This page was not yet optimized for use on mobile
devices.
Employee Express (EmplX) Security Module v1.0 (Build SVR 2.0)
CSV information
| Status | archived |
|---|---|
| Valid from | 04.11.2011 |
| Valid until | 04.11.2016 |
| Scheme | 🇲🇾 MY |
| Manufacturer | MYwave Sdn Bhd |
| Category | Other Devices and Systems |
| Security level | EAL2 |
Heuristics summary
Certificate ID: ISCB-5-RPT-C019-CR-v1a
Certificate
certificate could not be downloaded, no link is available.
Certification report
Extracted keywords
Hash functions
SHA-224, SHA-256, SHA-384, SHA-512, SHA-2Protocols
SSL, TLSSecurity level
EAL 2, EAL2Security Functional Requirements (SFR)
FCS_COP.1, FDP_ACC.1, FDP_ACF.1.1, FDP_ACF.1.3, FIA_UAU.2, FIA_UID.2, FMT_MSA.1, FMT_MSA.3, FMT_MTD, FMT_SMF.1, FMT_SMR.1, FTP_TRP.1.1, FTP_TRP.1.3Certificates
ISCB-5-RPT-C019-CR-v1aStandards
FIPS 180-2, ISO/IEC15408, ISO/IEC 18045File metadata
| Title | Microsoft Word - ISCB-5-RPT-C019-CR-v1a _web_ |
|---|---|
| Author | Zie |
| Creation date | D:20111109153418+08'00' |
| Modification date | D:20111109153418+08'00' |
| Pages | 30 |
| Creator | PScript5.dll Version 5.2 |
| Producer | Acrobat Distiller 8.3.1 (Windows) |
Security target
Extracted keywords
Protocols
SSL, TLSSecurity level
EAL2Claims
O.ACCESS, O.USER, O.MANAGE, O.PASSWORD, O.ORGANISATION, O.COMM, T.ACCESS, T.MANAGEMENT, T.PASSWORD, T.ORGANISATION, T.COMM, A.ENVIRONMENT, A.ADMIN, A.PHYSICAL, A.DATABASE, A.NETWORK, A.PATCH, A.SSL_CONFIG, A.MANAGEMENT, OE.ENVIRONMENT, OE.ADMIN, OE.PHYSICAL, OE.DATABASE, OE.MANAGEMENT, OE.NETWORK, OE.PATCH, OE.SSL_CONFIGSecurity Assurance Requirements (SAR)
ADV_ARC.1, ADV_FSP.2, ADV_TDS.1, AGD_OPE.1, AGD_PRE.1, ALC_CMS.2, ALC_CMC.2, ALC_DEL.1, ATE_IND.2, ATE_FUN.1, ATE_COV.1, AVA_VAN.2, ASE_INT.1, ASE_CCL.1, ASE_SPD.1, ASE_OBJ.2, ASE_REQ.2, ASE_TSS.1, ASE_ECD.1Security Functional Requirements (SFR)
FCS_COP.1, FCS_COP.1.1, FCS_CKM.1, FCS_CKM.4, FCS_COP, FDP_IFF, FDP_ACC.1, FDP_ACF.1, FDP_ITC.1, FDP_ITC.2, FDP_ACC.1.1, FDP_ACF.1.1, FDP_ACF.1.2, FDP_ACF.1.3, FDP_ACF.1.4, FDP_IFC.1, FDP_ACC, FDP_ACF, FIA_UAU.2, FIA_UID.2, FIA_UAU.1, FIA_UAU.2.1, FIA_UID.1, FIA_UID.2.1, FIA_UID, FIA_UAU, FMT_MSA.1, FMT_MSA.3, FMT_MTD, FMT_SMF.1, FMT_SMR.1, FMT_MSA.1.1, FMT_MSA.3.1, FMT_MSA.3.2, FMT_SMF.1.1, FMT_SMR.1.1, FMT_SMR.1.2, FMT_SMR, FMT_MSA, FMT_SMF, FTP_TRP.1, FTP_TRP.1.1, FTP_TRP.1.2, FTP_TRP.1.3File metadata
| Title | Microsoft Word - MYWave EAL2 Security Target _EmplX Security Module_ v1.0 |
|---|---|
| Author | Zie |
| Creation date | D:20111109153646+08'00' |
| Modification date | D:20111109153646+08'00' |
| Pages | 37 |
| Creator | PScript5.dll Version 5.2 |
| Producer | Acrobat Distiller 8.3.1 (Windows) |
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.Certificate ID
ISCB-5-RPT-C019-CR-v1aExtracted SARs
ADV_ARC.1, ADV_FSP.2, ADV_TDS.1, AGD_OPE.1, AGD_PRE.1, ALC_CMC.2, ALC_CMS.2, ALC_DEL.1, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_TSS.1, ATE_COV.1, ATE_FUN.1, ATE_IND.2, AVA_VAN.2Scheme data
| Cert No | 2011-018-C019 | |
|---|---|---|
| Developer | MYwave Sdn Bhd | |
| Level | EAL2 | |
| Product | Employee Express (EmplX) Security Module | |
| Certification Date | 04.11.2011 | |
| Expiration Date | 04.11.2016 | |
| Recognition | CCRA | |
| Url | https://iscb.cybersecurity.my/index.php/certification/product-certification/mycc/archived-certified-products-and-systems/submission-view/153 | |
| Enhanced | ||
| Developer | Yip Hon Choong 1-3-21, Krystal Point Corporate Park,Jalan Tun Dr Awang,11900 Bayan Lepas, Pulau Pinang MALAYSIA URL: http://www.mywave.bizEmail: [email protected]:+ 604 6403 117 | |
| Status | Archive | |
| Scope | The Target of Evaluation (TOE), Employee Express (EmplX) Security Module v1.0 (Build SVR 2.0) is a PHP module of EmplX Human Resource Management Systems (HRMS) web application hosted on a web server. It is designed to be used as a core security controlling module for a web-based application environment. The TOE provides core security functionality such as authentication, access control, secure communications and application security management. All http requests to the web server will be meditated by the TOE before allowing access to the rest of the EmplX HRMS. The security functionality that is within the scope of the evaluation includes: Access control – EmplX Security Module manages access control based on user IDs, user roles and access control lists. It maintains access control lists (ACLs) for each object within an organisation. Each ACL maps users and roles to the operations that they are permitted to perform on the object. Organisation Management – EmplX Security Module provides strict controls on organisation management. Only Super Administrators can manage the creation, modification and destruction of an organisation. Users and Supervisors can only operate within their organisation. Identification and Authentication – each user is required to successfully identified using user ID and authenticated using password before any interaction with protected resources within EmplX HRMS is permitted. Security Management - EmplX Security Module provides functions that allow management of the TOE and its security functions. It restricts access to the management functions based on the role of the user. Secure Communications - EmplX Security Module is able to protect the user data from disclosure and modification when it is sent from users' browser to the EmplX HRMS using the secure SSL channel. | |
| Cert Id | C019 | |
| Category | Other Devices and Systems | |
| Assurance Level | EAL2 | |
| Product | Employee Express (EmplX) Security Module | |
| Certification Date | 04.11.2011 | |
| Expiration Date | 04.11.2016 | |
| Mutual Recognition | CCRA | |
| Target Link | https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C019/MYWave%20EAL2%20Security%20Target%20(EmplX%20Security%20Module)%20v1.0.pdf | |
| Report Link | https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C019/ISCB-5-RPT-C019-CR-v1a.pdf | |
| Type | Specialist software module designed to be used as a core security controlling module for a web-based application environment | |
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "Other Devices and Systems",
"cert_link": null,
"dgst": "111e346581566c73",
"heuristics": {
"_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
"annotated_references": null,
"cert_id": "ISCB-5-RPT-C019-CR-v1a",
"cert_lab": null,
"cpe_matches": null,
"direct_transitive_cves": null,
"eal": "EAL2",
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DEL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_ARC",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_ECD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_TDS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_FUN",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMC",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_INT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_OPE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_REQ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_COV",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_TSS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_OBJ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_CCL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_IND",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_SPD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_PRE",
"level": 1
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"2.0",
"1.0"
]
},
"indirect_transitive_cves": null,
"next_certificates": null,
"prev_certificates": null,
"protection_profiles": null,
"related_cves": null,
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"scheme_data": {
"cert_no": "2011-018-C019",
"certification_date": "2011-11-04",
"developer": "MYwave Sdn Bhd",
"enhanced": {
"assurance_level": "EAL2",
"category": "Other Devices and Systems",
"cert_id": "C019",
"certification_date": "2011-11-04",
"developer": "Yip Hon Choong 1-3-21, Krystal Point Corporate Park,Jalan Tun Dr Awang,11900 Bayan Lepas, Pulau Pinang MALAYSIA URL: http://www.mywave.bizEmail: [email protected]:+ 604 6403 117",
"expiration_date": "2016-11-04",
"mutual_recognition": "CCRA",
"product": "Employee Express (EmplX) Security Module",
"report_link": "https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C019/ISCB-5-RPT-C019-CR-v1a.pdf",
"scope": "The Target of Evaluation (TOE), Employee Express (EmplX) Security Module v1.0 (Build SVR 2.0) is a PHP module of EmplX Human Resource Management Systems (HRMS) web application hosted on a web server. It is designed to be used as a core security controlling module for a web-based application environment. The TOE provides core security functionality such as authentication, access control, secure communications and application security management. All http requests to the web server will be meditated by the TOE before allowing access to the rest of the EmplX HRMS. The security functionality that is within the scope of the evaluation includes: Access control \u2013 EmplX Security Module manages access control based on user IDs, user roles and access control lists. It maintains access control lists (ACLs) for each object within an organisation. Each ACL maps users and roles to the operations that they are permitted to perform on the object. Organisation Management \u2013 EmplX Security Module provides strict controls on organisation management. Only Super Administrators can manage the creation, modification and destruction of an organisation. Users and Supervisors can only operate within their organisation. Identification and Authentication \u2013 each user is required to successfully identified using user ID and authenticated using password before any interaction with protected resources within EmplX HRMS is permitted. Security Management - EmplX Security Module provides functions that allow management of the TOE and its security functions. It restricts access to the management functions based on the role of the user. Secure Communications - EmplX Security Module is able to protect the user data from disclosure and modification when it is sent from users\u0027 browser to the EmplX HRMS using the secure SSL channel.",
"status": "Archive",
"target_link": "https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C019/MYWave%20EAL2%20Security%20Target%20(EmplX%20Security%20Module)%20v1.0.pdf",
"type": "Specialist software module designed to be used as a core security controlling module for a web-based application environment"
},
"expiration_date": "2016-11-04",
"level": "EAL2",
"product": "Employee Express (EmplX) Security Module",
"recognition": "CCRA",
"url": "https://iscb.cybersecurity.my/index.php/certification/product-certification/mycc/archived-certified-products-and-systems/submission-view/153"
},
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": []
},
"manufacturer": "MYwave Sdn Bhd",
"manufacturer_web": "https://www.mywave.biz",
"name": "Employee Express (EmplX) Security Module v1.0 (Build SVR 2.0)",
"not_valid_after": "2016-11-04",
"not_valid_before": "2011-11-04",
"pdf_data": {
"_type": "sec_certs.sample.cc.CCCertificate.PdfData",
"cert_filename": null,
"cert_frontpage": null,
"cert_keywords": null,
"cert_metadata": null,
"report_filename": "ISCB-5-RPT-C019-CR-v1a.pdf",
"report_frontpage": {},
"report_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {
"MY": {
"ISCB-5-RPT-C019-CR-v1a": 30
}
},
"cc_claims": {},
"cc_protection_profile_id": {},
"cc_sar": {},
"cc_security_level": {
"EAL": {
"EAL 2": 1,
"EAL2": 10
}
},
"cc_sfr": {
"FCS": {
"FCS_COP.1": 1
},
"FDP": {
"FDP_ACC.1": 1,
"FDP_ACF.1.1": 1,
"FDP_ACF.1.3": 1
},
"FIA": {
"FIA_UAU.2": 1,
"FIA_UID.2": 1
},
"FMT": {
"FMT_MSA.1": 1,
"FMT_MSA.3": 1,
"FMT_MTD": 4,
"FMT_SMF.1": 1,
"FMT_SMR.1": 1
},
"FTP": {
"FTP_TRP.1.1": 1,
"FTP_TRP.1.3": 1
}
},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"TLS": {
"SSL": {
"SSL": 4
},
"TLS": {
"TLS": 1
}
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {
"SHA": {
"SHA2": {
"SHA-2": 2,
"SHA-224": 1,
"SHA-256": 2,
"SHA-384": 1,
"SHA-512": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 180-2": 2
},
"ISO": {
"ISO/IEC 18045": 2,
"ISO/IEC15408": 2
}
},
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"report_metadata": {
"/Author": "Zie",
"/CreationDate": "D:20111109153418+08\u002700\u0027",
"/Creator": "PScript5.dll Version 5.2",
"/ModDate": "D:20111109153418+08\u002700\u0027",
"/Producer": "Acrobat Distiller 8.3.1 (Windows)",
"/Title": "Microsoft Word - ISCB-5-RPT-C019-CR-v1a _web_",
"pdf_file_size_bytes": 330254,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": true,
"pdf_number_of_pages": 30
},
"st_filename": "MYWave EAL2 Security Target (EmplX Security Module) v1.0.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {},
"cc_claims": {
"A": {
"A.ADMIN": 2,
"A.DATABASE": 2,
"A.ENVIRONMENT": 2,
"A.MANAGEMENT": 2,
"A.NETWORK": 2,
"A.PATCH": 1,
"A.PHYSICAL": 2,
"A.SSL_CONFIG": 2
},
"O": {
"O.ACCESS": 4,
"O.COMM": 3,
"O.MANAGE": 3,
"O.ORGANISATION": 3,
"O.PASSWORD": 3,
"O.USER": 5
},
"OE": {
"OE.ADMIN": 2,
"OE.DATABASE": 2,
"OE.ENVIRONMENT": 2,
"OE.MANAGEMENT": 2,
"OE.NETWORK": 2,
"OE.PATCH": 2,
"OE.PHYSICAL": 2,
"OE.SSL_CONFIG": 2
},
"T": {
"T.ACCESS": 2,
"T.COMM": 1,
"T.MANAGEMENT": 2,
"T.ORGANISATION": 3,
"T.PASSWORD": 2
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"ADV": {
"ADV_ARC.1": 1,
"ADV_FSP.2": 1,
"ADV_TDS.1": 1
},
"AGD": {
"AGD_OPE.1": 1,
"AGD_PRE.1": 1
},
"ALC": {
"ALC_CMC.2": 1,
"ALC_CMS.2": 1,
"ALC_DEL.1": 1
},
"ASE": {
"ASE_CCL.1": 4,
"ASE_ECD.1": 1,
"ASE_INT.1": 4,
"ASE_OBJ.2": 4,
"ASE_REQ.2": 4,
"ASE_SPD.1": 4,
"ASE_TSS.1": 4
},
"ATE": {
"ATE_COV.1": 1,
"ATE_FUN.1": 1,
"ATE_IND.2": 1
},
"AVA": {
"AVA_VAN.2": 1
}
},
"cc_security_level": {
"EAL": {
"EAL2": 9
}
},
"cc_sfr": {
"FCS": {
"FCS_CKM.1": 3,
"FCS_CKM.4": 3,
"FCS_COP": 1,
"FCS_COP.1": 4,
"FCS_COP.1.1": 1
},
"FDP": {
"FDP_ACC": 2,
"FDP_ACC.1": 11,
"FDP_ACC.1.1": 1,
"FDP_ACF": 2,
"FDP_ACF.1": 6,
"FDP_ACF.1.1": 1,
"FDP_ACF.1.2": 1,
"FDP_ACF.1.3": 1,
"FDP_ACF.1.4": 1,
"FDP_IFC.1": 2,
"FDP_IFF": 2,
"FDP_ITC.1": 2,
"FDP_ITC.2": 2
},
"FIA": {
"FIA_UAU": 2,
"FIA_UAU.1": 1,
"FIA_UAU.2": 4,
"FIA_UAU.2.1": 1,
"FIA_UID": 2,
"FIA_UID.1": 4,
"FIA_UID.2": 5,
"FIA_UID.2.1": 1
},
"FMT": {
"FMT_MSA": 2,
"FMT_MSA.1": 6,
"FMT_MSA.1.1": 1,
"FMT_MSA.3": 7,
"FMT_MSA.3.1": 1,
"FMT_MSA.3.2": 1,
"FMT_MTD": 25,
"FMT_SMF": 1,
"FMT_SMF.1": 19,
"FMT_SMF.1.1": 1,
"FMT_SMR": 2,
"FMT_SMR.1": 17,
"FMT_SMR.1.1": 1,
"FMT_SMR.1.2": 1
},
"FTP": {
"FTP_TRP.1": 5,
"FTP_TRP.1.1": 1,
"FTP_TRP.1.2": 1,
"FTP_TRP.1.3": 1
}
},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"TLS": {
"SSL": {
"SSL": 8
},
"TLS": {
"TLS": 1
}
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {},
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"st_metadata": {
"/Author": "Zie",
"/CreationDate": "D:20111109153646+08\u002700\u0027",
"/Creator": "PScript5.dll Version 5.2",
"/ModDate": "D:20111109153646+08\u002700\u0027",
"/Producer": "Acrobat Distiller 8.3.1 (Windows)",
"/Title": "Microsoft Word - MYWave EAL2 Security Target _EmplX Security Module_ v1.0",
"pdf_file_size_bytes": 307957,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": true,
"pdf_number_of_pages": 37
}
},
"protection_profile_links": {
"_type": "Set",
"elements": []
},
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ISCB-5-RPT-C019-CR-v1a.pdf",
"scheme": "MY",
"security_level": {
"_type": "Set",
"elements": [
"EAL2"
]
},
"st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/MYWave%20EAL2%20Security%20Target%20(EmplX%20Security%20Module)%20v1.0.pdf",
"state": {
"_type": "sec_certs.sample.cc.CCCertificate.InternalState",
"cert": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": false,
"download_ok": false,
"extract_ok": false,
"json_hash": null,
"pdf_hash": null,
"txt_hash": null
},
"report": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"json_hash": null,
"pdf_hash": "07cf84b17a768e5085d7c46af68294ce06464dc75eadc6f649e97b327d458dd4",
"txt_hash": "a6f8af6bb1559d78d07e2099b952ae7fcbb5e4c36792ee6011f8ff919e4a63b7"
},
"st": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"json_hash": null,
"pdf_hash": "90388516d004d4cc098ba4e2f7443b4a2200487c0e2dcda19faf7fcc40bcdad2",
"txt_hash": "a59dbdfecef5cdc398d04925eab5575bdb5d333c26a26a851ea7c81b915b7378"
}
},
"status": "archived"
}