This page was not yet optimized for use on mobile devices.

IBM Logical Partition Architecture for Power7 operating on IBM Power Systems hardware with AH730_087 or AM740_088

CSV information ?

Status	archived
Valid from	31.05.2013
Valid until	31.05.2018
Scheme	🇲🇾 MY
Manufacturer	International Business Machine (IBM) Corporation
Category	Access Control Devices and Systems
Security level	EAL4+, ALC_FLR.2

Heuristics summary ?

Certificate ID: ISCB-5-RPT-C043-CR-v1b

Certificate ?

Certification report ?

Certification report PDF TXT

Extracted keywords

Security level

EAL4+, EAL4, EAL4 augmented

Security Assurance Requirements (SAR)

ALC_FLR.2

Security Functional Requirements (SFR)

FDP_ACF.1, FDP_IFF.1, FIA_USB.1, FMT_MSA.3, FPT_FLS.1

Certificates

ISCB-5-RPT-C043-CR-v1b

Certification process

out of scope, several management functions to configure the TOE via the dedicated physical HMC interface (out of scope for PUBLIC FINAL C043 Certification Report - IBM Logical Partition Architecture for Power7

Standards

ISO/IEC15408, ISO/IEC 18045

File metadata

Title	C043 Certification Report
Subject	IBM Logical Partition Architecture for Power7 operating on IBM Power Systems hardware with AH730_087 or AM740_088
Keywords	LPAR
Author	Norhazimah Abdul Malek
Creation date	D:20130613130210+08'00'
Modification date	D:20130613130219+08'00'
Pages	28
Creator	Acrobat PDFMaker 10.1 for Word
Producer	Adobe PDF Library 10.0

Security target ?

Security target PDF TXT

Extracted keywords

Security level

EAL 4, EAL4, EAL 4 augmented, EAL4 augmented

Claims

O.AUTHORIZATION, O.COMMUNICATION, O.NONINTERFERE, T.ACCESS, T.COMMUNICATE, T.INTERFERE, A.CONNECT, A.LOCATE, A.MANAGE, OE.ADMIN, OE.INSTALL, OE.PHYSICAL

Security Assurance Requirements (SAR)

ADV_ARC, ADV_FSP, ADV_IMP, ADV_TDS, ADV_ARC.1, ADV_FSP.4, ADV_IMP.1, ADV_TDS.3, AGD_OPE, AGD_PRE, AGD_OPE.1, AGD_PRE.1, ALC_FLR.2, ALC_CMC, ALC_CMS, ALC_DEL, ALC_DVS, ALC_FLR, ALC_LCD, ALC_TAT, ALC_CMC.4, ALC_CMS.4, ALC_DEL.1, ALC_DVS.1, ALC_LCD.1, ALC_TAT.1, ATE_COV, ATE_DPT, ATE_FUN, ATE_IND, ATE_COV.2, ATE_DPT.1, ATE_FUN.1, ATE_IND.2, AVA_VAN, AVA_VAN.3

Security Functional Requirements (SFR)

FDP_ACC, FDP_ACC.1, FDP_ACF, FDP_IFC, FDP_IFF, FDP_RIP, FDP_ACC.2, FDP_ACC.2.1, FDP_ACC.2.2, FDP_ACF.1, FDP_ACF.1.1, FDP_ACF.1.2, FDP_ACF.1.3, FDP_ACF.1.4, FDP_IFC.2, FDP_IFC.2.1, FDP_IFC.2.2, FDP_IFF.1, FDP_IFF.1.1, FDP_IFF.1.2, FDP_IFF.1.3, FDP_IFF.1.4, FDP_IFF.1.5, FDP_RIP.1, FDP_RIP.1.1, FDP_IFC.1, FIA_ATD, FIA_USB, FIA_ATD.1, FIA_ATD.1.1, FIA_USB.1, FIA_USB.1.1, FIA_USB.1.2, FIA_USB.1.3, FMT_MSA, FMT_MSA.1, FMT_MSA.1.1, FMT_MSA.3, FMT_MSA.3.1, FMT_MSA.3.2, FMT_SMR.1, FMT_SMF.1, FPT_FLS, FPT_FLS.1, FPT_FLS.1.1

File metadata

Title	Dynamic Logical Partition Architecture for Power5 Security Target
Subject	Security Target
Author	Jim Arnold & Dave McDermitt
Creation date	D:20130412111346-04'00'
Modification date	D:20130412111407-04'00'
Pages	27
Creator	Acrobat PDFMaker 10.0 for Word
Producer	Adobe PDF Library 10.0

Heuristics ?

Certificate ID: ISCB-5-RPT-C043-CR-v1b

Extracted SARs

ATE_COV.2, ADV_TDS.3, AGD_OPE.1, ALC_DVS.1, ALC_DEL.1, AGD_PRE.1, ALC_FLR.2, AVA_VAN.3, ALC_CMC.4, ALC_LCD.1, ATE_DPT.1, ALC_CMS.4, ALC_TAT.1, ADV_IMP.1, ATE_FUN.1, ATE_IND.2, ADV_ARC.1, ADV_FSP.4

Similar certificates

Name	Certificate ID
IBM Logical Partition Architecture for Power6 operating on IBM Power Systems hardware (models E8A, MMA, and FHA)	CCEVS-VR-VID-10299-2008	Compare

Scheme data ?

Enhanced
Cert No	2013-003-C043
Developer	International Business Machine (IBM) Corporation
Level	EAL4+ ALC_FLR.2
Product	IBM Logical Partition Architecture for Power7 operating on IBM Power Systems hardware with AH730_087 or AM740_088
Certification Date	31.05.2013
Expiration Date	31.05.2018
Recognition	CCRA
Url	https://iscb.cybersecurity.my/index.php/certification/product-certification/mycc/archived-certified-products-and-systems/submission-view/69
	Cert Id	C043
	Product	IBM Logical Partition Architecture for Power7 operating on IBM Power Systems hardware with AH730_087 or AM740_088
	Developer	International Business Machine (IBM) Corporation3605 Hwy 52 NorthRochester, MM 55901UNITED STATES URL:http://www.ibm.com/systems/power/Email: [email protected]: 507 253 7051Fax: 507 253 2870
	Category	Access Control Devices and System
	Type	Set of hardware and firmware designed to abstract and virtualise physical hardware resources to provide secure access to the underlying platform for one or more concurrent operating systems.
	Scope	The Target of Evaluation (TOE), IBM Logical Partition Architecture for Power7 operating on IBM Power Systems hardware with AH730_087 or AM740_088 (hereafter referred as LPAR), has been evaluated in the context of hardware models 770 (AM740_088 firmware) and 795 (AH730_087 firmware). The TOE firmware is designed to abstract and virtualise physical hardware resources to provide secure access to the underlying platform for one or more concurrent operating systems. Each virtual platform is known as a partition. The operating systems executing in the available partitions are treated as subjects of the TOE, where the TOE not only provides the necessary operational support for the hosted operating systems, but also serves to separate them from each other to ensure mutual non-interference. While not included as part of the TOE, the TOE is configured using a connected Hardware Management Console (HMC) that provides access to the functions necessary to enable administrative personnel to effectively manage the allocation of resources (i.e., processors, memory, and I/O devices) to the configured partitions. Once the TOE is configured, the HMC must be disconnected so that it offers no interfaces while the TOE is operating in its evaluated configuration. The TOE consists of the PowerVM Hypervisor which provides the virtualisation. The other components of the LPAR such as the Hardware Management Console (HMC), Flexible Service Processor (FSP), Bulk Power Assembly (BPA) and operating systems are outside the TOE scope. The underlying resources of the IBM Power 770 and Power 795 server platforms, including Disks, CPU, RAM, or networking, including the internal virtual switch are considered to be part of the TOE environment. In the context of the evaluation, the TOE provides the following major security features: User data protection – the TOE is designed to instantiate multiple partitions for the purpose of supporting and isolating simultaneous operating systems. As such, it implements a policy where each partition can access only those resources explicitly assigned to it. In terms of access control, the CPU, memory, and I/O devices can be assigned to a given partition and a partition can access those resources only when they are assigned to it. Identification and authentication – the active entity or user of the TOE is partition, which it instantiates. Partitions are implicitly identified and authenticated by internal numerical identifiers associated with partitions (using internal data structures) as they are defined. Being implicitly identified by the TOE, partitions have no need, nor means, to identify themselves. Furthermore, the identification of a partition is guaranteed by the TOE and as such each partition is also continuously authenticated. Security management – the TOE supports several management functions to configure the TOE via the dedicated physical HMC interface (out of scope for this evaluation). Once the TOE is operational (in evaluated configuration), the TOE effectively doesn’t offer any security management functions. However, the TOE serves to restrict the ability to change its own configuration nonetheless. Protection of the TOE Security Function (TSF) – the components of the TOE that protect themselves using the domains provided by Power7 processors. The TOE operates in the privileged domain and the partitions operate in the unprivileged domain. This allows the TOE to protect itself as well as the resources it makes selectively available to the applicable partitions. Beyond protecting itself and its resources, the TOE is also designed such that when the hardware that supports a partition fails, the other partitions will continue uninterrupted.
	Assurance Level	EAL4+ ALC_FLR.2
	Certification Date	31.05.2013
	Expiration Date	31.05.2018
	Mutual Recognition	CCRA
	Target Link	https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C043/IBM-LPAR-Security-Target-v0%2033_FINAL.pdf
	Report Link	https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C043/ISCB-5-RPT-C043-CR-v1b.pdf
	Status	Archive

References ?

No references are available for this certificate.

Updates ?

09.11.2024 The certificate data changed.
Certificate changed

The computed heuristics were updated.
- The scheme_data property was updated, with the {'certification_date': '2013-05-31', 'expiration_date': '2018-05-31', 'enhanced': {'__update__': {'developer': 'International Business Machine (IBM) Corporation3605 Hwy 52 NorthRochester, MM 55901UNITED STATES URL:http://www.ibm.com/systems/power/Email: [email protected]: 507 253 7051Fax: 507 253 2870', 'scope': 'The Target of Evaluation (TOE), IBM Logical Partition Architecture for Power7 operating on IBM Power Systems hardware with AH730_087 or AM740_088 (hereafter referred as LPAR), has been evaluated in the context of hardware models 770 (AM740_088 firmware) and 795 (AH730_087 firmware). The TOE firmware is designed to abstract and virtualise physical hardware resources to provide secure access to the underlying platform for one or more concurrent operating systems. Each virtual platform is known as a partition. The operating systems executing in the available partitions are treated as subjects of the TOE, where the TOE not only provides the necessary operational support for the hosted operating systems, but also serves to separate them from each other to ensure mutual non-interference. While not included as part of the TOE, the TOE is configured using a connected Hardware Management Console (HMC) that provides access to the functions necessary to enable administrative personnel to effectively manage the allocation of resources (i.e., processors, memory, and I/O devices) to the configured partitions. Once the TOE is configured, the HMC must be disconnected so that it offers no interfaces while the TOE is operating in its evaluated configuration. The TOE consists of the PowerVM Hypervisor which provides the virtualisation. The other components of the LPAR such as the Hardware Management Console (HMC), Flexible Service Processor (FSP), Bulk Power Assembly (BPA) and operating systems are outside the TOE scope. The underlying resources of the IBM Power 770 and Power 795 server platforms, including Disks, CPU, RAM, or networking, including the internal virtual switch are considered to be part of the TOE environment. In the context of the evaluation, the TOE provides the following major security features: User data protection – the TOE is designed to instantiate multiple partitions for the purpose of supporting and isolating simultaneous operating systems. As such, it implements a policy where each partition can access only those resources explicitly assigned to it. In terms of access control, the CPU, memory, and I/O devices can be assigned to a given partition and a partition can access those resources only when they are assigned to it. Identification and authentication – the active entity or user of the TOE is partition, which it instantiates. Partitions are implicitly identified and authenticated by internal numerical identifiers associated with partitions (using internal data structures) as they are defined. Being implicitly identified by the TOE, partitions have no need, nor means, to identify themselves. Furthermore, the identification of a partition is guaranteed by the TOE and as such each partition is also continuously authenticated. Security management – the TOE supports several management functions to configure the TOE via the dedicated physical HMC interface (out of scope for this evaluation). Once the TOE is operational (in evaluated configuration), the TOE effectively doesn’t offer any security management functions. However, the TOE serves to restrict the ability to change its own configuration nonetheless. Protection of the TOE Security Function (TSF) – the components of the TOE that protect themselves using the domains provided by Power7 processors. The TOE operates in the privileged domain and the partitions operate in the unprivileged domain. This allows the TOE to protect itself as well as the resources it makes selectively available to the applicable partitions. Beyond protecting itself and its resources, the TOE is also designed such that when the hardware that supports a partition fails, the other partitions will continue uninterrupted.', 'certification_date': '2013-05-31', 'expiration_date': '2018-05-31'}}} data.
22.08.2024 The certificate data changed.
Certificate changed

