| name |
Oracle Solaris 11.4 |
Insurance Security Token Server (ISTS), Version 2.0.9 |
| category |
Operating Systems |
Network and Network-Related Devices and Systems |
| scheme |
CA |
DE |
| status |
archived |
archived |
| not_valid_after |
08.02.2026 |
01.02.2026 |
| not_valid_before |
08.02.2021 |
02.02.2021 |
| cert_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/503-LSS%20CT.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1150c_pdf.pdf |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/503-LSS%20CR.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1150a_pdf.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/503-LSS%20ST%20v1.3.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1150b_pdf.pdf |
| manufacturer |
Oracle Corporation |
GDV Dienstleistungs-GmbH |
| manufacturer_web |
https://www.oracle.com |
https://www.gdv-dl.de |
| security_level |
{} |
EAL2 |
| dgst |
c6c91b86051d0864 |
3a0c756666671c71 |
| heuristics/cert_id |
503-LSS |
BSI-DSZ-CC-1150-2021 |
| heuristics/cert_lab |
[] |
BSI |
| heuristics/cpe_matches |
cpe:2.3:o:oracle:solaris:11.4:*:*:*:*:*:*:* |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
CVE-2019-2787, CVE-2019-2807, CVE-2019-2788, CVE-2019-2804, CVE-2019-2820, CVE-2019-2844, CVE-2019-2838 |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ASE_SPD.1, ALC_CMS.1, AGD_OPE.1, ASE_ECD.1, AVA_VAN.1, AGD_PRE.1, ASE_CCL.1, ASE_TSS.1, ASE_INT.1, ALC_CMC.1, ASE_REQ.2, ALC_TSU_EXT.1, ATE_IND.1, ASE_OBJ.2, ADV_FSP.1 |
ALC_DEL.1, ATE_FUN.1, ASE_INT.1, ALC_CMS.2, AGD_OPE.1, ATE_COV.1, ASE_CCL.1, ADV_ARC.1, AVA_VAN.2, ASE_SPD.1, ATE_IND.2, ASE_ECD.1, ADV_TDS.1, ADV_FSP.2, AGD_PRE.1, ALC_CMC.2, ASE_TSS.1, ASE_REQ.2, ASE_OBJ.2 |
| heuristics/extracted_versions |
11.4 |
2.0.9 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
BSI-DSZ-CC-1265-2026 |
| heuristics/report_references/directly_referencing |
{} |
BSI-DSZ-CC-1038-2017 |
| heuristics/report_references/indirectly_referenced_by |
{} |
BSI-DSZ-CC-1265-2026 |
| heuristics/report_references/indirectly_referencing |
{} |
BSI-DSZ-CC-1038-2017, BSI-DSZ-CC-0943-2015 |
| heuristics/scheme_data |
|
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
236bced46aeb26ba, e34797b67a3163c5 |
{} |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/PP_OS_V4.2.1.pdf, https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp_ssh_ep_v1.0.pdf |
{} |
| pdf_data/cert_filename |
503-LSS CT.pdf |
1150c_pdf.pdf |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
- ISO:
- ISO/IEC 15408: 2
- ISO/IEC 18045: 2
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
|
| pdf_data/report_filename |
503-LSS CR.pdf |
1150a_pdf.pdf |
| pdf_data/report_frontpage |
|
- DE:
