ARCHIVED CERTIFIED PRODUCTS AND SYSTEMS

The Target of Evaluation (TOE) is a software product, which comprises of MQAssure™/AppShield v1.2_CR6 integrated with MQAssure™/IAM v1.0_CR6. The MQAssureTM/AppShield v1.2_CR6 (hereafter referred as Appshield) combined with MQAssureTM/IAM v1.0_CR6 (hereafter referred as IAM) is an access control software for web applications. The TOE controls access to web filtering applications by enforcing authentication and authorisation using multifactor authentication schemes. It is also capable of session control, and request validation based on its core engine policy and rules.

IAM or Identity and Access Management is the core engine of the TOE. It is a centralised identity and access management platform that provides the back bone for the AppShield security functionality. In the overall infrastructure, AppShield acts as a policy enforcement agent for the web applications.

The security features within the scope of the evaluation for IAM includes:

• Multifactor User Authentication which includes MyKad-Biometric, iKey-PIN or password.
• TOE Administration which provides a web based GUI console for the administrator to configure and manage the TOE.
• Security Audit which generates audit records for relevant authentication events and access events to various objects.

The security features within the scope of the evaluation for AppShield includes:

• Access Control which enforces access control policy decision made by the IAM.
• HTTP request validation which protects the web applications from common input tampering attacks.

Ramdas Nemani

A-2-07 & A-2-09
SME Technopreneur Centre1,
2270 Jalan Usahawan 2,
63000 Cyberjaya, Selangor DE,
MALAYSIA

URL: http://www.magnaquest.com
Email: ramdas.nemani@magnaquest.com
Phone: +60 (3) 8318 2964
Fax: +60 (3) 8319 2534

Security Target (ST)

Certification Report (CR)

NA