NIAP: U.S. Government Approved Protection Profile - Protection Profile for USB Flash Drives Version 1.0

Short Name: pp_usb_fd_v1.0

Technology Type: USB Flash Drive

CC Version: 3.1

Date: 01 December 2011

Conformance Claim: None



Transition Window

The Transition Window for this PP is from the date of publication through 1 June 2012. During the Transition Window, products will be accepted into evaluation against the PP or against an ST at EAL2 with a Letter of Intent. Once the Transition Window closes, all relevant products submitted for evaluation will only be evaluated against the PP.

USB Flash Drive

This is the NIAP approved Protection Profile (PP) for USB flash drives. The Target of Evaluation (TOE) defined in this Protection Profile (PP) is a USB flash drive and any associated software used to manage the drive and access the data on it.

Usage Scenarios

The two usage scenarios for USB Flash Drives addressed by the PP are:

  1. Use by an organization to transfer information between two devices; and
  2. Use to store files for a device or set of devices for a single user.

Threats Addressed

This PP addresses the following primary threats by an adversary:

  1. Obtain a misplaced or stolen USB flash drive and extract the sensitive data; or

Attempt to place malicious system files on the device that can be used to compromise host environments.

This U.S. Government Approved Protection Profile is not assigned to any Validated Products

Related Technical Decision

  • 0079 – RBG Cryptographic Transitions per NIST SP 800-131A Revision 1

Please forward any questions or comments to

Site Map              Contact Us              Home