| name |
Microsoft SQL Server 2012 Database Engine Enterprise Edition x64 (English), Version:11.0.2100.60 |
Microsoft Exchange Server 2007 Enterprise Edition (English), Version/Build 08.02.0176.002 |
| category |
Databases |
Other Devices and Systems |
| scheme |
JP |
DE |
| status |
archived |
archived |
| not_valid_after |
12.10.2017 |
01.09.2019 |
| not_valid_before |
06.09.2012 |
16.11.2009 |
| cert_link |
None |
None |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0371_erpt.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0436a_pdf.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0371_est.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0436b_pdf.pdf |
| manufacturer |
Microsoft Corporation |
Microsoft Corporation |
| manufacturer_web |
https://www.microsoft.com |
https://www.microsoft.com |
| security_level |
EAL2 |
EAL4+ |
| dgst |
bccee9cca27bae56 |
95badceef1b711cb |
| heuristics/cert_id |
JISEC-CC-CRP-C0371 |
BSI-DSZ-CC-0436-2009 |
| heuristics/cert_lab |
[] |
BSI |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
{} |
ADV_RCR.1, AVA_VLA.2, ADV_HLD.2, AGD_USR.1, AVA_SOF.1, ADV_FSP.2, ADV_IMP.1, ATE_COV.2, ALC_TAT.1, AVA_MSU.2, AGD_ADM.1, ALC_LCD.1, ALC_FLR.3, ATE_FUN.1, ATE_DPT.1, ALC_DVS.1, ATE_IND.2, ADV_LLD.1, ADV_SPM.1 |
| heuristics/extracted_versions |
11.0.2100.60 |
08.02.0176.002 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
- cert_id: JISEC-CC-CRP-C0371
- certification_date: 01.09.2012
- claim: EAL2
- enhanced:
- assurance_level: EAL2
- cert_link: https://www.ipa.go.jp/en/security/c0371_eimg.pdf
- description: PRODUCT DESCRIPTION Description of TOE The TOE is the database engine of SQL Server 2012. SQL Server is a Database Management System (DBMS). The TOE has been developed as the core module of the DBMS to store and manage data in a secure way. TOE security functions This TOE provides the following security functionality: - The Access Control function of the TOE controls the access of users to user and metadata stored in the TOE. - The Security Audit function of the TOE produces log files about all security relevant events. - The Security Management function allows authorized administrators to manage the behavior of the security functionality of the TOE. - The Identification and Authentication function of the TOE is able to identify and authenticate users.
- evaluation_facility: TワV Informationstechnik GmbH, Evaluation Body for IT-Security
- product: Microsoft SQL Server 2012 Database Engine Enterprise Edition x64 (English)
- product_type: Database Management System (DBMS)
- report_link: https://www.ipa.go.jp/en/security/c0371_erpt.pdf
- target_link: https://www.ipa.go.jp/en/security/c0371_est.pdf
- toe_version: 11.0.2100.60
- vendor: Microsoft Corporation
- expiration_date: 01.10.2017
- supplier: Microsoft Corporation
- toe_japan_name: -----
- toe_overseas_link: https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0371_it1383.html
- toe_overseas_name: Microsoft SQL Server 2012 Database Engine Enterprise Edition x64 (English) 11.0.2100.60
|
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
{} |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
{} |
{} |
| pdf_data/cert_filename |
None |
None |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
|
| pdf_data/report_filename |
c0371_erpt.pdf |
0436a_pdf.pdf |
| pdf_data/report_frontpage |
|
- DE:
- cert_id: BSI-DSZ-CC-0436-2009
- cert_item: Microsoft Exchange Server 2007 Enterprise Edition (English) Version/Build 08.02.0176.002
- cert_lab: BSI
- developer: Microsoft Corporation
- match_rules: ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)']
|
| pdf_data/report_keywords/cc_cert_id |
- JP:
- CRP-C0371-01: 1
- Certification No. C0371: 1
|
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
|
- EAL:
- EAL 1: 1
- EAL 4: 3
- EAL 4 augmented: 2
- EAL 7: 1
- EAL1: 5
- EAL2: 3
- EAL3: 4
- EAL4: 8
- EAL4 augmented: 1
- EAL5: 6
- EAL6: 3
- EAL7: 4
|
| pdf_data/report_keywords/cc_sar |
|
- ACM:
- ACM_AUT: 2
- ACM_CAP: 2
- ACM_SCP: 2
- ADO:
- ADV:
- ADV_FSP: 2
- ADV_HLD: 2
- ADV_IMP: 2
- ADV_INT: 2
- ADV_LLD: 2
- ADV_RCR: 2
- ADV_SPM: 2
- AGD:
- ALC:
- ALC_DVS: 2
- ALC_FLR: 2
- ALC_FLR.3: 4
- ALC_LCD: 1
- ALC_TAT: 2
- APE:
- APE_DES: 1
- APE_ENV: 1
- APE_INT: 1
- APE_OBJ: 1
- APE_REQ: 1
- APE_SRE: 1
- ASE:
- ASE_DES: 1
- ASE_ENV: 1
- ASE_INT: 1
- ASE_OBJ: 1
- ASE_PPC: 1
- ASE_REQ: 1
- ASE_SRE: 1
- ASE_TSS: 1
- ATE:
- ATE_COV: 2
- ATE_DPT: 2
- ATE_FUN: 2
- ATE_IND: 2
- AVA:
- AVA_CCA: 2
- AVA_MSU: 2
- AVA_SOF: 3
- AVA_VLA: 3
- AVA_VLA.2: 1
- AVA_VLA.3: 1
- AVA_VLA.4: 1
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
- A:
- A.NO_EVIL: 1
- A.NO_GENERAL_: 1
- A.PHYSICAL: 1
- T:
- T.MASQUERADE: 1
- T.TSF_COMPROMISE: 1
- T.UNAUTHORIZED_: 1
- T.UNIDENTIFIED_: 1
|
|
| pdf_data/report_keywords/vendor |
- Microsoft:
- Microsoft: 17
- Microsoft Corporation: 7
|
- Microsoft:
- Microsoft: 17
- Microsoft Corporation: 5
|
| pdf_data/report_keywords/eval_facility |
- TUV:
- TÜV Informationstechnik: 3
|
- TUV:
- TÜV Informationstechnik: 3
- tuvit: 12
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
- BSI:
- BSI 7125: 2
- BSI 7148: 1
- BSI 7149: 1
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
- CC:
- CCMB-2009-07-001: 2
- CCMB-2009-07-002: 2
- CCMB-2009-07-003: 2
- CCMB-2009-07-004: 2
|
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
|
- ConfidentialDocument:
- 02.0176.002, EVALUATION TECHNICAL REPORT, Version 3, Date 2009-10-01, TÜV Informationstechnik GmbH (confidential document) [8] Configuration list for the TOE: Exchange Server 2007 Common Criteria Evaluation, Configuration: 1
- Server, Version: 1.05, Date: 2009-09-28; including all document as referenced in chapter 3.2. (confidential documents) [9] Microsoft Exchange Server 2007 Enterprise Edition Common Criteria Evaluation – Guidance: 1
- OutOfScope:
- TOE in the certified version and configuration. The version of the help-file on the product DVD is out of scope of the certification. The TOE has to be installed and configured according to the Guidance Addendum: 1
- any client. The way external lists for filtering of messages are compiled and transferred is also out of scope of the evaluation. Some security functionality of the TOE environment, namely of the operating: 1
- out of scope: 2
|
| pdf_data/report_metadata |
- /CreationDate: D:20130527154721+09'00'
- /Creator: Microsoft® Word 2010
- /ModDate: D:20130527154854+09'00'
- /Producer: Microsoft® Word 2010
- pdf_file_size_bytes: 225890
- pdf_hyperlinks: {}
- pdf_is_encrypted: True
- pdf_number_of_pages: 29
|
- /Author: Bundesamt für Sicherheit in der Informationstechnik
- /CreationDate: D:20091209111723+01'00'
- /Creator: Writer
- /Keywords: "Microsoft Exchange Server 2007 Enterprise Edition (English) Version/Build 08.02.0176.002, Microsoft Corporation, Common Criteria, Certification, Zertifzierung"
- /ModDate: D:20091218092509+01'00'
- /Producer: StarOffice 9
- /Subject: Common Criteria Certification
- /Title: Certification Report BSI-DSZ-CC-0436-2009
- pdf_file_size_bytes: 966828
- pdf_hyperlinks: http://www.bsi.bund.de/
- pdf_is_encrypted: False
- pdf_number_of_pages: 34
|
| pdf_data/st_filename |
c0371_est.pdf |
0436b_pdf.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
|
- EAL:
- EAL4: 9
- EAL4 augmented: 4
|
| pdf_data/st_keywords/cc_sar |
|
- ACM:
- ACM_AUT.1: 2
- ACM_CAP.4: 1
- ACM_SCP.2: 2
- ADO:
- ADO_DEL.2: 2
- ADO_IGS.1: 2
- ADV:
- ADV_FSP.2: 2
- ADV_HLD.2: 2
- ADV_IMP.1: 2
- ADV_LLD.1: 2
- ADV_RCR.1: 2
- ADV_SPM.1: 2
- AGD:
- AGD_ADD: 2
- AGD_ADM.1: 2
- AGD_USR.1: 1
- ALC:
- ALC_DVS.1: 2
- ALC_FLR.3: 8
- ALC_LCD.1: 2
- ALC_TAT.1: 2
- ATE:
- ATE_COV.2: 2
- ATE_DPT.1: 1
- ATE_FUN.1: 2
- ATE_IND.2: 2
- AVA:
- AVA_MSU.2: 2
- AVA_SOF.1: 2
- AVA_VLA.2: 3
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FAU_GEN: 1
- FAU_GEN.1: 6
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FAU_GEN.2: 6
- FAU_GEN.2.1: 1
- FAU_SEL.1: 6
- FAU_SEL.1.1: 1
- FAU_STG: 3
- FAU_STG.1: 2
- FAU_STG.3: 1
- FAU_STG.4: 1
- FAU_STG_EXP: 2
- FAU_STG_EXP.5: 14
- FAU_STG_EXP.5.1: 2
- FDP:
- FDP_ACC.1: 9
- FDP_ACC.1.1: 1
- FDP_ACF.1: 6
- FDP_ACF.1.1: 1
- FDP_ACF.1.2: 1
- FDP_ACF.1.3: 1
- FDP_ACF.1.4: 1
- FDP_IFC.1: 1
- FIA:
- FIA_ATD.1: 9
- FIA_ATD.1.1: 1
- FIA_UAU.2: 7
- FIA_UAU.2.1: 1
- FIA_UAU.5: 7
- FIA_UAU.5.1: 1
- FIA_UAU.5.2: 1
- FIA_UID.1: 8
- FIA_UID.2: 10
- FIA_UID.2.1: 1
- FMT:
- FMT_MOF.1: 6
- FMT_MOF.1.1: 1
- FMT_MSA.1: 6
- FMT_MSA.1.1: 1
- FMT_MSA.3: 9
- FMT_MSA.3.1: 1
- FMT_MSA.3.2: 1
- FMT_MTD.1: 7
- FMT_MTD.1.1: 1
- FMT_REV.1: 14
- FMT_REV.1.1: 2
- FMT_REV.1.2: 2
- FMT_SMF.1: 7
- FMT_SMF.1.1: 1
- FMT_SMR.1: 13
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FPT:
|
- FAU:
- FDP:
- FDP_ACC: 26
- FDP_ACC.1: 13
- FDP_ACF: 21
- FDP_ACF.1: 16
- FDP_IFC: 45
- FDP_IFC.1: 17
- FDP_IFF: 43
- FDP_IFF.1: 35
- FIA:
- FIA_AFL: 1
- FIA_ATD.1: 7
- FIA_ATD.1.1: 1
- FIA_SOS.1: 7
- FIA_SOS.1.1: 1
- FIA_UAU: 1
- FIA_UAU.8: 30
- FIA_UID: 1
- FIA_UID.1: 3
- FIA_UID.2: 2
- FIA_UID.3: 34
- FIA_USB.1: 7
- FIA_USB.1.1: 1
- FIA_USB.1.2: 1
- FIA_USB.1.3: 1
- FMT:
- FMT_MSA: 95
- FMT_MSA.1: 14
- FMT_MSA.3: 22
- FMT_SMF.1: 32
- FMT_SMF.1.1: 1
- FMT_SMR.1: 22
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FRU:
|
| pdf_data/st_keywords/cc_claims |
- A:
- A.NO_EVIL: 3
- A.NO_GENERAL_PURPOSE: 3
- A.PHYSICAL: 3
- O:
- O.ADMIN_ROLE: 5
- O.AUDIT_GENERATION: 6
- O.MANAGE: 7
- O.MEDIATE: 4
- OE:
- OE.NO_EVIL: 4
- OE.NO_GENERAL_: 3
- OE.NO_GENERAL_PURPOSE: 1
- OE.PHYSICAL: 4
- T:
- T.MASQUERADE: 3
- T.TSF_COMPROMISE: 3
- T.UNAUTHORIZED_: 1
- T.UNAUTHORIZED_ACCESS: 2
- T.UNIDENTIFIED_ACTIONS: 3
|
- A:
- A.BLOCKLIST: 4
- A.COM_PROT: 3
- A.INSTALL: 3
- A.NO_EVIL_ADM: 1
- A.NO_EVIL_ADMIN: 2
- A.PHYS_PROTECT: 4
- A.PLATFORM: 4
- O:
- O.CONBLK: 7
- O.DAC: 11
- O.MAIL_FLOW: 5
- O.QUOTA: 7
- O.REDUCE_SPAM: 6
- O.RESTDIST: 7
- OE:
- OE.BLOCKLIST: 3
- OE.COM_PROT: 3
- OE.INSTALL: 7
- OE.PHYSICAL: 3
- OE.PLATFORM: 16
- OSP:
- T:
- T.AUTH_DAC: 4
- T.DL_MISUSE: 4
- T.OVERFLOW: 4
- T.SPAM: 7
- T.UNAUTHUSE: 3
- T.UNAUTH_DAC: 3
|
| pdf_data/st_keywords/vendor |
- Microsoft:
- Microsoft: 54
- Microsoft Corporation: 2
|
- Microsoft:
- Microsoft: 42
- Microsoft Corporation: 2
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
|
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
|
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
|
- RFC:
- RFC 1725: 1
- RFC 1730: 1
- RFC 2821: 11
- RFC 2822: 7
- RFC1725: 1
- RFC1730: 1
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
|
- OutOfScope:
- it should be noted that the way these external lists are compiled and transferred to the TOE are out of scope of the evaluation. Security Target Page 14/83 2.3.4 Important functionality of the environment The: 1
- out of scope: 1
|
| pdf_data/st_metadata |
|
|
| state/cert/convert_garbage |
False |
False |
| state/cert/convert_ok |
False |
False |
| state/cert/download_ok |
False |
False |
| state/cert/extract_ok |
False |
False |
| state/cert/pdf_hash |
Equal |
Equal |
| state/cert/txt_hash |
Equal |
Equal |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |