| name |
Microsoft SQL Server 2012 Database Engine Enterprise Edition x64 (English), Version:11.0.2100.60 |
ST33G1M2A and ST33G1M2M including optional cryptographic library NesLib (C03) (ANSSI-CC-2020/23-R01) |
| category |
Databases |
ICs, Smart Cards and Smart Card-Related Devices and Systems |
| scheme |
JP |
FR |
| status |
archived |
active |
| not_valid_after |
12.10.2017 |
27.02.2029 |
| not_valid_before |
06.09.2012 |
27.02.2024 |
| cert_link |
|
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/Certificat-CC-2020_23-R01fr.pdf |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0371_erpt.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-CC-2020_23-R01fr.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0371_est.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-cible-CC-2020_23-R01en.pdf |
| manufacturer |
Microsoft Corporation |
STMicroelectronics |
| manufacturer_web |
https://www.microsoft.com |
https://www.st.com/ |
| security_level |
EAL2 |
ALC_DVS.2, EAL5+, AVA_VAN.5 |
| dgst |
bccee9cca27bae56 |
3e61a5124adca691 |
| heuristics/cert_id |
JISEC-CC-CRP-C0371 |
ANSSI-CC-2020/23-R01 |
| heuristics/cert_lab |
[] |
[] |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
{} |
ASE_INT.1, ALC_DVS.2, ALC_CMC.4, ASE_ECD.1, ADV_IMP.1, ATE_COV.2, ASE_TSS.1, ASE_SPD.1, ALC_CMS.5, AVA_VAN.5, ALC_DEL.1, ALC_LCD.1, ADV_FSP.5, AGD_OPE.1, ADV_INT.2, AGD_PRE.1, ATE_FUN.1, ATE_DPT.3, ADV_ARC.1, ASE_OBJ.2, ADV_TDS.4, ALC_TAT.2, ASE_REQ.2, ATE_IND.2, ASE_CCL.1 |
| heuristics/extracted_versions |
11.0.2100.60 |
23, 2020 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
- cert_id: JISEC-CC-CRP-C0371
- certification_date: 01.09.2012
- claim: EAL2
- enhanced:
- assurance_level: EAL2
- cert_link: https://www.ipa.go.jp/en/security/c0371_eimg.pdf
- description: PRODUCT DESCRIPTION Description of TOE The TOE is the database engine of SQL Server 2012. SQL Server is a Database Management System (DBMS). The TOE has been developed as the core module of the DBMS to store and manage data in a secure way. TOE security functions This TOE provides the following security functionality: - The Access Control function of the TOE controls the access of users to user and metadata stored in the TOE. - The Security Audit function of the TOE produces log files about all security relevant events. - The Security Management function allows authorized administrators to manage the behavior of the security functionality of the TOE. - The Identification and Authentication function of the TOE is able to identify and authenticate users.
- evaluation_facility: TワV Informationstechnik GmbH, Evaluation Body for IT-Security
- product: Microsoft SQL Server 2012 Database Engine Enterprise Edition x64 (English)
- product_type: Database Management System (DBMS)
- report_link: https://www.ipa.go.jp/en/security/c0371_erpt.pdf
- target_link: https://www.ipa.go.jp/en/security/c0371_est.pdf
- toe_version: 11.0.2100.60
- vendor: Microsoft Corporation
- expiration_date: 01.10.2017
- supplier: Microsoft Corporation
- toe_japan_name: -----
- toe_overseas_link: https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0371_it1383.html
- toe_overseas_name: Microsoft SQL Server 2012 Database Engine Enterprise Edition x64 (English) 11.0.2100.60
|
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
cf0f01bcd7be3e9c |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
{} |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0084b_pdf.pdf |
| pdf_data/cert_filename |
|
Certificat-CC-2020_23-R01fr.pdf |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
- /Author: DUCLOS Charlene
- /Category:
- /Comments: ANSSI-CC-CER-F-14_v14.8
- /Company: SGDSN
- /CreationDate: D:20240229102046+01'00'
- /Creator: Acrobat PDFMaker 23 pour Word
- /Keywords: version x.x, révision x
- /ModDate: D:20240229102048+01'00'
- /Producer: Adobe PDF Library 23.1.175
- /SourceModified: D:20240229092020
- /Title: ANSSI-CC-2020/23-R01
- pdf_file_size_bytes: 145074
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 2
|
| pdf_data/report_filename |
c0371_erpt.pdf |
ANSSI-CC-2020_23-R01fr.pdf |
| pdf_data/report_frontpage |
|
|
| pdf_data/report_keywords/cc_cert_id |
- JP:
- CRP-C0371-01: 1
- Certification No. C0371: 1
|
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
- BSI:
- BSI-CC-PP-0084-2014: 1
- BSI-PP-0084-2014: 1
|
| pdf_data/report_keywords/cc_security_level |
|
|
| pdf_data/report_keywords/cc_sar |
|
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
- A:
- A.NO_EVIL: 1
- A.NO_GENERAL_: 1
- A.PHYSICAL: 1
- T:
- T.MASQUERADE: 1
- T.TSF_COMPROMISE: 1
- T.UNAUTHORIZED_: 1
- T.UNIDENTIFIED_: 1
|
|
| pdf_data/report_keywords/vendor |
- Microsoft:
- Microsoft: 17
- Microsoft Corporation: 7
|
|
| pdf_data/report_keywords/eval_facility |
- TUV:
- TÜV Informationstechnik: 3
|
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
- CC:
- CCMB-2009-07-001: 2
- CCMB-2009-07-002: 2
- CCMB-2009-07-003: 2
- CCMB-2009-07-004: 2
|
- CC:
- CCMB-2017-04-001: 1
- CCMB-2017-04-002: 1
- CCMB-2017-04-003: 1
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
|
|
| pdf_data/report_metadata |
- /CreationDate: D:20130527154721+09'00'
- /Creator: Microsoft® Word 2010
- /ModDate: D:20130527154854+09'00'
- /Producer: Microsoft® Word 2010
- pdf_file_size_bytes: 225890
- pdf_hyperlinks: {}
- pdf_is_encrypted: True
- pdf_number_of_pages: 29
|
|
| pdf_data/st_filename |
c0371_est.pdf |
ANSSI-cible-CC-2020_23-R01en.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
- BSI:
- BSI-CC-PP- 0084-2014: 8
- BSI-CC-PP-0084-: 1
- BSI-CC-PP-0084-2014: 53
|
| pdf_data/st_keywords/cc_security_level |
|
- EAL:
- EAL4: 1
- EAL5: 17
- EAL5 augmented: 2
- EAL5+: 1
|
| pdf_data/st_keywords/cc_sar |
|
- ADO:
- ADV:
- ADV_ARC: 2
- ADV_ARC.1: 1
- ADV_FSP: 4
- ADV_FSP.5: 3
- ADV_IMP: 1
- ADV_IMP.1: 1
- ADV_INT.2: 1
- ADV_TDS.4: 1
- AGD:
- AGD_OPE: 1
- AGD_OPE.1: 1
- AGD_PRE: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC: 1
- ALC_CMC.4: 1
- ALC_CMS: 1
- ALC_CMS.5: 1
- ALC_DEL.1: 1
- ALC_DVS: 1
- ALC_DVS.2: 4
- ALC_LCD.1: 1
- ALC_TAT.2: 1
- ASE:
- ASE_CCL: 4
- ASE_CCL.1: 1
- ASE_ECD: 4
- ASE_ECD.1: 1
- ASE_INT: 2
- ASE_INT.1: 1
- ASE_OBJ: 8
- ASE_OBJ.2: 1
- ASE_REQ: 26
- ASE_REQ.2: 1
- ASE_SPD: 8
- ASE_SPD.1: 1
- ASE_TSS: 10
- ASE_TSS.1: 1
- ATE:
- ATE_COV: 3
- ATE_COV.2: 1
- ATE_DPT.3: 1
- ATE_FUN.1: 1
- ATE_IND.2: 1
- AVA:
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FAU_GEN: 1
- FAU_GEN.1: 6
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FAU_GEN.2: 6
- FAU_GEN.2.1: 1
- FAU_SEL.1: 6
- FAU_SEL.1.1: 1
- FAU_STG: 3
- FAU_STG.1: 2
- FAU_STG.3: 1
- FAU_STG.4: 1
- FAU_STG_EXP: 2
- FAU_STG_EXP.5: 14
- FAU_STG_EXP.5.1: 2
- FDP:
- FDP_ACC.1: 9
- FDP_ACC.1.1: 1
- FDP_ACF.1: 6
- FDP_ACF.1.1: 1
- FDP_ACF.1.2: 1
- FDP_ACF.1.3: 1
- FDP_ACF.1.4: 1
- FDP_IFC.1: 1
- FIA:
- FIA_ATD.1: 9
- FIA_ATD.1.1: 1
- FIA_UAU.2: 7
- FIA_UAU.2.1: 1
- FIA_UAU.5: 7
- FIA_UAU.5.1: 1
- FIA_UAU.5.2: 1
- FIA_UID.1: 8
- FIA_UID.2: 10
- FIA_UID.2.1: 1
- FMT:
- FMT_MOF.1: 6
- FMT_MOF.1.1: 1
- FMT_MSA.1: 6
- FMT_MSA.1.1: 1
- FMT_MSA.3: 9
- FMT_MSA.3.1: 1
- FMT_MSA.3.2: 1
- FMT_MTD.1: 7
