Validated Product - Tenix Interactive Link Data Diode Device Version 2.1Certificate Date: 30 August 2005 Validation Report Number: CCEVS-VR-05-0119 Product Type: Multiple Domain Solution Conformance Claim: EAL7 Augmented with AVA_CCA.3 PP Identifiers: None CC Testing Lab: COACT Inc. CAFE Laboratory
Maintenance Release: PRODUCT DESCRIPTIONThe Interactive Link Data Diode Device (IL-DDD) allows information to flow through the device in a single direction from the input to the output. The IL-DDD provides an EAL7-level of assurance that data is passed only from the input port to the output port, and no data or signaling of any kind passes in the opposite direction. Other (non-evaluated) components can be used in combination with the IL-DDD to implement such functionality as email transfer, file transfer and lower classified clipboard information to flow to the higher classified environment and to be pasted into higher classified applications. The IL-DDD data transfer is implemented in hardware at the physical layer of the OSI reference model. It has been implemented using a purpose built fibre transmitter and receiver, constructed from discrete components. This approach has been adopted to minimise the emanation and the TEMPEST security threat. There are no “back channels”, for communication hand shaking, which could be used as a covert channel. Any network protocol could be used to implement the transfer if no hand shaking across the IL-DDD is required. The User Datagram Protocol (UDP) is an example of an acceptable protocol that can accommodate a unidirectional flow of information. The IL-DDD is a trusted platform providing a unidirectional data path from the low side network to the high side network. Key features include:
SECURITY EVALUATION SUMMARYThe evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The evaluation demonstrated that the Tenix Interactive Link TOE meets the security requirements contained in the Security Target. The criteria against which the Tenix Interactive Link TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.1. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 1.0, supplemented by CCEVS-approved methodology for components above EAL 4. The COACT, Inc. CAFE Lab and the National Security Agency (NSA) determined that the evaluation assurance level (EAL) for the Tenix Interactive Link TOE is EAL 7 augmented with AVA_CCA.3. The TOE, configured as specified in the installation guide, satisfies all of the security functional requirements stated in the Security Target. ENVIRONMENTAL STRENGTHSThe Data Diode Device is delivered as ready-to-use hardware units. The Data Diode Device requires no configuration beyond connection of cables to other hardware components in the IT Environment. The IL-DDD is not concerned with the information flowing from its input to its output therefore it does not assess any security attributes of the data. The primary concern is to ensure that the device is installed with the source at the input and the destination at the output. Vendor Information
BAE SYSTEMS DATAGATE (formerly Tenix Datagate) Ken Kellstrom 703-647-2680 Ken.Kellstrom@BAEsystems.com |
![[X]](/assets/images/button_close.gif){kind=small}
![[PDF]](http://www.niap-ccevs.org:80/assets/images/icon_pdf.gif){kind=icon}