| name |
Microsoft SQL Server 2012 Database Engine Enterprise Edition x64 (English), Version:11.0.2100.60 |
V3Pro2004 and AhnLab Policy Center 3.0 |
| category |
Databases |
Other Devices and Systems |
| scheme |
JP |
KR |
| status |
archived |
archived |
| not_valid_after |
12.10.2017 |
01.06.2019 |
| not_valid_before |
06.09.2012 |
17.09.2007 |
| cert_link |
None |
None |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0371_erpt.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ISIS-73-EN.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0371_est.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ISIS-73-ST-EN.pdf |
| manufacturer |
Microsoft Corporation |
AhnLab, Inc. |
| manufacturer_web |
https://www.microsoft.com |
https://www.ahnlab.com/ |
| security_level |
EAL2 |
EAL4 |
| dgst |
bccee9cca27bae56 |
a8f7a4c49c242ddc |
| heuristics/cert_id |
JISEC-CC-CRP-C0371 |
KECS-ISIS-0073-2007 |
| heuristics/cert_lab |
[] |
[] |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
{} |
ALC_DVS.1, ATE_COV.2, ADV_RCR.1, ALC_TAT.1, AVA_VLA.2, AVA_MSU.2, ADV_HLD.2, ATE_FUN.1, AGD_USR.1, AVA_SOF.1, ATE_IND.2, AGD_ADM.1, ADV_LLD.1, ALC_LCD.1, ATE_DPT.1, ADV_FSP.2, ADV_SPM.1, ADV_IMP.1 |
| heuristics/extracted_versions |
11.0.2100.60 |
3.0 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
- cert_id: JISEC-CC-CRP-C0371
- certification_date: 01.09.2012
- claim: EAL2
- enhanced:
- assurance_level: EAL2
- cert_link: https://www.ipa.go.jp/en/security/c0371_eimg.pdf
- description: PRODUCT DESCRIPTION Description of TOE The TOE is the database engine of SQL Server 2012. SQL Server is a Database Management System (DBMS). The TOE has been developed as the core module of the DBMS to store and manage data in a secure way. TOE security functions This TOE provides the following security functionality: - The Access Control function of the TOE controls the access of users to user and metadata stored in the TOE. - The Security Audit function of the TOE produces log files about all security relevant events. - The Security Management function allows authorized administrators to manage the behavior of the security functionality of the TOE. - The Identification and Authentication function of the TOE is able to identify and authenticate users.
- evaluation_facility: TワV Informationstechnik GmbH, Evaluation Body for IT-Security
- product: Microsoft SQL Server 2012 Database Engine Enterprise Edition x64 (English)
- product_type: Database Management System (DBMS)
- report_link: https://www.ipa.go.jp/en/security/c0371_erpt.pdf
- target_link: https://www.ipa.go.jp/en/security/c0371_est.pdf
- toe_version: 11.0.2100.60
- vendor: Microsoft Corporation
- expiration_date: 01.10.2017
- supplier: Microsoft Corporation
- toe_japan_name: -----
- toe_overseas_link: https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0371_it1383.html
- toe_overseas_name: Microsoft SQL Server 2012 Database Engine Enterprise Edition x64 (English) 11.0.2100.60
|
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
{} |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
{} |
{} |
| pdf_data/cert_filename |
None |
None |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
|
| pdf_data/report_filename |
c0371_erpt.pdf |
ISIS-73-EN.pdf |
| pdf_data/report_frontpage |
|
|
| pdf_data/report_keywords/cc_cert_id |
- JP:
- CRP-C0371-01: 1
- Certification No. C0371: 1
|
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
|
|
| pdf_data/report_keywords/cc_sar |
|
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
- A:
- A.NO_EVIL: 1
- A.NO_GENERAL_: 1
- A.PHYSICAL: 1
- T:
- T.MASQUERADE: 1
- T.TSF_COMPROMISE: 1
- T.UNAUTHORIZED_: 1
- T.UNIDENTIFIED_: 1
|
- A:
- A.AVCONFILICT: 1
- A.CERT: 1
- A.GUARD: 1
- A.INTERNALENTITY: 1
- A.NO_EVIL: 1
- A.PHYSICAL: 1
- A.SAFEITENTITY: 1
- A.TIMESTAMP: 1
- O:
- O.ADMIN_ROLE: 1
- O.ALARM: 1
- O.AUDIT: 1
- O.INA: 1
- O.MANAGE: 1
- O.SECURE_UPDATE: 1
- O.SELF_PROTECTION: 1
- O.STRENGTHENOS: 1
- O.TSFDATA_PROTECT: 1
- O.VIRUS: 1
- OE:
- OE.AUDIT_SEARCH: 1
- OE.AUDIT_STORAGE: 1
- OE.AVCONFLICT: 1
- OE.CERT: 1
- OE.DOM_SEPARATION: 1
- OE.GUARD: 1
- OE.INTERNALENTITY: 1
- OE.NO_BYPASS: 1
- OE.NO_EVIL: 1
- OE.PHYSICAL: 1
- OE.RESIDUAL_INFO: 1
- OE.SAFEITENTITY: 1
- OE.TIMESTAMP: 1
- OE.TOE_ACCESS: 1
|
| pdf_data/report_keywords/vendor |
- Microsoft:
- Microsoft: 17
- Microsoft Corporation: 7
|
|
| pdf_data/report_keywords/eval_facility |
- TUV:
- TÜV Informationstechnik: 3
|
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
- CC:
- CCMB-2009-07-001: 2
- CCMB-2009-07-002: 2
- CCMB-2009-07-003: 2
- CCMB-2009-07-004: 2
|
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
|
- OutOfScope:
- If the administrator does not set the V3 security lock with Policy Agent in passive mode, it is out of scope of the evaluation because it is not enterprise environment, the TOE operating environment: 1
- out of scope: 1
|
| pdf_data/report_metadata |
- /CreationDate: D:20130527154721+09'00'
- /Creator: Microsoft® Word 2010
- /ModDate: D:20130527154854+09'00'
- /Producer: Microsoft® Word 2010
- pdf_file_size_bytes: 225890
- pdf_hyperlinks: {}
- pdf_is_encrypted: True
- pdf_number_of_pages: 29
|
- /Author: KYH
- /CreationDate: D:20071203103449+09'00'
- /Creator: PScript5.dll Version 5.2.2
- /ModDate: D:20071203103449+09'00'
- /Producer: Acrobat Distiller 7.0.5 (Windows)
- /Title: ISIS-73-EN.hwp
- pdf_file_size_bytes: 330437
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 26
|
| pdf_data/st_filename |
c0371_est.pdf |
ISIS-73-ST-EN.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
|
|
| pdf_data/st_keywords/cc_sar |
|
- ACM:
- ACM_AUT.1: 2
- ACM_CAP.4: 2
- ACM_SCP.2: 3
- ADO:
- ADO_DEL.2: 2
- ADO_IGS.1: 2
- ADV:
- ADV_FSP.2: 2
- ADV_HLD.2: 2
- ADV_IMP.1: 2
- ADV_LLD.1: 2
- ADV_RCR.1: 2
- ADV_SPM.1: 2
- AGD:
- AGD_ADM.1: 3
- AGD_USR.1: 2
- ALC:
- ALC_DVS.1: 2
- ALC_LCD.1: 2
- ALC_TAT.1: 2
- ATE:
- ATE_COV.2: 2
- ATE_DPT.1: 3
- ATE_FUN.1: 2
- ATE_IND.2: 3
- AVA:
- AVA_MSU.2: 4
- AVA_SOF.1: 2
- AVA_VLA.2: 3
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FAU_GEN: 1
- FAU_GEN.1: 6
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FAU_GEN.2: 6
- FAU_GEN.2.1: 1
- FAU_SEL.1: 6
- FAU_SEL.1.1: 1
- FAU_STG: 3
- FAU_STG.1: 2
- FAU_STG.3: 1
- FAU_STG.4: 1
- FAU_STG_EXP: 2
- FAU_STG_EXP.5: 14
- FAU_STG_EXP.5.1: 2
- FDP:
- FDP_ACC.1: 9
- FDP_ACC.1.1: 1
- FDP_ACF.1: 6
- FDP_ACF.1.1: 1
- FDP_ACF.1.2: 1
- FDP_ACF.1.3: 1
- FDP_ACF.1.4: 1
- FDP_IFC.1: 1
- FIA:
- FIA_ATD.1: 9
- FIA_ATD.1.1: 1
- FIA_UAU.2: 7
- FIA_UAU.2.1: 1
- FIA_UAU.5: 7
- FIA_UAU.5.1: 1
- FIA_UAU.5.2: 1
- FIA_UID.1: 8
- FIA_UID.2: 10
- FIA_UID.2.1: 1
- FMT:
- FMT_MOF.1: 6
- FMT_MOF.1.1: 1
- FMT_MSA.1: 6
- FMT_MSA.1.1: 1
- FMT_MSA.3: 9
- FMT_MSA.3.1: 1
- FMT_MSA.3.2: 1
- FMT_MTD.1: 7
- FMT_MTD.1.1: 1
- FMT_REV.1: 14
- FMT_REV.1.1: 2
- FMT_REV.1.2: 2
- FMT_SMF.1: 7
- FMT_SMF.1.1: 1
- FMT_SMR.1: 13
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FPT:
|
- FAU:
- FAU_APR.1: 2
- FAU_ARP.1: 10
- FAU_ARP.1.1: 1
- FAU_GEN.1: 17
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FAU_GEN.2: 9
- FAU_GEN.2.1: 1
- FAU_SAA.1: 13
- FAU_SAA.1.1: 1
- FAU_SAA.1.2: 1
- FAU_SAR.1: 20
- FAU_SAR.1.1: 2
- FAU_SAR.1.2: 2
- FAU_SAR.2: 12
- FAU_SAR.2.1: 1
- FAU_SAR.3: 13
- FAU_SAR.3.1: 2
- FAU_SSA.1: 1
- FAU_STG.1: 6
- FAU_STG.1.1: 1
- FAU_STG.1.2: 1
- FAU_STG.3: 1
- FAU_STG.4: 11
- FAU_STG.4.1: 1
- FDP:
- FIA:
- FIA_AFL.1: 10
- FIA_AFL.1.1: 1
- FIA_AFL.1.2: 1
- FIA_SOS.1: 10
- FIA_SOS.1.1: 1
- FIA_UAU.1: 6
- FIA_UAU.2: 16
- FIA_UAU.2.1: 2
- FIA_UAU.6: 14
- FIA_UAU.6.1: 2
- FIA_UID.1: 8
- FIA_UID.2: 18
- FIA_UID.2.1: 2
- FMT:
- FMT_MOF.1: 27
- FMT_MOF.1.1: 1
- FMT_MTD.1: 32
- FMT_MTD.1.1: 1
- FMT_MTD.2: 12
- FMT_MTD.2.1: 1
- FMT_MTD.2.2: 1
- FMT_SMF.1: 31
- FMT_SMF.1.1: 1
- FMT_SMR.1: 27
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FPT:
- FPT_AMT.1: 10
- FPT_AMT.1.1: 1
- FPT_ITI.1: 10
- FPT_ITI.1.1: 1
- FPT_ITI.1.2: 1
- FPT_ITT.1: 16
- FPT_ITT.1.1: 2
- FPT_SSL.3: 1
- FPT_STM.1: 7
- FPT_STM.1.1: 1
- FPT_TST.1: 13
- FPT_TST.1.1: 1
- FPT_TST.1.2: 1
- FPT_TST.1.3: 1
- FTA:
- FTA_SSL.1: 5
- FTA_SSL.1.1: 1
- FTA_SSL.1.2: 1
- FTA_SSL.3: 15
- FTA_SSL.3.1: 1
- FTA_SSL.4: 14
- FTA_SSL.4.1: 1
|
| pdf_data/st_keywords/cc_claims |
- A:
- A.NO_EVIL: 3
- A.NO_GENERAL_PURPOSE: 3
- A.PHYSICAL: 3
- O:
- O.ADMIN_ROLE: 5
- O.AUDIT_GENERATION: 6
- O.MANAGE: 7
- O.MEDIATE: 4
- OE:
- OE.NO_EVIL: 4
- OE.NO_GENERAL_: 3
- OE.NO_GENERAL_PURPOSE: 1
- OE.PHYSICAL: 4
- T:
- T.MASQUERADE: 3
- T.TSF_COMPROMISE: 3
- T.UNAUTHORIZED_: 1
- T.UNAUTHORIZED_ACCESS: 2
- T.UNIDENTIFIED_ACTIONS: 3
|
- A:
- A.AVCONFLICT: 3
- A.CERT: 3
- A.GUARD: 3
- A.INTERNALENTITY: 3
- A.NO_EVIL: 3
- A.PHISICAL: 2
- A.SAFEITENTITY: 3
- A.TIMESTAMP: 3
- O:
- O.ADMIN_ROLE: 5
- O.ALARM: 6
- O.AUDIT: 10
- O.AUIDT: 2
- O.INA: 16
- O.MANAGE: 14
- O.SECURE_UPDATE: 6
- O.SELF_PROTECTION: 5
- O.STRENGTHENOS: 5
- O.TSFDATA_PROTECT: 8
- O.VIRUS: 10
- OE:
- OE.AUDIT_SEARCH: 5
- OE.AUDIT_STORAGE: 7
- OE.AVCONFLICT: 3
- OE.CERT: 3
- OE.DOM_SEPARATION: 5
- OE.GAURD: 1
- OE.GUARD: 2
- OE.INTERNALENTITY: 3
- OE.NO_BYPASS: 5
- OE.NO_EVIL: 3
- OE.PHISICAL: 2
- OE.PHYSICAL: 1
- OE.RESIDUAL_INFO: 2
- OE.SAFEITENTITY: 4
- OE.TIMESTAMP: 7
- OE.TOE_ACCESS: 13
- T:
- T.AUDIT_COMPROMISE: 8
- T.DOWN_INTERFERENCE: 3
- T.MASQUERADE: 5
- T.RESIDUAL_DATA: 3
- T.TRANS_DESTORY: 3
- T.TSF_COMPROMISE: 9
- T.UNATTEND_SESS: 5
- T.UNIDENTIFIED_ACTIONS: 5
- T.VIRUS: 4
|
| pdf_data/st_keywords/vendor |
- Microsoft:
- Microsoft: 54
- Microsoft Corporation: 2
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
|
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
|
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
|
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
|
- OutOfScope:
- 98 APC uses SMS for notification on the situation that authorized administrator is set. This is out of scope because additional contract with a mobile service provider is necessary for this function. APC: 1
- 99 APC creates reports with pre-defined formats and audit records. This function is out of scope since it is independent with generating and storing audit records. AhnLab, Korea 24/109 APC: 1
- files for support of V3+ Neo. Since the operating system of the TOE is Windows XP, This is out of scope. 91 The following functions are out of scope for policy server. Hierarchical Domain Management : 1
- out of scope: 6
- system in case that the system has been registered on the APC. 101 The following functions are out of scope for policy agent. User Information Input 102 An additional feature for the Policy Agent user: 1
- updates itself by the policy server’s command. 2.2.3 Out of Coverage 88 The following functions are out of scope of V3 Run as a Update Server 89 Without APC, V3 runs as an update server for the other V3s. V3 +: 1
|
| pdf_data/st_metadata |
|
- /Author: KYH
- /CreationDate: D:20071203103747+09'00'
- /Creator: PScript5.dll Version 5.2.2
- /ModDate: D:20071203103747+09'00'
- /Producer: Acrobat Distiller 7.0.5 (Windows)
- /Title: Microsoft Word - ISIS-73-ST_EN.doc
- pdf_file_size_bytes: 796288
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 109
|
| state/cert/convert_garbage |
False |
False |
| state/cert/convert_ok |
False |
False |
| state/cert/download_ok |
False |
False |
| state/cert/extract_ok |
False |
False |
| state/cert/pdf_hash |
Equal |
Equal |
| state/cert/txt_hash |
Equal |
Equal |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |