Comparing certificates Experimental feature

You are comparing two certificates. By default, only different attributes are shown. Use the button below to show/hide all attributes.

Microsoft SQL Server 2014 Database Engine Enterprise Edition x64 (English)12.0.2000.8
JISEC-CC-CRP-C0475 		SQL Server 2016 Database Engine Enterprise Edition x64 (English) 13.0.4001.0 (including Service Pack 1)
JISEC-CC-CRP-C0537
name Microsoft SQL Server 2014 Database Engine Enterprise Edition x64 (English)12.0.2000.8 SQL Server 2016 Database Engine Enterprise Edition x64 (English) 13.0.4001.0 (including Service Pack 1)
not_valid_before 2015-06-16 2017-02-15
not_valid_after 2020-07-01 2022-02-15
st_link https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0475_est.pdf https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0537_est.pdf
report_link https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0475_erpt.pdf https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0537_erpt.pdf
cert_link None https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0537_eimg.pdf
protection_profiles frozendict({'_type': 'sec_certs.sample.protection_profile.ProtectionProfile', 'pp_name': 'U.S. Government Protection Profile Database Management Systems, Version 1.3', 'pp_eal': 'EAL2+', 'pp_link': 'https://www.commoncriteriaportal.org/files/ppfiles/pp_dbms_v1.3.pdf', 'pp_ids': frozenset({'PP_DBMS_V1.3'})}) frozendict({'_type': 'sec_certs.sample.protection_profile.ProtectionProfile', 'pp_name': 'Base Protection Profile for Database Management Systems', 'pp_eal': 'EAL2+', 'pp_link': 'https://www.commoncriteriaportal.org/files/ppfiles/pp0088b_pdf.pdf', 'pp_ids': frozenset({'DBMS_PP'})})
state/cert/convert_ok False True
state/cert/download_ok False True
state/cert/extract_ok False True
state/cert/pdf_hash None e06b4bf851a233995c42ea3442c808670fa41d0a9623dcc6edcb29d625e31239
state/cert/txt_hash None d6f03332aaf99dee97c2c1bee96bfbe235b26ac32e9ddd3df2b047a8bda650ba
state/report/pdf_hash bf3d64289ba9b8366626761600d05b7766183ff7dc92f9c5f0581d1faf2e2160 c01e18dbdad0c499dc46b42ce4d19384899797a509f8647ca809715d05dc16ec
state/report/txt_hash 2aab8d690195e7968a1820761e268fc26514a6b22f0efeb07bcd3775340011bf ea6efabb475d8107b300bf1572a0e13a8d393ace9dc5452dc1f81ba225faa42f
state/st/pdf_hash 27bb951e648abb5a44ec818ad00ce0fac5ef7f68ee6c58c0d73a45fab982a33c f0c8433c7f20b1ce5fd24304cff9661223f1afad4e63512f2605f1e794bb47cb
state/st/txt_hash c9ec0cb700e0da833f51063d6cd67466d8cfa06e4486cf4bc0f944dd0840ce5e 366a3938d32ee8c03f1719b4490a4ee05c88db9451aabecfbb21752a48f9ce6d
heuristics/cert_id JISEC-CC-CRP-C0475 JISEC-CC-CRP-C0537
heuristics/cpe_matches None cpe:2.3:a:microsoft:sql_server_2016:13.0.4001.0:*:*:*:*:*:*:*
heuristics/extracted_versions 12.0.2000.8 13.0.4001.0
heuristics/related_cves None CVE-2024-37331, CVE-2024-37323, CVE-2024-35271, CVE-2024-35256, CVE-2024-37332, CVE-2024-37326, CVE-2024-37321, CVE-2024-37322, CVE-2024-37333, CVE-2024-38088, CVE-2024-35272, CVE-2024-37320, CVE-2024-37330, CVE-2024-21449, CVE-2024-37329, CVE-2024-37319, CVE-2024-38087, CVE-2024-37336, CVE-2024-37327, CVE-2024-37324, CVE-2024-37328, CVE-2024-37318
heuristics/scheme_data/cert_id C0475 C0537
heuristics/scheme_data/certification_date 2015-06 2017-02
heuristics/scheme_data/claim EAL2+ ALC_FLR.2 PP EAL2+ALC_FLR.2 PP
heuristics/scheme_data/enhanced/cert_link https://www.ipa.go.jp/en/security/c0475_eimg.pdf https://www.ipa.go.jp/en/security/c0537_eimg.pdf
heuristics/scheme_data/enhanced/certification_date 2015-06-16 2017-02-15
heuristics/scheme_data/enhanced/description PRODUCT DESCRIPTION Description of TOE The TOE is the database engine of SQL Server 2014. SQL Server is a Database Management System (DBMS). The TOE has been developed as the core module of the DBMS to store and manage data in a secure way. TOE security functionality This TOE provides the following security functionality: - The Access Control function of the TOE controls the access of users to user data and metadata stored in the TOE. - The Session Handling function of the TOE limits the possibilities of users to establish sessions with the TOE. - The Security Audit function of the TOE produces log files about all security relevant events. - The Security Management function allows authorized administrators to manage the behavior of the security functionality of the TOE. - The Identification and Authentication function of the TOE is able to identify and authenticate users. - The Residual Information Protection function of the TOE overwrites the residual information on the memory that will be used for user sessions. PRODUCT DESCRIPTION Description of TOE The TOE is the database engine of SQL Server 2016. SQL Server is a Database Management System (DBMS). The TOE has been developed as the core module of the DBMS to store and manage data in a secure way. TOE security functionality This TOE provides the following security functionality: - The Access Control function of the TOE controls the access of users to user data and metadata stored in the TOE. - The Session Handling function of the TOE limits the possibilities of users to establish sessions with the TOE. - The Security Audit function of the TOE produces log files about all security relevant events. - The Security Management function allows authorized administrators to manage the behavior of the security functionality of the TOE. - The Identification and Authentication function of the TOE is able to identify and authenticate users. - The Residual Information Protection function of the TOE overwrites the residual information on the memory that will be used for user sessions.
heuristics/scheme_data/enhanced/evaluation_facility TÜV Informationstechnik GmbH, Evaluation Body for IT-Security TÜV Informationstechnik GmbH, Evaluation Body for IT-Security
heuristics/scheme_data/enhanced/product Microsoft SQL Server 2014 Database Engine Enterprise Edition x64 (English) SQL Server 2016 Database Engine Enterprise Edition x64 (English)
heuristics/scheme_data/enhanced/protection_profile U.S. Government Protection Profile for Database Management Systems, Version 1.3 Base Protection Profile for Database Management Systems (DBMS PP), Version 2.07
heuristics/scheme_data/enhanced/report_link https://www.ipa.go.jp/en/security/c0475_erpt.pdf https://www.ipa.go.jp/en/security/c0537_erpt.pdf
heuristics/scheme_data/enhanced/target_link https://www.ipa.go.jp/en/security/c0475_est.pdf https://www.ipa.go.jp/en/security/c0537_est.pdf
heuristics/scheme_data/enhanced/toe_version 12.0.2000.8 13.0.4001.0 (including Service Pack 1)
heuristics/scheme_data/expiration_date 2020-07 2022-03
heuristics/scheme_data/toe_overseas_link https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0475_it3480.html https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0537_it5563.html
heuristics/scheme_data/toe_overseas_name Microsoft SQL Server 2014 Database Engine Enterprise Edition x64 (English)12.0.2000.8 SQL Server 2016 Database Engine Enterprise Edition x64 (English)13.0.4001.0 (including Service Pack 1)
pdf_data/cert_filename None c0537_eimg.pdf
pdf_data/cert_keywords None
  • cc_cert_id:
  • cc_protection_profile_id:
  • cc_security_level:
    • EAL:
      • EAL2: 1
  • cc_sar:
    • ALC:
      • ALC_FLR.2: 1
  • cc_sfr:
  • cc_claims:
  • vendor:
    • Microsoft:
      • Microsoft Corporation: 1
  • eval_facility:
    • TUV:
      • TÜV Informationstechnik: 1
  • symmetric_crypto:
  • asymmetric_crypto:
  • pq_crypto:
  • hash_function:
  • crypto_scheme:
  • crypto_protocol:
  • randomness:
  • cipher_mode:
  • ecc_curve:
  • crypto_engine:
  • tls_cipher_suite:
  • crypto_library:
  • vulnerability:
  • side_channel_analysis:
  • technical_report_id:
  • device_model:
  • tee_name:
  • os_name:
  • cplc_data:
  • ic_data_group:
  • standard_id:
  • javacard_version:
  • javacard_api_const:
  • javacard_packages:
  • certification_process:
pdf_data/cert_metadata None
  • pdf_file_size_bytes: 415538
  • pdf_is_encrypted: True
  • pdf_number_of_pages: 1
  • /CreationDate: D:20170316155916+09'00'
  • /Creator: Microsoft® Word 2010
  • /ModDate: D:20170316160045+09'00'
  • /Producer: Microsoft® Word 2010
  • pdf_hyperlinks:
pdf_data/report_filename c0475_erpt.pdf c0537_erpt.pdf
pdf_data/report_keywords/cc_cert_id/JP
  • CRP-C0475-01: 1
  • Certification No. C0475: 1
  • CRP-C0537-01: 1
  • Certification No. C0537: 1
pdf_data/report_keywords/cc_claims/A
  • A.NO_EVIL: 1
  • A.NO_GENERAL_: 1
  • A.PHYSICAL: 1
  • A.PHYSICAL: 1
  • A.AUTHUSER: 1
  • A.MANAGE: 1
  • A.TRAINEDUSER: 1
  • A.NO_GENERAL_: 1
  • A.SUPPORT: 1
  • A.CONNECT: 1
pdf_data/report_keywords/cc_claims/T
  • T.ACCIDENTIAL_ADMIN_ERROR: 1
  • T.POOR_DESIGN: 1
  • T.POOR_IMPLEMENTATION: 1
  • T.POOR_TEST: 1
  • T.MASQUERADE: 1
  • T.RESIDUAL_DATA: 1
  • T.TSF_COMPROMISE: 1
  • T.UNAUTHORIZED_: 1
  • T.UNIDENTIFIED_: 1
  • T.ACCESS_TSFDATA: 1
  • T.ACCESS_TSFFUNC: 1
  • T.IA_MASQUERADE: 1
  • T.IA_USER: 1
  • T.RESIDUAL_DATA: 1
  • T.TSF_COMPROMISE: 1
  • T.UNAUTHORIZED_: 1
pdf_data/report_keywords/vendor/Microsoft/Microsoft 20 5
pdf_data/report_metadata//CreationDate D:20150724094408+09'00' D:20170316160424+09'00'
pdf_data/report_metadata//ModDate D:20150724094442+09'00' D:20170316160534+09'00'
pdf_data/report_metadata/pdf_file_size_bytes 233021 240723
pdf_data/report_metadata/pdf_number_of_pages 31 33
pdf_data/st_filename c0475_est.pdf c0537_est.pdf
pdf_data/st_keywords/cc_claims/A
  • A.NO_EVIL: 3
  • A.NO_GENERAL_PURPOSE: 3
  • A.PHYSICAL: 3
  • A.PHYSICAL: 3
  • A.AUTHUSER: 3
  • A.MANAGE: 3
  • A.TRAINEDUSER: 3
  • A.NO_GENERAL_PURPOSE: 3
  • A.SUPPORT: 4
  • A.CONNECT: 4
pdf_data/st_keywords/cc_claims/O
  • O.ADMIN_GUIDANCE: 1
  • O.CONFIGURATION_IDENTIFICATION: 1
  • O.DOCUMENTED_DESIGN: 1
  • O.INTERNAL_TOE_DOMAINS: 1
  • O.PARTIAL_FUNCTIONAL_TEST: 1
  • O.PARTIAL_SELF_PROTECTION: 1
  • O.VULNERABILITY_ANALYSIS: 1
  • O.ACCESS_HISTORY: 5
  • O.ADMIN_ROLE: 4
  • O.AUDIT_GENERATION: 4
  • O.MANAGE: 6
  • O.MEDIATE: 5
  • O.RESIDUAL_INFORMATION: 3
  • O.TOE_ACCESS: 7
  • O.RESIDUAL_INFORMAT: 2
  • O.AUDIT_: 1
  • O.RESIDUAL_INFORM: 1
  • O.ACCESS_HISTORY: 9
  • O.ADMIN_ROLE: 8
  • O.AUDIT_GENERATION: 6
  • O.DISCRETIONARY_ACCESS: 5
  • O.MANAGE: 11
  • O.MEDIATE: 8
  • O.RESIDUAL_INFORMATION: 8
  • O.TOE_ACCESS: 18
  • O.AUDIT_GENERATI: 1
  • O.DISCRETIONARY_: 1
  • O.RESIDUAL_INFOR: 1
pdf_data/st_keywords/cc_claims/O/O.ACCESS_HISTORY 5 9
pdf_data/st_keywords/cc_claims/O/O.ADMIN_ROLE 4 8
pdf_data/st_keywords/cc_claims/O/O.AUDIT_GENERATION 4 6
pdf_data/st_keywords/cc_claims/O/O.MANAGE 6 11
pdf_data/st_keywords/cc_claims/O/O.MEDIATE 5 8
pdf_data/st_keywords/cc_claims/O/O.RESIDUAL_INFORMATION 3 8
pdf_data/st_keywords/cc_claims/O/O.TOE_ACCESS 7 18
pdf_data/st_keywords/cc_claims/OE
  • OE.NO_EVIL: 4
  • OE.NO_GENERAL_: 2
  • OE.PHYSICAL: 4
  • OE.NO_GENERAL_PURPOSE: 1
  • OE.ADMIN: 12
  • OE.INFO_PROTECT: 19
  • OE.NO_GENERAL_: 2
  • OE.PHYSICAL: 8
  • OE.IT_REMOTE: 10
  • OE.IT_TRUSTED_SYSTEM: 9
  • OE.NO_GENERAL_PURPOSE: 6
pdf_data/st_keywords/cc_claims/OE/OE.NO_GENERAL_PURPOSE 1 6
pdf_data/st_keywords/cc_claims/OE/OE.PHYSICAL 4 8
pdf_data/st_keywords/cc_claims/T
  • T.ACCIDENTIAL_ADMIN_ERROR: 1
  • T.POOR_DESIGN: 1
  • T.POOR_IMPLEMENTATION: 1
  • T.POOR_TEST: 1
  • T.MASQUERADE: 3
  • T.RESIDUAL_DATA: 3
  • T.TSF_COMPROMISE: 3
  • T.UNAUTHORIZED_ACCESS: 3
  • T.UNIDENTIFIED_ACTIONS: 3
  • T.ACCESS_TSFDATA: 3
  • T.ACCESS_TSFFUNC: 3
  • T.IA_MASQUERADE: 4
  • T.IA_USER: 3
  • T.RESIDUAL_DATA: 3
  • T.TSF_COMPROMISE: 4
  • T.UNAUTHORIZED_ACCESS: 4
pdf_data/st_keywords/cc_claims/T/T.TSF_COMPROMISE 3 4
pdf_data/st_keywords/cc_claims/T/T.UNAUTHORIZED_ACCESS 3 4
pdf_data/st_keywords/cc_sar
  • ADV:
    • ADV_FSP.2: 1
    • ADV_ARC.1: 2
  • AGD:
    • AGD_ADD: 3
    • AGD_PRE.1: 1
  • ALC:
    • ALC_FLR.2: 4
    • ALC_FLR: 1
    • ALC_DEL.1: 1
    • ALC_CMS.2: 1
  • ATE:
    • ATE_COV.1: 1
    • ATE_IND.2: 1
  • AVA:
    • AVA_VAN.2: 1
  • AGD:
    • AGD_ADD: 3
  • ALC:
    • ALC_FLR.2: 4
pdf_data/st_keywords/cc_sar/AGD
  • AGD_ADD: 3
  • AGD_PRE.1: 1
  • AGD_ADD: 3
pdf_data/st_keywords/cc_sar/ALC
  • ALC_FLR.2: 4
  • ALC_FLR: 1
  • ALC_DEL.1: 1
  • ALC_CMS.2: 1
  • ALC_FLR.2: 4
pdf_data/st_keywords/cc_security_level/EAL/EAL2 2 1
pdf_data/st_keywords/cc_security_level/EAL/EAL2 augmented 2 1
pdf_data/st_keywords/cc_security_level/EAL/EAL2+ 51 66
pdf_data/st_keywords/cc_sfr/FAU
  • FAU_STG_EXP.5: 15
  • FAU_STG: 3
  • FAU_GEN: 10
  • FAU_GEN.1: 3
  • FAU_SEL: 8
  • FAU_SEL.1: 2
  • FAU_GEN.2: 8
  • FAU_STG_EXP: 2
  • FAU_STG.3: 1
  • FAU_STG.1: 2
  • FAU_STG_EXP.5.1: 2
  • FAU_GEN.2.1: 1
  • FAU_STG.4: 1
  • FAU_GEN.1: 9
  • FAU_GEN.2: 6
  • FAU_SEL.1: 7
  • FAU_GEN.1.1: 1
  • FAU_GEN.1.2: 1
  • FAU_GEN.2.1: 1
  • FAU_SEL.1.1: 1
pdf_data/st_keywords/cc_sfr/FAU/FAU_GEN.1 3 9
pdf_data/st_keywords/cc_sfr/FAU/FAU_GEN.2 8 6
pdf_data/st_keywords/cc_sfr/FAU/FAU_SEL.1 2 7
pdf_data/st_keywords/cc_sfr/FDP
  • FDP_ACF: 8
  • FDP_ACF.1: 6
  • FDP_ACC.1: 10
  • FDP_RIP.1: 6
  • FDP_ACC.1.1: 1
  • FDP_RIP.1.1: 1
  • FDP_IFC.1: 1
  • FDP_ACC.1: 15
  • FDP_ACF.1: 8
  • FDP_RIP.1: 6
  • FDP_ACC.1.1: 1
  • FDP_ACF.1.1: 2
  • FDP_ACF.1.2: 1
  • FDP_ACF.1.3: 1
  • FDP_ACF.1.4: 1
  • FDP_RIP.1.1: 1
  • FDP_IFC.1: 1
pdf_data/st_keywords/cc_sfr/FDP/FDP_ACC.1 10 15
pdf_data/st_keywords/cc_sfr/FDP/FDP_ACF.1 6 8
pdf_data/st_keywords/cc_sfr/FIA
  • FIA_UAU.2: 8
  • FIA_UAU.5: 8
  • FIA_UID.2: 12
  • FIA_ATD.1: 10
  • FIA_ATD.1.1: 2
  • FIA_UAU.2.1: 1
  • FIA_UAU.5.1: 1
  • FIA_UAU.5.2: 1
  • FIA_UID.2.1: 1
  • FIA_UID.1: 11
  • FIA_USB.1: 5
  • FIA_ATD.1: 15
  • FIA_UAU.1: 7
  • FIA_UID.1: 14
  • FIA_ATD.1.1: 3
  • FIA_UAU.1.1: 1
  • FIA_UAU.1.2: 1
  • FIA_UID.1.1: 1
  • FIA_UID.1.2: 1
pdf_data/st_keywords/cc_sfr/FIA/FIA_ATD.1 10 15
pdf_data/st_keywords/cc_sfr/FIA/FIA_ATD.1.1 2 3
pdf_data/st_keywords/cc_sfr/FIA/FIA_UID.1 11 14
pdf_data/st_keywords/cc_sfr/FMT/FMT_MSA.1 6 7
pdf_data/st_keywords/cc_sfr/FMT/FMT_MTD.1 7 6
pdf_data/st_keywords/cc_sfr/FMT/FMT_REV.1 16 12
pdf_data/st_keywords/cc_sfr/FMT/FMT_SMF.1 7 11
pdf_data/st_keywords/cc_sfr/FMT/FMT_SMR.1 14 18
pdf_data/st_keywords/cc_sfr/FPT
  • FPT_TRC.1: 6
  • FPT_TRC.1.1: 1
  • FPT_TRC.1.2: 1
  • FPT_STM.1: 1
  • FPT_TRC.1: 6
  • FPT_TRC.1.1: 1
  • FPT_TRC.1.2: 1
  • FPT_STM.1: 1
  • FPT_ITT.1: 1
pdf_data/st_keywords/cc_sfr/FTA
  • FTA_TAH.1: 8
  • FTA_MCS.1: 6
  • FTA_TSE.1: 6
  • FTA_MCS.1.1: 1
  • FTA_MCS.1.2: 1
  • FTA_TAH.1.1: 1
  • FTA_TAH.1.2: 1
  • FTA_TAH.1.3: 1
  • FTA_TSE.1.1: 1
  • FTA_MCS.1: 7
  • FTA_TSE.1: 6
  • FTA_MCS.1.1: 1
  • FTA_MCS.1.2: 1
  • FTA_TSE.1.1: 1
  • FTA_TAH: 1
pdf_data/st_keywords/cc_sfr/FTA/FTA_MCS.1 6 7
pdf_data/st_keywords/vendor/Microsoft/Microsoft 11 10
pdf_data/st_keywords/vendor/Microsoft/Microsoft Corporation 2 3
pdf_data/st_metadata//CreationDate D:20150330143231+02'00' D:20161221140607+01'00'
pdf_data/st_metadata//ModDate D:20150330143231+02'00' D:20161221140607+01'00'
pdf_data/st_metadata//Title Security Target - SQL Server 2014 Security Target - SQL Server 2016
pdf_data/st_metadata/pdf_file_size_bytes 595609 1446524
pdf_data/st_metadata/pdf_number_of_pages 50 65
dgst c225189611bed8f2 a43cc3e7f97cf843