| name |
uCosminexus Application Server 07-00 |
Microsoft Exchange Server 2003 Enterprise Edition, Version/Build 6.5.7226.0 and Hotfix MS05-021 |
| category |
Access Control Devices and Systems |
Operating Systems |
| scheme |
JP |
DE |
| status |
archived |
archived |
| not_valid_after |
07.10.2013 |
01.09.2019 |
| not_valid_before |
22.03.2007 |
09.11.2005 |
| cert_link |
None |
None |
| report_link |
https://www.commoncriteriaportal.org/files/epfiles/c0086_ecvr.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0284a.pdf |
| st_link |
https://www.commoncriteriaportal.org/files/epfiles/ |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0284b.pdf |
| manufacturer |
Hitachi, Ltd. |
Microsoft Corporation |
| manufacturer_web |
|
https://www.microsoft.com |
| security_level |
EAL2+, ALC_FLR.1 |
EAL4+, ALC_FLR.3 |
| dgst |
d74338f8a5f896bb |
bbe326d5bfbd5036 |
| heuristics/cert_id |
JISEC-CC-CRP-C0086 |
BSI-DSZ-CC-0284-2005 |
| heuristics/cert_lab |
[] |
BSI |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ALC_FLR.1 |
ASE_ENV.1, ADV_RCR.1, AVA_VLA.2, ASE_INT.1, ADV_HLD.2, AGD_USR.1, ADV_IGS.1, ASE_REQ.1, ASE_PPC.1, ASE_DES.1, ADV_FSP.2, AVA_SOF.1, ADV_IMP.1, ATE_COV.2, ASE_TSS.1, ALC_TAT.1, AVA_MSU.2, AGD_ADM.1, ALC_LCD.1, ALC_FLR.3, ADV_FUN.1, ATE_FUN.1, ATE_DPT.1, ALC_DVS.1, ASE_SRE.1, ASE_OBJ.1, ATE_IND.2, ADV_LLD.1, ADV_SPM.1 |
| heuristics/extracted_versions |
07, 00 |
6.5.7226.0 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
- cert_id: JISEC-CC-CRP-C0086
- certification_date: 01.03.2007
- claim: EAL2+ ALC_FLR.1
- enhanced:
- assurance_level: EAL2+ALC_FLR.1
- description: PRODUCT DESCRIPTION TOE is a Web application server software product that is a J2EETM (Java (TM) 2 Platform, Enterprise Edition)-compliant. TOE provides runtime and management environments. The product, that includes TOE, is mainly consist of Web container and EJBTM container that is Java 2 Platform, Enterprise Edition 1.4 compatible platform. And it also includes various software to execute and manage J2EE-compliant Java applications. It improves availability and reliability of the business application system, and provides several functions in order to manage business application system efficiently. TOE provides following security functions. - Identification and authentication - Access control - Security management
- evaluation_facility: Electronic Commerce Security Technology Laboratory Inc. Evaluation Center
- product: uCosminexus Application Server
- product_type: IT Product (Web Application Server)
- toe_version: 07-00
- vendor: Hitachi, Ltd.
- expiration_date: 01.10.2013
- supplier: Hitachi, Ltd.
- toe_japan_link: https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0086_it6094.html
- toe_japan_name: uCosminexus Application Server 07-00
- toe_overseas_link: None
- toe_overseas_name: -----
|
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
{} |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
{} |
{} |
| pdf_data/cert_filename |
None |
None |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
|
| pdf_data/report_filename |
c0086_ecvr.pdf |
0284a.pdf |
| pdf_data/report_frontpage |
|
- DE:
- cert_id: BSI-DSZ-CC-0284-2005
- cert_item: Microsoft Exchange Server 2003 Enterprise Edition, Version/Build 6.5.7226.0 and Hotfix MS05-021
- cert_lab: BSI
- developer: Microsoft Corporation
- match_rules: ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)']
|
| pdf_data/report_keywords/cc_cert_id |
- JP:
- Certification No. C0086: 1
|
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
|
- EAL:
- EAL 1: 1
- EAL 4: 1
- EAL 7: 1