The state of the certificate object was updated.
- The report property was updated, with the {'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': 'e377e83e14200d9b800525ebb1166bbc17012f561ee7c0e9fe58450cd9f9f856', 'txt_hash': 'f3fb4c5467a07484a94546beac87050c560fb876be9be41a82fd7ab66eca5a0f'} data.
- The st property was updated, with the {'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': 'faa2ff2b9aff7d30a63d545b534ef014ec5aa4690fe2b8564f1964332bed450f', 'txt_hash': 'a264eac76fac0831de31efbc19c7df5347bb976df9c55787a1bb8e595c769c37'} data.
The PDF extraction data was updated.
- The report_metadata property was set to {'pdf_file_size_bytes': 295961, 'pdf_is_encrypted': True, 'pdf_number_of_pages': 28, '/Author': 'Norhazimah Abdul Malek', '/Category': 'PUBLIC', '/Caveat': 'FINAL', '/Classification': 'PUBLIC', '/Company': 'CyberSecurity Malaysia', '/CreationDate': "D:20130613130210+08'00'", '/Creator': 'Acrobat PDFMaker 10.1 for Word', '/Developer': 'International Business Machine (IBM) Corporation', '/Document Type': 'REPORT', '/Identifier': 'ISCB-5-RPT-C043-CR-v1b', '/Index': 'ISCB_TMP_011', '/Keywords': 'LPAR', '/ModDate': "D:20130613130219+08'00'", '/Phase': 'External', '/Producer': 'Adobe PDF Library 10.0', '/Released': '31 May 2013', '/ST': 'IBM Logical Partition Architecture for Power 7 Security Target', '/ST Version': 'v0.33', '/SourceModified': 'D:20130613050150', '/Sponsor': 'International Business Machine (IBM) Corporation', '/Subject': 'IBM Logical Partition Architecture for Power7 operating on IBM Power Systems hardware with AH730_087 or AM740_088', '/TOE': 'IBM Logical Partition Architecture for Power7 operating on IBM Power Systems hardware with AH730_087 or AM740_088', '/TOE Name': 'LPAR', '/TOE Version': 'AH730_087 or AM740_088', '/Title': 'C043 Certification Report', '/Version': 'v1b', 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['http://www.cybersecurity.my/mycc', 'http://www-933.ibm.com/support/fixcentral/?mode=10&page=isoiec.html', 'mailto:[email protected]', 'http://www.ibm.com/']}}.
- The st_metadata property was set to {'pdf_file_size_bytes': 207813, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 27, '/Author': 'Jim Arnold & Dave McDermitt', '/Company': 'International Business Machines Corporation', '/CreationDate': "D:20130412111346-04'00'", '/Creator': 'Acrobat PDFMaker 10.0 for Word', '/Keywords': '', '/Manager': 'Julie Taylor', '/ModDate': "D:20130412111407-04'00'", '/Producer': 'Adobe PDF Library 10.0', '/SourceModified': 'D:20130412151122', '/Subject': 'Security Target', '/Title': 'Dynamic Logical Partition Architecture for Power5 Security Target', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}.
- The report_frontpage property was set to {}.
- The report_keywords property was set to {'cc_cert_id': {'MY': {'ISCB-5-RPT-C043-CR-v1b': 27}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL4+': 6, 'EAL4': 5, 'EAL4 augmented': 2}}, 'cc_sar': {'ALC': {'ALC_FLR.2': 11}}, 'cc_sfr': {'FDP': {'FDP_ACF.1': 4, 'FDP_IFF.1': 4}, 'FIA': {'FIA_USB.1': 1}, 'FMT': {'FMT_MSA.3': 1}, 'FPT': {'FPT_FLS.1': 1}}, 'cc_claims': {}, 'vendor': {}, 'eval_facility': {}, 'symmetric_crypto': {}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {}, 'crypto_scheme': {}, 'crypto_protocol': {}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'ISO': {'ISO/IEC15408': 2, 'ISO/IEC 18045': 2}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'OutOfScope': {'out of scope': 1, 'several management functions to configure the TOE via the dedicated physical HMC interface (out of scope for PUBLIC FINAL C043 Certification Report - IBM Logical Partition Architecture for Power7': 1}}}.
- The st_keywords property was set to {'cc_cert_id': {}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL 4': 4, 'EAL4': 2, 'EAL 4 augmented': 4, 'EAL4 augmented': 2}}, 'cc_sar': {'ADV': {'ADV_ARC': 1, 'ADV_FSP': 1, 'ADV_IMP': 1, 'ADV_TDS': 1, 'ADV_ARC.1': 10, 'ADV_FSP.4': 11, 'ADV_IMP.1': 7, 'ADV_TDS.3': 15}, 'AGD': {'AGD_OPE': 1, 'AGD_PRE': 1, 'AGD_OPE.1': 10, 'AGD_PRE.1': 6}, 'ALC': {'ALC_FLR.2': 19, 'ALC_CMC': 1, 'ALC_CMS': 1, 'ALC_DEL': 1, 'ALC_DVS': 1, 'ALC_FLR': 1, 'ALC_LCD': 1, 'ALC_TAT': 1, 'ALC_CMC.4': 15, 'ALC_CMS.4': 6, 'ALC_DEL.1': 5, 'ALC_DVS.1': 5, 'ALC_LCD.1': 6, 'ALC_TAT.1': 7}, 'ATE': {'ATE_COV': 1, 'ATE_DPT': 1, 'ATE_FUN': 1, 'ATE_IND': 1, 'ATE_COV.2': 5, 'ATE_DPT.1': 5, 'ATE_FUN.1': 8, 'ATE_IND.2': 7}, 'AVA': {'AVA_VAN': 1, 'AVA_VAN.3': 7}}, 'cc_sfr': {'FDP': {'FDP_ACC': 6, 'FDP_ACC.1': 3, 'FDP_ACF': 4, 'FDP_IFC': 4, 'FDP_IFF': 4, 'FDP_RIP': 3, 'FDP_ACC.2': 6, 'FDP_ACC.2.1': 1, 'FDP_ACC.2.2': 1, 'FDP_ACF.1': 4, 'FDP_ACF.1.1': 1, 'FDP_ACF.1.2': 1, 'FDP_ACF.1.3': 1, 'FDP_ACF.1.4': 1, 'FDP_IFC.2': 6, 'FDP_IFC.2.1': 1, 'FDP_IFC.2.2': 1, 'FDP_IFF.1': 4, 'FDP_IFF.1.1': 1, 'FDP_IFF.1.2': 1, 'FDP_IFF.1.3': 1, 'FDP_IFF.1.4': 1, 'FDP_IFF.1.5': 1, 'FDP_RIP.1': 4, 'FDP_RIP.1.1': 1, 'FDP_IFC.1': 2}, 'FIA': {'FIA_ATD': 3, 'FIA_USB': 3, 'FIA_ATD.1': 5, 'FIA_ATD.1.1': 1, 'FIA_USB.1': 4, 'FIA_USB.1.1': 1, 'FIA_USB.1.2': 1, 'FIA_USB.1.3': 1}, 'FMT': {'FMT_MSA': 8, 'FMT_MSA.1': 5, 'FMT_MSA.1.1': 1, 'FMT_MSA.3': 10, 'FMT_MSA.3.1': 1, 'FMT_MSA.3.2': 1, 'FMT_SMR.1': 6, 'FMT_SMF.1': 5}, 'FPT': {'FPT_FLS': 3, 'FPT_FLS.1': 4, 'FPT_FLS.1.1': 1}}, 'cc_claims': {'O': {'O.AUTHORIZATION': 4, 'O.COMMUNICATION': 3, 'O.NONINTERFERE': 4}, 'T': {'T.ACCESS': 3, 'T.COMMUNICATE': 2, 'T.INTERFERE': 3}, 'A': {'A.CONNECT': 3, 'A.LOCATE': 2, 'A.MANAGE': 3}, 'OE': {'OE.ADMIN': 2, 'OE.INSTALL': 2, 'OE.PHYSICAL': 2}}, 'vendor': {}, 'eval_facility': {}, 'symmetric_crypto': {}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {}, 'crypto_scheme': {}, 'crypto_protocol': {}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}.
- The report_filename property was set to ISCB-5-RPT-C043-CR-v1b.pdf.
- The st_filename property was set to IBM-LPAR-Security-Target-v0 33_FINAL.pdf.
The computed heuristics were updated.
- The cert_id property was set to ISCB-5-RPT-C043-CR-v1b.
- The extracted_sars property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DVS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_VAN', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_DPT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_TAT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 4}]} values added.
17.08.2024 The certificate data changed.
Certificate changed

