NIAP: U.S. Government Approved Protection Profile - PP-Module for User Authentication Devices Version 1.0

NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
Questions?  We're here to help
  NIAP  »»  Protection Profiles  »»  Approved PPs  »»  Details  
U.S. Government Approved Protection Profile - PP-Module for User Authentication Devices Version 1.0

Short Name: mod_ua_v1.0

Technology Type: Peripheral Switch

CC Version: 3.1

Date: 2019.07.19

Conformance Claim: None

Protection Profile [PDF]

Supporting Docs [PDF]

PP Configuration for PSD-UA_V1.0 [PDF]

Control Mapping [PDF]

PP-Configuration for PSD-AO-KM-UA-VI_V1.0  [PDF]

PP-Configuration for PSD-KM-UA_V1.0  [PDF]

PP-Configuration for PSD-KM-UA-VI_V1.0  [PDF]

PP-Configuration for CFG_PSD-AO-KM-UA_V1.0  [PDF]



The scope of this PP-Module is to describe the security functionality of a specific type of Peripheral Sharing Device (PSD) product in terms of [CC] and to define functional and assurance requirements for such products. A TOE that claims conformance to this PP-Module must also claim conformance to the Peripheral Sharing Device Protection Profile (PSD PP), Version 4.0. This is because the PSD PP is a generic Protection Profile aimed at defining baseline requirements and assurance activities for a wide variety of PSD products but more specific requirements and assurance activities apply depending on the types of physical and logical interfaces provided by a PSD. Therefore, additional Security Functional Requirements (SFRs) have been defined in this PP-Module to define security functionality that is unique to a PSD that provides the ability to support user authentication devices.


Any Target of Evaluation (TOE) that conforms to the PSD PP and includes user authentication device functionality is considered to be a candidate TOE for claiming conformance to this PP-Module. In particular, a compliant TOE is expected to support one or more user authentication devices for one or more connected computers.

A compliant TOE will have a USB protocol connection for the TOE computer interface and can implement the TOE peripheral connection in the following ways:

·         External - The TOE supports an external user authentication device with an exposed USB interface, and whose functionality may be separated from the PSD.

·         Internal - The TOE implements an internal user authentication device whose functionality may not be separated from the PSD.

A compliant TOE will not emulate the user authentication device or support simultaneous user authentication sessions across multiple computers.

All of the requirements and restrictions that are defined in the PSD PP apply to a conformant TOE. A compliant TOE will also satisfy all of the specific data protection/isolation capabilities that are required by this PP-Module. A compliant TOE will embody one or more of the use cases defined in the PSD PP. It may also provide PSD functionality for additional types of computer interfaces (e.g. keyboard/mouse). In this case, the TOE will claim conformance to all applicable PP-Modules.

Assigned to the following Validated Products

Active Related Technical Decisions

Please forward any Protection Profile specific comments to the applicable Technical Rapid Response Team (TRRT).

Please forward any general questions to our Q&A tool.

Site Map              Contact Us              Home