Certified/Validated Products List

NEC Group Secure Information Exchange Site 1.0

NEC Corporation
Last Updated 2008-08-07
Product Name :
NEC Group Secure Information Exchange Site
Version of TOE :
1.0
Product Type :
Secure Information Exchange System
Certification No. :
C0156
Date :
2008-04-25
Version of Common Criteria:
3.1
Conformance Claim :
EAL1 Augmented with ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1
PP Identifier :
None

PRODUCT DESCRIPTION

Description of TOE

This TOE is the business data exchange system that provides services for preventing the miss-delivery of business data and the information leakage in communications between internal users and customers. The basic operation of the TOE is as follows:

(1) An employee of NEC Group first creates an Area that is an administered data storage
    area, and then creates a folder in that Area.
(2) An internal user or a customer uploads business data to that folder.
(3) The uploaded data is then downloaded by internal users or customers for their business use.

The TOE provides the following service functions:

    - Upload
    - Download
    - Area Maintenance
    - User Maintenance
    - Set Personal Information
    - Administration

As security functions, the TOE protects the business data to be exchanged by the TOE from unauthorized access, miss-delivery and information leakage. It also collects audit logs.

TOE security functions

   [Identification and Authentication]

    A function to identify and authenticate the users of the TOE [Access Control]
    A function to control access to the business data based on the user roles of the
   TOE [Auditing]
    A function to generate and view the audit trail of the TOE [Cryptography]
    A function to encrypt and decrypt the communication data between the TOE and a user