NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
Questions?  We're here to help
  NIAP  »»  Protection Profiles  »»  Approved PPs  »»  Details  
U.S. Government Approved Protection Profile - Protection Profile for USB Flash Drives Version 1.0

Short Name: pp_usb_fd_v1.0

Technology Type: USB Flash Drive

CC Version: 3.1

Date: 2011.12.01

Conformance Claim: None

Protection Profile [PDF]

Control Mapping [PDF]



Transition Window

The Transition Window for this PP is from the date of publication through 1 June 2012. During the Transition Window, products will be accepted into evaluation against the PP or against an ST at EAL2 with a Letter of Intent. Once the Transition Window closes, all relevant products submitted for evaluation will only be evaluated against the PP.

USB Flash Drive

This is the NIAP approved Protection Profile (PP) for USB flash drives. The Target of Evaluation (TOE) defined in this Protection Profile (PP) is a USB flash drive and any associated software used to manage the drive and access the data on it.

Usage Scenarios

The two usage scenarios for USB Flash Drives addressed by the PP are:

  1. Use by an organization to transfer information between two devices; and
  2. Use to store files for a device or set of devices for a single user.

Threats Addressed

This PP addresses the following primary threats by an adversary:

  1. Obtain a misplaced or stolen USB flash drive and extract the sensitive data; or

Attempt to place malicious system files on the device that can be used to compromise host environments.

This U.S. Government Approved Protection Profile is not assigned to any Validated Products

Active Related Technical Decision

Please forward any Protection Profile specific comments to the applicable Technical Rapid Response Team (TRRT).

Please forward any general questions to our Q&A tool.

Site Map              Contact Us              Home