Last Updated 2017-03-23
- Product Name :
- SQL Server 2016 Database Engine Enterprise Edition x64 (English)
- Version of TOE :
- 13.0.4001.0 (including Service Pack 1)
- Product Type :
- Database Management System (DBMS)
- Certification No. :
- C0537
- Date :
- 2017-02-15
- Version of Common Criteria:
- 3.1 Release4
- Conformance Claim :
- EAL2 Augmented with ALC_FLR.2
- PP Identifier :
- Base Protection Profile for Database Management Systems (DBMS PP), Version 2.07
- Vendor :
- Microsoft Corporation
-
- POC :
- Roger French
- Division :
- Microsoft Corporation
- Phone :
- +1-425-706-8550
- E-mail :
-
- Evaluation Facility :
-
TÜV Informationstechnik GmbH,
Evaluation Body for IT-Security
- Certification/Validation Report :
(236 KB)(2017-03-23) - CC Certificate Image :
(406 KB)(2016-03-23) - Security Target :
(1.37 MB)(2016-03-23)
PRODUCT DESCRIPTION
Description of TOE
The TOE is the database engine of SQL Server 2016. SQL Server is a Database Management System (DBMS). The TOE has been developed as the core module of the DBMS to store and manage data in a secure way.
TOE security functionality
This TOE provides the following security functionality:
- | The Access Control function of the TOE controls the access of users to user data and metadata stored in the TOE. |
- | The Session Handling function of the TOE limits the possibilities of users to establish sessions with the TOE. |
- | The Security Audit function of the TOE produces log files about all security relevant events. |
- | The Security Management function allows authorized administrators to manage the behavior of the security functionality of the TOE. |
- | The Identification and Authentication function of the TOE is able to identify and authenticate users. |
- | The Residual Information Protection function of the TOE overwrites the residual information on the memory that will be used for user sessions. |