Version | Date | Comment |
---|---|---|
1.0 | 2022-01-20 | Start of first draft. |
Assurance | Grounds for confidence that a TOE meets the SFRs [CC]. |
Base Protection Profile (Base-PP) | Protection Profile used as a basis to build a PP-Configuration. |
Collaborative Protection Profile (cPP) | A Protection Profile developed by international technical communities and approved by multiple schemes |
Common Criteria (CC) | Common Criteria for Information Technology Security Evaluation (International Standard ISO/IEC 15408). |
Common Criteria Testing Laboratory | Within the context of the Common Criteria Evaluation and Validation Scheme (CCEVS), an IT security evaluation facility, accredited by the National Voluntary Laboratory Accreditation Program (NVLAP) and approved by the NIAP Validation Body to conduct Common Criteria-based evaluations. |
Common Evaluation Methodology (CEM) | Common Evaluation Methodology for Information Technology Security Evaluation. |
Distributed TOE | A TOE composed of multiple components operating as a logical whole. |
Extended Package (EP) | A deprecated document form for collecting SFRs that implement a particular protocol, technology, or functionality. See Functional Packages. |
Functional Package (FP) | A document that collects SFRs for a particular protocol, technology, or functionality. |
Operational Environment (OE) | Hardware and software that are outside the TOE boundary that support the TOE functionality and security policy. |
Protection Profile (PP) | An implementation-independent set of security requirements for a category of products. |
Protection Profile Configuration (PP-Configuration) | A comprehensive set of security requirements for a product type that consists of at least one Base-PP and at least one PP-Module. |
Protection Profile Module (PP-Module) | An implementation-independent statement of security needs for a TOE type complementary to one or more Base Protection Profiles. |
Security Assurance Requirement (SAR) | A requirement to assure the security of the TOE. |
Security Functional Requirement (SFR) | A requirement for security enforcement by the TOE. |
Security Target (ST) | A set of implementation-dependent security requirements for a specific product. |
Target of Evaluation (TOE) | The product under evaluation. |
The security functionality of the product under evaluation. | |
A description of how a TOE satisfies the SFRs in an ST. |
Certificate Authority (CA) | An entity that issues digital certificates. |
Certificate Signing Request (CSR) | A message sent from an applicant to a registration authority of the public key infrastructure in order to apply for a digital identity certificate. |
Distinguished Name (DN) | A field in an X.509 certificate that uniquely identifies a person, organization, or business. |
Eliptic Curve group modulo a Prime (ECP) | Eliptic Curve Group Modulo a Prime. |
Encapsulating Security Payload (ESP) | The protocol used by IPsec to transport encrypted and integrity-protected communications across the network. |
Extended Authentication (XAUTH) | An authentication scheme that supports an additional level of authentication by allowing the IPSec gateway to request extended authentication from remote users. |
Extended Sequence Number (ESN) | An extension to the standard that allows IPsec to use 64-bit sequence numbers. |
Extensible Authentication Protocol (EAP) | A framework for adding arbitrary authentication methods in a standardized way to any protocol. The most common EAP method used with IKEv2 is EAP-TLS. |
Fully Qualified Domain Name (FQDN) | A domain name that specifies its exact location in the hierarchy of the Domain Name System (DNS). |
Internet Control Message Protocol (ICMP) | A supporting protocol in the Internet Protocol suite. It is used by network devices to send error messages and operational information indicating success or failure when communicating with another IP address. |
Internet Key Exchange (IKE) | The protocol used by IPsec to set up and manage IPsec connections. This includes negotiating IPsec connection settings, authenticating endpoints to each other, defining the security parameters of IPsec-protected connections, and negotiating session keys. IKEv2 is the current version. |
Internet Protocol Security (IPsec) | A suite of open standards for ensuring private communications over public networks. |
Internet Security Association and Key Management Protocol (ISAKMP) | A protocol defined by RFC 2408 for establishing Security association (SA) and cryptographic keys in an Internet environment. |
Online Certificate Status Protocol (OCSP) | An Internet protocol used for obtaining the revocation status of an X.509 digital certificate. |
A secret that was previously shared between two parties before it needs to be used. | |
Security Association (SA) | The establishment of shared security attributes between two network entities to support secure communication. |
Security Policy Database (SPD) | A set of rules that determines whether a packet is subject to IPsec processing. Each entry in the SPD represents a policy that defines how the set of traffic covered under the policy will be processed. |
User Datagram Protocol (UDP) | A communications protocol that is primarily used to establish low-latency and loss-tolerating connections between applications on the internet. |
Virtual Private Network (VPN) | An extension of a private network across a public or shared network that allows users to exchange data as though they were connected directly to the private network. |
An ST must identify the applicable version of the PP, cPP, or PP-Module and this Functional Package in its conformance claims.
