| name |
Palo Alto Networks M-100, M-200, M-500, and M-600 Hardware, and Virtual Appliances all running Panorama 8.1.10 |
Kinibi v311A on Exynos 7870 Référence t-base-EXYNOS64-Android-311A-V004-20160527_225213_11082_38854 |
| category |
Network and Network-Related Devices and Systems |
Trusted Computing |
| scheme |
US |
FR |
| status |
archived |
archived |
| not_valid_after |
12.11.2021 |
17.02.2022 |
| not_valid_before |
12.11.2019 |
17.02.2017 |
| cert_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10980-ci.pdf |
|
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10980-vr.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-CC-2017-03.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10980-st.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI_CC-2017_03%20Cible%20publique.pdf |
| manufacturer |
Palo Alto Networks, Inc. |
TRUSTONIC |
| manufacturer_web |
https://www.paloaltonetworks.com/ |
https://www.trustonic.com/ |
| security_level |
{} |
EAL2+ |
| dgst |
a8e03915b8738eb7 |
f7b39b6793294fa8 |
| heuristics/cert_id |
CCEVS-VR-VID-10980-2019 |
ANSSI-CC-2017/03 |
| heuristics/cert_lab |
US |
THALES |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ADV_FSP.1, ALC_CMC.1, AVA_VAN.1, ATE_IND.1, ALC_CMS.1, AGD_OPE.1, AGD_PRE.1 |
ASE_INT.1, AVA_VAN.2, AVA_TEE.2, ADV_FSP.2, ASE_ECD.1, ASE_TSS.1, ASE_SPD.1, ALC_DEL.1, AGD_OPE.1, AGD_PRE.1, ALC_CMS.2, ADV_TDS.1, ATE_FUN.1, ATE_COV.1, ADV_ARC.1, ASE_OBJ.2, ASE_REQ.2, ALC_CMC.2, ASE_CCL.1 |
| heuristics/extracted_versions |
8.1.10 |
7870 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
- category: Network Device
- certification_date: 12.11.2019
- evaluation_facility: Leidos Common Criteria Testing Laboratory
- expiration_date: 12.11.2021
- id: CCEVS-VR-VID10980
- product: Palo Alto Networks M-100, M-200, M-500, and M-600 Hardware, and Virtual Appliances all running Panorama 8.1.10
- scheme: US
- url: https://www.niap-ccevs.org/product/10980
- vendor: Palo Alto Networks, Inc.
|
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
{} |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/CPP_ND_V2.1.pdf |
{} |
| pdf_data/cert_filename |
st_vid10980-ci.pdf |
|
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
- US:
- CCEVS-VR-VID10980-2019: 1
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
- /CreationDate: D:20191119111952-05'00'
- /ModDate: D:20191119111952-05'00'
- /Producer: iText 2.1.0 (by lowagie.com)
- pdf_file_size_bytes: 180256
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
|
| pdf_data/report_filename |
st_vid10980-vr.pdf |
ANSSI-CC-2017-03.pdf |
| pdf_data/report_frontpage |
- FR:
- US:
- cert_id: CCEVS-VR-VID10980-2019
- cert_item: for Palo Alto Networks Panorama v8.1.10
- cert_lab: US NIAP
|
- FR:
- cc_security_level: EAL 2 augmenté AVA_TEE.2
- cc_version: Critères Communs version 3.1 révision 4
- cert_id: ANSSI-CC-2017/03
- cert_item: Kinibi v311A on Exynos 7870
- cert_item_version: Référence t-base-EXYNOS64-Android-311A-V004- 20160527_225213_11082_38854, Version 311A
- cert_lab: THALES (TCS – CNES) 18 avenue Edouard Belin, BPI1414, 31401 Toulouse Cedex 9 France
- developer: Trustonic 20 Station Road Cambridge BD1 2ID United Kingdom Commanditaire Trustonic 20 Station Road Cambridge BD1 2ID United Kingdom
- match_rules: ['Référence du rapport de certification(.+)Nom du produit(.+)Référence/version du produit(.+)Conformité à un profil de protection(.+)Critères d’évaluation et version(.+)Niveau d’évaluation(.+)Développeur\\(s\\)(.+)Centre d’évaluation(.+)Accords de reconnaissance applicables']
- ref_protection_profiles: Néant
- US:
|
| pdf_data/report_keywords/cc_cert_id |
- US:
- CCEVS-VR-VID10980-2019: 1
|
- FR:
- ANSSI-CC-2017/03: 19
- ANSSI-CC-PP-2014/01: 1
- ANSSI-CC-PP-2014/01-M01: 1
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
- ANSSI:
- ANSSI-CC-PP-2014/01: 1
- ANSSI-CC-PP-2014/01-M01: 1
|
| pdf_data/report_keywords/cc_security_level |
|
- EAL:
- EAL 1: 1
- EAL 2: 2
- EAL 3: 1
- EAL 5: 1
- EAL 7: 1
- EAL2: 3
- EAL4: 1
- ITSEC:
|
| pdf_data/report_keywords/cc_sar |
- ADV:
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.1: 1
- ALC_CMS.1: 1
- ATE:
- AVA:
|
- ADV:
- ADV_ARC: 1
- ADV_FSP: 1
- ADV_IMP: 1
- ADV_INT: 1
- ADV_SPM: 1
- ADV_TDS: 1
- AGD:
- ALC:
- ALC_CMC: 2
- ALC_CMC_CMS: 1
- ALC_CMS: 1
- ALC_DEL: 1
- ALC_DVS: 1
- ALC_FLR: 2
- ALC_TAT: 1
- ASE:
- ASE_CCL: 1
- ASE_ECD: 1
- ASE_INT: 1
- ASE_OBJ: 1
- ASE_REQ: 1
- ASE_SPD: 1
- ASE_TSS: 1
- ATE:
- ATE_COV: 1
- ATE_DPT: 1
- ATE_FUN: 1
- ATE_IND: 1
- AVA:
- AVA_TEE: 2
- AVA_TEE.2: 5
- AVA_VAN: 1
- AVA_VAN.2: 1
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
|
- OE:
- OE.CONFIGURATION: 1
- OE.INITIALIZATION: 1
- OE.INTEGRATION_CONFIGURATION: 1
- OE.PROTECTION_AFTER_DELIVERY: 1
- OE.RNG: 1
- OE.ROLLBACK: 1
- OE.SECRETS: 1
- OE.TA_DEVELOPMENT: 1
- OE.TA_MANAGEMENT: 1
- OE.TRUSTED_FIRMWARE: 1
- OE.TRUSTED_HARDWARE: 1
- OE.UNIQUE_TEE_ID: 1
|
| pdf_data/report_keywords/vendor |
|
|
| pdf_data/report_keywords/eval_facility |
|
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
|
- CC:
- CCMB-2012-09-001: 1
- CCMB-2012-09-002: 1
- CCMB-2012-09-003: 1
- CCMB-2012-09-004: 1
- NIST:
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
- OutOfScope:
- e., stateful inspection filtering, IPsec VPN gateway, IPS/IDS threat prevention) are not evaluated (out of scope). Only the secure communication channels from Panorama to firewalls and Wildfires are claimed: 1
- out of scope: 2
- protocol and can be used to build a management interface. This feature is not tested and is out of scope. Stateful inspection filtering, VPN gateway, IPS/IDS threat prevention, URL filtering (PAN- DB: 1
|
|
| pdf_data/report_metadata |
- /CreationDate: D:20191119084910-05'00'
- /ModDate: D:20191119084910-05'00'
- pdf_file_size_bytes: 584095
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 20
|
- /Author:
- /CreationDate:
- /Creator: PDFCreator Version 1.2.1
- /Keywords:
- /ModDate:
- /Producer: GPL Ghostscript 9.02
- /Subject:
- /Title: ANSSI-CC-2017-03
- pdf_file_size_bytes: 589101
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 18
|
| pdf_data/st_filename |
st_vid10980-st.pdf |
ANSSI_CC-2017_03 Cible publique.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
|
- EAL:
- EAL 2: 4
- EAL2: 3
- EAL2 augmented: 1
|
| pdf_data/st_keywords/cc_sar |
- ADV:
- AGD:
- ALC:
- ALC_CMC.1: 1
- ALC_CMS.1: 1
- ASE:
- ASE_CCL: 1
- ASE_ECD: 1
- ASE_INT: 1
- ASE_OBJ: 1
- ASE_REQ: 1
- ASE_SPD: 1
- ASE_TSS: 1
- ATE:
- AVA:
|
- ADV:
- ADV_ARC.1: 6
- ADV_FSP.1: 3
- ADV_FSP.2: 14
- ADV_TDS.1: 9
- AGD:
- AGD_OPE: 2
- AGD_OPE.1: 8
- AGD_PRE: 1
- AGD_PRE.1: 8
- ALC:
- ALC_CMC.2: 1
- ALC_CMS.1: 1
- ALC_CMS.2: 1
- ALC_DEL.1: 1
- ASE:
- ASE_CCL.1: 1
- ASE_ECD.1: 4
- ASE_INT.1: 5
- ASE_OBJ.2: 3
- ASE_REQ.1: 2
- ASE_REQ.2: 2
- ASE_SPD.1: 2
- ASE_TSS.1: 1
- ATE:
- ATE_COV.1: 5
- ATE_FUN.1: 4
- AVA:
- AVA_TEE: 5
- AVA_TEE.2: 22
- AVA_VAN: 2
- AVA_VAN.2: 8
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FAU_GEN: 2
- FAU_GEN.1: 4
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FAU_GEN.2: 3
- FAU_GEN.2.1: 1
- FAU_STG_EXT: 1
- FAU_STG_EXT.1: 3
- FAU_STG_EXT.1.1: 1
- FAU_STG_EXT.1.2: 1
- FAU_STG_EXT.1.3: 1
- FCS:
- FCS_CKM: 3
- FCS_CKM.1: 5
- FCS_CKM.1.1: 1
- FCS_CKM.2: 6
- FCS_CKM.2.1: 1
- FCS_CKM.4: 3
- FCS_CKM.4.1: 1
- FCS_COP: 19
- FCS_COP.1: 4
- FCS_RBG_EXT: 1
- FCS_RBG_EXT.1: 5
- FCS_RBG_EXT.1.1: 1
- FCS_RBG_EXT.1.2: 1
- FCS_SSHC_EXT.1.5: 1
- FCS_SSHS_EXT: 1
- FCS_SSHS_EXT.1: 3
- FCS_SSHS_EXT.1.1: 1
- FCS_SSHS_EXT.1.2: 1
- FCS_SSHS_EXT.1.3: 1
- FCS_SSHS_EXT.1.4: 1
- FCS_SSHS_EXT.1.5: 2
- FCS_SSHS_EXT.1.6: 1
- FCS_SSHS_EXT.1.7: 1
- FCS_SSHS_EXT.1.8: 1
- FCS_TLSC_EXT: 2
- FCS_TLSC_EXT.1: 3
- FCS_TLSC_EXT.1.1: 2
- FCS_TLSC_EXT.1.2: 1
- FCS_TLSC_EXT.1.3: 1
- FCS_TLSC_EXT.1.4: 1
- FCS_TLSC_EXT.2: 2
- FCS_TLSC_EXT.2.1: 1
- FCS_TLSC_EXT.2.2: 1
- FCS_TLSC_EXT.2.3: 1
- FCS_TLSC_EXT.2.4: 1
- FCS_TLSC_EXT.2.5: 1
- FCS_TLSS_EXT: 2
- FCS_TLSS_EXT.1: 3
- FCS_TLSS_EXT.1.1: 1
- FCS_TLSS_EXT.1.2: 1
- FCS_TLSS_EXT.1.3: 1
- FCS_TLSS_EXT.2: 2
- FCS_TLSS_EXT.2.1: 1
- FCS_TLSS_EXT.2.2: 1
- FCS_TLSS_EXT.2.3: 1
- FCS_TLSS_EXT.2.4: 1
- FCS_TLSS_EXT.2.5: 1
- FCS_TLSS_EXT.2.6: 1
- FIA:
- FIA_AFL: 1
- FIA_AFL.1: 6
- FIA_AFL.1.1: 1
- FIA_AFL.1.2: 1
- FIA_PMG_EXT: 1
- FIA_PMG_EXT.1: 3
- FIA_PMG_EXT.1.1: 1
- FIA_UAU: 1
- FIA_UAU.7: 3
- FIA_UAU.7.1: 1
- FIA_UAU_EXT: 1
- FIA_UAU_EXT.2: 2
- FIA_UAU_EXT.2.1: 1
- FIA_UIA_EXT: 1
- FIA_UIA_EXT.1: 5
- FIA_UIA_EXT.1.1: 1
- FIA_UIA_EXT.1.2: 1
- FMT:
- FMT_MOF: 4
- FMT_MOF.1: 1
- FMT_MTD: 4
- FMT_MTD.1: 1
- FMT_SMF: 1
- FMT_SMF.1: 3
- FMT_SMF.1.1: 1
- FMT_SMR: 1
- FMT_SMR.2: 3
- FMT_SMR.2.1: 1
- FMT_SMR.2.2: 1
- FMT_SMR.2.3: 1
- FPT:
- FPT_APW_EXT: 1
- FPT_APW_EXT.1: 3
- FPT_APW_EXT.1.1: 1
- FPT_APW_EXT.1.2: 1
- FPT_SKP_EXT: 1
- FPT_SKP_EXT.1: 3
- FPT_SKP_EXT.1.1: 1
- FPT_STM_EXT: 1
- FPT_STM_EXT.1: 4
- FPT_STM_EXT.1.1: 1
- FPT_STM_EXT.1.2: 1
- FPT_TST_EXT: 1
- FPT_TST_EXT.1: 2
- FPT_TST_EXT.1.1: 1
- FPT_TUD_EXT: 1
- FPT_TUD_EXT.1: 3
- FPT_TUD_EXT.1.1: 1
- FPT_TUD_EXT.1.2: 1
- FPT_TUD_EXT.1.3: 1
- FTA:
- FTA_SSL: 2
- FTA_SSL.3: 3
- FTA_SSL.3.1: 1
- FTA_SSL.4: 2
- FTA_SSL.4.1: 1
- FTA_SSL_EXT: 1
- FTA_SSL_EXT.1: 3
- FTA_SSL_EXT.1.1: 1
- FTA_TAB: 1
- FTA_TAB.1: 4
- FTA_TAB.1.1: 1
- FTP:
- FTP_ITC: 1
- FTP_ITC.1: 4
- FTP_ITC.1.1: 1
- FTP_ITC.1.2: 1
- FTP_ITC.1.3: 1
- FTP_TRP: 4
- FTP_TRP.1: 3
|
- FAU:
- FAU_ARP.1: 13
- FAU_ARP.1.1: 1
- FAU_GEN.1: 4
- FAU_SAA.1: 2
- FAU_SAR.1: 11
- FAU_SAR.1.1: 1
- FAU_SAR.1.2: 1
- FAU_STG.1: 10
- FAU_STG.1.1: 1
- FAU_STG.1.2: 1
- FCS:
- FCS_CKM.1: 12
- FCS_CKM.1.1: 1
- FCS_CKM.2: 1
- FCS_CKM.4: 10
- FCS_CKM.4.1: 1
- FCS_COP.1: 20
- FCS_COP.1.1: 1
- FCS_RNG: 4
- FCS_RNG.1: 15
- FCS_RNG.1.1: 2
- FCS_RNG.1.2: 2
- FDP:
- FDP_ACC: 18
- FDP_ACC.1: 6
- FDP_ACF: 16
- FDP_ACF.1: 6
- FDP_IFC: 21
- FDP_IFC.1: 4
- FDP_IFC.2: 3
- FDP_IFF: 19
- FDP_IFF.1: 8
- FDP_ITC.1: 2
- FDP_ITC.2: 2
- FDP_ITT: 3
- FDP_RIP: 9
- FDP_RIP.1: 2
- FDP_ROL: 10
- FDP_ROL.1: 3
- FDP_SDI.2: 17
- FDP_SDI.2.1: 1
- FDP_SDI.2.2: 1
- FIA:
- FIA_ATD.1: 13
- FIA_ATD.1.1: 1
- FIA_UID.1: 1
- FIA_UID.2: 13
- FIA_UID.2.1: 1
- FIA_USB.1: 8
- FIA_USB.1.1: 1
- FIA_USB.1.2: 1
- FIA_USB.1.3: 1
- FMT:
- FMT_MSA: 68
- FMT_MSA.1: 5
- FMT_MSA.3: 9
- FMT_MTD.1: 1
- FMT_SMF.1: 17
- FMT_SMF.1.1: 1
- FMT_SMR.1: 17
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FPT:
- FPT_FLS.1: 17
- FPT_FLS.1.1: 1
- FPT_INI: 3
- FPT_INI.1: 15
- FPT_INI.1.1: 2
- FPT_INI.1.2: 2
- FPT_INI.1.3: 2
- FPT_ITT: 14
- FPT_ITT.1: 2
- FPT_STM: 6
- FPT_STM.1: 2
- FPT_TEE.1: 8
- FPT_TEE.1.1: 1
- FPT_TEE.1.2: 1
- FTP:
|
| pdf_data/st_keywords/cc_claims |
- A:
- OE:
- OE.ADMIN_CREDENTIALS_SECURE: 1
- OE.NO_GENERAL_PURPOSE: 1
- OE.NO_THRU_TRAFFIC_PROTECTION: 1
- OE.PHYSICAL: 1
- OE.RESIDUAL_INFORMATION: 1
- OE.TRUSTED_ADMIN: 1
- OE.UPDATES: 1
|
- A:
- A.CONNECT: 5
- A.PEER: 12
- A.PROTECTION_AFTER_D: 1
- A.PROTECTION_AFTER_DELIVERY: 4
- A.RNG: 6
- A.ROLLBACK: 5
- A.TA_DEVELOPMENT: 5
- O:
- O.CA_TA_IDENTIFICATIO: 1
- O.CA_TA_IDENTIFICATION: 10
- O.INITIALIZATION: 3
- O.INSTANCE_TIME: 9
- O.KEYS_USAGE: 1
- O.OPERATION: 25
- O.RNG: 11
- O.RUNTIME_CONFIDENTI: 1
- O.RUNTIME_CONFIDENTIALITY: 25
- O.RUNTIME_INTEGRITY: 24
- O.TA_AUTHENTICITY: 14
- O.TA_ISOLATION: 21
- O.TEE_DATA_PROTECTIO: 1
- O.TEE_DATA_PROTECTION: 17
- O.TEE_FIRMWARE_UPGRA: 1
- O.TEE_ID: 12
- O.TEE_ISOLATION: 18
- O.TRUSTED_STORAGE: 24
- OE:
- OE.CRYPTOGRAPHY: 1
- OE.DEBUG: 1
- OE.INITIALIZATION: 17
- OE.INTEGRATION_CONFI: 1
- OE.INTEGRATION_CONFIGURATION: 8
- OE.PROTECTION_AFTER_: 1
- OE.PROTECTION_AFTER_DELIVERY: 7
- OE.RNG: 6
- OE.ROLLBACK: 8
- OE.SECRETS: 7
- OE.TA_DEVELOPMENT: 7
- OE.TA_MANAGEMENT: 9
- OE.TEE_FIRMWARE_UPGR: 1
- OE.TEE_FIRMWARE_UPGRADE: 1
- OE.TRUSTED_FIRMWARE: 5
- OE.TRUSTED_HARDWARE: 11
- OE.UNIQUE_TEE_ID: 8
- OP:
- OSP:
- OSP.INTEGRATION_CONFI: 1
- OSP.INTEGRATION_CONFIGURATION: 4
- OSP.SECRETS: 5
- OSP.TA_MANAGEMENT: 4
- OSP.TEE_FIRMWARE_UPG: 1
- OSP.TEE_ID: 7
- T:
- T.ABUSE_FUNCT: 11
- T.CLONE: 11
- T.FLASH_DUMP: 5
- T.IMPERSONATION: 7
- T.PERTURBATION: 13
- T.RAM: 9
- T.RNG: 8
- T.ROGUE_CODE_EXECUTI: 1
- T.ROGUE_CODE_EXECUTION: 11
- T.SPY: 8
- T.STORAGE_CORRUPTION: 8
- T.TEE_FIRMWARE_ROLLB: 1
|
| pdf_data/st_keywords/vendor |
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
- AES_competition:
- DES:
- constructions:
- MAC:
- HMAC: 9
- HMAC-SHA-256: 7
- HMAC-SHA-384: 4
- HMAC-SHA-512: 4
|
- AES_competition:
- DES:
- constructions:
|
| pdf_data/st_keywords/asymmetric_crypto |
- ECC:
- FF:
- DH:
- DH: 7
- DHE: 1
- Diffie-Hellman: 8
- DSA:
- RSA:
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
- SHA:
- SHA1:
- SHA2:
- SHA-256: 6
- SHA-384: 4
- SHA-512: 4
- SHA256: 17
|
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
- IKE:
- IPsec:
- SSH:
- TLS:
- SSL:
- SSL: 5
- SSL 2.0: 4
- SSL 3.0: 4
- TLS:
- TLS: 78
- TLS 1.0: 4
- TLS 1.1: 4
- TLS 1.2: 6
- TLS1.1: 1
- TLS1.2: 1
- TLSv1.1: 3
- TLSv1.2: 6
- VPN:
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
- NIST:
- P-256: 18
- P-384: 12
- P-521: 10
- secp256r1: 7
- secp384r1: 7
- secp521r1: 3
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
- TLS:
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA: 7
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA: 7
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: 7
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: 5
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: 7
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: 7
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: 5
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: 7
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: 5
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: 5
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: 5
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: 5
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: 5
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: 5
- TLS_RSA_WITH_AES_128_CBC_SHA: 7
- TLS_RSA_WITH_AES_128_CBC_SHA256: 7
- TLS_RSA_WITH_AES_256_CBC_SHA: 7
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
- ARM:
- ARM TrustZone: 3
- TrustZone: 1
- other:
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
- FIPS:
- FIPS 140-2: 2
- FIPS 186-4: 3
- FIPS PUB 186-4: 18
- ISO:
- ISO/IEC 14888-: 1
- ISO/IEC 14888-3: 1
- ISO/IEC 18031:2011: 4
- ISO/IEC 9796-2: 2
- NIST:
- NIST SP 800-56A: 2
- SP 800-90A: 2
- PKCS:
- RFC:
- RFC 2818: 3
- RFC 2986: 2
- RFC 3268: 28
- RFC 3526: 3
- RFC 4253: 2
- RFC 4346: 4
- RFC 4492: 24
- RFC 5246: 30
- RFC 5280: 5
- RFC 5289: 44
- RFC 5759: 1
- RFC 6125: 3
- RFC 6960: 1
- RFC 8017: 2
- X509:
|
- CC:
- CCMB-2012-09-001: 2
- CCMB-2012-09-002: 2
- CCMB-2012-09-003: 2
- CCMB-2012-09-004: 1
- FIPS:
- FIPS PUB 180-4: 1
- FIPS PUB 197: 1
- FIPS PUB 46-3: 1
- ISO:
- NIST:
- PKCS:
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
- OutOfScope:
- e., stateful inspection filtering, IPsec VPN gateway, IPS/IDS threat prevention) are not evaluated (out of scope). Only the secure communication channels from Panorama to firewalls and Wildfires are claimed. The: 1
- extent specified by the security functional requirements: TLS, HTTPS, SSH. The features below are out of scope. Table 2 Excluded Features Feature Description Telnet and HTTP Management Protocols Telnet and HTTP: 1
- out of scope: 3
- protocol and can be used to build a management interface. This feature is not tested and is out of scope. Stateful inspection filtering, VPN gateway, IPS/IDS threat prevention, URL filtering (PAN- DB: 1
|
- OutOfScope:
- 1.4 2016-06-01 Updated to PP 1.2; aligned most SFR to the PP 1.5 2016-06-07 Mention TA management (out of scope); reference crypto algorithms document 1.6 2016-08-29 Added the file name of the ATE cover sheet: 1
- Informative — out of scope for ALC: 1
- Service Provider TAs and Installed TAs). Such components are out of scope of the TOE: 1
- Storage Upgrade Service, to convert secure storage from previous versions of Kinibi. Upgrade is out of scope of the present Security Target. SPT2 ‹ Secure Storage Proxy, a communication relay between the: 1
- System TAs) provided by the integrator (SiP or OEM). Such components are out of scope of the TOE: 1
- The silicon vendor designs the ROM code and the secure portion of the TEE chipset. This phase is out of scope for this security target since it only concerns the preparation of the hardware which not part of: 1
- Version of Chipset EVT0_REV0.0 Note that the TOE consists of software only. The chipset is out of scope of the evaluation. Kinibi Security Target ST PUBLIC 10 1.3 Diffusion List Trustonic employees : 1
- and Installed TAs). Such components are out of scope of the TOE. The TOE components are as follows (Table 4): Kinibi Component Descriptions MTK: 1
- and Trusted Applications (System TAs) provided by the integrator (SiP or OEM). Such components are out of scope of the TOE. Additional trusted applications installed via Content Management (Service Provider: 1
- out of scope: 10
- proxy, a communication relay between STH2 and a rollb ack-protected storage driver (which is out of scope of the present Security Target). Table 4 TOE Architecture 4.3 TOE Environment: Required: 1
