GPS/cellular based road charging platform across an entire country. EROAD's advanced technology provides road charging, compliance and commercial services with the same platform to lower overall client and delivery costs. EROAD's goal is to offer flexible and powerful solutions based on our innovative technology platform to assist in the creation of a transport sector that is responsive to the evolving needs of business, government and the wider community. The core element of EROAD's satellite-based solution is the secure Ehubo unit which reliably and accurately measures distance and location using multiple sensors. Data is transmitted via a secure cellular link to a back office facility that supports a wide range of regulatory and value-added applications, allowing clients to manage their vehicles and assets in the same web browser. The EROAD Depot is the secure web services and payment gateway, where customers manage their tax and compliance obligations, oversee their fleets, and access a wide range of EROAD services. It provides a comprehensive and evolving suite of reports that can be viewed, saved, exported and downloaded. Within the Depot, users are assigned - roles' which give them access to different functions and, depending on their role, allow them to create and filter fleets to focus on critical information.
- developer: EROAD
- documents: frozendict({'cert': [frozendict({'href': 'https://sertit.no/getfile.php/134947-1607951850/SERTIT/Sertifikater/2015/59/20150626_Sertit-059_C.pdf'})], 'target': [frozendict({'href': 'https://sertit.no/getfile.php/134944-1607951845/SERTIT/Sertifikater/2015/59/ST_EROAD_v1.3_FINAL.pdf'})], 'report': [frozendict({'href': 'https://sertit.no/getfile.php/134941-1607951842/SERTIT/Sertifikater/2015/59/20150625_SERTIT-059_CR_v10.pdf'})]})
- evaluation_facility: Advanced Data Security
- expiration_date: 25.06.2020
- level: EAL 2, ALC_FLR.1
- mutual_recognition: CCRA
- product: TOE versions of EROAD OBU:Hardware version: 03Firmware version: 1.18.05;TOE versions of EROAD Application:Software version: 11-11-2014-0239
- sponsor: EROAD
- product: EROAD System
- url: https://sertit.no/certified-products/product-archive/eroad-system
|
- cert_id: JISEC-CC-CRP-C0234
- certification_date: 01.08.2009
- claim: EAL2+ ALC_FLR.1
- enhanced:
- assurance_level: EAL2 Augmented with ALC_FLR.1
- cc_version: 3.1
- description: PRODUCT DESCRIPTION Description of TOE TOE is a Web application server software product that is a J2EE(TM) (Java(TM) 2 Platform, Enterprise Edition)-compliant. TOE provides runtime and management environments. The product, that includes TOE, is mainly consist of Web container and EJB(TM) container that is Java 2 Platform, Enterprise Edition 1.4 compatible platform. And it also includes various software to execute and manage J2EE-compliant Java applications. It improves availability and reliability of the business application system, and provides several functions in order to manage business application system efficiently. TOE security functionality Security functions provided by TOE are as follows: - User identification and authentication This function uses user ID and password for user identification and authentication. - Access control This function provides access control for both Web and EJB container objects by using authenticated user information. - Security management This function manages information of user identification and authentication, access control information, and access control permitted to an application.
- evaluation_facility: Mizuho Information & Research Institute, Inc. Center for Evaluation of Information Security
- product: uCosminexus Application Server
- product_type: Application Server
- toe_version: 08-00
- vendor: Hitachi, Ltd.
- expiration_date: 01.08.2014
- supplier: Hitachi, Ltd.
