| name |
Canon iR4570/iR3570/iR2870/iR2270 Series iR Security Kit-B2 Version 2.03 |
Oracle Linux 7.3 OSPP |
| category |
Other Devices and Systems |
Operating Systems |
| scheme |
JP |
SE |
| status |
archived |
archived |
| not_valid_after |
07.10.2013 |
14.02.2024 |
| not_valid_before |
09.09.2005 |
14.02.2019 |
| cert_link |
|
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/Certificate%20Oracle%20Linux%20OSPP%20CCRA.pdf |
| report_link |
https://www.commoncriteriaportal.org/files/epfiles/c0036_ecvr.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/Certification%20Report%20v2.0%20-%20Oracle%20Linux%20OSPP.pdf |
| st_link |
https://www.commoncriteriaportal.org/files/epfiles/ |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/pracle%20ospp%20st.pdf |
| manufacturer |
Canon Inc. |
Oracle Corporation |
| manufacturer_web |
|
https://www.oracle.com |
| security_level |
EAL3 |
{} |
| dgst |
fd7107359fa94ec9 |
4cb308955bf45aed |
| heuristics/cert_id |
JISEC-CC-CRP-C0036 |
CSEC2017014 |
| heuristics/cert_lab |
[] |
[] |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
{} |
ASE_TSS.1, ADV_FSP.1, ALC_CMC.1, ASE_INT.1, ASE_OBJ.1, AVA_VAN.1, ATE_IND.1, ALC_CMS.1, AGD_OPE.1, ALC_FLR.3, ASE_REQ.1, ASE_CCL.1, ASE_ECD.1, AGD_PRE.1 |
| heuristics/extracted_versions |
2.03 |
7.3 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
- cert_id: JISEC-CC-CRP-C0036
- certification_date: 01.01.2006
- claim: EAL3
- enhanced:
- assurance_level: EAL3
- cert_link: https://www.ipa.go.jp/en/security/c0036_eimg.pdf
- description: PRODUCT DESCRIPTION This product is a software program to be installed for use on the Canon iR4570/iR3570/iR2870/iR2270 -series multifunction products (hereafter referred to collectively as the “multifunction product”). The multifunction product is a digital copier that offers the combined functionality of Copy, Send (Universal Send), Fax Reception, Mail Box, Print, Remote UI (a Web browser interface for operating the multifunction product), plus many others. When the Copy, Send (Universal Send), Fax Reception (fax/I-fax reception) or Print function is used, temporary image data is created on the hard drive of the multifunction product. Also, when the Mail Box function is used (for document storage) or the Fax Reception function is used (for “in-memory reception” of faxes/I-faxes or forwarding of faxes/I-faxes), image data is stored in the receiving inbox that is on the multifunction product. Furthermore, when the Remote UI function is used, image data is exchanged over the network between the Web browser on the user's PC and the multifunction product. By installing this product, security enhancements are added to the multifunction product, helping counter the threat of disclosure of temporary image data created on the hard drive, permanent image data stored in the inboxes, and image data that is transmitted over the Remote UI communication path.
- evaluation_facility: Electronic Commerce Security Technology Laboratory Inc. Evaluation Center
- product: Canon iR4570/iR3570/iR2870/iR2270 Series iR Security Kit-B2
- product_type: IT Product ( data protection function in digital MFD )
- report_link: https://www.ipa.go.jp/en/security/c0036_erpt.pdf
- target_link: https://www.ipa.go.jp/en/security/c0036_est.pdf
- toe_version: Version 2.03
- vendor: Canon Inc.
- expiration_date: 01.10.2013
- supplier: Canon Inc.
- toe_japan_name: Canon iR4570/iR3570/iR2870/iR2270 Series iR Security Kit-B2 Version 2.03
- toe_overseas_link: https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0036_it5070.html
- toe_overseas_name: Canon iR4570/iR3570/iR2870/iR2270 Series iR Security Kit-B2 Version 2.03
|
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
1edd61e3f1f2ce0d |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
{} |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp_os_v4.1.pdf |
| pdf_data/cert_filename |
|
Certificate Oracle Linux OSPP CCRA.pdf |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
- /CreationDate: D:20190321134048+01'00'
- /Creator: RICOH MP C4504ex
- /ModDate: D:20190321134809+01'00'
- /Producer: RICOH MP C4504ex
- pdf_file_size_bytes: 915753
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
| pdf_data/report_filename |
c0036_ecvr.pdf |
Certification Report v2.0 - Oracle Linux OSPP.pdf |
| pdf_data/report_frontpage |
|
|
| pdf_data/report_keywords/cc_cert_id |
- JP:
- Certification No. C0036: 1
|
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
|
|
| pdf_data/report_keywords/cc_sar |
|
- ADV:
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.1: 1
- ALC_CMS.1: 1
- ALC_FLR.3: 1
- ASE:
- ASE_CCL.1: 1
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.1: 1
- ASE_REQ.1: 1
- ASE_TSS.1: 1
- ATE:
- AVA:
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
|
- A:
- A.PLATFORM: 1
- A.PROPER_ADMIN: 1
- A.PROPER_USER: 1
- T:
- T.LIMITED_PHYSICAL_ACCESS: 1
- T.LOCAL_ATTACK: 1
- T.NETWORK_ATTACK: 1
- T.NETWORK_EAVESDROP: 1
|
| pdf_data/report_keywords/vendor |
|
|
| pdf_data/report_keywords/eval_facility |
|
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
- CVE:
- CVE-2017-9150: 1
- CVE-2018-14634: 1
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
|
- CC:
- CCMB-2017-04-001: 1
- CCMB-2017-04-004: 1
- ISO:
- RFC:
- RFC 2460: 1
- RFC 3484: 1
- RFC 3542: 1
- RFC 4213: 1
- X509:
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
|
- OutOfScope:
- OS relies upon a trustworthy computing platform for its execu- tion. This underlying platform is out of scope of this PP. 4.3 Clarification of Scope The Security Target [ST] contains four threats, which have: 1
- out of scope: 1
|
| pdf_data/report_metadata |
- /CreationDate: D:20060123172731+09'00'
- /ModDate: D:20060123172731+09'00'
- /Producer: Acrobat Distiller 6.0.1 (Windows)
- /Title: untitled
- pdf_file_size_bytes: 14795
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
- /Author: MIXRO
- /CreationDate: D:20190321091650+01'00'
- /ModDate: D:20190321140531+01'00'
- /Producer: Microsoft: Print To PDF
- /Title: Microsoft Word - Certification Report - Oracle Linux 7 OSPP
- pdf_file_size_bytes: 765983
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 17
|
| pdf_data/st_filename |
|
pracle ospp st.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
|
|
| pdf_data/st_keywords/cc_sar |
|
|
| pdf_data/st_keywords/cc_sfr |
|
- FAU:
- FAU_GEN.1: 2
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FCS:
- FCS_CKM: 1
- FCS_CKM.1: 2
- FCS_CKM.1.1: 1
- FCS_CKM.2: 2
- FCS_CKM.2.1: 1
- FCS_CKM.4: 2
- FCS_CKM.4.1: 1
- FCS_COP.1: 11
- FCS_COP.1.1: 4
- FCS_RBG_EXT.1: 2
- FCS_RBG_EXT.1.1: 1
- FCS_RBG_EXT.1.2: 1
- FCS_SSHC_EXT.1: 2
- FCS_SSHC_EXT.1.1: 1
- FCS_SSHC_EXT.1.2: 1
- FCS_SSHC_EXT.1.3: 1
- FCS_SSHC_EXT.1.4: 1
- FCS_SSHC_EXT.1.5: 1
- FCS_SSHC_EXT.1.6: 1
- FCS_SSHC_EXT.1.7: 1
- FCS_SSHC_EXT.1.8: 1
- FCS_SSHS_EXT.1: 2
- FCS_SSHS_EXT.1.1: 1
- FCS_SSHS_EXT.1.2: 1
- FCS_SSHS_EXT.1.3: 1
- FCS_SSHS_EXT.1.4: 1
- FCS_SSHS_EXT.1.5: 1
- FCS_SSHS_EXT.1.6: 1
- FCS_SSHS_EXT.1.7: 1
- FCS_SSH_EXT.1: 2
- FCS_SSH_EXT.1.1: 1
- FCS_STO_EXT.1: 2
- FCS_STO_EXT.1.1: 1
- FCS_TLSC_EXT: 1
- FCS_TLSC_EXT.1: 4
- FCS_TLSC_EXT.1.1: 2
- FCS_TLSC_EXT.1.2: 2
- FCS_TLSC_EXT.1.3: 1
- FCS_TLSC_EXT.2: 2
- FCS_TLSC_EXT.2.1: 1
- FCS_TLSS_EXT.1.1: 1
- FDP:
- FDP_ACF_EXT.1: 2
- FDP_ACF_EXT.1.1: 1
- FDP_IFC_EXT.1: 2
- FDP_IFC_EXT.1.1: 1
- FIA:
- FIA_AFL.1: 2
- FIA_AFL.1.1: 1
- FIA_AFL.1.2: 1
- FIA_ATD.1: 1
- FIA_UAU.5: 2
- FIA_UAU.5.1: 1
- FIA_UAU.5.2: 2
- FMT:
- FMT_MOF: 1
- FMT_MOF_EXT.1: 2
- FMT_MOF_EXT.1.1: 1
- FMT_SMF: 1
- FMT_SMF_EXT.1: 4
- FMT_SMF_EXT.1.1: 2
- FPT:
- FPT_ACF_EXT.1: 2
- FPT_ACF_EXT.1.1: 1
- FPT_ACF_EXT.1.2: 1
- FPT_ASLR_EXT.1: 2
- FPT_ASLR_EXT.1.1: 1
- FPT_SBOP_EXT.1: 2
- FPT_SBOP_EXT.1.1: 1
- FPT_TST_EXT.1: 3
- FPT_TST_EXT.1.1: 1
- FPT_TUD_EXT.1: 2
- FPT_TUD_EXT.1.1: 1
- FPT_TUD_EXT.1.2: 1
- FPT_TUD_EXT.2: 2
- FPT_TUD_EXT.2.1: 1
- FPT_TUD_EXT.2.2: 1
- FTP:
- FTP_ITC_EXT.1: 2
- FTP_ITC_EXT.1.1: 1
- FTP_TRP.1: 2
- FTP_TRP.1.1: 1
- FTP_TRP.1.2: 1
- FTP_TRP.1.3: 1
|
| pdf_data/st_keywords/cc_claims |
|
- A:
- A.CONNECT: 1
- A.PLATFORM: 4
- A.PROPER_ADMIN: 4
- A.PROPER_USER: 4
- O:
- O.ACCOUNTABILITY: 2
- O.INTEGRITY: 4
- O.MANAGEMENT: 4
- O.PROTECTED_COMMS: 4
- O.PROTECTED_STORAGE: 3
- OE:
- OE.PLATFORM: 3
- OE.PROPER_ADMIN: 3
- OE.PROPER_USER: 3
- T:
- T.LIMITED_PHYSICAL_A: 1
- T.LIMITED_PHYSICAL_ACCESS: 2
- T.LOCAL_ATTACK: 3
- T.NETWORK_ATTACK: 8
- T.NETWORK_EAVESDRO: 1
- T.NETWORK_EAVESDROP: 5
|
| pdf_data/st_keywords/vendor |
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
|
- AES_competition:
- AES:
- AES: 8
- AES-128: 3
- AES-256: 3
- DES:
- constructions:
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
|
- MD:
- PBKDF:
- SHA:
- SHA1:
- SHA2:
- SHA-2: 4
- SHA-256: 12
- SHA-384: 9
- SHA-512: 9
- SHA2: 1
|
| pdf_data/st_keywords/crypto_scheme |
|
- KEX:
- Key Exchange: 1
- Key exchange: 1
- MAC:
|
| pdf_data/st_keywords/crypto_protocol |
|
- IKE:
- IPsec:
- SSH:
- TLS:
- TLS:
- TLS: 37
- TLS 1.1: 1
- TLS 1.2: 2
- TLS v1.1: 1
- TLS v1.2: 1
- TLSv1.1: 1
- TLSv1.2: 1
- VPN:
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
- NIST:
- NIST P-256: 4
- NIST P-384: 4
- NIST P-521: 3
- P-256: 13
- P-384: 13
- P-521: 12
- curve P-256: 1
- curve P-384: 1
- curve P-521: 1
- secp256r1: 1
- secp384r1: 1
- secp521r1: 1
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
- TLS:
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA: 1
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: 1
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA: 1
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: 1
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: 1
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: 1
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: 1
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: 1
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: 1
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: 1
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: 1
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: 1
- TLS_RSA_WITH_AES_128_CBC_SHA: 1
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
|
- FIPS:
- FIPS 140-2: 2
- FIPS 186-4: 9
- FIPS PUB 186-4: 5
- NIST:
- NIST SP 800-38A: 2
- NIST SP 800-38D: 1
- NIST SP 800-38E: 1
- NIST SP 800-57: 1
- RFC:
- RFC 2460: 1
- RFC 2560: 1
- RFC 3484: 1
- RFC 3542: 1
- RFC 4213: 1
- RFC 4251: 1
- RFC 4252: 2
- RFC 4253: 2
- RFC 4346: 1
- RFC 4492: 4
- RFC 5246: 6
- RFC 5280: 6
- RFC 5289: 4
- RFC 5759: 1
- RFC 6066: 1
- RFC 6125: 1
- RFC3526: 1
- RFC4252: 2
- RFC4253: 3
- RFC4419: 1
- RFC5246: 1
- RFC5656: 3
- X509:
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
|
- OutOfScope:
- DAC mechanism but may be supplemented by further restrictions. These additional restrictions are out of scope for this evaluation. Examples of objects which are accessible to users that cannot be used to store: 1
- The OS relies upon a trustworthy computing platform for its execution. This underlying platform is out of scope of this PP. 3.3.2 Personnel aspects A.PROPER_USER The user of the OS is not willfully negligent or: 1
- out of scope: 2
|
| pdf_data/st_metadata |
|
|
| state/cert/convert_garbage |
False |
True |
| state/cert/convert_ok |
False |
True |
| state/cert/download_ok |
False |
True |
| state/cert/extract_ok |
False |
True |
| state/cert/pdf_hash |
Different |
Different |
| state/cert/txt_hash |
Different |
Different |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
False |
True |
| state/st/download_ok |
False |
True |
| state/st/extract_ok |
False |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |