| name |
Citrix XenDesktop 7.6 Platinum Edition |
uCosminexus Application Server 07-00 |
| category |
Access Control Devices and Systems |
Access Control Devices and Systems |
| scheme |
UK |
JP |
| status |
archived |
archived |
| not_valid_after |
19.03.2020 |
07.10.2013 |
| not_valid_before |
19.03.2015 |
22.03.2007 |
| cert_link |
None |
None |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/CRP281%20v1.0%20Final%20(NWA).pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0086_ecvr.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/XenDesktop7-STv1-0.pdf |
|
| manufacturer |
Citrix Systems, Inc. |
Hitachi, Ltd. |
| manufacturer_web |
https://www.citrix.com |
https://www.hitachi.com/ |
| security_level |
EAL2+, ALC_FLR.2 |
EAL2+, ALC_FLR.1 |
| dgst |
88824cfee521186a |
3a2713aa094e7f64 |
| heuristics/cert_id |
CRP281 |
JISEC-CC-CRP-C0086 |
| heuristics/cert_lab |
[] |
[] |
| heuristics/cpe_matches |
cpe:2.3:a:citrix:xendesktop:7.6:*:*:*:*:*:*:* |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
CVE-2016-4810, CVE-2016-6493, CVE-2014-4700 |
{} |
| heuristics/direct_transitive_cves |
CVE-2016-4810, CVE-2016-6493 |
{} |
| heuristics/indirect_transitive_cves |
CVE-2016-4810, CVE-2016-6493, CVE-2014-4700 |
{} |
| heuristics/extracted_sars |
ADV_ARC.1, ATE_IND.2, AGD_PRE.1, ATE_FUN.1, AGD_OPE.1, ADV_TDS.1, ASE_REQ.2, ASE_ECD.1, AVA_VAN.2, ASE_OBJ.2, ASE_SPD.1, ATE_COV.1, ASE_INT.1, ADV_FSP.2, ASE_TSS.1, ALC_DEL.1, ALC_CMC.2, ALC_CMS.2, ASE_CCL.1, ALC_FLR.2 |
ALC_FLR.1 |
| heuristics/extracted_versions |
7.6 |
00, 07 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
CRP282 |
{} |
| heuristics/report_references/directly_referencing |
CRP282, CRP271 |
{} |
| heuristics/report_references/indirectly_referenced_by |
CRP281, CRP282 |
{} |
| heuristics/report_references/indirectly_referencing |
CRP281, CRP257, CRP282, CRP271, CRP256, CRP241 |
{} |
| heuristics/scheme_data |
|
- cert_id: JISEC-CC-CRP-C0234
- certification_date: 01.08.2009
- claim: EAL2+ ALC_FLR.1
- enhanced:
- assurance_level: EAL2 Augmented with ALC_FLR.1
- cc_version: 3.1
- description: PRODUCT DESCRIPTION Description of TOE TOE is a Web application server software product that is a J2EE(TM) (Java(TM) 2 Platform, Enterprise Edition)-compliant. TOE provides runtime and management environments. The product, that includes TOE, is mainly consist of Web container and EJB(TM) container that is Java 2 Platform, Enterprise Edition 1.4 compatible platform. And it also includes various software to execute and manage J2EE-compliant Java applications. It improves availability and reliability of the business application system, and provides several functions in order to manage business application system efficiently. TOE security functionality Security functions provided by TOE are as follows: - User identification and authentication This function uses user ID and password for user identification and authentication. - Access control This function provides access control for both Web and EJB container objects by using authenticated user information. - Security management This function manages information of user identification and authentication, access control information, and access control permitted to an application.
- evaluation_facility: Mizuho Information & Research Institute, Inc. Center for Evaluation of Information Security
- product: uCosminexus Application Server
- product_type: Application Server
- toe_version: 08-00
- vendor: Hitachi, Ltd.
- expiration_date: 01.08.2014
- supplier: Hitachi, Ltd.
