Archived U.S. Government Approved Protection Profile - Protection Profile for Software Full Disk Encryption Version 1.1
Short Name: pp_swfde_v1.1
Technology Type: Encrypted Storage
CC Version: 3.1
Preceded By: pp_swfde_v1.0
Sunset Date: 2015.08.27
Conformance Claim: NoneProtection Profile
This PP addresses the threat that an adversary will obtain a lost or stolen hard disk (e.g., a disk contained in a laptop or a portable external hard disk drive) containing sensitive data. The Target of Evaluation (TOE) defined in this Protection Profile (PP) is for a software full disk encryption product that encrypts the data on the hard disk device. As defined by NIST: “Full Disk Encryption (FDE), also known as whole disk encryption, is the process of encrypting all the data on the hard drive used to boot a computer, including the computer’s OS, and permitting access to the data only after successful authentication to the FDE product.” Note that software encryption products will leave a portion of the drive unencrypted for the Master Boot Record (MBR) and the initial bootable partition. For this Protection Profile, the term “disk encryption” will be interpreted as per the NIST definition of full disk encryption modified to allow software disk encryption products to leave a portion of the drive unencrypted for the MBR and bootable partition so long as no information is written there that could contain user data.
Assigned to the following Validated Product
Archived Related Technical Decision
Please forward any Protection Profile specific comments to the applicable Technical Rapid Response Team (TRRT).
Please forward any general questions to our Q&A tool.