This page was not yet optimized for use on mobile devices.
PP-Module for VPN Client, Version 2.2
Web information ?
Status: archivedCertification date: 2021-01-05
Archived date: 2021-11-10
Scheme: 🇺🇸
Category: Network and Network-Related Devices and Systems
Security level: EAL1
Certification report ?
Extracted keywords
Symmetric Algorithms
DESProtocols
TLS, DTLS, IKE, IPsec, VPNVendor
SamsungClaims
O.COMMS, O.STORAGE, O.CONFIG, O.AUTH, O.INTEGRITY, O.PRIVACY, T.EAVESDROP, T.NETWORK, T.PHYSICAL, T.FLAWAPP, T.PERSISTENT, T.TSF_CONFIGURATION, T.UNAUTHORIZED_ACCESS, T.UNAUTHORIZED_UPDATE, T.USER_DATA_REUSE, T.TSF_FAILURE, A.CONFIG, A.NOTIFY, A.PRECAUTION, A.NO_TOE_BYPASS, A.PHYSICAL, A.TRUSTED_CONFIG, OE.CONFIG, OE.NOTIFY, OE.PRECAUTION, OE.NO_TOE_BYPASS, OE.PHYSICAL, OE.TRUSTED_CONFIGSecurity Assurance Requirements (SAR)
ACE_REQ, ACE_INT.1, ACE_CCL.1, ACE_SPD.1, ACE_OBJ.1, ACE_ECD.1, ACE_REQ.1, ACE_MCO.1, ACE_CCO.1Security Functional Requirements (SFR)
FAU_GEN, FAU_SEL, FCS_CKM, FCS_CKM_EXT, FDP_RIP, FDP_IFC_EXT, FIA_PSK_EXT, FMT_SMF, FPT_TST_EXT, FTP_ITCEvaluation facilities
Gossamer SecurityCertification process
out of scope, access to its storage media. Note: Defending against device re-use after physical compromise is out of scope for this protection profile. 6 Threat Name Threat Definition T.FLAWAPP Applications loaded ontoStandards
X.509File metadata
| Creation date | D:20211012113416-04'00' |
|---|---|
| Modification date | D:20211012113416-04'00' |
| Pages | 20 |
Profile ?
Extracted keywords
Symmetric Algorithms
AES, DES, HMACAsymmetric Algorithms
ECDH, ECDSA, ECC, Diffie-Hellman, DHHash functions
SHA-256, SHA-512Schemes
Key ExchangeProtocols
SSH, TLS, DTLS, IKE, IKEv2, IKEv1, IPsec, VPNRandomness
RBGElliptic Curves
P-256, P-384, P-521, curve P-384, Curve25519Block cipher modes
CBC, GCMClaims
O.AUTHENTICATION, O.CRYPTOGRAPHIC_FUNCTIONS, O.KNOWN_STATE, O.NONDISCLOSURE, O.CRYPTOGRAPHIC_FUN, O.CRYPTOGRAPHIC_F, O.PROTECTED_COMMS, O.INTEGRITY, O.PROTECTED_STORAGE, O.AUTH, O.COMMS, O.STORAGE, O.DATA_PROTECTION_TRANSIT, O.ACCOUNTABILITY, O.MANAGEMENT, T.UNAUTHORIZED_ACCESS, T.TSF_CONFIGURATION, T.USER_DATA_REUSE, T.TSF_FAILURE, T.UNAUTHROIZED_ACCESS, T.NETWORK_ATTACK, T.NETWORK_EAVESDROP, T.LOCAL_ATTACK, T.NETWORK, T.EAVESDROP, T.FLAWAPP, A.NO_TOE_BYPASS, A.PHYSICAL, A.TRUSTED_CONFIG, A.PLATFORM, A.PROPER_ADMIN, A.NOTIFY, A.PRECAUTION, A.CONFIG, A.MDM_SERVER_PLATFORM, OE.NO_TOE_BYPASS, OE.PHYSICAL, OE.TRUSTED_CONFIG, OE.PLATFORM, OE.PROPER_USER, OE.PROPER_ADMIN, OE.PRECAUTION, OE.CONFIG, OE.IT_ENTERPRISESecurity Assurance Requirements (SAR)
AGD_PRE, AGD_OPESecurity Functional Requirements (SFR)
FAU_GEN, FAU_SEL, FAU_GEN.1, FAU_SEL.1, FCS_CKM.1, FCS_CKM.2, FCS_COP.1, FCS_CKM_EXT.1, FCS_CKM, FCS_CKM_EXT.2, FCS_CKM_EXT.4, FCS_CKM.1.1, FCS_CKM.2.1, FCS_COP.1.1, FCS_CKM_EXT.2.1, FCS_CKM_EXT.1.1, FCS_STO_EXT.1, FCS_CKM_EXT.4.1, FCS_RBG_EXT.1, FCS_COP, FCS_CKM_EXT, FCS_CKM.4, FDP_RIP.1, FDP_IFC_EXT.1, FDP_DAR_EXT.2.2, FDP_RIP.2, FDP_RIP.2.1, FDP_IFC_EXT.1.1, FDP_IFC_EXT, FIA_PSK_EXT.1, FIA_PSK_EXT.1.1, FIA_PSK_EXT.1.2, FIA_PSK_EXT.1.3, FIA_PSK_EXT, FMT_SMF, FMT_SMF.1, FMT_MTD.1, FMT_MOF_EXT.1, FMT_SMF_EXT.1, FMT_SMR.1, FPT_ITT.1, FPT_TST_EXT, FPT_TUD_EXT.1, FPT_TST_EXT.1, FPT_ITT.1.1, FPT_TRP.1, FPT_TST_EXT.1.1, FPT_TST_EXT.1.2, FPT_STM.1, FTP_ITC.1, FTP_ITC_EXT.1, FTP_TRP.1, FTP_ITC.1.1, FTP_ITC.1.2, FTP_ITC.1.3, FTP_ITC_EXT.1.1, FTP_ITC_EXT.1.2, FTP_ITC_EXT.1.3, FTP_DIT_EXT.1, FTP_DIT_EXT.1.1, FTP_TRP.1.1, FTP_TRP.1.2, FTP_TRP.1.3Certification process
out of scope, is not disclosed without authorization. OE.NO_TOE_BYPASS This objective addresses behavior that is out of scope of the Base-PP and does not define an environment that a GPOS TOE is incapable of existing in. OE, is not disclosed without authorization. OE.NO_TOE_BYPASS This objective addresses behavior that is out of scope of the Base-PP and does not define an environment that an MDF TOE is incapable of existing in. OE, is not disclosed without authorization. OE.NO_TOE_BYPASS This objective addresses behavior that is out of scope of the Base-PP and does not define an environment that is globally applicable to all software, and logging functions to be bypassed. OE.NO_TOE_BYPASS This objective addresses behavior that is out of scope of the Base-PP and does not define an environment that an MDM TOE is incapable of existing in. OEStandards
FIPS PUB 186-4, FIPS PUB 197, NIST SP 800-38A, NIST SP 800-38D, NIST SP 800-38E, NIST SP 800-38C, NIST SP 800-38F, NIST SP 800-56A, NIST SP 800-57, RFC 4301, RFC 2406, RFC 4303, RFC 7296, RFC 3526, RFC 8017, RFC 5280, RFC 7748, RFC 7919, RFC 4106, RFC 3602, RFC 4109, RFC 4304, RFC 4868, RFC 8784, RFC8247, RFC 6379, RFC 5282, RFC 4945, X.509, x.509, CCMB-2012-09-001, CCMB-2012-09-002, CCMB-2012-09-003File metadata
| Creation date | D:20210112132452-05'00' |
|---|---|
| Modification date | D:20210112132452-05'00' |
| Pages | 76 |
References ?
Updates ?
-
04.02.2025 The protection profile was first processed.
New Protection Profile
A new Protection Profile with the name PP-Module for VPN Client, Version 2.2 was processed.
Raw data
{
"_id": "ce49f1523f0885d6",
"_type": "sec_certs.sample.protection_profile.ProtectionProfile",
"dgst": "ce49f1523f0885d6",
"heuristics": {
"_type": "sec_certs.sample.protection_profile.ProtectionProfile.Heuristics"
},
"pdf_data": {
"_type": "sec_certs.sample.protection_profile.ProtectionProfile.PdfData",
"pp_filename": "mod_vpnc_v2.2.pdf",
"pp_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 8
},
"ECDH": {
"ECDH": 1
},
"ECDSA": {
"ECDSA": 4
}
},
"FF": {
"DH": {
"DH": 18,
"Diffie-Hellman": 16
}
}
},
"cc_cert_id": {},
"cc_claims": {
"A": {
"A.CONFIG": 1,
"A.MDM_SERVER_PLATFORM": 2,
"A.NOTIFY": 1,
"A.NO_TOE_BYPASS": 10,
"A.PHYSICAL": 7,
"A.PLATFORM": 3,
"A.PRECAUTION": 1,
"A.PROPER_ADMIN": 3,
"A.TRUSTED_CONFIG": 6
},
"O": {
"O.ACCOUNTABILITY": 1,
"O.AUTH": 1,
"O.AUTHENTICATION": 7,
"O.COMMS": 1,
"O.CRYPTOGRAPHIC_F": 1,
"O.CRYPTOGRAPHIC_FUN": 1,
"O.CRYPTOGRAPHIC_FUNCTIONS": 5,
"O.DATA_PROTECTION_TRANSIT": 2,
"O.INTEGRITY": 4,
"O.KNOWN_STATE": 7,
"O.MANAGEMENT": 1,
"O.NONDISCLOSURE": 7,
"O.PROTECTED_COMMS": 4,
"O.PROTECTED_STORAGE": 2,
"O.STORAGE": 1
},
"OE": {
"OE.CONFIG": 1,
"OE.IT_ENTERPRISE": 1,
"OE.NO_TOE_BYPASS": 6,
"OE.PHYSICAL": 6,
"OE.PLATFORM": 2,
"OE.PRECAUTION": 1,
"OE.PROPER_ADMIN": 3,
"OE.PROPER_USER": 3,
"OE.TRUSTED_CONFIG": 6
},
"T": {
"T.EAVESDROP": 3,
"T.FLAWAPP": 1,
"T.LOCAL_ATTACK": 3,
"T.NETWORK": 2,
"T.NETWORK_ATTACK": 6,
"T.NETWORK_EAVESDROP": 8,
"T.TSF_CONFIGURATION": 7,
"T.TSF_FAILURE": 6,
"T.UNAUTHORIZED_ACCESS": 6,
"T.UNAUTHROIZED_ACCESS": 1,
"T.USER_DATA_REUSE": 6
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"AGD": {
"AGD_OPE": 3,
"AGD_PRE": 1
}
},
"cc_security_level": {},
"cc_sfr": {
"FAU": {
"FAU_GEN": 10,
"FAU_GEN.1": 6,
"FAU_SEL": 12,
"FAU_SEL.1": 3
},
"FCS": {
"FCS_CKM": 11,
"FCS_CKM.1": 21,
"FCS_CKM.1.1": 6,
"FCS_CKM.2": 20,
"FCS_CKM.2.1": 4,
"FCS_CKM.4": 4,
"FCS_CKM_EXT": 3,
"FCS_CKM_EXT.1": 5,
"FCS_CKM_EXT.1.1": 1,
"FCS_CKM_EXT.2": 12,
"FCS_CKM_EXT.2.1": 3,
"FCS_CKM_EXT.4": 11,
"FCS_CKM_EXT.4.1": 2,
"FCS_COP": 1,
"FCS_COP.1": 24,
"FCS_COP.1.1": 4,
"FCS_RBG_EXT.1": 5,
"FCS_STO_EXT.1": 2
},
"FDP": {
"FDP_DAR_EXT.2.2": 1,
"FDP_IFC_EXT": 3,
"FDP_IFC_EXT.1": 11,
"FDP_IFC_EXT.1.1": 2,
"FDP_RIP.1": 2,
"FDP_RIP.2": 6,
"FDP_RIP.2.1": 1
},
"FIA": {
"FIA_PSK_EXT": 3,
"FIA_PSK_EXT.1": 12,
"FIA_PSK_EXT.1.1": 2,
"FIA_PSK_EXT.1.2": 2,
"FIA_PSK_EXT.1.3": 3
},
"FMT": {
"FMT_MOF_EXT.1": 2,
"FMT_MTD.1": 2,
"FMT_SMF": 9,
"FMT_SMF.1": 2,
"FMT_SMF_EXT.1": 2,
"FMT_SMR.1": 1
},
"FPT": {
"FPT_ITT.1": 5,
"FPT_ITT.1.1": 1,
"FPT_STM.1": 4,
"FPT_TRP.1": 1,
"FPT_TST_EXT": 10,
"FPT_TST_EXT.1": 8,
"FPT_TST_EXT.1.1": 1,
"FPT_TST_EXT.1.2": 1,
"FPT_TUD_EXT.1": 2
},
"FTP": {
"FTP_DIT_EXT.1": 2,
"FTP_DIT_EXT.1.1": 3,
"FTP_ITC.1": 9,
"FTP_ITC.1.1": 2,
"FTP_ITC.1.2": 2,
"FTP_ITC.1.3": 2,
"FTP_ITC_EXT.1": 5,
"FTP_ITC_EXT.1.1": 1,
"FTP_ITC_EXT.1.2": 1,
"FTP_ITC_EXT.1.3": 1,
"FTP_TRP.1": 4,
"FTP_TRP.1.1": 1,
"FTP_TRP.1.2": 1,
"FTP_TRP.1.3": 1
}
},
"certification_process": {
