TCG. TCG Certification Program. TNC Certification Program Suite. Document Version 1.1 Revision 1 26 September 2011

Similar documents
FOR TCG ACPI Specification

ERRATA FOR. Protection Profile PC Client Specific TPM. Errata Version 1.0 June 16, 2018 DRAFT. Specification Version 1.

ERRATA FOR. TCG TPM I2C Interface Specification. Errata Version 1.0 April 6, Family 2.0 Level 00 Revision 1.

TCG Storage Work Group. Storage Certification Program. Program Version 1.0 Document Revision 1.22 March 16, Contact: Doug Gemmill, TCG CPM T C G

ERRATA FOR. TCG Platform Attribute Credential Profile. Errata Version Published. Specification Version 1.0 Revision January 2018

TCG Compliance TNC IF-MAP Metadata for Network Security Compliance Test Plan

R E F E R E N C E TCG. Trusted Multi-Tenant Infrastructure Work Group. Use Cases. Version 1.1. November 15, 2013

TCG Physical Security Interoperability Alliance IP Video Use Case 002 (PSI-UC-IPV002) Specification Version 1.0 Revision 0.2

SDLC INTELLECTUAL PROPERTY POLICY

TCG Storage Opal SSC Feature Set: PSID. Specification Version 1.00 Revision August 5, Contact:

TCG. TCG Storage Interface Interactions Specification. Specification Version 1.0. January 27, Contacts:

IETF TRUST. Legal Provisions Relating to IETF Documents. Approved November 6, Effective Date: November 10, 2008

TCG Specification TCG. TPM 2.0 Mobile Command Response Buffer Interface. TCG Published. Family 2.0. Level 00 Revision 12.

IETF TRUST. Legal Provisions Relating to IETF Documents. February 12, Effective Date: February 15, 2009

INCLUDING MEDICAL ADVICE DISCLAIMER

Ecma International Policy on Submission, Inclusion and Licensing of Software

Player Loyalty Program Terms & Conditions

Ecma International Policy on Submission, Inclusion and Licensing of Software

TCG Storage Interface Interactions Specification (SIIS) Specification Version 1.02 Revision December, 2011 TCG

Getting Started with MTConnect: Architecture

MERIDIANSOUNDINGBOARD.COM TERMS AND CONDITIONS

TERMS & CONDITIONS. Complied with GDPR rules and regulation CONDITIONS OF USE PROPRIETARY RIGHTS AND ACCEPTABLE USE OF CONTENT

Clean File Metadata Exchange Overview

Compliance Verification Program Governance Guide

TCG Storage Application Note: Encrypting Drives Compliant with Opal SSC

Terms of Use. Changes. General Use.

End User License Agreement

IEEE Electronic Mail Policy

Packet Trace Guide. Packet Trace Guide. Technical Note

Entrust SSL Web Server Certificate Subscription Agreement

LOGO LICENSE AGREEMENT(S) CERTIPORT AND IC³

MyCreditChain Terms of Use

Identity Federation Requirements

OpenFlow Switch Errata

NTLM NTLM. Feature Description

SSC-WG4 Certification Process

PRODUCT SPECIFIC LICENSE TERMS Sybase Enterprise Portal Version 5 Application Edition ( Program )

Funding University Inc. Terms of Service

ECLIPSE FOUNDATION, INC. INDIVIDUAL COMMITTER AGREEMENT

HPE Education Services ESE (East and South Europe) Terms and Conditions

Beta Testing Licence Agreement

Terms Of Use AGREEMENT BETWEEN USER AND DRAKE MODIFICATION OF THESE TERMS OF USE LINKS TO THIRD PARTY WEB SITES USE OF COOKIES

MySonicWall Secure Upgrade Plus

Online Localization Service

Webfont License End User License Agreement (EULA)

Copyrights and Privacy Statement

Oracle Binary Code License Agreement for Java Secure Sockets Extension for Connected Device Configuration 1.0.2

IEEE-SA Conformity Assessment Program for IEEE 1588 in Mobile Networks AUTHORS:

VMware vcenter Log Insight Manager. Deployment Guide

RSA Two Factor Authentication

Migration Tool. Migration Tool (Beta) Technical Note

TCG. TCG Storage Opal SSC: Test Cases Specification. Specification Version 2.01 Revision 2.18 January 30, 2018 Published

Winnebago Industries, Inc. Privacy Policy

MasterCard NFC Mobile Device Approval Guide v July 2015

ISO27001:2013 The New Standard Revised Edition

The Travel Tree Terms and Conditions

Recommendations for LXI systems containing devices supporting different versions of IEEE 1588

KEMP Driver for Red Hat OpenStack. KEMP LBaaS Red Hat OpenStack Driver. Installation Guide

Mobile Banking and Mobile Deposit Terms & Conditions

License, Rules, and Application Form

PRODUCT SPECIFIC LICENSE TERMS Sybase Enterprise Portal Version 5 Enterprise Edition ( Program )

Upgrading MYOB BankLink Notes (desktop)

TCG Physical Presence Interface Specification

Hitachi ID Identity and Access Management Suite TRIAL USE LICENSE AGREEMENT. between

Intel Stress Bitstreams and Encoder (Intel SBE) 2017 AVS2 Release Notes (Version 2.3)

Intel Cluster Ready Allowed Hardware Variances

TERMS OF SERVICE AGREEMENT

The Open Group Certification for People. Training Course Accreditation Policy

Splunk. Splunk. Deployment Guide

CERTIFIED MAIL LABELS TERMS OF USE and PRIVACY POLICY Agreement

Moodle. Moodle. Deployment Guide

Terms of Use for companies accessing MyStay Product Database via MyStay API

LoadMaster VMware Horizon (with View) 6. Deployment Guide

Mile Terms of Use. Effective Date: February, Version 1.1 Feb 2018 [ Mile ] Mileico.com

CA File Master Plus. Release Notes. Version

Adobe Connect. Adobe Connect. Deployment Guide

TERMS OF SERVICE. Maui Lash Extensions All Rights Reserved.

Oracle Technology Network Developer License Terms for Java Card Classic Edition and Java Card Connected Edition Software Development Kits

QPP Proprietary Profile Guide

Open Source Used In Cisco Configuration Professional for Catalyst 1.0

Specification for TRAN Layer Services

NOOTRY TERMS OF SERVICE

BCDC 2E, 2012 (On-line Bidding Document for Stipulated Price Bidding)

CALSTRS ONLINE AGREEMENT TERMS AND CONDITIONS

Epic. Epic Systems. Deployment Guide

IT Security Evaluation and Certification Scheme Document

Nero Digital Branding Guidelines

SPListX for SharePoint Installation Guide

TMDD Standard v03.03c Errata

Network-MIDI Driver Installation Guide

Apple Inc. Certification Authority Certification Practice Statement

Phase I CAQH CORE 102: Eligibility and Benefits Certification Policy version March 2011

Z.com Hosting Service Order

Bar Code Discovery. Administrator's Guide

SWOP Specifications for Web Offset Publications Edition 10.0 Errata

PRIVATE MOBILE CONNECTION (formerly COMMERCIAL CONNECTIVITY SERVICE (CCS)) CUSTOM APN ATTACHMENT

Non-Profit Corporation Annual Return Guide

Hyper-V - Windows 2012 and 8. Virtual LoadMaster for Microsoft Hyper-V on Windows Server 2012, 2012 R2 and Windows 8. Installation Guide

HTNG Web Services Product Specification. Version 2014A

DME-N Network Driver Installation Guide for M7CL

Transcription:

TCG Certification Program TNC Certification Program Suite Document Version 1.1 Revision 1 26 September 2011 Contact: admin@trustedcomputinggroup.org TCG TCG PUBLISHED Copyright TCG 2009-2011

