Evaluation Report as part of the Evaluation Technical Report, Part B ETR-Part Deterministic Random Number Generator
|
|
- Adele Warren
- 6 years ago
- Views:
Transcription
1 ##Classification Evaluation Report as part of the Evaluation Technical Report, Part B ETR-Part Deterministic Random Number Generator Evaluation Assurance Level ##EAL 1-7 Version: Version 0.10 Date: Filename: DRNG_Evaluation Product: ##TOE name (long) Sponsor: ##Sponsor (long) Evaluation Facility: ##Evaluation Facility_Name Certification ID: BSI-DSZ-CC-## Signatures: Author(s): ## QS: ## Other Evaluators: ## Report V0.10.odt ##Evaluation Facility_Name page 1 of 16
2 The following document is a template (Version 0.10, ) for the Evaluation Report of the Random number generator. For each task, the template proposes a framework to be used by the evaluator. Each work unit ends with the final judgement of the evaluator. Each framework includes the evaluator statement of a judgement which may be used in case of a positive result. Note 1: Framework elements are highlighted cursively or marked with ##. The evaluator shall delete this text in his final report. ##Evaluation Facility_Name page 2 of 16
3 Document Information History of changes Version Date Approved Changes Application Note (reason for change; effects of change on work units; if applicable, which comments of the certification body were observed) Hesselmann minor changes ##Evaluation Facility_Name page 3 of 16
4 Document Invariants Name Invariant (edit here) Output value Filename and size calculated automatically DRNG_Evaluation Report V0.10.odt Current version Version 0.10 Version 0.10 Date Classification ##Classification ##Classification TOE name (long) ##TOE name (long) ##TOE name (long) TOE name (short) ##TOE name (short) ##TOE name (short) Sponsor (long) ##Sponsor (long) ##Sponsor (long) Sponsor (short) ##Sponsor (short) ##Sponsor (short) Developer (short) ##Developer ##Developer Certification ID BSI-DSZ-CC-## BSI-DSZ-CC-## Certification body (long) Bundesamt für Sicherheit in der Informationstechnik, Godesberger Allee , Bonn, Germany Certification body (short) BSI BSI Bundesamt für Sicherheit in der Informationstechnik, Godesberger Allee , Bonn, Germany ##Evaluation Facility_Name page 4 of 16
5 Table of contents 1 Impact in case of a re-evaluation Evaluation results Examination of DRG Examination of DRG Examination of DRG Indications for Potential Vulnerabilities Missing Information Questions to / Conditions on the Developer Necessary Changes/Improvements Effects on other Documents Annex Glossary and list of acronyms Bibliography...14 ##Evaluation Facility_Name page 5 of 16
6 1 Impact in case of a re-evaluation ## In case of a re-evaluation, the impact resulting from the changes that have been applied to the product must be discussed in this chapter only. Therefore, the evaluator might use the suitable parts of the Impact Analysis Report. ## The differences between the certified and the changed TOE should be discussed in this chapter only. The following chapters should contain the appropriately marked changes with respect to the previous evaluation process. Furthermore, the following chapters should not mention the previous TOE to allow for a consistent description that provides clarify in further re-evaluation activities. ## The current evaluation process is not a re-evaluation process. 2 Evaluation results 2.1 Examination of DRG.1 If the RNG belongs to class DRG.1, the evaluator is expected to handle the work units listed below. To avoid unnecessary repetitions due to several identical work units being part of multiple components, each component begins with a table that displays the changes from the hierarchically-lower ordered components. This table must include exact references. DRNG.1-1 DRNG.1-2 DRNG.1-3 DRNG.1-4 DRNG.1-5 DRNG.1-6 DRNG.1-7 DRNG.1-8 DRNG.1-9 DRNG.1-10 ##Evaluation Facility_Name page 6 of 16
7 [DRNG.1-1] Examine the description of the intended use of the RNG in the developer evidence document, the ST, and the guidance documents, and check whether the descriptions are complete and internally consistent. Some possible conflicts related to RNGs are: The PP / ST refers to different types of RNGs, but it is not clearly stated which one is used for the specific purpose. The PP / ST describes the use of DRNGs without any assumption about their initialization process or the external RNG seeding the DRNG. Examine all operations left open in FCS_RNG.1 Check the parameters assigned in the element FCS_RNG.1.1 (DRG.{1,2,3}.1) for whether they meet the attack potential identified in the vulnerability analysis component, if applicable. Check the parameters assigned in quality claim FCS_RNG.1.2 (DRG.1.3, DRG.{2,3}.4) for whether they meet the attack potential identified in the vulnerability analysis component. Check that the general advice for the specification of random number generation is followed. [DRNG.1-2] Examine the developer description of the DRNG module and check whether it is internally consistent. The evaluator shall examine the evidence provided by the developer as required by [10] in D.2. [DRNG.1-3] Examine that the implementation of the RNG is in accordance with the developer description of the DRNG module. The correct implementation of the deterministic part can be shown by using known answer tests (KAT) and/or by source code review. A rational must be added if only tests are conducted, but the source code is not inspected. If the software implementation of a RNG uses timing loops, there is a risk that compilers remove them as part of optimization. This must be checked by appropriate testing, inspection of the compiler switches, or other appropriate approaches. ##Evaluation Facility_Name page 7 of 16
8 [DRNG.1-4] Examine the developer's demonstration for the quality claim and repeat the tests according to the test suites for DRG.1.4. The calculated test values of each test of the evaluator shall be given. The standard test suites for uniformly-distributed binary sequences support the reproducibility of the functionality tests and the comparability of test results for RNGs in different products under evaluation. The evaluator may use additional statistical test suites if suspicion arises about the quality of output, or properties of the DRNG design. If the seeding procedure described in the guidance documents does not allow for generation of a sufficient quantity of random numbers with which to execute the test suite successfully, the aim of running the test suites cannot be reached. Depending on the TOE, the evaluator should switch off the re-seeding procedure in test mode or write a software program of the DRNG (following the description of the DRNG module in terms of the 6- tuple (S, I, R, φ, ψ, pa ) to generate a sufficient quantity of random numbers for the test suites. [DRNG.1-5] Examine the developer's demonstration/description about the characteristics of the entropy input provided to the DRNG for seeding. The evaluator shall examine that a clearly-stated assumption about the operational environment is provided in the ST and guidance documentation, as appropriate. Possible reasons for insufficient entropy include, but are not limited to: insufficient entropy of the seeding sequence provided to the DRNG for the initial state, inappropriate seeding function generating initial states with low entropy even if the seeding sequence contains sufficient entropy. [DRNG.1-6] Examine the developer's demonstration that the internal states will bear the Min-entropy assigned in DRG.{1,2,3}.1. Possible reasons for insufficient entropy include but are not limited to: small internal state space, reduction of the entropy of the internal state due to state transition function, reduction of the entropy of the internal state due to long lifetime of the DRNG instantiations. Any use of DRNG output is prevented until the condition for seeding is met. Reseeding the DRNG may be enforced if the entropy of the internal state might not have sufficient entropy. ##Evaluation Facility_Name page 8 of 16
9 The 'requirements for seeding' have to be assigned in DRG.{1,2,3}.1 and in DRG.1.3, DRG.{2,3}.4. The evaluator has to examine both assignments for inconsistency. [DRNG.1-7] Examine the developer's demonstration for the claimed security capability DRG.{1,2,3}.2 [DRNG.1-8] Examine the developer's demonstration for the quality claim for DRG.1.3, DRG.{2, 3}.4 [DRNG.1-9] Examine the developer's demonstration and evaluate (using independent penetration tests) whether the RNG is protected from tampering, monitoring and/or misuse. This is done by observing or controlling the external interfaces to determine whether the procedures described in the guidance documents are followed. This includes the protection of the internal state and the RNG output (if necessary) both during operation and while the TOE is switched off. The evaluator shall examine the results of all penetration testing to determine whether the TOE, in its operational environment, is resistant to an attacker possessing an attack potential identified in the ST as described in the CEM for AVA_VAN.{1,2,3,4} and in the scheme documents for AVA_VAN.5 [7]. The following aspects of attacks on DRNG's external interfaces should be considered (not limited): Tampering with the seeding process in order to prevent seeding. Replay of the seeding sequence in order to repeat the initial state and, therefore, the output. For example, if the TSF implements different DRNG instantiations (e.g., for different entities), it shall be examined whether each instantiation uses different internal states. Manipulation of the seeding sequence in order to reduce the entropy or even set it to a known sequence. There exist effective methods to determine the initial state of an autonomous DRNG, e.g., rainbow tables 1. Tampering with the state transition function or preventing the update of the internal state, (i.e., physical interfaces), and electromagnetic emanation due to their physical value and timing behaviour. 1 Rainbow tables might be useful for guessing passwords and are implemented in some programs, e.g., Ophcrack or RainbowCrack. ##Evaluation Facility_Name page 9 of 16
10 Running the DRNG in the user space of the operational memory of a personal computer allows an attacker to compromise or manipulate the internal state or the output. Tampering with the output function (e.g., replay, setting known output). Illicit information flow might include side channel attacks using information contained in any signals, like power consumption and output ports. [DRNG.1-10] Examine the developer's documents for the secure installation of the DRNG, secure preparation of the operational environment and secure seeding of the DRNG. Examine: the requirements for the seeds necessarily provided for the installation of the DRNG, the security measures to protect the confidentiality and integrity of the seed and prevent misuse of the seeding process. Misuse might arise from incomplete guidance documentation, unreasonable guidance, and unintended misconfiguration of the TOE. Address the security problem definition to determine that it describes the assumptions about the operational environment of the TOE and development guidance. 2.2 Examination of DRG.2 If the RNG belongs to class DRG.2, the evaluator is expected to handle the work units listed below. To avoid unnecessary repetitions due to several identical work units being part of multiple components, each component begins with a table that displays the changes from the hierarchically-lower ordered components. This table must include exact references. DRNG.2-1 same as DRNG.1-1 DRNG.2-2 DRNG.2-3 DRNG.2-4 DRNG.2-5 DRNG.2-6 DRNG.2-7 same as DRNG.1-2 same as DRNG.1-3 DRNG.1-4 enhanced same as DRNG.1-5 same as DRNG.1-6 same as DRNG.1-7 ##Evaluation Facility_Name page 10 of 16
11 DRNG.2-8 DRNG.2-9 DRNG.2-10 DRNG.2-11 same as DRNG.1-8 same as DRNG.1-9 same as DRNG.1-10 [DRNG.2-4] Examine the developer's demonstration for the quality claim and repeat the tests according to the test suites for DRG.{2,3}.5 See DRNG.1-4. In addition, examine whether the theoretical arguments about both the proposed statistical properties of the RNG output function and the used assumptions are reasonable. [DRNG.2-11] Examine the developer's demonstration for the claimed security capability DRG Examination of DRG.3 If the RNG belongs class DRG.3, the evaluator is expected to handle the work units listed below. To avoid unnecessary repetitions due to several identical work units being part of multiple components, each component begins with a table that displays the changes from the hierarchically-lower ordered components. This table must include exact references. DRNG.3-1 same as DRNG.2-1 DRNG.3-2 DRNG.3-3 DRNG.3-4 same as DRNG.2-2 same as DRNG.2-3 same as DRNG.2-4 ##Evaluation Facility_Name page 11 of 16
12 DRNG.3-5 DRNG.3-6 DRNG.3-7 DRNG.3-8 DRNG.3-9 DRNG.3-10 DRNG.3-11 same as DRNG.2-5 same as DRNG.2-6 same as DRNG.2-7 same as DRNG.2-8 same as DRNG.2-9 same as DRNG.2-10 DRNG.2-11 enhanced [DRNG.3-11] Examine the developer's demonstration for the claimed security capability DRG Indications for Potential Vulnerabilities ##The evaluator did not find any potential vulnerabilities indicated by the current evaluation aspect. 2.5 Missing Information ##There is no further information, which the developer/sponsor has to provide. ##In the case of the verdict inconclusive, the evaluator is expected to put some issues into the sections Missing Information or Questions to /Conditions on the Developer of his/her single evaluation report, cf. AIS Questions to / Conditions on the Developer ##There are no questions, recommendations to, or conditions on the developer. ##In the case of the verdict inconclusive, the evaluator is expected to put some issues into the sections Missing Information or Questions to / Conditions on the Developer of his/her single evaluation report, cf. AIS14. ##Evaluation Facility_Name page 12 of 16
13 2.7 Necessary Changes/Improvements ##There are no changes that should be done by the developer. ##In the case of the verdict fail, the evaluator is expected to put some issues into the section Necessary Changes/Improvements of his/her single evaluation report, cf. AIS Effects on other Documents ##There are no effects on other documents. ##Evaluation Facility_Name page 13 of 16
14 3 Annex 3.1 Glossary and list of acronyms term Deterministic RNG Entropy Random number generator (RNG) Seed True RNG definition / explanation An RNG that produces random numbers by applying a deterministic algorithm to a randomly selected seed and, possibly, on additional external inputs. The entropy of a random variable X is a mathematical measure of the amount of information gained by an observation of X. A group of components or an algorithm that outputs sequences of discrete values (usually represented as bit strings). Value used to initialize the internal state of an RNG. A device or mechanism for which the output values depend on some unpredictable source (noise source, entropy source) that produces entropy. abbreviation term definition / explanation DRNG Deterministic RNG EAL Evaluation Assurance Level PP Protection Profile refer to [CC part 1] RNG Random Number Generator ST Security Target refer to [CC part 1] TOE Target of Evaluation TSF TOE Security Functionality SFR Security Functional Requirement 3.2 Bibliography Criteria and Methodology [1] Common Criteria for Information Technology Security Evaluation, Part 1: Introduction and general model, September 2012, Version 3.1, Revision 4, CCMB [2] Common Criteria for Information Technology Security Evaluation, Part 2: Security functional components, September 2012, Version 3.1, Revision 4, CCMB [3] Common Criteria for Information Technology Security Evaluation, Part 3: Security assurance components, September 2012, Version 3.1, Revision 4, CCMB ##Evaluation Facility_Name page 14 of 16
15 [4] Common Methodology for Information Technology Security Evaluation, Evaluation methodology, September 2012, Version 3.1, Revision 4, CCMB [5] Anwendungshinweise und Interpretationen zum Schema, AIS 14: Anforderungen an Aufbau und Inhalt der ETR-Teile für Evaluationen nach CC, Version 6, , Bundesamt für Sicherheit in der Informationstechnik [6] Anwendungshinweise und Interpretationen zum Schema, AIS 19: Anforderungen an Aufbau und Inhalt der Zusammenfassung des ETR für Evaluationen nach CC und ITSEC, Version 6, , Bundesamt für Sicherheit in der Informationstechnik [7] Anwendungshinweise und Interpretationen zum Schema, AIS 34: Evaluation Methodology for CC Assurance Classes for EAL5+, [8] W. Killmann, W. Schindler, A proposal for: Functionality classes for random number generators, Version 2.0, September 18, 2011 [9] Evaluation of Random Number Generators, Version 0.10 [10] Developer evidence for the evaluation of a deterministic random number generator, Version 0.9, February 28, 2013 Legislatives and Standards ## or none Developer Documents [ST] ##Title ST, ##Author, Version ##, ##Date [FSP] ##Title Functional Specification, ##Author, Version ##, ##Date [TDS] ##Title TOE Design Specification, ##Author, Version ##, ##Date [ALC] ##Title Life-Cycle Documentation, ##Author, Version ##, ##Date [ACM] ##Title Configuration Management Documentation, ##Author, Version ##, ##Date [CLIST] ##Title Configuration List, ##Author, Version ##, ##Date [DVS] ##Title Development Site Security Documentation, ##Author, Version ##, ##Date [DEL] ##Title Delivery Documentation, ##Author, Version ##, ##Date [OPERG] ##Title Operational Guidance, ##Author, Version ##, ##Date [PREPG] ##Title PREPG (Preparative Guidance), ##Author, Version ##, ##Date Single Evaluation Reports [ATE_IND] ##Title ATE_IND, ##Author, Version ##, ##Date [ALC-CL] ##Title Checklist for site visit, ##Author, Version ##, ##Date ##Or none ##Evaluation Facility_Name page 15 of 16
16 Other documents ## certificates, protection profiles etc. ##Evaluation Facility_Name page 16 of 16
Developer evidence for the evaluation of a deterministic random number generator
Developer evidence for the evaluation of a deterministic random number generator Version: Date: Evaluation Procedure: [Version] [Datum] [BSI-DSZ-CC-xxxx] Author: Qualitätssicherung: [Name(n)] [Name(n)]
More informationBSI-CC-PP for. FIDO Universal Second Factor (U2F) Authenticator, Version 1.0. developed by. Federal Office for Information Security
for FIDO Universal Second Factor (U2F) Authenticator, Version 1.0 developed by Federal Office for Information Security Federal Office for Information Security (BSI), Postfach 20 03 63, 53133 Bonn, Germany
More informationBSI-CC-PP for. Java Card Protection Profile - Open Configuration, Version December developed by. Oracle Corporation
BSI-CC-PP-0099-2017 for Java Card Protection Profile - Open Configuration, Version 3.0.5 December 2017 developed by Oracle Corporation Federal Office for Information Security (BSI), Postfach 20 03 63,
More informationBSI-CC-PP for
for Protection Profile for the Security Module of a Smart Meter Mini-HSM (Mini-HSM Security Module PP) - Schutzprofil für das Sicherheitsmodul des Smart Meter Mini-HSM, V1.0 developed by Federal Office
More informationBSI-CC-PP-0088-V for
BSI-CC-PP-0088-V2-2017 for Base Protection Profile for Database Management Systems (DBMS PP) Version 2.12 and DBMS PP Extended Package - Access History (DBMS PP_EP_AH) Version 1.02 developed by DBMS Working
More informationDeveloper evidence for the evaluation of a physical true random number generator
Developer evidence for the evaluation of a physical true random number generator Version: Date: Evaluation Procedure: [Version] [Datum] [BSI-DSZ-CC-xxxx] Author: Quality Assurance: [Name(n)] [Name(n)]
More informationUpdate of German Guidance for RNG Evaluation. Wolfgang Killmann T-Systems
Update of German Guidance for RNG Evaluation Wolfgang Killmann T-Systems Motivation Why random number generators? Randomness The outcome of random experiments are unpredictable. Outcomes of ideal random
More informationAssurance Continuity Maintenance Report
IFX_CCI_000003h, IFX_CCI_000005h, IFX_CCI_000008h, IFX_CCI_00000Ch, IFX_CCI_000013h, IFX_CCI_000014h, IFX_CCI_000015h, IFX_CCI_00001Ch and IFX_CCI_00001Dh design step H13 including optional software libraries
More informationBSI ADV Transition Guide. from CC V2.3 to CC V3.1. Miriam Serowy. Bundesamt für Sicherheit in der Informationstechnik /
BSI ADV Transition Guide from CC V2.3 to CC V3.1 Miriam Serowy Bundesamt für Sicherheit in der Informationstechnik / Federal Office for Information Security 8 th ICCC Rome / September 2007 Agenda General
More informationBSI-CC-PP for
for Common Criteria PP Configuration Machine Readable Electronic Documents - Optionales Nachladen (Optional Post-Emission Updates) [MR.ED-ON-PP] developed by Federal Office for Information Security Federal
More informationSERTIT-014 CR Certification Report
Sertifiseringsmyndigheten for IT-sikkerhet Norwegian Certification Authority for IT Security SERTIT-014 CR Certification Report Issue 1.0 Fort Fox Hardware Data Diode FFHDD2 CERTIFICATION REPORT - SERTIT
More informationRNGs for Resource-Constrained Devices
RNGs for Resource-Constrained Devices Werner Schindler Bundesamt für Sicherheit in der Informationstechnik (BSI), Bonn, Germany Bochum, November 6, 2017 Outline Crypto for IoT: some general thoughts RNGs
More informationMobile Felica on CX Virgo platform Version 5.0
122 MAINTENANCE REPORT MR1 (supplementing Certification Report No. CRP298) Mobile Felica on Sm@rtSIM CX Virgo platform Version 5.0 Issue 1.0 September 2017 Crown Copyright 2017 All Rights Reserved Reproduction
More informationApplication Notes and Interpretation of the Scheme (AIS)
Application Notes and Interpretation of the Scheme (AIS) AIS 34, Version 3 Date: 03.09.2009 Status: Subject: Publisher: Effective Evaluation Methodology for CC Assurance Classes for EAL5+ (CC v2.3 & v3.1)
More informationCertification Report
Certification Report EAL 2+ Evaluation of McAfee Enterprise Mobility Management 9.7 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification
More informationFED 5. Certification Report
KECS-CR-18-09 FED 5 Certification Report Certification No.: KECS-CISS-0858-2018 2018. 3. 27. IT Security Certification Center Certification Report Page 1 No. Date History of Creation and Revision Revised
More informationGermany and The Netherlands Certification of cryptographic modules
Germany and The Netherlands Certification of cryptographic modules Leo Kool (Msc), Brightsight 18 May 2016, kool@brightsight.com Outline CC and Schemes Evaluation Process and Reporting forms (NSCIB, BSI)
More informationBSI-PP for. Protection Profile Waste Bin Identification Systems (WBIS-PP) Version developed by. Deutscher Städte- und Gemeindenbund
Bundesamt für Sicherheit in der Informationstechnik BSI-PP-0010-2004 for Protection Profile Waste Bin Identification Systems (WBIS-PP) Version 1.04 developed by Deutscher Städte- und Gemeindenbund - Bundesamt
More informationTNO CERTIFICATION. NSCIB-CC Certification Report. Fort Fox Hardware Data Diode, version FFHDD2
TNO CERTIFICATION Laan van Westenenk 501 P.O. Box 541 7300 AM Apeldoorn The Netherlands Phone +31 55 5493468 Fax +31 55 5493288 E-mail: Certification@certi.tno.nl BTW/VAT NR NL8003.32.167.B01 Bank ING
More informationKorean National Protection Profile for Electronic Document Encryption V1.0 Certification Report
KECS-CR-17-57 Korean National Protection Profile for Electronic Document Encryption V1.0 Certification Report Certification No.: KECS-PP-0821-2017 2017. 8. 18 IT Security Certification Center History of
More informationBSI-PP for. Protection Profile Secure Signature-Creation Device Type 3, Version developed by
BSI-PP-0006-2002 for Protection Profile Secure Signature-Creation Device Type 3, Version 1.05 developed by CEN/ISSS Information Society Standardization System, Workshop on Electronic Signatures - Bundesamt
More informationKorean National Protection Profile for Single Sign On V1.0 Certification Report
KECS-CR-17-58 Korean National Protection Profile for Single Sign On V1.0 Certification Report Certification No.: KECS-PP-0822-2017 2017. 8. 18 IT Security Certification Center History of Creation and Revision
More informationBSI-CC-PP for. Portable Storage Media Protection Profile (PSMPP), Version 1.0. from. Federal Office for Information Security
BSI-CC-PP-0081-2012 for Portable Storage Media Protection Profile (PSMPP), Version 1.0 from Federal Office for Information Security Federal Office for Information Security (BSI), Postfach 20 03 63, 53133
More informationBSI-CC-PP for. Biometric Verification Mechanisms Protection Profile Version 1.3. from. Bundesamt für Sicherheit in der Informationstechnik
for Biometric Verification Mechanisms Protection Profile Version 1.3 from Bundesamt für Sicherheit in der Informationstechnik BSI - Bundesamt für Sicherheit in der Informationstechnik, Postfach 20 03 63,
More informationCertification Report
Certification Report Security Intelligence Platform 4.0.5 Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of
More informationCertification Report
Certification Report Symantec Security Information Manager 4.8.1 Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT Dell EMC Unity OE 4.2 383-4-421 22 September 2017 Version 1.0 Government of Canada. This document is the property of the Government of Canada. It shall not be altered,
More informationCertification Report
Certification Report EAL 2+ Evaluation of Netsight/Network Access Control v3.2.2 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification
More informationSmart TV Security Solution V2.0 for Samsung Knox. Certification Report
KECS-CR-17-82 Smart TV Security Solution V2.0 for Samsung Knox Certification Report Certification No.: KECS-CISS-0846-2017 2017. 12. 27 IT Security Certification Center History of Creation and Revision
More informationJoint Interpretation Library
Object: Define concept and methodology applicable to composite product evaluation. Version 1.5 October 2017 October 2017 Version1.5 Page 1/55 This page is intentionally left blank Page 2/55 Version 1.5
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT Dell Data Protection Encryption Personal Edition Version 8.14.0 383-4-416 2 October 2017 v1.1 Government of Canada. This document is the property of the Government
More informationCertification Report
Certification Report EAL 4+ Evaluation of High Security Labs Secure DVI KVM Switch, Secure KM Switch and Secure KVM Combiner Issued by: Communications Security Establishment Canada Certification Body Canadian
More informationCertification Report
Certification Report EAL 2+ Evaluation of EMC Celerra Network Server Version 5.5 running on EMC Celerra NSX and EMC Celerra NS series Issued by: Communications Security Establishment Certification Body
More informationSPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Certification Report
KECS-CR-12-38 SPass NX V1.0 on S3CT9KW/S3CT9KC/S3CT9K9 Certification Report Certification No.: KECS-ISIS-0394-2012 2012. 6. 15 IT Security Certification Center History of Creation and Revision No. Date
More informationCertification Report
Certification Report McAfee File and Removable Media Protection 4.3.1 and epolicy Orchestrator 5.1.2 Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation
More informationPredictive Assurance
Predictive Assurance Bundesamt für Sicherheit in der Informationstechnik (BSI) (Federal Office for Information Security) 9 ICCC Jeju, Korea September 2008 Irmela Ruhrmann Head of Division Certification,
More informationCertification Report
Certification Report Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada, Communications Security Establishment,
More informationAnnex No. 1 as of April 30, to the certification report. T-Systems-DSZ-ITSEC as of September 24, 2002
Annex No. 1 as of April 30, 2004 to the certification report T-Systems-DSZ-ITSEC-04084-2002 as of September 24, 2002 1 Scope of this annex 1 This annex describes - all changes applied by the vendor to
More informationSmart TV Security Solution V3.0 for Samsung Knox. Certification Report
KECS-CR-18-54 Smart TV Security Solution V3.0 for Samsung Knox Certification Report Certification No.: KECS-CISS-0903-2018 2018. 11. 8 IT Security Certification Center History of Creation and Revision
More informationCertification Report
Certification Report Owl DualDiode Communication Cards v7 Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of
More informationCertification Report
Certification Report Avocent Cybex SwitchView SC Series Switches Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government
More informationCertification Report
Certification Report Koji Nishigaki, Chairman Information-technology Promotion Agency, Japan Target of Evaluation Application date/id 2008-02-12 (ITC-8195) Certification No. C0189 Sponsor Panasonic Communications
More informationMobiledesk VPN v1.0 Certification Report
KECS-CR-11-64 Mobiledesk VPN v1.0 Certification Report Certification No.: KECS-NISS-0356-2011 2011. 12. 29 IT Security Certification Center History of Creation and Revision No. Date Revised Pages 00 2011.12.29
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT CA Technologies CA API Gateway v9.2 10 October 2017 383-4-417 V 1.0 Government of Canada. This document is the property of the Government of Canada. It shall not be
More informationBSI-DSZ-CC for. NXP Secure Smart Card Controller N7021 VA including IC Dedicated Software. from. NXP Semiconductors Germany GmbH
BSI-DSZ-CC-0977-2017 for NXP Secure Smart Card Controller N7021 VA including IC Dedicated Software from NXP Semiconductors Germany GmbH BSI - Bundesamt für Sicherheit in der Informationstechnik, Postfach
More informationBSI-CC-PP for. Machine-Readable Electronic Documents based on BSI TR for Official Use (MR.ED-PP), Version 1.01.
BSI-CC-PP-0087-2015 for Machine-Readable Electronic Documents based on BSI TR-03110 for Official Use (MR.ED-PP), Version 1.01 from Federal Office for Information Security (BSI) Federal Office for Information
More informationCertification Report
Certification Report Nutanix Virtual Computing Platform v3.5.1 Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government
More informationCertification Report
Certification Report Koji Nishigaki, Chairman Information-technology Promotion Agency, Japan Target of Evaluation Application date/id 2008-03-25 (ITC-8210) Certification No. C0220 Sponsor Hitachi, Ltd.
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT Lexmark CX920, CX921, CX922, CX923, CX924, XC9235, XC9245, XC9255, and XC9265 Multi-Function Printers 7 February 2018 383-4-434 V1.0 Government of Canada. This document
More informationBSI-CC-PP for. Common Criteria Protection Profile Digital Tachograph - Smart Card (Tachograph Card), Version from
BSI-CC-PP-0070-2011 for Common Criteria Protection Profile Digital Tachograph - Smart Card (Tachograph Card), Version 1.02 from Bundesamt für Sicherheit in der Informationstechnik Federal Office for Information
More informationComposite Evaluation for Smart Cards and Similar Devices
Composite Evaluation for Smart Cards and Similar Devices ISCI-WG1 and T-Systems GEI GmbH Composite EAL Certificate 25th-27th September, 2007, page 1. What are we speaking about? Motivation Terminology
More informationCommon Methodology for Information Technology Security Evaluation CEM-99/045. Part 2: Evaluation Methodology
Common Methodology for Information Technology Security Evaluation CEM-99/045 Part 2: Evaluation Methodology August 1999 Foreword This document, version 1.0 of the Common Methodology for Information Technology
More informationCertification Report
Certification Report Standard Edition v2.8.2 RELEASE Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of
More informationBSI-DSZ-CC-S for. Giesecke & Devrient Secure Data Management GmbH, Austraße 101b, Neustadt bei Coburg. Giesecke & Devrient GmbH
BSI-DSZ-CC-S-0058-2016 for Giesecke & Devrient Secure Data Management GmbH, Austraße 101b, 96465 Neustadt bei Coburg of Giesecke & Devrient GmbH BSI - Bundesamt für Sicherheit in der Informationstechnik,
More informationIT Security Evaluation and Certification Scheme Document
IT Security Evaluation and Certification Scheme Document June 2015 CCS-01 Information-technology Promotion Agency, Japan (IPA) IT Security Evaluation and Certification Scheme (CCS-01) i / ii Table of Contents
More informationCertification Report
Certification Report Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada, Communications Security Establishment,
More informationAssurance Continuity Maintenance Report
Assurance Continuity Maintenance Report Kazumasa Fujie, Chairman Information-technology Promotion Agency, Japan Changed TOE Application date/id 2015-06-16 (ITM-5100) Certification No. C0447 Sponsor Canon
More informationCertification Report
Certification Report EAL 4+ Evaluation of WatchGuard and Fireware XTM Operating System v11.5.1 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT McAfee Policy Auditor 6.4 with epolicy Orchestrator 5.10 5 November 2018 383-4-455 V1.0 Government of Canada. This document is the property of the Government of Canada.
More informationJuniper Networks EX3200 and EX4200 Switches running JUNOS 9.3R2
122-B ASSURANCE MAINTENANCE REPORT MR1 (supplementing Certification Report No. CRP248) Juniper Networks EX3200 and EX4200 Switches running JUNOS 9.3R2 Version 9.3R2 Issue 1.0 February 2009 Crown Copyright
More informationCertification Report
Certification Report EAL 2+ Evaluation of Verdasys Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of
More informationCertification Report
Certification Report EMC VNX OE for Block v05.33 and File v8.1 with Unisphere v1.3 running on VNX Series Hardware Models VNX5200, VNX5400, VNX5600, VNX5800, VNX7600, and VNX8000 Issued by: Communications
More informationCertification Report
Certification Report EAL 4+ Evaluation of JUNOS-FIPS for SRX Series version 10.4R4 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification
More informationCertification Report
Certification Report EMC NetWorker v8.0.1.4 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada,
More informationCertification Report
Certification Report HP 3PAR StoreServ Storage Systems Version 3.2.1 MU3 Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme
More informationCC Part 3 and the CEM Security Assurance and Evaluation Methodology. Su-en Yek Australasian CC Scheme
CC Part 3 and the CEM Security Assurance and Evaluation Methodology Su-en Yek Australasian CC Scheme What This Tutorial Is An explanation of where Security Assurance Requirements fit in the CC evaluation
More informationCertification Report
Certification Report Koji Nishigaki, Chairman Information-technology Promotion Agency, Japan Target of Evaluation Application date/id 2009-09-30 (ITC-9272) Certification No. C0250 Sponsor Fuji Xerox Co.,
More informationAustralasian Information Security Evaluation Program
Australasian Information Security Evaluation Program Certification Report 2012/78 2 May 2012 Version 1.0 Commonwealth of Australia 2012. Reproduction is authorised provided that the report is copied in
More informationBSI-DSZ-CC for. JBoss Enterprise Application Platform Version 4.3 CP03. from. Red Hat
BSI-DSZ-CC-0531-2009 for JBoss Enterprise Application Platform Version 4.3 CP03 from Red Hat BSI - Bundesamt für Sicherheit in der Informationstechnik, Postfach 20 03 63, D-53133 Bonn Phone +49 (0)228
More informationBSI-DSZ-CC for
BSI-DSZ-CC-0945-2017 for IFX_CCI_000003h, IFX_CCI_000005h, IFX_CCI_000008h, IFX_CCI_00000Ch, IFX_CCI_000013h, IFX_CCI_000014h, IFX_CCI_000015h, IFX_CCI_00001Ch and IFX_CCI_00001Dh design step H13 including
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT EMC VPLEX v5.5 Version 1.0 11 May 2016 FOREWORD This certification report is an UNCLASSIFIED publication, issued under the authority of the Chief, Communications Security
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT McAfee Data Loss Prevention 11.0 with epolicy Orchestrator 5.9.0 4 January 2018 383-4-429 Version 1.0 Government of Canada. This document is the property of the Government
More informationBSI-CC-PP-0053-V for. Security Module Card Type B (PP-SMC-B), Version 1.2. developed on behalf of the. Federal Ministry of Health, Germany
BSI-CC-PP-0053-V2-2009 for Security Module Card Type B (PP-SMC-B), Version 1.2 developed on behalf of the Federal Ministry of Health, Germany BSI - Bundesamt für Sicherheit in der Informationstechnik,
More informationCertification Report
Certification Report EAL 2+ Evaluation of McAfee Deep Defender 1.0.1 and epolicy Orchestrator 4.6.1 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation
More informationCertification Report
Certification Report EAL 3+ Evaluation of Xerox WorkCentre 5632/5638/5645/5655/5665/5675/5687 Multifunction Systems Issued by: Communications Security Establishment Canada Certification Body Canadian Common
More informationRedCastle v3.0 for Asianux Server 3 Certification Report
KECS-CR-08-21 RedCastle v3.0 for Asianux Server 3 Certification Report Certification No.: KECS-CISS-0104-2008 April 2008 IT Security Certification Center National Intelligence Service This document is
More informationCertification Report
Certification Report EAL 2+ Evaluation of Service Router Operating System (SR OS) v7.0 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and
More informationCertification Report
Certification Report EAL 3+ Evaluation of Juniper Networks M-Series Multiservice Edge Routers, MX-Series 3D Universal Edge Routers, T-Series Core Routers and EX-Series Ethernet Switches running JUNOS 11.4R2
More informationCertification Report
Certification Report Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada, Communications Security
More informationCertification Report
Certification Report McAfee Management for Optimized Virtual Environments Antivirus 3.0.0 with epolicy Orchestrator 5.1.1 Issued by: Communications Security Establishment Certification Body Canadian Common
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT Dell EMC Elastic Cloud Storage v3.2 15 May 2018 383-4-439 V1.0 Government of Canada. This document is the property of the Government of Canada. It shall not be altered,
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT VMware Horizon 6 version 6.2.2 and Horizon Client 3.5.2 12 August 2016 v1.0 File Number 383-4-356 Government of Canada. This document is the property of the Government
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT CA Privileged Access Manager Version 2.5.5 v1.2 8 August 2016 FOREWORD This certification report is an UNCLASSIFIED publication, issued under the authority of the Chief,
More informationBSI-CC-PP for. Common Criteria Protection Profile Electronic Identity Card (ID_Card PP), Version from
BSI-CC-PP-0061-2009 for Common Criteria Protection Profile Electronic Identity Card (ID_Card PP), Version 1.03 from Bundesamt für Sicherheit in der Informationstechnik BSI - Bundesamt für Sicherheit in
More informationCertification Report
Certification Report EAL 2+ Evaluation of Data ONTAP Version 7.2.5.1 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification Scheme
More informationCertification Report
Certification Report McAfee Enterprise Security Manager with Event Receiver, Enterprise Log Manager, Advanced Correlation Engine, Application Data Monitor and Database Event Monitor 9.1 Issued by: Communications
More informationCertification Report
Certification Report EAL 4 Evaluation of Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada, Communications
More informationCertification Report
Certification Report Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada, Communications Security Establishment,
More informationAssurance Continuity Maintenance Report
Assurance Continuity Maintenance Report Buheita Fujiwara, Chairman Information-Technology Promotion Agency, Japan Changed TOE Application date/id Certification No. Sponsor Name of TOE / Version of TOE
More informationCertification Report
Certification Report EMC Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada, Communications Security Establishment,
More informationAhnLab TrusGuard V2.2 Certification Report
KECS-CR-13-28 AhnLab TrusGuard V2.2 Certification Report Certification No.: KECS-NISS-0459-2013 2013. 8. 12 IT Security Certification Center History of Creation and Revision No. Date Revised Pages 00 2013.8.12
More informationCertification Report
Certification Report Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada, Communications Security Establishment,
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT Ixia NTO 7303 and Vision ONE v4.5.0.29 30 October 2017 383-4-409 1.0 Government of Canada. This document is the property of the Government of Canada. It shall not be
More informationSERTIT-086 CR Certification Report
Sertifiseringsmyndigheten for IT-sikkerhet Norwegian Certification Authority for IT Security SERTIT-086 CR Certification Report Issue 1.0 THD88/M2064 Secure Microcontroller with CERTIFICATION REPORT -
More informationAssurance Continuity Maintenance Report
Assurance Continuity Maintenance Report Buheita Fujiwara, Chairman Information-Technology Promotion Agency, Japan Changed TOE Application date/id Certification No. Sponsor Name of TOE / Version of TOE
More informationCertification Report. EAL 4+ (ALC_DVS.2) Evaluation of TÜBİTAK BİLGEM UEKAE. AKİS v1.4i PASAPORT
Certification Report EAL 4+ (ALC_DVS.2) Evaluation of TÜBİTAK BİLGEM UEKAE AKİS v1.4i PASAPORT issued by Turkish Standards Institution Common Criteria Certification Scheme SOFTWARE TEST and CERTIFICATION
More informationCC and CEM addenda. Exact Conformance, Selection-Based SFRs, Optional SFRs. May Version 0.5. CCDB xxx
CC and CEM addenda Exact Conformance, Selection-Based SFRs, Optional SFRs May 2017 Version 0.5 CCDB-2017-05-xxx Foreword This is a DRAFT addenda to the Common Criteria version 3.1 and the associated Common
More informationSite Certification another step to improve the CC process and to reduce costs
another step to improve the CC process and to reduce costs Hans-Gerd Albertsen, NXP Semiconductors Germany GmbH Jürgen Noller, Infineon Technologies AG 9th ICCC, Sep 23-25, Jeju, Korea 1 Agenda Motivation
More informationTÜBİTAK BİLGEM UEKAE UKİS
Certification Report EAL 4+ (AVA_VAN.5) Evaluation of TÜBİTAK BİLGEM UEKAE UKİS v2.2.8h issued by Turkish Standards Institution Common Criteria Certification Scheme Certificate Number: 21.0.03/TSE-CCCS-34
More informationCertification Report Arbit Data Diode 2.0
Ärendetyp: 6 Diarienummer: 15FMV10190-35:1 Dokument ID CSEC-37-1072 HEMLIG/ enligt Offentlighets- och sekretesslagen (2009:400) 2016-10-13 Country of origin: Sweden Försvarets materielverk Swedish Certification
More information