44335885 Page 1 of 6
CPA SECURITY CHARACTERISTIC
DATA AT REST ENCRYPTION: ALWAYS-ON MOBILE DEVICES
Version 1.1CPA SECURITY CHARACTERISTIC: DATA AT REST ENCRYPTION: ALWAYS-ON MOBILE DEVICES Page 2 of 6
About this document
This document describes the features, testing and deployment requirements necessary to meet CPA certification for Data at Rest Encryption: Always-on Mobile Device security products. It is intended for vendors, system architects, developers, evaluation and technical staff operating within the security arena.
The specific testing and deployment requirements are detailed in the Common Criteria document Protection Profile for Mobile Device Fundamentals Version 2.0 [A].
Document history
The CPA Authority may review, amend, update, replace or issue new Scheme Documents as may be required from time to time. Soft copy location: DiscoverID <44335885>
Version Date Description
1.0 October 2014 Initial release
1.1 December 2014 Minor changes following external review
Contact CESG
This document is authorised by: Technical Director (Assurance), CESG. For queries about this document please contact:
CPA Administration Team CESG, Hubble Road Cheltenham
Gloucestershire GL51 0EX, UK
Email: cpa@cesg.gsi.gov.uk
CPA SECURITY CHARACTERISTIC: DATA AT REST ENCRYPTION: ALWAYS-ON MOBILE DEVICES Page 3 of 6
Contents
Section 1 Overview ... 4
1.1 Introduction ... 4
1.2 Mapping to the Common Criteria Protection Profile ... 4
1.3 Product description ... 4
Section 2 Additional Mandatory Requirements ... 5
CPA SECURITY CHARACTERISTIC: DATA AT REST ENCRYPTION: ALWAYS-ON MOBILE DEVICES Page 4 of 6
Section 1
Overview
1.1
Introduction
The NIAP Protection Profile for Mobile Device Fundamentals Version 2.0 document [A] describes a set of requirements for mobile devices that can be certified through the Common Criteria scheme. The document you are now reading is a CPA Security Characteristic that:
Provides a route to awarding a Foundation Grade certification for ‘data at rest encryption’ products used by ‘always on mobile devices’, which already have CC certification.
Highlights those requirements which are listed in the Protection Profile for Mobile Device
Fundamentals as ‘extended’ or ‘optional’, but which are mandatory in products that are to be successfully assessed against this SC
This Security Characteristic aligns with guidance from the UK Government’s End User Device (EUD) Security Framework [B].
1.2
Mapping to the Common Criteria Protection Profile
Mobile device products successfully certified via the Common Criteria, against the Protection Profile for Mobile Device Fundamentals, can be additionally awarded Foundation Grade Certification for their data at rest encryption element. This additional certification can be achieved by the product vendor informing the CPA Authority of the Common Criteria certification and providing evidence to show that
assessment successfully verified that the product met the extended Protection profile requirements listed in Section 2 of this document. Once the CPA Authority have confirmed the vendor’s assertions, the product will be awarded a Foundation Grade certification against this Security Characteristic. The product must be provided with suitable Security Procedures which describe how to securely provision, configure, operate, maintain and dispose of the evaluated device. These are expected to be short, and may refer to other documents (such as vendor guidance) as necessary.
1.3
Product description
The aim of the security products relevant to this Security Characteristic is to maintain the
confidentiality of data stored on an ‘always-on’ mobile device by encrypting the data and providing controlled access to it. This protects the data if the mobile device is lost or stolen. However, it cannot protect against certain attacks, such as a lost or stolen device being accessed by a third party before the automatic lock has activated.
Furthermore, the product may provide the ability to verify the integrity of the data, but is not able to prevent its physical destruction.
CPA SECURITY CHARACTERISTIC: DATA AT REST ENCRYPTION: ALWAYS-ON MOBILE DEVICES Page 5 of 6
Section 2
Additional Mandatory Requirements
Section 4.1.2 of the Protection Profile for Mobile Device Fundamentals specifies additional optional
requirements for protected storage on the device. For this Security Characteristic, those requirements (below) must be implemented and successfully assessed for a product to be awarded Foundation Grade certification.
Protection Profile Requirements Description
FDP_DAR_EXT.2.1 The TSF shall provide a mechanism for applications to mark data and keys as sensitive.
FDP_DAR_EXT.2.2 The TSF shall use an asymmetric key scheme to encrypt and store sensitive data received while the product is locked.
FDP_DAR_EXT.2.3 The TSF shall encrypt any stored symmetric key and any stored private key of the asymmetric key(s) used for the protection of sensitive data according to FCS_STG_EXT.2 selection 2.
FDP_DAR_EXT.2.4 The TSF shall decrypt the sensitive data that was received while in the locked state upon transitioning to the unlocked state using the asymmetric key scheme and shall re-encrypt that sensitive data using the symmetric key scheme.
CPA SECURITY CHARACTERISTIC: DATA AT REST ENCRYPTION: ALWAYS-ON MOBILE DEVICES Page 6 of 6
Appendix A
References
Label Title Version Date Location
[A] Protection Profile for Mobile Device
Fundamentals 2.0 September 2014 www.niap-ccevs.org/pp/PP_MD_v2.0/ [B] End User Devices Security and Configuration
Guidance
October 2014
www.gov.uk/government/collections/end-user-devices-security-guidance