- Product Name :
- Defense Platform Business Edition CC
- Version of TOE :
- Product Type :
- Whitelisting Anti-Malware Software
- Certification No. :
- Date :
- Version of Common Criteria:
- 3.1 Release4
- Conformance Claim :
- PP Identifier :
- Vendor :
- Humming Heads, Inc.
- POC :
- Yusuke Nakamura
- Division :
- President Staff Office
- Phone :
- E-mail :
- Evaluation Facility :
- Information Technology Security Center Evaluation Department
Description of TOE
The TOE is a whitelisting anti-malware product for PCs which have either Windows 8.1 Enterprise 64bit or Windows Server 2012 R2 Standard 64bit installed.
The TOE focuses on typical activities of malware such as concealing themselves and network transmission, and in order to prevent the said typical activities, the TOE provides security functions to control permission and rejection of a program’s action based on the whitelist which contains authorized actions as registered and permitted by the administrator.
Because the pre-set information in the TOE is program actions authorized by the administrator, there is no need to list or update information to detect individual malware.
TOE Security functions
The TOE provides the following security functions.
A function to control permission and rejection of program actions (e.g., network transmission and writing to system files and programs in execution) based on the whitelist.
A function to let the administrator change and configure whitelist settings and delete audit records.
A function to generate audit records and let the administrator extract them for analysis.
Security functional requirements
This TOE implements the following security functional requirements.
|Security audit||Non-repudiation of origin/receipt||Cryptographic functionality||Access control|
|Data authentication||Export data protection||Information flow control||Import data protection|
|Internal transfer data protection||Residual information protection||Rollback||Stored data integrity|
|Transfer data confidentiality||Transfer data integrity||Identification and authentication||Security management|
|Privacy Control||Security functionality protection||Resource utilisation management||TOE access control|