This page was not yet optimized for use on mobile devices.
Employee Express (EmplX) Security Module v1.0 (Build SVR 2.0)
CSV information ?
| Status | archived |
|---|---|
| Valid from | 04.11.2011 |
| Valid until | 04.11.2016 |
| Scheme | 🇲🇾 MY |
| Manufacturer | MYwave Sdn Bhd |
| Category | Other Devices and Systems |
| Security level | EAL2 |
Heuristics summary ?
Certificate ID: ISCB-5-RPT-C019-CR-v1a
Certificate ?
Certification report ?
Extracted keywords
Hash functions
SHA-224, SHA-256, SHA-384, SHA-512, SHA-2Protocols
SSL, TLSSecurity level
EAL 2, EAL2Security Functional Requirements (SFR)
FCS_COP.1, FDP_ACC.1, FDP_ACF.1.1, FDP_ACF.1.3, FIA_UAU.2, FIA_UID.2, FMT_MSA.1, FMT_MSA.3, FMT_MTD, FMT_SMF.1, FMT_SMR.1, FTP_TRP.1.1, FTP_TRP.1.3Certificates
ISCB-5-RPT-C019-CR-v1aStandards
FIPS 180-2, ISO/IEC15408, ISO/IEC 18045File metadata
| Title | Microsoft Word - ISCB-5-RPT-C019-CR-v1a _web_ |
|---|---|
| Author | Zie |
| Creation date | D:20111109153418+08'00' |
| Modification date | D:20111109153418+08'00' |
| Pages | 30 |
| Creator | PScript5.dll Version 5.2 |
| Producer | Acrobat Distiller 8.3.1 (Windows) |
Security target ?
Extracted keywords
Protocols
SSL, TLSSecurity level
EAL2Claims
O.ACCESS, O.USER, O.MANAGE, O.PASSWORD, O.ORGANISATION, O.COMM, T.ACCESS, T.MANAGEMENT, T.PASSWORD, T.ORGANISATION, T.COMM, A.ENVIRONMENT, A.ADMIN, A.PHYSICAL, A.DATABASE, A.NETWORK, A.PATCH, A.SSL_CONFIG, A.MANAGEMENT, OE.ENVIRONMENT, OE.ADMIN, OE.PHYSICAL, OE.DATABASE, OE.MANAGEMENT, OE.NETWORK, OE.PATCH, OE.SSL_CONFIGSecurity Assurance Requirements (SAR)
ADV_ARC.1, ADV_FSP.2, ADV_TDS.1, AGD_OPE.1, AGD_PRE.1, ALC_CMS.2, ALC_CMC.2, ALC_DEL.1, ATE_IND.2, ATE_FUN.1, ATE_COV.1, AVA_VAN.2, ASE_INT.1, ASE_CCL.1, ASE_SPD.1, ASE_OBJ.2, ASE_REQ.2, ASE_TSS.1, ASE_ECD.1Security Functional Requirements (SFR)
FCS_COP.1, FCS_COP.1.1, FCS_CKM.1, FCS_CKM.4, FCS_COP, FDP_IFF, FDP_ACC.1, FDP_ACF.1, FDP_ITC.1, FDP_ITC.2, FDP_ACC.1.1, FDP_ACF.1.1, FDP_ACF.1.2, FDP_ACF.1.3, FDP_ACF.1.4, FDP_IFC.1, FDP_ACC, FDP_ACF, FIA_UAU.2, FIA_UID.2, FIA_UAU.1, FIA_UAU.2.1, FIA_UID.1, FIA_UID.2.1, FIA_UID, FIA_UAU, FMT_MSA.1, FMT_MSA.3, FMT_MTD, FMT_SMF.1, FMT_SMR.1, FMT_MSA.1.1, FMT_MSA.3.1, FMT_MSA.3.2, FMT_SMF.1.1, FMT_SMR.1.1, FMT_SMR.1.2, FMT_SMR, FMT_MSA, FMT_SMF, FTP_TRP.1, FTP_TRP.1.1, FTP_TRP.1.2, FTP_TRP.1.3File metadata
| Title | Microsoft Word - MYWave EAL2 Security Target _EmplX Security Module_ v1.0 |
|---|---|
| Author | Zie |
| Creation date | D:20111109153646+08'00' |
| Modification date | D:20111109153646+08'00' |
| Pages | 37 |
| Creator | PScript5.dll Version 5.2 |
| Producer | Acrobat Distiller 8.3.1 (Windows) |
Heuristics ?
Certificate ID: ISCB-5-RPT-C019-CR-v1a
Extracted SARs
ASE_CCL.1, ALC_DEL.1, ATE_FUN.1, ATE_IND.2, ADV_ARC.1, ASE_TSS.1, ADV_TDS.1, ATE_COV.1, ASE_SPD.1, ASE_REQ.2, AGD_OPE.1, ASE_ECD.1, ALC_CMS.2, AVA_VAN.2, ASE_INT.1, ALC_CMC.2, AGD_PRE.1, ADV_FSP.2, ASE_OBJ.2Scheme data ?
| Cert No | 2011-018-C019 | |
|---|---|---|
| Developer | MYwave Sdn Bhd | |
| Level | EAL2 | |
| Product | Employee Express (EmplX) Security Module | |
| Certification Date | 04.11.2011 | |
| Expiration Date | 04.11.2016 | |
| Recognition | CCRA | |
| Url | https://iscb.cybersecurity.my/index.php/certification/product-certification/mycc/archived-certified-products-and-systems/submission-view/153 | |
| Enhanced | ||
| Cert Id | C019 | |
| Product | Employee Express (EmplX) Security Module | |
| Developer | Yip Hon Choong 1-3-21, Krystal Point Corporate Park,Jalan Tun Dr Awang,11900 Bayan Lepas, Pulau Pinang MALAYSIA URL: http://www.mywave.bizEmail: [email protected]:+ 604 6403 117 | |
| Category | Other Devices and Systems | |
| Type | Specialist software module designed to be used as a core security controlling module for a web-based application environment | |
| Scope | The Target of Evaluation (TOE), Employee Express (EmplX) Security Module v1.0 (Build SVR 2.0) is a PHP module of EmplX Human Resource Management Systems (HRMS) web application hosted on a web server. It is designed to be used as a core security controlling module for a web-based application environment. The TOE provides core security functionality such as authentication, access control, secure communications and application security management. All http requests to the web server will be meditated by the TOE before allowing access to the rest of the EmplX HRMS. The security functionality that is within the scope of the evaluation includes: Access control – EmplX Security Module manages access control based on user IDs, user roles and access control lists. It maintains access control lists (ACLs) for each object within an organisation. Each ACL maps users and roles to the operations that they are permitted to perform on the object. Organisation Management – EmplX Security Module provides strict controls on organisation management. Only Super Administrators can manage the creation, modification and destruction of an organisation. Users and Supervisors can only operate within their organisation. Identification and Authentication – each user is required to successfully identified using user ID and authenticated using password before any interaction with protected resources within EmplX HRMS is permitted. Security Management - EmplX Security Module provides functions that allow management of the TOE and its security functions. It restricts access to the management functions based on the role of the user. Secure Communications - EmplX Security Module is able to protect the user data from disclosure and modification when it is sent from users' browser to the EmplX HRMS using the secure SSL channel. | |
| Assurance Level | EAL2 | |
| Certification Date | 04.11.2011 | |
| Expiration Date | 04.11.2016 | |
| Mutual Recognition | CCRA | |
| Target Link | https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C019/MYWave%20EAL2%20Security%20Target%20(EmplX%20Security%20Module)%20v1.0.pdf | |
| Report Link | https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C019/ISCB-5-RPT-C019-CR-v1a.pdf | |
| Status | Archive | |
References ?
No references are available for this certificate.
Updates ?
-
09.11.2024 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The scheme_data property was updated, with the
{'certification_date': '2011-11-04', 'expiration_date': '2016-11-04', 'enhanced': {'__update__': {'developer': 'Yip Hon Choong 1-3-21, Krystal Point Corporate Park,Jalan Tun Dr Awang,11900 Bayan Lepas, Pulau Pinang MALAYSIA URL: http://www.mywave.bizEmail: [email protected]:+ 604 6403 117', 'scope': "The Target of Evaluation (TOE), Employee Express (EmplX) Security Module v1.0 (Build SVR 2.0) is a PHP module of EmplX Human Resource Management Systems (HRMS) web application hosted on a web server. It is designed to be used as a core security controlling module for a web-based application environment. The TOE provides core security functionality such as authentication, access control, secure communications and application security management. All http requests to the web server will be meditated by the TOE before allowing access to the rest of the EmplX HRMS. The security functionality that is within the scope of the evaluation includes: Access control – EmplX Security Module manages access control based on user IDs, user roles and access control lists. It maintains access control lists (ACLs) for each object within an organisation. Each ACL maps users and roles to the operations that they are permitted to perform on the object. Organisation Management – EmplX Security Module provides strict controls on organisation management. Only Super Administrators can manage the creation, modification and destruction of an organisation. Users and Supervisors can only operate within their organisation. Identification and Authentication – each user is required to successfully identified using user ID and authenticated using password before any interaction with protected resources within EmplX HRMS is permitted. Security Management - EmplX Security Module provides functions that allow management of the TOE and its security functions. It restricts access to the management functions based on the role of the user. Secure Communications - EmplX Security Module is able to protect the user data from disclosure and modification when it is sent from users' browser to the EmplX HRMS using the secure SSL channel.", 'certification_date': '2011-11-04', 'expiration_date': '2016-11-04'}}}data.
- The scheme_data property was updated, with the
-
22.08.2024 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The report property was updated, with the
{'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '07cf84b17a768e5085d7c46af68294ce06464dc75eadc6f649e97b327d458dd4', 'txt_hash': 'a6f8af6bb1559d78d07e2099b952ae7fcbb5e4c36792ee6011f8ff919e4a63b7'}data. - The st property was updated, with the
{'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '90388516d004d4cc098ba4e2f7443b4a2200487c0e2dcda19faf7fcc40bcdad2', 'txt_hash': 'a59dbdfecef5cdc398d04925eab5575bdb5d333c26a26a851ea7c81b915b7378'}data.
The PDF extraction data was updated.
- The report_metadata property was set to
{'pdf_file_size_bytes': 330254, 'pdf_is_encrypted': True, 'pdf_number_of_pages': 30, '/Author': 'Zie', '/CreationDate': "D:20111109153418+08'00'", '/Creator': 'PScript5.dll Version 5.2', '/ModDate': "D:20111109153418+08'00'", '/Producer': 'Acrobat Distiller 8.3.1 (Windows)', '/Title': 'Microsoft Word - ISCB-5-RPT-C019-CR-v1a _web_', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}. - The st_metadata property was set to
{'pdf_file_size_bytes': 307957, 'pdf_is_encrypted': True, 'pdf_number_of_pages': 37, '/Author': 'Zie', '/CreationDate': "D:20111109153646+08'00'", '/Creator': 'PScript5.dll Version 5.2', '/ModDate': "D:20111109153646+08'00'", '/Producer': 'Acrobat Distiller 8.3.1 (Windows)', '/Title': 'Microsoft Word - MYWave EAL2 Security Target _EmplX Security Module_ v1.0', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}. - The report_frontpage property was set to
{}. - The report_keywords property was set to
{'cc_cert_id': {'MY': {'ISCB-5-RPT-C019-CR-v1a': 30}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL 2': 1, 'EAL2': 10}}, 'cc_sar': {}, 'cc_sfr': {'FCS': {'FCS_COP.1': 1}, 'FDP': {'FDP_ACC.1': 1, 'FDP_ACF.1.1': 1, 'FDP_ACF.1.3': 1}, 'FIA': {'FIA_UAU.2': 1, 'FIA_UID.2': 1}, 'FMT': {'FMT_MSA.1': 1, 'FMT_MSA.3': 1, 'FMT_MTD': 4, 'FMT_SMF.1': 1, 'FMT_SMR.1': 1}, 'FTP': {'FTP_TRP.1.1': 1, 'FTP_TRP.1.3': 1}}, 'cc_claims': {}, 'vendor': {}, 'eval_facility': {}, 'symmetric_crypto': {}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA2': {'SHA-224': 1, 'SHA-256': 2, 'SHA-384': 1, 'SHA-512': 1, 'SHA-2': 2}}}, 'crypto_scheme': {}, 'crypto_protocol': {'TLS': {'SSL': {'SSL': 4}, 'TLS': {'TLS': 1}}}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS 180-2': 2}, 'ISO': {'ISO/IEC15408': 2, 'ISO/IEC 18045': 2}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}. - The st_keywords property was set to
{'cc_cert_id': {}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL2': 9}}, 'cc_sar': {'ADV': {'ADV_ARC.1': 1, 'ADV_FSP.2': 1, 'ADV_TDS.1': 1}, 'AGD': {'AGD_OPE.1': 1, 'AGD_PRE.1': 1}, 'ALC': {'ALC_CMS.2': 1, 'ALC_CMC.2': 1, 'ALC_DEL.1': 1}, 'ATE': {'ATE_IND.2': 1, 'ATE_FUN.1': 1, 'ATE_COV.1': 1}, 'AVA': {'AVA_VAN.2': 1}, 'ASE': {'ASE_INT.1': 4, 'ASE_CCL.1': 4, 'ASE_SPD.1': 4, 'ASE_OBJ.2': 4, 'ASE_REQ.2': 4, 'ASE_TSS.1': 4, 'ASE_ECD.1': 1}}, 'cc_sfr': {'FCS': {'FCS_COP.1': 4, 'FCS_COP.1.1': 1, 'FCS_CKM.1': 3, 'FCS_CKM.4': 3, 'FCS_COP': 1}, 'FDP': {'FDP_IFF': 2, 'FDP_ACC.1': 11, 'FDP_ACF.1': 6, 'FDP_ITC.1': 2, 'FDP_ITC.2': 2, 'FDP_ACC.1.1': 1, 'FDP_ACF.1.1': 1, 'FDP_ACF.1.2': 1, 'FDP_ACF.1.3': 1, 'FDP_ACF.1.4': 1, 'FDP_IFC.1': 2, 'FDP_ACC': 2, 'FDP_ACF': 2}, 'FIA': {'FIA_UAU.2': 4, 'FIA_UID.2': 5, 'FIA_UAU.1': 1, 'FIA_UAU.2.1': 1, 'FIA_UID.1': 4, 'FIA_UID.2.1': 1, 'FIA_UID': 2, 'FIA_UAU': 2}, 'FMT': {'FMT_MSA.1': 6, 'FMT_MSA.3': 7, 'FMT_MTD': 25, 'FMT_SMF.1': 19, 'FMT_SMR.1': 17, 'FMT_MSA.1.1': 1, 'FMT_MSA.3.1': 1, 'FMT_MSA.3.2': 1, 'FMT_SMF.1.1': 1, 'FMT_SMR.1.1': 1, 'FMT_SMR.1.2': 1, 'FMT_SMR': 2, 'FMT_MSA': 2, 'FMT_SMF': 1}, 'FTP': {'FTP_TRP.1': 5, 'FTP_TRP.1.1': 1, 'FTP_TRP.1.2': 1, 'FTP_TRP.1.3': 1}}, 'cc_claims': {'O': {'O.ACCESS': 4, 'O.USER': 5, 'O.MANAGE': 3, 'O.PASSWORD': 3, 'O.ORGANISATION': 3, 'O.COMM': 3}, 'T': {'T.ACCESS': 2, 'T.MANAGEMENT': 2, 'T.PASSWORD': 2, 'T.ORGANISATION': 3, 'T.COMM': 1}, 'A': {'A.ENVIRONMENT': 2, 'A.ADMIN': 2, 'A.PHYSICAL': 2, 'A.DATABASE': 2, 'A.NETWORK': 2, 'A.PATCH': 1, 'A.SSL_CONFIG': 2, 'A.MANAGEMENT': 2}, 'OE': {'OE.ENVIRONMENT': 2, 'OE.ADMIN': 2, 'OE.PHYSICAL': 2, 'OE.DATABASE': 2, 'OE.MANAGEMENT': 2, 'OE.NETWORK': 2, 'OE.PATCH': 2, 'OE.SSL_CONFIG': 2}}, 'vendor': {}, 'eval_facility': {}, 'symmetric_crypto': {}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {}, 'crypto_scheme': {}, 'crypto_protocol': {'TLS': {'SSL': {'SSL': 8}, 'TLS': {'TLS': 1}}}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}. - The report_filename property was set to
ISCB-5-RPT-C019-CR-v1a.pdf. - The st_filename property was set to
MYWave EAL2 Security Target (EmplX Security Module) v1.0.pdf.
The computed heuristics were updated.
- The cert_id property was set to
ISCB-5-RPT-C019-CR-v1a. - The extracted_sars property was set to
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_VAN', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 2}]}.
- The report property was updated, with the
-
17.08.2024 The certificate data changed.
Certificate changed
The report_link was updated.
- The new value is
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ISCB-5-RPT-C019-CR-v1a.pdf.
The st_link was updated.
- The new value is
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/MYWave%20EAL2%20Security%20Target%20(EmplX%20Security%20Module)%20v1.0.pdf.
The state of the certificate object was updated.
- The report property was updated, with the
{'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None}data. - The st property was updated, with the
{'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None}data.
The PDF extraction data was updated.
- The report_metadata property was set to
None. - The st_metadata property was set to
None. - The report_frontpage property was set to
None. - The report_keywords property was set to
None. - The st_keywords property was set to
None. - The report_filename property was set to
None. - The st_filename property was set to
None.
The computed heuristics were updated.
- The cert_id property was set to
None. - The extracted_sars property was set to
None.
- The new value is
-
23.07.2024 The certificate was first processed.
New certificate
A new Common Criteria certificate with the product name Employee Express (EmplX) Security Module v1.0 (Build SVR 2.0) was processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "Other Devices and Systems",
"cert_link": null,
"dgst": "111e346581566c73",
"heuristics": {
"_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
"annotated_references": null,
"cert_id": "ISCB-5-RPT-C019-CR-v1a",
"cert_lab": null,
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_SPD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_IND",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_TSS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_PRE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_OPE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_FUN",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_OBJ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_ECD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_INT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_REQ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_ARC",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_COV",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMC",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_TDS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_CCL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DEL",
"level": 1
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"2.0",
"1.0"
]
},
"indirect_transitive_cves": null,
"related_cves": null,
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"scheme_data": {
"cert_no": "2011-018-C019",
"certification_date": "2011-11-04",
"developer": "MYwave Sdn Bhd",
"enhanced": {
"assurance_level": "EAL2",
"category": "Other Devices and Systems",
"cert_id": "C019",
"certification_date": "2011-11-04",
"developer": "Yip Hon Choong 1-3-21, Krystal Point Corporate Park,Jalan Tun Dr Awang,11900 Bayan Lepas, Pulau Pinang MALAYSIA URL: http://www.mywave.bizEmail: [email protected]:+ 604 6403 117",
"expiration_date": "2016-11-04",
"mutual_recognition": "CCRA",
"product": "Employee Express (EmplX) Security Module",
"report_link": "https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C019/ISCB-5-RPT-C019-CR-v1a.pdf",
"scope": "The Target of Evaluation (TOE), Employee Express (EmplX) Security Module v1.0 (Build SVR 2.0) is a PHP module of EmplX Human Resource Management Systems (HRMS) web application hosted on a web server. It is designed to be used as a core security controlling module for a web-based application environment. The TOE provides core security functionality such as authentication, access control, secure communications and application security management. All http requests to the web server will be meditated by the TOE before allowing access to the rest of the EmplX HRMS. The security functionality that is within the scope of the evaluation includes: Access control \u2013 EmplX Security Module manages access control based on user IDs, user roles and access control lists. It maintains access control lists (ACLs) for each object within an organisation. Each ACL maps users and roles to the operations that they are permitted to perform on the object. Organisation Management \u2013 EmplX Security Module provides strict controls on organisation management. Only Super Administrators can manage the creation, modification and destruction of an organisation. Users and Supervisors can only operate within their organisation. Identification and Authentication \u2013 each user is required to successfully identified using user ID and authenticated using password before any interaction with protected resources within EmplX HRMS is permitted. Security Management - EmplX Security Module provides functions that allow management of the TOE and its security functions. It restricts access to the management functions based on the role of the user. Secure Communications - EmplX Security Module is able to protect the user data from disclosure and modification when it is sent from users\u0027 browser to the EmplX HRMS using the secure SSL channel.",
"status": "Archive",
"target_link": "https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C019/MYWave%20EAL2%20Security%20Target%20(EmplX%20Security%20Module)%20v1.0.pdf",
"type": "Specialist software module designed to be used as a core security controlling module for a web-based application environment"
},
"expiration_date": "2016-11-04",
"level": "EAL2",
"product": "Employee Express (EmplX) Security Module",
"recognition": "CCRA",
"url": "https://iscb.cybersecurity.my/index.php/certification/product-certification/mycc/archived-certified-products-and-systems/submission-view/153"
},
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": []
},
"manufacturer": "MYwave Sdn Bhd",
"manufacturer_web": "https://www.mywave.biz",
"name": "Employee Express (EmplX) Security Module v1.0 (Build SVR 2.0)",
"not_valid_after": "2016-11-04",
"not_valid_before": "2011-11-04",
"pdf_data": {
"_type": "sec_certs.sample.cc.CCCertificate.PdfData",
"cert_filename": null,
"cert_frontpage": null,
"cert_keywords": null,
"cert_metadata": null,
"report_filename": "ISCB-5-RPT-C019-CR-v1a.pdf",
"report_frontpage": {},
"report_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {
"MY": {
"ISCB-5-RPT-C019-CR-v1a": 30
}
},
"cc_claims": {},
"cc_protection_profile_id": {},
"cc_sar": {},
"cc_security_level": {
"EAL": {
"EAL 2": 1,
"EAL2": 10
}
},
"cc_sfr": {
"FCS": {
"FCS_COP.1": 1
},
"FDP": {
"FDP_ACC.1": 1,
"FDP_ACF.1.1": 1,
"FDP_ACF.1.3": 1
},
"FIA": {
"FIA_UAU.2": 1,
"FIA_UID.2": 1
},
"FMT": {
"FMT_MSA.1": 1,
"FMT_MSA.3": 1,
"FMT_MTD": 4,
"FMT_SMF.1": 1,
"FMT_SMR.1": 1
},
"FTP": {
"FTP_TRP.1.1": 1,
"FTP_TRP.1.3": 1
}
},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"TLS": {
"SSL": {
"SSL": 4
},
"TLS": {
"TLS": 1
}
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {
"SHA": {
"SHA2": {
"SHA-2": 2,
"SHA-224": 1,
"SHA-256": 2,
"SHA-384": 1,
"SHA-512": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 180-2": 2
},
"ISO": {
"ISO/IEC 18045": 2,
"ISO/IEC15408": 2
}
},
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"report_metadata": {
"/Author": "Zie",
"/CreationDate": "D:20111109153418+08\u002700\u0027",
"/Creator": "PScript5.dll Version 5.2",
"/ModDate": "D:20111109153418+08\u002700\u0027",
"/Producer": "Acrobat Distiller 8.3.1 (Windows)",
"/Title": "Microsoft Word - ISCB-5-RPT-C019-CR-v1a _web_",
"pdf_file_size_bytes": 330254,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": true,
"pdf_number_of_pages": 30
},
"st_filename": "MYWave EAL2 Security Target (EmplX Security Module) v1.0.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {},
"cc_claims": {
"A": {
"A.ADMIN": 2,
"A.DATABASE": 2,
"A.ENVIRONMENT": 2,
"A.MANAGEMENT": 2,
"A.NETWORK": 2,
"A.PATCH": 1,
"A.PHYSICAL": 2,
"A.SSL_CONFIG": 2
},
"O": {
"O.ACCESS": 4,
"O.COMM": 3,
"O.MANAGE": 3,
"O.ORGANISATION": 3,
"O.PASSWORD": 3,
"O.USER": 5
},
"OE": {
"OE.ADMIN": 2,
"OE.DATABASE": 2,
"OE.ENVIRONMENT": 2,
"OE.MANAGEMENT": 2,
"OE.NETWORK": 2,
"OE.PATCH": 2,
"OE.PHYSICAL": 2,
"OE.SSL_CONFIG": 2
},
"T": {
"T.ACCESS": 2,
"T.COMM": 1,
"T.MANAGEMENT": 2,
"T.ORGANISATION": 3,
"T.PASSWORD": 2
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"ADV": {
"ADV_ARC.1": 1,
"ADV_FSP.2": 1,
"ADV_TDS.1": 1
},
"AGD": {
"AGD_OPE.1": 1,
"AGD_PRE.1": 1
},
"ALC": {
"ALC_CMC.2": 1,
"ALC_CMS.2": 1,
"ALC_DEL.1": 1
},
"ASE": {
"ASE_CCL.1": 4,
"ASE_ECD.1": 1,
"ASE_INT.1": 4,
"ASE_OBJ.2": 4,
"ASE_REQ.2": 4,
"ASE_SPD.1": 4,
"ASE_TSS.1": 4
},
"ATE": {
"ATE_COV.1": 1,
"ATE_FUN.1": 1,
"ATE_IND.2": 1
},
"AVA": {
"AVA_VAN.2": 1
}
},
"cc_security_level": {
"EAL": {
"EAL2": 9
}
},
"cc_sfr": {
"FCS": {
"FCS_CKM.1": 3,
"FCS_CKM.4": 3,
"FCS_COP": 1,
"FCS_COP.1": 4,
"FCS_COP.1.1": 1
},
"FDP": {
"FDP_ACC": 2,
"FDP_ACC.1": 11,
"FDP_ACC.1.1": 1,
"FDP_ACF": 2,
"FDP_ACF.1": 6,
"FDP_ACF.1.1": 1,
"FDP_ACF.1.2": 1,
"FDP_ACF.1.3": 1,
"FDP_ACF.1.4": 1,
"FDP_IFC.1": 2,
"FDP_IFF": 2,
"FDP_ITC.1": 2,
"FDP_ITC.2": 2
},
"FIA": {
"FIA_UAU": 2,
"FIA_UAU.1": 1,
"FIA_UAU.2": 4,
"FIA_UAU.2.1": 1,
"FIA_UID": 2,
"FIA_UID.1": 4,
"FIA_UID.2": 5,
"FIA_UID.2.1": 1
},
"FMT": {
"FMT_MSA": 2,
"FMT_MSA.1": 6,
"FMT_MSA.1.1": 1,
"FMT_MSA.3": 7,
"FMT_MSA.3.1": 1,
"FMT_MSA.3.2": 1,
"FMT_MTD": 25,
"FMT_SMF": 1,
"FMT_SMF.1": 19,
"FMT_SMF.1.1": 1,
"FMT_SMR": 2,
"FMT_SMR.1": 17,
"FMT_SMR.1.1": 1,
"FMT_SMR.1.2": 1
},
"FTP": {
"FTP_TRP.1": 5,
"FTP_TRP.1.1": 1,
"FTP_TRP.1.2": 1,
"FTP_TRP.1.3": 1
}
},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"TLS": {
"SSL": {
"SSL": 8
},
"TLS": {
"TLS": 1
}
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {},
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"st_metadata": {
"/Author": "Zie",
"/CreationDate": "D:20111109153646+08\u002700\u0027",
"/Creator": "PScript5.dll Version 5.2",
"/ModDate": "D:20111109153646+08\u002700\u0027",
"/Producer": "Acrobat Distiller 8.3.1 (Windows)",
"/Title": "Microsoft Word - MYWave EAL2 Security Target _EmplX Security Module_ v1.0",
"pdf_file_size_bytes": 307957,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": true,
"pdf_number_of_pages": 37
}
},
"protection_profiles": {
"_type": "Set",
"elements": []
},
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ISCB-5-RPT-C019-CR-v1a.pdf",
"scheme": "MY",
"security_level": {
"_type": "Set",
"elements": [
"EAL2"
]
},
"st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/MYWave%20EAL2%20Security%20Target%20(EmplX%20Security%20Module)%20v1.0.pdf",
"state": {
"_type": "sec_certs.sample.cc.CCCertificate.InternalState",
"cert": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": false,
"download_ok": false,
"extract_ok": false,
"pdf_hash": null,
"txt_hash": null
},
"report": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "07cf84b17a768e5085d7c46af68294ce06464dc75eadc6f649e97b327d458dd4",
"txt_hash": "a6f8af6bb1559d78d07e2099b952ae7fcbb5e4c36792ee6011f8ff919e4a63b7"
},
"st": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "90388516d004d4cc098ba4e2f7443b4a2200487c0e2dcda19faf7fcc40bcdad2",
"txt_hash": "a59dbdfecef5cdc398d04925eab5575bdb5d333c26a26a851ea7c81b915b7378"
}
},
"status": "archived"
}