- toe_japan_link: https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0234_it9250.html
- toe_japan_name: uCosminexus Application Server 08-00
- toe_overseas_link: None
- toe_overseas_name: -----
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
{} |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
{} |
{} |
| pdf_data/cert_filename |
None |
None |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
|
| pdf_data/report_filename |
20150625_SERTIT-059_CR_v10.pdf |
c0086_ecvr.pdf |
| pdf_data/report_frontpage |
|
|
| pdf_data/report_keywords/cc_cert_id |
|
- JP:
- Certification No. C0086: 1
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
- EAL:
- EAL 2: 18
- EAL 2 augmented: 18
- EAL 4: 1
- EAL1: 1
- EAL2: 1
- EAL7: 1
|
|
| pdf_data/report_keywords/cc_sar |
|
|
| pdf_data/report_keywords/cc_sfr |
- FAU:
- FAU_GEN.1: 1
- FAU_GEN.2: 1
- FCS:
- FCS_CKM.1: 1
- FCS_CKM.4: 1
- FCS_COP.1: 1
- FDP:
- FDP_ACC.1: 2
- FDP_ACF.1: 2
- FDP_IFC.1: 1
- FDP_IFF.1: 1
- FIA:
- FIA_ATD.1: 1
- FIA_UAU.1: 1
- FIA_UID.1: 1
- FMT:
- FMT_MOF.1: 1
- FMT_MSA.1: 1
- FMT_MSA.3: 1
- FMT_SMF.1: 1
- FMT_SMR.1: 1
- FPT:
- FPT_ITT_EXP.1: 1
- FPT_PHP.2: 1
- FPT_STM.1: 1
|
|
| pdf_data/report_keywords/cc_claims |
- A:
- O:
- O.ACCESS: 1
- O.ADMINISTRATION: 1
- O.AUDIT: 1
- O.CRYPTOGRAPHY: 1
- O.CRYPTO_VALIDATED: 1
- O.ID_AUTH: 1
- O.INTEGRITY: 1
- O.PROTECT: 1
- O.TAMPER_RESISTANCE: 1
- OE:
- OE.PERSON: 1
- OE.PROTECTION: 1
|
|
| pdf_data/report_keywords/vendor |
|
|
| pdf_data/report_keywords/eval_facility |
- ADS:
- Advanced Data Security: 1
|
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
- FI:
- malfunction: 2
- physical tampering: 1
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
- CC:
- CCMB-2012-09-001: 1
- CCMB-2012-09-002: 1
- CCMB-2012-09-003: 1
- CCMB-2012-09-004: 1
- FIPS:
- ISO:
|
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
- OutOfScope:
- 1 SERTIT-059 CR Issue 1.0 25 June 2015 Page 15 of 16 these underlying environmental components are out of scope insofar as the TOE is concerned. TOE Documentation The supporting guidance documents evaluated in: 1
- out of scope: 1
|
|
| pdf_data/report_metadata |
- /Author: Arne
- /CreationDate: D:20150626141410+02'00'
- /Creator: PScript5.dll Version 5.2.2
- /ModDate: D:20150626141544+02'00'
- /Producer: Acrobat Distiller 9.5.5 (Windows)
- /Title: Microsoft Word - 20150625 SERTIT-059 CR v.1.0
- pdf_file_size_bytes: 561714
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 16
|
- /CreationDate: D:20070323205213+09'00'
- /ModDate: D:20070323205213+09'00'
- /Producer: Acrobat Distiller 6.0 (Windows)
- /Title: untitled
- pdf_file_size_bytes: 13111
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
| pdf_data/st_filename |
ST_EROAD_v1.3_FINAL.pdf |
|
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
- EAL:
- EAL2: 5
- EAL2 augmented: 5
|
|
| pdf_data/st_keywords/cc_sar |
- ADV:
- ADV_ARC.1: 1
- ADV_FSP.2: 1
- ADV_TDS.1: 1
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.2: 1
- ALC_CMS.2: 1
- ALC_DEL.1: 1
- ALC_FLR.1: 6
- ASE:
- ASE_CCL: 2
- ASE_CCL.1: 1
- ASE_ECD: 2
- ASE_ECD.1: 1
- ASE_INT: 2
- ASE_INT.1: 1
- ASE_OBJ: 2
- ASE_OBJ.2: 1
- ASE_REQ: 2
- ASE_REQ.2: 1
- ASE_SPD: 2
- ASE_SPD.1: 1
- ASE_TSS: 2
- ASE_TSS.1: 1
- ATE:
- ATE_COV.1: 1
- ATE_FUN.1: 1
- ATE_IND.2: 1
- AVA:
|
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FAU_GEN.1: 11
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FAU_GEN.2: 7
- FAU_GEN.2.1: 1
- FCS:
- FCS_CKM.1: 13
- FCS_CKM.1.1: 1
- FCS_CKM.2: 2
- FCS_CKM.4: 11
- FCS_CKM.4.1: 1
- FCS_COP.1: 12
- FCS_COP.1.1: 1
- FDP:
- FDP_ACC.1: 22
- FDP_ACC.1.1: 2
- FDP_ACF.1: 20
- FDP_ACF.1.1: 2
- FDP_ACF.1.2: 2
- FDP_ACF.1.3: 2
- FDP_ACF.1.4: 2
- FDP_IFC.1: 12
- FDP_IFC.1.1: 1
- FDP_IFF.1: 8
- FDP_IFF.1.1: 1
- FDP_IFF.1.2: 1
- FDP_IFF.1.3: 1
- FDP_IFF.1.4: 1
- FDP_IFF.1.5: 1
- FDP_ITC.1: 4
- FDP_ITC.2: 4
- FIA:
- FIA_ATD.1: 8
- FIA_ATD.1.1: 1
- FIA_UAU.1: 9
- FIA_UAU.1.1: 1
- FIA_UAU.1.2: 1
- FIA_UID.1: 16
- FIA_UID.1.1: 1
- FIA_UID.1.2: 1
- FMT:
- FMT_MOF.1: 11
- FMT_MOF.1.1: 1
- FMT_MSA.1: 9
- FMT_MSA.1.1: 1
- FMT_MSA.3: 15
- FMT_MSA.3.1: 1
- FMT_MSA.3.2: 1
- FMT_SMF.1: 12
- FMT_SMF.1.1: 1
- FMT_SMR.1: 14
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FPT:
- FPT_ITT_EXP.1: 11
- FPT_ITT_EXP.1.1: 2
- FPT_PHP.2: 8
- FPT_PHP.2.1: 1
- FPT_PHP.2.2: 1
- FPT_PHP.2.3: 1
- FPT_STM.1: 11
- FPT_STM.1.1: 1
|
|
| pdf_data/st_keywords/cc_claims |
- A:
- O:
- O.ACCESS: 7
- O.ADMINISTRATION: 10
- O.AUDIT: 9
- O.CRYPTOGRAPHY: 10
- O.CRYPTO_VALIDATED: 6
- O.ID_AUTH: 5
- O.INTEGRITY: 8
- O.PROTECT: 10
- O.TAMPER_RESISTANCE: 6
- OE:
- OE.PERSON: 9
- OE.PROTECTION: 4
|
|
| pdf_data/st_keywords/vendor |
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
- AES_competition:
- constructions:
|
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
|
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
- FI:
- malfunction: 6
- physical tampering: 9
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
- FIPS:
- FIPS 140-2: 7
- FIPS 186-4: 1
- FIPS PUB 140-2: 1
- FIPS PUB 180-4: 1
- FIPS PUB 197: 2
- FIPS PUB 198: 2
|
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
- OutOfScope:
- out of scope: 2
- private, secure, and not exposed. Therefore, these underlying environmental components are out of scope insofar as the TOE is concerned. Further, EROAD security is stand alone, isolated, self-contained: 1
- protects and secures the OBU Gateway and communications with it, but that environment is out of scope insofar as the TOE is concerned. ESP Server The ESP server and associated protocol (Ebox to Server: 1
|
|
| pdf_data/st_metadata |
- /Author: Admin
- /CreationDate: D:20150618214315-07'00'
- /Creator: PScript5.dll Version 5.2.2
- /ModDate: D:20150618214315-07'00'
- /Producer: GPL Ghostscript 8.64
- /Title: Microsoft Word - ST EROAD v1.3 - FINAL.docx
- pdf_file_size_bytes: 1236897
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 42
|
|
| state/cert/convert_garbage |
None |
None |
| state/cert/convert_ok |
False |
False |
| state/cert/download_ok |
False |
False |
| state/cert/extract_ok |
False |
False |
| state/cert/pdf_hash |
Equal |
Equal |
| state/cert/txt_hash |
Equal |
Equal |
| state/report/convert_garbage |
None |
None |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
None |
None |
| state/st/convert_ok |
True |
False |
| state/st/download_ok |
True |
False |
| state/st/extract_ok |
True |
False |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |