U.S. Government Approved Protection Profile - Protection Profile for Peripheral Sharing Switch Version 3.0
Short Name: pp_pss_v3.0
Technology Type: Peripheral Switch
CC Version: 3.1
Date: 13 February 2015
Preceded By: pp_psshid_v2.1
Conformance Claim: None
Compliant targets of evaluation typically switch multiple peripherals to multiple computers based on the user switching inputs. Authorized switching methods may be implemented locally on the PSS front panel. Note that authorized switching methods specifically do not include the following methods: keyboard shortcuts, also known as “hotkeys”, automatic scanning, and voice activation. Note that this PP is also applicable to TOEs that support one computer only (isolator). The primary function of the PSS is to provide isolation between computer sources and peripherals. It is a tool to share peripheral devices. The same security goals are applicable even when there is only one computer involved. There may be a requirement to provide isolation between the computer and the peripheral devices and in that case, a single port PSS, or isolator, may be used. Compliant TOEs support one or more authorized switching methods, which are Push-buttons, tact switches, Toggle switches, Touch-screen, Mouse or cursor control.
In the context of this PP, a peripheral sharing switch provides a mechanism to securely connect a common set of peripherals (1 to n) to the attached computer(s) (1 to j) without sharing or transferring data (Figure 1). The PSS will follow a deliberate action from the user to enable an interaction between the connected peripherals and the selected computer. Examples of the type of PSS that should claim compliance to this PP include keyboard, video, mouse (KVM) switches; keyboard, mouse (KM) switches; isolators (PSS with a single connected computer); and combiners (PSS capable of displaying multiple computers in one video display). Examples of devices that are not suitable for evaluation against this PP include Internet Protocol (IP) and network-attached switches and matrix switches. Basic use cases are defined in Annex B.
While the functionality that the TOE is obligated to implement (in response to the described threat environment) is discussed in detail in later sections, it is useful to give a brief description here. Compliant TOEs will provide security functionality that addresses threats to the TOE and implements policies that are imposed by law or regulation.
This assurance standard specifies information security requirements for Peripheral Sharing Switch for use in an enterprise. A PSS device in the context of this assurance standard is a device which is composed of one or more hardware components or platforms and its software or firmware. It may include cables and accessories, if applicable.
Connected peripheral devices, computer platforms or extenders are not covered under this PP and may be covered by another PP, if applicable. Nevertheless, testing of the TOE requires a complete setup that includes computers and peripheral devices.
PSS devices covered by this PP:
- may consist of one or more connected sub-systems (for example one KM switch and one video switch);
- may switch multiple instances of the same type of peripheral device (for example PSS may support multiple displays);
- may have a subset of the switching functions (for example display switching only);
- may support newer protocols (unlike previous PSS PP);
- may be controlled by newer user controls (for example multi-touch windows);
Assigned to the following Validated Products
- VID10638 – Belkin Secure KM models F1DN102K-3, F1DN104K-3, and F1DN108K-3
- VID10700 – HSL Secure KM Models SM20N-3, SM40N-3, SM40NU-3, SM80N-3, SM80NU-3
- VID10701 – HSL Secure KVM Models SK21D-3, SK21P-3, SK21H-3, SX22D-3, SX22H-3, DK22H-3, DK22P-3, DK22D-3, DK22PD-3, SK41D-3, SK41DU-3, SK41P-3, SK41PU-3, SK41H-3, SK41HU-3, DK42D-3, DK42DU-3, DK42P-3, DK42PU-3, DK42H-3, DK42HU-3, SX42DU-3, SX42PU-3, SX42HU-3, SK81DU-3, DK82DU-3, and SK161DU-3
- VID10704 – Vertiv Secure KM (formerly known as Emerson Secure KM Models SCKM120, SCKM140, SCKM145, SCKM180 and SCKM185)
- VID10705 – Vertiv Secure KVM and Matrix (formerly Emerson Secure KVM models SC820, SC820D, SC820H, SCM120, SCM120H, SC920H, SC920D, SC920, SC920XD, SC840, SC845, SC945, SC940, SC840D, SC845D, SC940D, SC945D, SC840H, SC845H, SC940H, SC945H, SC945XD, SCM145, SCM145H, SC1045XD, SC885, SC985, and SC8165)
- VID10708 – Belkin Secure KVM models F1DN102F-3, F1DN102N-3, F1DN102V-3, F1DN102H-3, F1DN104P-3, F1DN104W-3, F1DN104B-3, F1DN104C-3, F1DN104E-3, F1DN104F-3, F1DN104Q-3, F1DN108C-3, F1DN116C-3, and F1DN108F-3
- VID10772 – IPGARD Secure KVM/KM Switch (SDVN, SDPN, SDHN, SKMN models)
Related Technical Decisions
- 0144 – FDP_RIP.1.1 - Purge Memory and Restore Factory Defaults Optional
- 0141 – FMT_MOF.1.1 & FMT_SMF.1.1 - Test Mapping
- 0136 – FDP_RIP.1.1 - Refinement
- 0086 – DisplayPort to HDMI Conversion Functionality
- 0083 – Vulnerability Survey Assurance Component (AVA_VAN.1) in PSS PP v3.0
Please forward any questions or comments to firstname.lastname@example.org