The report_link was updated.
- The new value is https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ISCB-5-RPT-C043-CR-v1b.pdf.
The st_link was updated.
- The new value is https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/IBM-LPAR-Security-Target-v0%2033_FINAL.pdf.
The state of the certificate object was updated.
- The report property was updated, with the {'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None} data.
- The st property was updated, with the {'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None} data.
The PDF extraction data was updated.
- The report_metadata property was set to None.
- The st_metadata property was set to None.
- The report_frontpage property was set to None.
- The report_keywords property was set to None.
- The st_keywords property was set to None.
- The report_filename property was set to None.
- The st_filename property was set to None.
The computed heuristics were updated.
- The cert_id property was set to None.
- The extracted_sars property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DVS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_VAN', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_DPT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_TAT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 3}]} values discarded.
23.07.2024 The certificate was first processed.

New certificate

A new Common Criteria certificate with the product name IBM Logical Partition Architecture for Power7 operating on IBM Power Systems hardware with AH730_087 or AM740_088 was processed.

Raw data

{
  "_type": "sec_certs.sample.cc.CCCertificate",
  "category": "Access Control Devices and Systems",
  "cert_link": null,
  "dgst": "e891a1bf42b1ef69",
  "heuristics": {
    "_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
    "annotated_references": null,
    "cert_id": "ISCB-5-RPT-C043-CR-v1b",
    "cert_lab": null,
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_sars": {
      "_type": "Set",
      "elements": [
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_IND",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_DPT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AVA_VAN",
          "level": 3
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMS",
          "level": 4
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_TAT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_ARC",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_FSP",
          "level": 4
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_LCD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_FLR",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_PRE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_OPE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_IMP",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMC",
          "level": 4
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_FUN",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_DVS",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_DEL",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_COV",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_TDS",
          "level": 3
        }
      ]
    },
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "-"
      ]
    },
    "indirect_transitive_cves": null,
    "related_cves": null,
    "report_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "scheme_data": {
      "cert_no": "2013-003-C043",
      "certification_date": "2013-05-31",
      "developer": "International Business Machine (IBM) Corporation",
      "enhanced": {
        "assurance_level": "EAL4+ ALC_FLR.2",
        "category": "Access Control Devices and System",
        "cert_id": "C043",
        "certification_date": "2013-05-31",
        "developer": "International Business Machine (IBM) Corporation3605 Hwy 52 NorthRochester, MM 55901UNITED STATES URL:http://www.ibm.com/systems/power/Email: [email protected]: 507 253 7051Fax: 507 253 2870",
        "expiration_date": "2018-05-31",
        "mutual_recognition": "CCRA",
        "product": "IBM Logical Partition Architecture for Power7 operating on IBM Power Systems hardware with AH730_087 or AM740_088",
        "report_link": "https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C043/ISCB-5-RPT-C043-CR-v1b.pdf",
        "scope": "The Target of Evaluation (TOE), IBM Logical Partition Architecture for Power7 operating on IBM Power Systems hardware with AH730_087 or AM740_088 (hereafter referred as LPAR), has been evaluated in the context of hardware models 770 (AM740_088 firmware) and 795 (AH730_087 firmware). The TOE firmware is designed to abstract and virtualise physical hardware resources to provide secure access to the underlying platform for one or more concurrent operating systems. Each virtual platform is known as a partition. The operating systems executing in the available partitions are treated as subjects of the TOE, where the TOE not only provides the necessary operational support for the hosted operating systems, but also serves to separate them from each other to ensure mutual non-interference. While not included as part of the TOE, the TOE is configured using a connected Hardware Management Console (HMC) that provides access to the functions necessary to enable administrative personnel to effectively manage the allocation of resources (i.e., processors, memory, and I/O devices) to the configured partitions. Once the TOE is configured, the HMC must be disconnected so that it offers no interfaces while the TOE is operating in its evaluated configuration. The TOE consists of the PowerVM Hypervisor which provides the virtualisation. The other components of the LPAR such as the Hardware Management Console (HMC), Flexible Service Processor (FSP), Bulk Power Assembly (BPA) and operating systems are outside the TOE scope. The underlying resources of the IBM Power 770 and Power 795 server platforms, including Disks, CPU, RAM, or networking, including the internal virtual switch are considered to be part of the TOE environment. In the context of the evaluation, the TOE provides the following major security features: User data protection \u2013 the TOE is designed to instantiate multiple partitions for the purpose of supporting and isolating simultaneous operating systems. As such, it implements a policy where each partition can access only those resources explicitly assigned to it. In terms of access control, the CPU, memory, and I/O devices can be assigned to a given partition and a partition can access those resources only when they are assigned to it. Identification and authentication \u2013 the active entity or user of the TOE is partition, which it instantiates. Partitions are implicitly identified and authenticated by internal numerical identifiers associated with partitions (using internal data structures) as they are defined. Being implicitly identified by the TOE, partitions have no need, nor means, to identify themselves. Furthermore, the identification of a partition is guaranteed by the TOE and as such each partition is also continuously authenticated. Security management \u2013 the TOE supports several management functions to configure the TOE via the dedicated physical HMC interface (out of scope for this evaluation). Once the TOE is operational (in evaluated configuration), the TOE effectively doesn\u2019t offer any security management functions. However, the TOE serves to restrict the ability to change its own configuration nonetheless. Protection of the TOE Security Function (TSF) \u2013 the components of the TOE that protect themselves using the domains provided by Power7 processors. The TOE operates in the privileged domain and the partitions operate in the unprivileged domain. This allows the TOE to protect itself as well as the resources it makes selectively available to the applicable partitions. Beyond protecting itself and its resources, the TOE is also designed such that when the hardware that supports a partition fails, the other partitions will continue uninterrupted.",
        "status": "Archive",
        "target_link": "https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C043/IBM-LPAR-Security-Target-v0%2033_FINAL.pdf",
        "type": "Set of hardware and firmware designed to abstract and virtualise physical hardware resources to provide secure access to the underlying platform for one or more concurrent operating systems."
      },
      "expiration_date": "2018-05-31",
      "level": "EAL4+ ALC_FLR.2",
      "product": "IBM Logical Partition Architecture for Power7 operating on IBM Power Systems hardware with AH730_087 or AM740_088",
      "recognition": "CCRA",
      "url": "https://iscb.cybersecurity.my/index.php/certification/product-certification/mycc/archived-certified-products-and-systems/submission-view/69"
    },
    "st_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "verified_cpe_matches": null
  },
  "maintenance_updates": {
    "_type": "Set",
    "elements": []
  },
  "manufacturer": "International Business Machine (IBM) Corporation",
  "manufacturer_web": "https://www.ibm.com/systems/power/",
  "name": "IBM Logical Partition Architecture for Power7 operating on IBM Power Systems hardware with AH730_087 or AM740_088",
  "not_valid_after": "2018-05-31",
  "not_valid_before": "2013-05-31",
  "pdf_data": {
    "_type": "sec_certs.sample.cc.CCCertificate.PdfData",
    "cert_filename": null,
    "cert_frontpage": null,
    "cert_keywords": null,
    "cert_metadata": null,
    "report_filename": "ISCB-5-RPT-C043-CR-v1b.pdf",
    "report_frontpage": {},
    "report_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {
        "MY": {
          "ISCB-5-RPT-C043-CR-v1b": 27
        }
      },
      "cc_claims": {},
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ALC": {
          "ALC_FLR.2": 11
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL4": 5,
          "EAL4 augmented": 2,
          "EAL4+": 6
        }
      },
      "cc_sfr": {
        "FDP": {
          "FDP_ACF.1": 4,
          "FDP_IFF.1": 4
        },
        "FIA": {
          "FIA_USB.1": 1
        },
        "FMT": {
          "FMT_MSA.3": 1
        },
        "FPT": {
          "FPT_FLS.1": 1
        }
      },
      "certification_process": {
        "OutOfScope": {
          "out of scope": 1,
          "several management functions to configure the TOE via the dedicated physical HMC interface (out of scope for PUBLIC FINAL C043 Certification Report - IBM Logical Partition Architecture for Power7": 1
        }
      },
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "hash_function": {},
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {
        "ISO": {
          "ISO/IEC 18045": 2,
          "ISO/IEC15408": 2
        }
      },
      "symmetric_crypto": {},
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "report_metadata": {
      "/Author": "Norhazimah Abdul Malek",
      "/Category": "PUBLIC",
      "/Caveat": "FINAL",
      "/Classification": "PUBLIC",
      "/Company": "CyberSecurity Malaysia",
      "/CreationDate": "D:20130613130210+08\u002700\u0027",
      "/Creator": "Acrobat PDFMaker 10.1 for Word",
      "/Developer": "International Business Machine (IBM) Corporation",
      "/Document Type": "REPORT",
      "/Identifier": "ISCB-5-RPT-C043-CR-v1b",
      "/Index": "ISCB_TMP_011",
      "/Keywords": "LPAR",
      "/ModDate": "D:20130613130219+08\u002700\u0027",
      "/Phase": "External",
      "/Producer": "Adobe PDF Library 10.0",
      "/Released": "31 May 2013",
      "/ST": "IBM Logical Partition Architecture for Power 7 Security Target",
      "/ST Version": "v0.33",
      "/SourceModified": "D:20130613050150",
      "/Sponsor": "International Business Machine (IBM) Corporation",
      "/Subject": "IBM Logical Partition Architecture for Power7 operating on IBM Power Systems hardware with AH730_087 or AM740_088",
      "/TOE": "IBM Logical Partition Architecture for Power7 operating on IBM Power Systems hardware with AH730_087 or AM740_088",
      "/TOE Name": "LPAR",
      "/TOE Version": "AH730_087 or AM740_088",
      "/Title": "C043 Certification Report",
      "/Version": "v1b",
      "pdf_file_size_bytes": 295961,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "http://www.ibm.com/",
          "mailto:[email protected]",
          "http://www-933.ibm.com/support/fixcentral/?mode=10\u0026page=isoiec.html",
          "http://www.cybersecurity.my/mycc"
        ]
      },
      "pdf_is_encrypted": true,
      "pdf_number_of_pages": 28
    },
    "st_filename": "IBM-LPAR-Security-Target-v0 33_FINAL.pdf",
    "st_frontpage": null,
    "st_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {},
      "cc_claims": {
        "A": {
          "A.CONNECT": 3,
          "A.LOCATE": 2,
          "A.MANAGE": 3
        },
        "O": {
          "O.AUTHORIZATION": 4,
          "O.COMMUNICATION": 3,
          "O.NONINTERFERE": 4
        },
        "OE": {
          "OE.ADMIN": 2,
          "OE.INSTALL": 2,
          "OE.PHYSICAL": 2
        },
        "T": {
          "T.ACCESS": 3,
          "T.COMMUNICATE": 2,
          "T.INTERFERE": 3
        }
      },
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ADV": {
          "ADV_ARC": 1,
          "ADV_ARC.1": 10,
          "ADV_FSP": 1,
          "ADV_FSP.4": 11,
          "ADV_IMP": 1,
          "ADV_IMP.1": 7,
          "ADV_TDS": 1,
          "ADV_TDS.3": 15
        },
        "AGD": {
          "AGD_OPE": 1,
          "AGD_OPE.1": 10,
          "AGD_PRE": 1,
          "AGD_PRE.1": 6
        },
        "ALC": {
          "ALC_CMC": 1,
          "ALC_CMC.4": 15,
          "ALC_CMS": 1,
          "ALC_CMS.4": 6,
          "ALC_DEL": 1,
          "ALC_DEL.1": 5,
          "ALC_DVS": 1,
          "ALC_DVS.1": 5,
          "ALC_FLR": 1,
          "ALC_FLR.2": 19,
          "ALC_LCD": 1,
          "ALC_LCD.1": 6,
          "ALC_TAT": 1,
          "ALC_TAT.1": 7
        },
        "ATE": {
          "ATE_COV": 1,
          "ATE_COV.2": 5,
          "ATE_DPT": 1,
          "ATE_DPT.1": 5,
          "ATE_FUN": 1,
          "ATE_FUN.1": 8,
          "ATE_IND": 1,
          "ATE_IND.2": 7
        },
        "AVA": {
          "AVA_VAN": 1,
          "AVA_VAN.3": 7
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 4": 4,
          "EAL 4 augmented": 4,
          "EAL4": 2,
          "EAL4 augmented": 2
        }
      },
      "cc_sfr": {
        "FDP": {
          "FDP_ACC": 6,
          "FDP_ACC.1": 3,
          "FDP_ACC.2": 6,
          "FDP_ACC.2.1": 1,
          "FDP_ACC.2.2": 1,
          "FDP_ACF": 4,
          "FDP_ACF.1": 4,
          "FDP_ACF.1.1": 1,
          "FDP_ACF.1.2": 1,
          "FDP_ACF.1.3": 1,
          "FDP_ACF.1.4": 1,
          "FDP_IFC": 4,
          "FDP_IFC.1": 2,
          "FDP_IFC.2": 6,
          "FDP_IFC.2.1": 1,
          "FDP_IFC.2.2": 1,
          "FDP_IFF": 4,
          "FDP_IFF.1": 4,
          "FDP_IFF.1.1": 1,
          "FDP_IFF.1.2": 1,
          "FDP_IFF.1.3": 1,
          "FDP_IFF.1.4": 1,
          "FDP_IFF.1.5": 1,
          "FDP_RIP": 3,
          "FDP_RIP.1": 4,
          "FDP_RIP.1.1": 1
        },
        "FIA": {
          "FIA_ATD": 3,
          "FIA_ATD.1": 5,
          "FIA_ATD.1.1": 1,
          "FIA_USB": 3,
          "FIA_USB.1": 4,
          "FIA_USB.1.1": 1,
          "FIA_USB.1.2": 1,
          "FIA_USB.1.3": 1
        },
        "FMT": {
          "FMT_MSA": 8,
          "FMT_MSA.1": 5,
          "FMT_MSA.1.1": 1,
          "FMT_MSA.3": 10,
          "FMT_MSA.3.1": 1,
          "FMT_MSA.3.2": 1,
          "FMT_SMF.1": 5,
          "FMT_SMR.1": 6
        },
        "FPT": {
          "FPT_FLS": 3,
          "FPT_FLS.1": 4,
          "FPT_FLS.1.1": 1
        }
      },
      "certification_process": {},
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "hash_function": {},
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {},
      "symmetric_crypto": {},
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "st_metadata": {
      "/Author": "Jim Arnold \u0026 Dave McDermitt",
      "/Company": "International Business Machines Corporation",
      "/CreationDate": "D:20130412111346-04\u002700\u0027",
      "/Creator": "Acrobat PDFMaker 10.0 for Word",
      "/Keywords": "",
      "/Manager": "Julie Taylor",
      "/ModDate": "D:20130412111407-04\u002700\u0027",
      "/Producer": "Adobe PDF Library 10.0",
      "/SourceModified": "D:20130412151122",
      "/Subject": "Security Target",
      "/Title": "Dynamic Logical Partition Architecture for Power5 Security Target",
      "pdf_file_size_bytes": 207813,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 27
    }
  },
  "protection_profiles": {
    "_type": "Set",
    "elements": []
  },
  "report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ISCB-5-RPT-C043-CR-v1b.pdf",
  "scheme": "MY",
  "security_level": {
    "_type": "Set",
    "elements": [
      "ALC_FLR.2",
      "EAL4+"
    ]
  },
  "st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/IBM-LPAR-Security-Target-v0%2033_FINAL.pdf",
  "state": {
    "_type": "sec_certs.sample.cc.CCCertificate.InternalState",
    "cert": {
      "_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
      "convert_garbage": false,
      "convert_ok": false,
      "download_ok": false,
      "extract_ok": false,
      "pdf_hash": null,
      "txt_hash": null
    },
    "report": {
      "_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
      "convert_garbage": false,
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "pdf_hash": "e377e83e14200d9b800525ebb1166bbc17012f561ee7c0e9fe58450cd9f9f856",
      "txt_hash": "f3fb4c5467a07484a94546beac87050c560fb876be9be41a82fd7ab66eca5a0f"
    },
    "st": {
      "_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
      "convert_garbage": false,
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "pdf_hash": "faa2ff2b9aff7d30a63d545b534ef014ec5aa4690fe2b8564f1964332bed450f",
      "txt_hash": "a264eac76fac0831de31efbc19c7df5347bb976df9c55787a1bb8e595c769c37"
    }
  },
  "status": "archived"
}

IBM Logical Partition Architecture for Power7 operating on IBM Power Systems hardware with AH730_087 or AM740_088

CSV information ?

Heuristics summary ?

Certificate ?

Certification report ?

Extracted keywords

Common Criteria

Security level

Security Assurance Requirements (SAR)

Security Functional Requirements (SFR)

Certificates

Security

Certification process

Other

Standards

File metadata

Security target ?

Extracted keywords

Common Criteria

Security level

Claims

Security Assurance Requirements (SAR)

Security Functional Requirements (SFR)

File metadata

Heuristics ?

Extracted SARs

Similar certificates

Scheme data ?

References ?

Updates ?

Certificate changed

Certificate changed

Certificate changed

New certificate

Raw data