Lee, June Ho Junior Researcher Korea Information Security Agency
|
|
- Toby Cannon
- 5 years ago
- Views:
Transcription
1 Lee, June Ho Junior Researcher Korea Information Security Agency
2 Contents I II III IV V VI Background PP Introduction Security environment Security objectives IT security requirements Future work
3 I Background 2
4 I. Background (1/5) Selection of of PP development target The research on the government and public institutional demand for security product 0 Anti-virus ESM Anti-spam The analysis of domestic IT field in Anti-virus ESM Anti-spam The analysis of foreign IT field in Anti-virus Application security Anti-spam Anti-virus, Anti-spam, ESM, Wireless LAN 3
5 I. Background (2/5) Schedule 2006 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Explanatory meeting Frist meeting Second meeting Third meedting Public review Evaluation/ Certification 4
6 I. Background (3/5) Anti-spam mail techniques Gathering addresses Internet Receive spam mail Spammer Sendspam mail User 5
7 I. Background (4/5) Anti-spam mail techniques Packet-based inspection -Whitelist -Whitelist -Blacklist -Blacklist -RBL -RBL -Etc. -Etc. Authentication-based inspection -SPF, -SPF, Sender-ID Sender-ID -DKIM -DKIM -Challenge/Response -Challenge/Response -Etc. -Etc. Legacy mail Content-based inspection -Keyword -Keyword -B -Bayesian ayesian -Etc. -Etc. Spam mail 6
8 I. Background (5/5) Anti-spam mail techniques Legacy mail User Spam mail Recovery of legacy mail Spam mail qurantine Spam mail list 7
9 II PP Introduction 8
10 II. PP Introduction PP identification Title Assurance Level SOF CC version Network-based Anti-spam Mail System V0.2 EAL4 SOF-basic 2.3 New terms and definition Mail Mail Server Server Anti-spam Anti-spam Mail Mail System System Spam Spam Mail Mail Spam Spam Mail Mail Signature Signature Spam Spam Mail Mail Qurantine Qurantine Spam Spam Mail Mail Signature Signature Update Update Server Server Whitelist Whitelist Blacklist Blacklist 9
11 III Security environment 10
12 III. Security environment (1/4) TOE operational environment Implemented as OS-independent application or as a hardware-unified product Located in front of mail server physically or logically Internet Firewall DMZ Web server Internal Network DNS Spam mail Signature Update Server (SSUS) User PC User PC User PC Mail server Administration program TOE 11
13 III. Security environment (2/4) Assumption Threat OSP A.PhycialSecurity T.Failure P.Audit A.CheckRuleUpdate T.AuditFailure P.Role A.TrustedAdmin T.SpamMail A.HardeningOS T.BruteForceAttack A.Non-bypassibility T.Bypass A.Firewall T.Masquerade T.TamperStoredData T.TamperTransmittedData TE.PoorManage TE.Delivery&Installation 12
14 III. Security environment (3/4) Assumption & OSP A.TrustedAdmin A.Firewall Administrator A.HardeningOS A.CheckRuleUpdate Internet Firewall DMZ Web server Internal Network DNS Spam mail Signature Update Server (SSUS) User PC User PC User PC A.Non-bypassiblity Administration program TOE Mail server P.Audit P.Audit P.Role P.Role A.PhysicalSecurity 13
15 III. Security environment (4/4) Threat Failure Failure AuditFailure AuditFailure SpamMail SpamMail Internet Firewall DMZ Web server BruteForceAttack BruteForceAttack Bypass Bypass Masquerade Masquerade TemperStoredData TemperStoredData TemperTransmittedData TemperTransmittedData Spam mail Signature Update Server (SSUS) User PC Administration program Internal Network User PC User PC TOE DNS Mail server PoorManage PoorManage Delivery&Installation 14
16 IV Security objectives 15
17 IV. Security objectives (1/3) Assumption & OSP Security objectives A.PhysicalSecurity A.CheckRuleUpdate A.TrustedAdmin A.HardeningOS A.Non-bypassibility A.Firewall P.Audit P.Role OE.PhysicalSecurity OE.CheckRuleUpdate OE.TrustedAdmin OE.HardeningOS OE.Non-bypassibility OE.Firewall O.Audit, OE.AuditBackup, OE.Timestamp O.Manage, O.Role 16
18 IV. Security objectives (2/3) Threat Security objectives T.Failure T.AuditFailure T.SpamMail T.BruteForceAttack T.Bypass T.Masquerade T.TamperStoredData T.TamperTransmittedData TE.PoorManage TE.Delivery&Installation O.TSFRecovery O.Audit O.SpamMail O.I&A, OE.TOEAccess O.SpamMail O.I&A, OE.TOEAccess O.Manage, O.ProtectStoredData O.ProtectTransmittedData OE.SecureManage OE.SecureManage 17
19 IV. Security objectives (3/3) O.Audit O.Manage O.SpamMail O.I&A Security objectives for the TOE O.Role O.TSFRecovery O.ProtectStoredData O.ProtectTransmittedData Security objectives for the environment OE.AuditBackup OE.PhysicalSecurity OE.CheckRuleUpdate OE.TOEAccess OE.TrustedAdmin OE.SecureManage OE.HardeningOS OE.Non-bypassibility OE.Firewall OE.Timestamp 18
20 V IT security requirements 19
21 V. IT security requirements (1/16) TOE security functional requirements FAU_GEN.1 FAU_GEN.2 FAU_SAR.1 FAU_SAR.2 FAU_SAR.3 FAU_STG.1 FAU_STG.3 FAU_STG.4 FIA_AFL.1 FIA_ATD.1 FIA_SOS.1 FIA_UAU.1 FIA_UID.1 FMT_SMR.1 FMT_MOF.1 FPT_FLS.1 FPT_TST.1 FTA_SSL.1 32 FMT_MTD.1 FPT_RCV.1 FMT_SMF.1 FPT_RVM.1 FTA_SSL.3 FTP_ITC.1 Explicitly stated IT security requirements FAS_ART.1(Extended) FAS_DTN.1(Extended) FAS_RCV.1(Extended) FAS_RES.1(Extended) FAS_SAR.1(Extended) FAS_SAR.2(Extended) FAS_STG.1(Extended) FAS_STG.2(Extended) 20
22 V. IT security requirements (2/16) Security functional requirement for the IT environment FAU_STG.1 FIA_UAU.2 FIA_UID.2 FPT_AMT.1 FPT_SEP.1 FPT_STM
23 V. IT security requirements (3/16) Security audit FAU_GEN.1 Audit data generation FAU_GEN.1.1 The TSF shall be able to generate an audit record of the following auditable events: a) Start-up and shutdown of the audit functions; b) All auditable events for the minimum level of audit; and c) [ Spam mail detection, spam mail response, spam mail recovery, other audit event { determined by ST author } ] 22
24 V. IT security requirements (4/16) Security Management (1/4) FMT_MOF.1 Management of functions in TSF FMT_MOF.1.1 The TSF shall restrict the ability to [selection: determine the behaviour of, disable, enable, modify the behaviour of] the functions [ a) Spam mail detection, alert, response, recovery b) Security audit c) Identification and authentication d) Security management e) Other list of functions { determined by the ST author } ] to [ the authorized administrator ]. 23
25 V. IT security requirements (5/16) Security Management (2/4) FMT_MTD.1(1) Management of TSF data FMT_MTD.1.1 The TSF shall restrict the ability to [selection: change_default, query, modify, delete, clear,[assignment: other operations]] the [ a) Whitelist b) Blacklist c) Signature d) Other TSF data { determined by the ST author } ] to [ the authorized administrator ]. 24
26 V. IT security requirements (6/16) Security Management (3/4) FMT_MTD.1(2) Management of TSF data FMT_MTD.1.1 The TSF shall restrict the ability to [selection: change_default, query, modify, delete, clear,[assignment: other operations]] the [ a) Whitelist b) Blacklist c) Other TSF data { determined by the ST author } ] to [ the authorized users ]. 25
27 V. IT security requirements (7/16) Security Management (4/4) FMT_SMR.1 Security roles FMT_SMR.1.1 The TSF shall maintain the roles [ a) The authorized administrator { determined by the ST author } b) The authorized user { determined by the ST author } ]. 26
28 V. IT security requirements (8/16) Protection of the TSF (1/2) FPT_FLS.1 Failure with preservation of secure state FPT_FLS.1.1 The TSF shall preserve a secure state when the following types of failures occur: [assignment: list of types of failures in the TSF]. FPT_RCV.1 Manual recovery FPT_RCV.1.1 After [assignment: list of failures/service discontinuities] the TSF shall enter a maintenance mode where the ability to return to a secure state is provided. 27
29 V. IT security requirements (9/16) Protection of the TSF (2/2) FPT_TST.1 TSF testing FPT_TST.1.1 The TSF shall run a suite of self tests [selection: during initial start-up, periodically during normal operation, at the request of the authorized user, at the conditions[assignment: conditions under which self test shoud occur]] to demonstrate the correct operation of [selection: [assignment: parts of TSF], the TSF]. FPT_TST.1.2 The TSF shall provide authorised users with the capability to Verify the integrity of [selection: [assignment: parts of TSF], TSF data]. FPT_TST.1.3 The TSF shall provide authorised users with the capability to Verify the integrity of stored TSF executable code. 28
30 V. IT security requirements (10/16) Trusted path/channels (1/2) FTP_ITC.1 Inter-TSF trusted channel (1/2) FTP_ITC.1.1 The TSF shall provide a communication channel between itself and a remote trusted IT product that is logically distinct from other communication channels and provides assured identification of its end points and protection of the channel data from modification or disclosure. FTP_ITC.1.2 The TSF shall permit [selection: the TSF, the remote trusted IT product] to initiate communication via the trusted channel. 29
31 V. IT security requirements (11/16) Trusted path/channels (2/2) FTP_ITC.1 Inter-TSF trusted channel (2/2) FTP_ITC.1.3 The TSF shall initiate communication via the trusted channel for [ a) Security management between TOE and remote management program b) Signature management between TOE and remote SSUS c) Other security management { determined by the ST author } ]. 30
32 V. IT security requirements (12/16) Anti-spam mail (1/5) FAS_ART.1(Extended) Spam mail alert FAS_ART.1.1 The TSF shall report list of information of spam mail which was detected by contents-based inspection, and provide the following items: a) Detection date b) subject c) Information of sender d) Other information { determined by the ST author } 31
33 V. IT security requirements (13/16) Anti-spam mail (2/5) FAS_DTN.1(Extended) Spam mail detection FAS_DTN.1.1 The TSF shall detect spam mail using the following functions: a) packet-based inspection : a function which inspects s using sender s IP/ address b) contents-based inspection : a function which inspects s subject or contents using signature c) authentication-based inspection : a function which inspects sender using authentication mechanism 32
34 V. IT security requirements (14/16) Anti-spam mail (3/5) FAS_RCV.1(Extended) Spam mail recovery FAS_RCV.1.1 When an user selects an from the list of spam mail which was transferred by FAS_ART.1.1 and requests for recovery of the , the TSF shall ensure that the is recovered from the spam mail quarantine FAS_RES.1(Extended) Spam mail response FAS_RES.1.1 The TSF shall take the following actions upon detection of a spam mail : a) Quarantine spam mail b) Other response action { determined by the ST author } 33
35 V. IT security requirements (15/16) Anti-spam mail (4/5) FAS_SAR.1(Extended) Spam mail quarantine review FAS_SAR.1.1 The TSF shall provide an authorized administrator with the capability to read spam mails stored in spam mail qurantine. FAS_SAR.1.2 The TSF shall provide spam mail information in a manner suitable for the authorized administrator to interpret the information. FAS_SAR.2(Extended) Selectable spam mail quarantine review FAS_SAR.2.1 The TSF shall provide the ability to perform [selection: searches,sorting,ordering] of spam mails stored in spam mail quarantine based on [assignment: criteria with logical relations]. 34
