| name |
Avaya VoIP PBX System based on the Communication Manager 5.1 |
EUR Form Client 05-07 |
| category |
Other Devices and Systems |
Other Devices and Systems |
| scheme |
DE |
JP |
| status |
archived |
archived |
| not_valid_after |
01.09.2019 |
28.12.2010 |
| not_valid_before |
27.03.2009 |
15.12.2006 |
| cert_link |
None |
None |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0540a.pdf |
https://www.commoncriteriaportal.org/files/epfiles/c0068_ecvr.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0540b.pdf |
https://www.commoncriteriaportal.org/files/epfiles/ |
| manufacturer |
Avaya GmbH & Co. KG |
Hitachi, Ltd. |
| manufacturer_web |
https://www.avaya.com/de/ |
|
| security_level |
ASE_SPD.1, ADV_FSP.2, ASE_OBJ.2, ASE_REQ.2, EAL1+ |
EAL2+, ALC_FLR.1 |
| dgst |
7ffe542d7171483d |
3065549d198f4f8d |
| heuristics/cert_id |
BSI-DSZ-CC-0540-2009 |
JISEC-CC-CRP-C0068 |
| heuristics/cert_lab |
BSI |
[] |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ALC_LCD.2, ALC_CMC.1, ASE_INT.1, ALC_DVS.2, ADV_FSP.2, ASE_ECD.1, APE_ECD.1, ASE_TSS.1, ASE_SPD.1, AVA_VAN.1, ALC_DEL.1, ALC_TAT.3, ALC_FLR.3, ATE_FUN.2, AGD_OPE.1, AGD_PRE.1, APE_REQ.2, ATE_IND.1, ADV_ARC.1, ASE_OBJ.2, APE_CCL.1, ADV_IMP.2, ASE_REQ.2, ATE_DPT.4, ADV_INT.3, APE_INT.1, APE_SPD.1, ALC_CMS.1, APE_OBJ.2, ASE_CCL.1, ADV_TDS.6, ATE_COV.3, ADV_SPM.1 |
ALC_FLR.1 |
| heuristics/extracted_versions |
5.1 |
07, 05 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
|
- cert_id: JISEC-CC-CRP-C0068
- certification_date: 01.12.2006
- claim: EAL2+ ALC_FLR.1
- enhanced:
- assurance_level: EAL2+ALC_FLR.1
- description: PRODUCT DESCRIPTION TOE is an application software product for electronic form systems. By using TOE, the end-user can view, fill in the electronic form easily via Web client as if it is a paper application form, and send the entered data to the system securely. TOE provides following security functions, in order to enforce the security policy declared in the EUR Form files. - Attach the XML signatures to the entered data - Verify the XML signatures - Initiate the HTTPS Channel
- evaluation_facility: Mizuho Information & Research Institute, Inc. Center for Evaluation of Information Security
- product: EUR Form Client
- product_type: IT Product (software for electronic form systems)
- toe_version: 05-07
- vendor: Hitachi, Ltd.
- expiration_date: 01.01.2011
- supplier: Hitachi, Ltd.
- toe_japan_link: https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0068_it6089.html
- toe_japan_name: EUR Form Client 05-07
- toe_overseas_link: None
- toe_overseas_name: -----
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
{} |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
{} |
{} |
| pdf_data/cert_filename |
None |
None |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
|
| pdf_data/report_filename |
0540a.pdf |
c0068_ecvr.pdf |
| pdf_data/report_frontpage |
- DE:
- cert_id: BSI-DSZ-CC-0540-2009
- cert_item: Avaya VoIP PBX System based on the Communication Manager 5.1
- cert_lab: BSI
- developer: Avaya GmbH & Co. KG sponsored by Avaya Inc
- match_rules: ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)']
|
|
| pdf_data/report_keywords/cc_cert_id |
- DE:
- BSI-DSZ-CC-0540: 1
- BSI-DSZ-CC-0540-2009: 16
|
- JP:
- Certification No. C0068: 1
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
- EAL:
- EAL 1: 5
- EAL 1 augmented: 3
- EAL 4: 1
- EAL 7: 1
- EAL1: 6
- EAL1+: 2
- EAL2: 3
- EAL3: 4
- EAL4: 4
- EAL5: 6
- EAL6: 3
- EAL7: 4
|
|
| pdf_data/report_keywords/cc_sar |
- ADV:
- ADV_ARC: 1
- ADV_ARC.1: 1
- ADV_FSP: 1
- ADV_FSP.1: 1
- ADV_FSP.2: 5
- ADV_FSP.3: 1
- ADV_FSP.4: 1
- ADV_FSP.5: 1
- ADV_FSP.6: 1
- ADV_IMP: 1
- ADV_IMP.1: 1
- ADV_IMP.2: 1
- ADV_INT: 1
- ADV_INT.1: 1
- ADV_INT.2: 1
- ADV_INT.3: 1
- ADV_SPM: 1
- ADV_SPM.1: 1
- ADV_TDS: 1
- ADV_TDS.1: 1
- ADV_TDS.2: 1
- ADV_TDS.3: 1
- ADV_TDS.4: 1
- ADV_TDS.5: 1
- ADV_TDS.6: 1
- AGD:
- AGD_OPE: 1
- AGD_OPE.1: 1
- AGD_PRE: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC: 1
- ALC_CMC.1: 1
- ALC_CMC.2: 1
- ALC_CMC.3: 1
- ALC_CMC.4: 1
- ALC_CMC.5: 1
- ALC_CMS: 1
- ALC_CMS.1: 1
- ALC_CMS.2: 1
- ALC_CMS.3: 1
- ALC_CMS.4: 1
- ALC_CMS.5: 1
- ALC_DEL: 2
- ALC_DEL.1: 1
- ALC_DVS: 1
- ALC_DVS.1: 1
- ALC_DVS.2: 1
- ALC_FLR: 1
- ALC_FLR.1: 1
- ALC_FLR.2: 1
- ALC_FLR.3: 1
- ALC_LCD.1: 1
- ALC_LCD.2: 1
- ALC_TAT: 1
- ALC_TAT.1: 1
- ALC_TAT.2: 1
- ALC_TAT.3: 1
- APE:
- APE_CCL.1: 1
- APE_ECD.1: 1
- APE_INT.1: 1
- APE_OBJ.1: 1
- APE_OBJ.2: 1
- APE_REQ.1: 1
- APE_REQ.2: 1
- APE_SPD.1: 1
- ASE:
- ASE_CCL: 1
- ASE_CCL.1: 1
- ASE_ECD: 1
- ASE_ECD.1: 1
- ASE_INT: 1
- ASE_INT.1: 1
- ASE_OBJ: 1
- ASE_OBJ.1: 1
- ASE_OBJ.2: 5
- ASE_REQ.1: 1
- ASE_REQ.2: 5
- ASE_SPD: 1
- ASE_SPD.1: 5
- ASE_TSS: 1
- ASE_TSS.1: 1
- ASE_TSS.2: 1
- ATE:
- ATE_COV: 1
- ATE_COV.1: 1
- ATE_COV.2: 1
- ATE_COV.3: 1
- ATE_DPT: 1
- ATE_DPT.1: 1
- ATE_DPT.2: 1
- ATE_DPT.3: 1
- ATE_DPT.4: 1
- ATE_FUN: 1
- ATE_FUN.1: 1
- ATE_FUN.2: 1
- ATE_IND: 1
- ATE_IND.1: 2
- ATE_IND.2: 1
- ATE_IND.3: 1
- AVA:
- AVA_VAN: 2
- AVA_VAN.1: 2
- AVA_VAN.2: 1
- AVA_VAN.3: 1
- AVA_VAN.4: 1
- AVA_VAN.5: 1
|
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
|
|
| pdf_data/report_keywords/vendor |
|
|
| pdf_data/report_keywords/eval_facility |
|
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
- BSI:
- BSI 7125: 2
- BSI 7148: 1
- BSI 7149: 1
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
|
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
- ConfidentialDocument:
- 1.0, 2009-03-10, Evaluation Technical Report BSI-DSZ-CC-0540, CSC Deutschland Solutions GmbH, (confidential document) [8] Configuration list for the TOE, Version 1.0, 2009-03-09, Avaya VoIP PBX System Configuration: 1
- Avaya GmbH & Co KG (confidential document) [9] Guidance CD “Communication Manager 5.0”, Publication Date: January 2008 [10] Guidance CD: 1
- OutOfScope:
- TOE but relevant for the operation. Also here, the network devices like switches and routers are out of scope. This holds also valid for the connection to the internet (the SIP trunk) and the required network: 1
- may implement some security features like IEEE 802.1X network device authentication. They are out of scope. Their existence and their security features can be assumed. The protection zone “Server” contains: 1
- out of scope: 2
|
|
| pdf_data/report_metadata |
- /Author: Bundesamt für Sicherheit in der Informationstechnik
- /CreationDate: D:20090421135047+02'00'
- /Creator: Writer
- /Keywords: "Avaya VoIP PBX Systembased on the Communication Manager 5.1, Avaya GmbH & Co. KG, Avaya Inc., BSI-DSZ-CC-0540-2009"
- /ModDate: D:20090504155601+02'00'
- /Producer: StarOffice 9
- /Subject: Common Criteria Certification
- /Title: Certification Report BSI-DSZ-CC-0540-2009
- pdf_file_size_bytes: 856495
- pdf_hyperlinks: http://www.bsi.bund.de/
- pdf_is_encrypted: False
- pdf_number_of_pages: 36
|
- /CreationDate: D:20061215165848+09'00'
- /ModDate: D:20061215165848+09'00'
- /Producer: Acrobat Distiller 6.0 (Windows)
- /Title: untitled
- pdf_file_size_bytes: 13486
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
| pdf_data/st_filename |
0540b.pdf |
|
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
- EAL:
- EAL 1: 1
- EAL 1 augmented: 1
- EAL1: 1
- EAL2: 1
|
|
| pdf_data/st_keywords/cc_sar |
- ADV:
- ADV_FSP.1: 4
- ADV_FSP.2: 7
- AGD:
- AGD_OPE.1: 5
- AGD_PRE.1: 5
- ALC:
- ALC_CMC.1: 1
- ALC_CMS.1: 1
- ASE:
- ASE_CCL.1: 1
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.2: 4
- ASE_REQ.1: 2
- ASE_REQ.2: 5
- ASE_SPD.1: 3
- ASE_TSS.1: 1
- ATE:
- AVA:
|
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FAU_GEN.1: 7
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FDP:
- FDP_ACC.1: 17
- FDP_ACC.1.1: 1
- FDP_ACF.1: 8
- FDP_ACF.1.1: 1
- FDP_ACF.1.2: 1
- FDP_ACF.1.3: 1
- FDP_ACF.1.4: 1
- FDP_ETC.1: 6
- FDP_ETC.1.1: 1
- FDP_ETC.1.2: 1
- FDP_ETC.2: 6
- FDP_ETC.2.1: 1
- FDP_ETC.2.2: 1
- FDP_ETC.2.3: 1
- FDP_ETC.2.4: 1
- FDP_IFC.1: 47
- FDP_IFC.1.1: 3
- FDP_IFF.1: 27
- FDP_IFF.1.1: 3
- FDP_IFF.1.2: 3
- FDP_IFF.1.3: 3
- FDP_IFF.1.4: 3
- FDP_IFF.1.5: 3
- FDP_ITC.2: 6
- FDP_ITC.2.1: 1
- FDP_ITC.2.2: 1
- FDP_ITC.2.3: 1
- FDP_ITC.2.4: 1
- FDP_ITC.2.5: 1
- FDP_ITT.1: 1
- FDP_ITT.2: 6
- FDP_ITT.2.1: 1
- FDP_ITT.2.2: 1
- FDP_RIP.1: 1
- FDP_RIP.2: 6
- FDP_RIP.2.1: 1
- FIA:
- FIA_UAU.1: 8
- FIA_UAU.1.1: 1
- FIA_UAU.1.2: 1
- FIA_UAU.2: 10
- FIA_UAU.2.1: 2
- FIA_UAU.3: 6
- FIA_UAU.3.1: 1
- FIA_UAU.3.2: 1
- FIA_UID.1: 21
- FIA_UID.1.1: 1
- FIA_UID.1.2: 1
- FIA_UID.2: 14
- FIA_UID.2.1: 2
- FMT:
- FMT_MSA.1: 28
- FMT_MSA.1.1: 3
- FMT_MSA.3: 35
- FMT_MSA.3.1: 4
- FMT_MSA.3.2: 4
- FMT_MTD.1: 15
- FMT_MTD.1.1: 3
- FMT_SMF.1: 50
- FMT_SMF.1.1: 6
- FMT_SMR.1: 44
- FMT_SMR.1.1: 2
- FMT_SMR.1.2: 2
- FPT:
- FPT_STM.1: 2
- FPT_TDC.1: 9
- FPT_TDC.1.1: 1
- FPT_TDC.1.2: 1
- FTP:
- FTP_ITC.1: 14
- FTP_ITC.1.1: 2
- FTP_ITC.1.2: 2
- FTP_ITC.1.3: 2
- FTP_TRP.1: 1
|
|
| pdf_data/st_keywords/cc_claims |
- A:
- A.ADMIN: 4
- A.AVAILABLE: 3
- A.DEVICES: 3
- A.ERRMONITORING: 3
- A.LOCATION: 3
- A.PHYSICAL: 4
- A.SECDEV: 3
- A.SECNET: 3
- A.USER: 3
- A.VPN: 3
- O:
- O.AUTHENTICATE: 1
- O.CONFCLIENT: 1
- O.DISCLOSE: 1
- O.LOGEXPORT: 1
- O.MEDIATION: 1
- O.RESTRICTION: 1
- O.SELFPROTECT: 1
- OE:
- OE.ADMIN: 14
- OE.AVAILABLE: 2
- OE.DEVICES: 3
- OE.ERRMONITORING: 5
- OE.LOCATION: 5
- OE.LOGOUT: 3
- OE.NETMONITOR: 7
- OE.OS: 3
- OE.PHYSICAL: 9
- OE.SECDEV: 2
- OE.SECNET: 4
- OE.USER: 2
- OE.VPN: 4
- OSP:
- OSP.NETMONITOR: 3
- OSP.OS: 4
|
|
| pdf_data/st_keywords/vendor |
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
|
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
|
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
- CC:
- CCMB-2006-09-001: 2
- CCMB-2007-09-002: 2
- CCMB-2007-09-003: 2
|
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
- OutOfScope:
- TOE but relevant for the operation. Also here, the network devices like switches and routers are out of scope. This holds also valid for the connection to the internet (the SIP trunk) and the required network: 1
- are held by us. In order to define the logical scope in detail, the following functions are out of scope of the TOE: Boarder protection of all external connections like SIP trunks or remote management: 1
- may implement some security features like IEEE 802.1X network device authentication. They are out of scope. Their existence and their security features can be assumed. The protection zone “Server” contains: 1
- out of scope: 3
|
|
| pdf_data/st_metadata |
- /Author: Avaya GmbH & Co KG
- /CreationDate: D:20090309164738Z
- /Creator: Microsoft® Office Word 2007
- /Keywords: VoIP, CM 5.1, Communication Manager
- /ModDate: D:20090407130547+02'00'
- /Producer: Microsoft® Office Word 2007
- /Subject: Common Criteria Evaluation
- /Title: Avaya VoIP PBX System Security Target
- pdf_file_size_bytes: 773349
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 63
|
|
| state/cert/convert_garbage |
False |
False |
| state/cert/convert_ok |
False |
False |
| state/cert/download_ok |
False |
False |
| state/cert/extract_ok |
False |
False |
| state/cert/pdf_hash |
Equal |
Equal |
| state/cert/txt_hash |
Equal |
Equal |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
False |
| state/st/download_ok |
True |
False |
| state/st/extract_ok |
True |
False |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |