NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems

Short Name: pp_app_v1.2

Technology Type: Application Software

CC Version: 3.1

Date: 2016.04.25

Transition End Date: 2016.10.25

Preceded By: pp_app_v1.1

Succeeded By: pp_app_v1.3

Sunset Date: 2019.08.31

Conformance Claim: None

Protection Profile 

DoD Annex 

Control Mapping 

Usage Guidance 

PP OVERVIEW

The scope of this Protection Profile (PP) is to describe the security functionality of application software in terms of [CC] and to define functional and assurance requirements for such software. In recent years, software attacks have shifted from targeting operating systems to targeting applications. This has been the natural response to improvements in operating system security and development processes. As a result, it is paramount that the security of applications be improved to reduce the risk of compromise.

This U.S. Government Approved Protection Profile is not assigned to any Validated Products

Active Related Technical Decisions

• 0435 – Alternative to SELinux for FPT_AEX_EXT.1.3
  • References:  FPT_AEX_EXT.1.3
• 0434 – Windows Desktop Applications Test
  • References:  FDP_DEC_EXT.1.1
• 0427 – Reliable Time Source
  • References:  A.Platform
• 0244 – FCS_TLSC_EXT - TLS Client Curves Allowed
  • References:  FCS_TLSC_EXT.2.1, FCS_TLSC_EXT.4.1, FCS_TLSC_EXT.1.4, FCS_TLSC_EXT.2/WLAN
• 0174 – Optional Ciphersuites for TLS
  • References:  FCS_TLSC_EXT.1.1, FCS_EAP-TLS_EXT.1.1,

Archived Related Technical Decisions

• 0392 – FCS_TLSC_EXT.1.2 Wildcard Checking
• 0390 – Cryptographically Secure RNG
• 0389 – Handling of SSH EP claim for platform
• 0385 – FTP_DIT_EXT.1 Assurance Activity Clarification
• 0382 – Configuration Storage Options for Apps
• 0380 – Linux Keyring Requirement in FCS_STO_EXT.1
• 0364 – Android mmap testing for FPT_AEX_EXT.1.1
• 0359 – Buffer Protection
• 0358 – Cipher Suites for TLS in SWApp v1.2
• 0327 – Default file permissions for FMT_CFG_EXT.1.2
• 0326 – RSA-based key establishment schemes
• 0305 – Handling of TLS connections with and without mutual authentication
• 0304 – Update to FCS_TLSC_EXT.1.2
• 0300 – Sensitive Data in FDP_DAR_EXT.1
• 0296 – Update to FCS_HTTPS_EXT.1.3
• 0295 – Update to FPT_AEX_EXT.1.3 Assurance Activities
• 0293 – Update to FCS_CKM.1(1)
• 0283 – Cipher Suites for TLS in SWApp v1.2
• 0269 – Update to FPT_AEX_EXT.1.3 Assurance Activity
• 0268 – FMT_MEC_EXT.1 Clarification
• 0267 – TLSS testing - Empty Certificate Authorities list
• 0241 – Removal of Test 4.1 in FCS_TLSS_EXT.1.1
• 0238 – User-modifiable files FPT_AEX_EXT.1.4
• 0221 – FMT_SMF.1.1 - Assignments moved to Selections
• 0218 – Update to FPT_AEX_EXT.1.3 Assurance Activity
• 0217 – Compliance to RFC5759 and RFC5280 for using CRLs
• 0215 – Update to FCS_HTTPS_EXT.1.2
• 0192 – Update to FCS_STO_EXT.1 Application Note
• 0178 – Integrity for installation tests in AppSW PP
• 0177 – FCS_TLSS_EXT.1 Application Note Update
• 0172 – Additional APIs added to FCS_RBG_EXT.1.1
• 0163 – Update to FCS_TLSC_EXT.1.1 Test 5.4 and FCS_TLSS_EXT.1.1 Test
• 0131 – Update to FCS_TLSS_EXT.1.1 Test 4.5
• 0122 – FMT_SMF.1.1 Assignments moved to Selections
• 0121 – FMT_MEC_EXT.1.1 Configuration Options
• 0119 – FCS_STO_EXT.1.1 in PP_APP_v1.2
• 0107 – FCS_CKM - ANSI X9.31-1998, Section 4.1.for Cryptographic Key Generation