Compliant Product - SK41D-4TR KVM, Firmware Version 44404-E7E7
Certificate Date: 2021.09.15CC Certificate Security Target Validation Report
Validation Report Number: CCEVS-VR-VID11193-2021
Product Type: Peripheral Switch
Conformance Claim: Protection Profile Compliant
PP Identifier: PP-Module for Keyboard/Mouse Devices Version 1.0
PP-Module for Video/Display Devices Version 1.0
Protection Profile for Peripheral Sharing Device Version 4.0
CC Testing Lab: Acumen Security
Figure 1 shows a basic evaluated configuration. The TOE is connected to four computers. The video input and output format is DVI-D, and a single display is connected to the KVM. The TOE uses ruggedized 32-pin connectors that support both DVI-D and USB 2.0 protocols. The KVM is used with a wired remote control.
Security Evaluation Summary
The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the High Sec Labs SK41D-4TR KVM Firmware Version 44404-E7E7 was evaluated are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 5. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 rev 5. Acumen Security determined that the evaluation assurance level (EAL) for the product is EAL 1. The product, when delivered configured as identified in the HSL Quick Installation Guide 4 Ports Secure Ruggedized DVI-D KVM Switch, HDC23220 Rev 1.0, the HSL Administrator Guide, HDC19968, Rev. C and the High Sec Labs SK41D-4TR KVM Firmware Version 44404-E7E7 Common Criteria Guidance Supplement, Version 0.5, satisfies all of the security functional requirements stated in the High Sec Labs SK41D-4TR KVM Firmware Version 44404-E7E7 Security Target. The project underwent CCEVS Validator review. The evaluation was completed in September 2021. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.
The TOE is comprised of several security features. Each of the security features identified above consists of several security functionalities, as identified below:
- Security Audit
- User Data Protection
- Identification and Authentication
- Security Management
- Protection of the TSF
- TOE Access
These features are described in more detail in the subsections below.
Audit entries are generated for security related events.
User Data Protection
The TOE provides secure switching capabilities for keyboard, video and mouse. The TOE ensures that only authorized peripheral devices may be used.
Identification and Authentication
Administrators must be identified and authenticated prior to accessing administrative functions.
The TOE provides management capabilities in support of the ‘Restore to factory default’ function. The Administrator role restricts this functionality to authorized administrators.
Protection of the TSF
The TOE ensures a secure state in the case of failure, provides only restricted access, and performs self-testing. The TOE provides both passive detection of physical attack and resistance to physical attack.
The TOE provides a continuous indication of which computer is currently selected.
High Sec Labs, Inc.
+1 (256) 203-3036
+1 (256) 203-3230