- cert_id: BSI-DSZ-CC-1150-2021
- cert_item: Insurance Security Token Server (ISTS), Version 2.0.9
- cert_lab: BSI
- developer: GDV Dienstleistungs-GmbH
- match_rules: ['(BSI-DSZ-CC-.+?) zu (.+?) der (.*)']
- CA:
|
| pdf_data/report_keywords/cc_cert_id |
|
- DE:
- BSI-DSZ-CC-1038-2017: 2
- BSI-DSZ-CC-1150-2021: 15
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
|
- EAL:
- EAL 1: 1
- EAL 2: 5
- EAL 4: 1
|
| pdf_data/report_keywords/cc_sar |
|
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
|
- OE:
- OE.ENVIRONMENT: 1
- OE.NOEVIL: 1
- OE.PHYSEC: 1
- OE.PKI: 1
- OE.PUBLIC: 1
|
| pdf_data/report_keywords/vendor |
|
|
| pdf_data/report_keywords/eval_facility |
|
- TUV:
- TÜV Informationstechnik: 3
- TÜViT: 2
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
|
- BSI:
- AIS 14: 1
- AIS 19: 1
- AIS 32: 1
- AIS 41: 1
- AIS 45: 1
- ISO:
- ISO/IEC 15408: 4
- ISO/IEC 17065: 2
- ISO/IEC 18045: 4
- X509:
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
- OutOfScope:
- The OS relies upon a trustworthy computing platform for its execution. This underlying platform is out of scope of this PP. The user of the OS is not willfully negligent or hostile and uses the software in: 1
- out of scope: 1
|
|
| pdf_data/report_metadata |
|
- /Author: Bundesamt für Sicherheit in der Informationstechnik
- /CreationDate: D:20210205065853+01'00'
- /Creator: Writer
- /Keywords: "Common Criteria, Certification, Zertifizierung, Serveranwendung, ISTS"
- /ModDate: D:20210218090032+01'00'
- /Producer: LibreOffice 6.3
- /Subject: Insurance Security Token Server (ISTS), Version 2.0.9
- /Title: Zertifizierungsreport BSI-DSZ-CC-1150-2021
- pdf_file_size_bytes: 473718
- pdf_hyperlinks: https://www.bsi.bund.de/zertifizierung, https://www.commoncriteriaportal.org/, https://www.bsi.bund.de/zertifizierungsreporte, https://www.commoncriteriaportal.org/cc/, https://www.bsi.bund.de/AIS, https://www.sogis.eu/, https://www.ibm.com/support/knowledgecenter/SS9H2Y_10.0/com.ibm.dp.doc/introduction.html
- pdf_is_encrypted: False
- pdf_number_of_pages: 31
|
| pdf_data/st_filename |
503-LSS ST v1.3.pdf |
1150b_pdf.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
|
|
| pdf_data/st_keywords/cc_sar |
- ADV:
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.1: 1
- ALC_CMS.1: 1
- ALC_TSU_EXT.1: 2
- ASE:
- ASE_CCL.1: 1
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.2: 1
- ASE_SPD.1: 1
- ASE_TSS.1: 1
- ATE:
- AVA:
|
- ADV:
- ADV_ARC.1: 1
- ADV_FSP.2: 1
- ADV_TDS.1: 1
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.2: 1
- ALC_CMS.2: 1
- ALC_DEL.1: 1
- ASE:
- ASE_CCL.1: 1
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.2: 1
- ASE_SPD.1: 1
- ASE_TSS.1: 1
- ATE:
- ATE_COV.1: 1
- ATE_FUN.1: 1
- ATE_IND.2: 1
- AVA:
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FAU_GEN.1: 5
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FCS:
- FCS_CKM.1: 5
- FCS_CKM.1.1: 1
- FCS_CKM.2: 5
- FCS_CKM.2.1: 1
- FCS_CKM_EXT.4: 5
- FCS_CKM_EXT.4.1: 1
- FCS_CKM_EXT.4.2: 1
- FCS_COP: 4
- FCS_COP.1: 34
- FCS_COP.1.1: 5
- FCS_DTLS_EXT.1: 2
- FCS_RBG_EXT.1: 8
- FCS_RBG_EXT.1.1: 1
- FCS_RBG_EXT.1.2: 1
- FCS_SSHC_EXT.1: 1
- FCS_SSHC_EXT.1.1: 1
- FCS_SSHS_EXT.1: 6
- FCS_SSHS_EXT.1.1: 2
- FCS_SSHS_EXT.1.2: 1
- FCS_SSHS_EXT.1.3: 2
- FCS_SSHS_EXT.1.4: 2
- FCS_SSHS_EXT.1.5: 1
- FCS_SSHS_EXT.1.6: 1
- FCS_SSHS_EXT.1.7: 1
- FCS_SSH_EXT.1: 4
- FCS_SSH_EXT.1.1: 1
- FCS_STO_EXT.1: 6
- FCS_STO_EXT.1.1: 3
- FCS_TLSC_EXT.1: 10
- FCS_TLSC_EXT.1.1: 2
- FCS_TLSC_EXT.1.2: 1
- FCS_TLSC_EXT.1.3: 1
- FCS_TLSC_EXT.2: 2
- FCS_TLSC_EXT.3: 2
- FCS_TLSC_EXT.4: 2
- FDP:
- FDP_ACF_EXT.1: 6
- FDP_ACF_EXT.1.1: 1
- FDP_IFC_EXT.1: 3
- FIA:
- FIA_AFL.1: 5
- FIA_AFL.1.1: 1
- FIA_AFL.1.2: 1
- FIA_UAU.5: 5
- FIA_UAU.5.1: 1
- FIA_UAU.5.2: 1
- FMT:
- FMT_MOF_EXT.1: 6
- FMT_MOF_EXT.1.1: 1
- FMT_SMF_EXT.1: 6
- FMT_SMF_EXT.1.1: 3
- FPT:
- FPT_ACF_EXT.1: 6
- FPT_ACF_EXT.1.1: 1
- FPT_ACF_EXT.1.2: 1
- FPT_ASLR_EXT.1: 6
- FPT_ASLR_EXT.1.1: 1
- FPT_SBOP_EXT.1: 6
- FPT_SBOP_EXT.1.1: 1
- FPT_SRP_EXT.1: 2
- FPT_TST_EXT.1: 6
- FPT_TST_EXT.1.1: 1
- FPT_TUD_EXT: 1
- FPT_TUD_EXT.1: 6
- FPT_TUD_EXT.1.1: 1
- FPT_TUD_EXT.1.2: 1
- FPT_TUD_EXT.2: 6
- FPT_TUD_EXT.2.1: 1
- FPT_TUD_EXT.2.2: 1
- FTA:
- FTP:
- FTP_ITC_EXT.1: 11
- FTP_ITC_EXT.1.1: 1
- FTP_TRP.1: 5
- FTP_TRP.1.1: 1
- FTP_TRP.1.2: 1
- FTP_TRP.1.3: 1
|
- FAU:
- FAU_GEN: 3
- FAU_GEN.1: 11
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FAU_GEN.2: 9
- FAU_GEN.2.1: 1
- FIA:
- FIA_UAU.1: 13
- FIA_UAU.1.1: 1
- FIA_UAU.1.2: 1
- FIA_UAU.5: 10
- FIA_UAU.5.1: 1
- FIA_UAU.5.2: 1
- FIA_UID.1: 11
- FIA_UID.1.1: 1
- FIA_UID.1.2: 1
- FMT:
- FMT_SMF.1: 8
- FMT_SMF.1.1: 1
- FPT:
|
| pdf_data/st_keywords/cc_claims |
- A:
- A.PLATFORM: 3
- A.PROPER_ADMIN: 3
- A.PROPER_USER: 3
- O:
- O.ACCOUNTABILITY: 4
- O.INTEGRITY: 6
- O.MANAGEMENT: 6
- O.PROTECTED_: 2
- O.PROTECTED_COMMS: 5
- O.PROTECTED_STORAGE: 3
- OE:
- OE.PLATFORM: 3
- OE.PROPER_ADMIN: 3
- OE.PROPER_USER: 3
- T:
- T.LIMITED_: 1
- T.LIMITED_PHYSICAL_ACC: 1
- T.LOCAL_ATTACK: 2
- T.NETWORK_: 1
- T.NETWORK_ATTACK: 6
- T.NETWORK_EAVESDROP: 3
|
- A:
- A.ENVIRONMENT: 3
- A.NOEVIL: 3
- A.PHYSEC: 3
- A.PKI: 3
- A.PUBLIC: 3
- O:
- O.ACCOUNT: 6
- O.AUDREC: 4
- O.STS: 5
- OE:
- OE.ENVIRONMENT: 3
- OE.NOEVIL: 2
- OE.PHYSEC: 3
- OE.PKI: 3
- OE.PUBLIC: 2
- T:
|
| pdf_data/st_keywords/vendor |
|
|
| pdf_data/st_keywords/eval_facility |
|
- TUV:
- TÜV Informationstechnik: 3
- TÜViT: 1
- tuvit: 1
|
| pdf_data/st_keywords/symmetric_crypto |
- AES_competition:
- constructions:
- MAC:
- HMAC-SHA-256: 1
- HMAC-SHA-512: 1
|
- AES_competition:
- DES:
- constructions:
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
- PBKDF:
- SHA:
- SHA1:
- SHA2:
- SHA-256: 7
- SHA-384: 4
- SHA-512: 5
- SHA2: 1
|
- SHA:
- SHA2:
- SHA-256: 4
- SHA-512: 1
- SHA256: 1
- SHA512: 1
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
- NIST:
- P-256: 8
- P-384: 8
- P-512: 1
- P-521: 6
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
- TLS:
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: 2
- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: 2
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: 2
- TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: 2
- TLS_RSA_WITH_AES_128_CBC_SHA: 2
- TLS_RSA_WITH_AES_128_CBC_SHA256: 2
- TLS_RSA_WITH_AES_128_GCM_SHA256: 2
- TLS_RSA_WITH_AES_256_CBC_SHA: 2
- TLS_RSA_WITH_AES_256_CBC_SHA256: 2
- TLS_RSA_WITH_AES_256_GCM_SHA384: 2
|
- TLS:
- TLS_RSA_WITH_AES_256_CBC_SHA: 1
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
- FIPS:
- NIST:
- NIST SP 800-38A: 2
- NIST SP 800-38C: 1
- NIST SP 800-38D: 1
- NIST SP 800-57: 1
- SP 800-56A: 1
- RFC:
- RFC 3526: 2
- RFC 4253: 1
- RFC 5246: 7
- RFC 5280: 3
- RFC 5288: 4
- RFC 5759: 1
- RFC 6125: 1
- RFC 6960: 1
- RFC 8017: 1
- X509:
|
- CC:
- CCMB-2017-04-001: 1
- CCMB-2017-04-002: 1
- CCMB-2017-04-003: 1
- FIPS:
- FIPS PUB 180-4: 1
- FIPS PUB 197: 1
- PKCS:
- RFC:
- RFC 3268: 1
- RFC 6234: 1
- RFC 6238: 2
- RFC 6931: 1
- RFC3268: 2
- RFC6234: 1
- RFC6238: 1
- RFC6931: 3
- X509:
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
- OutOfScope:
- The OS relies upon a trustworthy computing platform for its execution. This underlying platform is out of scope of this PP. A.PROPER_USER The user of the OS is not willfully negligent or hostile, and uses the: 1
- out of scope: 1
|
|
| pdf_data/st_metadata |
- /AAPL:Keywords: []
- /CreationDate: D:20210208171644Z00'00'
- /Creator: Word
- /Keywords:
- /ModDate: D:20210208171644Z00'00'
- /Producer: macOS Version 10.14.6 (Build 18G7016) Quartz PDFContext
- /Title: Microsoft Word - Oracle Solaris 11.4 Security Target_1.3.docx
- pdf_file_size_bytes: 400154
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 40
|
|
| state/cert/convert_garbage |
None |
None |
| state/cert/convert_ok |
True |
True |
| state/cert/download_ok |
True |
True |
| state/cert/extract_ok |
False |
False |
| state/cert/pdf_hash |
Different |
Different |
| state/cert/txt_hash |
Different |
Different |
| state/report/convert_garbage |
None |
None |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
None |
None |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |