Validated Protection Profile - U.S. Government Family of Protection Profiles for Public Key Enabled Applications for Basic Robustness Environments, Version 2.8

Short Name: pp_pke_v2.8

Technology Type: PKI/KMI

CC Version: 3.1

Date: 01 May 2007

Preceded By: pp_pke_v2.77

Conformance Claim: EAL4 Augmented

Protection Profile [PDF]
Validation Report [PDF]
CC Certificate [PDF]
CC Certificate #2 [PDF]
CC Certificate #3 [PDF]


Assurance Continuity Maintenance Report [PDF]

Please note: This serves as an addendum to the VR for the Original Evaluated PP

PP OVERVIEW

This family of PPs describes the Information Technology (IT) security requirements for PKE Applications, based on the X.509 standard, integrated into computing platforms or systems. Public key technology provides digital signature generation and verification, public/private key encryption and decryption, public key distribution services, and various support functions. A PKE application may provide confidentiality, integrity, authentication, and non-repudiation, based on the use of public key technology security services. A variety of applications may be PK-enabled. This family of PPs should be used to specify the various PK services. Thousands of PPs can be defined depending upon the combination of functional packages and the assurance level chosen to meet the requirements of the application. Many functional requirements in the PPs represent extensions to the Common Criteria (CC), because the CC does not provide requirements for the X.509 processing rules that are critical to this family of PPs.

ASSURANCE MAINTENANCE

February 1, 2007
Assurance maintenance has been performed on this protection profiles to incorporate minor updates to the profile. This update caused a change in version number (from 2.76 to 2.77) that indicates an update has occurred. The details on the update are included in the revision history table included in the front matter of the protection profile.

May 01, 2007
Assurance maintenance has been performed on this protection profile to update it to the common criteria version 3.1. This update caused a change in version number (from 2.77 to 2.8) that indicates an update has occurred. The updates included revisions based on the assurance requirements of the CC 3.1, removal of FPT_SEP and FPT_RVM since it is now covered by ADV_ARC and replacement of Explicitly stated requirements with Extended requirements (only the nomenclature changed and not the requirements.)


This Validated Protection Profile is not assigned to any Validated Products

Please forward any questions or comments to pp-comments@niap-ccevs.org