36 V. IT security requirements (16/16) Anti-spam mail (5/5) FAS_STG.1(Extended) Protected spam mail quarantine FAS_STG.1.1 The TSF shall protect the spam mail stored in spam mail quarantine from unauthorised deletion. FAS_STG.2(Extended) Action in case of possible spam mail quarantine data loss FAS_STG.2.1 The TSF shall take [selection: overwrite the oldest stored spam mail, [assignment: other actions to be taken in case of possible spam mail quarantine failure]] if the spam mails stored in spam mail quarantine exceeds [assignment: pre-defined limit]. 35
37 VI Future work 36
38 VI. Future work 2006 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Explanatory meeting Frist meeting Second meeting Third meedting Public review Evaluation/ Certification Explanatory meeting 37
39
Network Intrusion Prevention System Protection Profile V1.1 Certification Report
KECS-CR-2005-04 Network Intrusion Prevention System Protection Profile V1.1 Certification Report Certification No. : CC-20-2005.12 12, 2005 National Intelligence Service This document is the certification
More informationFirewall Protection Profile V2.0 Certification Report
KECS-CR-08-10 Firewall Protection Profile V2.0 Certification Report Certification No. : KECS-PP-0093-2008 Apr, 2008 National Intelligence Service IT Security Certification Center This document is the certification
More informationRICOH Remote Communication Gate A2 Security Target
RICOH Remote Communication Gate A2 Security Target Author : RICOH Date : 2016-11-10 Version : 0.42 This document is a translation of the evaluated and certified security target written in Japanese. Page
More informationSecure MFP Protection Profile - Lite
Page 1 of 22 Secure MFP Protection Profile - Lite Author: Yusuke OHTA, Ricoh Company, Ltd. Date: 2004/04/13 Version: 1.0e Page 2 of 22 Revision History Version Date Author Description 1.0 2002/11/29 Yusuke
More informationWINS Technet. SNIPER IPS V5.0 (E2000) Security Target. Version /03/20. WINS Technet. CO., Ltd
WINS Technet SNIPER IPS V5.0 (E2000) Security Target Version 1.4 2006/03/20 WINS Technet. CO., Ltd Summary This document is the security target of a network intrusion prevention system. (TOE : SNIPER IPS,
More informationComputer Associates. Security Target V2.0
Computer Associates etrust Single Sign-On V7.0 Security Target V2.0 October 20, 2005 Suite 5200 West 7925 Jones Branch Drive McLean, VA 22102-3321 703 848-0883 Fax 703 848-0985 SECTION TABLE OF CONTENTS
More informationSecurity Target for Symantec Enterprise Firewall Version 7.0 For Windows NT
. Security Target for Symantec Enterprise Firewall Version 7.0 For Windows NT Reference: T349\ST Version: 2.0 Europe: USA: Symantec (UK) Ltd Symantec Corporation Apex House 266 Second Avenue 4A-10 West
More informationRemote Communication Gate A
Page 1 of 41 Remote Communication Gate A Security Target Author: RICOH COMPANY, LTD. Date: 2010-09-27 Version: 1.00. This document is a translation of the evaluated and certified security target written
More informationMulti-Functional Printer (Digital Copier) 7145 Series Security Target Version 13
Multi-Functional Printer (Digital Copier) 7145 Series Security Target Version 13 This document is a translation of the security target written in Japanese which has been evaluated and certified. The Japan
More informationHP-UX 11i v2 Security Target
HP-UX 11i v2 Security Target Against the Controlled Access Protection Profile (CAPP) And the Role Based Access Control (RBAC) Protection Profile Version 2.0 May 15, 2006 Sponsored by: Hewlett-Packard Prepared
More informationSymantec Data Loss Prevention 14.5
Symantec Data Loss Prevention 14.5 Evaluation Assurance Level (EAL): EAL2+ Doc No: 1943-000-D102 Version: 1.2 15 November 2016 Symantec Corporation 303 2 nd Street 1000N San Francisco, CA 94107 United
More informationwebmethods Fabric 6.5 EAL2 Common Criteria Evaluation Security Target V December 2005
webmethods Fabric 6.5 EAL2 Common Criteria Evaluation Security Target V1.0 12 December 2005 Prepared for: webmethods, Inc. 3877 Fairfax Ridge Road, Fairfax, VA 22030 http://www.webmethods.com/ Unclassified
More informationHP-UX 11i v3 Common Criteria Security Target
HP-UX 11i v3 Common Criteria Security Target Against the Controlled Access Protection Profile (CAPP) And the Role Based Access Control (RBAC) Protection Profile Prepared by: Project Manager: Project Document
More informationElectronic Health Card Terminal (ehct)
Common Criteria Protection Profile Electronic Health Card Terminal (ehct) BSI-CC-PP-0032 Approved by the Federal Ministry of Health Foreword This Protection Profile - Protection Profile electronic Health
More informationSterling Commerce, Inc. Connect:Direct with Secure+ Option. v4.5 on IBM OS/390 and z/os
Connect:Direct with Secure+ Option v4.5 on IBM OS/390 and z/os Document Version 0.1 Prepared for: 750 W. John Carpenter Freeway Irving, TX 75039 Prepared by: Corsec Security, Inc. 10340 Democracy Lane,
More informationDecember 17, Revision Document Number: E2-ST
Security Target For Blue Ridge Networks BorderGuard Centrally Managed Embedded PKI Virtual Private Network (VPN) Firmware Release 6.2 and VPN Manager Application Software Release 2.2 Revision 1.10 December
More informationSterling Commerce, Inc. Connect:Direct with Secure+ Option. v3.7 running on UNIX and v4.2 on Windows
Connect:Direct with Secure+ Option v3.7 running on UNIX and v4.2 on Windows Document Version 0.6 Prepared for: 750 W. John Carpenter Freeway Irving, TX 75039 Prepared by: Corsec Security, Inc. 10340 Democracy
More informationNWAS Java 7.02 Security Target
NWAS Java 7.02 Security Target Version 1.16 2010-12-20 Table of Content: 2010-12-20... 1 1 ST Introduction... 4 1.1 ST and TOE Identification... 4 1.2 TOE Overview... 5 1.3 TOE Description... 5 1.3.1 Product
More informationCommon Criteria for Information Technology Security Evaluation. Part 2: Security functional components. April Version 3.
Common Criteria for Information Technology Security Evaluation Part 2: Security functional components April 2017 Version 3.1 Revision 5 CCMB-2017-04-002 Foreword This version of the Common Criteria for
More informationSECURITY TARGET FOR THE INTELLITACTICS INCORPORATED NETWORK SECURITY MANAGER (NSM ) VERSION 4.1
SECURITY TARGET FOR THE INTELLITACTICS INCORPORATED NETWORK SECURITY MANAGER (NSM ) VERSION 4.1 EWA-Canada Document No. 1447-011-D001 Version 1.13, 18 November 2004 Prepared for: Intellitactics Incorporated
More informationSecurity Target. McAfee Management for Optimized Virtual Environments (MOVE) Antivirus 3.0 with epolicy Orchestrator 5.1.1
Security Target McAfee Management for Optimized Virtual Environments (MOVE) Antivirus 3.0 with epolicy Orchestrator 5.1.1 Document Version: 1.3 Date: November 7, 2014 Prepared For: McAfee, Inc. 2821 Mission
More informationetrust Admin V8.0 Security Target V2.3 Computer Associates 6150 Oak Tree Blvd, Suite 100 Park Center Plaza II Independence, OH 44131
etrust Admin V8.0 Security Target V2.3 February 2, 2006 Prepared for: Computer Associates 6150 Oak Tree Blvd, Suite 100 Park Center Plaza II Independence, OH 44131 Suite 5200 7925 Jones Branch Drive McLean,
More informationIntrusion Detection System Sensor Protection Profile
Intrusion Detection System Sensor Protection Profile Prepared for National Security Agency 9800 Savage Road Fort Meade MD, 20755 Prepared by Science Applications International Corporation 7125 Gateway
More informationAustralasian Information Security Evaluation Program (AISEP)
Australasian Information Security Evaluation Program (AISEP) Network Device Protection Profile (NDPP) Extended Package for Intrusion Prevention Systems (IPS EP) Version 1.0, dated 26 June 2014 Certification
More informationStillSecure VAM V5.5. Security Target V1.6
StillSecure VAM V5.5 Security Target V1.6 December 13, 2006 Developed by Suite 5200 West 7925 Jones Branch Drive McLean, VA 22102-3321 703 848-0883 Fax 703 848-0960 SECTION TABLE OF CONTENTS PAGE 1 SECURITY
More informationAn Experiment with CC Version 3.0 Migration
An Experiment with CC Version 3.0 Migration Thuy D. Nguyen, Cynthia E. Irvine Department of Computer Science, Naval Postgraduate School Richard M. Harkins Department of Physics, Naval Postgraduate School
More informationTHALES COMMUNICATIONS S. A. INTERNAL COMMUNICATIONS MANAGEMENT SYSTEM
THALES COMMUNICATIONS S. A. SECURITY TARGET INTERNAL COMMUNICATIONS MANAGEMENT SYSTEM Prepared by: IBM Global Services CLEF IBM UK Ltd Meudon House Meudon Avenue Farnborough Hampshire GU14 7NB Date: 23
More informationData Security Kit DA-SC04 Security Target
Data Security Kit DA-SC04 Security Target Version 1.01 May 16, 2008 This document is a translation of the evaluated and certified security target written in Japanese. Panasonic Communications Co., Ltd.
