NIAP: U.S. Government Approved Protection Profile - Extended Package for Authentication Servers Version 1.0
NIAP/CCEVS

Short Name: pp_ndcpp_app_authsvr_ep_v1.0

Technology Type: Network Device

CC Version: 3.1

Date: 07 August 2015

Conformance Claim: None

 

PP OVERVIEW

This Extended Package (EP) describes security requirements for an authentication server and is intended to provide a minimal baseline set of requirements that are targeted at mitigating well defined and described threats. Authentication server products allow enterprises to provide a centralized and standardized method of evaluating user authentication requests made throughout the enterprise. This enables centralized definition of user identity and credential data and allows for uniform application of authentication policies that define what credentials and user attributes are necessary to gain access to various systems and applications in the enterprise environment. This EP focuses specifically on RADIUS authentication servers.

This introduction describes the features of a compliant Target of Evaluation (TOE) and discusses how this EP is to be used in conjunction with the Network Device collaborative Protection Profile (NDcPP) or the Application Software Protection Profile (App PP).

This U.S. Government Approved Protection Profile is not assigned to any Validated Products

Related Technical Decisions

  • 0174 – Optional Ciphersuites for TLS
  • 0171 – Testing for RADIUS EAP responses and EAP-TLS protocols

Please forward any questions or comments to pp-comments@niap-ccevs.org

Site Map              Contact Us              Home