Comparing certificates Experimental feature

You are comparing two certificates. By default, only different attributes are shown. Use the button below to show/hide all attributes.

SQL Server 2016 Database Engine Enterprise Edition x64 (English) 13.0.4001.0 (including Service Pack 1)
JISEC-CC-CRP-C0537 		Microsoft SQL Server 2014 Database Engine Enterprise Edition x64 (English)12.0.2000.8
JISEC-CC-CRP-C0475
name SQL Server 2016 Database Engine Enterprise Edition x64 (English) 13.0.4001.0 (including Service Pack 1) Microsoft SQL Server 2014 Database Engine Enterprise Edition x64 (English)12.0.2000.8
not_valid_before 2017-02-15 2015-06-16
not_valid_after 2022-02-15 2020-07-01
st_link https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0537_est.pdf https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0475_est.pdf
report_link https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0537_erpt.pdf https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0475_erpt.pdf
cert_link https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0537_eimg.pdf None
protection_profiles frozendict({'_type': 'sec_certs.sample.protection_profile.ProtectionProfile', 'pp_name': 'Base Protection Profile for Database Management Systems', 'pp_eal': 'EAL2+', 'pp_link': 'https://www.commoncriteriaportal.org/files/ppfiles/pp0088b_pdf.pdf', 'pp_ids': frozenset({'DBMS_PP'})}) frozendict({'_type': 'sec_certs.sample.protection_profile.ProtectionProfile', 'pp_name': 'U.S. Government Protection Profile Database Management Systems, Version 1.3', 'pp_eal': 'EAL2+', 'pp_link': 'https://www.commoncriteriaportal.org/files/ppfiles/pp_dbms_v1.3.pdf', 'pp_ids': frozenset({'PP_DBMS_V1.3'})})
state/cert/convert_ok True False
state/cert/download_ok True False
state/cert/extract_ok True False
state/cert/pdf_hash e06b4bf851a233995c42ea3442c808670fa41d0a9623dcc6edcb29d625e31239 None
state/cert/txt_hash d6f03332aaf99dee97c2c1bee96bfbe235b26ac32e9ddd3df2b047a8bda650ba None
state/report/pdf_hash c01e18dbdad0c499dc46b42ce4d19384899797a509f8647ca809715d05dc16ec bf3d64289ba9b8366626761600d05b7766183ff7dc92f9c5f0581d1faf2e2160
state/report/txt_hash ea6efabb475d8107b300bf1572a0e13a8d393ace9dc5452dc1f81ba225faa42f 2aab8d690195e7968a1820761e268fc26514a6b22f0efeb07bcd3775340011bf
state/st/pdf_hash f0c8433c7f20b1ce5fd24304cff9661223f1afad4e63512f2605f1e794bb47cb 27bb951e648abb5a44ec818ad00ce0fac5ef7f68ee6c58c0d73a45fab982a33c
state/st/txt_hash 366a3938d32ee8c03f1719b4490a4ee05c88db9451aabecfbb21752a48f9ce6d c9ec0cb700e0da833f51063d6cd67466d8cfa06e4486cf4bc0f944dd0840ce5e
heuristics/cert_id JISEC-CC-CRP-C0537 JISEC-CC-CRP-C0475
heuristics/cpe_matches cpe:2.3:a:microsoft:sql_server_2016:13.0.4001.0:*:*:*:*:*:*:* None
heuristics/extracted_versions 13.0.4001.0 12.0.2000.8
heuristics/related_cves CVE-2024-37331, CVE-2024-37323, CVE-2024-35271, CVE-2024-35256, CVE-2024-37332, CVE-2024-37326, CVE-2024-37321, CVE-2024-37322, CVE-2024-37333, CVE-2024-38088, CVE-2024-35272, CVE-2024-37320, CVE-2024-37330, CVE-2024-21449, CVE-2024-37329, CVE-2024-37319, CVE-2024-38087, CVE-2024-37336, CVE-2024-37327, CVE-2024-37324, CVE-2024-37328, CVE-2024-37318 None
