The TOE is a device, hereinafter referred to as a Peripheral Sharing Switch (PSS), or simply switch, that permits a single set of human interface devices: DVI-I video, Audio (input and output), USB keyboard, and USB mouse, to be shared among two to four computers. The TOE is a ruggedized peripheral sharing switch (PSS) based on the Avocent SwitchView SC Series SC440 hardware, which was Common Criteria evaluated as VID-10327. This PSS is protected from the elements (e.g. water, wind, debris) by an aluminum case. The switch has a remote set of buttons (connected to the switch by a 12-foot cable) that are large enough to be operated by users who are wearing gloves or other protective equipment. The indicator lights for this TOE are also located on the remote selection device, a custom extension to the Avocent switch, and are plainly visible to users. Due to the inaccessible environment that this PSS is designed to be deployed in, there are no selection buttons or indicator lights on the switch case itself. The PSS is controlled remotely. The Remote Controls under evaluation are: WIRED ASSY, KVM CONTROL PANEL P/N 7432562 manufactured by Lockheed Martin, REMOTE SWITCH CONTROL P/N 100901 manufactured by Argon Corp., and REMOTE SWITCH CONTROL P/N 100429 manufactured by Argon.
\r\nThe Argon 90731 Switch works with IBM PC compatible and Sun systems and has ports for USB keyboard, USB mouse, DVI-I video and audio (input and output). A CCID Smart Card reader or a CAC reader can be used with the Argon 90731 Switch via a USB interface, but this capability is not included in the evaluated configuration.
","evaluation_configuration":null,"security_evaluation_summary":"The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The evaluation demonstrated that the product meets the security requirements contained in the Security Target. The criteria against which the Argon Corp. Ruggedized KVM Switch Part Number 90731 was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1. Computer Sciences Corporation determined that the evaluation assurance level (EAL) for the product is EAL 4+. The product satisfies all of the security functional requirements stated in the Security Target. A validator, on behalf of the CCEVS Validation Body, monitored the evaluation carried out by Computer Sciences Corporation. The evaluation was completed in May 2011. Results of the evaluation can be found in the Evaluation Technical Report for a Target of Evaluation for Argon Corp. Ruggedized KVM Switch Part Number 90731 prepared by Computer Sciences Corporation.
","environmental_strengths":"The TOE provides the following security features:
\r\nData Separation (TSF_DSP): Signals processed by the TOE are shared peripheral device data, Data Display Channel information, and video signals. The TOE ensures data separation for all signal paths using both hardware and firmware.
\r\nThe basic arrangement of the microprocessors used for shared peripheral data ensures data separation in hardware by physical separation of the microprocessors connected to the user’s peripheral devices from the microprocessors connected to the attached computers. In operation, the main processor moves data received from the shared peripherals to the microprocessor corresponding to the selected computer. The processor dedicated to the selected computer sends data to the computer. Separation is ensured in hardware by use of separate microprocessors for each of the computers and for the shared user peripheral devices.
\r\nSeparation in firmware is ensured by firmware design consisting of dedicated functions and static memory assignment with no third-party library functions or multitasking executives.
\r\nIn operation the TOE is not concerned with the content of user information flowing between the shared peripherals and the switched computers. It only provides a single logical connection between the shared peripheral group and the one selected computer supporting the Data Separation Security Functional Policy – “the TOE shall allow peripheral data and state information to be transferred only between peripheral port groups with the same ID.” The TOE interfaces ensure that confidentiality of information is not violated by isolating signals electrically and through firmware modules that ensure that information is passed only between the user peripherals and the selected computer. Because the TOE uses electrical (hardware) signals, not software logic, to change signal paths for attached computer peripherals, user data is not labeled with the peripheral port group IDs.
\r\nShared peripheral status for each computer is stored by the processor associated with each computer. The TOE does not have software to install, or boards to configure. The logic contained within the TOE is protected from unauthorized modification through the use of discrete components.
\r\nSecurity Management (TSF_MGT): The TOE allows for the connected computers to be powered-up all-at-once or one at a time. The first computer to be powered on will be the default selected computer until the user selects another. To select or switch computers, the TOE provides port-specific switches that allow the human user to explicitly determine to which computer the shared set of peripherals is connected. This connection is visually displayed by a select LED inside the selected channel button.
\r\n","features":[]}