VALIDATION REPORT Primavera® P6™ Enterprise Project Portfolio Management (Version 6.2.1)
users to be identified before they can gain access to its capabilities. In the evaluated configuration, authentication of claimed identities is performed by an LDAP server in the IT environment.
Primavera provides administrative users with the ability to manage access controls on projects, resources, and methodologies, and the security attributes associated with users. Administrative capabilities are granted by the privileges allocated to a user via a global profile associated with the user.
The following assumptions are identified in the ST:
Table 2 – Assumptions
The TOE will be located within controlled access facilities and connected to networks that are protected from external tampering by a network firewall, which will prevent unauthorized physical access and mitigate unauthorized network access.
The TOE will be installed, configured, managed and maintained in accordance with its guidance documentation.
Clarification of Scope
The Target of Evaluation (TOE) is Primavera® P6™ Enterprise Project Portfolio Management (Version 6.2.1), henceforth referred to as Primavera.
The TOE is dependent on the correct operation of the components in the operational environment, which are not included within the scope of the evaluation. It should also be noted that the access control policies implemented by the TOE are enforced only on access attempts made through the TOE’s interfaces. The TOE does not and cannot control attempts to access data directly (e.g., via the underlying database or operating system).
Primavera is intended to be used to plan and control projects. Project data is stored in a central project management database that is located in the IT environment. The TOE provides the following specific capabilities.
Project management—allows users to plan and control projects. Project management capabilities include centralized resource management, including resource timesheet approval and the ability to communicate with project resources via web-based timesheet interfaces