| name |
TightGate-Pro (CC) Version 1.4 |
L4Re Secure Separation Kernel CC Version 1.0.1 |
| category |
Access Control Devices and Systems |
Operating Systems |
| scheme |
DE |
DE |
| status |
archived |
active |
| not_valid_after |
02.12.2020 |
18.02.2030 |
| not_valid_before |
02.12.2015 |
18.02.2025 |
| cert_link |
|
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1177c_pdf.pdf |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0589a_pdf.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1177a_pdf.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0589b_pdf.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1177b_pdf.pdf |
| manufacturer |
m-privacy GmbH |
Kernkonzept GmbH |
| manufacturer_web |
https://www.m-privacy.de |
https://kernkonzept.com |
| security_level |
EAL3+, ALC_FLR.3, ALC_CMS.4 |
EAL4+, ALC_FLR.3 |
| dgst |
81092ca72bcac6f7 |
7929b54ea442ff99 |
| heuristics/cert_id |
BSI-DSZ-CC-0589-2015 |
|
| heuristics/cert_lab |
BSI |
[] |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ASE_INT.1, AVA_VAN.2, ALC_CMC.3, ASE_ECD.1, APE_ECD.1, ATE_COV.2, ASE_TSS.1, ASE_SPD.1, ADV_TDS.2, ALC_DEL.1, ALC_LCD.1, ALC_TAT.3, ALC_FLR.3, AGD_OPE.1, AGD_PRE.1, ALC_CMS.4, ATE_FUN.1, APE_REQ.2, ADV_ARC.1, ASE_OBJ.2, APE_CCL.1, ADV_IMP.2, ATE_DPT.1, ASE_REQ.2, ALC_DVS.1, ADV_INT.3, APE_INT.1, APE_SPD.1, ATE_IND.2, ADV_FSP.3, APE_OBJ.2, ASE_CCL.1, ADV_SPM.1 |
ALC_FLR.3 |
| heuristics/extracted_versions |
1.4 |
1.0.1 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
|
- category: Operating systems
- cert_id: BSI-DSZ-CC-1177-2025
- certification_date: 18.02.2025
- enhanced:
- applicant: Kernkonzept GmbH Buchenstraße 16 b 01097 Dresden Deutschland
- assurance_level: EAL4+,ALC_FLR.3
- cert_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1177c_pdf.pdf?__blob=publicationFile&v=3
- certification_date: 18.02.2025
- description: The TOE is the L4Re Secure Separation Kernel CC 1.0.1 (L4Re SSK). L4Re SSK is a distribution of the open-source L4Re Operating System Framework. As such it is based on the L4Re Microkernel. The L4Re Microkernel is a 3rd-generation microkernel with a state-of-the-art capability-based mandatory access control security model. It allows the separation of applications into different security domains, information flow control, and, subject to access control, dynamic assignment of resources and communication channels. Further the L4Re Microkernel supports static workloads alongside dynamic workloads, which allows to start, restart and shutdown applications during runtime. L4Re SSK is configured to act as a separation kernel, to provide the security features claimed by the ST. The TOE supports native applications as well as virtual machines (VMs). Access to every resource including but not limited to memory, hardware devices and CPU cores is protected by capabilities. Applications and VMs can only access a resource if they possess a capability with suitable permissions for that resource.
- evaluation_facility: atsec information security GmbH
- expiration_date: 17.02.2030
- product: L4Re Secure Separation Kernel CC, Version 1.0.1
- report_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1177a_pdf.pdf?__blob=publicationFile&v=3
- target_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1177b_pdf.pdf?__blob=publicationFile&v=2
- product: L4Re Secure Separation Kernel CC, Version 1.0.1
- url: https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Betriebssysteme/1177.html
- vendor: Kernkonzept GmbH
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
eb8ecfa4c35990cb |
{} |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0040b.pdf |
{} |
| pdf_data/cert_filename |
None |
None |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
|
| pdf_data/report_filename |
0589a_pdf.pdf |
|
| pdf_data/report_frontpage |
- DE:
- cc_security_level: Common Criteria Part 3 conformant EAL 3 augmented by ALC_CMS.4, ALC_FLR.3 SOGIS Recognition Agreement
- cc_version: PP conformant Common Criteria Part 2 conformant
- cert_id: BSI-DSZ-CC-0589-2015
- cert_item: TightGate-Pro (CC) Version 1.4
- cert_lab: BSI
- developer: m-privacy GmbH
- match_rules: ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)']
- ref_protection_profiles: Remote-Controlled Browsers Systems (ReCoBS), Version 1.0, 26 February 2008, BSI-CC-PP-0040-2008
|
|
| pdf_data/report_keywords/cc_cert_id |
|
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
- EAL:
- EAL 1: 7
- EAL 2: 4
- EAL 3: 8
- EAL 3 augmented: 3
- EAL 4: 6
- EAL 5: 6
- EAL 6: 3
- EAL 7: 4
- ITSEC:
|
|
| pdf_data/report_keywords/cc_sar |
- ADV:
- ADV_ARC: 1
- ADV_ARC.1: 1
- ADV_FSP: 1
- ADV_FSP.1: 1
- ADV_FSP.2: 1
- ADV_FSP.3: 1
- ADV_FSP.4: 1
- ADV_FSP.5: 1
- ADV_FSP.6: 1
- ADV_IMP: 1
- ADV_IMP.1: 1
- ADV_IMP.2: 1
- ADV_INT: 1
- ADV_INT.1: 1
- ADV_INT.2: 1
- ADV_INT.3: 1
- ADV_SPM: 1
- ADV_SPM.1: 1
- ADV_TDS: 1
- ADV_TDS.1: 1
- ADV_TDS.2: 1
- ADV_TDS.3: 1
- ADV_TDS.4: 1
- ADV_TDS.5: 1
- ADV_TDS.6: 1
- AGD:
- AGD_OPE: 1
- AGD_OPE.1: 1
- AGD_PRE: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC: 1
- ALC_CMC.1: 1
- ALC_CMC.2: 1
- ALC_CMC.3: 1
- ALC_CMC.4: 1
- ALC_CMC.5: 1
- ALC_CMS: 1
- ALC_CMS.1: 1
- ALC_CMS.2: 1
- ALC_CMS.3: 1
- ALC_CMS.4: 5
- ALC_CMS.5: 1
- ALC_DEL: 1
- ALC_DEL.1: 1
- ALC_DVS: 1
- ALC_DVS.1: 1
- ALC_DVS.2: 1
- ALC_FLR: 3
- ALC_FLR.1: 1
- ALC_FLR.2: 1
- ALC_FLR.3: 5
- ALC_LCD.1: 1
- ALC_LCD.2: 1
- ALC_TAT: 1
- ALC_TAT.1: 1
- ALC_TAT.2: 1
- ALC_TAT.3: 1
- APE:
- APE_CCL.1: 1
- APE_ECD.1: 1
- APE_INT.1: 1
- APE_OBJ.1: 1
- APE_OBJ.2: 1
- APE_REQ.1: 1
- APE_REQ.2: 1
- APE_SPD.1: 1
- ASE:
- ASE_CCL: 1
- ASE_CCL.1: 1
- ASE_ECD: 1
- ASE_ECD.1: 1
- ASE_INT: 1
- ASE_INT.1: 1
- ASE_OBJ: 1
- ASE_OBJ.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.1: 1
- ASE_REQ.2: 1
- ASE_SPD: 1
- ASE_SPD.1: 1
- ASE_TSS: 1
- ASE_TSS.1: 1
- ASE_TSS.2: 1
- ATE:
- ATE_COV: 1
- ATE_COV.1: 1
- ATE_COV.2: 1
- ATE_COV.3: 1
- ATE_DPT: 1
- ATE_DPT.1: 1
- ATE_DPT.2: 1
- ATE_DPT.3: 1
- ATE_DPT.4: 1
- ATE_FUN: 1
- ATE_FUN.1: 1
- ATE_FUN.2: 1
- ATE_IND: 1
- ATE_IND.1: 1
- ATE_IND.2: 1
- ATE_IND.3: 1
- AVA:
- AVA_VAN: 2
- AVA_VAN.1: 1
- AVA_VAN.2: 1
- AVA_VAN.3: 1
- AVA_VAN.4: 1
- AVA_VAN.5: 1
|
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
|
|
| pdf_data/report_keywords/vendor |
|
|
| pdf_data/report_keywords/eval_facility |
|
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
- BSI:
- ISO:
- ISO/IEC 15408: 4
- ISO/IEC 17065: 2
- ISO/IEC 18045: 4
|
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
- ConfidentialDocument:
- Version 1.0, Date 11.11.2015, Evaluation Technical Report – Summary, datenschutz cert GmbH, (confidential document) [8] Remote-Controlled Browsers Systems (ReCoBS), Version 1.0, 26 February 2008: 1
- being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification: 1
- gz” (confidential document). [11] Installation Handbook „TightGate-Pro, Dediziertes Remote-Controlled Browser System zum: 1
- list for the TOE, m-privacy GmbH, Date 24/07/2015, file: “parts_of_the_TOE_20150724.gz” (confidential document). [10] List of sourcefiles of the TOE, m-privacy GmbH, Date 20/07/2015, file: 1
|
|
| pdf_data/report_metadata |
- /Author: Bundesamt für Sicherheit ind er Informationstechnik
- /CreationDate: D:20151215082400+01'00'
- /Creator: Writer
- /Keywords: "Common Criteria, Certification, Zertifizierung, m-privacy TightGate-Pro(CC) Version 1.4, m-privacy GmbH, Remote-Controlled Browser-System (ReCoBS)"
- /ModDate: D:20151215083145+01'00'
- /Producer: LibreOffice 4.2
- /Title: Certification Report BSI-DSZ-CC-0589-2015
- pdf_file_size_bytes: 1067121
- pdf_hyperlinks: https://www.bsi.bund.de/AIS, http://www.sogisportal.eu/, http://www.commoncriteriaportal.org/, https://p.m-privacy.de/Dokumentation-TightGate-Pro-CC.zip.sig, https://www.bsi.bund.de/zertifizierung, https://www.bsi.bund.de/zertifizierungsreporte, https://www.bsi.bund.de/
- pdf_is_encrypted: False
- pdf_number_of_pages: 34
|
|
| pdf_data/st_filename |
0589b_pdf.pdf |
|
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
- EAL:
- EAL3: 7
- EAL3 augmented: 3
- EAL3+: 1
|
|
| pdf_data/st_keywords/cc_sar |
- ADV:
- ADV_ARC.1: 1
- ADV_FSP.3: 1
- ADV_TDS.2: 1
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.3: 1
- ALC_CMS.4: 7
- ALC_DEL.1: 1
- ALC_DVS.1: 1
- ALC_FLR.3: 8
- ALC_LCD.1: 1
- ASE:
- ASE_CCL.1: 1
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.2: 1
- ASE_SPD.1: 1
- ASE_TSS.1: 1
- ATE:
- ATE_COV.2: 1
- ATE_DPT.1: 1
- ATE_FUN.1: 1
- ATE_IND.2: 1
- AVA:
|
|
| pdf_data/st_keywords/cc_sfr |
- FDP:
- FDP_ACC.1: 2
- FDP_ACC.2: 3
- FDP_ACF.1: 3
- FDP_IFC.1: 12
- FDP_IFC.1.1: 1
- FDP_IFF.1: 8
- FDP_IFF.1.1: 1
- FDP_IFF.1.2: 1
- FDP_IFF.1.3: 1
- FDP_IFF.1.4: 3
- FDP_IFF.1.5: 1
- FIA:
- FIA_SOS.1: 2
- FIA_UAU.2: 2
- FIA_UID.1: 3
- FIA_UID.2: 3
- FMT:
- FMT_MSA.1: 10
- FMT_MSA.1.1: 1
- FMT_MSA.3: 13
- FMT_MSA.3.1: 1
- FMT_MSA.3.2: 1
- FMT_SMF.1: 11
- FMT_SMF.1.1: 1
- FMT_SMR.1: 13
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FMT_SMR.2: 3
- FPT:
|
|
| pdf_data/st_keywords/cc_claims |
|
|
| pdf_data/st_keywords/vendor |
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
|
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
|
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
|
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
|
|
| pdf_data/st_metadata |
- /CreationDate: D:20151123102500+01'00'
- /Creator: Writer
- /Producer: LibreOffice 4.2
- /Subject: Remote-Controlled Browser Systems Protection Profile (ReCoBS-PP)
- /Title: Security Target
- pdf_file_size_bytes: 918178
- pdf_hyperlinks: http://www.m-privacy.de/
- pdf_is_encrypted: False
- pdf_number_of_pages: 35
|
|
| state/cert/convert_garbage |
False |
False |
| state/cert/convert_ok |
False |
False |
| state/cert/download_ok |
False |
False |
| state/cert/extract_ok |
False |
False |
| state/cert/pdf_hash |
Equal |
Equal |
| state/cert/txt_hash |
Equal |
Equal |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
False |
| state/report/download_ok |
True |
False |
| state/report/extract_ok |
True |
False |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
False |
| state/st/download_ok |
True |
False |
| state/st/extract_ok |
True |
False |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |