\r\n
The Curtiss-Wright Defense Solutions Data Transport System 1-Slot Software Layer (hereafter referred to as the TOE) is a software encryption layer that is used for Data-At-Rest (DAR) encryption as part of the underlying rugged Network Attached Storage (NAS) file server, denoted as the Curtiss-Wright DTS1 CSFC/ECC Cryptographic Data Transport System (DTS) (hereafter referred to as the DTS1). The underlying DTS1 is intended for use in Unmanned Aerial Vehicles (UAV), Unmanned Underwater Vehicles (UUV), and Intelligence Surveillance Reconnaissance (ISR) aircraft. The TOE operates at, and is evaluated at, the firmware level. Easily integrated into network centric systems, the DTS1 is an easy to use, turnkey, rugged network File Server that houses one Removable Memory Cartridge (RMC) that provides quick off load of data. The RMC can be easily removed from one DTS1 and installed into any other DTS1 providing full, seamless data transfer between one or more networks in separate locations (e.g. ground => vehicle => ground).
","evaluation_configuration":"","security_evaluation_summary":"The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) requirements and guidance. The criteria against which the TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 4, September 2012. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Evaluation Methodology, Version 3.1, Revision 4, July 2012. The product, when delivered and configured as identified in the Curtiss-Wright DTS1 CSfC / ECC Cryptographic Data Transport System (Network File System) User Guide, DDOC0099-000-A2, satisfies all of the security functional requirements stated in the Curtiss-Wright Data Transport System 1-Slot Software Encryption Layer (FDEEEcPP20/FDEAAcPP20) Security Target, Version 0.7, August 14, 2018. The project underwent CCEVS Validator review. The evaluation was completed in August 2018. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.
\r\n","environmental_strengths":"
The logical boundaries of the TOE are realized in the security functions that it implements. Each of these security functions is summarized below.
\r\nCryptographic support:
\r\nThe TOE includes cryptographic functionality for key management, user authentication, and block-based encryption including: symmetric key generation, encryption/decryption, cryptographic hashing, keyed-hash message authentication, and password-based key derivation. These functions are supported with suitable random bit generation, key derivation, salt generation, initialization vector generation, secure key storage, and key destruction. These primitive cryptographic functions are used to encrypt Data-At-Rest (including the generation and protection of keys and key encryption keys) used by the TOE.
\r\nUser data protection:
\r\nThe TOE performs Full Drive Encryption on the entire drive (so that no plaintext exists) and does so without user intervention.
\r\nSecurity management:
\r\nThe TOE provides each of the required management services to manage the full drive encryption using a command line interface.
\r\nProtection of the TSF:
\r\nThe TOE implements a number of features to protect itself to ensure the reliability and integrity of its security features. It protects key and key material, and includes functions to perform self-tests and software/firmware integrity checking so that it might detect when it is failing or may be corrupt. If any of the self-tests fail, the TOE will not enter an operational mode.
\r\n","features":[]}