Certified/Validated Products List

NEC Group Information Leakage Prevention System 
1.0

NEC Corporation
Last Updated 2008-02-27
Product Name :
NEC Group Information Leakage Prevention System
Version of TOE :
1.0
Product Type :
Information Leakage Prevention System
Certification No. :
C0134
Date :
2007-12-26
Version of Common Criteria:
3.1
Conformance Claim :
EAL1 Augmented with ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1
PP Identifier :
None

PRODUCT DESCRIPTION

This TOE is an information leakage prevention system that is deployed throughout the NEC group companies. The TOE is designed to restrict the user's PC operations relevant to taking the information out of a PC. This is implemented by defining the PC control policy in accordance with the privilege assigned to each user by the TOE Administrator and enforcing that policy to each user PC.

The main security features of the TOE include identification and authentication, access control, cryptography and auditing.


[Identification and Authentication]

    - A function to identify and authenticate a user

[Access Control]

    - A function to control the input/output PC operations from or to its I/O port or a printer
    - A function to control the execution of a user program
    - A function to control the output of a file to the authorized external media
    - A function to control the output of a file to the authorized USB device
    - A function to control the creation and modification of the client control information

[Cryptography]

    - A function to encrypt and decrypt a file
    - A function to create an encryption/decryption key
    - A function to encrypt/decrypt a file when inputting or outputting it from or to the
        authorized externa media or the authorized USB device

[Auditing]

    - A function to create logs and transfer them to a log server
    - A function to view and search logs recorded in a log server