|PRODUCT NAME AND VERSION
Biocryptodisk Encryptor Model SD302 (Ver5.11 -3.03), SD302CR(Ver5.11 -5.03), ST302(Ver5.11 -1.00), and ST302B(Ver5.11 -1.00) with Remote Token Management System v1.00)
USB portable hardware cryptographic module
|PRODUCT SPONSOR / DEVELOPER
Biocryptodisk Sdn Bhd
PRODUCT SPONSOR / DEVELOPER CONTACT DETAILS
Lee Kong Pheng
27B, Jalan Sutera Tanjung 8/3,
Taman Sutera Utama,
81300 Skudai, Johor
Biocryptodisk Encryptor is a USB portable hardware cryptographic module which consists of on-the-fly AES 256-bit hardware en-/decryption engine on board and capable to en-/decrypting the files from any computer detected storage such as USB external drive,network attached drive and virtual drives.
The TOE scope of evaluation covers various major security functions described as below:
- Audit - The TOE (Biocryptodisk Encryptor) is designed to minimize threats to an organization by providing secure management and reporting capabilities.
- Cryptographic Support – TOE has cryptographic support module that can generate the keypair generation by using ECIES with 256-bits/384-bits key sizes; generate key for Digital Signature by using ECDSA with 256-bits/384-bits, and generate key using Random Number Generation (RNG) with 256-bits key sizes.
- User Data Protection - TOE has an access control policy that covers all authorized users access to perform all operations such as Token Management, Token Enrolment, Administrator Management, etc.
- Identification and Authentication – TOE allows an authorized user to access the encrypted drive and cryptographic services; and access RTM System to connect with SQL server by entering the valid username and password.
- Management –TOE has two roles defined in the Access Control Policy which is administrator and user. The Access Control Policy implements restrictive default values at the initial TOE start up or TOE initial execution.
- Testing - TOE enforces Testing module for self-tests during the start-up of Encryptor and preserve secure state on several failure events in order to maintain the integrity of the data and protect from any modification.
- Trusted Path - TOE enforces USB communication session between RTM System and Encryptor under Trusted Path module which is protected by P256 ECIES and AES-256 session key.