Compliant Product - INTEGRITY Enterprise OS - Archon Edition
Certificate Date: 2022.05.03CC Certificate Security Target Validation Report
Validation Report Number: CCEVS-VR-VID11258-2022
Product Type: Operating System
Conformance Claim: Protection Profile Compliant
PP Identifier: Protection Profile for General Purpose Operating Systems Version 4.2.1
CC Testing Lab: Acumen Security
The TOE is the INTEGRITY Enterprise OS – Archon Edition, which provides a secure computing environment for mobile platforms. The TOE provides end users with the ability to install their own custom user software in a high security sandbox, while maintaining a secure operating system enclave logically isolated from the end user’s application.
Security Evaluation Summary
The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the INTEGRITY Enterprise OS – Archon Edition was evaluated are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 5. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 rev 5. Acumen Security determined that the evaluation assurance level (EAL) for the product is EAL 1. The product, when delivered configured as identified in the INTEGRITY Enterprise OS – Archon Edition Common Criteria User Guidance, satisfies all of the security functional requirements stated in the INTEGRITY Enterprise OS Security Target. The project underwent CCEVS Validator review. The evaluation was completed in May 2022. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.
The TOE implements the following security functional requirements from [OSPP]:
Audit Data Generation (FAU)
The TOE audits the following events and details:
· Audit all administrative functions.
· Audit all security-relevant functions of the OS.
· Audit the causing user, calling process, and specific error messages for any logged events.
Cryptographic Support (FCS)
The TOE includes the INTEGRITY Crypto Library v1.0 (ICL). Functions implemented with ICL are in service of all cryptographic functionality required by the SFRs. The TOE supports the following cryptographic functions:
User Data Protection (FDP)
The TOE protects all user data on disk via always-on encryption. All data on the disk, including the OS files and all user data, are automatically encrypted. This includes all Protection Profile-defined Sensitive Data, including:
· User application private keys, secrets, and key material.
· Certificates and keys used for trusted path establishment, trusted channel establishment, and trusted update verification.
Identification and Authentication (FIA)
The TOE implements user identification and authentication, including authentication failure limiting, at all administrative interfaces. No more than three consecutive unsuccessful authentication attempts on any given power cycle. The TOE requires that the administrator successfully authenticate prior to performing any management or configuration functions.
The TOE supports the use of X.509v3 certificates, including revocation and validity checking. The administrator may choose which certificate is used for any given trusted path or trusted channel.
Security Management (FMT)
The TOE permits authorized and authenticated administrators to perform the following management functions:
· Set the inactivity timeout.
· Configure trusted paths and channels.
· Configure the networking parameters.
· Configure automatic updates.
· Management of user accounts.
Protection of the TSF (FPT)
The TOE implements protection of the kernel, audit logs and functions, and credential repositories. The TOE implements Address Space Layout Randomization and Stack-Based Buffer Overflow protection. The TOE performs self-tests of the cryptographic functions prior to operation and implements security checking prior to installing updates.
Trusted Paths and Channels (FTP)
The TOE provides a TLS trusted communication path to both administrators and trusted IT entities that protects the channel data from modification or compromise.
Archon Secure LLC
703 623 4150