NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems

Short Name: pp_md_v3.1

Technology Type: Mobility

CC Version: 3.1

Date: 2017.06.16

Transition End Date: 2017.07.16

Preceded By: pp_md_v3.0

Succeeded By: pp_mdf_v3.2

Sunset Date: 2021.10.15

Conformance Claim: None

Protection Profile 

DoD Annex 

Control Mapping 

PP OVERVIEW

This assurance standard specifies information security requirements for Mobile Devices for use in an enterprise. A Mobile Device in the context of this assurance standard is a device, which is composed of a hardware platform and its system software. The device typically provides wireless connectivity and may include software for functions like secure messaging, email, web, VPN connection, and VoIP (Voice over IP), for access to the protected enterprise network, enterprise data and applications, and for communicating to other Mobile Devices.

Examples of a “Mobile Device” that should claim conformance to this Protection Profile include smartphones, tablet computers, and other Mobile Devices with similar capabilities.

The Mobile Device provides essential services, such as cryptographic services, data-at-rest protection, and key storage services to support the secure operation of applications on the device. Additional security features such as security policy enforcement, application mandatory access control, anti-exploitation features, user authentication, and software integrity protection are implemented in order to address threats.

This assurance standard describes these essential security services provided by the Mobile Device and serves as a foundation for a secure mobile architecture. The wireless connectivity shall be validated against the Extended Package for WLAN Client. It is expected that a typical deployment would also include either third-party or bundled components. Whether these components are bundled as part of the Mobile Device by the manufacturer or developed by a third-party, they must be separately validated against the related assurance standards such as the Extended Package for Mobile Device Management Agents, Extended Package for IPsec VPN Client, and VoIP Application Extended Package. It is the responsibility of the architect of the overall secure mobile architecture to ensure validation of these components. Additional applications that may come pre-installed on the Mobile Device that are not validated are considered to be potentially flawed, but not malicious. Examples include email client and web browser.      

Assigned to the following Validated Products

• VID11229 – Motorola Lex L11 on Android 11
• VID11232 – Zebra Devices on Android 11
• VID11239 – Google Pixel Phones on Android 12.0
• VID11259 – Microsoft Corporation Surface Duo 2 on Android 11

Archived Related Technical Decisions

• 0596 – VPN Traffic Permitted in FDP_IFC_EXT.1
• 0579 – FAU_GEN.1, item 7
• 0523 – Updates to Certificate Revocation (FIA_X509_EXT.1)
• 0502 – Cryptographic selections and updates for MDF PP
• 0468 – Bluetooth pairing vs connection
• 0426 – Correction of Inconsistency with RFC7748
• 0413 – Conformance Claim to allow for a PP-Module
• 0371 – Section F.2 [Use Case 2]
• 0369 – Long-term trusted channel key material
• 0366 – Flexibility in Password Conditioning in FCS_COP.1(5)
• 0351 – Additional methods for DEK formation
• 0347 – Update of Use Case 2 in MDF PP
• 0346 – Revision of FMT_SMF_EXT.2 in MDF PP
• 0305 – Handling of TLS connections with and without mutual authentication
• 0304 – Update to FCS_TLSC_EXT.1.2
• 0301 – Updates to Administrator Management and Biometric Authenication
• 0244 – FCS_TLSC_EXT - TLS Client Curves Allowed
• 0236 – FCS_TLSC_EXT.2.1 - TLS Client Curve Limitation