NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0370:  Management Function Update

Publication Date
2018.11.16

Protection Profiles
PP_MDM_V3.0

Other References
FMT_SMF.1.1(2)

Issue Description

There is no mechanism for vendors to include additional management functions supported.

Resolution

FMT_SMF.1.1(2) is replaced as follows (changes in bold font):

FMT_SMF.1.1(2) The MDM Server shall be capable of performing the following management functions:

a. choose X.509v3 certificates for MDM Server use

b. configure the [selection: devices specified by [selection: IMEI, [assignment: a unique device ID]], specific device models, a number of devices, specific time period] and [selection: [assignment: other features], no other features] allowed for enrollment,

[selection:

    c. allow the administrator to choose whether to accept the certificate when connection cannot be made to establish validity,

    d. configure the TOE unlock banner,

    e. configure periodicity of the following commands to the agent: [assignment: list of commands],

    f. configure the privacy-sensitive information that will and will not be collected from particular mobile devices,

    g. configure the length of time the enrollment authenticator is valid,

    h. [assignment: other management functions]

    i. no other management functions].

Justification

Inclusion of an assignment allows vendors to claim additional management functions.

 
 
Site Map              Contact Us              Home