{"product_id":10014,"v_id":10014,"product_name":"Documentum Content Server V5.3 and Documentum Administrator V5.3 ","certification_status":"Not Certified","certification_date":"2005-12-21T00:12:00Z","tech_type":"Sensitive Data Protection","vendor_id":{"name":"EMC Documentum Division","website":"http://www.documentum.com"},"vendor_poc":"Jamal Shakra","vendor_phone":"925.600.6800","vendor_email":"jamal.shakra@documentum.com","assigned_lab":{"cctl_name":"CygnaCom Solutions, Inc"},"product_description":"<p>EMC Documentum Content ServerTM V5.3 and EMC Documentum AdministratorTM V5.3 is a data management and control application. Content Server provides a single repository for content and metadata. The Content Server uses an extensible object-oriented model to store content and metadata in the repository. Everything in a repository is stored as objects in an underlying RDBMS. The Administrator allows an authorized administrator to monitor, administer, configure, and maintain the Content Server and repositories via a Web browser. The product provides the following security functions:</p>\r\n<ul type=\"disc\">\r\n    <li>Object access control </li>\r\n    <li>Role-based user privileges </li>\r\n    <li>Audit </li>\r\n</ul>","evaluation_configuration":null,"security_evaluation_summary":"<p>The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS). The evaluation demonstrated that the EMC Documentum TOE meets the security requirements contained in the Security Target. The criteria against which the EMC Documentum TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.2. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 2.2. CygnaCom Solutions&rsquo; Security Evaluation Laboratory determined that the evaluation assurance level (EAL) for the EMC Documentum TOE is EAL 2. The TOE, configured as specified in the installation guide, satisfies all of the security functional requirements stated in the Security Target. A Validator, on behalf of the CCEVS Validation Body monitored the evaluation carried out by the CCTL. The evaluation was completed in November 2005. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report for EMC Documentum Content ServerTM V5.3 and EMC Documentum AdministratorTM V5.3.</p>","environmental_strengths":"<p>EMC Documentum Content ServerTM V5.3 and EMC Documentum AdministratorTM V5.3 provides a protected data repository, including access controls, auditing, and security administration. The repository and the administrative interface are meant to be in a protected facility, and identification and authentication are provided by the underlying operating system.</p>","features":[]}