Archived U.S. Government Approved Protection Profile - US Government Wireless Local Area Network (WLAN) Access System for Basic Robustness Environments, Version 1.1
Short Name: pp_wlan_as_br_v1.1
Technology Type: Wireless LAN
CC Version: 3.1
Date: 25 July 2007
Preceded By: pp_wlan_as_br_v1.0
Sunset Date:
01 September 2011
![[Sunset Icon]](/assets/images/pp-icon-sunset.gif "[Sunset Icon]"){kind=icon}
Conformance Claim: EAL2 Augmented
![[PDF]](/assets/images/icon_pdf.gif "[PDF]"){kind=icon}
Please note: This serves as an addendum to the VR for the Original Evaluated PP
PP OVERVIEW
This PP specifies the minimum-security requirement for a WLAN Access System (hereafter referred to as the Target of Evaluation (TOE) used by the US Government in Basic Robustness Environments. The target robustness level of “basic” is specified in the Guidance and Policy for the Department of Defense Global Information Grid Information Assurance (GIG).
This PP requires privacy and integrity of communications over the WLAN, using commercially available cryptographic algorithms. Security administration at the access system is also a requirement. The assurance requirements defined in section 5.3 provide a minimal level of assurance for basic robustness environments; these include EAL2 Security Assurance Requirements (SARs) augmented with FLC_FLR.2 (Flaw Reporting Procedures) and AVA_MSU.1 (Examination of Guidance.)
This PP defines:
- assumptions about the security aspects of the environment in which the TOE will be used;
- threats that are to be addressed by the TOE;
- security objectives of the TOE and its environment;
- functional and assurance requirements to meet those security objectives; and
- rationale demonstrating how the requirements meet the security objectives, and how the security objectives address the threats.
ENVIRONMENTAL STRENGTHS
The evaluation of the U. S. Government Wireless LAN Access System Protection Profile for Basic Robustness Environments, Version 1.0 provides specification for environments in which TOEs with various levels of robustness are appropriate to meet Basic Robustness level of independently assured security requirements. The assurance requirements were chosen to be consistent with this goal.
ASSURANCE MAINTENANCE
July 25, 2007
Assurance maintenance has been performed on this protection profile to update it to the common criteria version 3.1. This update caused a change in version number (from 1.0 to 1.1) that indicates an update has occurred. The updates included revisions based on the assurance requirements of the CC 3.1, removal of FPT_SEP and FPT_RVM since it is now covered by ADV_ARC and replacement of Explicitly stated requirements with Extended requirements (only the nomenclature changed and not the requirements.) Cryptographic functional requirements were also revised to reflect the latest updated standards.
PD-0144: Corrections to formatting and typographic errors in the WLAN Access System PPs
PD-0145: Enabling/Disabling of Verification of Cryptographic Key Testing in WLAN PP
Assigned to the following Validated Products
- VID10409 – 3eTI Airguard Wireless Network Access System
- VID10348 – Aruba Mobility Controller and Access Point Series, Version 3.4.2.3
Please forward any questions or comments to pp-comments@niap-ccevs.org
SEARCH CCEVS
Announcements
Quick Links
» Product Compliant ListAvailable products to assist in making a more secure infrastructure.
» Approved Protection ProfilesApproved protection profiles for use by vendors.
» NIAP Technical CommunitiesNIAP Technical Communities are key to the development of new Protection Profiles.
» Find an Accredited LabFind a lab to evaluate your product.
» NIAP FAQsFind answers to commonly asked questions.
» Getting AccreditedHow to become an NVLAP Accredited Lab.