More informationqcrypt-xstream R1.1 Security Target Common Criteria: EAL2
COMMERCIAL-IN-CONFIDENCE qcrypt-xstream R1.1 Security Target Common Criteria: EAL2 Document Revision: 1.0 Document ID: 0001363 Document Date: 16-Mar-15 Document Information Document identification Document
More informationCERTIFICATION REPORT
REF: 2015-32-INF-1640 v1 Target: Expediente Date: 26.05.2016 Created by: CERT10 Revised by: CALIDAD Approved by: TECNICO CERTIFICATION REPORT File: 2015-32 CCN-TP-PP Applicant: Centro Criptológico Nacional
More informationSecurity Target IBM Tivoli Directory Server Version 5.2. Version: 1.5 Status: Final version Last update:
Security Target IBM Tivoli Directory Server Version 5.2 Version: 1.5 Status: Final version Last update: 2003-11-10 Copyright IBM 2003 PAGE 1 Document History Version Date Changes Summary Author 1.0 2003-07-09
More informationTarantella Enterprise 3 Security Target
Tarantella Enterprise 3 Security Target Issue : 2.4 Date : Status : Definitive Release Document reference : Distribution : Prepared by : Robert Allison & Hugh Griffin... Reviewed by : Steve Hill... Authorised
More informationSecurity Target. Juniper Networks vgw Series Version 5.5. Document Version 0.5. March 22, 2013
Security Target Juniper Networks vgw Series Version 5.5 Document Version 0.5 March 22, 2013 Document Version 0.5 Juniper Networks Page 1 of 42 Prepared For: Prepared By: Juniper Networks, Inc. 1194 North
More informationQ1 Labs. QRadar V5.1.2 Security Target V 2.0.4
Q1 Labs QRadar V5.1.2 Security Target V 2.0.4 Prepared By: Suite 5200 West 7925 Jones Branch Drive McLean, VA 22102-3321 703 848-0883 Fax 703 848-0960 SECTION TABLE OF CONTENTS Security Target Version
More information3Com Embedded Firewall Version Security Target
1 of 1 Part Number: 00-0937467-B Version Date: 5 March 2003 3Com Embedded Firewall Version 1.5.1 Security Target Secure Computing Corporation 2675 Long Lake Road Saint Paul, Minnesota 55113 Prepared by:
More informationEMC Corporation EMC Smarts Service Assurance Management (SAM) Suite and Internet Protocol (IP) Management Suite
EMC Corporation EMC Smarts Service Assurance Management (SAM) Suite and Internet Protocol (IP) Management Suite 6.5.1 Security Target Evaluation Assurance Level: EAL2 Document Version: 0.6 Prepared for:
More informationideras Security Target
ideras Security Target Document Version: v1.3 Document Date:18 October 2013 Company Infosys Gateway SdnBhd Unit 808, 8 th Floor, Block E, PusatDaganganPhileo, Damansara 1, No. 9, Jalan 16/11, Off JalanDamansara
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme Validation Report
National Information Assurance Partnership Common Criteria Evaluation and Validation Scheme Validation Report TM QRadar V5.1.2 Report Number: Dated: January 26, 2007 Version: 1.1 National Institute of
More informationSecurity Target for Symantec Gateway Security Version Series (Firewall Engine Only)
. Security Target for Symantec Gateway Security Version 2.0 5400 Series (Firewall Engine Only) Reference: T423\ST April 2004 Issue: 3.3 Symantec Corporation 266 Second Avenue Waltham, MA 02451 USA Copyright
More informationTHALES COMMUNICATIONS S. A. EXTERNAL COMMUNICATIONS MANAGEMENT SYSTEM
THALES COMMUNICATIONS S. A. SECURITY TARGET ETERNAL COMMUNICATIONS MANAGEMENT SYSTEM Prepared by: IBM Global Services CLEF IBM UK Ltd Meudon House Meudon Avenue Farnborough Hampshire GU14 7NB Date: 15
More informationGroupement des Cartes Bancaires "CB" Common Criteria for Information Technology Security Evaluation. Protection Profile
Groupement des Cartes Bancaires "CB" Common Criteria for Information Technology Security Evaluation Protection Profile CB-EMV Payment/Withdrawal Smart Card Application Version 0.40 April 25 th 2000 Registered
More informationBlue Coat Systems, Inc. 650 Almanor Ave. Sunnyvale, CA Phone: Fax:
Blue Coat ProxySG Operating System, v3.2.4.8 Security Target September 1, 2005 BCS-0290-(1) Blue Coat ProxySG v3-2-4-8 Security Target Blue Coat Systems, Inc. 650 Almanor Ave. Sunnyvale, CA 94085 Phone:
More informationEMC Corporation EMC ControlCenter 5.2 Service Pack 5. Security Target
EMC Corporation EMC ControlCenter 5.2 Service Pack 5 Security Target Evaluation Assurance Level: EAL2+ Document Version: 1.01 Prepared for: Prepared by: EMC Corporation Corsec Security, Inc. 176 South
More informationHost Intrusion Prevention and. epolicy Orchestrator (Patch 1)
Security Target Host Intrusion Prevention 6.0.2 and epolicy Orchestrator 3.6.1 (Patch 1) McAfee System Protection Industry-leading intrusion prevention solutions TABLE OF CONTENTS 1. SECURITY TARGET INTRODUCTION...
More informationSecurity Target for Symantec Gateway Security 400 Series version 2.1 (Firewall Engine Only)
Security Target for Symantec Gateway Security 400 Series version 2.1 (Firewall Engine Only) Reference: T466\ST May 2005 Issue: 2.0 Symantec Corporation 275 Second Avenue Waltham, MA 02451 USA Copyright
More informationPP INTRODUCTION (APE_INT)...
