O.ACCOUNTABILITY
The TOE must provide logging facilities which record management actions undertaken by its administrators.
|
FAU_ALT_EXT.2
|
The PP-Module includes FAU_ALT_EXT.2 to support this objective by requiring the TSF to generate alerts back to an MDM Server when security-relevant events occur.
|
FAU_GEN.1(2)
|
The PP-Module includes FAU_GEN.1(2) to support this objective by defining the security-relevant events for which the TSF must generate audit records.
|
FAU_SEL.1(2)
|
The PP-Module includes FAU_SEL.1(2) to support this objective by defining how the set of audited events can be configured.
|
FAU_STG_EXT.3 (objective)
|
The PP-Module includes FAU_STG_EXT.3 to support this objective by optionally requiring the TSF to use platform-provided storage for the security-relevant audit data it generates.
|
O.APPLY_POLICY
The TOE must facilitate configuration and enforcement of enterprise security policies on mobile devices via interaction with the mobile OS and the MDM Server. This will include the initial enrollment of the device into management through its entire lifecycle, including policy updates and its possible unenrollment from management services.
|
FIA_ENR_EXT.2
|
The PP-Module includes FIA_ENR_EXT.2 to support this objective by requiring the TSF to identify the MDM Server so that the authenticity of policy updates can be determined.
|
FMT_POL_EXT.2
|
The PP-Module includes FMT_POL_EXT.2 to support this objective by requiring the TSF to only accept policy data that can prove its authenticity with a digital certificate.
|
FMT_SMF_EXT.4
|
The PP-Module includes FMT_SMF_EXT.4 to support this objective by defining the management functions the TSF must implement to support its own configuration.
|
FMT_UNR_EXT.1
|
The PP-Module includes FMT_UNR_EXT.1 to support this objective by preventing a user-directed unenrollment operation that would allow for MDM policies to be ignored.
|
FPT_NET_EXT.1 (objective)
|
The PP-Module includes FPT_NET_EXT.1 to support this objective by optionally requiring the TSF to detect when a sustained communications outage with the MDM Server has occurred to indicate that the TSF may be deprived of updated policy data.
|
O.DATA_PROTECTION_TRANSIT
Data exchanged between the MDM Server and the MDM Agent must be protected from being monitored, accessed, or altered.
|
FCS_DTLSC_EXT.1 (from TLS Package)
|
The PP-Module includes FCS_DTLSC_EXT.1 from the TLS package by reference to support this objective because DTLS is one of the protocols the PP-Module allows to protect data in transit.
|
FCS_DTLSS_EXT.1 (from TLS Package)
|
The PP-Module includes FCS_DTLSS_EXT.1 from the TLS package by reference to support this objective because DTLS is one of the protocols the PP-Module allows to protect data in transit.
|
FCS_TLS_EXT.1 (from TLS Package)
|
The PP-Module includes FCS_TLS_EXT.1 from the TLS package by reference to support this objective because it is mandatory to claim when the TLS Package applies so that the TSF’s usage of TLS is clearly defined.
|
FCS_TLSC_EXT.1 (from TLS Package)
|
The PP-Module includes FCS_TLSC_EXT.1 from the TLS package by reference to support this objective because TLS is one of the protocols the PP-Module allows to protect data in transit.
|
FCS_TLSC_EXT.2 (from TLS Package)
|
The PP-Module includes FCS_TLSC_EXT.2 from the TLS package by reference to support this objective because it requires TLS to be mutually-authenticated if claimed.
|
FCS_TLSS_EXT.1 (from TLS Package)
|
The PP-Module includes FCS_TLSS_EXT.1 from the TLS package by reference to support this objective because TLS is one of the protocols the PP-Module allows to protect data in transit.
|
FCS_TLSS_EXT.2 (from TLS Package)
|
The PP-Module includes FCS_TLSS_EXT.2 from the TLS package by reference to support this objective because it requires TLS to be mutually-authenticated if claimed.
|
FTP_ITC_EXT.1(2) (if MDF is Base-PP)
|
The PP-Module includes FTP_ITC_EXT.1(2) to support this objective because when the TOE is a mobile device, it must be required to ensure that MDM Server communications are protected.
|
FTP_TRP.1(2) (if MDF is Base-PP)
|
The PP-Module includes FTP_ITC_EXT.1(2) to support this objective because when the TOE is a mobile device, it must be required to ensure that MDM Server enrollment communications are protected.
|
FPT_ITT.1(2) (from MDM Base-PP)
|
This SFR is selection-based in the MDM PP but is required when the TOE includes this PP-Module because it is triggered by the MDM Agent being part of the TOE. This SFR supports the objective by defining the trusted channel the TSF must use to secure connectivity between the MDM Server and MDM Agent components of the distributed TOE.
|
FPT_NET_EXT.1 (objective)
|
The PP-Module includes FPT_NET_EXT.1 to support this objective by optionally requiring the TSF to detect when a sustained communications outage with the MDM Server has occurred as a possible indicator of communications issues.
|
O.STORAGE
To address the issue of loss of confidentiality of user data in the event of loss of a mobile device (T.PHYSICAL), conformant TOEs will use platform provide key storage. The TOE is expected to protect its persistent secrets and private keys.
|
FCS_STG_EXT.4 (if MDF is Base-PP)
|
The PP-Module includes FCS_STG_EXT.4 to support this objective because when the TOE is a mobile device, it must be required to ensure that MDM Agent key data is stored securely.
|
FCS_STG_EXT.1(2) (if MDM is Base-PP)
|
The PP-Module includes FCS_STG_EXT.1(2) to support this objective because when the TOE is a MDM Server with MDM Agent capability, it must be required to ensure that MDM Agent key data is stored securely.
|