- Product Name :
- SafetyDomain
- Version of TOE :
- V04L01
- Product Type :
- Authentication Control Software
- Certification No. :
- C0192
- Date :
- 2008-10-30
- Version of Common Criteria:
- 3.1
- Conformance Claim :
- EAL2
- PP Identifier :
- None
- Vendor :
- FUJITSU LIMITED
-
- POC :
- Shuko Suehiro
- Division :
-
Security Solution Group
Safety Solution Division
4th System Department
- Phone :
- +81-44-434-1409
- E-mail :
-
- Evaluation Facility :
-
Mizuho Information & Research Institute, Inc.
Center for Evaluation of Information Security
PRODUCT DESCRIPTION
Description of TOE
SafetyDomain (TOE) is a software product for the client terminal that offers the function to change the input of ID and password which was executed by manual to the input based on IC card where ID and password are stored when logging on to the Windows PC.
In addition, SafetyDomain offers a function to change the input of ID and password based on IC card when the specified application executes the identification authentication.
SafetyDomain aims to protect services and the functions that Windows and applications software provide from exposing to the threat due to insufficiency of management of ID and password.
TOE security functions
In this evaluation, to achieve the above-mentioned main purpose, the identification authentication function (Windows logon function and Applications software authentication function) and IC card management function (for managers and for users) are assumed to be TOE security function.
TOE’s Windows logon function transfers PIN entered by the user who is going to log on to Windows to the IC card (a FeliCa card or Java Card).
When PIN is validated in TOE (in the case of a FeliCa card) or IC card (in the case of Java Card), ID and password (Windows logon password) of the user and domain information stored in the IC card are read.
Then, the identification authentication is requested to the identification authentication function that Windows offers.
As for the Applications software authentication function of TOE, as well as the above-mentioned, the PIN entered by the user is validated in TOE (in the case of a FeliCa card) or IC card (in the case of Java Card) and ID and password (the application password) of the user stored in IC card are read. After that the identification authentication is requested to the identification authentication function that the application offers.
IC card management function for managers is a function to set information (account management information and PIN code management information) in IC card, and to limit the change to managers.
Moreover, IC card management function for a user is a function to limit the change in information in IC card (PIN and password) to the user himself.