NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems

Short Name: pp_wlan_cli_br_v1.1

Technology Type: Wireless LAN

CC Version: 3.1

Date: 2007.07.25

Preceded By: pp_wlan_cli_br_v1.0

Sunset Date: 2011.09.01

Conformance Claim: EAL2 Augmented

Protection Profile 

Validation Report 

CC Certificate 

Addendum 

PP OVERVIEW

This PP specifies the DoD‘s information security needs for a Basic Robustness WLAN Client. It is expected that the wireless client will be a component in a larger system (for example, a wireless card installed in a laptop computer). This PP requires privacy and integrity of communications over the WLAN using commercially available cryptographic algorithms. Security administration is the responsibility of the user of each component (i.e., client). The assurance requirements defined in section 5.3 provide a minimal level of assurance for basic robustness environments; these include EAL2 Security Assurance Requirements (SARs) augmented with FLC_FLR.2 (Flaw Reporting Procedures).

This PP defines:

• assumptions about the security aspects of the environment in which the TOE will be used;
• threats that are to be addressed by the TOE;
• security objectives of the TOE and its environment;
• functional and assurance requirements to meet those security objectives; and
• rationale demonstrating how the requirements meet the security objectives, and how the security objectives address the threats.

ENVIRONMENTAL STRENGTHS

The evaluation of the U. S. Government Wireless LAN Client Protection Profile for Basic Robustness Environments, Version 1.0 provides specification for environments in which TOEs with various levels of robustness are appropriate to meet Basic Robustness level of independently assured security requirements. The assurance requirements were chosen to be consistent with this goal.

ASSURANCE MAINTENANCE

July 25, 2007

Assurance maintenance has been performed on this protection profile to update it to the common criteria version 3.1. This update caused a change in version number (from 1.0 to 1.1) that indicates an update has occurred. The updates included revisions based on the assurance requirements of the CC 3.1, removal of FPT_SEP and FPT_RVM since it is now covered by ADV_ARC and replacement of Explicitly stated requirements with Extended requirements (only the nomenclature changed and not the requirements.) Cryptographic functional requirements were also revised to reflect the latest updated standards.

PD-0140: Clarification on conformance to consistency issues noted in the U.S. Government Wireless Local Area Network (WLAN) Client for Basic Robustness Environments Protection Profile

PD-0145: Enabling/Disabling of Verification of Cryptographic Key Testing in WLAN PP

This U.S. Government Approved Protection Profile is not assigned to any Validated Products

This U.S. Government Approved Protection Profile does not have any related Technical Decisions