"OutOfScope": {
"and logging functions to be bypassed. OE.NO_TOE_BYPASS This objective addresses behavior that is out of scope of the Base-PP and does not define an environment that an MDM TOE is incapable of existing in. OE": 1,
"is not disclosed without authorization. OE.NO_TOE_BYPASS This objective addresses behavior that is out of scope of the Base-PP and does not define an environment that a GPOS TOE is incapable of existing in. OE": 1,
"is not disclosed without authorization. OE.NO_TOE_BYPASS This objective addresses behavior that is out of scope of the Base-PP and does not define an environment that an MDF TOE is incapable of existing in. OE": 1,
"is not disclosed without authorization. OE.NO_TOE_BYPASS This objective addresses behavior that is out of scope of the Base-PP and does not define an environment that is globally applicable to all software": 1,
"out of scope": 4
}
},
"cipher_mode": {
"CBC": {
"CBC": 1
},
"GCM": {
"GCM": 2
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 28,
"IKEv1": 16,
"IKEv2": 15
},
"IPsec": {
"IPsec": 157
},
"SSH": {
"SSH": 9
},
"TLS": {
"DTLS": {
"DTLS": 8
},
"TLS": {
"TLS": 11
}
},
"VPN": {
"VPN": 218
}
},
"crypto_scheme": {
"KEX": {
"Key Exchange": 3
}
},
"device_model": {},
"ecc_curve": {
"Curve": {
"Curve25519": 2
},
"NIST": {
"P-256": 14,
"P-384": 15,
"P-521": 10,
"curve P-384": 1
}
},
"eval_facility": {},
"hash_function": {
"SHA": {
"SHA2": {
"SHA-256": 1,
"SHA-512": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"RNG": {
"RBG": 3
}
},
"side_channel_analysis": {},
"standard_id": {
"CC": {
"CCMB-2012-09-001": 1,
"CCMB-2012-09-002": 1,
"CCMB-2012-09-003": 1
},
"FIPS": {
"FIPS PUB 186-4": 13,
"FIPS PUB 197": 4
},
"NIST": {
"NIST SP 800-38A": 4,
"NIST SP 800-38C": 7,
"NIST SP 800-38D": 5,
"NIST SP 800-38E": 3,
"NIST SP 800-38F": 6,
"NIST SP 800-56A": 3,
"NIST SP 800-57": 4
},
"RFC": {
"RFC 2406": 1,
"RFC 3526": 14,
"RFC 3602": 1,
"RFC 4106": 1,
"RFC 4109": 2,
"RFC 4301": 4,
"RFC 4303": 3,
"RFC 4304": 2,
"RFC 4868": 4,
"RFC 4945": 3,
"RFC 5280": 6,
"RFC 5282": 1,
"RFC 6379": 1,
"RFC 7296": 1,
"RFC 7748": 1,
"RFC 7919": 4,
"RFC 8017": 4,
"RFC 8784": 1,
"RFC8247": 1
},
"X509": {
"X.509": 21,
"x.509": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 10
}
},
"DES": {
"DES": {
"DES": 2
}
},
"constructions": {
"MAC": {
"HMAC": 1
}
}
},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"pp_metadata": {
"/CreationDate": "D:20210112132452-05\u002700\u0027",
"/ModDate": "D:20210112132452-05\u002700\u0027",
"pdf_file_size_bytes": 1605408,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 76
},
"report_filename": "CFG_MDF-VPNC_V1.1_VR.pdf",
"report_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {},
"cc_claims": {
"A": {
"A.CONFIG": 1,
"A.NOTIFY": 1,
"A.NO_TOE_BYPASS": 1,
"A.PHYSICAL": 1,
"A.PRECAUTION": 1,
"A.TRUSTED_CONFIG": 1
},
"O": {
"O.AUTH": 1,
"O.COMMS": 1,
"O.CONFIG": 1,
"O.INTEGRITY": 1,
"O.PRIVACY": 1,
"O.STORAGE": 1
},
"OE": {
"OE.CONFIG": 1,
"OE.NOTIFY": 1,
"OE.NO_TOE_BYPASS": 1,
"OE.PHYSICAL": 1,
"OE.PRECAUTION": 1,
"OE.TRUSTED_CONFIG": 1
},
"T": {
"T.EAVESDROP": 2,
"T.FLAWAPP": 3,
"T.NETWORK": 2,
"T.PERSISTENT": 3,
"T.PHYSICAL": 3,
"T.TSF_CONFIGURATION": 1,
"T.TSF_FAILURE": 1,
"T.UNAUTHORIZED_ACCESS": 1,
"T.UNAUTHORIZED_UPDATE": 1,
"T.USER_DATA_REUSE": 1
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"ACE": {
"ACE_CCL.1": 1,
"ACE_CCO.1": 1,
"ACE_ECD.1": 1,
"ACE_INT.1": 1,
"ACE_MCO.1": 1,
"ACE_OBJ.1": 1,
"ACE_REQ": 1,
"ACE_REQ.1": 1,
"ACE_SPD.1": 1
}
},
"cc_security_level": {},
"cc_sfr": {
"FAU": {
"FAU_GEN": 1,
"FAU_SEL": 1
},
"FCS": {
"FCS_CKM": 2,
"FCS_CKM_EXT": 3
},
"FDP": {
"FDP_IFC_EXT": 1,
"FDP_RIP": 1
},
"FIA": {
"FIA_PSK_EXT": 1
},
"FMT": {
"FMT_SMF": 1
},
"FPT": {
"FPT_TST_EXT": 1
},
"FTP": {
"FTP_ITC": 1
}
},
"certification_process": {
"OutOfScope": {
"access to its storage media. Note: Defending against device re-use after physical compromise is out of scope for this protection profile. 6 Threat Name Threat Definition T.FLAWAPP Applications loaded onto": 1,
"out of scope": 1
}
},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 2
},
"IPsec": {
"IPsec": 7
},
"TLS": {
"DTLS": {
"DTLS": 1
},
"TLS": {
"TLS": 1
}
},
"VPN": {
"VPN": 21
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"Gossamer": {
"Gossamer Security": 4
}
},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"X509": {
"X.509": 1
}
},
"symmetric_crypto": {
"DES": {
"DES": {
"DES": 1
}
}
},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Samsung": {
"Samsung": 19
}
},
"vulnerability": {}
},
"report_metadata": {
"/CreationDate": "D:20211012113416-04\u002700\u0027",
"/ModDate": "D:20211012113416-04\u002700\u0027",
"pdf_file_size_bytes": 478478,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 20
}
},
"state": {
"_type": "sec_certs.sample.protection_profile.ProtectionProfile.InternalState",
"pp": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "48f94bac4ed6b2fcb49e1ea3898e3aa96bdc808aa13a482203380118e2fe0948",
"txt_hash": "c64bb10429907746f069007627ec5f59d38d8f510cd0be55a086122b55bbea51"
},
"report": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "52c0603fd91c836efc7b1d22cd19a9c45a394b79636670a7ea88dd3ab707eef6",
"txt_hash": "e2c3f52eeaae995540d6cbec7659067a6729aa43f8e062bc9b1d8e00256f665e"
}
},
"web_data": {
"_type": "sec_certs.sample.protection_profile.ProtectionProfile.WebData",
"category": "Network and Network-Related Devices and Systems",
"is_collaborative": false,
"maintenances": [],
"name": "PP-Module for VPN Client, Version 2.2",
"not_valid_after": "2021-11-10",
"not_valid_before": "2021-01-05",
"pp_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/mod_vpnc_v2.2.pdf",
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/CFG_MDF-VPNC_V1.1_VR.pdf",
"scheme": "US",
"security_level": {
"_type": "Set",
"elements": [
"EAL1"
]
},
"status": "archived",
"version": "2.2"
}
}