- Product Name :
- Certificate Validation Server
- Version of TOE :
- 03-00
- Product Type :
- IT Product (PKI)
- Certification No. :
- C0135
- Date :
- 2007-12-26
- Version of Common Criteria:
- 2.3
- Conformance Claim :
- EAL2
- PP Identifier :
- None
- Vendor :
- Hitachi, Ltd.
-
- POC :
- Masahiko FURUYA
- Division :
- Government & Public Corporation Information Systems Division.
- Phone :
- +81-3-5632-7495
- E-mail :
-
- Evaluation Facility :
- Information Technology Security Center
PRODUCT DESCRIPTION
The TOE is a server-side software product that validates X.509 (international standard)-compliant digital certificates, responding to certificate validation requests from users. This software provides one of the following two services (A TOE operator chooses either service, and provides it for users.):
-
- certificate validation service based on the RFC3280-defined certificate path
validation algorithm; and
- certificate validation service based on the RFC2560-defined OCSP protocol.
The main security functions provided by the TOE are:
-
- data protection (preventing the certificate validation result created by the TOE from
being changed);
- data integrity verification (detecting changes of CA certificate and CRL used in
certificate validation);
- identification and authentication (identification and authentication for operators
before they use management function of the TOE); and
- audit (referring to and collecting audit logs about security functions).