Compliant Product - Perspecta Labs SecureIO v2.0.4
Certificate Date:
2021.07.12
CC Certificate Validation Report Number: CCEVS-VR-VID11170-2021 Product Type: Application Software Conformance Claim: Protection Profile Compliant PP Identifier: Protection Profile for Application Software Version 1.3 CC Testing Lab: Acumen Security ![]() ![]() ![]() Assurance Activity ![]() Administrative Guide ![]()
Product Description
The SecureIO application provides a secure communication channel for Android applications by transmitting and receiving network traffic over a secure TLS channel. The traffic is protected in transit using TLS between the Android device and a TLS server. The functionality of the SecureIO service is limited to (i) establishing and shutting down a TLS connection to the Transport Layer Gateway (TLG); (ii) sending and receiving messages to and from the TLG on behalf of Android apps via the TLS connection. The TOE runs on Android versions 8.0, 9.0, and 10.0. All sub-versions of 8.0 (e.g. 8.1.0), 9.0 and 10.0 are supported.
Evaluated Configuration
Security Evaluation Summary
The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Perspecta Labs SecureIO v2.0.4 was evaluated are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 5. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 rev 5. The product, when delivered configured as identified in the Perspecta Labs SecureIO User Manual, Version 2.0.4, Issue 6, June 2021, satisfies all of the security functional requirements stated in the Perspecta Labs SecureIO v2.0.4 Security Target, Version 0.8, June 30, 2021. The project underwent CCEVS Validator review. The evaluation was completed in July 2021. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report (report number CCEVS-VR-VID11170-2021) prepared by CCEVS.
Environmental Strengths
The TOE provides the security functionality required by the Protection Profile for Application Software Version 1.3 [SWAPP]. Cryptographic SupportThe TOE relies on underlying cryptographic functionality provided by the platform for all of its cryptographic operations. User Data ProtectionThe TOE is a TLS proxy that encrypts data sent by other applications on its host platform. Security ManagementThe TOE does not come with any default credentials. It identifies itself to the TLS gateway that it connects to using a certificate and private key. These are provisioned onto the TOE by an administrator or end user. PrivacyThe TOE itself does not contain or transmit any PII. It functions as a TLS proxy over which other applications on the platform may transmit whatever data they wish. Protection of the TSFThe TOE employs several mechanisms to ensure that it is secure on the host platform. Only documented platform APIs are used by the TOE. The TOE never allocates memory with both write and execute permission. Evaluated platform functionality is used to verify the TOE version and perform updates, and no third-party libraries are used. Trusted Path/ChannelsTLS is used to protect all data transmitted to and from the TOE. Identification and AuthenticationCertificate validation and certificate authentication are performed by the TOE as part of TLS, in accordance with RFC 5280. Vendor InformationPerspecta Labs Eric Jung 908-748-2684 908-748-2685 ejung@perspectalabs.com https://www.peratonlabs.com/secureio.html |