Evaluated Product - Details

Return to the EPL index

Secure Objects incorporating Secure Envelopes

Product type: Data Protection
Product Status: Archived
Assurance Level: EAL4+ ALC_FLR.1

Version: 1.5.1
Components: Auth Server Component: Build All Other Components: Build

Product Details

Product Description

Certification Country: AUSTRALIA/NEW ZEALAND (2011)
Certificate Details: Certificate Number 2011/73
Certification Method: CC
Crypt Evaluation: Completed, see consumer guide
Evaluation Facility: stratsec
Manufacturer/Vendor/Distributor: Cocoon Data Holdings Ltd

Cocoon Data Holdings Ltd

Level 4, 156 Clarence Street
Sydney NSW 2000 Australia
Website: http://www.covata.com


Grahame Bell
Head of Defence & Government

Mobile: 0409 900 373
Email: grahame.bell@covata.com


Security Target
Certification Report
Consumer Guide

Secure Objects incorporating Secure Envelopes is an encryption-based, access control system for protecting the confidentiality and integrity of electronic files. Secure Envelopes controls and monitors the exchange of digital files based on recipient identity, to protect against the deliberate or unintentional release of sensitive user data.

The TOE includes both client software and a central enterprise server, namely the Enterprise Envelopes Server. The client software provides the creator with a user interface that enables them to secure data files. The same user-interface allows the recipient to “open the secure envelope”. The central server provides an enterprise security management platform that provides an ongoing capability for centralised control of created envelopes, key management and object access auditing.

Once the TOE has been implemented within the enterprise any document owner can create an envelope to secure and control specified electronic files. Objects or data files secured within a generated envelope can then be controlled throughout the life of that envelope. The creator has the ability to dynamically control which recipients may open an envelope and access objects or data files after they have been released.

The TOE security model ensures the secrets needed to decrypt an envelope are never physically distributed with the secured envelope. Secured envelopes can be emailed, copied, forwarded or burned on CD as easily as any other digital document.