The TOE, BEA WebLogic Server® V8.1 SP5 with BEA06-81.01 and BEA05-107.00 security advisory patches, is an application server that provides a foundation for building and integrating distributed multi-tier applications. It centralizes application services, such as Web server functionality, business components, and access to back-end enterprise systems. It implements Java 2 Platform, Enterprise Edition (J2EE) version 1.3 technologies and provides a complete set of services for J2EE components.
\r\nWebLogic Server is a Java application designed to run in a Java 2 environment provided by the hosting operating system. The evaluated configuration is supported on BEA JRockit® 1.4.2_08 SDK and Sun Java 2 SDK 1.4.2_08 with Java HotSpot Client VM.
\r\nThe WLS TOE consists of a single WebLogic Server subsystem with the following WebLogic security providers configured: Auditing Provider; Authorization Provider; Adjudication Provider; Role Mapping Provider; Authentication Provider; Identity Assertion Provider; and Credential Mapping Provider.
","evaluation_configuration":null,"security_evaluation_summary":"The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the BEA WebLogic Server® 8.1 SP 5 TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.2 and International Interpretations effective on 3 September 2004. The evaluation methodology used by the Evaluation Team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 2.2. Science Applications International Corporation (SAIC) determined that the evaluation assurance level (EAL) for the product is the EAL2 family of assurance requirements, augmented with ALC_FLR.1 (Basic flaw remediation). The product, when configured as specified in “Managing WebLogic Security” (published at http://e-docs.bea.com/wls/docs81/secmanage/index.html), satisfies all of the security functional requirements stated in the BEA WebLogic Server Security Target. One validator on behalf of the CCEVS Validation Body monitored the evaluation carried out by SAIC. The evaluation was completed in March 2006. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report, (report number CCEVS-VR-06-0023) prepared by CCEVS.
","environmental_strengths":"BEA WebLogic Server® V8.1 SP5 with BEA06-81.01 and BEA05-107.00 security advisory patches (hereafter referred to as WLS) provides a low to moderate level of independently assured security in a conventional TOE and is suitable for a cooperative non-hostile environment with good physical access security and competent administrators.
\r\nThe primary security functionality of the TOE is to provide access control to WLS resources. WLS resources are hosted within WLS entities called containers. A user makes a network connection to WLS to access a specific resource. The container hosting the resource receives an access request from the WLS network handling code and is then responsible for calling into the WLS security framework to determine if access to the resource should be granted or denied.
\r\nBEA WebLogic Server® 8.1 SP5 supports the following four security functions:
\r\nThe TOE generates audit records of security relevant events as they occur within the security framework. The audit records are stored in the environment in which the TOE operates (i.e., the underlying operating system) and can be viewed by any text editor provided by the underlying operating system. The WebLogic Auditing Provider furnishes the TOE’s audit record generation capability.
\r\nThe TOE controls access to WLS resources based on user identity, group membership, dynamically assigned roles, and resource security policy. The TOE assigns a default security policy to each of the resource types it controls. A TOE administrator can override the default security policy to make it more or less restrictive according to the needs of the installation. When a resource is created, it inherits the policy of the resource type, but this too can be overridden by an administrator specifying a new policy specific to the resource. Security policies can be specified to restrict access to the resource based on combinations of user identity, user group memberships, dynamically assigned roles, and hours of access. The WebLogic Authorization Provider determines whether or not access to a WLS resource should be granted.
\r\nThe WebLogic Role Mapping Provider computes the set of roles granted to a user for a given resource. The TOE defines five global roles by default: Admin; Deployer; Operator; Monitor; and Anonymous. The first four roles represent various levels of administrative access, while all users are granted the Anonymous role. In addition to these default roles, a TOE administrator can define new roles, based on logical combinations of the following role conditions: user name of the caller; group membership of the caller; hours of access. Roles can be scoped to the entire security realm or to specific deployed resources (such as Web Applications and Enterprise Java Beans).
\r\nIt is possible (though not supported in the evaluated configuration) to configure multiple Authorization Providers. The WebLogic Adjudication Provider determines if a user request for access to a WLS resource will be granted in the case when multiple Authorization Providers are configured and return different responses to the request for access.
\r\nThe TOE supports multiple identification and authentication mechanisms: username and password; token-based (using either X.509 certificates or CORBA Common Secure Interoperability version 2 (CSIv2) identity assertion); credential mapping. The WebLogic Authentication Provider supports password-based authentication. The WebLogic Identity Assertion Provider supports identity assertion using X.509 certificates and CSIv2. The WebLogic Credential Mapping Provider supports the process whereby the authentication and authorization mechanisms of a remote system (for example, a legacy system or application) are used to obtain an appropriate set of credentials to authenticate users to a target WLS resource.
\r\nThe TOE provides security management capability via the browser-based Administrator Console GUI and the weblogic.Admin command-line tool (although all security management capability provided by the command-line tool is also available through the GUI). A user must be assigned one of the four global default management roles (i.e., Admin, Deployer, Operator, Monitor) in order to successfully invoke and login to the TSF via the Administrator Console or command-line tool.
\r\nThe TOE provides a security provider database to store data used by the various security providers. In the evaluated configuration, an embedded LDAP server is used for the security provider database, and WLS is designed to ensure that only a user acting in an appropriate role can modify or review WLS configuration data.
\r\nThe TOE encapsulates the resources it protects within the WLS security framework to ensure that the security mechanisms are always invoked when resources are requested. WLS operates as a collection of Java applications that operate in their own domains distinct from one another and also from other potentially untrusted entities.
","features":[]}