DT-T-MEP24-10002 Edic./Issue B PAG. 3 TABLE OF CONTENTS Título/Title Página/Page 0. PREFACE... 6 0.1 RELATED DOCUMENTS... 6 0.2 ACRONYMS AND DEFINITIONS... 6 0.2.1 Acronyms... 6 0.2.2 Definitions... 7
More informationSecurity Target. Version 1.21
MQAssure /AppShield v1.2 integrated with MQAssure /IAM v1.0 Security Target 03 January, 2011 Prepared for MagnaQuest Solutions Sdn Bhd A-2-07 & A-2-09 SME Technopreneur Centre Cyberjaya 2270, Jalan Usahawan
More informationElection Administration software Security Target EAL 2
Election Administration software Security Target EAL 2 Source Code, High Level Architecture Documentation and Common Criteria Documentation Copyright (C) 2010-2011 and ownership belongs to The Norwegian
More informationMicro Focus ArcSight Data Platform Security Target
Micro Focus ArcSight Data Platform Security Target Version 1.0 29 September 2017 Prepared for: Micro Focus 1160 Enterprise Way Sunnyvale CA, 94089 Prepared By: Accredited Testing and Evaluation Labs 6841
More informationSecurity Target for Symantec Enterprise Firewall Version 8.0
. Security Target for Symantec Enterprise Firewall Version 8.0 Reference: T462\ST July 2004 Issue: 1.0 Symantec Corporation 266 Second Avenue Waltham, MA 02451 USA Copyright notice Copyright 1998-2004
More informationVersion Symantec. Page 1 of 33
Security Target: Symantec Risk Automation Suite Version 4.0..5 Security Target Symantec Risk Automation Suite Version 4.0.5 Document Version 1.2 February 9, 2011 Document Version 1.2 Symantec Page 1 of
More informationVMware. Security Target
NS v6.3 for vsphere MARCH 2017 Document prepared by Document History Version Date Author Description 0.1 29 Jan 2016 A Boulton Initial draft ST. 0.2 03 Feb 2016 A Boulton Incorporate discussion/comments
More informationProtection Profile for Hardcopy Devices v1.0 Errata #1, June 2017
Protection Profile for Hardcopy Devices v1.0 Errata #1, June 2017 1 Introduction These errata apply to the Protection Profile for Hardcopy Devices 1.0 dated September 10, 2015 (hereinafter referred to
More informationDell EMC NetWorker 9.1
Dell EMC NetWorker 9.1 Evaluation Assurance Level (EAL): EAL2+ Doc No: 1986-000-D102 Version: 1.2 10 July 2017 EMC Corporation 176 South Street Hopkinton, MA, USA 01748 Prepared by: EWA-Canada 1223 Michael
More informationApple Computer Mac OS X v and Mac OS X Server v Security Target
1. Apple Computer Mac OS v10.3.6 and Mac OS Server v10.3.6 Security Target Prepared for: Apple Computer, Inc. 1 Infinite Loop Cupertino, CA 95014 Prepared By: Science Applications International Corporation
More informationSecurity Target. EMC XtremIO v Evaluation Assurance Level (EAL): EAL2+ Doc No: D102 Version: March 2016.
EMC XtremIO v4.0.2 Security Target Evaluation Assurance Level (EAL): EAL2+ Doc No: 1906-000-D102 21 March 2016 Prepared For: EMC Corporation 176 South Street Hopkinton, MA, USA 01748 Prepared by: EWA-Canada
More informationHewlett Packard Enterprise ArcSight ESM Security Target
Hewlett Packard Enterprise ArcSight ESM Security Target Version 1.3 13 June 2017 Prepared for: 1160 Enterprise Way Sunnyvale CA, 94089 Prepared By: Accredited Testing and Evaluation Labs 6841 Benjamin
More informationEMC VNXe1600 OE v3.1.3
EMC VNXe1600 OE v3.1.3 Evaluation Assurance Level (EAL): EAL2+ Doc No: 1950-000-D102 Version: 0.7 18 March 2016 EMC Corporation 176 South Street Hopkinton, MA, USA 01748 Prepared by: EWA-Canada 1223 Michael
More informationimanager U2000 Security Target Version: 1.6 Last Update: Author: Huawei Technologies Co., Ltd.
imanager U2000 Security Target Version: 1.6 Last Update: 2014-12-04 Author: Huawei Technologies Co., Ltd. Table of contents Table of Contents IMANAGER U2000 SECURITY TARGET... 1 Author... 5 1 INTRODUCTION...
More informationCA Inc. Integrated Threat Management r Security Target V1.8
CA Inc. Integrated Threat Management r8.0.445 Security Target V1.8 May 1, 2007 Prepared By: Suite 5200 7925 Jones Branch Drive McLean, VA 22102-3321 703 848-0883 Fax 703 848-0960 SECTION TABLE OF CONTENTS
More informationFED 5 Security Target Lite 1.5
FED 5 Security Target Lite 1.5 1 Revision history Document subject FED 5 Security Target Configuration document no. Version Details Created by Date revised Reviewed by FED5_ST_1.0 1.0 Initial version Yang
More informationXPORTALNET HS SECURITY TARGET VERSION FEB-18
XPORTALNET HS SECURITY TARGET VERSION 1.0 10-FEB-18 Document management Document identification Document ID Document title Document Version/Date MicroEngine_EAL2_ST xportalnet HS Security Target Version
More informationSecurity Target. packet filter 3.0.3
Version 1.0 packet filter 3.0.3 Authors: Christian Koob, Jörg Marx, secunet Security Networks AG Certification-ID: BSI-DSZ-CC-0595 HISTORY Version Date Change(s) Author(s) 1.0 16/08/2010 Version for evaluation
More informationSecurity Target. EMC ScaleIO v Evaluation Assurance Level (EAL): EAL2+ Doc No: D102 Version: February 2016.
EMC ScaleIO v1.32.3 Security Target Evaluation Assurance Level (EAL): EAL2+ Doc No: 1903-000-D102 8 February 2016 Prepared For: EMC Corporation 176 South Street Hopkinton, MA, USA 01748 Prepared by: EWA-Canada
More informationSecurity Target For Cisco IOS IPSec
March 2007 Version: 1.0 Conventions The notation, formatting, and conventions used in this Security Target document are consistent with the conventions used in Version 2.3 of the Common Criteria (CC) document.
