Last Updated 2008-02-27
- Product Name :
- NEC Group Information Leakage Prevention System
- Version of TOE :
- 1.0
- Product Type :
- Information Leakage Prevention System
- Certification No. :
- C0134
- Date :
- 2007-12-26
- Version of Common Criteria:
- 3.1
- Conformance Claim :
- EAL1 Augmented with ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1
- PP Identifier :
- None
- Vendor :
- NEC Corporation
-
- POC :
- Kenji Yoshifu
- Division :
- Corporate IT Division
- Phone :
- +81 3 5418 5261
- E-mail :
- Evaluation Facility :
- Electronic Commerce Security Technology Laboratory Inc.
- Certification/Validation Report :
(154 KB)(2008-02-27) - Security Target :
(605 KB) (2008-02-27)
PRODUCT DESCRIPTION
This TOE is an information leakage prevention system that is deployed throughout the NEC group companies. The TOE is designed to restrict the user's PC operations relevant to taking the information out of a PC. This is implemented by defining the PC control policy in accordance with the privilege assigned to each user by the TOE Administrator and enforcing that policy to each user PC.
The main security features of the TOE include identification and authentication, access control, cryptography and auditing.
[Identification and Authentication]
-
- A function to identify and authenticate a user
[Access Control]
-
- A function to control the input/output PC operations from or to its I/O port or a printer
- A function to control the execution of a user program
- A function to control the output of a file to the authorized external media
- A function to control the output of a file to the authorized USB device
- A function to control the creation and modification of the client control information
[Cryptography]
-
- A function to encrypt and decrypt a file
- A function to create an encryption/decryption key
- A function to encrypt/decrypt a file when inputting or outputting it from or to the
authorized externa media or the authorized USB device
[Auditing]
-
- A function to create logs and transfer them to a log server
- A function to view and search logs recorded in a log server