{"product_id":9502,"v_id":9502,"product_name":"DBSign for HTML Applications Version 3.0","certification_status":"Not Certified","certification_date":"2005-09-30T00:09:00Z","tech_type":"Sensitive Data Protection","vendor_id":{"name":"Gradkell Systems, Inc.","website":"www.gradkell.com"},"vendor_poc":"Grady Gaston, VP","vendor_phone":"866.472.3535 X18","vendor_email":"ggaston@gradkell.com","assigned_lab":{"cctl_name":"Arca CCTL"},"product_description":"<p>DBsign is a digital signature solution that enables applications to incorporate digital signature security into their processes.</p>\r\n<p>The&nbsp;evaluated security functionalities&nbsp;of the product include:</p>\r\n<ul>\r\n<li>Digital signing&nbsp;of data; </li>\r\n<li>Verification of digitally signed data for data stored within a database or memory buffer or file; </li>\r\n<li>Non-repudiation of origin; and </li>\r\n<li>Auditing for operations performed on data stored within a database. </li>\r\n</ul>\r\n<p>The Target of Evaluation (TOE) is a digital signature solution that includes a set of APIs that consists of two portions; a client and a server portion.&nbsp;</p>\r\n<p>The&nbsp;client portion of the TOE is installed to an IT environment system that includes:</p>\r\n<ul>\r\n<li>At least 1 Network interface card; </li>\r\n<li>Any one of Microsoft Windows 98, Me, NT, 2000, XP, or 2003; and </li>\r\n</ul>\r\n<p>For DBsign Web Signer Plugin:</p>\r\n<ul>\r\n<li>Any one of Netscape Navigator 4.x, or Microsoft Internet Explorer 4.x-5.5 SP1 </li>\r\n</ul>\r\n<p>For DBsign Web Signer Control:</p>\r\n<ul>\r\n<li>Microsoft Internet Explorer 4.x or higher. </li>\r\n</ul>\r\n<p>The server portion of the TOE and the IT environment database are installed to one or more IT environment systems, together that includes:</p>\r\n<ul>\r\n<li>At least 1 Network interface card per system; </li>\r\n<li>Java Virtual Machine version 1.3 or higher on application system; </li>\r\n</ul>\r\n<ul>\r\n<li>J2EE compliant Java application server supporting the Java Servlet API version 2.2 or higher on application server system; </li>\r\n<li>Any one of the operating system that is supported by the Java application server on application server system; </li>\r\n<li>Any relational database management system (RDBMS) such as Oracle, SQL Server, or DB2 on database system; </li>\r\n<li>The operating system that supports the RDBMS including Solaris, Linux, or Windows on database system. </li>\r\n</ul>\r\n<p>The IT environment (the OS of the client and application server and the database itself) provides these supporting functions that are leveraged by DBsign.&nbsp; This functionality has not been evaluated but is needed for operation of the TOE.</p>\r\n<ul>\r\n<li>Mechanism for review of audit records (stored within the database and viewable via DBsign Administration Tools); </li>\r\n<li>Mechanism for generation and destruction of cryptographic keys; and </li>\r\n<li>Source of timestamps for auditing of security-relevant events. </li>\r\n</ul>","evaluation_configuration":null,"security_evaluation_summary":"<p>None</p>","environmental_strengths":"<p>None</p>","features":[]}