More informationValari Security Target
Web Application Firewall Valari Security Target Document Version: 0.5 Document Date: 25-Sep-17 Company Kaapagam Technologies Sdn. Bhd. (1015448-T) A-5-10 Empire Tower SS16/1, Subang Jaya 47500, Selangor,
More informationHewlett Packard Enterprise Development LP Operations Orchestration v Security Target
Hewlett Packard Enterprise Development LP Operations Orchestration v10.20 Security Target Evaluation Assurance Level (EAL): EAL2+ Document Version: 0.14 Prepared for: Prepared by: Hewlett Packard Enterprise
More informationIBM Proventia G 1.3 and SiteProtector 2.0 Service Pack 6.1 with Reporting Module Security Target. Security Target. Version 1.19.
IBM Proventia G 1.3 and SiteProtector 2.0 Service Pack 6.1 with Reporting Module Security Target Version 1.19 May 10, 2010 Internet Security Systems, Inc. 6303 Barfield Road Atlanta, GA 30328 Table of
More informationFidelis XPS Security Target
Fidelis PS Security Target Version 1.0 29 October 2008 Prepared for: Fidelis Security Systems, Inc 4416 East West Highway, Suite 310 Bethesda, Maryland 20814 Prepared By: Science Applications International
More informationMicrosoft SQL Server TM 2005 SP1 Database Engine Common Criteria Evaluation Security Target SQL Server 2005 Team
Microsoft SQL Server TM 2005 SP1 Database Engine Common Criteria Evaluation Security Target SQL Server 2005 Team Author: Roger French Status: Final Version: 1.4 Last Saved: 2007-01-23 File Name: MS_SQL_ST_EAL1_1.4
More informationSidewinder G2 Security Appliance Model 2150D and Sidewinder G2 Software v SECURITY TARGET
Part Number 00-0946372-D Version Date 29 March 2007 Sidewinder G2 Security Appliance Model 2150D and Sidewinder G2 Software v 6.1.2 SECURITY TARGET Prepared by: Secure Computing Corporation 2340 Energy
More informationProtection Profile Information Gateway
1 (59) Er referens Ert datum Er beteckning FMV tjänsteställe, handläggare, telefon FMV föreg. datum FMV föreg. beteckning FMV, Thomas Dahlbeck, 08-782 52 15 Protection Profile Information Gateway FMV Försvarets
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT Network Device collaborative Protection Profile Extended Package SIP Server 383-6-4 9 August 2017 Version 1.0 Government of Canada. This document is the property of
More informationSecurity Target for Cisco IOS/IPSEC
Security Target for Cisco IOS/IPSEC Reference: ST May 2006 Version: 4.8 CISCO Systems Inc. 170 West Tasman Drive San Jose CA 95124-1706 USA Copyright: 2006 Cisco Systems, Inc. Table Of Contents CONVENTIONS...
More informationHewlett Packard Enterprise 3PAR StoreServ Storage Systems Security Target
Hewlett Packard Enterprise 3PAR StoreServ Storage Systems Security Target Version 1.0 3/8/2017 Copyright 2017 Hewlett Packard Enterprise 1. SECURITY TARGET INTRODUCTION... 4 1.1 SECURITY TARGET, TOE AND
More informationMcAfee Web Gateway Version EAL 2 + ALC_FLR.2 Security Target
McAfee Web Gateway Version 7.4.2.5 EAL 2 + ALC_FLR.2 Release Date: 19 November 2014 Version: 1.4 Prepared By: Primasec Ltd. Prepared For: McAfee Inc. 3965 Freedom Circle Santa Clara, CA 95054 Document
More informationFuji Xerox ApeosPort-II 5010/4000/3000 Series Controller Software for Asia Pacific. Security Target
Fuji Xerox ApeosPort-II 5010/4000/3000 Series Controller Software for Asia Pacific Security Target Version 1.0.5 This document is a translation of the evaluated and certified security target written in
More informationFuji Xerox ApeosPort-II 7000/6000 Series Controller Software for Asia Pacific. Security Target
あ Fuji Xerox ApeosPort-II 7000/6000 Series Controller Software for Asia Pacific Security Target Version 1.0.9 This document is a translation of the evaluated and certified security target written in Japanese
More informationTrusted Solaris 8 4/01 Security Target. Issue: 3.1 Date: 12 November Deniz Kucukreisoglu
TS8_101/Issue 3.1 12 November 2003 Page i of vi Trusted Solaris 8 4/01 Security Target Issue: 3.1 Date: 12 November 2003 Reference: Author: Status: TS8_101 Deniz Kucukreisoglu Definitive Abstract: This
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme. Validation Report
National Information Assurance Partnership Common Criteria Evaluation and Validation Scheme Validation Report Standard Protection Profile for Enterprise Security Management Policy Management, Version 1.4,
More informationArbor Peakflow X Security Target
Arbor Peakflow Security Target Version 1.0 07/08/05 Prepared for: Arbor Networks, Inc. 430 Bedford Street, Suite 160 Lexington, MA 02420 Prepared By: Science Applications International Corporation Common
More informationSmartData v Security Target
COMMERCIAL-IN-CONFIDENCE SmartData v1.4.0.0 Security Target Common Criteria: EAL2 Version 1.1 24-NOV-2014 Document management Document identification Document title SmartData v1.4.0.0 Security Target Document
More informationSecurity Target for Juniper Networks M/T/J Series Families of Service Routers running JUNOS 8.1R1
Security Target for Juniper Networks M/T/J Series Families of Service Routers running JUNOS 8.1R1 Version 1.0 April 2007 Prepared for: Juniper Networks 1194 North Mathilda Avenue Sunnyvale California 94089
More informationPSTfile. Security Target Lite. Revision 3.1
PSTfile Security Target Lite Revision 3.1 Copyright 2013 Autek Ingeniería. All rights reserved. No part of this document may be reproduced, even for personal use, by any means and in any form, whether
More informationAirTight Networks SpectraGuard Enterprise [v 5.0] and SpectraGuard SAFE Enterprise Edition [v 2.0] Security Target Version [1.
