PP-Configuration for Network Device and SSL/TLS Inspection Proxy
(STIP)
Version: 2.0
2024-04-25
National Information Assurance Partnership
Page 2 of 4
Table of Contents
1 Introduction .......................................................................................................................................... 3
1.1 Overview ....................................................................................................................................... 3
1.2 PP-Configuration Reference .......................................................................................................... 3
1.3 PP-Configuration Components Statement ....................................................................................3
2 Conformance Claims ............................................................................................................................. 4
2.1 CC Conformance............................................................................................................................ 4
2.2 SAR Statement............................................................................................................................... 4
Page 3 of 4
1 Introduction
1.1 Overview
This PP-Configuration is for a network device that provides functionality for SSL/TLS Inspection Proxy
(STIP).
1.2 PP-Configuration Reference
This PP-Configuration is identified as follows:
• PP-Configuration for Network Device and SSL/TLS Inspection Proxy (STIP), Version 2.0
• As a shorthand reference, it can be identified as "CFG_NDcPP-STIP_V2.0"
1.3 PP-Configuration Components Statement
This PP-Configuration includes the following components:
• Base-PP: collaborative Protection Profile for Network Device, Version 3.0e (CPP_ND_V3.0E)
• PP-Module: PP-Module for SSL/TLS Inspection Proxy (STIP), Version 1.1 (MOD_STIP_V1.1)
Page 4 of 4
2 Conformance Claims
2.1 CC Conformance
Conformance Statement
To be conformant to this PP-Configuration, an ST must demonstrate Exact Conformance, as defined by
the CC and CEM addenda for Exact Conformance, Selection-Based SFRs, and Optional SFRs (dated May
2017).
CC Conformance Claims
This PP-Configuration, and its components specified in section 1.3, are conformant to Parts 2 (extended)
and 3 (conformant) of Common Criteria Version 3.1, Release 5 [CC].
2.2 SAR Statement
To evaluate a TOE that claims conformance to this PP-Configuration, the evaluator shall evaluate the TOE
against the following SARs that the Base-PP defines:
Assurance Class Assurance Components
Security Target (ASE) Conformance Claims (ASE_CCL.1)
Extended Components Definition (ASE_ECD.1)
ST Introduction (ASE_INT.1)
Security Objectives for the Operational Environment (ASE_OBJ.1)
Stated Security Requirements (ASE_REQ.1)
Security Problem Definition (ASE_SPD.1)
TOE Summary Specification (ASE_TSS.1)
Development (ADV) Basic Functional Specification (ADV_FSP.1)
Guidance Documents (AGD) Operational User Guidance (AGD_OPE.1)
Preparative Procedures (AGD_PRE.1)
Life Cycle Support (ALC) Labeling of the TOE (ALC_CMC.1)
TOE CM Coverage (ALC_CMS.1)
Tests (ATE) Independent Testing – Conformance (ATE_IND.1)
Vulnerability Assessment (AVA) Vulnerability Survey (AVA_VAN.1)
The Supporting Documents included with the Base-PP and PP-Modules contain specific information with
respect to the evaluation of the SARs listed in the table above.