Component | Explanation |
---|---|
FCS_CKM.1 | To support key generation for IPsec, the incorporating document must include FCS_CKM.1 and specify the corresponding algorithms. |
FCS_CKM.2 | To support key establishment for IPsec, the incorporating document must include FCS_CKM.2 and specify the corresponding algorithms. |
FCS_CKM_EXT.5 | To support key derivation for IPsec, the incorporating document may need to include FCS_CKM_EXT.5 and specify the corresponding key derivation algorithms. |
FCS_COP.1 | To support the cryptography needed for IPsec communications, the incorporating document must include FCS_COP.1 (iterating as needed) to specify AES with corresponding key sizes and modes, digital signature generation and verification function (at least one of RSA or ECDSA), a cryptographic hash function, and a keyed-hash message authentication function. In particular, this Package requires that the TOE support AES-GCM-128 and AES-GCM-256 for ESP, and AES-CBC-128 and AES-CBC-256 for IKE. |
FCS_RBG_EXT.1 | To support random bit generation needed for IPsec key generation, the incorporating document must include a requirement that specifies the TOE's ability to invoke or provide random bit generation services, commonly identified as FCS_RBG_EXT.1. |
FIA_X509_EXT.2 | To support establishment of IPsec communications using a public key algorithm that includes X.509, the incorporating document must include FIA_X509_EXT.2 to specify the reasons for using X.509 certificates. But is this really a dependency for this package? I don't think so. |
FPT_STM.1 | To support establishment of IPSec communications using a public key algorithm that includes X.509, the incorporating document must include FPT_STM.1 or some other requirement that ensures reliable system time. Note however that support for time-based rekey thresholds is selectable and not mandatory. |
For changes to included SFRs, selections, and assignments required for this use case, see B.1 EAP.
For changes to included SFRs, selections, and assignments required for this use case, see B.2 Pre-Shared Keys.
For changes to included SFRs, selections, and assignments required for this use case, see B.3 X.509 Certificates.
The auditable events specified in this Package are included in a Security Target if the incorporating PP, cPP, or PP-Module supports audit event reporting through FAU_GEN.1 and all other criteria in the incorporating document are met.
Requirement | Auditable Events | Additional Audit Record Contents |
---|---|---|
FCS_EAP_EXT.1 | No events specified. | N/A |
FIA_PSK_EXT.1 | No events specified. | N/A |
Acronym | Meaning |
---|---|
Base-PP | Base Protection Profile |
CA | Certificate Authority |
CC | Common Criteria |
CEM | Common Evaluation Methodology |
CSR | Certificate Signing Request |
DN | Distinguished Name |
EAP | Extensible Authentication Protocol |
ECP | Eliptic Curve group modulo a Prime |
EP | Extended Package |
ESN | Extended Sequence Number |
ESP | Encapsulating Security Payload |
FP | Functional Package |
FQDN | Fully Qualified Domain Name |
ICMP | Internet Control Message Protocol |
IKE | Internet Key Exchange |
IPsec | Internet Protocol Security |
ISAKMP | Internet Security Association and Key Management Protocol |
OCSP | Online Certificate Status Protocol |
OE | Operational Environment |
PP | Protection Profile |
PP-Configuration | Protection Profile Configuration |
PP-Module | Protection Profile Module |
PSK | Pre-Shared Key |
SA | Security Association |
SAR | Security Assurance Requirement |
SFR | Security Functional Requirement |
SPD | Security Policy Database |
ST | Security Target |
TOE | Target of Evaluation |
TSF | TOE Security Functionality |
TSFI | TSF Interface |
TSS | TOE Summary Specification |
UDP | User Datagram Protocol |
VPN | Virtual Private Network |
XAUTH | Extended Authentication |
cPP | Collaborative Protection Profile |