Validated Product - IBM DB2 Version 9.5.2 Enterprise Server Edition for Linux, Unix, and WindowsCertificate Date: 18 December 2008 Validation Report Number: CCEVS-VR-VID10294-2008 Product Type: DBMS Conformance Claim: EAL4 Augmented with ALC_FLR.1 PP Identifiers: None CC Testing Lab: SAIC Common Criteria Testing Laboratory
PRODUCT DESCRIPTION
DB2 is a relational database management system (RDBMS) provided by IBM. As a RDBMS, DB2 supports the Standard Query Language (SQL) interface from a client that is connected to the database server. From the client, commands can be entered interactively or through an executing program to the database server to create databases, database tables, and to store and retrieve information from tables.
DB2 enforces the following security functions: Access Control, Identification and Authentication, Audit, Security Management, and TOE Protection. DB2 supports User Data protection by providing the ability to control access to the database and objects within the database (e.g. views) based upon user and object security attributes. Additionally, DB2 supports User Data protection by restricting the flow of information based upon security labels assigned to users and objects. DB2 requires all users to be identified and authenticated before allowing them access to DB2 resources. Although the product supports a label-based policy, the application is not an MLS application, nor has it been tested in an MLS environment. As such, use of the product should ensure that all users have clearance for all data in the database. DB2 relies upon the IT Environment to authenticate users before access to DB2 is allowed (e.g. DSAP, Kerberos); to provide a reliable time source; and to provide cryptographic services to support SSL as provided by the IBM GSKIT component. The IT Environment performs the actual authentication and association of users with groups and passes the result to DB2. DB2 audits security relevant events such as access to database resources, changing of security attributes, and modification of security attributes. Management of the DB2 TOE, including the ability to select and review audit records, is restricted to authorized administrators based on authorities. Management of DB2 objects is restricted to those users that are assigned the appropriate privileges to do so. DB2 is designed so that each of its interfaces performs the necessary access checks before allowing access to DB2 resources. It is assumed the product is being used in an environment that provides physical protection for all database servers and authentication servers.
There are several IBM DB2 product versions included in the evaluated configuration and the differences have no affect on the security functions claimed in the Security Target. The various DB2 editions differ primarily in the number of resources (e.g., users) they support and are identical in terms of their security architecture and behavior. EVALUATED CONFIGURATION
IBM DB2 Enterprise Server Edition Version 9.5.2 (also known as V9.5 Fix Pack 2) for Linux, Unix, and Windows Henceforth, the above components are referred to as the TOE. The TOE is a Relational Database Management System (RDBMS) developed by IBM Canada, Ltd., 3600 Steeles Avenue East, Markham, Ontario L3R 9Z7, Canada and sold by IBM Corporation, Route 100, Somers, NY, USA 10589. In the evaluation configuration, the TOE can be installed upon · AIX 6 · SuSE Linux Enterprise Server v10 · RedHat Linux (RHEL 5) · Windows Server 2003 with SP 1 · Solaris 10
SECURITY EVALUATION SUMMARY
The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The evaluation demonstrated that IBM DB2 meets the security requirements contained in the “IBM DB2 Version 9.5.2 Enterprise Server Edition for Linux, Unix, and Windows Security Target”. The criteria against which IBM DB2 was judged are described in the Common Criteria for Information Technology Security Evaluation Version 2.3 and the International Interpretations effective as of January, 2006. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation Version 2.3 and Part 2: Evaluation Methodology, Supplement: ALC_FLR - Flaw Remediation, Version 1.1, February 2002, CEM-2001/0015R. Science Application International Corporation (SAIC) determined that the evaluation assurance level (EAL) for the IBM DB2 TOE is EAL 4 augmented with ALC_FLR.1. The TOE, configured as specified in the installation guide, satisfies all of the security functional requirements stated in the Security Target. Validators on behalf of the CCEVS Validation Body monitored the evaluation carried out by SAIC. The evaluation was completed in November 2008. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report for IBM DB2 prepared by CCEVS. ENVIRONMENTAL STRENGTHS
IBM DB2 is a commercial network product that provides identification and authentication, user data protection, audit, security management, and TOE protection. IBM DB2 provides a level of protection that is appropriate for IT environments that require that access is controlled to the database and its contents where the IBM TOE is appropriately protected from physical attacks. |
![[X]](/assets/images/button_close.gif){kind=small}
![[PDF]](http://www.niap-ccevs.org:80/assets/images/icon_pdf.gif){kind=icon}