AirTight Networks SpectraGuard Enterprise [v 5.0] and SpectraGuard SAFE Enterprise Edition [v 2.0] Security Target Version [1.1] May 10, 2007 Suite 5200 7925 Jones Branch Drive McLean, VA 22102-3305 703
More informationSecurity Target. Symantec Brightmail Gateway Document Version 1.4. December 23, Security Target: Symantec Brightmail Gateway 9.0.
Security Target Symantec Brightmail Gateway 9.0.1 Document Version 1.4 December 23, 2010 Document Version 1.4 Symantec Page 1 of 36 Prepared For: Prepared By: Symantec Corporation 350 Ellis Street Mountain
More informationC077 Certification Report
RSA Security Analytics v10.6.1 File name: Version: v1 Date of document: 22 February 2017 Document classification: For general inquiry about us or our services, please email: mycc@cybersecurity.my C077
More informationSecurity Target. HPE StoreOnce System, Version Document Version: 1.2 Date: October 13, 2016
Security Target HPE StoreOnce System, Version 3.13 Document Version: 1.2 Date: October 13, 2016 Prepared For: Hewlett-Packard Enterprise Long Down Avenue Stoke Gifford Bristol BS34 8QZ UK Prepared By:
More informationCommon Criteria for IT Security Evaluation Protection Profile
Common Criteria for IT Security Evaluation Protection Profile Transactional Smartcard Reader Protection Profile Profil de Protection pour un lecteur transactionnel de cartes à puce Version 2.0 Issue January
More informationPIN ENTRY DEVICE PROTECTION PROFILE
APACS PIN ENTRY DEVICE PROTECTION PROFILE Association for Payment Clearing Services Mercury House, Triton Court, 14, Finsbury Square LONDON. EC2A. 1LQ Telephone 020 7711 6200 Facsimile 020 7628 0924 Website
More informationForeScout ActiveScout / CounterACT Security Target
ForeScout ActiveScout / CounterACT Security Target Version 2.4 26 June 2005 REF: ST PREPARED FOR: ForeScout Technologies, Inc. 10001 N. De Anza Blvd. Cupertino, CA 95014 DOCUMENT CONTROL DOCUMENT HISTORY
More informationNetwork Chemistry, Inc. Security Target
Network Chemistry RFprotect TM Distributed v6.1.2, RFprotect TM Sensor v6.1.22, and RFprotect TM Mobile v6.1.2 Security Target Evaluation Assurance Level: EAL 2 Document Version: 1.0 Prepared for: Prepared
More informationProtection Profile for Certification Authorities. Version: National Information Assurance Partnership
Protection Profile for Certification Authorities Version: 2.1 2017-12-01 National Information Assurance Partnership 1 Revision History Version Date Comment V1.0 2014-05-16 Initial draft V1.1 2016-07-07
More informationHuawei Access Terminal Platform ATP V200R001C03. Security Target. Issue V1.71. Date HUAWEI TECHNOLOGIES CO., LTD.
Huawei Access Terminal Platform ATP V200R001C03 Security Target Issue V1.71 Date 2016-11-3 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2015. All rights reserved. No part of this
More informationInfoblox Trinzic Appliances with NIOS v8.2.6 Security Target
Infoblox Trinzic Appliances with NIOS v8.2.6 Security Target Version 1.1 17 September 2018 Prepared for: Infoblox 4750 Patrick Henry Drive Santa Clara, CA 95054 Prepared By: Leidos Accredited Testing &
More informationBEA WebLogic Server 8.1 Security Target
BEA WebLogic Server 8.1 Security Target Version 1.0 05/22/06 Prepared for: BEA Systems, Inc. 2315 North First Street San Jose, CA 95131 Prepared By: Science Applications International Corporation Common
More informationCisco MDS 9000 Family SAN-OS Release 3.2(2c)
August 2008 Version: 3.0 Table of Contents Table of Contents 1 List of Tables 3 List of Figures 4 Conventions 4 References 5 Introduction 5 Acronyms 6 ST and TOE Identification 7 Security Target Overview
More informationHewlett Packard Enterprise Development LP Network Automation Ultimate Edition v Security Target
Hewlett Packard Enterprise Development LP Network Automation Ultimate Edition v10.10 Security Target Evaluation Assurance Level: EAL 2+ Document Version: 0.13 Prepared for: Prepared by: Hewlett Packard
More informationCryptographic Modules, Security Level Moderate. Endorsed by the Bundesamt für Sicherheit in der Informationstechnik
Common Criteria Protection Profile Cryptographic Modules, Security Level Moderate BSI-PP-0042 Endorsed by the Foreword This Protection Profile - Cryptographic Modules, Security Level Moderate - is issued
More informationLOCKSWITCH BLUETOOTH ACCESS CONTROL SYSTEM SECURITY TARGET VERSION JULY-17
LOCKSWITCH BLUETOOTH ACCESS CONTROL SYSTEM SECURITY TARGET VERSION 1.0 10-JULY-17 Document management Document identification Document ID Document title Document Version/Date Lockswitch_EAL2_ST Lockswitch
More information