- toe_japan_link: https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0234_it9250.html
- toe_japan_name: uCosminexus Application Server 08-00
- toe_overseas_link: None
- toe_overseas_name: -----
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
{} |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
{} |
{} |
| pdf_data/cert_filename |
None |
None |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
|
| pdf_data/report_filename |
CRP281 v1.0 Final (NWA).pdf |
c0086_ecvr.pdf |
| pdf_data/report_frontpage |
|
|
| pdf_data/report_keywords/cc_cert_id |
- UK:
- CRP271: 3
- CRP281: 2
- CRP282: 2
|
- JP:
- Certification No. C0086: 1
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
- EAL:
- EAL1: 1
- EAL2: 5
- EAL2 augmented: 1
- EAL7: 1
|
|
| pdf_data/report_keywords/cc_sar |
|
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
|
|
| pdf_data/report_keywords/vendor |
|
|
| pdf_data/report_keywords/eval_facility |
|
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
- CC:
- CCMB-2012-09-001: 1
- CCMB-2012-09-002: 1
- CCMB-2012-09-003: 1
- CCMB-2012-09-004: 1
- ISO:
|
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
|
|
| pdf_data/report_metadata |
|
- /CreationDate: D:20070323205213+09'00'
- /ModDate: D:20070323205213+09'00'
- /Producer: Acrobat Distiller 6.0 (Windows)
- /Title: untitled
- pdf_file_size_bytes: 13111
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
| pdf_data/st_filename |
XenDesktop7-STv1-0.pdf |
|
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
- EAL:
- EAL2: 5
- EAL2 augmented: 2
|
|
| pdf_data/st_keywords/cc_sar |
- ADV:
- ADV_ARC.1: 1
- ADV_FSP.2: 1
- ADV_TDS.1: 1
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.2: 1
- ALC_CMS.2: 1
- ALC_DEL.1: 1
- ALC_FLR.2: 5
- ASE:
- ASE_CCL.1: 1
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.2: 1
- ASE_SPD.1: 1
- ASE_TSS.1: 1
- ATE:
- ATE_COV.1: 1
- ATE_FUN.1: 1
- ATE_IND.2: 1
- AVA:
|
|
| pdf_data/st_keywords/cc_sfr |
- FCO:
- FCO_SCO: 41
- FCO_SCO.1: 21
- FCO_SCO.1.1: 1
- FCO_SCO.1.2: 1
- FCO_SCO.1.3: 2
- FCO_SCO.1.4: 1
- FCS:
- FCS_ECA: 21
- FCS_ECA.1: 10
- FCS_ECA.1.1: 1
- FDP:
- FDP_ACC: 36
- FDP_ACC.1: 8
- FDP_ACF: 34
- FDP_ACF.1: 15
- FDP_IFC.1: 2
- FIA:
- FIA_ATD: 10
- FIA_ATD.1: 1
- FIA_UAU: 8
- FIA_UAU.2: 1
- FIA_UID: 10
- FIA_UID.1: 2
- FIA_UID.2: 1
- FMT:
- FMT_MOF: 10
- FMT_MOF.1: 1
- FMT_MSA: 61
- FMT_MSA.1: 5
- FMT_MSA.3: 9
- FMT_SMF: 20
- FMT_SMF.1: 5
- FMT_SMR: 22
- FMT_SMR.1: 8
|
|
| pdf_data/st_keywords/cc_claims |
|
|
| pdf_data/st_keywords/vendor |
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
- AES_competition:
- constructions:
|
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
|
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
- TLS:
- TLS_RSA_WITH_AES_128_CBC_SHA: 5
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
- CC:
- CCMB-2012-09-001: 1
- CCMB-2012-09-002: 1
- CCMB-2012-09-003: 1
- CCMB-2012-09-004: 1
- FIPS:
- FIPS 140: 2
- FIPS 140-2: 10
- FIPS PUB 140-2: 1
- FIPS140-2: 10
- RFC:
|
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
- OutOfScope:
- 19 1.4.3 Summary of items out of scope of the TOE : 2
- XenApp integrate, as detailed in section 1.2.3. Also out of scope of the TOE are the following Citrix components which are included in XenDesktop Platinum Edition: 1
- out of scope: 4
- shown shaded are components of the TOE. Figure 4: Logical boundaries 1.4.3 Summary of items out of scope of the TOE The items out of scope of the TOE include the Microsoft components with which XenDesktop: 1
|
|
| pdf_data/st_metadata |
|
|
| state/cert/convert_garbage |
False |
False |
| state/cert/convert_ok |
False |
False |
| state/cert/download_ok |
False |
False |
| state/cert/extract_ok |
False |
False |
| state/cert/pdf_hash |
Equal |
Equal |
| state/cert/txt_hash |
Equal |
Equal |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
False |
| state/st/download_ok |
True |
False |
| state/st/extract_ok |
True |
False |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |