NIAP: Compliant Product
NIAP/CCEVS
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - Apple iOS 9.3.2 with MDM Agent

Certificate Date:  2016.07.18

Validation Report Number:  CCEVS-VR-VID10725-2016

Product Type:    Mobility

Conformance Claim:  Protection Profile Compliant

PP Identifier:    Protection Profile for Mobile Device Fundamentals Version 2.0
  Extended Package for Mobile Device Management Agents Version 2.0

CC Testing Lab:  atsec information security corporation

Maintenance Releases:
CC Certificate [PDF] Security Target [PDF] * Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]


* This is the Security Target (ST) associated with the latest Maintenance Release.  To view previous STs for this TOE, click here.

Product Description

The Target of Evaluation (TOE) is the Apple iOS 9.3.2 operating system that runs on the following iPad and iPhone devices with the underlying hardware platform: iPhone and iPad devices using the A7 processor (iPhone 5s, iPad mini 2, iPad mini 3, iPad Air) or A8/A8X processor (iPhone 6, iPhone 6 Plus, iPad mini 4 (A8), and iPad Air 2 (A8X)).


Evaluated Configuration

The following table lists the devices that are covered by this evaluation.

Device Name

Model Number

Pro-cessor

WiFi

Cellular

Bluetooth

iPhone 5s

A1533 (GSM)

A1533 (CDMA)

A1453

A1457

A1530

A7

802.11/a/b/g/n/ac

802.11/a/b/g/n/ac

802.11/a/b/g/n/ac

802.11/a/b/g/n/ac

802.11/a/b/g/n/ac

See table 2

See table 2

See table 2

See table 2

See table 2

4.0

4.0

4.0

4.0

4.0

iPhone 6 Plus/ iPhone 6

A1549/A1522 (GSM)

A1549/A1522 (CDMA)

A1586/A1524

A8

802.11/a/b/g/n/ac

802.11/a/b/g/n/ac

802.11/a/b/g/n/ac

See table 2

See table 2

See table 2

4.0

4.0

4.0

iPad mini 2

A1489 (WiFi only)

A1490 (WiFi + cellular)

A1491 (WiFi + cellular)

A7

802.11a/b/g/n

802.11a/b/g/n

802.11a/b/g/n

-

See table 2

See table 2

4.0

4.0

4.0

iPad mini 3

A1599 (WiFi only)

A1600 (WiFi + cellular)

A1601 (WiFi + cellular)

A7

802.11a/?b/?g/?n

802.11a/?b/?g/?n

802.11a/?b/?g/?n

-

See table 2

See table 2

4.0

4.0

4.0

iPad mini 4

A1538 (WiFi only)

A1550 (WiFi + cellular)

A8

802.11a/?b/?g/?n

802.11a/?b/?g/?n

-

See table 2

4.2

4.2

iPad Air

A1474 (WiFi only)

A1475 (WiFi + cellular)

A1476 (WiFi + cellular)

A7

802.11a/b/g/n

802.11a/b/g/n

802.11a/b/g/n

-

See table 2

See table 2

4.0

4.0

4.0

iPad Air 2

A1566 (WiFi only)

A1567 (WiFi + cellular)

A8X

802.11a/b/g/n/ac

802.11a/b/g/n/ac

-

See table 2

4.2

4.2

Table 1: Devices Covered by the Evaluation

The following table lists the cellular protocols supported by each model.

Device Name

Model Number

Cellular

iPhone 5s

A1533 (GSM)

UMTS/HSPA+/DC-HSDPA (850, 900, 1700/2100, 1900, 2100 MHz);

GSM/EDGE (850, 900, 1800, 1900 MHz);

LTE (Bands 1, 2, 3, 4, 5, 8, 13, 17, 19, 20, 25)

A1533 (CDMA)

CDMA EV-DO Rev. A and Rev. B (800, 1700/2100, 1900, 2100 MHz);

UMTS/HSPA+/DC-HSDPA (850, 900, 1700/2100, 1900, 2100 MHz);

GSM/EDGE (850, 900, 1800, 1900 MHz);

LTE (Bands 1, 2, 3, 4, 5, 8, 13, 17, 19, 20, 25)

A1453

CDMA EV-DO Rev. A and Rev. B (800, 1700/2100, 1900, 2100 MHz);

UMTS/HSPA+/DC-HSDPA (850, 900, 1700/2100, 1900, 2100 MHz);

GSM/EDGE (850, 900, 1800, 1900 MHz);

LTE (Bands 1, 2, 3, 4, 5, 8, 13, 17, 18, 19, 20, 25, 26)

A1457

UMTS/HSPA+/DC-HSDPA (850, 900, 1900, 2100 MHz);

GSM/EDGE (850, 900, 1800, 1900 MHz);

LTE (Bands 1, 2, 3, 5, 7, 8, 20)

A1530

UMTS/HSPA+/DC-HSDPA (850, 900, 1900, 2100 MHz);

GSM/EDGE (850, 900, 1800, 1900 MHz);

FDD-LTE (Bands 1, 2, 3, 5, 7, 8, 20);

TD-LTE (Bands 38, 39, 40)

iPhone 6 Plus/ iPhone 6

A1549/A1522 (GSM)

UMTS/HSPA+/DC-HSDPA (850, 900, 1700/2100, 1900, 2100 MHz)

GSM/EDGE (850, 900, 1800, 1900 MHz)

LTE (Bands 1, 2, 3, 4, 5, 7, 8, 13, 17, 18, 19, 20, 25, 26, 28, 29)

A1549/A1522 (CDMA)

CDMA EV-DO Rev. A and Rev. B (800, 1700/2100, 1900, 2100 MHz)

UMTS/HSPA+/DC-HSDPA (850, 900, 1700/2100, 1900, 2100 MHz)

GSM/EDGE (850, 900, 1800, 1900 MHz)

LTE (Bands 1, 2, 3, 4, 5, 7, 8, 13, 17, 18, 19, 20, 25, 26, 28, 29)

A1586/A1524

CDMA EV-DO Rev. A and Rev. B (800, 1700/2100, 1900, 2100 MHz)

UMTS/HSPA+/DC-HSDPA (850, 900, 1700/2100, 1900, 2100 MHz)

TD-SCDMA 1900 (F), 2000 (A)

GSM/EDGE (850, 900, 1800, 1900 MHz)

FDD-LTE (Bands 1, 2, 3, 4, 5, 7, 8, 13, 17, 18, 19, 20, 25, 26, 28, 29)

TD-LTE (Bands 38, 39, 40, 41)

iPad mini 2

A1490

UMTS/HSPA/HSPA+/DC-HSDPA (850, 900, 1700/2100, 1900, 2100 MHz);

GSM/EDGE (850, 900, 1800, 1900 MHz)

CDMA EV-DO Rev. A and Rev. B (800, 1900 MHz)

LTE (Bands 1, 2, 3, 4, 5, 7, 8, 13, 17, 18, 19, 20, 25, 26)

A1491

UMTS (WCDMA)/HSPA+/ DC-HSDPA (850, 900, 1900, 2100 MHz),

GSM/EDGE (850, 900, 1800, 1900 MHz),

TD-SCDMA (1900 (F), 2000 (A))

LTE (Bands 1, 2, 3, 5, 7, 8, 18, 19, 20)

TD-LTE (Bands 38, 39)

iPad mini 3

A1600

UMTS/?HSPA/?HSPA+/?DC-HSDPA (850, 900, 1700/2100, 1900, 2100 MHz);

GSM/EDGE (850, 900, 1800, 1900 MHz)

CDMA EV-DO Rev. A and Rev. B (800, 1900 MHz)

LTE (Bands 1, 2, 3, 4, 5, 7, 8, 13, 17, 18, 19, 20, 25, 26)

A1601

UMTS/?HSPA/?HSPA+/?DC-HSDPA (850, 900, 1700/2100, 1900, 2100 MHz);

GSM/EDGE (850, 900, 1800, 1900 MHz)

CDMA EV-DO Rev. A (800, 1900 MHz)

TD-SCDMA (1900 (F), 2000 (A))

LTE (Bands 1, 2, 3, 4, 5, 7, 8, 18, 19, 20)

TD-LTE (Bands 38, 39, 40)

iPad mini 4

A 1550

UMTS/HSPA/HSPA+/DC-HSDPA (850, 900, 1700/2100, 1900, 2100 MHz);

GSM/EDGE (850, 900, 1800, 1900 MHz)

CDMA EV-DO Rev. A and Rev. B (800, 1900 MHz)

LTE (Bands 1, 2, 3, 4, 5, 7, 8, 13, 17, 18, 19, 20, 25, 26, 28, 29, 38, 39, 40, 41)

iPad Air

A1475

UMTS/HSPA/HSPA+/DC-HSDPA (850, 900, 1700/2100, 1900, 2100 MHz);

GSM/EDGE (850, 900, 1800, 1900 MHz)

CDMA EV-DO Rev. A and Rev. B (800, 1900 MHz)

LTE (Bands 1, 2, 3, 4, 5, 7, 8, 13, 17, 18, 19, 20, 25, 26)

A1476

UMTS (WCDMA)/HSPA+/ DC-HSDPA (850, 900, 1900, 2100 MHz),

GSM/EDGE (850, 900, 1800, 1900 MHz), TD-SCDMA (1900 (F), 2000 (A))

LTE (Bands 1, 2, 3, 4, 5, 7, 8, 13, 17, 18, 19, 20, 25, 26)

TD-LTE (Bands 38, 39)

iPad Air 2

A1567

GSM/EDGE (850, 900, 1800, 1900 MHz),

UMTS/HSPA/HSPA+/DC-HSDPA (850, 900, 1700/2100, 1900, 2100 MHz),

CDMA EV-DO Rev. A and Rev. B (800, 1900 MHz),

TD-SCDMA

LTE (Bands 1, 2, 3, 4, 5, 7, 8, 13, 17,18, 19, 20, 25, 26, 28, 29)

TD-LTE (Bands 38, 39, 40,41)

Table 2: Cellular Protocols Supported


Security Evaluation Summary

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process. The criteria against which Apple iOS 9.3.2 with MDM Agent was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1.4. The evaluation methodology used by the evaluation team to conduct the evaluation was the Common Methodology for Information Technology Security Evaluation, Version 3.1.4. The product, when delivered and configured as identified in the iOS 9.3.2 PP MD v2.0 and PP MDM Agent V2.0 Common Criteria Guide document, meets the requirements of the Protection Profile for Mobile Device Fundamentals Version 2.0 and the Extended Package for Mobile Device Management Agents Version 2.0.

The iOS 9.3.2 PP MD v2.0 and PP MDM Agent V2.0 Common Criteria Guide document satisfies all of the security functional requirements stated in the Apple iOS 9.3.2 PP_MD_V2.0 & PP_MDM_AGENT_V2.0 Security Target [ST]. The project underwent CCEVS Validator review. The evaluation was completed in May, 2016. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report number CCEVS-VR-VID10725-2016, prepared by the CCEVS.


Environmental Strengths

Cryptographic Support

The TOE provides cryptographic services for the encryption of data-at rest, for secure communication channels, to protect configuration profiles, and for use by applications.
The TOE provides cryptographic services via two cryptographic modules:
·    The Apple iOS CoreCrypto Kernel Module v6
·    The Apple iOS CoreCrypto Module v6
The iOS CoreCrypto Kernel Module is an iOS kernel extension optimized for library use within the iOS kernel. Once the module is loaded into the iOS kernel its cryptographic functions are made available to iOS Kernel services only.

Identification and Authentication

User identification and authentication is provided by a user defined passphrase where the minimum length of the passphrase, passphrase rules, as well as the maximum number of consecutive failed authentication attempts can be configured by an administrator.
Except for making emergency calls, users need to authenticate using a passphrase. This passphrase can be configured for a minimum length, for dedicated passphrase policies and for a maximum life time. When entered, passphrases are obscured and the frequency of entering passphrases is limited as well as the number of consecutive failed attempts of entering the passphrase. The TOE also enters a locked state after a (configurable) time of user inactivity and the user is required to enter his passphrase to unlock the TOE.

External entities connecting to the TOE via a secure protocol (Extensible Authentication Protocol Transport Layer Security (EAP-TLS), TLS, IPsec) can be authenticated using X.509 certificates.

User Data Protection

User data protection is provided by encrypting the user data, by restricting access by applications and by restricting access until the user has been successfully authenticated.
User data in files is protected using cryptographic functions, ensuring this data remains protected even if the device gets lost or is stolen. Critical data like passphrases used by applications or application defined cryptographic keys can be stored in the key chain, which provides additional protection. Passphrase protection and encryption ensure that data-at-rest remains protected even in the case the device is lost or stolen.
By default, data is protected such that only the application that owns the data can access it.

Security Management

Security functions can be managed either by the user or by an authorized administrator through a Mobile Device Management (MDM) system. Management functions can be performed by the user, by the authorized administrator, or both.
TOE Security Functionality (TSF) Protection

Some of the functions the TOE implements to protect the TSF and TSF data are:
·    Protection of cryptographic keys,
·    Use of memory protection and processor states to separate applications and protect the TSF from unauthorized access to TSF resources,
·    Digital signature protection of the TSF image,
·    Software/firmware integrity self-test upon start-up,
·    Digital signature verification for applications, and
·    Access to defined TSF data and TSF services only when the TOE is unlocked.

TOE Access

The TSF provides functions to lock the TOE upon request and after an administrator-configurable time of inactivity.
Access to the TOE via a wireless network is controlled by user/administrator defined policy.

Trusted Path/Channels

The TOE supports the use of the following cryptographic protocols that define a trusted channel between itself and another trusted IT product: IEEE 802.11-2012; IEEE 802.1X; EAP-TLS; TLS; and IPsec (addressed in a separate evaluation).

Audit

The TOE provides the ability for responses to be sent from the MDM Device Agent to the MDM Server. These responses are configurable by the organization using a scripting language given in the Over-the-Air Profile Delivery and Configuration document.


Vendor Information

Logo
Apple Inc.
Shawn Geddis
(703) 623-9329
geddis@apple.com

http://www.apple.com/
Site Map              Contact Us              Home