Archived U.S. Government Approved Protection Profile - Protection Profile for Peripheral Sharing Switch Version 3.0
Short Name: pp_pss_v3.0
Technology Type: Peripheral Switch
CC Version: 3.1
Preceded By: pp_psshid_v2.1
Succeeded By: pp_psd_v4.0
Sunset Date: 2020.01.18
Conformance Claim: NoneProtection Profile
Compliant targets of evaluation typically switch multiple peripherals to multiple computers based on the user switching inputs. Authorized switching methods may be implemented locally on the PSS front panel. Note that authorized switching methods specifically do not include the following methods: keyboard shortcuts, also known as “hotkeys”, automatic scanning, and voice activation. Note that this PP is also applicable to TOEs that support one computer only (isolator). The primary function of the PSS is to provide isolation between computer sources and peripherals. It is a tool to share peripheral devices. The same security goals are applicable even when there is only one computer involved. There may be a requirement to provide isolation between the computer and the peripheral devices and in that case, a single port PSS, or isolator, may be used. Compliant TOEs support one or more authorized switching methods, which are Push-buttons, tact switches, Toggle switches, Touch-screen, Mouse or cursor control.
In the context of this PP, a peripheral sharing switch provides a mechanism to securely connect a common set of peripherals (1 to n) to the attached computer(s) (1 to j) without sharing or transferring data (Figure 1). The PSS will follow a deliberate action from the user to enable an interaction between the connected peripherals and the selected computer. Examples of the type of PSS that should claim compliance to this PP include keyboard, video, mouse (KVM) switches; keyboard, mouse (KM) switches; and isolators (PSS with a single connected computer). Examples of devices that are not suitable for evaluation against this PP include Internet Protocol (IP) and network-attached switches and matrix switches. Basic use cases are defined in Annex B.
While the functionality that the TOE is obligated to implement (in response to the described threat environment) is discussed in detail in later sections, it is useful to give a brief description here. Compliant TOEs will provide security functionality that addresses threats to the TOE and implements policies that are imposed by law or regulation.
This assurance standard specifies information security requirements for Peripheral Sharing Switch for use in an enterprise. A PSS device in the context of this assurance standard is a device which is composed of one or more hardware components or platforms and its software or firmware. It may include cables and accessories, if applicable.
Connected peripheral devices, computer platforms or extenders are not covered under this PP and may be covered by another PP, if applicable. Nevertheless, testing of the TOE requires a complete setup that includes computers and peripheral devices.
PSS devices covered by this PP:
This U.S. Government Approved Protection Profile is not assigned to any Validated Products
Archived Related Technical Decisions
Please forward any Protection Profile specific comments to the applicable Technical Rapid Response Team (TRRT).
Please forward any general questions to our Q&A tool.