Validated Product - AquaLogic Interaction Collaboration 4.2Certificate Date: 20 February 2009 Validation Report Number: CCEVS-VR-VID10104-2009 Product Type: Sensitive Data Protection Conformance Claim: EAL2 Augmented with ALC_FLR.2 PP Identifiers: None CC Testing Lab: SAIC Common Criteria Testing Laboratory
PRODUCT DESCRIPTIONThe Target of Evaluation (TOE) is AquaLogic® Interaction Collaboration 4.2 MP1, henceforth referred to as Collaboration. Collaboration is part of the AquaLogic User Interaction (ALUI) suite of products and is designed to work with AquaLogic Interaction 6.1 with AquaLogic Interaction Development Kit 6.0[1], hereafter referred to as ALI. Collaboration is not a stand-alone product; rather it integrates directly with ALI and depends on ALI portal pages and security functions. Collaboration functions as a remote server of ALI by providing Collaboration data and application functions in portlets and application views to ALI users. A collection of Collaboration web services provide the communication mechanism for this exchange of portlet data between ALI and Collaboration. Collaboration is a web application featuring a collection of collaboration tools that help users organize, share, and manage information. Collaboration facilitates teamwork among members of a project team by providing a unified online workspace for project members to share information. Collaboration can have many projects and project information can be accessed from any ALI community page or My Page that contains a Collaboration portlet. [1] Note: ALI 6.1 MPI was evaluated separately and is used by Collaboration in ALI’s evaluated configuration. SECURITY EVALUATION SUMMARYThe evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process. The criteria against which the AquaLogic® Interaction Collaboration 4.2 MP1 TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.3. The evaluation methodology used by the Evaluation Team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 2.3. Science Applications International Corporation (SAIC) determined that the evaluation assurance level (EAL) for the product is the EAL2 family of assurance requirements, augmented with ALC_FLR.2 (Flaw reporting procedures). The product satisfies all of the security functional requirements stated in the AquaLogic Interaction Collaboration 4.2 MP1 Security Target, when configured as specified in the following guidance documents:
These documents are available for download from http://edocs.bea.com/alui/collaboration/docs42/index.html. One validator on behalf of the CCEVS Validation Body monitored the evaluation carried out by SAIC. The evaluation was completed in January 2009. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report (report number to be assigned), prepared by CCEVS. ENVIRONMENTAL STRENGTHSAquaLogic® Interaction Collaboration 4.2 MP1 provides a low to moderate level of independently assured security in a conventional TOE and is suitable for a cooperative non-hostile environment with good physical access security and competent administrators. AquaLogic® Interaction Collaboration 4.2 MP1 supports the following security functions:
Vendor Information
Oracle Corporation UK Limited Shaun Lee +44 (0) 188 924 3860 +44 (0) 188 924 3171 (Fax) seceval_us@oracle.com |
![[X]](/assets/images/button_close.gif){kind=small}
![[PDF]](http://www.niap-ccevs.org:80/assets/images/icon_pdf.gif){kind=icon}