NIAP: Compliant Product
NIAP/CCEVS
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - D4 Secure VPN Client for the HTC A9 Secured by Cog Systems

Certificate Date:  2017.11.16

Validation Report Number:  CCEVS-VR-VID10855-2017

Product Type:    Virtual Private Network

Conformance Claim:  Protection Profile Compliant

PP Identifier:    Protection Profile for IPsec Virtual Private Network (VPN) Clients Version 1.4

CC Testing Lab:  Gossamer Security Solutions


CC Certificate [PDF] Security Target [PDF] Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]


Product Description

The Target of Evaluation (TOE) is the D4 Secure VPN Client that is the HTC A9 Secured by Cog Systems D4 Secure Mobile device's built-in Outer Data-In-Transit (DIT) VPN client.  The Outer DIT VPN runs only on the evaluated HTC A9 Secured by Cog Systems D4 Secure Mobile device.

The D4 Secure is a smartphone based upon an HTC A9 hardware which uses Qualcomm SoCs (Snapdragon 617, MSM8952) and runs custom Cog Systems D4 Secure images.  This is a custom built smartphone intended to support military and civil service users.  The D4 Secure Mobile Device is the TOE Platform for the Outer DIT VPN client. Since the Outer DIT VPN is built-into the evaluated D4 Secure Mobile device, it is considered to have the same version as the D4 Secure Mobile device.

The TOE provides always on secure remote network connectivity for the D4 Secure and Android 6.0.1 operating system, by providing an IPsec VPN that once configured protects all communication.  The Outer DIT VPN client sends all network communication to the connected VPN gateway through an IPsec protected communication channel.


Evaluated Configuration

The evaluated configuration consists of the D4 Secure VPN Client for the HTC A9 Secured by Cog Systems.

Product

Carrier

Security Software Version

OS version

HTC Software Version number

HTC-A9

Telstra

1.6

Android v6.0.1

1.57.617.52


Security Evaluation Summary

The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) requirements and guidance. The evaluation demonstrated that the TOE meets the security requirements contained in the Security Target.  The criteria against which the TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 4, September 2012. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Evaluation Methodology, Version 3.1, Revision 4, July 2012.  Gossamer Security Solutions determined that the evaluation assurance level (EAL) for the TOE is EAL 1.  The product, when delivered and configured as identified in the Cog Systems D4 Secure VPN Client Guide Documentation, Version 1.1, October 31, 2017 document, satisfies all of the security functional requirements stated in the D4 Secure VPN Client for the HTC A9 secured by Cog Systems (IVPNCPP14) Security Target, Version 0.7, October 31, 2017.  The project underwent CCEVS Validator review.  The evaluation was completed in November 2017.  Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report (report number CCEVS-VR-VID10855-2017) prepared by CCEVS.


Environmental Strengths

The logical boundaries of the D4 Secure VPN Client for the HTC A9 secured by Cog Systems are realized in the security functions that it implements. Each of these security functions is summarized below.

Cryptographic support:

The IPsec implementation is the primary function of the TOE.  IPsec is used by the TOE to protect communication between itself and a VPN Gateway over an unprotected network. The TOE also includes cryptographic services to support the IPsec VPN, and self-testing functionality specified in this Security Target.

User data protection:

The TOE ensures that residual information is protected from potential reuse in accessible objects such as network packets.

Identification and authentication:

The TOE provides the ability to use pre-shared keys and X.509 certificates that are used for IPsec Virtual Private Network (VPN) connections.  The TOE utilizes TOE Platform functions to store and protect X.509 certificates.

Security management:

The TOE provides all the interfaces necessary to manage the identified security functions to the admin at provisioning. This includes interfaces to the admin as well as to the VPN gateway.  The IPsec VPN is fully configurable through a provisioning process performed prior to the first use of the D4 Secure Mobile Device.  The TOE platform provides the functions necessary to securely update the TOE.

Protection of the TSF:

The TOE utilizes its own cryptographic functions to perform self-tests that cover the TOE cryptographic operations.  The TOE relies upon its underlying platform to perform self-tests that cover the TOE as well as the functions necessary to securely update the TOE.

Trusted path/channels:

The TOE acts as a VPN client using IPsec to established secure channels to corresponding VPN gateways.


Vendor Information

Logo
Cog Systems D4 Secure Mobile
Denis Whitford/Dan Potts
+1-855-662-7234 (US) 1300-061864 (AUS)
na
DanielP@Cog.Systems

Northropgrumman.com/Cog.Systems
Site Map              Contact Us              Home