Certified/Validated Products List

EAL1

Hewlett-Packard Japan, Ltd

PRODUCT DESCRIPTION

Description of TOE

The TOE is the Single Sign-On software solution product, which enables the access control for web clients to web applications.
The TOE has the following major security functions:

- Authentication
- Access control for web applications
- Configuration management

TOE security functionality

Authentication: When users access contents on the backend Web servers, the TOE validate and authenticate users with User IDs/Passwords through the authentication server.
Access control for web applications: Only when users' groups have access authorization to requested URLs, the TOE relays the requests from IceWall Sever to the backend web servers.
Users are connected with groups.
Configuration management: The TOE has the configuration management capability that the IceWall SSO administrators perform the following:

- setting configuration information to the configuration files of IceWall server
  and authentication servers.
- managing the configuration files.

Security functional requirements

This TOE implements the following security functional requirements.

Security audit	Non-repudiation of origin/receipt	Cryptographic functionality	Access control
Data authentication	Export data protection	Information flow control	Import data protection
Internal transfer data protection	Residual information protection	Rollback	Stored data integrity
Transfer data confidentiality	Transfer data integrity	Identification and authentication	Security management
Privacy Control	Security functionality protection	Resource utilisation management	TOE access control
Trusted path/channels