DOCSLIB.ORG

Security Target

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Security Target Microsoft Common Criteria Security Target Microsoft Windows Common Criteria Evaluation Microsoft Windows 10 version 1909 (November 2019 Update) Microsoft Windows Server version 1909 (November 2019 Update) Security Target Document Information Version Number 0.04 Updated On January 16, 2020 Microsoft © 2020 Page 1 of 164 Microsoft Common Criteria Security Target Version History Version Date Summary of changes 0.01 June 27, 2019 Initial draft 0.02 October 31, 2019 Updates from security target evaluation 0.03 January 16, 2020 Final version for certification bod 0.04 January 16, 2020 Version for publication Microsoft © 2020 Page 2 of 164 Microsoft Common Criteria Security Target This is a preliminary document and may be changed substantially prior to final commercial release of the software described herein. The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication. This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, AS TO THE INFORMATION IN THIS DOCUMENT. Complying with all applicable copyright laws is the responsibility of the user. This work is licensed under the Creative Commons Attribution-NoDerivs- NonCommercial License (which allows redistribution of the work). To view a copy of this license, visit http://creativecommons.org/licenses/by-nd-nc/1.0/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. The example companies, organizations, products, people and events depicted herein are fictitious. No association with any real company, organization, product, person or event is intended or should be inferred. © 2020 Microsoft Corporation. All rights reserved. Microsoft, Active Directory, Visual Basic, Visual Studio, Windows, the Windows logo, Windows NT, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. Microsoft © 2020 Page 3 of 164 Microsoft Common Criteria Security Target TABLE OF CONTENTS SECURITY TARGET .........................................................................................................................1 VERSION HISTORY ..............................................................................................................................2 TABLE OF CONTENTS ........................................................................................................................4 LIST OF TABLES .................................................................................................................................7 1 SECURITY TARGET INTRODUCTION ......................................................................................9 1.1 ST REFERENCE ........................................................................................................................9 1.2 TOE REFERENCE......................................................................................................................9 1.3 TOE OVERVIEW ......................................................................................................................9 1.3.1 TOE TYPES ....................................................................................................................................... 9 1.3.2 TOE USAGE .................................................................................................................................... 10 1.3.3 TOE SECURITY SERVICES ................................................................................................................... 10 1.3.4 NON-TOE HARDWARE, SOFTWARE, FIRMWARE IN THE EVALUATION ....................................................... 12 1.4 TOE DESCRIPTION ................................................................................................................. 12 1.4.1 EVALUATED CONFIGURATIONS ........................................................................................................... 12 1.4.2 SECURITY ENVIRONMENT AND TOE BOUNDARY ................................................................................... 13 1.4.2.1 Logical Boundaries ...................................................................................................................... 13 1.4.2.2 Physical Boundaries .................................................................................................................... 14 1.5 PRODUCT DESCRIPTION .......................................................................................................... 15 1.6 CONVENTIONS, TERMINOLOGY, ACRONYMS ................................................................................ 15 1.6.1 CONVENTIONS ................................................................................................................................ 15 1.6.2 TERMINOLOGY ................................................................................................................................ 16 1.6.3 ACRONYMS..................................................................................................................................... 19 1.7 ST OVERVIEW AND ORGANIZATION ........................................................................................... 19 2 CC CONFORMANCE CLAIMS ............................................................................................... 20 3 SECURITY PROBLEM DEFINITION ........................................................................................ 22 3.1 THREATS TO SECURITY ............................................................................................................ 22 3.2 ORGANIZATIONAL SECURITY POLICIES ......................................................................................... 26 3.3 SECURE USAGE ASSUMPTIONS .................................................................................................. 26 4 SECURITY OBJECTIVES ....................................................................................................... 28 Microsoft © 2020 Page 4 of 164 Microsoft Common Criteria Security Target 4.1 TOE SECURITY OBJECTIVES ...................................................................................................... 28 4.2 SECURITY OBJECTIVES FOR THE OPERATIONAL ENVIRONMENT .......................................................... 29 5 SECURITY REQUIREMENTS ................................................................................................. 31 5.1 TOE SECURITY FUNCTIONAL REQUIREMENTS ............................................................................... 31 5.1.1 SECURITY AUDIT (FAU) .................................................................................................................... 33 5.1.1.1 Audit Data Generation (FAU_GEN.1) and FAU_GEN.1(WLAN) ................................................... 33 5.1.1.2 Security Audit for IPsec Client EP ................................................................................................ 35 5.1.2 CRYPTOGRAPHIC SUPPORT (FCS) ....................................................................................................... 36 5.1.2.1 Cryptographic Support for GP OS PP .......................................................................................... 36 5.1.2.2 Cryptographic Support for WLAN Client EP ................................................................................ 40 5.1.2.3 Cryptographic Support for IPsec Client EP .................................................................................. 41 5.1.3 USER DATA PROTECTION (FDP) ......................................................................................................... 43 5.1.3.1 User Data Protection for GP OS PP ............................................................................................. 43 5.1.3.2 User Data Protection for IPsec Client EP ..................................................................................... 43 5.1.4 IDENTIFICATION AND AUTHENTICATION (FIA)....................................................................................... 43 5.1.4.1 Identification and Authentication for GP OS PP ......................................................................... 43 5.1.4.2 Identification and Authentication for WLAN Client EP ............................................................... 45 5.1.4.3 Identification and Authentication for IPsec Client EP ................................................................. 46 5.1.5 SECURITY MANAGEMENT (FMT) ....................................................................................................... 46 5.1.5.1 Security Management for GP OS PP ........................................................................................... 46 5.1.5.2 Security Management for WLAN Client EP ................................................................................
Load more

Recommended publications
  • Technical Evaluation and Legal Opinion of Warden: a Network Forensics Tool, Version 1.0 Author(S): Rod Yazdan, Newton Mccollum, Jennifer Ockerman, Ph.D
    NCJRS O FFICE OF JU STI CE PR OG RAM Se ~ N ATIONAL C RIMINAL JUSTICE REFERENCE SERVICE QJA BJS N/J OJJF OVC SMART '~ ..) The author(s) shown below used Federal funding provided by the U.S. Department of Justice to prepare the following resource: Document Title: Technical Evaluation and Legal Opinion of Warden: A Network Forensics Tool, Version 1.0 Author(s): Rod Yazdan, Newton McCollum, Jennifer Ockerman, Ph.D. Document Number: 252944 Date Received: May 2019 Award Number: 2013-MU-CX-K111 This resource has not been published by the U.S. Department of Justice. This resource is being made publically available through the Office of Justice Programs’ National Criminal Justice Reference Service. Opinions or points of view expressed are those of the author(s) and do not necessarily reflect the official position or policies of the U.S. Department of Justice. nl JOHNS HOPKINS ..APPLIED PHYSICS LABORATORY 11100 Johns Hopkins Road • Laurel, Maryland 20723-6099 AOS-18-1223 NIJ RT&E Center Project 15WA October 2018 TECHNICAL EVALUATION AND LEGAL OPINION OF WARDEN: A NETWORK FORENSICS TOOL Version 1.0 Rod Yazdan Newton McCollum Jennifer Ockerman, PhD Prepared for: r I I Nation~/ Institute Nl.I of Justice STRENGTHEN SCIENCE. ADVANCE JUSTICE. Prepared by: The Johns Hopkins University Applied Physics Laboratory 11100 Johns Hopkins Rd. Laurel, MD 20723-6099 Task No.: FGSGJ Contract No.: 2013-MU-CX-K111/115912 This project was supported by Award No. 2013-MU-CX-K111, awarded by the National Institute of Justice, Office of Justice Programs, U.S. Department of Justice.
    [Show full text]
  • Cygwin User's Guide
    Cygwin User’s Guide Cygwin User’s Guide ii Copyright © Cygwin authors Permission is granted to make and distribute verbatim copies of this documentation provided the copyright notice and this per- mission notice are preserved on all copies. Permission is granted to copy and distribute modified versions of this documentation under the conditions for verbatim copying, provided that the entire resulting derived work is distributed under the terms of a permission notice identical to this one. Permission is granted to copy and distribute translations of this documentation into another language, under the above conditions for modified versions, except that this permission notice may be stated in a translation approved by the Free Software Foundation. Cygwin User’s Guide iii Contents 1 Cygwin Overview 1 1.1 What is it? . .1 1.2 Quick Start Guide for those more experienced with Windows . .1 1.3 Quick Start Guide for those more experienced with UNIX . .1 1.4 Are the Cygwin tools free software? . .2 1.5 A brief history of the Cygwin project . .2 1.6 Highlights of Cygwin Functionality . .3 1.6.1 Introduction . .3 1.6.2 Permissions and Security . .3 1.6.3 File Access . .3 1.6.4 Text Mode vs. Binary Mode . .4 1.6.5 ANSI C Library . .4 1.6.6 Process Creation . .5 1.6.6.1 Problems with process creation . .5 1.6.7 Signals . .6 1.6.8 Sockets . .6 1.6.9 Select . .7 1.7 What’s new and what changed in Cygwin . .7 1.7.1 What’s new and what changed in 3.2 .
    [Show full text]
  • Solve Errors Caused by Corrupt System Files
    System File Corruption Errors Solved S 12/1 Repair Errors Caused by Missing or Corrupt System Files With the information in this article you can: • Find out whether corrupt system files could be causing all your PC problems • Manually replace missing system files using your Windows installation CD • Use System File Checker to repair broken Windows system files • Boost the memory available to Windows File Protection for complete system file protection Missing or corrupt system files can cause many problems when using your PC, from cryptic error messages to mysterious system crashes. If one of the key files needed by Windows has gone missing or become corrupt, you may think that the only way to rectify the situation is to re-install Windows. Fortunately, nothing that drastic is required, as Microsoft have included several tools with Windows that allow you to replace corrupt or missing files with new, fresh copies directly from your Windows installation CD. Now, whenever you find that an important .DLL file has been deleted or copied over, you won’t have to go to the trouble of completely re-installing your system – simply replace the offending file with a new copy. Stefan Johnson: “One missing file can lead to your system becoming unstable and frequently crashing. You may think that the only way to fix the problem is to re-install Windows, but you can easily replace the offending file with a fresh copy from your Windows installation CD.” • Solve errors caused by corrupt system files ................... S 12/2 • How to repair your missing system file errors ..............
    [Show full text]
  • Microsoft Windows Server 2019 Version 1809 Hyper-V
    Operational and Administrative Guidance Microsoft Windows Server, Microsoft Windows 10 version 1909 (November 2019 Update), Microsoft Windows Server 2019 version 1809 Hyper-V Common Criteria Evaluation under the Protection Profile for Virtualization, including the Extended Package for Server Virtualization Revision date: January 15, 2021 © 2021 Microsoft. All rights reserved. Microsoft Windows Server and Windows 10 Hyper-V Administrative Guidance Copyright and disclaimer The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication. This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, AS TO THE INFORMATION IN THIS DOCUMENT. Complying with all applicable copyright laws is the responsibility of the user. This work is licensed under the Creative Commons Attribution-NoDerivs-NonCommercial VLicense (which allows redistribution of the work). To view a copy of this license, visithttp://creativecommons.org/licenses/by-nd-nc/1.0/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. The example companies, organizations, products, people and events depicted herein are fictitious.
    [Show full text]
  • IIS Security and Programming Countermeasures
    IIS Security and Programming Countermeasures By Jason Coombs ([email protected]) Introduction This is a book about how to secure Microsoft Internet Information Services for administrators and programmers whose work includes a requirement for information security, a computer industry specialty field commonly referred to as infosec. In this book the terms information security and infosec are used interchangeably with the more friendly term data security. This is not a book about hacking, cracking, and the tools and techniques of the bad guys, the so-called black hat hackers. This book teaches computer professionals and infosec specialists how to build secure solutions using IIS. It is your duty to secure and defend networked information systems for the benefit of the good guys who are your end users, clients, or less technical coworkers. There is nothing you can do that will transform a programmable computer running Microsoft Windows from its vulnerable condition to an invulnerable one. Every general purpose programmable computer is inherently vulnerable because it is controlled by software and is designed to allow new software to be installed or executed arbitrarily. Network computing based on programmable general purpose computers will never be safe from an information security perspective. Eliminating the feature of general purpose programmability from a networked computer and replacing its software with firmware reduces but does not eliminate vulnerabilities. These are immutable realities of present day computing and, as always, reality represents your biggest challenge. Microsoft is in business to get as much of your money as possible using whatever means will work at a given moment and in this respect they know virtually no equal in the software business.
