CPA SECURITY CHARACTERISTIC DATA AT REST ENCRYPTION: ALWAYS-ON MOBILE DEVICES

Transcription

1 CPA SECURITY CHARACTERISTIC DATA AT REST ENCRYPTION: ALWAYS-ON MOBILE DEVICES Version 1.1 Crown Copyright 2016 All Rights Reserved Page 1 of 6

2 About this document This document describes the features, testing and deployment requirements necessary to meet CPA certification for Data at Rest Encryption: Always-on Mobile Device security products. It is intended for vendors, system architects, developers, evaluation and technical staff operating within the security arena. The specific testing and deployment requirements are detailed in the Common Criteria document Protection Profile for Mobile Device Fundamentals Version 2.0 [A]. Document history The CPA Authority may review, amend, update, replace or issue new Scheme Documents as may be required from time to time. Soft copy location: DiscoverID < > Version Date Description 1.0 October 2014 Initial release 1.1 December 2014 Minor changes following external review Contact CESG This document is authorised by: Technical Director (Assurance), CESG. For queries about this document please contact: CPA Administration Team CESG, Hubble Road Cheltenham Gloucestershire GL51 0EX, UK Tel: +44 (0) CPA SECURITY CHARACTERISTIC: DATA AT REST ENCRYPTION: ALWAYS-ON MOBILE DEVICES Page 2 of 6

3 Contents Section 1 Overview Introduction Mapping to the Common Criteria Protection Profile Product description... 4 Section 2 Additional Mandatory Requirements... 5 Appendix A References... 6 CPA SECURITY CHARACTERISTIC: DATA AT REST ENCRYPTION: ALWAYS-ON MOBILE DEVICES Page 3 of 6

4 Section 1 Overview 1.1 Introduction The NIAP Protection Profile for Mobile Device Fundamentals Version 2.0 document [A] describes a set of requirements for mobile devices that can be certified through the Common Criteria scheme. The document you are now reading is a CPA Security Characteristic that: Provides a route to awarding a Foundation Grade certification for data at rest encryption products used by always on mobile devices, which already have CC certification. Highlights those requirements which are listed in the Protection Profile for Mobile Device Fundamentals as extended or optional, but which are mandatory in products that are to be successfully assessed against this SC This Security Characteristic aligns with guidance from the UK Government s End User Device (EUD) Security Framework [B]. 1.2 Mapping to the Common Criteria Protection Profile Mobile device products successfully certified via the Common Criteria, against the Protection Profile for Mobile Device Fundamentals, can be additionally awarded Foundation Grade Certification for their data at rest encryption element. This additional certification can be achieved by the product vendor informing the CPA Authority of the Common Criteria certification and providing evidence to show that assessment successfully verified that the product met the extended Protection profile requirements listed in Section 2 of this document. Once the CPA Authority have confirmed the vendor s assertions, the product will be awarded a Foundation Grade certification against this Security Characteristic. The product must be provided with suitable Security Procedures which describe how to securely provision, configure, operate, maintain and dispose of the evaluated device. These are expected to be short, and may refer to other documents (such as vendor guidance) as necessary. 1.3 Product description The aim of the security products relevant to this Security Characteristic is to maintain the confidentiality of data stored on an always-on mobile device by encrypting the data and providing controlled access to it. This protects the data if the mobile device is lost or stolen. However, it cannot protect against certain attacks, such as a lost or stolen device being accessed by a third party before the automatic lock has activated. Furthermore, the product may provide the ability to verify the integrity of the data, but is not able to prevent its physical destruction. CPA SECURITY CHARACTERISTIC: DATA AT REST ENCRYPTION: ALWAYS-ON MOBILE DEVICES Page 4 of 6

5 Section 2 Additional Mandatory Requirements Section of the Protection Profile for Mobile Device Fundamentals specifies additional optional requirements for protected storage on the device. For this Security Characteristic, those requirements (below) must be implemented and successfully assessed for a product to be awarded Foundation Grade certification. Protection Profile Requirements FDP_DAR_EXT.2.1 FDP_DAR_EXT.2.2 FDP_DAR_EXT.2.3 FDP_DAR_EXT.2.4 Description The TSF shall provide a mechanism for applications to mark data and keys as sensitive. The TSF shall use an asymmetric key scheme to encrypt and store sensitive data received while the product is locked. The TSF shall encrypt any stored symmetric key and any stored private key of the asymmetric key(s) used for the protection of sensitive data according to FCS_STG_EXT.2 selection 2. The TSF shall decrypt the sensitive data that was received while in the locked state upon transitioning to the unlocked state using the asymmetric key scheme and shall re-encrypt that sensitive data using the symmetric key scheme. CPA SECURITY CHARACTERISTIC: DATA AT REST ENCRYPTION: ALWAYS-ON MOBILE DEVICES Page 5 of 6

6 Appendix A References Label Title Version Date Location [A] [B] Protection Profile for Mobile Device Fundamentals End User Devices Security and Configuration Guidance 2.0 September 2014 October CPA SECURITY CHARACTERISTIC: DATA AT REST ENCRYPTION: ALWAYS-ON MOBILE DEVICES Page 6 of 6