Protection Profile for Mobile Device Management

Protection Profile for Mobile Device Management

Version: 3.0 2016-11-21 National Information Assurance Partnership

1

Revision History

Version Date

1.0

21 October 2013

1.1

7 February 2014

2.0

31 December

2014

3.0

11 November

2016

Comment Initial Release Typographical changes and clarifications to front-matter Separation of MDM Agent SFRs Updated cryptography, protocol, X.509 requirements. Updated management functions to match MDFPPv2.0. Included SSH as a remote administration protocol. Removed IPsec as protocol to communicate to MDM Agent. Added X509 enrollment objective requirement. Added Optional Mobile Application Store requirements. Updates to align with Technical Decisions. Added requirements to support BYOD use case. Removed IPsec and SSH requirements, which are now contained in EPs.

2

Table of Contents

1 Introduction ................................................................................................................... 5 1.1 Overview ...........................................................................................................................5 1.2 Terms ................................................................................................................................5 1.2.1 Common Criteria Terms .......................................................................................................... 5 1.2.2 Technology Terms ................................................................................................................... 6 1.3 Compliant Targets of Evaluation.........................................................................................7 1.3.1 TOE Boundary.......................................................................................................................... 7 1.4 Use Cases ..........................................................................................................................8

2 Conformance Claims ..................................................................................................... 10

3 Security Problem Description........................................................................................ 11 3.1 Threats ............................................................................................................................11 3.2 Assumptions....................................................................................................................11 3.3 Organizational Security Policies........................................................................................12

4 Security Objectives ....................................................................................................... 13 4.1 Security Objectives for the TOE ........................................................................................13 4.2 Security Objectives for the Operational Environment........................................................13

5 Security Requirements.................................................................................................. 14 5.1 Conventions.....................................................................................................................14 5.2 Test Environment for Assurance Activities ........................................................................14 5.3 TOE Security Functional Requirements .............................................................................14 5.3.1 Security Audit (FAU) .............................................................................................................. 14 5.3.2 Identification and Authentication (FIA)................................................................................. 16 5.3.3 Security Management (FMT)................................................................................................. 17 5.3.4 Protection of the TSF (FPT).................................................................................................... 27 5.3.5 Trusted Path/Channels.......................................................................................................... 27 5.4 TOE or Platform Security Functional Requirements ...........................................................28 5.4.1 Security Audit (FAU) .............................................................................................................. 28 5.4.2 Cryptographic Support (FCS) ................................................................................................. 34 5.4.3 Identification and Authentication (FIA)................................................................................. 60 5.4.4 Protection of the TSF (FPT).................................................................................................... 65 5.4.5 Trusted Path/Channels (FTP)................................................................................................. 67

6 Security Assurance Requirements ................................................................................. 72 6.1 Class ASE: Security Target.................................................................................................72 6.2 Class ADV: Development..................................................................................................73 6.2.1 Basic Functional Specification (ADV_FSP.1) .......................................................................... 73 6.3 Class AGD: Guidance Documentation ...............................................................................74 6.3.1 Operational User Guidance (AGD_OPE.1) Developer action elements ................................ 74 6.3.2 Preparative Procedures (AGD_PRE.1) ................................................................................... 76 6.4 Class ALC: Life-cycle Support ............................................................................................77 6.4.1 Labeling of the TOE (ALC_CMC.1) ......................................................................................... 77

3

6.4.2 TOE CM Coverage (ALC_CMS.1) ............................................................................................ 77 6.4.3 Class ATE: Tests ..................................................................................................................... 79 6.4.4 Independent Testing--Conformance (ATE_IND) .................................................................. 79 6.5 Class AVA: Vulnerability Analysis......................................................................................80 6.5.1 Vulnerability Survey (AVA_VAN.1) ........................................................................................ 80

