NIAP: Compliant Product
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - Samsung SDS EMM v1.5.1

Certificate Date:  2016.12.29

Validation Report Number:  CCEVS-VR-VID10751-2016

Product Type:    Mobility

Conformance Claim:  Protection Profile Compliant

PP Identifier:    Extended Package for Mobile Device Management Agents Version 2.0
  Protection Profile for Mobile Device Management Version 2.0

CC Testing Lab:  Gossamer Security Solutions

Maintenance Release:
CC Certificate [PDF] Security Target [PDF] * Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]

Administrative Guide [PDF]

* This is the Security Target (ST) associated with the latest Maintenance Release.  To view previous STs for this TOE, click here.

Product Description

Samsung SDS offers the EMM Server as a software installation for Java 1.8 and Tomcat 7.0 running on the Microsoft Windows Server 2012 or Windows Server 2012 R2 operating system.  Once installed, the EMM Server allows administrators to configure policies for devices.  Administrators connect securely to the EMM Server using a web browser (whether local to the Server itself or remote) and through the EMM Server’s web interface can enroll, audit, lock, unlock, manage, and set policies for enrolled mobile devices.  The EMM Server includes the RSA Crypto-J 6.2 cryptographic module as part of its software, and the EMM Server’s Microsoft Windows platform includes SQL server 2008-2014 and a Microsoft CA certificate authority.

Samsung SDS provides the EMM Agent software for evaluated Samsung mobile devices and for evaluated Apple mobile devices.  The Agent software, once installed and enrolled with the EMM Server, will apply and enforce administrator configured policies communicated through the EMM to the Agent software.

Evaluated Configuration

The evaluated configuration consists of a collection of server components (MDM server) and mobile device applications (MDM agent) as follows:

1)  The EMM Server (version 1.5.1) installed upon the Microsoft Windows 2012 R2 operating system with Oracle JRE 1.8, Microsoft SQL Server 2014, and Microsoft’s Certificate Authority (CA).
2)  The EMM Client version 1.5.1 APKs (EMM Agent, PushAgent, and EMM Agent Resource) installed upon a Samsung Galaxy Note 4, S6, and S7 running Android 6.0.1.
3)  The EMM Client version 1.5.1 application installed upon an iPhone 5s.

Security Evaluation Summary

The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) requirements and guidance. The evaluation demonstrated that the TOE meets the security requirements contained in the Security Target.  The criteria against which the TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 4, September 2012. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Evaluation Methodology, Version 3.1, Revision 4, July 2012.  Gossamer Security Solutions determined that the evaluation assurance level (EAL) for the TOE is EAL 1.  The product, when delivered and configured as identified in the Samsung SDS EMM Administrator’s Guide, Version 1.5.1, December 2016 document, satisfies all of the security functional requirements stated in the Samsung SDS EMM (MDMPP20/MDMAEP20) Security Target, Version 0.4, December 22, 2016.  The project underwent CCEVS Validator review.  The evaluation was completed in December 2016.  Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report (report number CCEVS-VR-VID10751-2016) prepared by CCEVS.


Environmental Strengths

The logical boundaries of the Samsung SDS EMM are realized in the security functions that it implements. Each of these security functions is summarized below.

Security Audit: The EMM Server can generate and store audit records for security-relevant events as they occur.  These events are stored and protected by the EMM Server and can be reviewed by an authorized administrator. The EMM Server can be configured to export the audit records either in CSV (comma separated values) from the console through its HTTPS interface, or in file-based format accessible through RDP to the EMM Server’s platform.  In both cases, the EMM Server protects the exported audit records using TLS (as part of HTTPS and RDP). The EMM Server also supports the ability to query information about MDM agents and export MDM configuration information.

The EMM Agent includes the ability to indicate (i.e., respond) to the EMM Server when it has been enrolled and when it applies policies successfully.  The EMM Server can be configured to alert an administrator based on its configuration. For example, it can be configured to alert the administrator when a policy update fails or an MDM Agent has been enrolled.

Cryptographic support: The EMM Server and EMM Agent both include and have access to cryptographic modules with Cryptographic Algorithm Validation Program (CAVP) certified algorithms for a wide range of cryptographic functions including: asymmetric key generation and establishment, encryption/decryption, and cryptographic hashing and keyed-hash message authentication. These functions are supported with suitable random bit generation, initialization vector generation, secure key storage, and key and protected data destruction.

The primitive cryptographic functions are used to implement security communication protocols (TLS and HTTPS) used for communication between the Server and Agent and between the Server and remote administrators.

Identification and authentication: The EMM Server authenticates mobile device users (MD users) and administrators prior to allowing those operators to perform any functions.  This includes MD users enrolling their device with the EMM Server using the EMM Agent as well as an administrator logging on to manage the EMM Server configuration, MDM policies for mobile devices, etc.

In addition, both the EMM Server and Agent utilize X.509 certificates, including certificate validation checking, in conjunction with TLS to secure communications between the EMM Server and EMM Agents as well as between the EMM Server and administrators using a web-based user interface for remote administrative access.

Security management: The EMM Server is designed with two distinct user roles: administrator and mobile device user (MD user).  The former interacts directly with the EMM Server through HTTPS (using a browser) while the latter is the user of a mobile device with the EMM Agent installed.

The EMM Server provides all the function necessary to manage its own security functions as well as to manage mobile device policies that are sent to EMM Agents.  In addition, the EMM Server ensures that security management functions are limited to authorized administrators while allowing MD users to perform only necessary functions such as enrolling with the EMM Server.

The EMM Agents provide the functions necessary to securely communicate and enroll with the EMM Server, apply policies received from the EMM Server, and report the results of applying policies.

Protection of the TSF: The EMM Server and Agent work together to ensure that all security related communication between those components is protected from disclosure and modification.

Both the EMM Server and Agent include self-testing capabilities to ensure that they are functioning properly as well as to cryptographically verify that their executable images have not been corrupted.

The EMM Server also includes mechanisms (i.e., verification of the digital signature of each new image) so that the TOE itself can be updated while ensuring that the updates will not introduce malicious or other unexpected changes in the TOE.

TOE access: The MDM Server has the capability to display an advisory banner when users attempt to login in order to manage the TOE.

Trusted path/channels: The EMM Server uses TLS/HTTPS to secure communication channels between itself and remote administrators accessing the Server via a web-based user interface.

It also uses TLS to secure communication channels between itself and mobile device users (MD users). In this latter case, the protected communication channel is established between the EMM Server and EMM Agent.

Vendor Information

Samsung SDS Co., LTD
Heesung Kim
Site Map              Contact Us              Home