• NIAP
  Home
•  
  Evolution
  • Evolution FAQs
  • NIAP Goals
  • NIAP Policies/Procedures
  • Technical Communities
  • Commercial Solutions for Classified Programs
• CCEVS
  Big Picture
  • CCEVS Objectives
  • CC Testing Labs (CCTL)
  • Candidate CCTLs
  • CCEVS Interpretations
  • CCEVS Validation Body
  • CCRA and Partners
  • Defining the CCEVS
  • Events
  • Guidance to Consumers
  • Historical Perspective
  • Terms & Acronyms
•  
  Announcements
  • NIAP Announcements
  • Evolution Announcements
  • Partner Announcements
  • Director’s Corner Archive
• CCEVS
  Products
  • Product Compliant List
  • Products in Evaluation
  • Archived Product Compliance List
• Documents
  & Guidance
  • CC/CEM Documentation
  • Consistency Instruction Manuals
  • FAQs
  • Forms & Templates
  • LabGrams
  • PP Development Process
  • Scheme Policy Letters
  • Scheme Publications
  • VOR Schedule
• Useful
  Links
  • Common Criteria Portal
  • International Interps Database
  • National Institute of Standards & Technology
  • National Security Agency
  • NIST Computer Security Resource Center
  • NVLAP Lab Accreditations
  • Precedent Database
  • Public Interps Database
  • TTAP
• Protection
  Profiles
  • NIAP Approved Protection Profiles
  • Protection Profiles in Development
  • Archived Protection Profiles
• Contact
  Us
• NIAP
  Community

SITE INDEX  » pp  » pp

Archived U.S. Government Approved Protection Profile - Department of Defense Public Key Infrastructures and Key Management Infrastructures Token Protection Profile (Medium Robustness), Version 3.0

Short Name: pp_pkikmi_tkn_mr_v3.0

Technology Type: PKI/KMI

CC Version: 2.x

Date: 22 March 2002

Sunset Date: 21 March 2008

Conformance Claim: EAL4 Augmented

 

PP OVERVIEW

Herewith a brief summary, sufficiently detailed to enable a potential user to detemine whether the PP is of interest.

This PP specifies the information technology (IT) security requirements for a token to be used with sensitive but unclassified (SBU) applications (Class 4) in the DoD Public Key Infrastructure (PKI). The services provided by the DoD PKI include the generation, distribution, control, tracking, and destruction of public key certificates. The DoD PKI's primary goal is the secure transport of sensitive but unclassified or unclassified information using unprotected networks. The DoD PKI token carries public key certificates used to authenticate its user in public key transactions and applications.

The security requirements in this PP apply to the DoD PKI token as issued to the token holder. These requirements cover the token's integrated circuit, operating software, and specific applications when processing DoD information. This PP does not cover security requirements for token terminals or networks interfacing with them. Throughout the requirements section in this protection profile, references are made to requirements for FIPS 140-2 Level 2 for Subscribers/Level 3 for Registration Authorities and Certificate Authorities. If the DoD Common Access Card (CAC) issuing infrastructure is not capable of issuing two different levels of cards, then all CACs will be required to meet FIPS 140-2 Level 3.

This U.S. Government Approved Protection Profile is not assigned to any Validated Products