A. Optional Requirements................................................................................................. 82 A.1 Optional TSF Requirements ..............................................................................................82 A.1.1 Security Audit (FAU) .............................................................................................................. 82 A.1.2 Protection of the TSF (FPT).................................................................................................... 83 A.1.3 TOE Access (FTA) ................................................................................................................... 84 A.1.4 Trusted Path/Channels (FTP)................................................................................................. 85 A.2 Optional TOE or Platform Requirements...........................................................................86 A.2.1 Security Audit (FAU) .............................................................................................................. 86 A.2.2 Cryptographic Support (FCS) ................................................................................................. 87 A.3 Optional Requirements to Support MAS Server ................................................................93 A.3.1 Security Audit (FAU) .............................................................................................................. 93 A.3.2 Security Management (FMT)................................................................................................. 96 A.3.3 Trusted Path/Channels (FTP)................................................................................................. 98

B. Selection-Based Requirements ...................................................................................... 101 B.1 Selection-Based TSF Requirements .................................................................................101 B.1.1 Security Audit (FAU) ............................................................................................................ 101 B.1.2 Cryptographic Support ........................................................................................................ 102

C. Objective Requirements ............................................................................................. 112 C.1 Objective TOE Security Functional Requirements............................................................112 C.1.1 Security Audit (FAU) ............................................................................................................ 112 C.1.2 Identification and Authentication (FIA)............................................................................... 113 C.1.3 Security Management (FMT)............................................................................................... 114 C.2 Objective TOE or Platform Security Functional Requirements..........................................115 C.2.1 Cryptographic Support (FCS) ............................................................................................... 115 C.2.2 Identification and Authentication (FIA)............................................................................... 118

D. Entropy Documentation and Assessment .................................................................... 123 D.1 Design Description .........................................................................................................123 D.2 Entropy Justification ......................................................................................................123 D.3 Operating Conditions .....................................................................................................124 D.4 Health Testing................................................................................................................124

E. Use Case Templates .................................................................................................... 125

F. References ................................................................................................................. 127

G. Acronyms...................................................................................................................... 128

4

1 Introduction

1.1 Overview

Mobile device management (MDM) products allow enterprises to apply security policies to mobile devices, such as smartphones and tablets. The purpose of these policies is to establish a security posture adequate to permit mobile devices to process enterprise data and connect to enterprise network resources.

This document provides a baseline set of Security Functional Requirements (SFRs) for an MDM System, which is the Target of Evaluation (TOE). The MDM System is only one component of an enterprise deployment of mobile devices. Other components, such as the mobile device platforms, which enforce the security policies, and network access control servers, are out of scope.

1.2 Terms

The following sections provide both Common Criteria and technology terms used in this PP.

1.2.1 Common Criteria Terms

Common Criteria

Common Criteria for Information Technology Security Evaluation

(CC)

(International Standard ISO/IEC 15408).

Within the context of the Common Criteria Evaluation and Validation

Common Criteria

Scheme (CCEVS), an IT security evaluation facility, accredited by the National

Testing Laboratory Voluntary Laboratory Accreditation Program (NVLAP) and approved by the

NIAP Validation Body to conduct Common Criteria-based evaluations.

Common Evaluation Common Evaluation Methodology for Information Technology Security

Methodology (CEM) Evaluation.

Extended Package An implementation-independent set of security requirements for a specific

(EP)

subset of products described by a PP.

Protection Profile

An implementation-independent set of security requirements for a category

(PP)

of products.

Security Assurance A requirement for how the TOE's proper implementation of the SFRs is

Requirement (SAR) verified by an evaluator.

Security Functional Requirement (SFR)

A requirement for security enforcement by the TOE.

Security Target (ST)

A set of implementation-dependent security requirements for a specific product.

Target of Evaluation (TOE)

The product under evaluation.

TOE Security Functionality (TSF)

The security functionality of the product under evaluation.

TOE Summary Specification (TSS)

A description of how a TOE satisfies the SFRs in an ST.

5

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download