heuristics/scheme_data/cert_id C0537 C0475
heuristics/scheme_data/certification_date 2017-02 2015-06
heuristics/scheme_data/claim EAL2+ALC_FLR.2 PP EAL2+ ALC_FLR.2 PP
heuristics/scheme_data/enhanced/cert_link https://www.ipa.go.jp/en/security/c0537_eimg.pdf https://www.ipa.go.jp/en/security/c0475_eimg.pdf
heuristics/scheme_data/enhanced/certification_date 2017-02-15 2015-06-16
heuristics/scheme_data/enhanced/description PRODUCT DESCRIPTION Description of TOE The TOE is the database engine of SQL Server 2016. SQL Server is a Database Management System (DBMS). The TOE has been developed as the core module of the DBMS to store and manage data in a secure way. TOE security functionality This TOE provides the following security functionality: - The Access Control function of the TOE controls the access of users to user data and metadata stored in the TOE. - The Session Handling function of the TOE limits the possibilities of users to establish sessions with the TOE. - The Security Audit function of the TOE produces log files about all security relevant events. - The Security Management function allows authorized administrators to manage the behavior of the security functionality of the TOE. - The Identification and Authentication function of the TOE is able to identify and authenticate users. - The Residual Information Protection function of the TOE overwrites the residual information on the memory that will be used for user sessions. PRODUCT DESCRIPTION Description of TOE The TOE is the database engine of SQL Server 2014. SQL Server is a Database Management System (DBMS). The TOE has been developed as the core module of the DBMS to store and manage data in a secure way. TOE security functionality This TOE provides the following security functionality: - The Access Control function of the TOE controls the access of users to user data and metadata stored in the TOE. - The Session Handling function of the TOE limits the possibilities of users to establish sessions with the TOE. - The Security Audit function of the TOE produces log files about all security relevant events. - The Security Management function allows authorized administrators to manage the behavior of the security functionality of the TOE. - The Identification and Authentication function of the TOE is able to identify and authenticate users. - The Residual Information Protection function of the TOE overwrites the residual information on the memory that will be used for user sessions.
heuristics/scheme_data/enhanced/evaluation_facility TÜV Informationstechnik GmbH, Evaluation Body for IT-Security TÜV Informationstechnik GmbH, Evaluation Body for IT-Security
heuristics/scheme_data/enhanced/product SQL Server 2016 Database Engine Enterprise Edition x64 (English) Microsoft SQL Server 2014 Database Engine Enterprise Edition x64 (English)
heuristics/scheme_data/enhanced/protection_profile Base Protection Profile for Database Management Systems (DBMS PP), Version 2.07 U.S. Government Protection Profile for Database Management Systems, Version 1.3
heuristics/scheme_data/enhanced/report_link https://www.ipa.go.jp/en/security/c0537_erpt.pdf https://www.ipa.go.jp/en/security/c0475_erpt.pdf
heuristics/scheme_data/enhanced/target_link https://www.ipa.go.jp/en/security/c0537_est.pdf https://www.ipa.go.jp/en/security/c0475_est.pdf
heuristics/scheme_data/enhanced/toe_version 13.0.4001.0 (including Service Pack 1) 12.0.2000.8
heuristics/scheme_data/expiration_date 2022-03 2020-07
heuristics/scheme_data/toe_overseas_link https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0537_it5563.html https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0475_it3480.html
heuristics/scheme_data/toe_overseas_name SQL Server 2016 Database Engine Enterprise Edition x64 (English)13.0.4001.0 (including Service Pack 1) Microsoft SQL Server 2014 Database Engine Enterprise Edition x64 (English)12.0.2000.8
pdf_data/cert_filename c0537_eimg.pdf None
pdf_data/cert_keywords
  • cc_cert_id:
  • cc_protection_profile_id:
  • cc_security_level:
    • EAL:
      • EAL2: 1
  • cc_sar:
    • ALC:
      • ALC_FLR.2: 1
  • cc_sfr:
  • cc_claims:
  • vendor:
    • Microsoft:
      • Microsoft Corporation: 1
  • eval_facility:
    • TUV:
      • TÜV Informationstechnik: 1
  • symmetric_crypto:
  • asymmetric_crypto:
  • pq_crypto:
  • hash_function:
  • crypto_scheme:
  • crypto_protocol:
  • randomness:
  • cipher_mode:
  • ecc_curve:
  • crypto_engine:
  • tls_cipher_suite:
  • crypto_library:
  • vulnerability:
  • side_channel_analysis:
  • technical_report_id:
  • device_model:
  • tee_name:
  • os_name:
  • cplc_data:
  • ic_data_group:
  • standard_id:
  • javacard_version:
  • javacard_api_const:
  • javacard_packages:
  • certification_process:
None
pdf_data/cert_metadata
  • pdf_file_size_bytes: 415538
  • pdf_is_encrypted: True
  • pdf_number_of_pages: 1
  • /CreationDate: D:20170316155916+09'00'
  • /Creator: Microsoft® Word 2010
  • /ModDate: D:20170316160045+09'00'
  • /Producer: Microsoft® Word 2010
  • pdf_hyperlinks:
None
pdf_data/report_filename c0537_erpt.pdf c0475_erpt.pdf
pdf_data/report_keywords/cc_cert_id/JP
  • CRP-C0537-01: 1
  • Certification No. C0537: 1
  • CRP-C0475-01: 1
  • Certification No. C0475: 1
pdf_data/report_keywords/cc_claims/A
  • A.PHYSICAL: 1
  • A.AUTHUSER: 1
  • A.MANAGE: 1
  • A.TRAINEDUSER: 1
  • A.NO_GENERAL_: 1
  • A.SUPPORT: 1
  • A.CONNECT: 1
  • A.NO_EVIL: 1
  • A.NO_GENERAL_: 1
  • A.PHYSICAL: 1
pdf_data/report_keywords/cc_claims/T
  • T.ACCESS_TSFDATA: 1
  • T.ACCESS_TSFFUNC: 1
  • T.IA_MASQUERADE: 1
  • T.IA_USER: 1
  • T.RESIDUAL_DATA: 1
  • T.TSF_COMPROMISE: 1
  • T.UNAUTHORIZED_: 1
  • T.ACCIDENTIAL_ADMIN_ERROR: 1
  • T.POOR_DESIGN: 1
  • T.POOR_IMPLEMENTATION: 1
  • T.POOR_TEST: 1
  • T.MASQUERADE: 1
  • T.RESIDUAL_DATA: 1
  • T.TSF_COMPROMISE: 1
  • T.UNAUTHORIZED_: 1
  • T.UNIDENTIFIED_: 1
pdf_data/report_keywords/vendor/Microsoft/Microsoft 5 20
pdf_data/report_metadata//CreationDate D:20170316160424+09'00' D:20150724094408+09'00'
pdf_data/report_metadata//ModDate D:20170316160534+09'00' D:20150724094442+09'00'
pdf_data/report_metadata/pdf_file_size_bytes 240723 233021
pdf_data/report_metadata/pdf_number_of_pages 33 31
pdf_data/st_filename c0537_est.pdf c0475_est.pdf
pdf_data/st_keywords/cc_claims/A
  • A.PHYSICAL: 3
  • A.AUTHUSER: 3
  • A.MANAGE: 3
  • A.TRAINEDUSER: 3
  • A.NO_GENERAL_PURPOSE: 3
  • A.SUPPORT: 4
  • A.CONNECT: 4
  • A.NO_EVIL: 3
  • A.NO_GENERAL_PURPOSE: 3
  • A.PHYSICAL: 3
pdf_data/st_keywords/cc_claims/O
  • O.ACCESS_HISTORY: 9
  • O.ADMIN_ROLE: 8
  • O.AUDIT_GENERATION: 6
  • O.DISCRETIONARY_ACCESS: 5
  • O.MANAGE: 11
  • O.MEDIATE: 8
  • O.RESIDUAL_INFORMATION: 8
  • O.TOE_ACCESS: 18
  • O.AUDIT_GENERATI: 1
  • O.DISCRETIONARY_: 1
  • O.RESIDUAL_INFOR: 1
  • O.ADMIN_GUIDANCE: 1
  • O.CONFIGURATION_IDENTIFICATION: 1
  • O.DOCUMENTED_DESIGN: 1
  • O.INTERNAL_TOE_DOMAINS: 1
  • O.PARTIAL_FUNCTIONAL_TEST: 1
  • O.PARTIAL_SELF_PROTECTION: 1
  • O.VULNERABILITY_ANALYSIS: 1
  • O.ACCESS_HISTORY: 5
  • O.ADMIN_ROLE: 4
  • O.AUDIT_GENERATION: 4
  • O.MANAGE: 6
  • O.MEDIATE: 5
  • O.RESIDUAL_INFORMATION: 3
  • O.TOE_ACCESS: 7
  • O.RESIDUAL_INFORMAT: 2
  • O.AUDIT_: 1
  • O.RESIDUAL_INFORM: 1
pdf_data/st_keywords/cc_claims/O/O.ACCESS_HISTORY 9 5
pdf_data/st_keywords/cc_claims/O/O.ADMIN_ROLE 8 4
pdf_data/st_keywords/cc_claims/O/O.AUDIT_GENERATION 6 4
pdf_data/st_keywords/cc_claims/O/O.MANAGE 11 6
pdf_data/st_keywords/cc_claims/O/O.MEDIATE 8 5
pdf_data/st_keywords/cc_claims/O/O.RESIDUAL_INFORMATION 8 3
pdf_data/st_keywords/cc_claims/O/O.TOE_ACCESS 18 7
pdf_data/st_keywords/cc_claims/OE
  • OE.ADMIN: 12
  • OE.INFO_PROTECT: 19
  • OE.NO_GENERAL_: 2
  • OE.PHYSICAL: 8
  • OE.IT_REMOTE: 10
  • OE.IT_TRUSTED_SYSTEM: 9
  • OE.NO_GENERAL_PURPOSE: 6
  • OE.NO_EVIL: 4
  • OE.NO_GENERAL_: 2
  • OE.PHYSICAL: 4
  • OE.NO_GENERAL_PURPOSE: 1
pdf_data/st_keywords/cc_claims/OE/OE.NO_GENERAL_PURPOSE 6 1
pdf_data/st_keywords/cc_claims/OE/OE.PHYSICAL 8 4
pdf_data/st_keywords/cc_claims/T
  • T.ACCESS_TSFDATA: 3
  • T.ACCESS_TSFFUNC: 3
  • T.IA_MASQUERADE: 4
  • T.IA_USER: 3
  • T.RESIDUAL_DATA: 3
  • T.TSF_COMPROMISE: 4
  • T.UNAUTHORIZED_ACCESS: 4
  • T.ACCIDENTIAL_ADMIN_ERROR: 1
  • T.POOR_DESIGN: 1
  • T.POOR_IMPLEMENTATION: 1
  • T.POOR_TEST: 1
  • T.MASQUERADE: 3
  • T.RESIDUAL_DATA: 3
  • T.TSF_COMPROMISE: 3
  • T.UNAUTHORIZED_ACCESS: 3
  • T.UNIDENTIFIED_ACTIONS: 3
pdf_data/st_keywords/cc_claims/T/T.TSF_COMPROMISE 4 3
pdf_data/st_keywords/cc_claims/T/T.UNAUTHORIZED_ACCESS 4 3
pdf_data/st_keywords/cc_sar
  • AGD:
    • AGD_ADD: 3
  • ALC:
    • ALC_FLR.2: 4
  • ADV:
    • ADV_FSP.2: 1
    • ADV_ARC.1: 2
  • AGD:
    • AGD_ADD: 3
    • AGD_PRE.1: 1
  • ALC:
    • ALC_FLR.2: 4
    • ALC_FLR: 1
    • ALC_DEL.1: 1
    • ALC_CMS.2: 1
  • ATE:
    • ATE_COV.1: 1
    • ATE_IND.2: 1
  • AVA:
    • AVA_VAN.2: 1
pdf_data/st_keywords/cc_sar/AGD
  • AGD_ADD: 3
  • AGD_ADD: 3
  • AGD_PRE.1: 1
pdf_data/st_keywords/cc_sar/ALC
  • ALC_FLR.2: 4
  • ALC_FLR.2: 4
  • ALC_FLR: 1
  • ALC_DEL.1: 1
  • ALC_CMS.2: 1
pdf_data/st_keywords/cc_security_level/EAL/EAL2 1 2
pdf_data/st_keywords/cc_security_level/EAL/EAL2 augmented 1 2
pdf_data/st_keywords/cc_security_level/EAL/EAL2+ 66 51
pdf_data/st_keywords/cc_sfr/FAU
  • FAU_GEN.1: 9
  • FAU_GEN.2: 6
  • FAU_SEL.1: 7
  • FAU_GEN.1.1: 1
  • FAU_GEN.1.2: 1
  • FAU_GEN.2.1: 1
  • FAU_SEL.1.1: 1
  • FAU_STG_EXP.5: 15
  • FAU_STG: 3
  • FAU_GEN: 10
  • FAU_GEN.1: 3
  • FAU_SEL: 8
  • FAU_SEL.1: 2
  • FAU_GEN.2: 8
  • FAU_STG_EXP: 2
  • FAU_STG.3: 1
  • FAU_STG.1: 2
  • FAU_STG_EXP.5.1: 2
  • FAU_GEN.2.1: 1
  • FAU_STG.4: 1
pdf_data/st_keywords/cc_sfr/FAU/FAU_GEN.1 9 3
pdf_data/st_keywords/cc_sfr/FAU/FAU_GEN.2 6 8
pdf_data/st_keywords/cc_sfr/FAU/FAU_SEL.1 7 2
pdf_data/st_keywords/cc_sfr/FDP
  • FDP_ACC.1: 15
  • FDP_ACF.1: 8
  • FDP_RIP.1: 6
  • FDP_ACC.1.1: 1
  • FDP_ACF.1.1: 2
  • FDP_ACF.1.2: 1
  • FDP_ACF.1.3: 1
  • FDP_ACF.1.4: 1
  • FDP_RIP.1.1: 1
  • FDP_IFC.1: 1
  • FDP_ACF: 8
  • FDP_ACF.1: 6
  • FDP_ACC.1: 10
  • FDP_RIP.1: 6
  • FDP_ACC.1.1: 1
  • FDP_RIP.1.1: 1
  • FDP_IFC.1: 1
pdf_data/st_keywords/cc_sfr/FDP/FDP_ACC.1 15 10
pdf_data/st_keywords/cc_sfr/FDP/FDP_ACF.1 8 6
pdf_data/st_keywords/cc_sfr/FIA
  • FIA_USB.1: 5
  • FIA_ATD.1: 15
  • FIA_UAU.1: 7
  • FIA_UID.1: 14
  • FIA_ATD.1.1: 3
  • FIA_UAU.1.1: 1
  • FIA_UAU.1.2: 1
  • FIA_UID.1.1: 1
  • FIA_UID.1.2: 1
  • FIA_UAU.2: 8
  • FIA_UAU.5: 8
  • FIA_UID.2: 12
  • FIA_ATD.1: 10
  • FIA_ATD.1.1: 2
  • FIA_UAU.2.1: 1
  • FIA_UAU.5.1: 1
  • FIA_UAU.5.2: 1
  • FIA_UID.2.1: 1
  • FIA_UID.1: 11
pdf_data/st_keywords/cc_sfr/FIA/FIA_ATD.1 15 10
pdf_data/st_keywords/cc_sfr/FIA/FIA_ATD.1.1 3 2
pdf_data/st_keywords/cc_sfr/FIA/FIA_UID.1 14 11
pdf_data/st_keywords/cc_sfr/FMT/FMT_MSA.1 7 6
pdf_data/st_keywords/cc_sfr/FMT/FMT_MTD.1 6 7
pdf_data/st_keywords/cc_sfr/FMT/FMT_REV.1 12 16
pdf_data/st_keywords/cc_sfr/FMT/FMT_SMF.1 11 7
pdf_data/st_keywords/cc_sfr/FMT/FMT_SMR.1 18 14
pdf_data/st_keywords/cc_sfr/FPT
  • FPT_TRC.1: 6
  • FPT_TRC.1.1: 1
  • FPT_TRC.1.2: 1
  • FPT_STM.1: 1
  • FPT_ITT.1: 1
  • FPT_TRC.1: 6
  • FPT_TRC.1.1: 1
  • FPT_TRC.1.2: 1
  • FPT_STM.1: 1
pdf_data/st_keywords/cc_sfr/FTA
  • FTA_MCS.1: 7
  • FTA_TSE.1: 6
  • FTA_MCS.1.1: 1
  • FTA_MCS.1.2: 1
  • FTA_TSE.1.1: 1
  • FTA_TAH: 1
  • FTA_TAH.1: 8
  • FTA_MCS.1: 6
  • FTA_TSE.1: 6
  • FTA_MCS.1.1: 1
  • FTA_MCS.1.2: 1
  • FTA_TAH.1.1: 1
  • FTA_TAH.1.2: 1
  • FTA_TAH.1.3: 1
  • FTA_TSE.1.1: 1
pdf_data/st_keywords/cc_sfr/FTA/FTA_MCS.1 7 6
pdf_data/st_keywords/vendor/Microsoft/Microsoft 10 11
pdf_data/st_keywords/vendor/Microsoft/Microsoft Corporation 3 2
pdf_data/st_metadata//CreationDate D:20161221140607+01'00' D:20150330143231+02'00'
pdf_data/st_metadata//ModDate D:20161221140607+01'00' D:20150330143231+02'00'
pdf_data/st_metadata//Title Security Target - SQL Server 2016 Security Target - SQL Server 2014
pdf_data/st_metadata/pdf_file_size_bytes 1446524 595609
pdf_data/st_metadata/pdf_number_of_pages 65 50
dgst a43cc3e7f97cf843 c225189611bed8f2