- EAL1: 5
- EAL2: 3
- EAL3: 4
- EAL4: 9
- EAL4 augmented: 2
- EAL4+: 1
- EAL5: 6
- EAL6: 3
- EAL7: 4
|
| pdf_data/report_keywords/cc_sar |
|
- ACM:
- ACM_AUT: 2
- ACM_AUT.1: 1
- ACM_CAP: 2
- ACM_CAP.4: 1
- ACM_SCP: 2
- ACM_SCP.2: 1
- ADO:
- ADO_DEL: 2
- ADO_DEL.2: 1
- ADO_IGS: 2
- ADO_IGS.1: 1
- ADV:
- ADV_FSP: 2
- ADV_FSP.2: 1
- ADV_HLD: 2
- ADV_HLD.2: 1
- ADV_IMP: 2
- ADV_IMP.1: 1
- ADV_INT: 2
- ADV_LLD: 2
- ADV_LLD.1: 1
- ADV_RCR: 2
- ADV_RCR.1: 1
- ADV_SPM: 2
- ADV_SPM.1: 1
- AGD:
- AGD_ADM: 2
- AGD_ADM.1: 1
- AGD_USR: 2
- AGD_USR.1: 1
- ALC:
- ALC_DVS: 2
- ALC_DVS.1: 1
- ALC_FLR: 2
- ALC_FLR.3: 3
- ALC_LCD: 1
- ALC_LCD.1: 1
- ALC_TAT: 2
- ALC_TAT.1: 1
- ASE:
- ASE_DES.1: 1
- ASE_ENV.1: 1
- ASE_INT.1: 1
- ASE_OBJ.1: 1
- ASE_PPC.1: 1
- ASE_REQ.1: 1
- ASE_SRE.1: 1
- ASE_TSS.1: 1
- ATE:
- ATE_COV: 2
- ATE_COV.2: 1
- ATE_DPT: 2
- ATE_DPT.1: 1
- ATE_FUN: 2
- ATE_FUN.1: 1
- ATE_IND: 2
- ATE_IND.2: 1
- AVA:
- AVA_CCA: 2
- AVA_MSU: 2
- AVA_MSU.2: 1
- AVA_SOF: 4
- AVA_SOF.1: 1
- AVA_VLA: 4
- AVA_VLA.2: 2
- AVA_VLA.3: 1
- AVA_VLA.4: 1
|
| pdf_data/report_keywords/cc_sfr |
|
- FDP:
- FDP_ACC.1: 2
- FDP_ACF.1: 2
- FDP_IFC.1: 1
- FDP_IFF.1: 1
- FMT:
- FMT_MSA.1: 1
- FMT_MSA.3: 3
- FMT_SMF.1: 1
- FMT_SMR.1: 1
|
| pdf_data/report_keywords/cc_claims |
|
- A:
- A.ACCESS_CONTROL: 2
- A.COM_PROT: 2
- A.CORRECT_HW: 2
- A.INSTALL: 2
- A.MANAGE: 2
- A.NO_EVIL_ADM: 2
- A.PHYS_PROTECT: 2
- T:
- T.AUTH_DAC: 1
- T.DL_MISUSE: 1
- T.OVERFLOW: 1
- T.SPAM: 1
- T.UNAUTHUSE: 1
- T.UNAUTH_DAC: 1
|
| pdf_data/report_keywords/vendor |
|
- Microsoft:
- Microsoft: 17
- Microsoft Corporation: 6
|
| pdf_data/report_keywords/eval_facility |
|
- TUV:
- TÜV Informationstechnik: 5
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
|
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
|
- ConfidentialDocument:
- Technical Report, BSI-DSZ-CC-0284-2005, Version 1, Datum 2005-09-16, TÜV Informationstechnik GmbH (confidential document) [7] Exchange Server 2003 Administration Guide and Exchange Server 2003 product help (part of the: 1
- OutOfScope:
- disabled in the default configuration of Exchange, such as the IMAP4, POP3, and X.400 protocol, are out of scope of the evaluation, too. B-11 BSI-DSZ-CC-0284-2005 Certification Report 5 Architectural Information: 1
- disabled in the default configuration of Exchange, such as the IMAP4, POP3, and X.400 protocol, are out of scope of the evaluation. The relevant Guidance Documentation is delivered together with the software on: 1
- disabled in the default configuration of Exchange, such as the IMAP4, POP3, and X.400 protocol, are out of scope of the evaluation. The security functionality of the TOE comprises access control for mailboxes and: 1
- of Exchange 2003 the components IMAP4, POP3, and X.400 protocol are disabled and therefore out of scope of the evaluation. The TOE runs on the platform Windows Server 2003 operating system (exact: 1
- out of scope: 4
|
| pdf_data/report_metadata |
- /CreationDate: D:20070323205213+09'00'
- /ModDate: D:20070323205213+09'00'
- /Producer: Acrobat Distiller 6.0 (Windows)
- /Title: untitled
- pdf_file_size_bytes: 13111
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
- /Author: Federal Office for Information Security (BSI)
- /Company: BSI, Postfach 200363, 53133 Bonn
- /CreationDate: D:20051220074356+01'00'
- /Creator: Acrobat PDFMaker 7.0.5 für Word
- /ModDate: D:20051220075600+01'00'
- /Producer: Acrobat Distiller 7.0.5 (Windows)
- /SourceModified: D:20051220064348
- /Subject: BSI-DSZ-CC-0284-2005
- /Title: Certification Report
- pdf_file_size_bytes: 399534
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 39
|
| pdf_data/st_filename |
|
0284b.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
|
- EAL:
- EAL4: 10
- EAL4 augmented: 5
|
| pdf_data/st_keywords/cc_sar |
|
- ACM:
- ACM_AUT.1: 2
- ACM_CAP.3: 3
- ACM_SCP.1: 1
- ACM_SCP.2: 2
- ADO:
- ADO_DEL.2: 2
- ADO_IGS.1: 2
- ADV:
- ADV_FSP.1: 9
- ADV_FSP.2: 2
- ADV_FUN.1: 1
- ADV_HLD.1: 2
- ADV_HLD.2: 3
- ADV_IGS.1: 1
- ADV_IMP.1: 3
- ADV_LLD.1: 4
- ADV_RCR.1: 5
- ADV_SPM.1: 2
- AGD:
- AGD_ADM.1: 3
- AGD_USR.1: 4
- ALC:
- ALC_DVS.1: 3
- ALC_FLR.3: 9
- ALC_LCD.1: 2
- ALC_TAT.1: 3
- ASE:
- ATE:
- ATE_COV.2: 2
- ATE_DPT.1: 1
- ATE_FUN.1: 3
- ATE_IND.2: 2
- AVA:
- AVA_MSU.2: 2
- AVA_SOF.1: 2
- AVA_VLA.2: 3
|
| pdf_data/st_keywords/cc_sfr |
|
- FDP:
- FDP_ACC.1: 42
- FDP_ACC.1.1: 4
- FDP_ACF.1: 40
- FDP_ACF.1.1: 3
- FDP_ACF.1.2: 3
- FDP_ACF.1.3: 3
- FDP_ACF.1.4: 3
- FDP_IFC.1: 25
- FDP_IFC.1.1: 1
- FDP_IFF.1: 20
- FDP_IFF.1.1: 1
- FDP_IFF.1.2: 1
- FDP_IFF.1.3: 2
- FDP_IFF.1.4: 1
- FDP_IFF.1.5: 1
- FDP_IFF.1.6: 1
- FIA:
- FIA_ATD.1: 7
- FIA_ATD.1.1: 1
- FIA_UAU.1: 1
- FIA_UAU.2: 7
- FIA_UAU.2.1: 1
- FIA_UID.1: 5
- FIA_UID.2: 8
- FIA_UID.2.1: 1
- FMT:
- FMT_ACC.1: 1
- FMT_MOF.1: 9
- FMT_MOF.1.1: 1
- FMT_MSA.1: 28
- FMT_MSA.1.1: 3
- FMT_MSA.3: 52
- FMT_MSA.3.1: 3
- FMT_MSA.3.2: 3
- FMT_SMF.1: 21
- FMT_SMF.1.1: 1
- FMT_SMR.1: 34
- FMT_SMR.1.1: 2
- FMT_SMR.1.2: 2
- FRU:
- FRU_RSA.1: 18
- FRU_RSA.1.1: 2
- FTP:
- FTP_TRP.1: 7
- FTP_TRP.1.1: 1
- FTP_TRP.1.2: 1
- FTP_TRP.1.3: 1
|
| pdf_data/st_keywords/cc_claims |
|
- A:
- A.ACCESS_CONTROL: 3
- A.COM_PROT: 3
- A.CORRECT_HW: 3
- A.INSTALL: 4
- A.MANAGE: 4
- A.NO_EVIL_ADM: 2
- A.NO_EVIL_ADMIN: 1
- A.PHYS_PROTECT: 4
- O:
- O.CONBLK: 13
- O.DAC: 16
- O.FILTER_EMAIL: 10
- O.QUOTA: 12
- O.RESTDIST: 11
- OE:
- OE.COM_PROT: 5
- OE.DAC: 12
- OE.INSTALL: 3
- OE.PHYSICAL: 3
- OE.PLATFORM_: 1
- OE.PLATFORM_SUPPORT: 4
- T:
- T.AUTH_DAC: 4
- T.DL_MISUSE: 4
- T.OVERFLOW: 4
- T.SPAM: 9
- T.UNAUTHUSE: 3
- T.UNAUTH_DAC: 3
|
| pdf_data/st_keywords/vendor |
|
- Microsoft:
- Microsoft: 20
- Microsoft Corporation: 2
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
|
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
|
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
|
- CC:
- CCIMB-99-031: 1
- CCIMB-99-032: 1
- CCIMB-99-033: 1
- RFC:
- RFC1725: 1
- RFC1730: 1
- RFC821: 11
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
|
- OutOfScope:
- disabled in the default configuration of Exchange, such as the IMAP4, POP3, and X.400 protocol, are out of scope of the evaluation. The security functionality of the TOE comprises access control for mailboxes and: 1
- out of scope: 2
- the TOE is Exchange in its default configuration, IMAP4, POP3, and X.400 protocols are disabled and out of scope in the evaluation. Security Target Page 9/64 1. Admin component, which includes the following: 1
|
| pdf_data/st_metadata |
|
- /Author: slabihou
- /CreationDate: D:20050713145508+02'00'
- /Creator: pdfFactory Pro www.pdffactory.com
- /Producer: pdfFactory Pro 2.41 (Windows 2000 Professional German)
- /Title: MS_EX_ST_1.9.doc
- pdf_file_size_bytes: 285736
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 64
|
| state/cert/convert_garbage |
False |
False |
| state/cert/convert_ok |
False |
False |
| state/cert/download_ok |
False |
False |
| state/cert/extract_ok |
False |
False |
| state/cert/pdf_hash |
Equal |
Equal |
| state/cert/txt_hash |
Equal |
Equal |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
False |
True |
| state/st/download_ok |
False |
True |
| state/st/extract_ok |
False |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |