Last Updated 2015-07-24
- Product Name :
- Microsoft SQL Server 2014 Database Engine Enterprise Edition x64 (English)
- Version of TOE :
- 12.0.2000.8
- Product Type :
- Database Management System (DBMS)
- Certification No. :
- C0475
- Date :
- 2015-06-16
- Version of Common Criteria:
- 3.1 Release4
- Conformance Claim :
- EAL2 Augmented with ALC_FLR.2
- PP Identifier :
- U.S. Government Protection Profile for Database Management Systems, Version 1.3
- Vendor :
- Microsoft Corporation
-
- POC :
- Roger French
- Division :
- Microsoft Corporation
- Phone :
- +1-425-706-8550
- E-mail :
-
- Evaluation Facility :
- TÜV Informationstechnik GmbH, Evaluation Body for IT-Security
- Certification/Validation Report :
(228 KB)(2015-07-24) - CC Certificate Image :
(406 KB)(2015-07-08) - Security Target :
(582 KB)(2015-07-24)
PRODUCT DESCRIPTION
Description of TOE
The TOE is the database engine of SQL Server 2014. SQL Server is a Database Management System (DBMS). The TOE has been developed as the core module of the DBMS to store and manage data in a secure way.
TOE security functionality
This TOE provides the following security functionality:
- | The Access Control function of the TOE controls the access of users to user data and metadata stored in the TOE. |
- | The Session Handling function of the TOE limits the possibilities of users to establish sessions with the TOE. |
- | The Security Audit function of the TOE produces log files about all security relevant events. |
- | The Security Management function allows authorized administrators to manage the behavior of the security functionality of the TOE. |
- | The Identification and Authentication function of the TOE is able to identify and authenticate users. |
- | The Residual Information Protection function of the TOE overwrites the residual information on the memory that will be used for user sessions. |