Free Ebook - Download Free Ebook pdf

Microsoft SQL Server 2008 Database Engine Common Criteria Evaluation.pdf ebook This chapter presents Security Target (ST) and TOE identification information and a general overview of the ST. An ST contains the information technology (IT) security requirements of an identified Target of Evaluation (TOE) and specifies the functional and assurance security measures offered by that TOE to meet stated requirements. An ST principally defines: a) A security problem expressed as a set of assumptions about the security aspects of the environment, a list of threats that the TOE is intended to counter, and any known rules with which the TOE must comply (chapter 3, Security Problem Definition) b) A set of security objectives and a set of security requirements to address the security problem (chapters 4 and 6, Security Objectives and IT Security Requirements, respectively). c) The IT security functions provided by the TOE that meet the set of requirements (chapter 7, TOE Summary Specification). A summary of the TOE security functions can be found in chapter 1.3.4. A more detailed description of the security functions can be found in chapter 7, TOE Summary Specification. Please note that only the SQL Server 2008 database engine is addressed in this ST. Other related products of the SQL Server 2008 platform, such as Service Broker, provide services that are useful but are not central to the enforcement of security policies. Hence, security evaluation is not directly applicable to those other products.

Microsoft SQL Server 2008 Database Engine Common Criteria Evaluation