NIAP: Compliant Product
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - Trivalent Protect (for Android) Version 2.6

Certificate Date:  2018.06.13

Validation Report Number:  CCEVS-VR-VID10856-2018

Product Type:    Application Software

Conformance Claim:  Protection Profile Compliant

PP Identifier:    Extended Package for Software File Encryption Version 1.0
  Protection Profile for Application Software Version 1.2

CC Testing Lab:  Gossamer Security Solutions

CC Certificate [PDF] Security Target [PDF] Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]

Product Description

Trivalent Protect (for Android) provides file level encryption through a privileged software that is built into the Getac MX50 mobile device.  The Trivalent Protect (for Android) software uses encryption, to protect data from unauthorized users. Trivalent Protect (for Android) enhances the level of encryption for secure data-at-rest by providing additional encryption distinct from the data-at-rest protection provided by the platform. 

Trivalent Protect (for Android) runs in the background and uses both Android and BouncyCastle keystore to protect the File Encryption Key Encryption Key (FEKEK) that is used for encryption of user data.  The FEKEK is a 256-bit AES key that is used by Trivalent Protect (for Android) for file level encryption, transparently to all Android applications, for the internal public app storage (“/sdcard”). Note that the applications’ sandbox storage “/data/data/<app>” is not applicable.  Encryption using the FEKEK by Trivalent Protect (for Android) is provided by the SPX Core (Security First, Secure Parser Library).

Evaluated Configuration

Trivalent Protect (for Android) Version 2.6 software application package residing on evaluated Getac MX50 mobile devices running Android 5.1.1.

Security Evaluation Summary

The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) requirements and guidance. The evaluation demonstrated that the TOE meets the security requirements contained in the Security Target.  The criteria against which the TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 4, September 2012. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Evaluation Methodology, Version 3.1, Revision 4, July 2012.  Gossamer Security Solutions determined that the evaluation assurance level (EAL) for the TOE is EAL 1.  The product, when delivered and configured as identified in the Trivalent ADMINISTRATOR GUIDE Trivalent Protect 2.6 for Android, November 2017 and the Trivalent USER GUIDE Trivalent Protect 2.6 for Android, November 2017 documents, satisfies all of the security functional requirements stated in the Trivalent Protect (for Android) (ASPP12/ASFEEP10) Security Target, Version 0.8, June 4, 2018.  The project underwent CCEVS Validator review.  The evaluation was completed in March 2018.  Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report (report number CCEVS-VR-VID10856-2017) prepared by CCEVS.

Environmental Strengths

The logical boundaries of the Trivalent Protect (for Android) are realized in the security functions that it implements. Each of these security functions is summarized below.

Cryptographic support:

The evaluated Getac MX50 platform runs Android 5.1.1 operating system.  The platform’s Android APIs allow generation of keys through KeyGenerator, and random numbers are generated using SecureRandom.  Keys are used to protect data belonging to the applications that use the TOE.

The TOE uses Security First’s SPX Core (Security First, Secure Parser Library) for cryptographic algorithms.  The SPX Core supports encryption via AES and random number generation via an SP 800-90 AES-256 CTR DRBG.  The TOE uses the platform’s cryptographic API to perform AES key wrapping and keyed hashing via HMAC.  The TOE also uses the Android platform-based AndroidKeyStore provider to generate RSA key pairs.

User data protection:

The TOE protects user data by providing encryption services for applications to encrypt their data.  The TOE allows encryption of data using AES-256 bit keys.  The TOE protects communication with a Trivalent Configuration Manger (TCM) server using a TLS v1.2 communication path.

Identification and authentication:

The TOE authenticates applications by requiring a PIN/passphrase to unlock the application’s file encryption key.  A wrong password results in the unsuccessful loading of the application’s BouncyCastle keystore.  Without the correct keystore, the application cannot load the keys necessary for file encryption/decryption.

Security management:

The TOE’s services/options are inaccessible until a configuration has been created.  The TOE does not allow invocation of its services without configuration of the TOE’s settings upon first start up.  The TOE allows the changing of passwords for management purposes.


The TOE does not transmit Personally Identifiable Information over any network interfaces.

Protection of the TSF:

The TOE relies on the physical boundary of the evaluated platform as well as the Android operating system for the protection of the TOE’s application components.

The TOE checks for updates by selecting the check current version option on its menu.  If an update is needed, Trivalent shall deliver, via email or other agreed upon method, an updated application. The TOE’s software is digitally signed by Trivalent.  Each update is accompanied by documentation outlining changes to the overall service.

The Security First’s SPX Core and native Android (platform provided) cryptographic libraries provides the TOE’s cryptographic services.  These cryptographic service providers have built-in self-tests that are run at power-up to ensure that the algorithms are correct. If any self-tests fail, the TOE will not be able to perform its cryptographic services.

Trusted path/channels:

The TOE protects all communication to a TCM server using TLSv1.2. All of the data managed by the TOE resides on the evaluated Getac MX50 platform.

Vendor Information

Lauren Alexander
Site Map              Contact Us              Home