IBM RACF for z/OS Version 2 Release 3
CSV information ?
Status | active |
---|---|
Valid from | 16.09.2019 |
Valid until | 16.09.2024 |
Scheme | 🇮🇹 IT |
Manufacturer | IBM Corporation |
Category | Operating Systems |
Security level | ALC_FLR.3, EAL5+ |
Heuristics summary ?
Certificate ?
Certification report ?
Extracted keywords
Hash functions
SHA256Schemes
MACProtocols
SSH, SSL, TLSSecurity level
EAL4, EAL2, EAL5, EAL5 augmentedClaims
O.JSecurity Assurance Requirements (SAR)
ADV_ARC.1, ADV_FSP.5, ADV_IMP.1, ADV_INT.2, ADV_TDS.4, AGD_OPE.1, AGD_PRE.1, ALC_FLR, ALC_FLR.3, ALC_CMC.4, ALC_CMS.5, ALC_DEL.1, ALC_DVS.1, ALC_LCD.1, ALC_TAT.2, ATE_COV.2, ATE_DPT.3, ATE_FUN.1, ATE_IND.2, AVA_VAN.4, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_TSS.1Security Functional Requirements (SFR)
FAU_GEN_SUB.1, FAU_GEN.1, FIA_USB.2, FIA_USB.1Certificates
OCSI/CERT/ATS/09/2018/RC, OCSI/CERT/ATS/01/2018/RCEvaluation facilities
atsecSide-channel analysis
side channelStandards
ISO/IEC 15408, CCMB-2017-04-001, CCMB-2017-04-002, CCMB-2017-04-003, CCMB-2017-04-004File metadata
Title: | Certfication Report “RACF for z/OS Version 2 Release 3” |
---|---|
Author: | ocsi |
Creation date: | D:20190924103208+02'00' |
Modification date: | D:20190924103208+02'00' |
Pages: | 37 |
Creator: | Microsoft® Word 2010 |
Producer: | Microsoft® Word 2010 |
References
Outgoing- OCSI/CERT/ATS/01/2018/RC - IBM z/OS Version 2 Release 3
- OCSI/CERT/ATS/03/2022/RC - IBM RACF for z/OS Version 2 Release 4
Security target ?
Extracted keywords
Symmetric Algorithms
AES128, AES256, DESAsymmetric Algorithms
ECC, DSAHash functions
SHA256Schemes
MACProtocols
SSL, TLSSecurity level
EAL5Claims
O.AUDITING, O.DISCRETIONARY, O.MANAGE, O.PROGRAM_INTEGRITY_SUPPORT, O.LS, O.PROGRAM_INTEGRITY_S, T.ACCESS, T.IA, T.SENSITIVITY, A.PHYSICAL, A.MANAGE, A.AUTHUSER, A.TRAINEDUSER, A.DETECT, A.OPERATING_SYSTEM, A.TRUSTED_PROGRAMS, A.OPERATING_SY, A.TRUSTED_PRO-, R.DIGTCERT, R.PWRESET, R.LU, OE.ADMIN, OE.INFO_PROTECT, OE.INSTALL, OE.MAINTENANCE, OE.PHYSICAL, OE.RECOVER, OE.OS_SEP, OE.TRUSTED_PROGRAMSSecurity Assurance Requirements (SAR)
ADV_ARC.1, ADV_FSP.5, ADV_IMP.1, ADV_INT.2, ADV_TDS.4, AGD_OPE.1, AGD_PRE.1, ALC_FLR.3, ALC_CMC.4, ALC_DEL.1, ALC_DVS.1, ALC_LCD.1, ALC_TAT.2, ATE_COV.2, ATE_DPT.3, ATE_FUN.1, ATE_IND.2, AVA_VAN.4Security Functional Requirements (SFR)
FAU_GEN_SUB.1, FAU_GEN.2, FAU_SAR.1, FAU_SEL.1, FAU_GEN.1, FAU_GEN.1.1, FAU_GEN.1.2, FAU_GEN_SUB.1.1, FAU_GEN_SUB.1.2, FAU_GEN.2.1, FAU_SAR.1.1, FAU_SAR.1.2, FAU_SEL.1.1, FCS_COP.1, FCS_COP.1.1, FCS_CKM.1, FCS_CKM.4, FDP_ACC.1, FDP_ACF.1, FDP_IFC.2, FDP_IFF.2, FDP_ACC.1.1, FDP_ACF.1.1, FDP_ACF.1.2, FDP_ACF.1.3, FDP_ACF.1.4, FDP_IFC.2.1, FDP_IFC.2.2, FDP_IFF.2.1, FDP_IFF.2.2, FDP_IFF.2.3, FDP_IFF.2.4, FDP_IFF.2.5, FDP_IFF.2.6, FDP_ITC.1, FDP_ITC.2, FDP_IFF.1, FDP_IFC.1, FDP_MSA.1, FIA_USB.2, FIA_AFL.1, FIA_ATD.1, FIA_SOS.1, FIA_UAU.1, FIA_UAU.5, FIA_UAU.7, FIA_UID.1, FIA_USB.1, FIA_USB.2.1, FIA_USB.2.2, FIA_USB.2.3, FIA_USB.2.4, FIA_AFL.1.1, FIA_AFL.1.2, FIA_ATD.1.1, FIA_SOS.1.1, FIA_UAU.1.1, FIA_UAU.1.2, FIA_UAU.5.1, FIA_UAU.5.2, FIA_UAU.7.1, FIA_UID.1.1, FIA_UID.1.2, FIA_USB.1.1, FIA_USB.1.2, FIA_USB.1.3, FMT_MSA.1, FMT_MSA.3, FMT_MTD.1, FMT_REV.1, FMT_SMF.1, FMT_SMR.1, FMT_MSA.1.1, FMT_MSA.3.1, FMT_MSA.3.2, FMT_MTD.1.1, FMT_REV.1.1, FMT_REV.1.2, FMT_SMF.1.1, FMT_SMR.1.1, FMT_SMR.1.2, FPT_TDC.1, FPT_STM.1, FPT_TDC.1.1, FPT_TDC.1.2Protection profiles
BSI-CC-PP-0067Standards
PKCS#11, PKCS#1, PKCS #11, PKCS#7, PKCS#12, PKCS #1, X.509, CCMB-2017-04-002, CCMB-2017-04-004File metadata
Title: | Security Target for IBM RACF for z/OS Version 2 Release 3 |
---|---|
Subject: | RACF EAL5 Evaluation |
Author: | Walter Farrell, Helmut Kurth |
Creation date: | D:20190903083121+02'00' |
Pages: | 179 |
Creator: | Writer |
Producer: | LibreOffice 6.2 |
References
OutgoingHeuristics ?
Extracted SARs
ALC_DVS.1, AGD_PRE.1, ASE_REQ.2, ASE_OBJ.2, ALC_FLR.3, AGD_OPE.1, AVA_VAN.4, ASE_TSS.1, ALC_CMC.4, ADV_FSP.5, ASE_CCL.1, ASE_INT.1, ADV_TDS.4, ALC_DEL.1, ASE_ECD.1, ALC_LCD.1, ATE_FUN.1, ADV_INT.2, ALC_CMS.5, ASE_SPD.1, ATE_COV.2, ATE_DPT.3, ATE_IND.2, ADV_IMP.1, ADV_ARC.1, ALC_TAT.2Scheme data ?
Title | IBM RACF for z/OS Version 2 Release 3 | |
---|---|---|
Supplier | IBM Corporation | |
Level | EAL5+ | |
Certification Date | 16 settembre 2019 | |
Clarification Note Link | https://www.ocsi.gov.it/documenti/certificazioni/ibm/racf/nota_ocsi_rc_racfv2r3.pdf | |
Report Link It | https://www.ocsi.gov.it/documenti/certificazioni/ibm/racf/rc_racfv2r3_v1.0_it.pdf | |
Report Link En | https://www.ocsi.gov.it/documenti/certificazioni/ibm/racf/cr_racfv2r3_v1.0_en.pdf | |
Target Link | https://www.ocsi.gov.it/documenti/certificazioni/ibm/racf/st_racfv2r3_v5.5_public.pdf |
References ?
Updates ?
-
15.02.2024 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The following values were inserted:
{'report': {'_type': 'sec_certs.sample.cc.CCCertificate.DocumentState', 'download_ok': True, 'convert_garbage': False, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '48a942a7603d10a18cb73a9a57d258202f6943ebe8b4015f7f79e24ed24806d7', 'txt_hash': 'a255c0a874d245d426a9f15d0f60dbd8c8d805bd0c9d6f1deaf74e14c0c194a7'}, 'st': {'_type': 'sec_certs.sample.cc.CCCertificate.DocumentState', 'download_ok': True, 'convert_garbage': False, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '7fbcb23f0142b01d9149c86783be9fa637d7ebba1f7238be595e9ddc0ba89e86', 'txt_hash': 'cd316affc9a11934eef2e3da5ab8dd00f4209cc4868f5704badd2e249d288d17'}, 'cert': {'_type': 'sec_certs.sample.cc.CCCertificate.DocumentState', 'download_ok': False, 'convert_garbage': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None}}
. - The following properties were deleted:
['st_download_ok', 'report_download_ok', 'st_convert_garbage', 'report_convert_garbage', 'st_convert_ok', 'report_convert_ok', 'st_extract_ok', 'report_extract_ok', 'st_pdf_hash', 'report_pdf_hash', 'st_txt_hash', 'report_txt_hash']
.
The PDF extraction data was updated.
- The following values were inserted:
{'cert_metadata': None, 'cert_frontpage': None, 'cert_keywords': None, 'cert_filename': None}
. - The report_frontpage property was set to
{}
. - The st_frontpage property was set to
None
. - The report_keywords property was updated, with the
{'cc_cert_id': {'__update__': {'IT': {'__update__': {'OCSI/CERT/ATS/09/2018/RC': 37, 'OCSI/CERT/ATS/01/2018/RC': 1}, '__delete__': ['OCSI/CERT/ATS/01/2018']}}}}
data.
- The following values were inserted:
-
13.02.2024 The certificate data changed.
Certificate changed
The PDF extraction data was updated.
- The report_keywords property was updated, with the
{'cc_cert_id': {'__update__': {'IT': {'__insert__': {'OCSI/CERT/ATS/01/2018': 2}, '__update__': {'OCSI/CERT/ATS/09/2018/RC': 74, 'OCSI/CERT/ATS/01/2018/RC': 2}}}}}
data.
- The report_keywords property was updated, with the
-
07.02.2024 The certificate data changed.
Certificate changed
The PDF extraction data was updated.
- The st_keywords property was updated, with the
{'cc_cert_id': {}}
data.
- The st_keywords property was updated, with the
-
07.02.2024 The certificate data changed.
Certificate changed
The PDF extraction data was updated.
- The report_keywords property was updated, with the
{'cc_cert_id': {'__update__': {'IT': {'__update__': {'OCSI/CERT/ATS/09/2018/RC': 37, 'OCSI/CERT/ATS/01/2018/RC': 1}, '__delete__': ['OCSI/CERT/ATS/01/2018']}}}}
data. - The st_keywords property was updated, with the
{'cc_cert_id': {'CA': {'8 8 8': 1, '4 4 8': 1}}}
data.
- The report_keywords property was updated, with the
-
04.01.2024 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The following values were inserted:
{'annotated_references': None}
.
- The following values were inserted:
-
21.09.2023 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The scheme_data property was updated, with the
{'title': 'IBM RACF for z/OS Version 2 Release 3', 'level': ' EAL5+', 'certification_date': ' 16 settembre\n\t\t\t\t\t\t\t\t\t\t\t2019', 'report_link_it': 'https://www.ocsi.gov.it/documenti/certificazioni/ibm/racf/rc_racfv2r3_v1.0_it.pdf', 'report_link_en': 'https://www.ocsi.gov.it/documenti/certificazioni/ibm/racf/cr_racfv2r3_v1.0_en.pdf', 'target_link': 'https://www.ocsi.gov.it/documenti/certificazioni/ibm/racf/st_racfv2r3_v5.5_public.pdf'}
data.
- The scheme_data property was updated, with the
-
26.06.2023 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The scheme_data property was updated, with the
{'title': 'IBM z/VM Version 7 Release 2 for VPP', 'level': ' conforme a PP_BASE_VIRTUALIZATION_V1.0', 'certification_date': ' 10 giugno\n\t\t\t\t\t\t\t\t\t\t\t2022', 'report_link_it': 'https://www.ocsi.gov.it/documenti/certificazioni/ibm/zvm/rc_zvm_v7r2_vpp_v1.0_it.pdf', 'report_link_en': 'https://www.ocsi.gov.it/documenti/certificazioni/ibm/zvm/cr_zvm_v7r2_vpp_v1.0_en.pdf', 'target_link': 'https://www.ocsi.gov.it/documenti/certificazioni/ibm/zvm/st_zvm_v7r2_vpp_v1.0.pdf'}
data.
- The scheme_data property was updated, with the
-
26.04.2023 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The following values were inserted:
{'scheme_data': {'title': 'IBM z/VM Version 6 Release 4', 'supplier': ' IBM Corporation', 'level': ' EAL4+', 'certification_date': ' 23 aprile\n\t\t\t\t\t\t\t\t\t\t\t2018', 'report_link_it': 'https://www.ocsi.gov.it/documenti/certificazioni/ibm/zvm/rc_zvmv6r4_v1.0_it.pdf', 'report_link_en': 'https://www.ocsi.gov.it/documenti/certificazioni/ibm/zvm/cr_zvmv6r4_v1.0_en.pdf', 'target_link': 'https://www.ocsi.gov.it/documenti/certificazioni/ibm/zvm/st_zvmv6r4_v1.2.pdf'}}
.
- The following values were inserted:
-
11.02.2023 The certificate data changed.
Certificate changed
The _type was updated.
- The new value is
sec_certs.sample.cc.CCCertificate
.
The state of the certificate object was updated.
- The _type property was set to
sec_certs.sample.cc.CCCertificate.InternalState
. - The following properties were deleted:
['errors']
.
The PDF extraction data was updated.
- The _type property was set to
sec_certs.sample.cc.CCCertificate.PdfData
.
The computed heuristics were updated.
- The following values were inserted:
{'direct_transitive_cves': None, 'indirect_transitive_cves': None}
. - The _type property was set to
sec_certs.sample.cc.CCCertificate.Heuristics
. - The following properties were deleted:
['direct_dependency_cves', 'indirect_dependency_cves']
.
- The new value is
-
24.12.2022 The certificate data changed.
Certificate changed
The manufacturer_web was updated.
- The new value is
https://www.ibm.com
.
- The new value is
-
23.12.2022 The certificate data changed.
Certificate changed
The manufacturer_web was updated.
