NIAP: Compliant Product
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - Hypori ACE Client v3.1.0

Certificate Date:  2016.03.09

Validation Report Number:  CCEVS-VR-VID10643-2016

Product Type:    Application Software

Conformance Claim:  Protection Profile Compliant

PP Identifier:    Protection Profile for Application Software Version 1.1

CC Testing Lab:  Leidos Common Criteria Testing Laboratory

CC Certificate [PDF] Security Target [PDF] Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]

Product Description

The Target of Evaluation (TOE) is the Hypori Android Cloud Environment Client 3.1.0. 

Hypori Android Cloud Environment (ACE) is a Virtual Mobile Infrastructure (VMI) platform. End users running a Hypori ACE Client on their mobile device access a virtual Android device running on a server in the cloud. The virtual device on the server contains the operating system, the data, and the applications, using TLS 1.2 encryption to communicate securely with the ACE Client.

The Hypori VMI platform includes the following components:

  • ACE Client (the TOE): This is a thin client that installs on the end user’s mobile device and communicates with the ACE Device on the server through secure encrypted protocols.
  • ACE Device: This is an Android-based virtualized version of the end user’s mobile device.
  • ACE Servers: This is the cloud server cluster that hosts the ACE Devices.
  • ACE Administrator Portal: This is a browser-based administration user interface that is used to manage the ACE system

Evaluated Configuration

Security Evaluation Summary

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme.  The criteria against which the Hypori Android Cloud Environment Client 3.1.0 was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 4.  The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 rev 4.   The product, when delivered and configured as identified in the Hypori ACE User Guide Common Criteria Configuration and Operation, Version 3.1.0 document, satisfies all of the security functional requirements stated in the Hypori Virtual Mobile Infrastructure Platform 3.1.0 Android Cloud Environment Client Security Target, Version 1.0, February 17, 2016.  The project underwent CCEVS Validator review.  The evaluation was completed in February 2016.  Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.

Environmental Strengths

Cryptographic Support

The TOE establishes secure communication with the ACE Server using TLS. The client uses cryptographic services provided by the Android platform. TOE stores credentials and certificates for mutual authentication in the Android key store.

User Data Protection

The TOE informs a user of hardware and software resources the TOE accesses. It uses the Android permission mechanism to get a user’s approval for access as part of the installation process. The user initiates a secure network connection to the ACE Server using the TOE. In general, sensitive data resides on the ACE Device and not the ACE Client, although the client does store credentials in the Android key store.

Identification and Authentication

The TOE uses the Android certification validation services to authenticate the X.509 certificate the ACE Server presents as part of the establishing a TLS connection.

Security Management

Security management consists of setting ACE Client configuration options. The TOE uses Android mechanisms for storing the configuration settings.

Protection of the TSF

The TOE uses security features and APIs that the Android platform provides. The TOE leverages Android package management for secure installation and updates. The TOE package includes only those third-party libraries necessary for its intended operation.

Trusted Path/Channels

TOE uses TLS 1.2 for all communication with ACE Server.

Vendor Information

Hypori, Inc.
Evan Watkins
Site Map              Contact Us              Home