- space of its callers. Additional Trusted Applications provided by Trustonic. Such components are out of scope of the TOE. o Content Management Trusted Application (version 3.6) (System TA responsible for: 1
- the exact version string to the TOE description. 1.7 2016-11-22 Lifecycle: note that phase 0 is out of scope. TOE overview: mention all embedded TAs, and TAs outside the TOE. List all known TAs/drivers and: 1
- to other entities provided the overall security level is met. Phases Actors (Informative — out of scope for ALC) Phase 0: Firmware/Hardware design, REE development The TEE hardware designer is in charge: 1
- which is out of scope of the present Security Target: 1
|
| pdf_data/st_metadata |
- /CreationDate: D:20191119084329-05'00'
- /ModDate: D:20191119084329-05'00'
- pdf_file_size_bytes: 1492668
- pdf_hyperlinks: https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=412, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=418, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=407, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=405, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=421, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=435, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=422, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=406, file:///C:/Users/beaverg/Desktop/CCTL%20Projects/Palo%20Alto%20Panorama/Received%20from%20Vendor/updates.paloaltonetworks.com, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=409, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=408, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=420, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=433, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=417, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=411, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=410, https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/technical-documentation/81/vm-series/vm-series-deployment/vm-series-deployment.pdf, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=419, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=434, https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/technical-documentation/81/panorama/panorama-admin/panorama-admin.pdf
- pdf_is_encrypted: False
- pdf_number_of_pages: 56
|
- /Author: [email protected]
- /CreationDate: D:20170110164007+01'00'
- /Creator: Microsoft® Word 2010 Subscription
- /ModDate: D:20170110164007+01'00'
- /Producer: Microsoft® Word 2010 Subscription
- /Title: Kinibi v311A Security Target
- pdf_file_size_bytes: 1581958
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 93
|
| state/cert/convert_garbage |
True |
False |
| state/cert/convert_ok |
True |
False |
| state/cert/download_ok |
True |
False |
| state/cert/extract_ok |
True |
False |
| state/cert/pdf_hash |
Different |
Different |
| state/cert/txt_hash |
Different |
Different |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |