Northern Light Video Conferencing System (NLVC)

 
PROJECT ID
C034
ASSURANCE LEVEL
EAL2
Security Target (ST)
 
Certification Report (CR)
 
PRODUCT NAME AND VERSION
Northern Light Video Conferencing System (NLVC) consist of:
• NLVC Client version 6.3.0.0
• NLVC Server Webadmin Tool version 7.0.0.1
• NLVC Server version 6.1-0.21
PRODUCT TYPE
Multipoint-to-multipoint video conferencing system.
PRODUCT SPONSOR / DEVELOPER

JMCS Sdn Bhd

PRODUCT SPONSOR / DEVELOPER CONTACT DETAILS

NLTVC Sdn. Bhd.

Level 2, Block C, Science@USMNo 10, Persiaran Bukit Jambul,
11900 Penang, MALAYSIA.

URL: http://www.nltvc.com
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
Phone: +60 (4) 653 3005
Fax: +60 (4) 653 3001

The Target of Evaluation (TOE), Northern Light Video Conferencing System (NLVC), is a multipoint-to-multipoint video conferencing system. It allows conferencing of any desired number of people around the world using existing LAN infrastructure, without affecting current applications. It is software based and uses non-proprietary hardware. The TOE components include:

  • NLVC Client version 6.3.0.0. A user based GUI application that works on the end user's PC or NLVC boardroom codec system.
  • NLVC Server Webadmin Tool version 7.0.0.1. A web based interface use to ease the administration of the TOE (NLVC Server).
  • NLVC Server version 6.1-0.21. The main purpose is to maintain and control conference according to the Real Time Switching (RSW) control criteria used.

The evaluated security functionalities for the TOE includes:

  • Identification and Authentication – the TOE requires that each user is successfully identified (User ID) and authenticated (password) before they are allowed to access the functionality of the TOE.
  • Secure communication – the TOE provides a secure SSL session between the client and the server in order to protect the video feeds and command data when transmitted between the client and the server.
  • Security Management – the TOE manages functions to ensure efficient and secure management of the TOE and its security functions. The TOE restricts access to the management functions based on the role of the user. The roles maintained by the TOE are: Chairman, Participant, Observer, and Administrator. Each access control list maps users and roles to the operations that they are permitted to perform on the object.
  • User Data Protection – the TOE manages access control on configuration data and functions based on user role and access control lists.