- FMT_MTD.1.1: 1
- FMT_REV.1: 14
- FMT_REV.1.1: 2
- FMT_REV.1.2: 2
- FMT_SMF.1: 7
- FMT_SMF.1.1: 1
- FMT_SMR.1: 13
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FPT:
|
- FAU:
- FCS:
- FCS_CKM.1: 20
- FCS_CKM.4: 4
- FCS_COP.1: 36
- FCS_RNG: 2
- FCS_RNG.1: 6
- FDP:
- FDP_ACC.1: 25
- FDP_ACC.2: 12
- FDP_ACF.1: 35
- FDP_CKM.2: 1
- FDP_IFC.1: 16
- FDP_ITC.1: 13
- FDP_ITC.2: 2
- FDP_ITT.1: 10
- FDP_SDC: 2
- FDP_SDC.1: 8
- FDP_SDI.2: 8
- FDP_SMF.1: 2
- FDP_SMR.1: 1
- FIA:
- FMT:
- FMT_ITC.1: 1
- FMT_LIM: 2
- FMT_LIM.1: 17
- FMT_LIM.2: 18
- FMT_MSA.1: 24
- FMT_MSA.3: 33
- FMT_SMF.1: 16
- FMT_SMR.1: 16
- FPT:
- FPT_FLS.1: 11
- FPT_ITT.1: 9
- FPT_PHP.3: 11
- FRU:
|
| pdf_data/st_keywords/cc_claims |
- A:
- A.NO_EVIL: 3
- A.NO_GENERAL_PURPOSE: 3
- A.PHYSICAL: 3
- O:
- O.ADMIN_ROLE: 5
- O.AUDIT_GENERATION: 6
- O.MANAGE: 7
- O.MEDIATE: 4
- OE:
- OE.NO_EVIL: 4
- OE.NO_GENERAL_: 3
- OE.NO_GENERAL_PURPOSE: 1
- OE.PHYSICAL: 4
- T:
- T.MASQUERADE: 3
- T.TSF_COMPROMISE: 3
- T.UNAUTHORIZED_: 1
- T.UNAUTHORIZED_ACCESS: 2
- T.UNIDENTIFIED_ACTIONS: 3
|
|
| pdf_data/st_keywords/vendor |
- Microsoft:
- Microsoft: 54
- Microsoft Corporation: 2
|
- Infineon:
- Philips:
- STMicroelectronics:
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
|
- AES_competition:
- AES:
- AES: 16
- AES-128: 1
- AES-192: 1
- AES-256: 1
- DES:
- constructions:
- MAC:
- CBC-MAC: 3
- CMAC: 3
- HMAC: 4
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
|
- Keccak:
- SHA:
- SHA1:
- SHA2:
- SHA-2: 3
- SHA-224: 5
- SHA-256: 9
- SHA-384: 7
- SHA-512: 7
- SHA3:
- SHA-3: 6
- SHA3-224: 4
- SHA3-256: 4
- SHA3-384: 4
- SHA3-512: 4
- SHAKE:
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
|
| pdf_data/st_keywords/crypto_library |
|
- Neslib:
- NesLib : 9
- NesLib 283: 1
- NesLib 284: 1
- NesLib 287: 1
- NesLib 290: 1
- NesLib 294: 1
- NesLib 295: 1
- NesLib 296: 1
- NesLib 298: 1
- NesLib 299: 1
- NesLib 6.3: 2
- NesLib 6.3.4: 2
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
- FI:
- Malfunction: 13
- malfunction: 2
- physical tampering: 1
- SCA:
- Leak-Inherent: 12
- Physical Probing: 4
- physical probing: 3
- side channel: 9
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
|
- BSI:
- CC:
- CCMB-2017-04-001: 2
- CCMB-2017-04-002: 23
- CCMB-2017-04-003: 2
- FIPS:
- FIPS PUB 140-2: 5
- FIPS PUB 180-2: 5
- FIPS PUB 186-4: 4
- FIPS PUB 197: 4
- FIPS PUB 198-1: 3
- FIPS PUB 202: 6
- ISO:
- ISO/IEC 13239: 2
- ISO/IEC 14888: 2
- ISO/IEC 7816-3: 1
- ISO/IEC 9796: 1
- ISO/IEC 9796-2: 3
- NIST:
- NIST SP 800-38A: 2
- NIST SP 800-38B: 2
- NIST SP 800-38C: 1
- NIST SP 800-38D: 1
- NIST SP 800-56A: 3
- NIST SP 800-67: 3
- NIST SP 800-90: 4
- SP 800-38A: 3
- SP 800-38C: 1
- SP 800-38D: 1
- SP 800-67: 1
- SP 800-90A: 1
- PKCS:
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
|
- OutOfScope:
- 39 The Security IC Embedded Software (ES) is in User NVM. The ES is not part of the TOE and is out of scope of the evaluation, except NesLib when it is embedded: 1
- 3]. 39 The Security IC Embedded Software (ES) is in User NVM. The ES is not part of the TOE and is out of scope of the evaluation, except NesLib when it is embedded. a. Note that SHA-1 is no longer recommended: 1
- out of scope: 1
|
| pdf_data/st_metadata |
|
|
| state/cert/convert_garbage |
False |
False |
| state/cert/convert_ok |
False |
True |
| state/cert/download_ok |
False |
True |
| state/cert/extract_ok |
False |
True |
| state/cert/pdf_hash |
Different |
Different |
| state/cert/txt_hash |
Different |
Different |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |