Compliant Product - PrinterLogic Web Stack Client
Certificate Date: 2019.11.27CC Certificate Security Target Validation Report
Validation Report Number: CCEVS-VR-VID11057-2019
Product Type: Application Software
Conformance Claim: Protection Profile Compliant
PP Identifier: Functional Package for TLS Version 1.1
Protection Profile for Application Software Version 1.3
CC Testing Lab: Leidos Common Criteria Testing Laboratory
PrinterLogic Web Stack Client is an on-premise application designed to simplify the management, migration, and provisioning of printers. PrinterLogic Web Stack Client facilitates features including centrally-managed direct IP printing, self-service installation of printer drivers, automated deployment of drivers, centralized reporting of printer usage, and pull/mobile printing.
PrinterLogic Web Stack Client is part of a client-server distribution. The TOE is the client portion of this distribution. It interacts with a central Web Server application in its operational environment.
Security Evaluation Summary
The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the PrinterLogic TOE was judged are described in Protection Profile for Application Software, Version 1.3, 1 March 2019, the Functional Package for Transport Layer Security (TLS), Version 1.1, February 12, 2019 and the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 5. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 revision 5 as refined by the assurance activities in the protection profile. The product satisfies all of the security functional requirements stated in the PrinterLogic Web Stack Client v18.3 Security Target, version 1.0, November 27, 2019, when delivered and configured as identified in the following documents:
· PrinterLogic Web Stack version 18.3 Common Criteria Supplemental Guidance Version 1.0, 23 October 2019
The project underwent CCEVS Validator review. The evaluation was completed in December 2019. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.
The TOE uses NIST-validated cryptographic algorithms to secure data in transit. The Windows PL Client application relies on the FIPS-validated cryptographic library cng.sys provided by Windows to perform cryptographic functionality, while the Linux and macOS PL Clients include their own copies of the OpenSSL FIPS Object Module. The Windows PL Client also uses its own instance of OpenSSL-FIPS when running as a Service Host.
The PL Client application (for all platforms) provides TLS/HTTPS client, TLS client, and TLS server functionality. All components rely on their underlying OS platforms to provide entropy used for key generation.
The TOE leverages functionality provided by its underlying OS platforms to secure sensitive data at rest. The TOE uses network resources provided by the underlying platforms. The TOE also interfaces with the print spool of its underlying platform. All platform services are invoked with user awareness and authorization.
The TOE uses network connectivity to interact with the Web Server to receive configuration changes and to communicate the status of held print jobs. If configured as a Service host, it will also use network connectivity to securely retrieve print jobs from the operational environment (email server, iOS device, Android device, and/or Google Cloud print server), and to perform reverse AD lookups of users who submit these print jobs.
Identification and Authentication
The TOE uses X.509 certificates to authenticate endpoints for TLS and HTTPS trusted communications. As with cryptographic functionality in general, the Windows PL Client relies on the operational environment to provide this functionality in some cases while the Linux and macOS PL Clients implement it entirely within the TSF. For all platforms, revocation status is checked using CRLs but connections are authorized if the revocation status of an otherwise valid certificate cannot be confirmed.
PL Client configuration data is stored remotely on the Web Server system. Configuration of the PL Client is performed via administration of the environmental Web Server.
The TOE handles Active Directory credentials as well as print spool data, which could contain personally identifiable information (PII). However, any such handling of data is done with the user’s explicit authorization. No transmission of PII occurs that is not in direct response to user activity.
Protection of the TSF
The TOE includes measures to integrate securely with their underlying OS platforms. The TOE does not perform explicit memory mapping, nor does it allocate any memory region with both write and execute permissions. Similarly, the TOE does not write user-modifiable data to directories that contain executable files. The TOE is compatible with its supported host OS platforms when those platforms are configured in a secure manner. For all platforms, the TOE is not written in languages that are susceptible to stack-based buffer overflow attacks.
For each supported platform, the TOE uses a well-defined set of platform APIs and third party libraries.
The TOE provides the ability for a user to check its version and to apply updates. Updates are delivered in a format that is appropriate for the TOE’s platform (e.g., .deb files for Ubuntu Linux). Application of an update removes all executable code associated with the TOE; there is no way for the TOE to modify its own code. Updates to the TOE are digitally signed, and the signature is validated prior to installation.
TOE components use trusted paths and channels to secure data in transit. The following interfaces are provided by each TOE component:
· PI Client:
o TLS/HTTPS client for changes to configuration data and pull printing status from Web Server
· PI Client (Service Host only):
o TLS client for retrieval of print jobs over email (IMAPS)
o TLS server for retrieval of print jobs over AirPrint (IPPS)
o TLS client for transmission of printer status data to Google Cloud (XMPP)
o TLS/HTTPS client for retrieval of print jobs from Google Cloud
o TLS client for Active Directory communications (LDAPS)