NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems

Short Name: pp_app_v1.2

Technology Type: Application Software

CC Version: 3.1

Date: 25 April 2016

Transition End Date: 25 October 2016

Preceded By: pp_app_v1.1

Conformance Claim: None

Protection Profile 

DoD Annex 

Control Mapping 

Usage Guidance 

PP OVERVIEW

The scope of this Protection Profile (PP) is to describe the security functionality of application software in terms of [CC] and to define functional and assurance requirements for such software. In recent years, software attacks have shifted from targeting operating systems to targeting applications. This has been the natural response to improvements in operating system security and development processes. As a result, it is paramount that the security of applications be improved to reduce the risk of compromise.

Assigned to the following Validated Products

• VID10780 – Forcepoint Trusted Access Mobile Client v1.1
• VID10786 – Trivalent Android Data Protection SDK v2.0
• VID10800 – Venafi Trust Protection Platform v17.1
• VID10801 – KeyW BlackBerry Suite B Data at Rest, Version 1.2.2.1
• VID10807 – Splunk Enterprise 6.4.5
• VID10825 – Monkton IA Docs Reinforced by Rebar for iOS v1.0.0
• VID10852 – SecureIO
• VID10856 – Trivalent Protect (for Android) Version 2.6
• VID10874 – Hypori Client (Android) v4.1
• VID10875 – Hypori Client (iOS) v4.1
• VID10886 – Nubo Software Thin Client v2.0
• VID10896 – IBM MaaS360 v2.9 Cloud Extender
• VID10904 – Enveil ZeroReveal™ Compute Fabric v1.1.1
• VID10915 – Apple iOS 11 Contacts
• VID10916 – Apple iOS 11 Safari
• VID10926 – Symantec Endpoint Protection
• Dell Data Protection | Encryption Personal Edition Version 8.14.0

Related Technical Decisions

• 0389 – Handling of SSH EP claim for platform
• 0385 – FTP_DIT_EXT.1 Assurance Activity Clarification
• 0382 – Configuration Storage Options for Apps
• 0380 – Linux Keyring Requirement in FCS_STO_EXT.1
• 0364 – Android mmap testing for FPT_AEX_EXT.1.1
• 0359 – Buffer Protection
• 0358 – Cipher Suites for TLS in SWApp v1.2
• 0327 – Default file permissions for FMT_CFG_EXT.1.2
• 0326 – RSA-based key establishment schemes
• 0305 – Handling of TLS connections with and without mutual authentication
• 0304 – Update to FCS_TLSC_EXT.1.2
• 0300 – Sensitive Data in FDP_DAR_EXT.1
• 0296 – Update to FCS_HTTPS_EXT.1.3
• 0295 – Update to FPT_AEX_EXT.1.3 Assurance Activities
• 0293 – Update to FCS_CKM.1(1)
• 0283 – Cipher Suites for TLS in SWApp v1.2
• 0269 – Update to FPT_AEX_EXT.1.3 Assurance Activity
• 0268 – FMT_MEC_EXT.1 Clarification
• 0267 – TLSS testing - Empty Certificate Authorities list
• 0244 – FCS_TLSC_EXT - TLS Client Curves Allowed
• 0241 – Removal of Test 4.1 in FCS_TLSS_EXT.1.1
• 0238 – User-modifiable files FPT_AEX_EXT.1.4
• 0221 – FMT_SMF.1.1 - Assignments moved to Selections
• 0218 – Update to FPT_AEX_EXT.1.3 Assurance Activity
• 0217 – Compliance to RFC5759 and RFC5280 for using CRLs
• 0215 – Update to FCS_HTTPS_EXT.1.2
• 0192 – Update to FCS_STO_EXT.1 Application Note
• 0178 – Integrity for installation tests in AppSW PP
• 0177 – FCS_TLSS_EXT.1 Application Note Update
• 0174 – Optional Ciphersuites for TLS
• 0172 – Additional APIs added to FCS_RBG_EXT.1.1
• 0163 – Update to FCS_TLSC_EXT.1.1 Test 5.4 and FCS_TLSS_EXT.1.1 Test
• 0131 – Update to FCS_TLSS_EXT.1.1 Test 4.5
• 0122 – FMT_SMF.1.1 Assignments moved to Selections
• 0121 – FMT_MEC_EXT.1.1 Configuration Options
• 0119 – FCS_STO_EXT.1.1 in PP_APP_v1.2
• 0107 – FCS_CKM - ANSI X9.31-1998, Section 4.1.for Cryptographic Key Generation