Copyright 2009-2011 Trusted Computing Group, Incorporated. Disclaimers, Notices, and License Terms THIS SPECIFICATION IS PROVIDED "AS IS" WITH NO WARRANTIES WHATSOEVER, INCLUDING ANY WARRANTY OF MERCHANTABILITY, NONINFRINGEMENT, FITNESS FOR ANY PARTICULAR PURPOSE, OR ANY WARRANTY OTHERWISE ARISING OUT OF ANY PROPOSAL, SPECIFICATION OR SAMPLE. Without limitation, TCG disclaims all liability, including liability for infringement of any proprietary rights, relating to use of information in this specification and to the implementation of this specification, and TCG disclaims all liability for cost of procurement of substitute goods or services, lost profits, loss of use, loss of data or any incidental, consequential, direct, indirect, or special damages, whether under contract, tort, warranty or otherwise, arising in any way out of use or reliance upon this specification or any information herein. This document is copyrighted by Trusted Computing Group (TCG), and no license, express or implied, is granted herein other than as follows: You may not copy or reproduce the document or distribute it to others without written permission from TCG, except that you may freely do so for the purposes of (a) examining or implementing TCG specifications or (b) developing, testing, or promoting information technology standards and best practices, so long as you distribute the document with these disclaimers, notices, and license terms. Contact the Trusted Computing Group at www.trustedcomputinggroup.org for information on specification licensing through membership agreements. Any marks and brands contained herein are the property of their respective owner.

Acknowledgements The TCG wishes to thank all those who contributed to this specification. Steve Hanna (TNC-WG co-chair) Juniper Networks, Inc. iii

Table of Contents 1 Introduction... 5 2 Certification Principles... 6 2.1 Product Definition and Certification Requirements... 6 2.2 Revision of Compliance Requirements... 6 3 Fees... 7 4 Availability of Supporting Materials... 8 5 Evidence... 9 5.1 Compliance... 9 5.1.1 Compliance Test Suite logs... 9 5.1.2 Dispute resolution... 9 5.2 Interoperability Performance... 9 6 How to apply... 10 iv

1 Introduction This document describes the TCG Certification Program for products that implement one or more of the following TNC specifications: IF-IMC Version 1.1 Revision 5, IF-IMV Version 1.1 Revision 5, IF- PEP for RADIUS Version 1.0 Revision 2, IF-MAP Version 2.0 Revision 46, and IF-MAP Metadata for Network Security 1.0 Revision 25. The TNC Certification Program is required to comply with TCG s certification requirements, stated in the document TCG Certification Framework revision 0.9. In the context of this document, the term Sponsor means an entity that submits a given product for TNC Certification. The TNC Certification Program is comprised of two components: a Compliance component and an Interoperability component. A Sponsor must demonstrate adherence to both the defined Compliance component and the Interoperability component in order to meet the requirement for certification. A self-testing approach is used to verify compliance with the requirements stated in the specifications for IF-IMV, IF-IMC, IF-PEP, IF-MAP, and IF-MAP Metadata for Network Security. TCG provides automated test suites for verifying compliance. Sponsors run these test suites against their products, submitting the results of the tests to TCG as proof of meeting the Compliance requirements for certification. Interoperability is proven at a TNC Plugfest event. These events are held up to two times per year and are coordinated by the Compliance TNC Sub Group. They are funded by the attendees. As described in the Interoperability Test Plans for IF-IMC, IF-IMV, IF-PEP, IF-MAP, and IF-MAP Metadata for Network Security, a product brought to a particular TNC Plugfest event must successfully complete all required interoperability tests with all other implementations present at this Plugfest and expected to interoperate with the implementation. Before bringing an implementation to a TNC Plugfest, the sponsor is required to run the automated compliance tests relevant to the interfaces for which interoperability is to be tested against that implementation. The sponsor must document which components of their implementation pass and which do not, and that information must be shared with the other participants in the Plugfest. Sponsors may bring components that do not pass the automated compliance test to the Plugfest; however such experimental components cannot be certified based on any testing done at the Plugfest. There is no requirement for other participants to test against experimental components, although such testing may be done at the discretion of the participant. 5

