CENTAGATE v3.010-build13

CSV information ?

Status archived
Valid from 06.06.2017
Valid until 06.06.2022
Scheme 🇲🇾 MY
Manufacturer SecureMetric Technology Sdn Bhd
Category Other Devices and Systems
Security level ALC_FLR.2, EAL4+

Heuristics summary ?

Certificate ID: ISCB-3-RPT-C072-CR-v1

Certificate ?

Certification report ?

Extracted keywords

Protocols
VPN

Security level
EAL4+, EAL4, EAL4 augmented
Security Assurance Requirements (SAR)
ALC_FLR.2
Certificates
ISCB-3-RPT-C072-CR-v1

Certification process
out of scope, OTP Hardware token, where this is out of the evaluation. SMS service to register the device is also out of scope. 18 Potential consumers of the TOE are advised that some functions and services may not have been

Standards
ISO/IEC15408, ISO/IEC 18045

File metadata

Title C072 Certification Report
Subject CENTAGATE v3.0.10-build13
Keywords MyCB_TMP_002
Author ISCB Department
Creation date D:20170720054033+00'00'
Modification date D:20170720054033+00'00'
Pages 29
Creator Microsoft Word

Security target ?

Extracted keywords

Symmetric Algorithms
AES
Asymmetric Algorithms
ECC
Protocols
SSL

Security level
EAL 4, EAL4, EAL 4 augmented, EAL4 augmented
Claims
D, O.USER_ACC_CONTROL, O.TRAFFIC_PROTECTION, O.MOBILE_SENSITVE_PROTECTION, O.AUDIT, O.AUTH_MECH, O.ALERT, O.MOBILE_SENSITVE_, O.MOBILE_SENSITVE, O.USER_ACC, T.WEB_ATTACK, T.MOBILE_ATTACK, T.DATA_ACCESS, T.CUMMUNICATION_ATTACK, T.USER_ACC_CONTROL, T.MOBILE, T.CUMMUNICATION, A.NO_EVIL, A.TIME_STAMP, A.MAIL_SERVER, A.PORT_PROTECT, A.FIREWALL, A.COMPENT_ADMINSTRATORS, A.OPERATING_SYSTEM, A.COMPENT_ADMIN, A.MALICIOUS_CODE, OE.NO_EVIL, OE.TIME_STAMP, OE.MAIL_SERVER, OE.PORT_PROTECT, OE.FIREWALL, OE.COMPENT_ADMINSTRATORS, OE.MALICIOUS_CODE_NOT_SIGN, OE.OPERATING_SYSTEM, OE.PHYSICAL_PROTECTION, OE.COMPENT_, OE.MALICIOUS_CODE_N
Security Assurance Requirements (SAR)
ADV_ARC.1, ADV_FSP.4, ADV_IMP, ADV_TDS.3, AGD_OPE.1, AGD_PRE.1, ALC_FLR.2, ALC_FRL.2, ALC_CMC.4, ALC_CMS.4, ALC_DEL.1, ALC_DVS.1, ALC_LCD.1, ALC_TAT.1, ATE_COV.2, ATE_DPT.1, ATE_FUN.1, ATE_IND.2, AVA_VAN.3, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_TSS.1
Security Functional Requirements (SFR)
FAU_ARP.1, FAU_GEN.1, FAU_GEN.2, FAU_SAR.1, FAU_SAR.2, FAU_SAA.1, FAU_SAA.2, FAU_ARP.1.1, FAU_SAA, FAU_SAA.1.1, FAU_SAA.1.2, FAU_SAA.2.1, FAU_SAA.2.2, FAU_SAA.2.3, FAU_GEN.1.1, FAU_GEN.1.2, FAU_GEN.2.1, FAU_SAR.1.1, FAU_SAR.1.2, FAU_SAR.2.1, FAU_GEN, FAU_SAR, FAU_ARP, FCS_CKM.1, FCS_CKM.2, FCS_CKM.4, FCS_COP.1, FCS_CKM.1.1, FCS_CKM.2.1, FCS_CKM.4.1, FCS_COP.1.1, FDP_ACC.1, FDP_ACF.1, FDP_IFC.1, FDP_ACF.1.1, FDP_ACF.1.2, FDP_ACF.1.3, FDP_ACF.1.4, FDP_ACC.1.1, FDP_ITC.1, FDP_ITC.2, FIA_AFL.1, FIA_ATD.1, FIA_UID.1, FIA_UID.2, FIA_UAU.1, FIA_UAU.2, FIA_UAU.6, FIA_UAU.5, FIA_AFL.1.1, FIA_AFL.1.2, FIA_ATD.1.1, FIA_UAU.2.1, FIA_UAU.5.1, FIA_UAU.5.2, FIA_UAU.6.1, FIA_UID.1.1, FIA_UID.1.2, FIA_UID.2.1, FIA_UAU.1.1, FIA_UAU.1.2, FMT_MSA.1, FMT_MSA.3, FMT_SMF.1, FMT_SMR.1, FMT_MSA.1.1, FMT_MSA.3.1, FMT_MSA.3.2, FMT_SMF.1.1, FMT_SMR.1.1, FMT_SMR.1.2, FPT_STM.1, FTA_TAH.1, FTA_TAH

Certification process
out of scope, Out of Scope, token. This is out of the scope of the evaluation. Also, using SMS to register the device is also out of scope of evaluation. SecureMetric Technology Sdn Bhd 2016 Page 17 of 76 For QR code registration, procedure. Table 21: Authentication Components Authentication Method of authentication PKI token (out of scope) The user prompted to select the valid certificate from the list, and then TOE will verify the, serial number / fingerprint that stored in the DB. Hardware CR OTP (out of scope) User needs to have CR OTP token to use this feature. User will request for a challenge from the, which will then be used by the user to generate the OTP. Hardware OTP (out of scope) User needs to have OTP token to use this feature. User will generate an OTP from the OTP token and, issuer certificate validity, certificate status, and the certificate owner Mobile audio pass (Out of Scope) TOE will generate challenge and PKI certificate will be used to sign the challenge. The signature, then be sent back to the TOE by the mobile application and verified for its validity. FIDO (out of scope) User need to plugged in the token then click on the button of the token to submit the validation

Standards
PKCS#12, PKCS#11

File metadata

Title Centagat Security Target
Keywords ST
Author Rajiv;Biau
Creation date D:20170523024954+00'00'
Modification date D:20170720134505+08'00'
Pages 76
Creator Microsoft Word

Heuristics ?

Certificate ID: ISCB-3-RPT-C072-CR-v1

Extracted SARs

ALC_LCD.1, ATE_DPT.1, ADV_TDS.3, ATE_COV.2, ATE_IND.2, ALC_FRL.2, ALC_FLR.2, ASE_SPD.1, ASE_TSS.1, ADV_ARC.1, ASE_ECD.1, ADV_FSP.4, ALC_CMS.4, ALC_DEL.1, ALC_CMC.4, ATE_FUN.1, ALC_DVS.1, AGD_OPE.1, ASE_CCL.1, ALC_TAT.1, ASE_REQ.2, AGD_PRE.1, ASE_OBJ.2, ASE_INT.1, AVA_VAN.3

Scheme data ?

Cert No 2017-003-C072
Developer SecureMetric Technology Sdn. Bhd.
Level EAL4+ ALC_FLR.2
Product CENTAGATE v3.010-build13
Certification Date 06-06-2017
Expiration Date 06-06-2022
Recognition CCRA
Url https://iscb.cybersecurity.my/index.php/certification/product-certification/mycc/archived-certified-products-and-systems/submission-view/143
Enhanced
Cert Id C072
Product CENTAGATE v3.010-build13
Developer Nickson YauSecureMetric Technology Sdn Bhd2-2, Incubator 2,Technology Park Malaysia,Lebuh Sg. Besi - Puchong, Bukit Jalil57000, Kuala Lumpur, Malaysia Email: [email protected]: 012 301 6966
Category Other Devices and Systems
Type Other devices and systems
Scope CENTAGATE is an enterprise class authentication solution built on JEE technology, that enforce secure authentication for protected resources such as internal web applications. It operates through web interfaces and has the functionality that enables three-factor of authentications and risk-based scoring engine through accessibility of single sign-on (SSO). It consists of Web Application Server and Mobile Applications that supports Android and iOS platform. The following security functions are implemented by the TOE: Security Token Provision; Mobile Protection; Mobile PKI; Hybrid Risk Scoring Engine (Rule-based and Case-based); Cryptographic Module; Key Management System; Authentication Module; Web Administration Module; and Mobile Management Module
Assurance Level EAL4+ ALC_FLR.2
Certification Date 06-06-2017
Expiration Date 06-06-2022
Mutual Recognition CCRA
Target Link https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C072/2017-05-08-CTG-ST-3.0.pdf
Report Link https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C072/ISCB-5-RPT-C072-CR-v1.pdf
Status Archive

References ?

No references are available for this certificate.

Updates ?

  • 22.08.2024 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The report property was updated, with the {'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': 'f3199ae653f0431d2a522093156c61a5eca8133e0e03f2d547f2f0c3fe7c041f', 'txt_hash': 'f8ae20bb0616b9d1dccd2cc74d4b8f8db14635331e6959471cf281a91ce9cfa4'} data.
    • The st property was updated, with the {'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '5faa20e54e2d40841b242ed0dc73a3e0e695b7b6c6c3afc72b3e34c3e195203f', 'txt_hash': '126ab7a86fa2bb50c54640c46980107cb3d2d74eca20b82c2bf505cc9302f4c7'} data.

    The PDF extraction data was updated.

    • The report_metadata property was set to {'pdf_file_size_bytes': 649341, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 29, '/Title': 'C072 Certification Report', '/Author': 'ISCB Department', '/Subject': 'CENTAGATE v3.0.10-build13', '/Keywords': 'MyCB_TMP_002', '/Creator': 'Microsoft Word', '/CreationDate': "D:20170720054033+00'00'", '/ModDate': "D:20170720054033+00'00'", 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['mailto:[email protected]', 'http://www.cybersecurity.my/mycc']}}.
    • The st_metadata property was set to {'pdf_file_size_bytes': 1592329, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 76, '/Author': 'Rajiv;Biau', '/CreationDate': "D:20170523024954+00'00'", '/Creator': 'Microsoft Word', '/Keywords': 'ST', '/ModDate': "D:20170720134505+08'00'", '/Title': 'Centagat Security Target', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}.
    • The report_frontpage property was set to {}.
    • The report_keywords property was set to {'cc_cert_id': {'MY': {'ISCB-3-RPT-C072-CR-v1': 28}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL4+': 4, 'EAL4': 5, 'EAL4 augmented': 1}}, 'cc_sar': {'ALC': {'ALC_FLR.2': 7}}, 'cc_sfr': {}, 'cc_claims': {}, 'vendor': {}, 'eval_facility': {}, 'symmetric_crypto': {}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {}, 'crypto_scheme': {}, 'crypto_protocol': {'VPN': {'VPN': 1}}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'ISO': {'ISO/IEC15408': 2, 'ISO/IEC 18045': 2}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'OutOfScope': {'out of scope': 1, 'OTP Hardware token, where this is out of the evaluation. SMS service to register the device is also out of scope. 18 Potential consumers of the TOE are advised that some functions and services may not have been': 1}}}.
    • The st_keywords property was set to {'cc_cert_id': {}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL 4': 1, 'EAL4': 3, 'EAL 4 augmented': 1, 'EAL4 augmented': 1}}, 'cc_sar': {'ADV': {'ADV_ARC.1': 1, 'ADV_FSP.4': 1, 'ADV_IMP': 1, 'ADV_TDS.3': 1}, 'AGD': {'AGD_OPE.1': 1, 'AGD_PRE.1': 1}, 'ALC': {'ALC_FLR.2': 2, 'ALC_FRL.2': 1, 'ALC_CMC.4': 1, 'ALC_CMS.4': 1, 'ALC_DEL.1': 1, 'ALC_DVS.1': 1, 'ALC_LCD.1': 1, 'ALC_TAT.1': 1}, 'ATE': {'ATE_COV.2': 1, 'ATE_DPT.1': 1, 'ATE_FUN.1': 1, 'ATE_IND.2': 1}, 'AVA': {'AVA_VAN.3': 1}, 'ASE': {'ASE_CCL.1': 1, 'ASE_ECD.1': 1, 'ASE_INT.1': 1, 'ASE_OBJ.2': 1, 'ASE_REQ.2': 1, 'ASE_SPD.1': 1, 'ASE_TSS.1': 1}}, 'cc_sfr': {'FAU': {'FAU_ARP.1': 5, 'FAU_GEN.1': 10, 'FAU_GEN.2': 4, 'FAU_SAR.1': 5, 'FAU_SAR.2': 3, 'FAU_SAA.1': 8, 'FAU_SAA.2': 6, 'FAU_ARP.1.1': 1, 'FAU_SAA': 1, 'FAU_SAA.1.1': 1, 'FAU_SAA.1.2': 1, 'FAU_SAA.2.1': 1, 'FAU_SAA.2.2': 1, 'FAU_SAA.2.3': 1, 'FAU_GEN.1.1': 2, 'FAU_GEN.1.2': 1, 'FAU_GEN.2.1': 1, 'FAU_SAR.1.1': 1, 'FAU_SAR.1.2': 1, 'FAU_SAR.2.1': 1, 'FAU_GEN': 2, 'FAU_SAR': 2, 'FAU_ARP': 3}, 'FCS': {'FCS_CKM.1': 13, 'FCS_CKM.2': 10, 'FCS_CKM.4': 13, 'FCS_COP.1': 11, 'FCS_CKM.1.1': 1, 'FCS_CKM.2.1': 1, 'FCS_CKM.4.1': 1, 'FCS_COP.1.1': 1}, 'FDP': {'FDP_ACC.1': 12, 'FDP_ACF.1': 12, 'FDP_IFC.1': 1, 'FDP_ACF.1.1': 1, 'FDP_ACF.1.2': 1, 'FDP_ACF.1.3': 1, 'FDP_ACF.1.4': 1, 'FDP_ACC.1.1': 1, 'FDP_ITC.1': 3, 'FDP_ITC.2': 3}, 'FIA': {'FIA_AFL.1': 6, 'FIA_ATD.1': 7, 'FIA_UID.1': 13, 'FIA_UID.2': 7, 'FIA_UAU.1': 8, 'FIA_UAU.2': 3, 'FIA_UAU.6': 7, 'FIA_UAU.5': 9, 'FIA_AFL.1.1': 1, 'FIA_AFL.1.2': 1, 'FIA_ATD.1.1': 1, 'FIA_UAU.2.1': 1, 'FIA_UAU.5.1': 1, 'FIA_UAU.5.2': 1, 'FIA_UAU.6.1': 1, 'FIA_UID.1.1': 1, 'FIA_UID.1.2': 1, 'FIA_UID.2.1': 1, 'FIA_UAU.1.1': 1, 'FIA_UAU.1.2': 1}, 'FMT': {'FMT_MSA.1': 5, 'FMT_MSA.3': 5, 'FMT_SMF.1': 5, 'FMT_SMR.1': 12, 'FMT_MSA.1.1': 1, 'FMT_MSA.3.1': 1, 'FMT_MSA.3.2': 1, 'FMT_SMF.1.1': 1, 'FMT_SMR.1.1': 1, 'FMT_SMR.1.2': 1}, 'FPT': {'FPT_STM.1': 3}, 'FTA': {'FTA_TAH.1': 5, 'FTA_TAH': 3}}, 'cc_claims': {'D': {'D': 1}, 'O': {'O.USER_ACC_CONTROL': 19, 'O.TRAFFIC_PROTECTION': 23, 'O.MOBILE_SENSITVE_PROTECTION': 5, 'O.AUDIT': 7, 'O.AUTH_MECH': 8, 'O.ALERT': 6, 'O.MOBILE_SENSITVE_': 1, 'O.MOBILE_SENSITVE': 2, 'O.USER_ACC': 1}, 'T': {'T.WEB_ATTACK': 2, 'T.MOBILE_ATTACK': 1, 'T.DATA_ACCESS': 2, 'T.CUMMUNICATION_ATTACK': 1, 'T.USER_ACC_CONTROL': 1, 'T.MOBILE': 1, 'T.CUMMUNICATION': 1}, 'A': {'A.NO_EVIL': 2, 'A.TIME_STAMP': 2, 'A.MAIL_SERVER': 2, 'A.PORT_PROTECT': 2, 'A.FIREWALL': 2, 'A.COMPENT_ADMINSTRATORS': 1, 'A.OPERATING_SYSTEM': 1, 'A.COMPENT_ADMIN': 1, 'A.MALICIOUS_CODE': 1}, 'OE': {'OE.NO_EVIL': 2, 'OE.TIME_STAMP': 2, 'OE.MAIL_SERVER': 2, 'OE.PORT_PROTECT': 2, 'OE.FIREWALL': 2, 'OE.COMPENT_ADMINSTRATORS': 1, 'OE.MALICIOUS_CODE_NOT_SIGN': 1, 'OE.OPERATING_SYSTEM': 1, 'OE.PHYSICAL_PROTECTION': 1, 'OE.COMPENT_': 1, 'OE.MALICIOUS_CODE_N': 1}}, 'vendor': {}, 'eval_facility': {}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 14}}}, 'asymmetric_crypto': {'ECC': {'ECC': {'ECC': 3}}}, 'pq_crypto': {}, 'hash_function': {}, 'crypto_scheme': {}, 'crypto_protocol': {'TLS': {'SSL': {'SSL': 1}}}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'PKCS': {'PKCS#12': 3, 'PKCS#11': 2}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'OutOfScope': {'out of scope': 5, 'Out of Scope': 1, 'token. This is out of the scope of the evaluation. Also, using SMS to register the device is also out of scope of evaluation. SecureMetric Technology Sdn Bhd 2016 Page 17 of 76 For QR code registration': 1, 'procedure. Table 21: Authentication Components Authentication Method of authentication PKI token (out of scope) The user prompted to select the valid certificate from the list, and then TOE will verify the': 1, 'serial number / fingerprint that stored in the DB. Hardware CR OTP (out of scope) User needs to have CR OTP token to use this feature. User will request for a challenge from the': 1, 'which will then be used by the user to generate the OTP. Hardware OTP (out of scope) User needs to have OTP token to use this feature. User will generate an OTP from the OTP token and': 1, 'issuer certificate validity, certificate status, and the certificate owner Mobile audio pass (Out of Scope) TOE will generate challenge and PKI certificate will be used to sign the challenge. The signature': 1, 'then be sent back to the TOE by the mobile application and verified for its validity. FIDO (out of scope) User need to plugged in the token then click on the button of the token to submit the validation': 1}}}.
    • The report_filename property was set to ISCB-5-RPT-C072-CR-v1.pdf.
    • The st_filename property was set to 2017-05-08-CTG-ST-3.0.pdf.

    The computed heuristics were updated.

    • The cert_id property was set to ISCB-3-RPT-C072-CR-v1.
    • The extracted_sars property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_DPT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_FRL', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_VAN', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DVS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_TAT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}]} values added.
  • 17.08.2024 The certificate data changed.
    Certificate changed

    The report_link was updated.

    • The new value is https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ISCB-5-RPT-C072-CR-v1.pdf.

    The st_link was updated.

    • The new value is https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/2017-05-08-CTG-ST-3.0.pdf.

    The state of the certificate object was updated.

    • The report property was updated, with the {'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None} data.

    The PDF extraction data was updated.

    • The report_metadata property was set to None.
    • The report_frontpage property was set to None.
    • The report_keywords property was set to None.
    • The report_filename property was set to None.

    The computed heuristics were updated.

    • The cert_id property was set to None.
  • 12.08.2024 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The st property was updated, with the {'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None} data.

    The PDF extraction data was updated.

    • The st_metadata property was set to None.
    • The st_keywords property was set to None.
    • The st_filename property was set to None.

    The computed heuristics were updated.

    • The extracted_sars property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_DPT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_FRL', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DVS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_TAT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_VAN', 'level': 3}]} values discarded.
  • 23.07.2024 The certificate was first processed.
    New certificate

    A new Common Criteria certificate with the product name CENTAGATE v3.010-build13 was processed.

Raw data

{
  "_type": "sec_certs.sample.cc.CCCertificate",
  "category": "Other Devices and Systems",
  "cert_link": null,
  "dgst": "4149b933ed4230dd",
  "heuristics": {
    "_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
    "annotated_references": null,
    "cert_id": "ISCB-3-RPT-C072-CR-v1",
    "cert_lab": null,
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_sars": {
      "_type": "Set",
      "elements": [
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_FRL",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_DPT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_DEL",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_TSS",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_FUN",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_REQ",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMS",
          "level": 4
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_CCL",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_PRE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AVA_VAN",
          "level": 3
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_ECD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_DVS",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_IND",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_COV",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_OBJ",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMC",
          "level": 4
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_OPE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_FSP",
          "level": 4
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_LCD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_INT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_SPD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_TAT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_ARC",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_TDS",
          "level": 3
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_FLR",
          "level": 2
        }
      ]
    },
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "3.010"
      ]
    },
    "indirect_transitive_cves": null,
    "related_cves": null,
    "report_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "scheme_data": {
      "cert_no": "2017-003-C072",
      "certification_date": "06-06-2017",
      "developer": "SecureMetric Technology Sdn. Bhd.",
      "enhanced": {
        "assurance_level": "EAL4+ ALC_FLR.2",
        "category": "Other Devices and Systems",
        "cert_id": "C072",
        "certification_date": "06-06-2017",
        "developer": "Nickson YauSecureMetric Technology Sdn Bhd2-2, Incubator 2,Technology Park Malaysia,Lebuh Sg. Besi - Puchong, Bukit Jalil57000, Kuala Lumpur, Malaysia\nEmail: [email protected]: 012 301 6966",
        "expiration_date": "06-06-2022",
        "mutual_recognition": "CCRA",
        "product": "CENTAGATE v3.010-build13",
        "report_link": "https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C072/ISCB-5-RPT-C072-CR-v1.pdf",
        "scope": "CENTAGATE is an enterprise class authentication solution built on JEE technology, that enforce secure authentication for protected resources such as internal web applications. It operates through web interfaces and has the functionality that enables three-factor of authentications and risk-based scoring engine through accessibility of single sign-on (SSO). It consists of Web Application Server and Mobile Applications that supports Android and iOS platform.\nThe following security functions are implemented by the TOE:\n\nSecurity Token Provision;\nMobile Protection;\nMobile PKI;\nHybrid Risk Scoring Engine (Rule-based and Case-based);\nCryptographic Module;\nKey Management System;\nAuthentication Module;\nWeb Administration Module; and\nMobile Management Module",
        "status": "Archive",
        "target_link": "https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C072/2017-05-08-CTG-ST-3.0.pdf",
        "type": "Other devices and systems"
      },
      "expiration_date": "06-06-2022",
      "level": "EAL4+ ALC_FLR.2",
      "product": "CENTAGATE v3.010-build13",
      "recognition": "CCRA",
      "url": "https://iscb.cybersecurity.my/index.php/certification/product-certification/mycc/archived-certified-products-and-systems/submission-view/143"
    },
    "st_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "verified_cpe_matches": null
  },
  "maintenance_updates": {
    "_type": "Set",
    "elements": []
  },
  "manufacturer": "SecureMetric Technology Sdn Bhd",
  "manufacturer_web": "https://www.securemetric.com/",
  "name": "CENTAGATE v3.010-build13",
  "not_valid_after": "2022-06-06",
  "not_valid_before": "2017-06-06",
  "pdf_data": {
    "_type": "sec_certs.sample.cc.CCCertificate.PdfData",
    "cert_filename": null,
    "cert_frontpage": null,
    "cert_keywords": null,
    "cert_metadata": null,
    "report_filename": "ISCB-5-RPT-C072-CR-v1.pdf",
    "report_frontpage": {},
    "report_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {
        "MY": {
          "ISCB-3-RPT-C072-CR-v1": 28
        }
      },
      "cc_claims": {},
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ALC": {
          "ALC_FLR.2": 7
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL4": 5,
          "EAL4 augmented": 1,
          "EAL4+": 4
        }
      },
      "cc_sfr": {},
      "certification_process": {
        "OutOfScope": {
          "OTP Hardware token, where this is out of the evaluation. SMS service to register the device is also out of scope. 18 Potential consumers of the TOE are advised that some functions and services may not have been": 1,
          "out of scope": 1
        }
      },
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "VPN": {
          "VPN": 1
        }
      },
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "hash_function": {},
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {
        "ISO": {
          "ISO/IEC 18045": 2,
          "ISO/IEC15408": 2
        }
      },
      "symmetric_crypto": {},
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "report_metadata": {
      "/Author": "ISCB Department",
      "/CreationDate": "D:20170720054033+00\u002700\u0027",
      "/Creator": "Microsoft Word",
      "/Keywords": "MyCB_TMP_002",
      "/ModDate": "D:20170720054033+00\u002700\u0027",
      "/Subject": "CENTAGATE v3.0.10-build13",
      "/Title": "C072 Certification Report",
      "pdf_file_size_bytes": 649341,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "mailto:[email protected]",
          "http://www.cybersecurity.my/mycc"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 29
    },
    "st_filename": "2017-05-08-CTG-ST-3.0.pdf",
    "st_frontpage": null,
    "st_keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 3
          }
        }
      },
      "cc_cert_id": {},
      "cc_claims": {
        "A": {
          "A.COMPENT_ADMIN": 1,
          "A.COMPENT_ADMINSTRATORS": 1,
          "A.FIREWALL": 2,
          "A.MAIL_SERVER": 2,
          "A.MALICIOUS_CODE": 1,
          "A.NO_EVIL": 2,
          "A.OPERATING_SYSTEM": 1,
          "A.PORT_PROTECT": 2,
          "A.TIME_STAMP": 2
        },
        "D": {
          "D": 1
        },
        "O": {
          "O.ALERT": 6,
          "O.AUDIT": 7,
          "O.AUTH_MECH": 8,
          "O.MOBILE_SENSITVE": 2,
          "O.MOBILE_SENSITVE_": 1,
          "O.MOBILE_SENSITVE_PROTECTION": 5,
          "O.TRAFFIC_PROTECTION": 23,
          "O.USER_ACC": 1,
          "O.USER_ACC_CONTROL": 19
        },
        "OE": {
          "OE.COMPENT_": 1,
          "OE.COMPENT_ADMINSTRATORS": 1,
          "OE.FIREWALL": 2,
          "OE.MAIL_SERVER": 2,
          "OE.MALICIOUS_CODE_N": 1,
          "OE.MALICIOUS_CODE_NOT_SIGN": 1,
          "OE.NO_EVIL": 2,
          "OE.OPERATING_SYSTEM": 1,
          "OE.PHYSICAL_PROTECTION": 1,
          "OE.PORT_PROTECT": 2,
          "OE.TIME_STAMP": 2
        },
        "T": {
          "T.CUMMUNICATION": 1,
          "T.CUMMUNICATION_ATTACK": 1,
          "T.DATA_ACCESS": 2,
          "T.MOBILE": 1,
          "T.MOBILE_ATTACK": 1,
          "T.USER_ACC_CONTROL": 1,
          "T.WEB_ATTACK": 2
        }
      },
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ADV": {
          "ADV_ARC.1": 1,
          "ADV_FSP.4": 1,
          "ADV_IMP": 1,
          "ADV_TDS.3": 1
        },
        "AGD": {
          "AGD_OPE.1": 1,
          "AGD_PRE.1": 1
        },
        "ALC": {
          "ALC_CMC.4": 1,
          "ALC_CMS.4": 1,
          "ALC_DEL.1": 1,
          "ALC_DVS.1": 1,
          "ALC_FLR.2": 2,
          "ALC_FRL.2": 1,
          "ALC_LCD.1": 1,
          "ALC_TAT.1": 1
        },
        "ASE": {
          "ASE_CCL.1": 1,
          "ASE_ECD.1": 1,
          "ASE_INT.1": 1,
          "ASE_OBJ.2": 1,
          "ASE_REQ.2": 1,
          "ASE_SPD.1": 1,
          "ASE_TSS.1": 1
        },
        "ATE": {
          "ATE_COV.2": 1,
          "ATE_DPT.1": 1,
          "ATE_FUN.1": 1,
          "ATE_IND.2": 1
        },
        "AVA": {
          "AVA_VAN.3": 1
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 4": 1,
          "EAL 4 augmented": 1,
          "EAL4": 3,
          "EAL4 augmented": 1
        }
      },
      "cc_sfr": {
        "FAU": {
          "FAU_ARP": 3,
          "FAU_ARP.1": 5,
          "FAU_ARP.1.1": 1,
          "FAU_GEN": 2,
          "FAU_GEN.1": 10,
          "FAU_GEN.1.1": 2,
          "FAU_GEN.1.2": 1,
          "FAU_GEN.2": 4,
          "FAU_GEN.2.1": 1,
          "FAU_SAA": 1,
          "FAU_SAA.1": 8,
          "FAU_SAA.1.1": 1,
          "FAU_SAA.1.2": 1,
          "FAU_SAA.2": 6,
          "FAU_SAA.2.1": 1,
          "FAU_SAA.2.2": 1,
          "FAU_SAA.2.3": 1,
          "FAU_SAR": 2,
          "FAU_SAR.1": 5,
          "FAU_SAR.1.1": 1,
          "FAU_SAR.1.2": 1,
          "FAU_SAR.2": 3,
          "FAU_SAR.2.1": 1
        },
        "FCS": {
          "FCS_CKM.1": 13,
          "FCS_CKM.1.1": 1,
          "FCS_CKM.2": 10,
          "FCS_CKM.2.1": 1,
          "FCS_CKM.4": 13,
          "FCS_CKM.4.1": 1,
          "FCS_COP.1": 11,
          "FCS_COP.1.1": 1
        },
        "FDP": {
          "FDP_ACC.1": 12,
          "FDP_ACC.1.1": 1,
          "FDP_ACF.1": 12,
          "FDP_ACF.1.1": 1,
          "FDP_ACF.1.2": 1,
          "FDP_ACF.1.3": 1,
          "FDP_ACF.1.4": 1,
          "FDP_IFC.1": 1,
          "FDP_ITC.1": 3,
          "FDP_ITC.2": 3
        },
        "FIA": {
          "FIA_AFL.1": 6,
          "FIA_AFL.1.1": 1,
          "FIA_AFL.1.2": 1,
          "FIA_ATD.1": 7,
          "FIA_ATD.1.1": 1,
          "FIA_UAU.1": 8,
          "FIA_UAU.1.1": 1,
          "FIA_UAU.1.2": 1,
          "FIA_UAU.2": 3,
          "FIA_UAU.2.1": 1,
          "FIA_UAU.5": 9,
          "FIA_UAU.5.1": 1,
          "FIA_UAU.5.2": 1,
          "FIA_UAU.6": 7,
          "FIA_UAU.6.1": 1,
          "FIA_UID.1": 13,
          "FIA_UID.1.1": 1,
          "FIA_UID.1.2": 1,
          "FIA_UID.2": 7,
          "FIA_UID.2.1": 1
        },
        "FMT": {
          "FMT_MSA.1": 5,
          "FMT_MSA.1.1": 1,
          "FMT_MSA.3": 5,
          "FMT_MSA.3.1": 1,
          "FMT_MSA.3.2": 1,
          "FMT_SMF.1": 5,
          "FMT_SMF.1.1": 1,
          "FMT_SMR.1": 12,
          "FMT_SMR.1.1": 1,
          "FMT_SMR.1.2": 1
        },
        "FPT": {
          "FPT_STM.1": 3
        },
        "FTA": {
          "FTA_TAH": 3,
          "FTA_TAH.1": 5
        }
      },
      "certification_process": {
        "OutOfScope": {
          "Out of Scope": 1,
          "issuer certificate validity, certificate status, and the certificate owner Mobile audio pass (Out of Scope) TOE will generate challenge and PKI certificate will be used to sign the challenge. The signature": 1,
          "out of scope": 5,
          "procedure. Table 21: Authentication Components Authentication Method of authentication PKI token (out of scope) The user prompted to select the valid certificate from the list, and then TOE will verify the": 1,
          "serial number / fingerprint that stored in the DB. Hardware CR OTP (out of scope) User needs to have CR OTP token to use this feature. User will request for a challenge from the": 1,
          "then be sent back to the TOE by the mobile application and verified for its validity. FIDO (out of scope) User need to plugged in the token then click on the button of the token to submit the validation": 1,
          "token. This is out of the scope of the evaluation. Also, using SMS to register the device is also out of scope of evaluation. SecureMetric Technology Sdn Bhd 2016 Page 17 of 76 For QR code registration": 1,
          "which will then be used by the user to generate the OTP. Hardware OTP (out of scope) User needs to have OTP token to use this feature. User will generate an OTP from the OTP token and": 1
        }
      },
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "TLS": {
          "SSL": {
            "SSL": 1
          }
        }
      },
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "hash_function": {},
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {
        "PKCS": {
          "PKCS#11": 2,
          "PKCS#12": 3
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 14
          }
        }
      },
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "st_metadata": {
      "/Author": "Rajiv;Biau",
      "/CreationDate": "D:20170523024954+00\u002700\u0027",
      "/Creator": "Microsoft Word",
      "/Keywords": "ST",
      "/ModDate": "D:20170720134505+08\u002700\u0027",
      "/Title": "Centagat Security Target",
      "pdf_file_size_bytes": 1592329,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 76
    }
  },
  "protection_profiles": {
    "_type": "Set",
    "elements": []
  },
  "report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ISCB-5-RPT-C072-CR-v1.pdf",
  "scheme": "MY",
  "security_level": {
    "_type": "Set",
    "elements": [
      "EAL4+",
      "ALC_FLR.2"
    ]
  },
  "st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/2017-05-08-CTG-ST-3.0.pdf",
  "state": {
    "_type": "sec_certs.sample.cc.CCCertificate.InternalState",
    "cert": {
      "_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
      "convert_garbage": false,
      "convert_ok": false,
      "download_ok": false,
      "extract_ok": false,
      "pdf_hash": null,
      "txt_hash": null
    },
    "report": {
      "_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
      "convert_garbage": false,
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "pdf_hash": "f3199ae653f0431d2a522093156c61a5eca8133e0e03f2d547f2f0c3fe7c041f",
      "txt_hash": "f8ae20bb0616b9d1dccd2cc74d4b8f8db14635331e6959471cf281a91ce9cfa4"
    },
    "st": {
      "_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
      "convert_garbage": false,
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "pdf_hash": "5faa20e54e2d40841b242ed0dc73a3e0e695b7b6c6c3afc72b3e34c3e195203f",
      "txt_hash": "126ab7a86fa2bb50c54640c46980107cb3d2d74eca20b82c2bf505cc9302f4c7"
    }
  },
  "status": "archived"
}