- The new value is
None
.
The state of the certificate object was updated.
- The errors property was set to
[]
.
- The new value is
-
23.12.2022 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The errors property was set to
['failed to download report from https://www.commoncriteriaportal.org/files/epfiles/cr_racfv2r3_v1.0_en.pdf, code: nok']
.
The computed heuristics were updated.
- The report_references property was updated, with the
{'directly_referencing': {'_type': 'Set', 'elements': ['OCSI/CERT/ATS/01/2018/RC']}, 'indirectly_referencing': {'_type': 'Set', 'elements': ['OCSI/CERT/ATS/01/2018/RC']}}
data.
- The errors property was set to
-
22.12.2022 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The report_references property was updated, with the
{'directly_referencing': None, 'indirectly_referencing': None}
data.
- The report_references property was updated, with the
-
10.10.2022 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The cpe_matches property was set to
None
. - The related_cves property was set to
None
. - The direct_dependency_cves property was set to
None
. - The indirect_dependency_cves property was set to
None
.
- The cpe_matches property was set to
-
05.10.2022 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The following values were inserted:
{'st_convert_garbage': False, 'report_convert_garbage': False}
.
- The following values were inserted:
-
04.10.2022 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The cpe_matches property was updated, with the
{'_type': 'Set', 'elements': ['cpe:2.3:o:ibm:z\\/os:2.1.0:*:*:*:*:*:*:*']}
values added.
- The cpe_matches property was updated, with the
-
30.09.2022 The certificate data changed.
Certificate changed
The security_level was updated.
- The following values were removed:
{'_type': 'Set', 'elements': ['EAL5']}
. - The following values were added:
{'_type': 'Set', 'elements': ['EAL5+']}
.
The Valid until date was updated.
- The new value is
2024-09-16
.
- The following values were removed:
-
28.09.2022 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The report_references property was updated, with the
{'directly_referenced_by': {'_type': 'Set', 'elements': ['OCSI/CERT/ATS/03/2022/RC']}, 'indirectly_referenced_by': {'_type': 'Set', 'elements': ['OCSI/CERT/ATS/03/2022/RC']}}
data. - The direct_dependency_cves property was set to
{'_type': 'Set', 'elements': ['CVE-2013-5385']}
. - The indirect_dependency_cves property was set to
{'_type': 'Set', 'elements': ['CVE-2013-5385']}
.
- The report_references property was updated, with the
-
24.09.2022 The certificate data changed.
Certificate changed
The PDF extraction data was updated.
- The following values were inserted:
{'report_filename': 'cr_racfv2r3_v1.0_en.pdf', 'st_filename': 'st_racfv2r3_v5.5_public.pdf'}
. - The report_keywords property was updated, with the
{'cc_security_level': {'__update__': {'EAL': {'__update__': {'EAL2': 2}}}}, 'cc_sar': {'__update__': {'ALC': {'__update__': {'ALC_FLR.3': 7}}}}, 'symmetric_crypto': {}, 'crypto_protocol': {'__update__': {'TLS': {'__update__': {'TLS': {'__update__': {'TLS': 3}}}}}}, 'tee_name': {}}
data. - The st_keywords property was updated, with the
{'cc_sar': {'__update__': {'ALC': {'__update__': {'ALC_FLR.3': 3}}}}, 'cc_sfr': {'__update__': {'FAU': {'__update__': {'FAU_GEN_SUB.1': 17, 'FAU_GEN.2': 8, 'FAU_SEL.1': 7, 'FAU_GEN.1': 4}}, 'FDP': {'__update__': {'FDP_ACC.1': 37, 'FDP_ACF.1': 33, 'FDP_IFC.2': 8}}, 'FIA': {'__update__': {'FIA_ATD.1': 16, 'FIA_UAU.1': 10, 'FIA_UAU.5': 7, 'FIA_UAU.7': 6, 'FIA_UID.1': 11, 'FIA_USB.1': 12, 'FIA_USB.2': 13}}, 'FMT': {'__update__': {'FMT_MSA.1': 41, 'FMT_MSA.3': 42, 'FMT_MTD.1': 61, 'FMT_SMF.1': 26, 'FMT_SMR.1': 31}}}}, 'cc_claims': {'__update__': {'O': {'__insert__': {'O.DISCRETIONARY': 14, 'O.LS': 17}, '__delete__': ['O.DISCRETIONARY.ACCESS', 'O.LS.CONFIDENTIALITY', 'O.LS.LABEL']}, 'T': {'__insert__': {'T.ACCESS': 17, 'T.IA': 8}, '__delete__': ['T.GRANULAR', 'T.ACCESS.TSFDATA', 'T.ACCESS.USERDATA', 'T.ACCESS.TSFFUNC', 'T.IA.MASQUERADE', 'T.IA.USER', 'T.ADD', 'T.LIST', 'T.BIND', 'T.CONNECT', 'T.CON-', 'T.GENCERT', 'T.-', 'T.EXPORT', 'T.REMOVE', 'T.LISTRING', 'T.ADDRING', 'T.DELRING', 'T.DELETE', 'T.ALTER', 'T.USER', 'T.AUTOAPPL', 'T.AUTODIRECT', 'T.AUTOPWD', 'T.INCLUDE', 'T.JESNODE', 'T.PWSYNC', 'T.TRACE', 'T.DESCRIPTION', 'T.LOCAL', 'T.NODE', 'T.OPERATIVE', 'T.PREFIX', 'T.PROTOCOL', 'T.PURGE', 'T.WDSQUAL', 'T.WORKSPACE', 'T.OWN-']}, 'A': {'__update__': {'A.AUTHUSER': 2, 'A.DETECT': 3}, '__delete__': ['A.MASQUERADE', 'A.USER', 'A.MULTIPLE']}, 'R': {'R.DIGTCERT': 31, 'R.PWRESET': 1, 'R.LU': 1}}, '__delete__': ['D']}, 'vendor': {}, 'symmetric_crypto': {'__update__': {'AES_competition': {'__update__': {'AES': {'__update__': {'AES256': 2}, '__delete__': ['AES']}}}, 'DES': {'__update__': {'DES': {'__update__': {'DES': 5}}}}}}, 'crypto_scheme': {'__delete__': ['KA']}, 'crypto_protocol': {'__update__': {'TLS': {'__update__': {'SSL': {'__update__': {'SSL': 5}}, 'TLS': {'__update__': {'TLS': 4}}}}}, '__delete__': ['PACE']}, 'randomness': {}, 'side_channel_analysis': {}, 'tee_name': {}}
data.
The computed heuristics were updated.
- The report_references property was updated, with the
{'directly_referencing': {'_type': 'Set', 'elements': ['OCSI/CERT/ATS/01/2018/RC']}, 'indirectly_referencing': {'_type': 'Set', 'elements': ['OCSI/CERT/ATS/01/2018/RC']}}
data.
- The following values were inserted:
-
18.07.2022 The certificate data changed.
Certificate changed
The _type was updated.
- The new value is
sec_certs.sample.common_criteria.CommonCriteriaCert
.
The state of the certificate object was updated.
- The _type property was set to
sec_certs.sample.common_criteria.CommonCriteriaCert.InternalState
.
The PDF extraction data was updated.
- The _type property was set to
sec_certs.sample.common_criteria.CommonCriteriaCert.PdfData
.
The computed heuristics were updated.
- The _type property was set to
sec_certs.sample.common_criteria.CommonCriteriaCert.Heuristics
. - The st_references property was updated, with the
{'_type': 'sec_certs.sample.certificate.References'}
data. - The report_references property was updated, with the
{'_type': 'sec_certs.sample.certificate.References'}
data. - The extracted_sars property was set to
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DVS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_FLR', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_VAN', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 5}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_INT', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 5}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_DPT', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_TAT', 'level': 2}]}
.
- The new value is
-
17.07.2022 The certificate data changed.
Certificate changed
The PDF extraction data was updated.
- The report_metadata property was updated, with the
{'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}
values inserted. - The st_metadata property was updated, with the
{'pdf_hyperlinks': {'_type': 'Set', 'elements': ['http://www.sdsusa.com/dictionary/glossAZ/r.htm#racf']}}
values inserted. - The report_keywords property was set to
{'cc_cert_id': {'IT': {'OCSI/CERT/ATS/09/2018/RC': 74, 'OCSI/CERT/ATS/01/2018/RC': 2, 'OCSI/CERT/ATS/01/2018': 2}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL4': 1, 'EAL2': 1, 'EAL5': 6, 'EAL5 augmented': 2}}, 'cc_sar': {'ADV': {'ADV_ARC.1': 1, 'ADV_FSP.5': 1, 'ADV_IMP.1': 1, 'ADV_INT.2': 1, 'ADV_TDS.4': 1}, 'AGD': {'AGD_OPE.1': 1, 'AGD_PRE.1': 1}, 'ALC': {'ALC_FLR': 1, 'ALC_FLR.3': 6, 'ALC_CMC.4': 1, 'ALC_CMS.5': 1, 'ALC_DEL.1': 1, 'ALC_DVS.1': 1, 'ALC_LCD.1': 1, 'ALC_TAT.2': 1}, 'ATE': {'ATE_COV.2': 1, 'ATE_DPT.3': 1, 'ATE_FUN.1': 1, 'ATE_IND.2': 1}, 'AVA': {'AVA_VAN.4': 1}, 'ASE': {'ASE_CCL.1': 1, 'ASE_ECD.1': 1, 'ASE_INT.1': 1, 'ASE_OBJ.2': 1, 'ASE_REQ.2': 1, 'ASE_SPD.1': 1, 'ASE_TSS.1': 1}}, 'cc_sfr': {'FAU': {'FAU_GEN_SUB.1': 1, 'FAU_GEN.1': 1}, 'FIA': {'FIA_USB.2': 3, 'FIA_USB.1': 1}}, 'cc_claims': {'O': {'O.J': 1}}, 'vendor': {}, 'eval_facility': {'atsec': {'atsec': 4}}, 'symmetric_crypto': {'DES': {'DES': {'DES': 3}, '3DES': {'TDES': 3}}}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA2': {'SHA256': 1}}}, 'crypto_scheme': {'MAC': {'MAC': 4}}, 'crypto_protocol': {'SSH': {'SSH': 1}, 'TLS': {'SSL': {'SSL': 2}, 'TLS': {'TLS': 5}}}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {'SCA': {'side channel': 1}}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {'IBM': {'SE': 1}}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'ISO': {'ISO/IEC 15408': 2}, 'CC': {'CCMB-2017-04-001': 1, 'CCMB-2017-04-002': 1, 'CCMB-2017-04-003': 1, 'CCMB-2017-04-004': 1}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}
. - The st_keywords property was set to
{'cc_cert_id': {}, 'cc_protection_profile_id': {'BSI': {'BSI-CC-PP-0067': 1}}, 'cc_security_level': {'EAL': {'EAL5': 1}}, 'cc_sar': {'ADV': {'ADV_ARC.1': 1, 'ADV_FSP.5': 1, 'ADV_IMP.1': 1, 'ADV_INT.2': 1, 'ADV_TDS.4': 1}, 'AGD': {'AGD_OPE.1': 1, 'AGD_PRE.1': 1}, 'ALC': {'ALC_FLR.3': 2, 'ALC_CMC.4': 1, 'ALC_DEL.1': 1, 'ALC_DVS.1': 1, 'ALC_LCD.1': 1, 'ALC_TAT.2': 1}, 'ATE': {'ATE_COV.2': 1, 'ATE_DPT.3': 1, 'ATE_FUN.1': 1, 'ATE_IND.2': 1}, 'AVA': {'AVA_VAN.4': 1}}, 'cc_sfr': {'FAU': {'FAU_GEN_SUB.1': 15, 'FAU_GEN.2': 7, 'FAU_SAR.1': 8, 'FAU_SEL.1': 8, 'FAU_GEN.1': 6, 'FAU_GEN.1.1': 1, 'FAU_GEN.1.2': 1, 'FAU_GEN_SUB.1.1': 1, 'FAU_GEN_SUB.1.2': 1, 'FAU_GEN.2.1': 1, 'FAU_SAR.1.1': 1, 'FAU_SAR.1.2': 1, 'FAU_SEL.1.1': 1}, 'FCS': {'FCS_COP.1': 8, 'FCS_COP.1.1': 1, 'FCS_CKM.1': 1, 'FCS_CKM.4': 2}, 'FDP': {'FDP_ACC.1': 41, 'FDP_ACF.1': 37, 'FDP_IFC.2': 9, 'FDP_IFF.2': 7, 'FDP_ACC.1.1': 4, 'FDP_ACF.1.1': 4, 'FDP_ACF.1.2': 5, 'FDP_ACF.1.3': 4, 'FDP_ACF.1.4': 4, 'FDP_IFC.2.1': 1, 'FDP_IFC.2.2': 1, 'FDP_IFF.2.1': 1, 'FDP_IFF.2.2': 1, 'FDP_IFF.2.3': 1, 'FDP_IFF.2.4': 1, 'FDP_IFF.2.5': 1, 'FDP_IFF.2.6': 1, 'FDP_ITC.1': 2, 'FDP_ITC.2': 1, 'FDP_IFF.1': 1, 'FDP_IFC.1': 6, 'FDP_MSA.1': 1}, 'FIA': {'FIA_AFL.1': 7, 'FIA_ATD.1': 19, 'FIA_SOS.1': 7, 'FIA_UAU.1': 12, 'FIA_UAU.5': 6, 'FIA_UAU.7': 7, 'FIA_UID.1': 14, 'FIA_USB.1': 11, 'FIA_USB.2': 14, 'FIA_USB.2.1': 2, 'FIA_USB.2.2': 2, 'FIA_USB.2.3': 2, 'FIA_USB.2.4': 2, 'FIA_AFL.1.1': 1, 'FIA_AFL.1.2': 1, 'FIA_ATD.1.1': 2, 'FIA_SOS.1.1': 1, 'FIA_UAU.1.1': 1, 'FIA_UAU.1.2': 1, 'FIA_UAU.5.1': 1, 'FIA_UAU.5.2': 1, 'FIA_UAU.7.1': 1, 'FIA_UID.1.1': 1, 'FIA_UID.1.2': 1, 'FIA_USB.1.1': 1, 'FIA_USB.1.2': 1, 'FIA_USB.1.3': 1}, 'FMT': {'FMT_MSA.1': 45, 'FMT_MSA.3': 47, 'FMT_MTD.1': 63, 'FMT_REV.1': 15, 'FMT_SMF.1': 44, 'FMT_SMR.1': 49, 'FMT_MSA.1.1': 5, 'FMT_MSA.3.1': 5, 'FMT_MSA.3.2': 5, 'FMT_MTD.1.1': 8, 'FMT_REV.1.1': 2, 'FMT_REV.1.2': 2, 'FMT_SMF.1.1': 1, 'FMT_SMR.1.1': 1, 'FMT_SMR.1.2': 1}, 'FPT': {'FPT_TDC.1': 15, 'FPT_STM.1': 1, 'FPT_TDC.1.1': 2, 'FPT_TDC.1.2': 2}}, 'cc_claims': {'D': {'D.FILESYS.ACCESS': 2, 'D.FILESYS.AC-': 1, 'D.RESET': 5, 'D.ADD': 18, 'D.ADDRING': 1, 'D.ALTER': 19, 'D.CONNECT': 3, 'D.DELETE': 5, 'D.DELRING': 1, 'D.EXPORT': 3, 'D.GENCERT': 4, 'D.GENREQ': 1, 'D.IMPORT': 1, 'D.REKEY': 4, 'D.REMOVE': 1, 'D.IDS': 4}, 'O': {'O.AUDITING': 8, 'O.DISCRETIONARY.ACCESS': 14, 'O.MANAGE': 28, 'O.PROGRAM_INTEGRITY_SUPPORT': 5, 'O.LS.CONFIDENTIALITY': 8, 'O.LS.LABEL': 9, 'O.PROGRAM_INTEGRITY_S': 1}, 'T': {'T.GRANULAR': 28, 'T.ACCESS.TSFDATA': 6, 'T.ACCESS.USERDATA': 5, 'T.ACCESS.TSFFUNC': 6, 'T.IA.MASQUERADE': 4, 'T.IA.USER': 4, 'T.SENSITIVITY': 4, 'T.ADD': 24, 'T.LIST': 6, 'T.BIND': 6, 'T.CONNECT': 16, 'T.CON-': 6, 'T.GENCERT': 10, 'T.-': 3, 'T.EXPORT': 3, 'T.REMOVE': 10, 'T.LISTRING': 8, 'T.ADDRING': 3, 'T.DELRING': 3, 'T.DELETE': 4, 'T.ALTER': 8, 'T.USER': 3, 'T.AUTOAPPL': 1, 'T.AUTODIRECT': 1, 'T.AUTOPWD': 1, 'T.INCLUDE': 1, 'T.JESNODE': 1, 'T.PWSYNC': 1, 'T.TRACE': 1, 'T.DESCRIPTION': 1, 'T.LOCAL': 1, 'T.NODE': 1, 'T.OPERATIVE': 2, 'T.PREFIX': 1, 'T.PROTOCOL': 1, 'T.PURGE': 1, 'T.WDSQUAL': 1, 'T.WORKSPACE': 1, 'T.OWN-': 1}, 'A': {'A.MASQUERADE': 4, 'A.USER': 4, 'A.PHYSICAL': 3, 'A.MANAGE': 6, 'A.AUTHUSER': 4, 'A.TRAINEDUSER': 4, 'A.DETECT': 4, 'A.OPERATING_SYSTEM': 2, 'A.TRUSTED_PROGRAMS': 2, 'A.MULTIPLE': 6, 'A.OPERATING_SY': 1, 'A.TRUSTED_PRO-': 1}, 'R': {'R.RACDCERT.GRANULAR': 28, 'R.FILESYS.DIRSRCH': 4, 'R.-': 2, 'R.FILESYS.A-': 1, 'R.FILESYS': 2, 'R.WRITE-': 1, 'R.FILESYS.CHANGEPERMS': 1, 'R.PASSWORD.RESET': 5, 'R.PWRE-': 2, 'R.PGMSECURITY': 2, 'R.FILESYS.ACL.ACLOVERRIDE': 1, 'R.WRITEDOWN.BYUSER': 2, 'R.PROGCTL': 1, 'R.FILESYS.ACLOVERRIDE': 1, 'R.DIGTCERT.ADD': 24, 'R.DIGTCERT.LIST': 4, 'R.DIGTCERT.BIND': 6, 'R.DIGTCERT.CONNECT': 15, 'R.DIGTCERT.CON-': 6, 'R.DIGTCERT.GENCERT': 10, 'R.DIGTCERT.-': 3, 'R.DIGTCERT.LISTRING': 8, 'R.DIGTCERT.ADDRING': 3, 'R.DIGTCERT.REMOVE': 9, 'R.DIGTCERT.DELRING': 3, 'R.DIGTCERT.DELETE': 4, 'R.DIGTCERT.ALTER': 8, 'R.LISTUSER': 2, 'R.PWRESET.OWN-': 1, 'R.PROGRAM.SIGNATURE.VERIFICATION': 2, 'R.PROGRAM.SIGNING': 1}, 'OE': {'OE.ADMIN': 5, 'OE.INFO_PROTECT': 6, 'OE.INSTALL': 4, 'OE.MAINTENANCE': 3, 'OE.PHYSICAL': 3, 'OE.RECOVER': 3, 'OE.OS_SEP': 6, 'OE.TRUSTED_PROGRAMS': 6}}, 'vendor': {'STMicroelectronics': {'STM': 3}}, 'eval_facility': {}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 3, 'AES128': 2, 'AES256': 1}}, 'DES': {'DES': {'DES': 12}}}, 'asymmetric_crypto': {'ECC': {'ECC': {'ECC': 2}}, 'FF': {'DSA': {'DSA': 1}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA2': {'SHA256': 2}}}, 'crypto_scheme': {'MAC': {'MAC': 6}, 'KA': {'KA': 4}}, 'crypto_protocol': {'TLS': {'SSL': {'SSL': 7}, 'TLS': {'TLS': 8}}, 'PACE': {'PACE': 1}}, 'randomness': {'RNG': {'RNG': 1}}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {'SCA': {'SPA': 1}, 'FI': {'DFA': 3}}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {'IBM': {'SE': 15}}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'PKCS': {'PKCS#11': 9, 'PKCS#1': 1, 'PKCS #11': 3, 'PKCS#7': 2, 'PKCS#12': 3, 'PKCS #1': 1}, 'X509': {'X.509': 2}, 'CC': {'CCMB-2017-04-002': 1, 'CCMB-2017-04-004': 1}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}
.
The computed heuristics were updated.
- The _type property was set to
Heuristics
.
- The report_metadata property was updated, with the
-
14.06.2022 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The following values were inserted:
{'report_pdf_hash': '48a942a7603d10a18cb73a9a57d258202f6943ebe8b4015f7f79e24ed24806d7', 'st_pdf_hash': '7fbcb23f0142b01d9149c86783be9fa637d7ebba1f7238be595e9ddc0ba89e86', 'report_txt_hash': 'a255c0a874d245d426a9f15d0f60dbd8c8d805bd0c9d6f1deaf74e14c0c194a7', 'st_txt_hash': 'cd316affc9a11934eef2e3da5ab8dd00f4209cc4868f5704badd2e249d288d17'}
.
The PDF extraction data was updated.
- The report_keywords property was updated, with the
{'rules_symmetric_crypto': {'TDES': 3}, 'rules_asymmetric_crypto': {}, 'rules_pq_crypto': {}, 'rules_hashes': {'SHA256': 1}, 'rules_crypto_schemes': {'MAC': 4, 'SSL': 2, 'TLS': 5}, 'rules_randomness': {}, 'rules_tee': {'SE': 1}, 'rules_side_channels': {'side channel': 1}}
values inserted. - The st_keywords property was updated, with the
{'rules_symmetric_crypto': {'AES': 3, 'AES128': 2, 'AES256': 1, 'DES': 12}, 'rules_asymmetric_crypto': {'ECC': 2, 'DSA': 1}, 'rules_pq_crypto': {}, 'rules_hashes': {'SHA256': 2}, 'rules_crypto_schemes': {'PACE': 1, 'MAC': 6, 'SSL': 7, 'TLS': 8}, 'rules_randomness': {'RNG': 1}, 'rules_tee': {'SE': 15}, 'rules_side_channels': {}}
values inserted.
- The following values were inserted:
-
21.05.2022 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The cpe_matches property was updated, with the
{'_type': 'Set', 'elements': ['cpe:2.3:o:ibm:z\\/os:2.1.0:*:*:*:*:*:*:*']}
values discarded.
- The cpe_matches property was updated, with the
-
13.05.2022 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The following values were inserted:
{'extracted_sars': {'_type': 'Set', 'elements': [{'_type': 'SAR', 'family': 'AVA_VAN', 'level': 4}, {'_type': 'SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'SAR', 'family': 'ADV_TDS', 'level': 4}, {'_type': 'SAR', 'family': 'ALC_TAT', 'level': 2}, {'_type': 'SAR', 'family': 'ASE_INT', 'level': 1}, {'_type': 'SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'SAR', 'family': 'ALC_LCD', 'level': 1}, {'_type': 'SAR', 'family': 'ATE_DPT', 'level': 3}, {'_type': 'SAR', 'family': 'ATE_COV', 'level': 2}, {'_type': 'SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'SAR', 'family': 'ALC_CMS', 'level': 5}, {'_type': 'SAR', 'family': 'ADV_INT', 'level': 2}, {'_type': 'SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'SAR', 'family': 'ALC_FLR', 'level': 3}, {'_type': 'SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'SAR', 'family': 'ADV_FSP', 'level': 5}, {'_type': 'SAR', 'family': 'ALC_CMC', 'level': 4}, {'_type': 'SAR', 'family': 'ALC_DVS', 'level': 1}]}}
.
- The following values were inserted:
-
24.04.2022 The certificate data changed.
Certificate changed
The PDF extraction data was updated.
- The report_keywords property was updated, with the
{'rules_cert_id': {'__update__': {'OCSI/CERT/ATS/09/2018/RC': 37}, '__delete__': ['OCSI/CERT/ATS/01/2018 [ZOS-RC]. Therefore, the z/OS test setup and test framework also applies to RACF testing and can be summarized as follows: FVT for z/OS is largely performed on the VICOM test system. This is an enhanced z/VM system implementing the z/Architecture abstract machine interface. It allows testers to bring up individual, virtual test machines running z/OS with access to virtualized peripherals such as disks and network connections. For the purpose of the security function tests, this environment is fully equivalent to the machines running z/OS. This environment was also used by the Evaluators for their independent testing. IBM has provided a common test framework for tests that can be automated. COMSEC is an environment that can be operated in standard mode or Labeled Security mode. The BERD (Background Environment Random Driver) test driver submits the test cases as JES2 jobs. IBM’s intention is to move more and more tests to this automated environment, which will ease the test effort required for the evaluations substantially. Starting with V1R9 a substantial number of tests has been ported to this environment. Additionally, most test teams ran their manual tests in the COMSEC test environment, which provides a complete test environment in the evaluated configuration of the TOE in the different modes of operation. The test systems were running z/OS Version 2 Release 3 in the evaluated configuration. The SDF team provided a pre-installed system image for VICOM and for the machines running the COMSEC tests, thus ensuring that the CCEB software version was used for all tests. The additional PTFs were applied to the VICOM and COMSEC systems as they became available, with any security-relevant tests for the PTFs being successfully re-run. For some APARs claimed by the ST, which have not been installed on the test systems, an analysis of their security impact revealed that they actually have no effect at all on the TOE functionality being tested. 11.2.1 Testing approach IBM’s general test approach is defined in the process for Integrated Product Development (IPD) with Developer tests, functional verification tests (FVT), and system verification tests (SVT). Per release, an overall effort of more than 100 person years is spent on FVT and SVT for the z/OS components, including the RACF component. FVT and SVT is performed by independent test teams, with testers being independent from the Developers. The different test teams have developed their own individual test and test documentation tools, but all implement the requirements set forth in the IPD documentation. Page 34 of 37 OCSI/CERT/ATS/09/2018/RC']}}
data.
The computed heuristics were updated.
- The following values were inserted:
{'direct_dependency_cves': None, 'indirect_dependency_cves': None}
.
- The report_keywords property was updated, with the
-
08.03.2022 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The following values were inserted:
{'st_references': {'_type': 'References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'report_references': {'_type': 'References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}}
. - The following properties were deleted:
['directly_affected_by', 'indirectly_affected_by', 'directly_affecting', 'indirectly_affecting']
.
- The following values were inserted:
-
18.02.2022 The certificate data changed.
Certificate changed
The PDF extraction data was updated.
- The report_frontpage property was updated, with the
{'nscib': {}, 'niap': {}, 'canada': {}}
values inserted. - The st_frontpage property was updated, with the
{'nscib': {}, 'niap': {}, 'canada': {}}
values inserted. - The report_keywords property was updated, with the
{'rules_cert_id': {'__insert__': {'OCSI/CERT/ATS/01/2018 [ZOS-RC]. Therefore, the z/OS test setup and test framework also applies to RACF testing and can be summarized as follows: FVT for z/OS is largely performed on the VICOM test system. This is an enhanced z/VM system implementing the z/Architecture abstract machine interface. It allows testers to bring up individual, virtual test machines running z/OS with access to virtualized peripherals such as disks and network connections. For the purpose of the security function tests, this environment is fully equivalent to the machines running z/OS. This environment was also used by the Evaluators for their independent testing. IBM has provided a common test framework for tests that can be automated. COMSEC is an environment that can be operated in standard mode or Labeled Security mode. The BERD (Background Environment Random Driver) test driver submits the test cases as JES2 jobs. IBM’s intention is to move more and more tests to this automated environment, which will ease the test effort required for the evaluations substantially. Starting with V1R9 a substantial number of tests has been ported to this environment. Additionally, most test teams ran their manual tests in the COMSEC test environment, which provides a complete test environment in the evaluated configuration of the TOE in the different modes of operation. The test systems were running z/OS Version 2 Release 3 in the evaluated configuration. The SDF team provided a pre-installed system image for VICOM and for the machines running the COMSEC tests, thus ensuring that the CCEB software version was used for all tests. The additional PTFs were applied to the VICOM and COMSEC systems as they became available, with any security-relevant tests for the PTFs being successfully re-run. For some APARs claimed by the ST, which have not been installed on the test systems, an analysis of their security impact revealed that they actually have no effect at all on the TOE functionality being tested. 11.2.1 Testing approach IBM’s general test approach is defined in the process for Integrated Product Development (IPD) with Developer tests, functional verification tests (FVT), and system verification tests (SVT). Per release, an overall effort of more than 100 person years is spent on FVT and SVT for the z/OS components, including the RACF component. FVT and SVT is performed by independent test teams, with testers being independent from the Developers. The different test teams have developed their own individual test and test documentation tools, but all implement the requirements set forth in the IPD documentation. Page 34 of 37 OCSI/CERT/ATS/09/2018/RC': 1}, '__update__': {'OCSI/CERT/ATS/09/2018/RC': 36}}}
data.
The computed heuristics were updated.
- The extracted_versions property was set to
{'_type': 'Set', 'elements': ['2', '3']}
. - The cpe_matches property was set to
{'_type': 'Set', 'elements': ['cpe:2.3:o:ibm:z\\/os:2.2.0:*:*:*:*:*:*:*', 'cpe:2.3:o:ibm:z\\/os:2.3.0:*:*:*:*:*:*:*', 'cpe:2.3:o:ibm:z\\/os:2.1.0:*:*:*:*:*:*:*']}
.
- The report_frontpage property was updated, with the
-
11.02.2022 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The cpe_matches property was updated, with the
[[0, 'cpe:2.3:o:ibm:z\\/os:2.2.0:*:*:*:*:*:*:*']]
values inserted.
- The cpe_matches property was updated, with the
-
03.02.2022 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The cpe_matches property was updated, with the
[[2, 'cpe:2.3:o:ibm:z\\/os:2.2.0:*:*:*:*:*:*:*']]
values inserted.
- The cpe_matches property was updated, with the
-
28.01.2022 The certificate was first processed.
New certificate
A new Common Criteria certificate with the product name IBM RACF for z/OS Version 2 Release 3 was processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "Operating Systems",
"cert_link": null,
"dgst": "95c69029642bdb41",
"heuristics": {
"_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
"annotated_references": null,
"cert_id": "OCSI/CERT/ATS/09/2018/RC",
"cert_lab": null,
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_CCL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_PRE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_IMP",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_OBJ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DVS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DEL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_TDS",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_INT",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_ARC",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_COV",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_REQ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMC",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 5
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_FLR",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_FUN",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_INT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_TSS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_OPE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_LCD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_TAT",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_ECD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_DPT",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_IND",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 5
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_SPD",
"level": 1
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"3",
"2"
]
},
"indirect_transitive_cves": null,
"related_cves": null,
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": {
"_type": "Set",
"elements": [
"OCSI/CERT/ATS/03/2022/RC"
]
},
"directly_referencing": {
"_type": "Set",
"elements": [
"OCSI/CERT/ATS/01/2018/RC"
]
},
"indirectly_referenced_by": {
"_type": "Set",
"elements": [
"OCSI/CERT/ATS/03/2022/RC"
]
},
"indirectly_referencing": {
"_type": "Set",
"elements": [
"OCSI/CERT/ATS/01/2018/RC"
]
}
},
"scheme_data": {
"certification_date": " 16 settembre\n\t\t\t\t\t\t\t\t\t\t\t2019",
"clarification_note_link": "https://www.ocsi.gov.it/documenti/certificazioni/ibm/racf/nota_ocsi_rc_racfv2r3.pdf",
"level": " EAL5+",
"report_link_en": "https://www.ocsi.gov.it/documenti/certificazioni/ibm/racf/cr_racfv2r3_v1.0_en.pdf",
"report_link_it": "https://www.ocsi.gov.it/documenti/certificazioni/ibm/racf/rc_racfv2r3_v1.0_it.pdf",
"supplier": " IBM Corporation",
"target_link": "https://www.ocsi.gov.it/documenti/certificazioni/ibm/racf/st_racfv2r3_v5.5_public.pdf",
"title": "IBM RACF for z/OS Version 2 Release 3"
},
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": []
},
"manufacturer": "IBM Corporation",
"manufacturer_web": "https://www.ibm.com",
"name": "IBM RACF for z/OS Version 2 Release 3",
"not_valid_after": "2024-09-16",
"not_valid_before": "2019-09-16",
"pdf_data": {
"_type": "sec_certs.sample.cc.CCCertificate.PdfData",
"cert_filename": null,
"cert_frontpage": null,
"cert_keywords": null,
"cert_metadata": null,
"report_filename": "cr_racfv2r3_v1.0_en.pdf",
"report_frontpage": {},
"report_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {
"IT": {
"OCSI/CERT/ATS/01/2018/RC": 1,
"OCSI/CERT/ATS/09/2018/RC": 37
}
},
"cc_claims": {
"O": {
"O.J": 1
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"ADV": {
"ADV_ARC.1": 1,
"ADV_FSP.5": 1,
"ADV_IMP.1": 1,
"ADV_INT.2": 1,
"ADV_TDS.4": 1
},
"AGD": {
"AGD_OPE.1": 1,
"AGD_PRE.1": 1
},
"ALC": {
"ALC_CMC.4": 1,
"ALC_CMS.5": 1,
"ALC_DEL.1": 1,
"ALC_DVS.1": 1,
"ALC_FLR": 1,
"ALC_FLR.3": 7,
"ALC_LCD.1": 1,
"ALC_TAT.2": 1
},
"ASE": {
"ASE_CCL.1": 1,
"ASE_ECD.1": 1,
"ASE_INT.1": 1,
"ASE_OBJ.2": 1,
"ASE_REQ.2": 1,
"ASE_SPD.1": 1,
"ASE_TSS.1": 1
},
"ATE": {
"ATE_COV.2": 1,
"ATE_DPT.3": 1,
"ATE_FUN.1": 1,
"ATE_IND.2": 1
},
"AVA": {
"AVA_VAN.4": 1
}
},
"cc_security_level": {
"EAL": {
"EAL2": 2,
"EAL4": 1,
"EAL5": 6,
"EAL5 augmented": 2
}
},
"cc_sfr": {
"FAU": {
"FAU_GEN.1": 1,
"FAU_GEN_SUB.1": 1
},
"FIA": {
"FIA_USB.1": 1,
"FIA_USB.2": 3
}
},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"SSH": {
"SSH": 1
},
"TLS": {
"SSL": {
"SSL": 2
},
"TLS": {
"TLS": 3
}
}
},
"crypto_scheme": {
"MAC": {
"MAC": 4
}
},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"atsec": {
"atsec": 4
}
},
"hash_function": {
"SHA": {
"SHA2": {
"SHA256": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {
"SCA": {
"side channel": 1
}
},
"standard_id": {
"CC": {
"CCMB-2017-04-001": 1,
"CCMB-2017-04-002": 1,
"CCMB-2017-04-003": 1,
"CCMB-2017-04-004": 1
},
"ISO": {
"ISO/IEC 15408": 2
}
},
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"report_metadata": {
"/Author": "ocsi",
"/CreationDate": "D:20190924103208+02\u002700\u0027",
"/Creator": "Microsoft\u00ae Word 2010",
"/ModDate": "D:20190924103208+02\u002700\u0027",
"/Producer": "Microsoft\u00ae Word 2010",
"/Title": "Certfication Report \u201cRACF for z/OS Version 2 Release 3\u201d",
"pdf_file_size_bytes": 734713,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 37
},
"st_filename": "st_racfv2r3_v5.5_public.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 2
}
},
"FF": {
"DSA": {
"DSA": 1
}
}
},
"cc_cert_id": {},
"cc_claims": {
"A": {
"A.AUTHUSER": 2,
"A.DETECT": 3,
"A.MANAGE": 6,
"A.OPERATING_SY": 1,
"A.OPERATING_SYSTEM": 2,
"A.PHYSICAL": 3,
"A.TRAINEDUSER": 4,
"A.TRUSTED_PRO-": 1,
"A.TRUSTED_PROGRAMS": 2
},
"O": {
"O.AUDITING": 8,
"O.DISCRETIONARY": 14,
"O.LS": 17,
"O.MANAGE": 28,
"O.PROGRAM_INTEGRITY_S": 1,
"O.PROGRAM_INTEGRITY_SUPPORT": 5
},
"OE": {
"OE.ADMIN": 5,
"OE.INFO_PROTECT": 6,
"OE.INSTALL": 4,
"OE.MAINTENANCE": 3,
"OE.OS_SEP": 6,
"OE.PHYSICAL": 3,
"OE.RECOVER": 3,
"OE.TRUSTED_PROGRAMS": 6
},
"R": {
"R.DIGTCERT": 31,
"R.LU": 1,
"R.PWRESET": 1
},
"T": {
"T.ACCESS": 17,
"T.IA": 8,
"T.SENSITIVITY": 4
}
},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP-0067": 1
}
},
"cc_sar": {
"ADV": {
"ADV_ARC.1": 1,
"ADV_FSP.5": 1,
"ADV_IMP.1": 1,
"ADV_INT.2": 1,
"ADV_TDS.4": 1
},
"AGD": {
"AGD_OPE.1": 1,
"AGD_PRE.1": 1
},
"ALC": {
"ALC_CMC.4": 1,
"ALC_DEL.1": 1,
"ALC_DVS.1": 1,
"ALC_FLR.3": 3,
"ALC_LCD.1": 1,
"ALC_TAT.2": 1
},
"ATE": {
"ATE_COV.2": 1,
"ATE_DPT.3": 1,
"ATE_FUN.1": 1,
"ATE_IND.2": 1
},
"AVA": {
"AVA_VAN.4": 1
}
},
"cc_security_level": {
"EAL": {
"EAL5": 1
}
},
"cc_sfr": {
"FAU": {
"FAU_GEN.1": 4,
"FAU_GEN.1.1": 1,
"FAU_GEN.1.2": 1,
"FAU_GEN.2": 8,
"FAU_GEN.2.1": 1,
"FAU_GEN_SUB.1": 17,
"FAU_GEN_SUB.1.1": 1,
"FAU_GEN_SUB.1.2": 1,
"FAU_SAR.1": 8,
"FAU_SAR.1.1": 1,
"FAU_SAR.1.2": 1,
"FAU_SEL.1": 7,
"FAU_SEL.1.1": 1
},
"FCS": {
"FCS_CKM.1": 1,
"FCS_CKM.4": 2,
"FCS_COP.1": 8,
"FCS_COP.1.1": 1
},
"FDP": {
"FDP_ACC.1": 37,
"FDP_ACC.1.1": 4,
"FDP_ACF.1": 33,
"FDP_ACF.1.1": 4,
"FDP_ACF.1.2": 5,
"FDP_ACF.1.3": 4,
"FDP_ACF.1.4": 4,
"FDP_IFC.1": 6,
"FDP_IFC.2": 8,
"FDP_IFC.2.1": 1,
"FDP_IFC.2.2": 1,
"FDP_IFF.1": 1,
"FDP_IFF.2": 7,
"FDP_IFF.2.1": 1,
"FDP_IFF.2.2": 1,
"FDP_IFF.2.3": 1,
"FDP_IFF.2.4": 1,
"FDP_IFF.2.5": 1,
"FDP_IFF.2.6": 1,
"FDP_ITC.1": 2,
"FDP_ITC.2": 1,
"FDP_MSA.1": 1
},
"FIA": {
"FIA_AFL.1": 7,
"FIA_AFL.1.1": 1,
"FIA_AFL.1.2": 1,
"FIA_ATD.1": 16,
"FIA_ATD.1.1": 2,
"FIA_SOS.1": 7,
"FIA_SOS.1.1": 1,
"FIA_UAU.1": 10,
"FIA_UAU.1.1": 1,
"FIA_UAU.1.2": 1,
"FIA_UAU.5": 7,
"FIA_UAU.5.1": 1,
"FIA_UAU.5.2": 1,
"FIA_UAU.7": 6,
"FIA_UAU.7.1": 1,
"FIA_UID.1": 11,
"FIA_UID.1.1": 1,
"FIA_UID.1.2": 1,
"FIA_USB.1": 12,
"FIA_USB.1.1": 1,
"FIA_USB.1.2": 1,
"FIA_USB.1.3": 1,
"FIA_USB.2": 13,
"FIA_USB.2.1": 2,
"FIA_USB.2.2": 2,
"FIA_USB.2.3": 2,
"FIA_USB.2.4": 2
},
"FMT": {
"FMT_MSA.1": 41,
"FMT_MSA.1.1": 5,
"FMT_MSA.3": 42,
"FMT_MSA.3.1": 5,
"FMT_MSA.3.2": 5,
"FMT_MTD.1": 61,
"FMT_MTD.1.1": 8,
"FMT_REV.1": 15,
"FMT_REV.1.1": 2,
"FMT_REV.1.2": 2,
"FMT_SMF.1": 26,
"FMT_SMF.1.1": 1,
"FMT_SMR.1": 31,
"FMT_SMR.1.1": 1,
"FMT_SMR.1.2": 1
},
"FPT": {
"FPT_STM.1": 1,
"FPT_TDC.1": 15,
"FPT_TDC.1.1": 2,
"FPT_TDC.1.2": 2
}
},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"TLS": {
"SSL": {
"SSL": 5
},
"TLS": {
"TLS": 4
}
}
},
"crypto_scheme": {
"MAC": {
"MAC": 6
}
},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {
"SHA": {
"SHA2": {
"SHA256": 2
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"CC": {
"CCMB-2017-04-002": 1,
"CCMB-2017-04-004": 1
},
"PKCS": {
"PKCS #1": 1,
"PKCS #11": 3,
"PKCS#1": 1,
"PKCS#11": 9,
"PKCS#12": 3,
"PKCS#7": 2
},
"X509": {
"X.509": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES128": 2,
"AES256": 2
}
},
"DES": {
"DES": {
"DES": 5
}
}
},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"st_metadata": {
"/Author": "Walter Farrell, Helmut Kurth",
"/CreationDate": "D:20190903083121+02\u002700\u0027",
"/Creator": "Writer",
"/Producer": "LibreOffice 6.2",
"/Subject": "RACF EAL5 Evaluation",
"/Title": "Security Target for IBM RACF for z/OS Version 2 Release 3",
"pdf_file_size_bytes": 3204384,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://www.sdsusa.com/dictionary/glossAZ/r.htm#racf"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 179
}
},
"protection_profiles": {
"_type": "Set",
"elements": []
},
"report_link": "https://www.commoncriteriaportal.org/files/epfiles/cr_racfv2r3_v1.0_en.pdf",
"scheme": "IT",
"security_level": {
"_type": "Set",
"elements": [
"ALC_FLR.3",
"EAL5+"
]
},
"st_link": "https://www.commoncriteriaportal.org/files/epfiles/st_racfv2r3_v5.5_public.pdf",
"state": {
"_type": "sec_certs.sample.cc.CCCertificate.InternalState",
"cert": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": false,
"download_ok": false,
"extract_ok": false,
"pdf_hash": null,
"txt_hash": null
},
"report": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "48a942a7603d10a18cb73a9a57d258202f6943ebe8b4015f7f79e24ed24806d7",
"txt_hash": "a255c0a874d245d426a9f15d0f60dbd8c8d805bd0c9d6f1deaf74e14c0c194a7"
},
"st": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "7fbcb23f0142b01d9149c86783be9fa637d7ebba1f7238be595e9ddc0ba89e86",
"txt_hash": "cd316affc9a11934eef2e3da5ab8dd00f4209cc4868f5704badd2e249d288d17"
}
},
"status": "active"
}