NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
Questions?  We're here to help
  NIAP  »»  Protection Profiles  »»  Archived PPs  »»  Details  
Archived U.S. Government Approved Protection Profile - U.S. Government Protection Profile for General-Purpose Operating Systems in a Networked Environment, Version 1.0

Short Name: pp_gpospp_v1.0

Technology Type: Operating System

CC Version: 3.1

Date: 2010.08.30

Transition End Date: 2012.01.28

Preceded By: pp_os_ca_v1.d

Succeeded By: pp_gpos_v3.9

Sunset Date: 2012.01.28 [Sunset Icon]

Conformance Claim: EAL2 Augmented

Protection Profile [PDF]



The “U.S. Government Protection Profile for General-Purpose Operating Systems in a Networked Environment” specifies security requirements for commercial-off-the-shelf (COTS) general-purpose operating systems in networked environments. This profile establishes the requirements necessary to achieve the security objectives of the Target of Evaluation (TOE) and its environment.

Conformant products support Identification and Authentication, Discretionary Access Control (DAC), and an audit capability and Cryptographic Services. These systems provide adequate security services, mechanisms, and assurances to process administrative, private, and sensitive/proprietary information. When an organization’s most sensitive/proprietary information is to be sent over a publicly accessed network, the organization should apply additional protection at the network boundaries.


Conformant operating systems include the following security features:

    • Identification and Authentication which mandates authorized users to be uniquely identified and authenticated before accessing information stored on the system;
    • Discretionary Access Control (DAC) which restricts access to objects based on the identity of subjects and groups to which they belong, and allows authorized users to specify protection for objects that they control;
    • Cryptographic services which provide mechanisms to protect TSF code and data and also provide support to allow authorized users and applications to encrypt, decrypt, hash, and digitally sign data as it resides within the system and as it is transmitted to other systems; and
  • Audit services which allow authorized administrators to detect and analyze potential security violations.

This U.S. Government Approved Protection Profile is not assigned to any Validated Products

This U.S. Government Approved Protection Profile does not have any related Technical Decisions

Please forward any Protection Profile specific comments to the applicable Technical Rapid Response Team (TRRT).

Please forward any general questions to our Q&A tool.

Site Map              Contact Us              Home