2 Certification Principles TCG Administration will maintain a simple list of TNC products that have paid the certification fee and have successfully completed both the Compliance and Interoperability portions of certification as specified in this document. Vendor products that successfully meet the requirements of this certification program will be awarded recognition and be listed on the TNC Certified Product List on the TCG website. 2.1 Product Definition and Certification Requirements TCG will keep a list of active TNC certification programs: IF-PEP for RADIUS 1.0, IF-IMC 1.1, etc. When a TNC specification becomes old and obsolete, it will be removed from the list of active TNC certification programs by a vote of the CPC, based on a recommendation from the CTNC-SG or TNC-WG. There may be times when multiple versions of a particular specification have an active TNC certification program, e.g. during a transitional period. New certification applications will only be accepted for programs that are on the list of active TNC certification programs at the time of application. For each active TNC certification program, a current Compliance Test Suite version will be listed. When a Compliance Test Suite is revised, the current version number for that Compliance Test Suite will be updated on the list. Sponsors must use the Compliance Test Suite version that is current for the relevant program at the time of application. Once issued, a certification will remain valid indefinitely, even if the test suite for that program is revised after the certification was issued. However, a warning may be posted on the TCG web site if a bad bug in a particular version of a test suite calls into question the validity of results from that version. 2.2 Revision of Compliance Requirements There are three cases under which TCG may upgrade a TNC Compliance Test Suite: 1. To address a coverage issue with the Compliance Test Suite, 2. To address an implementation issue with the Compliance Test Suite, 3. To address a minor specification update. Certification applicants that discover issues with a TNC Compliance Test Suite may document them in the appropriate issue reporting form and send it by email to certification@trustedcomputinggroup.org. 6

3 Fees Application for TNC certification will cost $5,000 per interface tested, with a maximum of $10,000 per product per year (starting with the date of payment). This fee covers the filing and processing of evidence of Interoperability and compliance with the TCG. Additionally, vendors will be responsible for the cost of participating at the TNC Plugfest Events coordinated by the Compliance TNC Subgroup. This cost will vary by event. 7

4 Availability of Supporting Materials The compliance test suites and associated test plan are available to TCG members at https://members.trustedcomputinggroup.org/kws/member_resources/tnccertificationprogram/. 8

5 Evidence Each product s sponsor must maintain any material necessary (i.e., resulting test logs, etc.) to demonstrate that their product meets this Certification Program s requirements. Each sponsor must provide those materials to interested parties upon request. The sponsor must retain logs for each previously certified product. 5.1 Compliance Each product s Sponsor shall execute the Compliance test suite(s) described below and maintain logs produced by the test suites. The Sponsor shall not claim successful completion of the Compliance portion of this Certification unless the Compliance test suite indicates a pass status. 5.1.1 Compliance Test Suite logs The Compliance test Suite produces a log comprising descriptive information gathered automatically by the test suite, descriptive information entered by a person during execution of the compliance test suite, plus test results. The log forms part of the certification evidence that must be provided to TCG. The test suites results are summarized in a human readable format at the start of the log. 5.1.2 Dispute resolution In the event a target product does not pass the Compliance Test Suite, the product s Sponsor may claim their implementation is a reasonable interpretation of the specification. The product s Sponsor must prepare a request for a Waiver which must be submitted to and evaluated by the Certification Program Committee (CPC). A waiver must satisfy the following criteria: 1. Does not expose any secrets 2. Does not present a security issue 3. Does not present a compatibility issue The product s Sponsor must submit a request to the CPC, to be considered for approval. A waiver may lead to a change in the specification. If the product s Sponsor believes the Compliance test failure is the result of an implementation issue with the Compliance Test Suite, the Sponsor must submit a proposal to the Certification Program Committee with their analysis and recommendation for a change. If a Compliance test failure is deemed by the CPC to be an error in the implementation of a product, the corresponding request for waiver will be rejected and the product will not be recognized as compliant. 5.2 Interoperability Performance Interoperability Performance is tested at the TNC Plugfest events. These events are held up to two times per year and are coordinated by the Compliance TNC Sub Group and are funded by the attendees. Results, including pass and fail from the TNC Plugfest events are collected by a neutral third party and reported to the Certification Program Manager (CPM). The CPM will hold all results in anticipation of certification applications. For information specific to the testing and data collection that occurs at the Plugfest please review the Compliance TNC Interoperability Test Plan. For dates and registration information for upcoming approved TNC Plugfest events please visit www.trustedcomputinggroup.org/certification 9

6 How to apply In order to submit a product to this TNC Certification Program, please contact certification@trustedcomputinggroup.org. 10

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback