Assurance Continuity - Samsung Galaxy Devices on Android 11 – Spring, expanded to include Galaxy Note20, Galaxy Tab S7 and Z Flip 5G series of devices with Qualcomm processors
Date of Maintenance Completion: 2022.02.25CC Certificate Validation Report Assurance Activity
Product Type: Virtual Private Network
Conformance Claim: Protection Profile Compliant
PP Identifier: PP-Module for VPN Client Version 2.1
Protection Profile for Mobile Device Fundamentals Version 3.1
Extended Package for Wireless LAN Client Version 1.0
Original Evaluated TOE: 2021.03.15 - Samsung Galaxy Devices on Android 11 - Spring
Please note: The above files are for the Original Evaluated TOE. Consequently, they do not refer to this maintained version, although they apply to the maintained version.
Security Target * Assurance Continuity Maintenance Report Administrative Guide
Please note: This serves as an addendum to the VR for the Original Evaluated TOE.
* This is the Security Target (ST) associated with this latest Maintenance Release. To view previous STs for this TOE, click here.
Readers are reminded that the certification of this product (TOE) is the result of maintenance, rather than an actual re-evaluation of the product. Maintenance only considers the affect of TOE changes on the assurance baseline (i.e. the original evaluated TOE); maintenance is not intended to provide assurance in regard to the resistance of the TOE to new vulnerabilities or attack methods discovered since the date of the initial certificate. Such assurance can only be gained through re-evaluation.
Using a security impact analysis of the changes made to the TOE, which was provided by the developer, the CCEVS has determined that the impact of changes on the TOE are considered minor and that independent evaluator analysis was not necessary. A summary of the results can be found in the Maintenance Report, which is written in relation to the product's original validation report and Security Target. Readers are therefore reminded to read the Security Target, Validation Report, and the Assurance Maintenance Report to fully understand the meaning of what a maintained certificate represents.
The new devices covered by this IAR are added as equivalent devices to the evaluated devices of the Galaxy S21+ 5G and Galaxy S21 5G (Qualcomm) shown in the entry row for Galaxy S21 Ultra 5G in the following table. The specific equivalent additions are highlighted in yellow in the table below. All non-highlighted devices in the table were included in the previous Assurance Maintenance action documented in CCEVS-VR-VID11160-2021, 3/15/2022.
The following table lists differences from the common hardware model Galaxy S21 Ultra 5G. The TOE software is identical on all models, and changes are based on the differences in the hardware components where there are variations from the previously certified model. Changes related to utilizing two screens on the new devices are outside the boundary of the TOE software (and hardware).
The security software portion of the TOE boundary, as defined in the TSF Inventory section of the Samsung Electronics Co., Ltd. Samsung Galaxy Devices on Android 11 - Spring Key Management Description, version 1.1, December 15, 2021, is identical between all models. There are no additional security features in the new devices, all changes are outside the core components of the TOE.
The S20 FE device models added as part of this maintenance action differ from the earlier S20 series devices in screen size and screen resolution. The added devices represent a minor change to the TOE.
Samsung Electronics Co., Ltd.