NIAP: Archived U.S. Government Approved Protection Profile - Protection Profile for Mobile Device Management Version 1.1

NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
Questions?  We're here to help
  NIAP  »»  Protection Profiles  »»  Archived PPs  »»  Details  
Archived U.S. Government Approved Protection Profile - Protection Profile for Mobile Device Management Version 1.1

Short Name: pp_mdm_v1.1

Technology Type: Mobility

CC Version: 3.1

Date: 2014.03.07

Transition End Date: 2015.06.30

Preceded By: pp_mdm_v1.0

Sunset Date: 2015.06.30 [Sunset Icon]

Conformance Claim: None

Protection Profile [PDF]

DoD Annex [PDF]



Mobile device management (MDM) products allow enterprises to apply security policies to mobile devices, such as smartphones and tablets. The purpose of these policies is to establish a security posture adequate to permit mobile devices to process enterprise data and connect to enterprise network resources.

This document provides a baseline set of Security Functional Requirements (SFRs) for an MDM system, which is the Target of Evaluation (TOE).  The MDM system is only one component of an enterprise deployment of mobile devices.  Other components, such as the mobile device platforms which enforce the security policies, and servers which host mobile application repositories, are out of scope.


The Mobile Device Management (MDM) system consists of two primary components: the MDM Server software and the MDM Agent. The MDM is considered the full collection of these parts, as they must act in concert. This situation necessitates a joint submission for evaluation of all components, regardless of vendor.

The MDM operational environment consists of the mobile device on which the MDM Agent resides, the platform on which the MDM Server runs, and an untrusted wireless network over which they communicate, as pictured below.

The MDM Agent is installed on a mobile device as an application or is part of the mobile device’s operating system (OS). The MDM Agent establishes a secure connection back to the MDM Server controlled by an enterprise administrator. The MDM Agent must closely interact with or be part of the mobile device’s platform to establish policies and receive queries about device status. The mobile device, in turn, has its own security requirements specified in the Protection Profile for Mobile Device Fundamentals against which the mobile device must be evaluated either concurrently with or before the MDM evaluation.

The MDM Server is an application on a general-purpose platform or on a network device, executing in a trusted network environment.  The MDM server provides administration of the mobile device policies and reporting on mobile device behavior. The MDM Server is responsible for managing device enrollment, configuring and sending policies to the MDM Agents, collecting reports on device status, and sending commands to the Agents. The platform on which the MDM Server software runs is either a general purpose platform or a network device, as specified in the General-Purpose Operating System Protection Profile or the Protection Profile for Network Devices, respectively.

This U.S. Government Approved Protection Profile is not assigned to any Validated Products

Archived Related Technical Decisions

Please forward any Protection Profile specific comments to the applicable Technical Rapid Response Team (TRRT).

Please forward any general questions to our Q&A tool.

Site Map              Contact Us              Home