    [Show full text]
  • Microsoft Patches Were Evaluated up to and Including CVE-2020-1587
    Honeywell Commercial Security 2700 Blankenbaker Pkwy, Suite 150 Louisville, KY 40299 Phone: 1-502-297-5700 Phone: 1-800-323-4576 Fax: 1-502-666-7021 https://www.security.honeywell.com The purpose of this document is to identify the patches that have been delivered by Microsoft® which have been tested against Pro-Watch. All the below listed patches have been tested against the current shipping version of Pro-Watch with no adverse effects being observed. Microsoft Patches were evaluated up to and including CVE-2020-1587. Patches not listed below are not applicable to a Pro-Watch system. 2020 – Microsoft® Patches Tested with Pro-Watch CVE-2020-1587 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVE-2020-1584 Windows dnsrslvr.dll Elevation of Privilege Vulnerability CVE-2020-1579 Windows Function Discovery SSDP Provider Elevation of Privilege Vulnerability CVE-2020-1578 Windows Kernel Information Disclosure Vulnerability CVE-2020-1577 DirectWrite Information Disclosure Vulnerability CVE-2020-1570 Scripting Engine Memory Corruption Vulnerability CVE-2020-1569 Microsoft Edge Memory Corruption Vulnerability CVE-2020-1568 Microsoft Edge PDF Remote Code Execution Vulnerability CVE-2020-1567 MSHTML Engine Remote Code Execution Vulnerability CVE-2020-1566 Windows Kernel Elevation of Privilege Vulnerability CVE-2020-1565 Windows Elevation of Privilege Vulnerability CVE-2020-1564 Jet Database Engine Remote Code Execution Vulnerability CVE-2020-1562 Microsoft Graphics Components Remote Code Execution Vulnerability
    [Show full text]
  • WAF/CDP V3.7.1 User Guide
    WAFS/CDP v3.7.1 User Guide GlobalSCAPE, Inc. (GSB) 4500 Lockhill-Selma Road, Suite 150 Address: San Antonio, TX (USA) 78249 Sales: (210) 308-8267 Sales (Toll Free): (800) 290-5054 Technical Support: (210) 366-3993 Web Support: http://www.globalscape.com/support/ © 2004-2010 GlobalSCAPE, Inc. All Rights Reserved July 21, 2010 Table of Contents GlobalSCAPE Replication Software ............................................................................................................. 7 What's New? .............................................................................................................................................. 7 For the Best WAFS/CDP Experience .................................................................................................... 8 Getting Started .............................................................................................................................................. 9 WAFS Quick Start ..................................................................................................................................... 9 CDP Quick Start ...................................................................................................................................... 11 Quick Reference ...................................................................................................................................... 13 File-Naming Conventions ........................................................................................................................ 13 WAFS/CDP
    [Show full text]
  • Windows Operations Agent User Guide
    Windows Operations Agent User Guide 1.6 VMC-WAD VISUAL Message Center Windows Operations Agent User Guide The software described in this book is furnished under a license agreement and may be used only in accordance with the terms of the agreement. Copyright Notice Copyright © 2013 Tango/04 All rights reserved. Document date: August 2012 Document version: 2.31 Product version: 1.6 No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language or computer language, in any form or by any means, electronic mechani- cal, magnetic, optical, chemical, manual, or otherwise, without the prior written permission of Tango/04. Trademarks Any references to trademarked product names are owned by their respective companies. Technical Support For technical support visit our web site at www.tango04.com. Tango/04 Computing Group S.L. Avda. Meridiana 358, 5 A-B Barcelona, 08027 Spain Tel: +34 93 274 0051 Table of Contents Table of Contents Table of Contents.............................................................................. iii How to Use this Guide.........................................................................x Chapter 1 Introduction ......................................................................................1 1.1. What You Will Find in this User Guide............................................................2 Chapter 2 Configuration ....................................................................................3 2.1. Monitor Configuration......................................................................................3
    [Show full text]
  • Microsoft Windows Common Criteria Evaluation Security Target
    Microsoft Common Criteria Security Target Microsoft Windows Common Criteria Evaluation Microsoft Windows 10 version 1809 (October 2018 Update) Microsoft Windows Server 2019 (October 2018 Update) Security Target Document Information Version Number 0.05 Updated On June 18, 2019 Microsoft © 2019 Page 1 of 126 Microsoft Common Criteria Security Target Version History Version Date Summary of changes 0.01 June 27, 2018 Initial draft 0.02 December 21, 2018 Updates from security target evaluation 0.03 February 21, 2019 Updates from evaluation 0.04 May 6, 2019 Updates from GPOS PP v4.2.1 0.05 June 18, 2019 Public version Microsoft © 2019 Page 2 of 126 Microsoft Common Criteria Security Target This is a preliminary document and may be changed substantially prior to final commercial release of the software described herein. The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication. This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, AS TO THE INFORMATION IN THIS DOCUMENT. Complying with all applicable copyright laws is the responsibility of the user. This work is licensed under the Creative Commons Attribution-NoDerivs- NonCommercial License (which allows redistribution of the work). To view a copy of this license, visit http://creativecommons.org/licenses/by-nd-nc/1.0/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA.
    [Show full text]
  • Lecture 4: September 13 4.1 Process State
    CMPSCI 377 Operating Systems Fall 2012 Lecture 4: September 13 Lecturer: Prashant Shenoy TA: Sean Barker & Demetre Lavigne 4.1 Process State 4.1.1 Process A process is a dynamic instance of a computer program that is being sequentially executed by a computer system that has the ability to run several computer programs concurrently. A computer program itself is just a passive collection of instructions, while a process is the actual execution of those instructions. Several processes may be associated with the same program; for example, opening up several windows of the same program typically means more than one process is being executed. The state of a process consists of - code for the running program (text segment), its static data, its heap and the heap pointer (HP) where dynamic data is kept, program counter (PC), stack and the stack pointer (SP), value of CPU registers, set of OS resources in use (list of open files etc.), and the current process execution state (new, ready, running etc.). Some state may be stored in registers, such as the program counter. 4.1.2 Process Execution States Processes go through various process states which determine how the process is handled by the operating system kernel. The specific implementations of these states vary in different operating systems, and the names of these states are not standardised, but the general high-level functionality is the same. When a process is first started/created, it is in new state. It needs to wait for the process scheduler (of the operating system) to set its status to "new" and load it into main memory from secondary storage device (such as a hard disk or a CD-ROM).
    [Show full text]
  • GV-LPR Plugin Fence & Light GV-IP LPR Camera · GV-USB Dongle
    Introduction GeoVision's License Plate Recognition is an effective and low-maintenance solution to ensure the security of parking lots, which are prone to crimes due to isolated and unstaffed corners. In addition to providing high-resolution video monitoring, the LPR solution can detect and recognize vehicle license plates upon motion or I/O trigger. When a GV-LPR device -- Edge GV-IP LPR Camera, GV-DSP LPR, or PC-based GV-DVR LPR / VMS LPR -- detects or recognizes license plates in video sources, it sends the LPR results to the access control system GV-ASManager. Access can be granted when the detected license plate numbers match the vehicles registered in GV-ASManager's database. Alarm notifications and playing back LPR results are also supported. Setting & Database GV-Software Video Source + Plate Recongition Edge GV-IP LPR Camera GV-ASManager Video Source + Plate Recongition Supporting up to 255 GV- Live View, Recording and LPR devices Playback · GV-DVR / NVR / VMS · GV-Recording Server Analog Camera GV-DSP LPR Video Source + Plate Recongition Live View · GV-ASManager GV-I/O Box · GV-Edge Recording Manager Analog Camera · GV-Center V2 GV-DVR LPR / GV-VMS LPR Event Text Message / Log PC installed with · GV-DVR / NVR / VMS · GV-Vital Sign Monitor · GV-LPR Plugin Fence & Light GV-IP LPR Camera · GV-USB Dongle Note: Edge GV-IP LPR Camera includes GV-LPR2811-DL / GV-LPR2800-DL / GV-LPR1200. -1- License Plate Recognition August 30, 2021 Available Versions of Machine Learning (ML) Recognition Engines Argentina Australia Austria Belgium Brazil Canada China Chile Columbia Croatia Czech Republic France Germany Hungary India Ireland Israel Italy Morocco Mexico Norway Poland Portugal Qatar Russia Slovakia South Africa Spain Taiwan UK USA Vietnam Note: There is a Global version which is suitable for most of the other countries.
    [Show full text]
  • Hypervisor-Based Active Data Protection for Integrity And
    The 13th Annual ADFSL Conference on Digital Forensics, Security and Law, 2018 HYPERVISOR-BASED ACTIVE DATA PROTECTION FOR INTEGRITY AND CONFIDENTIALITY OF DYNAMICALLY ALLOCATED MEMORY IN WINDOWS KERNEL Igor Korkin, PhD Security Researcher Moscow, Russia [email protected] ABSTRACT One of the main issues in the OS security is providing trusted code execution in an untrusted environment. During executing, kernel-mode drivers dynamically allocate memory to store and process their data: Windows core kernel structures, users’ private information, and sensitive data of third-party drivers. All this data can be tampered with by kernel-mode malware. Attacks on Windows-based computers can cause not just hiding a malware driver, process privilege escalation, and stealing private data but also failures of industrial CNC machines. Windows built-in security and existing approaches do not provide the integrity and confidentiality of the allocated memory of third-party drivers. The proposed hypervisor-based system (AllMemPro) protects allocated data from being modified or stolen. AllMemPro prevents access to even 1 byte of allocated data, adapts for newly allocated memory in real time, and protects the driver without its source code. AllMemPro works well on newest Windows 10 1709 x64. Keywords: hypervisor-based protection, Windows kernel, Intel, CNC security, rootkits, dynamic data protection. 1. INTRODUCTION The vulnerable VirtualBox driver (VBoxDrv.sys) Currently, protection of data in computer memory has been exploited by Turla rootkit and allows to is becoming essential. Growing integration of write arbitrary values to any kernel memory (Singh, ubiquitous Windows-based computers into 2015; Kirda, 2015). industrial automation makes this security issue critically important.
    [Show full text]