| name |
Microsoft SQL Server 2012 Database Engine Enterprise Edition x64 (English), Version:11.0.2100.60 |
Fidelis XPS |
| category |
Databases |
Detection Devices and Systems |
| scheme |
JP |
US |
| status |
archived |
archived |
| not_valid_after |
12.10.2017 |
01.11.2014 |
| not_valid_before |
06.09.2012 |
07.08.2012 |
| cert_link |
None |
None |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0371_erpt.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10449-vr.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0371_est.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10449-st.pdf |
| manufacturer |
Microsoft Corporation |
Fidelis Security Systems, Inc. |
| manufacturer_web |
https://www.microsoft.com |
https://www.fidelissecurity.com/ |
| security_level |
EAL2 |
EAL2+, ALC_FLR.3 |
| dgst |
bccee9cca27bae56 |
14fad481adb43f88 |
| heuristics/cert_id |
JISEC-CC-CRP-C0371 |
CCEVS-VR-VID-10449-2012 |
| heuristics/cert_lab |
[] |
US |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
{} |
ALC_CMS.2, ADV_TDS.1, ATE_FUN.1, ALC_CMC.2, ALC_DEL.1, ATE_IND.2, ATE_COV.1, AVA_VAN.2, ALC_FLR.3, ADV_ARC.1, AGD_OPE.1, ADV_FSP.2, AGD_PRE.1 |
| heuristics/extracted_versions |
11.0.2100.60 |
- |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
- cert_id: JISEC-CC-CRP-C0371
- certification_date: 01.09.2012
- claim: EAL2
- enhanced:
- assurance_level: EAL2
- cert_link: https://www.ipa.go.jp/en/security/c0371_eimg.pdf
- description: PRODUCT DESCRIPTION Description of TOE The TOE is the database engine of SQL Server 2012. SQL Server is a Database Management System (DBMS). The TOE has been developed as the core module of the DBMS to store and manage data in a secure way. TOE security functions This TOE provides the following security functionality: - The Access Control function of the TOE controls the access of users to user and metadata stored in the TOE. - The Security Audit function of the TOE produces log files about all security relevant events. - The Security Management function allows authorized administrators to manage the behavior of the security functionality of the TOE. - The Identification and Authentication function of the TOE is able to identify and authenticate users.
- evaluation_facility: TワV Informationstechnik GmbH, Evaluation Body for IT-Security
- product: Microsoft SQL Server 2012 Database Engine Enterprise Edition x64 (English)
- product_type: Database Management System (DBMS)
- report_link: https://www.ipa.go.jp/en/security/c0371_erpt.pdf
- target_link: https://www.ipa.go.jp/en/security/c0371_est.pdf
- toe_version: 11.0.2100.60
- vendor: Microsoft Corporation
- expiration_date: 01.10.2017
- supplier: Microsoft Corporation
- toe_japan_name: -----
- toe_overseas_link: https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0371_it1383.html
- toe_overseas_name: Microsoft SQL Server 2012 Database Engine Enterprise Edition x64 (English) 11.0.2100.60
|
- category: Wireless Monitoring
- certification_date: 07.08.2012
- evaluation_facility: Leidos Common Criteria Testing Laboratory
- expiration_date: 01.11.2014
- id: CCEVS-VR-VID10449
- product: Fidelis XPS
- scheme: US
- url: https://www.niap-ccevs.org/product/10449
- vendor: Fidelis Cybersecurity Inc.
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
{} |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
{} |
{} |
| pdf_data/cert_filename |
None |
None |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
|
| pdf_data/report_filename |
c0371_erpt.pdf |
st_vid10449-vr.pdf |
| pdf_data/report_frontpage |
|
- US:
- cert_id: CCEVS-VR-VID10449-2012
- cert_item: For Fidelis XPS
- cert_lab: US NIAP
|
| pdf_data/report_keywords/cc_cert_id |
- JP:
- CRP-C0371-01: 1
- Certification No. C0371: 1
|
- US:
- CCEVS-VR-VID10449-2012: 1
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
|
- EAL:
- EAL 1: 1
- EAL 4: 3
- EAL2: 4
|
| pdf_data/report_keywords/cc_sar |
|
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
- A:
- A.NO_EVIL: 1
- A.NO_GENERAL_: 1
- A.PHYSICAL: 1
- T:
- T.MASQUERADE: 1
- T.TSF_COMPROMISE: 1
- T.UNAUTHORIZED_: 1
- T.UNIDENTIFIED_: 1
|
- A:
- A.ACCESS: 1
- A.ASCOPE: 1
- A.DYNMIC: 1
- A.LOCATE: 1
- A.MANAGE: 1
- A.NOEVIL: 1
- A.NOTRST: 1
- A.PROTCT: 1
- T:
- T.COMDIS: 1
- T.COMINT: 1
- T.FACCNT: 1
- T.FALACT: 1
- T.FALASC: 1
- T.FALREC: 1
- T.IMPCON: 1
- T.INADVE: 1
- T.INFLUX: 1
- T.LOSSOF: 1
- T.MISACT: 1
- T.MISUSE: 1
- T.NOHALT: 1
- T.PRIVIL: 1
|
| pdf_data/report_keywords/vendor |
- Microsoft:
- Microsoft: 17
- Microsoft Corporation: 7
|
|
| pdf_data/report_keywords/eval_facility |
- TUV:
- TÜV Informationstechnik: 3
|
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
- CC:
- CCMB-2009-07-001: 2
- CCMB-2009-07-002: 2
- CCMB-2009-07-003: 2
- CCMB-2009-07-004: 2
|
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
|
|
| pdf_data/report_metadata |
- /CreationDate: D:20130527154721+09'00'
- /Creator: Microsoft® Word 2010
- /ModDate: D:20130527154854+09'00'
- /Producer: Microsoft® Word 2010
- pdf_file_size_bytes: 225890
- pdf_hyperlinks: {}
- pdf_is_encrypted: True
- pdf_number_of_pages: 29
|
- /Author: Jerry Mancini
- /CreationDate: D:20120907122419
- /Creator: Microsoft® Office Word 2007
- /ModDate: D:20120907122419
- /Producer: Microsoft® Office Word 2007
- /Title: National Information Assurance Partnership
- pdf_file_size_bytes: 261561
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 20
|
| pdf_data/st_filename |
c0371_est.pdf |
st_vid10449-st.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
|
- EAL:
- EAL 2: 5
- EAL 2 augmented: 5
- EAL2: 1
- EAL2 augmented: 1
|
| pdf_data/st_keywords/cc_sar |
|
- ADV:
- ADV_ARC: 1
- ADV_ARC.1: 14
- ADV_FSP: 1
- ADV_FSP.1: 1
- ADV_FSP.2: 18
- ADV_TDS: 1
- ADV_TDS.1: 17
- AGD:
- AGD_OPE: 1
- AGD_OPE.1: 15
- AGD_PRE: 1
- AGD_PRE.1: 10
- ALC:
- ALC_CMC: 1
- ALC_CMC.2: 9
- ALC_CMS: 1
- ALC_CMS.2: 7
- ALC_DEL: 1
- ALC_DEL.1: 6
- ALC_FLR: 2
- ALC_FLR.2: 2
- ALC_FLR.3: 25
- ATE:
- ATE_COV: 1
- ATE_COV.1: 8
- ATE_FUN: 1
- ATE_FUN.1: 12
- ATE_IND: 1
- ATE_IND.2: 8
- AVA:
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FAU_GEN: 1
- FAU_GEN.1: 6
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FAU_GEN.2: 6
- FAU_GEN.2.1: 1
- FAU_SEL.1: 6
- FAU_SEL.1.1: 1
- FAU_STG: 3
- FAU_STG.1: 2
- FAU_STG.3: 1
- FAU_STG.4: 1
- FAU_STG_EXP: 2
- FAU_STG_EXP.5: 14
- FAU_STG_EXP.5.1: 2
- FDP:
- FDP_ACC.1: 9
- FDP_ACC.1.1: 1
- FDP_ACF.1: 6
- FDP_ACF.1.1: 1
- FDP_ACF.1.2: 1
- FDP_ACF.1.3: 1
- FDP_ACF.1.4: 1
- FDP_IFC.1: 1
- FIA:
- FIA_ATD.1: 9
- FIA_ATD.1.1: 1
- FIA_UAU.2: 7
- FIA_UAU.2.1: 1
- FIA_UAU.5: 7
- FIA_UAU.5.1: 1
- FIA_UAU.5.2: 1
- FIA_UID.1: 8
- FIA_UID.2: 10
- FIA_UID.2.1: 1
- FMT:
- FMT_MOF.1: 6
- FMT_MOF.1.1: 1
- FMT_MSA.1: 6
- FMT_MSA.1.1: 1
- FMT_MSA.3: 9
- FMT_MSA.3.1: 1
- FMT_MSA.3.2: 1
- FMT_MTD.1: 7
- FMT_MTD.1.1: 1
- FMT_REV.1: 14
- FMT_REV.1.1: 2
- FMT_REV.1.2: 2
- FMT_SMF.1: 7
- FMT_SMF.1.1: 1
- FMT_SMR.1: 13
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FPT:
|
- FAU:
- FAU_GEN: 3
- FAU_GEN.1: 11
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FAU_SAR: 10
- FAU_SAR.1: 7
- FAU_SAR.1.1: 1
- FAU_SAR.1.2: 1
- FAU_SAR.2: 4
- FAU_SAR.2.1: 1
- FAU_SAR.3: 4
- FAU_SAR.3.1: 1
- FAU_SEL: 3
- FAU_SEL.1: 4
- FAU_SEL.1.1: 1
- FAU_STG: 12
- FAU_STG.1: 1
- FAU_STG.2: 5
- FAU_STG.2.1: 1
- FAU_STG.2.2: 1
- FAU_STG.2.3: 1
- FAU_STG.4: 3
- FAU_STG.4.1: 1
- FDP:
- FIA:
- FIA_AFL.1: 1
- FIA_ATD: 3
- FIA_ATD.1: 4
- FIA_ATD.1.1: 1
- FIA_UAU: 8
- FIA_UAU.2: 4
- FIA_UAU.2.1: 1
- FIA_UAU.5: 5
- FIA_UAU.5.1: 1
- FIA_UAU.5.2: 1
- FIA_UID: 4
- FIA_UID.1: 1
- FIA_UID.2: 6
- FIA_UID.2.1: 1
- FMT:
- FMT_MOF: 5
- FMT_MOF.1: 5
- FMT_MOF.1.1: 1
- FMT_MTD: 6
- FMT_MTD.1: 6
- FMT_MTD.1.1: 1
- FMT_SMF: 3
- FMT_SMF.1: 9
- FMT_SMF.1.1: 1
- FMT_SMR: 3
- FMT_SMR.1: 6
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FPT:
- FPT_ITA.1: 1
- FPT_ITC.1: 1
- FPT_ITI.1: 1
- FPT_ITT: 3
- FPT_ITT.1: 5
- FPT_ITT.1.1: 1
- FPT_STM: 4
- FPT_STM.1: 5
- FPT_STM.1.1: 1
- FTA:
- FTA_SSL: 3
- FTA_SSL.3: 6
- FTA_SSL.3.1: 1
|
| pdf_data/st_keywords/cc_claims |
- A:
- A.NO_EVIL: 3
- A.NO_GENERAL_PURPOSE: 3
- A.PHYSICAL: 3
- O:
- O.ADMIN_ROLE: 5
- O.AUDIT_GENERATION: 6
- O.MANAGE: 7
- O.MEDIATE: 4
- OE:
- OE.NO_EVIL: 4
- OE.NO_GENERAL_: 3
- OE.NO_GENERAL_PURPOSE: 1
- OE.PHYSICAL: 4
- T:
- T.MASQUERADE: 3
- T.TSF_COMPROMISE: 3
- T.UNAUTHORIZED_: 1
- T.UNAUTHORIZED_ACCESS: 2
- T.UNIDENTIFIED_ACTIONS: 3
|
- A:
- A.ACCESS: 3
- A.ASCOPE: 2
- A.DYNMIC: 3
- A.LOCATE: 2
- A.MANAGE: 3
- A.NOEVIL: 2
- A.NOTRST: 3
- A.PROTCT: 2
- O:
- O.ACCESS: 12
- O.AUDITS: 9
- O.AUDIT_PROTECTION: 5
- O.AUDIT_SORT: 6
- O.EADMIN: 6
- O.EXPORT: 2
- O.IDANLZ: 7
- O.IDAUTH: 21
- O.IDSCAN: 1
- O.IDSEN: 1
- O.IDSENS: 8
- O.INTEGR: 7
- O.OFLOWS: 5
- O.PROTCT: 10
- O.RESPON: 4
- O.TIME: 7
- OE:
- OE.AUDIT_PROTECTION: 1
- OE.AUDIT_SORT: 1
- OE.CREDEN: 5
- OE.INSTAL: 5
- OE.INTROP: 5
- OE.PERSON: 6
- OE.PHYCAL: 7
- OE.TIME: 1
- T:
- T.COMDIS: 3
- T.COMINT: 2
- T.FACCNT: 3
- T.FALACT: 2
- T.FALASC: 4
- T.FALREC: 3
- T.IMPCON: 4
- T.INADVE: 2
- T.INFLUX: 3
- T.LOSSOF: 2
- T.MISACT: 3
- T.MISUSE: 2
- T.NOHALT: 3
- T.PRIVIL: 2
- T.SCNCFG: 2
- T.SCNMLC: 2
- T.SCNVUL: 2
|
| pdf_data/st_keywords/vendor |
- Microsoft:
- Microsoft: 54
- Microsoft Corporation: 2
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
|
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
|
|
| pdf_data/st_keywords/crypto_scheme |
|
- KEX:
- Key Exchange: 1
- Key exchange: 1
- MAC:
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
|
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
|
- OutOfScope:
- but can serve to effectively bypass some of those security functions. As a result, the IMM is out of scope of the evaluated configuration and its available connections should not be used (i.e., connected: 1
- in the underlying Linux can log directly into an appliance. This interface is generally considered out of scope of the evaluation since it is intended to be used for installation and setup purposes and not for: 1
- out of scope: 2
|
| pdf_data/st_metadata |
|
- /Author: SAIC
- /CreationDate: D:20120907110447
- /Creator: Microsoft® Office Word 2007
- /ModDate: D:20120907110447
- /Producer: Microsoft® Office Word 2007
- /Subject: Security Target
- /Title: Fidelis XPS Security Target
- pdf_file_size_bytes: 1129377
- pdf_hyperlinks: http://www.pcre.org/
- pdf_is_encrypted: False
- pdf_number_of_pages: 57
|
| state/cert/convert_garbage |
False |
False |
| state/cert/convert_ok |
False |
False |
| state/cert/download_ok |
False |
False |
| state/cert/extract_ok |
False |
False |
| state/cert/pdf_hash |
Equal |
Equal |
| state/cert/txt_hash |
Equal |
Equal |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |