| name |
Citrix MetaFrame Presentation Server 4.0 |
nShield Solo XC Hardware Security Module v12.60.15 |
| category |
Access Control Devices and Systems |
Products for Digital Signatures |
| scheme |
UK |
SG |
| status |
archived |
active |
| not_valid_after |
05.03.2013 |
27.06.2027 |
| not_valid_before |
01.08.2005 |
27.06.2022 |
| cert_link |
|
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/[CER]%20nShield%20Solo%20XC%20CC%20Certificate.pdf |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/CRP219.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/[CER]%20nShield%20Solo%20XC%20HSM%20Certificate%20Report.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/LFS_T488_Citrix_ST_V10.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/[DD]%20nShield%20Solo%20XC%20HSM%20Security%20Target.pdf |
| manufacturer |
Citrix Systems, Inc. |
Entrust, Inc. |
| manufacturer_web |
https://www.citrix.com |
https://www.entrust.com |
| security_level |
EAL2 |
EAL4+, ALC_FLR.2, AVA_VAN.5 |
| dgst |
7da57a5dc5ab73a9 |
13c74460c0788c9b |
| heuristics/cert_id |
CRP219 |
CSA_CC_21008 |
| heuristics/cert_lab |
[] |
[] |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ADV_RCR.1, ADV_FSP.1, ATE_FUN.1, AGD_USR.1, AVA_VLA.1, ATE_IND.2, ADV_SPM.1, ATE_COV.1, AGD_ADM.1, ADV_HLD.1, AVA_SOF.1, ALC_FLR.2 |
ALC_FLR.2, AVA_VAN.5 |
| heuristics/extracted_versions |
4.0 |
12.60.15 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
|
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
ee319f4a624019b0 |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
{} |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/ANSSI-CC-PP-2016_05 PP.pdf |
| pdf_data/cert_filename |
|
[CER] nShield Solo XC CC Certificate.pdf |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
- EAL:
- EAL 2: 1
- EAL 4: 1
- EAL 4 augmented: 1
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
- BrightSight:
- SGS:
- SGS: 1
- SGS Brightsight: 1
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
- /CreationDate: D:20220629102527+08'00'
- /ModDate: D:20220629135247+08'00'
- pdf_file_size_bytes: 497186
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
| pdf_data/report_filename |
CRP219.pdf |
[CER] nShield Solo XC HSM Certificate Report.pdf |
| pdf_data/report_frontpage |
|
|
| pdf_data/report_keywords/cc_cert_id |
- UK:
- CERTIFICATION REPORT No. P219: 1
|
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
- EAL:
- EAL2: 4
- EAL2 augmented: 3
|
- EAL:
- EAL 4: 2
- EAL 4 augmented: 1
- EAL2: 1
- EAL4+: 1
|
| pdf_data/report_keywords/cc_sar |
|
|
| pdf_data/report_keywords/cc_sfr |
- FTP:
- FTP_ITC.1: 1
- FTP_ITC.2: 1
|
|
| pdf_data/report_keywords/cc_claims |
|
|
| pdf_data/report_keywords/vendor |
|
|
| pdf_data/report_keywords/eval_facility |
|
- BrightSight:
- SGS:
- SGS: 3
- SGS Brightsight: 3
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
- CC:
- CCIMB-2004-01-001: 1
- CCIMB-2004-01-002: 1
- CCIMB-2004-01-003: 1
- CCIMB-2004-01-004: 1
|
- BSI:
- CC:
- CCMB-2017-04-001: 1
- CCMB-2017-04-002: 1
- CCMB-2017-04-004: 1
- CCMB-2018-04-003: 1
- ISO:
- ISO/IEC 15408: 2
- ISO/IEC 18045: 2
- NIST:
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
|
|
| pdf_data/report_metadata |
- /Author: racook
- /CreationDate: D:20050906112345Z
- /Creator: LFS T488 CITRIX_V40_CertRep_P219_10 - Microsoft Word
- /ModDate: D:20131119172038Z
- /Producer: Acrobat PDFWriter 5.0 for Windows NT
- /Title: LFS T488 CITRIX_V40_CertRep_P219_10.doc
- pdf_file_size_bytes: 1021419
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 20
|
|
| pdf_data/st_filename |
LFS_T488_Citrix_ST_V10.pdf |
[DD] nShield Solo XC HSM Security Target.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
- ANSSI:
- ANSSI-CC-PP-: 1
- ANSSI-CC-PP-2016/05-: 1
|
| pdf_data/st_keywords/cc_security_level |
- EAL:
- EAL2: 8
- EAL2 augmented: 2
- EAL2+: 1
|
- EAL:
- EAL4: 60
- EAL4 augmented: 3
|
| pdf_data/st_keywords/cc_sar |
- ACM:
- ADO:
- ADO_DEL.1: 2
- ADO_IGS.1: 2
- ADV:
- ADV_FSP.1: 2
- ADV_HLD.1: 2
- ADV_RCR.1: 2
- ADV_SPM.1: 2
- AGD:
- AGD_ADM.1: 2
- AGD_USR.1: 2
- ALC:
- ATE:
- ATE_COV.1: 2
- ATE_FUN.1: 2
- ATE_IND.2: 2
- AVA:
- AVA_SOF.1: 2
- AVA_VLA.1: 3
|
|
| pdf_data/st_keywords/cc_sfr |
- FCS:
- FCS_CKM.1: 11
- FCS_CKM.1.1: 1
- FCS_CKM.2: 9
- FCS_CKM.2.1: 2
- FCS_CKM.4: 16
- FCS_CKM.4.1: 2
- FCS_COP.1: 21
- FCS_COP.1.1: 3
- FDP:
- FDP_ACC.1: 23
- FDP_ACF.1: 16
- FDP_IFC.1: 3
- FDP_ITT.1: 17
- FDP_ITT.1.1: 2
- FDP_RIP.1: 6
- FDP_RIP.1.1: 1
- FIA:
- FIA_AFL.1: 5
- FIA_AFL.1.1: 1
- FIA_AFL.1.2: 1
- FIA_ATD.1: 12
- FIA_ATD.1.1: 1
- FIA_UAU: 1
- FIA_UAU.2: 11
- FIA_UAU.2.1: 2
- FIA_UID.1: 1
- FIA_UID.2: 10
- FIA_UID.2.1: 2
- FMT:
- FMT_MOF.1: 14
- FMT_MOF.1.1: 2
- FMT_MSA.1: 11
- FMT_MSA.1.1: 1
- FMT_MSA.2: 12
- FMT_MSA.2.1: 1
- FMT_MSA.3: 9
- FMT_MSA.3.1: 1
- FMT_MSA.3.2: 1
- FMT_SMF: 1
- FMT_SMF.1: 16
- FMT_SMF.1.1: 1
- FMT_SMR.1: 21
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FPT:
- FPT_AMT.1: 6
- FPT_AMT.1.1: 1
- FPT_ITT.1: 15
- FPT_ITT.1.1: 2
- FPT_RVM.1: 12
- FPT_RVM.1.1: 1
- FPT_SEP.1: 2
- FPT_SEP.1.1: 1
- FPT_SEP.1.2: 1
- FPT_TST.1: 6
- FPT_TST.1.1: 1
- FPT_TST.1.2: 1
- FPT_TST.1.3: 1
- FTP:
- FTP_ITC: 1
- FTP_ITC.1: 1
- FTP_ITC.2: 9
- FTP_ITC.2.1: 1
- FTP_ITC.2.2: 1
- FTP_ITC.2.3: 1
|
- FAU:
- FAU_GEN.1: 10
- FAU_GEN.1.1: 2
- FAU_GEN.1.2: 1
- FAU_GEN.2: 5
- FAU_GEN.2.1: 1
- FAU_STG.1: 1
- FAU_STG.2: 5
- FAU_STG.2.1: 1
- FAU_STG.2.2: 1
- FAU_STG.2.3: 1
- FCS:
- FCS_CKM.1: 11
- FCS_CKM.1.1: 1
- FCS_CKM.2: 1
- FCS_CKM.4: 11
- FCS_CKM.4.1: 1
- FCS_COP.1: 10
- FCS_COP.1.1: 1
- FCS_RNG: 12
- FCS_RNG.1: 5
- FDP:
- FDP_ACC: 15
- FDP_ACC.1: 10
- FDP_ACF: 14
- FDP_ACF.1: 12
- FDP_IFC: 10
- FDP_IFC.1: 7
- FDP_IFF: 9
- FDP_IFF.1: 10
- FDP_ITC.1: 2
- FDP_ITC.2: 2
- FDP_RIP.1: 6
- FDP_RIP.1.1: 1
- FDP_SDI.1: 1
- FDP_SDI.2: 6
- FDP_SDI.2.1: 1
- FDP_SDI.2.2: 1
- FIA:
- FIA_AFL.1: 6
- FIA_AFL.1.1: 1
- FIA_AFL.1.2: 1
- FIA_UAU: 13
- FIA_UAU.1: 9
- FIA_UAU.1.1: 1
- FIA_UAU.1.2: 1
- FIA_UAU.6: 2
- FIA_UID.1: 14
- FIA_UID.1.1: 1
- FIA_UID.1.2: 1
- FMT:
- FMT_MSA: 22
- FMT_MSA.1: 5
- FMT_MSA.3: 9
- FMT_MTD: 12
- FMT_MTD.1: 2
- FMT_SMF.1: 10
- FMT_SMF.1.1: 1
- FMT_SMR.1: 19
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FPT:
- FPT_FLS.1: 6
- FPT_FLS.1.1: 1
- FPT_PHP.1: 4
- FPT_PHP.1.1: 1
- FPT_PHP.1.2: 1
- FPT_PHP.3: 4
- FPT_PHP.3.1: 1
- FPT_STM.1: 7
- FPT_STM.1.1: 1
- FPT_TST_EXT.1: 9
- FPT_TST_EXT.1.1: 1
- FTP:
|
| pdf_data/st_keywords/cc_claims |
- A:
- A.APP_: 1
- A.APP_CONFIG: 1
- A.PUBLISHED_: 1
- A.SMARTCARD: 1
- A.THIRD_PARTY_: 1
- A.TRUSTADMIN: 1
- A.USER_: 1
- OE:
- OE.CERTIFICATES: 3
- OE.CLIENT_: 1
- OE.CLIENT_PHYSICAL: 1
- OE.CLIENT_TPSW: 3
- OE.IPSEC: 8
- OE.LIMIT_AUT: 1
- OE.LIMIT_AUTH: 2
- OE.MALWARE_: 1
- OE.MALWARE_PROT: 1
- OE.MALWARE_PROTECT: 2
- OE.MEMORY: 4
- OE.OS_CONFIG: 2
- OE.OS_CONFIG_: 2
- OE.OS_CONFIG_CLIENT: 2
- OE.OS_CONFIG_SERVER: 2
- OE.PASSWORD: 1
- OE.PASSWORD_: 1
- OE.PASSWORD_SETUP: 1
- OE.SECURE_: 1
- OE.SECURE_EN: 1
- OE.SECURE_ENCRYPTION: 2
- OE.SERVER_: 1
- OE.SERVER_PHYSICAL: 2
- OE.SERVER_TH: 1
- OE.SERVER_THIRD_: 1
- OE.SERVER_THIRD_PARTY_SW: 1
- OE.SESSION_K: 1
- OE.SESSION_KEYS: 3
- OE.TRUSTED_: 1
- OE.TRUSTED_OPS: 2
- OSP:
- OT:
- OT.APPS_: 1
- OT.APPS_AVAIL: 2
- OT.AUTHENTIC_: 4
- OT.AUTHENTIC_CLIENT: 1
- OT.AUTHENTIC_SERVER: 1
- OT.CONF: 3
- OT.CONF_: 1
- OT.CONF_CLIENT: 2
- OT.CUTPASTE: 1
- OT.CUT_PASTE: 2
- OT.DRIVES: 3
- OT.GATE_ALLO: 1
- OT.GATE_ALLOW: 2
- OT.INTEG: 3
- OT.INTEG_: 1
- OT.INTEG_CLIENT: 2
- OT.SECURE_ENC: 1
- OT.SECURE_ENCRYP: 1
- OT.SECURE_ENCRYPTION: 2
- T:
- T.AUTHENTIC: 4
- T.AVAIL: 4
- T.MISDIRECT: 2
- T.MOD_CONF: 4
- T.MOD_HW_CLIENT: 1
- T.MOD_HW_SERVER: 1
|
- OT:
- OT.A: 1
- OT.B: 1
- OT.D: 2
- OT.RNG: 3
- R:
|
| pdf_data/st_keywords/vendor |
|
- Microsoft:
- Microsoft: 1
- Microsoft Corporation: 1
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
|
- AES_competition:
- DES:
- constructions:
- MAC:
- CBC-MAC: 2
- CMAC: 3
- HMAC: 2
- HMAC-SHA-224: 1
- HMAC-SHA-256: 1
- HMAC-SHA-384: 1
- HMAC-SHA-512: 1
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
|
- SHA:
- SHA1:
- SHA2:
- SHA-224: 1
- SHA-384: 1
- SHA-512: 1
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
- Brainpool:
- brainpoolP160r1: 1
- brainpoolP192r1: 1
- brainpoolP192t1: 1
- brainpoolP224r1: 3
- brainpoolP224t1: 1
- brainpoolP256r1: 3
- brainpoolP256t1: 3
- brainpoolP320r1: 3
- brainpoolP320t1: 3
- brainpoolP384r1: 3
- brainpoolP384t1: 3
- brainpoolP512r1: 3
- brainpoolP512t1: 3
- NIST:
- B-163: 1
- B-233: 3
- B-283: 3
- B-409: 3
- B-571: 3
- K-163: 1
- K-233: 3
- K-283: 3
- K-409: 3
- K-571: 3
- NIST P-192: 1
- NIST P-224: 2
- P-192: 1
- P-224: 4
- P-256: 6
- P-384: 6
- P-521: 6
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
- FI:
- Malfunction: 2
- physical tampering: 2
- SCA:
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
- FIPS:
- FIPS 140: 3
- FIPS 140-1: 1
- FIPS 140-2: 3
- FIPS 186-2: 1
- FIPS140: 10
- FIPS140-1: 2
- FIPS140-2: 2
- RFC:
- RFC 2246: 3
- RFC 2412: 1
- RFC 2451: 1
|
- BSI:
- AIS 20: 1
- AIS 31: 9
- AIS31: 2
- CC:
- CCMB-2017-04-001: 1
- CCMB-2017-04-002: 1
- CCMB-2017-04-003: 1
- FIPS:
- FIPS 140-2: 6
- FIPS 180-4: 1
- FIPS 186-4: 2
- FIPS 197: 2
- FIPS 198-1: 1
- ISO:
- NIST:
- NIST SP 800-22: 1
- NIST SP 800-90A: 3
- SP 800-108: 1
- SP 800-38A: 1
- SP 800-38B: 1
- SP 800-38C: 1
- SP 800-38D: 1
- SP 800-38F: 1
- SP 800-56A: 2
- SP 800-67: 1
- SP 800-90A: 3
- PKCS:
- PKCS #1: 1
- PKCS#1: 2
- PKCS#11: 2
- RFC:
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
- OutOfScope:
- The TOE comprises the sample deployment as described below. All other configurations are out of scope of the evaluation. The deployment uses the Secure Gateway to provide TLS encryption between a TLS-: 1
- out of scope: 2
- the TOE. Note: The Windows operating system provides the function that authenticates users. This is out of scope of the TOE, so there are no mechanisms requiring assessment. Version 1.0 Page 35 of 56 July 2005: 1
|
- OutOfScope:
- Impath, out of scope) with a remote Hardserver (typically on an application server or PC: 1
- for the TOE. The Hardserver instance in the Connect XC establishes a secure channel (Impath, out of scope) with a remote Hardserver (typically on an application server or PC), which also includes libraries: 1
- out of scope: 3
- support higher level APIs, for example, but not limited to NFKM, PKCS#11, MSCAPI, etc. These are out of scope of the TOE. Figure 3 Configuration 1: TOE in Connect XC 8 of 56 nShield Solo XC HSM Security: 1
- support higher level APIs, for example, but not limited to, NFKM, PKCS#11, MSCAPI, etc. These are out of scope of the TOE. Figure 4 Configuration 2: TOE in host server 1.3.3 Usage and major security features of: 1
|
| pdf_data/st_metadata |
- /CreationDate: 9:9 7/25/2005
- /Creator: Windows NT 4.0
- /Producer: GNU Ghostscript 7.05
- /Title: Untitled Document
- pdf_file_size_bytes: 328607
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 56
|
|
| state/cert/convert_garbage |
False |
True |
| state/cert/convert_ok |
False |
True |
| state/cert/download_ok |
False |
True |
| state/cert/extract_ok |
False |
True |
| state/cert/pdf_hash |
Different |
Different |
| state/cert/txt_hash |
Different |
Different |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |