Page i
Huawei AppGallery Security Target
DOCUMENT VERSION 0.3
DOCUMENT DATE 15 JUNE 2020
17 March 2021
Document Version 1.0
Page i
Document management
Document identification
Document title Huawei AppGallery Security Target
Document date 17 March 2021
Prepared by Securelytics
Release Authority Huawei
Product version 10.4.0.301
Document history
Version Date Description
0.1 10 June 2020 Initial Released.
0.2 13 June 2020 Content Updated.
0.3 15 June 2020 Content Updated based on Evaluation Test Lab feedback.
0.4 7 July 2020 Content Updated based on Evaluation Test Lab feedback.
0.4.1 10 July 2020 Minor content Updated based on Evaluation Test Lab feedback.
0.5 23 July 2020 Update based on EOR.
0.6 13 Aug 2020 Update based on EOR.
0.7 28 Aug 2020 Update based on EOR.
0.8 4 Sept 2020 Update based on EOR.
0.9 5 Nov 2020 Content Updated.
0.10 19 Nov 2020 Update based on EOR.
0.11 30 Nov 2020 Content Updated.
0.12 10 Feb 2021 Update identification and Authentication operation.
0.13 24 Feb 2021 Content Updated.
Page ii
Version Date Description
0.14 8 Mar 2021 Content Updated
1.0 17 Mar 2021 Final.
Page iii
Table of Contents
1 Security Target Introduction ...................................................................................................1
1.1 ST Reference...........................................................................................................................1
1.2 TOE Reference........................................................................................................................1
1.3 Document Organization .........................................................................................................1
1.4 TOE overview .........................................................................................................................2
1.4.1 TOE usage and major security functions.......................................................................................... 2
1.4.2 TOE Type .......................................................................................................................................... 3
1.4.3 Supporting Hardware, software and/or firmware........................................................................... 4
1.4.4 Excluded from the TOE .................................................................................................................... 4
1.5 TOE description ......................................................................................................................5
1.5.1 Physical scope of the TOE ................................................................................................................ 5
1.5.2 Logical scope of the TOE .................................................................................................................. 6
2 Conformance Claim.................................................................................................................8
3 Security objectives..................................................................................................................9
3.1 Overview ................................................................................................................................9
3.2 Security objectives for the Environment................................................................................9
4 Security requirements........................................................................................................... 10
4.1 Overview ..............................................................................................................................10
4.2 Security Functional Requirements (SFR) ..............................................................................11
4.2.1 User attribute definition (FIA_ATD.1) ............................................................................................ 11
4.2.2 User authentication before any action (FIA_UAU.2) ..................................................................... 11
4.2.3 User identification before any action (FIA_UID.2)......................................................................... 11
4.2.4 Management of security attributes (FMT_MSA.1) ........................................................................ 11
4.2.5 Static attribute initialisation (FMT_MSA.3).................................................................................... 12
4.2.6 Specification of Management Functions (FMT_SMF.1)................................................................. 12
4.2.7 Security roles (FMT_SMR.1)........................................................................................................... 13
4.2.8 Security attribute based access control (FDP_ACF.1) .................................................................... 13
4.2.9 Complete access control (FDP_ACC.1)........................................................................................... 14
4.2.10 User-initiated termination (FTA_SSL.4).......................................................................................... 15
4.2.11 Inter-TSF trusted channel (FTP_ITC.1) ........................................................................................... 15
5 TOE Security Assurance Requirements .................................................................................. 16
6 TOE Summary Specification................................................................................................... 17
6.1.1 Overview........................................................................................................................................ 17
6.1.2 Mapping of TOE Logical Scope towards the SFRs .......................................................................... 17
Page 1
1 Security Target Introduction
1.1 ST Reference
Table 1: Security Target (ST) Reference
ST TITLE Huawei AppGallery Security Target
ST VERSION 1.0
ST DATE 17 March 2021
1.2 TOE Reference
Table 2: Target of Evaluation (TOE) Reference
TOE TITLE Huawei AppGallery
TOE VERSION 10.4.0.301
1.3 Document Organization
This document is organized into the following major sections:
• Section 1 provides the introductory material for the ST as well as the TOE description
(ASE_INT.1).
• Section 2 provides the conformance claims for the evaluation (ASE_CCL.1).
• Section 3 defines the security objectives for the TOE and the operational environment
(ASE_OBJ.1).
• Section 4 contains the security functional and assurance requirements derived from the
Common Criteria Part 2 and 3 respectively, which are in turn satisfied by the TOE and the
development lifecycle (ASE_REQ.1).
• Section 5 contains the security assurance requirements derived from the Common Criteria,
Part 3 (ASE_REQ.1).
• Section 6 provides a summary of the TOE specification, identifying the IT security functions
provided by the TOE (ASE_TSS.1).
Page 2
1.4 TOE overview
1.4.1 TOE usage and major security functions
The Target of Evaluation (TOE) is Huawei AppGallery version 10.4.0.301. The TOE is a mobile
application that equipped with the capability as mobile applications distribution platform, as official
app of Huawei. The TOE also known as Huawei AppGallery features with assurance of providing secure
platform for user to purchase, download, install, view list (sort/search), monitor, update and remove
all registered 3rd
party mobile applications. The TOE user able to use the TOE for other functions such
as receiving reward, managing gift (claim and redeem), writing comment/remark on 3rd
party mobile
application page, perform pre-orders and managing wish list.
The Huawei AppGallery as the TOE is designed specifically for Huawei mobile devices and Huawei
mobile operating system to allow user experience of purchase, download, install, view list
(sort/search), monitor, update and remove all type of registered 3rd
party mobile applications, reward,
gift and remark, pre-orders, wish list and comment notification in Huawei mobile devices platform.
The following is the list of key features of the TOE, as stated below:
i. TOE have access to catalogue of carefully selected android apps;
ii. Enable security with quad-layer security mechanism that includes Huawei’s unique security
manual verification check and validation;
iii. User reward and benefits upon usage of the Huawei AppGallery as mobile application
manager platform;
iv. Smart search feature for user experience in exploring all types of mobile application varieties
registered with Huawei, developed by authorised app developer by Huawei;
v. Auto-update applications for all mobile application under management of Huawei AppGallery
via Wi-Fi for optimise mobile application updates; and
vi. User experience in application discovery upon different region stores with local varieties of
mobile application for selection.
The following table highlights the range of security functions implemented by the TOE, as stated.
Table 3: TOE Security Features
SECURITY FEATURE DESCRIPTION
Identification and
Authentication
User of Huawei mobile devices requires to perform successful
identification and authentication with the TOE before any information
flows are permitted. In this process, TOE user is requiring to be
authentication to allow any actions made in the TOE operations.
Security Management The TOE provides security management functions that allow the TOE user
to manage the TOE, 3rd
party mobile applications and TOE security
functions.
Page 3
SECURITY FEATURE DESCRIPTION
Secure
Communication
The TOE is able to protect the user data from disclosure and modification
using a secure communication between TOE as mobile application and
TOE server managed by TOE developer. In the event of the TOE are close
or exit or send to background process performed by the TOE user, the
communication between TOE and TOE server will be terminated.
1.4.2 TOE Type
The TOE type is a mobile application that provides TOE users access to all registered 3rd
party mobile
applications as application distribution platform with all relevant security features as per mentioned
in the TOE logical scope.
Page 4
1.4.3 Supporting Hardware, software and/or firmware
The underlying hardware and software that is used to support the TOE are as follows. These two
models and specifications of Huawei mobile devices are been used as TOE underlying operating
platform and shall be consider not part of TOE scope.
Table 4: Non-TOE Hardware and Software Specification
NON-TOE HARDWARE AND SOFTWARE SPECIFICATION
Huawei Android
operating system (EMUI)
EMUI 9.1 (Based on Android 9) EMUI 9.1.1 (Based on Android 9)
Processor HUAWEI Kirin 710F Hisilicon Kirin 710
Memory RAM: 4GB
Internal Memory: 64GB
RAM: 4GB
Internal Memory: 128GB
The TOE also able to operate within the following list of underlaying operating system as per
mentioned below. The listed below is the minimum requirements for AppGallery. However, it is not
part of the TOE configuration evaluated for the certification.
i. Huawei Android operating system (EMUI) versions: 3.1, 4.0, 4.1, 5.0 and 8.1.
ii. Android OS versions: 5.0, 6.0, 7.0 and 8.1.
1.4.4 Excluded from the TOE
The only security functionality addressed by the evaluation is the functionality specified by the security
functional requirements, and does not include additional platforms or specifications as stated below,
such as:
i. Huawei mobile devices inclusive of its hardware and physical characteristics;
ii. All pre-install application comes with the Huawei mobile devices upon purchasing of the
device or first starting up of the Huawei mobile devices;
iii. All installed 3rd
party mobile applications performed by TOE user in the Huawei mobile devices
inclusive of any 3rd
party APK files and/or comes from Huawei AppGallery;
iv. TOE back-end server managed by the TOE developer (Huawei) that hosted all the 3rd
party
mobile applications for TOE as application distribution platform; and
v. Type of network connectivity used by the TOE such as Wi-Fi and mobile data network.
Page 5
1.5 TOE description
1.5.1 Physical scope of the TOE
Figure 1: TOE Physical Scope
Note that, the RED box is the scope evaluation of the TOE.
The TOE is a mobile application that played role as applications distribution platform for other mobile
application APK file to initiate TOE functions as stated below:
a. Purchase, download, and install the paid 3rd
party mobile application(s);
b. Monitor and update the 3rd
party mobile application(s) has been notified by the TOE upon
update available;
c. Remove selected 3rd
party mobile application(s) selected by TOE user
d. Receiving rewards;
e. Managing gifts (claim and redeem);
f. Writing comment/remark; and
g. Perform pre-orders.
These TOE functions are secure operates within Huawei mobile device Android operating system. Note
that, third party components listed in Section 1.4.3 and Section 1.4.4 are not part of the TOE as scope
of evaluation.
Aside of operate as applications distribution platform in the Huawei mobile device Android operating
system, the TOE communicates with the TOE server to perform the following TOE functions as listed
Page 6
above. Whilst, to ensure its secure operating environment are enforce through continuous usage by
the TOE user and ensuring the 3rd
party mobile applications are up to date via constant updates. The
Huawei back-end cloud server (also known as TOE server) is not part of the TOE. TOE user able to
perform TOE management functions based on the listed TOE functions listed above.
Before the TOE is operates as application distribution platform manager, TOE required to be identified
and authenticated before any relevant actions are allowed by the TOE to be performed by TOE user
on the TOE.
Between TOE and TOE server are communicates using secure communication protocols. The secure
communication channel is secured by using international standards or industry-recognized security
protocols that supports the following secure protocols: TLS v1.0, v1.1, v1.2 and v1.3. Likewise, the TOE
also enables secure operations in the Huawei mobile device Android operating system to ensure all
3rd
party mobile applications managed by the TOE are securely operates within the Android operating
system operational environment. Note that, TOE server that hosting all registered developer mobile
applications are not part of TOE scope.
Note that, all operations of the TOE inclusive of its installation process, delivery of the TOE,
management of the TOE and handling of the TOE shall be elaborate further in the Guidance (AGD)
documentation. TOE shall be accessible through download in form of APK file (such APK format
example: com.huawei.appmarket.apk or com.huawei.appmarket.2007011605.apk) from the Huawei
portal as mentioned below.
https://consumer.huawei.com/my/mobileservices/appgallery/
To download the TOE with this version 10.4.0.301, kindly refer to below link.
https://huawei-appgallery.en.uptodown.com/android/download/2209976
All underlying operating system and the hardware components describe in this document shall be
treated as not part of the TOE scope. The components are not part of the TOE scope defined in Section
1.4.3 and 1.4.4.
1.5.2 Logical scope of the TOE
The following is the list of TOE logical scope that defined in this document, covers by the Security
Functional Requirements (SFRs).
A. Identification & Authentication. The TOE requires that TOE user is successfully identified and
authenticated before any interactions with protected resources (registered APKs) which allow
TOE user to purchase and download the 3rd
party mobile applications, reward, gift and remark,
pre-orders, wish list and comment notification. Additionally, TOE user requires to be identified
and authenticated (via login into the Huawei registered account) before accessing the TOE as
applications distribution platform.
B. Security Management: The TOE provides security management functions that allow the TOE
user to manage the TOE functions as the following stated below.
a. Purchase, download, and install the paid 3rd
party mobile application(s);
Page 7
b. Monitor and update the 3rd
party mobile application(s) has been notified by the TOE
upon update available;
c. Remove selected 3rd
party mobile application(s) selected by TOE user
d. Receiving rewards;
e. Managing gifts (claim and redeem);
f. Writing comment/remark; and
g. Perform pre-orders.
The TOE restricts access to the management functions applicable for TOE user with registered
account with Huawei.
C. Secure Communication: The TOE is able to protect the user data from disclosure and
modification using a secure communication between TOE and TOE server for mobile APK file
download and updates. If the TOE exit, close or send to background processes by the
underlying operating system, the communication between TOE and TOE server will be
terminated.
Page 8
2 Conformance Claim
The ST and TOE are conformant to version 3.1 (REV 5) of the Common Criteria for Information
Technology Security Evaluation.
The following conformance claims are made for the TOE and ST:
• Part 2 conformant. Conformant with Common Criteria for Information Technology Security
Evaluation Part 2: Security functional requirements, version 3.1 (REV 5), April 2017. There is
not extended security functional requirements declared in this document.
• Part 3 conformant, EAL1. Conformant with Common Criteria for Information Technology
Security Evaluation Part 3: Security assurance requirements, version 3.1 (REV 5), April 2017.
Evaluation is EAL1.
Page 9
3 Security objectives
3.1 Overview
The objectives are concise, abstract statements of the intended solution to the problem defined by
the security problem definition. The set of security objectives for a TOE form a high-level solution to
the security problem. This high-level solution is divided into two part-wise solutions: the security
objectives for the TOE, and the security objectives for the TOE’s operational environment. This section
identifies the security objectives for the TOE and its supporting environment.
3.2 Security objectives for the Environment
Table 5: Security Objectives for the Environment
IDENTIFIER OBJECTIVE STATEMENTS
OE.INSTALL The TOE shall be delivered, installed, configured and set up in
accordance with installation procedures defined in the guidance
documentation.
OE.OS The Huawei Android operating system are continuously hardened by
Huawei to counter the perceived threats. The server-side hardening
includes establish a secure configuration to the OS, configure OS
audit logs, configure proper OS authentication and permission, and
ensure legacy services are not enabled.
OE.UPDATE Huawei shall provide updates of the TOE on a regular basis.
Page 10
4 Security requirements
4.1 Overview
This section defines the security requirements satisfied by the TOE. Each requirement has been
extracted from version 3.1 (REV 5) of the Common Criteria, part 2 providing functional requirements
and part 3 providing assurance requirements.
Part 2 of the Common Criteria defines an approved set of operations that may be applied to security
functional requirements. Following are the approved operations and the document conventions used
within this ST to depict their application:
i. Assignment. The assignment operation provides the ability to specify an identified parameter
within a requirement. Assignments are depicted using bolded text and are surrounded by
square brackets as follows [assignment].
ii. Selection. The selection operation allows the specification of one or more items from a list.
Selections are depicted using bold italics text and are surrounded by square brackets as
follows [selection].
iii. Refinement. The refinement operation allows the addition of extra detail to a requirement.
Refinements are indicated using bolded text, for additions, and strike-through, for deletions.
iv. Iteration. The iteration operation allows a component to be used more than once with
varying operations. Iterations are depicted by placing a letter at the end of the component
identifier as follows FDP_IFF.1a and FDP_IFF.1b.
Page 11
4.2 Security Functional Requirements (SFR)
4.2.1 User attribute definition (FIA_ATD.1)
FIA_ATD.1.1 The TSF shall maintain the following list of security attributes belonging
to individual users: [
a. Email Address and password, or
b. Phone Number and verification code].
Dependencies No dependencies
Hierarchical to: No other components.
4.2.2 User authentication before any action (FIA_UAU.2)
FIA_UAU.2.1 The TSF shall require each user to be successfully authenticated before
allowing any other TSF-mediated actions on behalf of that user.
Dependencies: FIA_UID.1 Timing of identification
Hierarchical to: FIA_UAU.1 Timing of authentication
4.2.3 User identification before any action (FIA_UID.2)
FIA_UID.2.1 The TSF shall require each user to be successfully identified before
allowing any other TSF-mediated actions on behalf of that user.
Dependencies: No dependencies.
Hierarchical to: FIA_UID.1 Timing of identification
4.2.4 Management of security attributes (FMT_MSA.1)
FMT_MSA.1.1 The TSF shall enforce the [access control SFP (HAG)] to restrict the
ability to [
a. Purchase, download, and install the paid 3rd
party mobile
application(s);
b. Monitor and update the 3rd
party mobile application(s) has
been notified by the TOE upon update available;
c. Remove selected 3rd
party mobile application(s) selected by
TOE user;
d. Receiving rewards;
Page 12
e. Managing gifts (claim and redeem);
f. Writing comment/remark; and
g. Perform pre-orders]
the security attributes [object defined in the table of FDP_ACF.1.1] to
[TOE user].
Dependencies: [FDP_ACC.1 Subset access control, or
FDP_IFC.1 Subset information flow control]
FMT_SMR.1 Security roles
FMT_SMF.1 Specification of Management Function
Hierarchical to: No other components.
4.2.5 Static attribute initialisation (FMT_MSA.3)
FMT_MSA.3.1 The TSF shall enforce the [access control SFP (HAG), based on the
information stated in the table of FDP_ACF.1.1] to provide
[permissive] default values for security attributes that are used to
enforce the SFP.
FMT_MSA.3.2 The TSF shall allow the [the authorised identified roles] to specify
alternative initial values to override the default values when an object
or information is created.
Dependencies: FMT_MSA.1 Management of security attributes
FMT_SMR.1 Security roles
Hierarchical to: No other components.
Application Notes: HAG stands for “Huawei AppGallery”. The initial been used for only
labelling purpose.
4.2.6 Specification of Management Functions (FMT_SMF.1)
FMT_SMF.1.1 The TSF shall be capable of performing the following management
functions: [as requested by the TOE User in the TOE, listed below:
a. Purchase, download, and install the paid 3rd
party mobile
application(s);
b. Monitor and update the 3rd
party mobile application(s) has
been notified by the TOE upon update available;
Page 13
c. Remove selected 3rd
party mobile application(s) selected by
TOE user;
d. Receiving rewards;
e. Managing gifts (claim and redeem);
f. Writing comment/remark; and
g. Perform pre-orders].
Dependencies: No dependencies.
Hierarchical to: No other components.
4.2.7 Security roles (FMT_SMR.1)
FMT_SMR.1.1 The TSF shall maintain the roles [TOE user].
FMT_SMR.1.2 The TSF shall be able to associate users with roles.
Dependencies: FIA_UID.1 Timing of identification
Hierarchical to: No other components.
4.2.8 Security attribute based access control (FDP_ACF.1)
FDP_ACF.1.1 The TSF shall enforce the [access control SFP (HAG)] to objects based
on the following: [information stated in the table below:
Table 6: TOE Security Attribute of the SFP (HAG)
SUBJECT OBJECT OPERATION/RULES
TOE user Mobile Application
a. Purchase, download,
and install the paid
3rd
party mobile
application(s);
b. Monitor and update
the 3rd
party mobile
application(s) has
been notified by the
TOE upon update
available;
c. Remove selected 3rd
party mobile
Page 14
application(s)
selected by TOE user;
d. Receiving rewards;
e. Managing gifts
(claim and redeem);
f. Writing
comment/remark;
and
g. Perform pre-orders.
TOE user User Account Manage profile and
credentials.
].
FDP_ACF.1.2 The TSF shall enforce the following rules to determine if an operation
among controlled subjects and controlled objects is allowed:
[operations/rules based on the information stated in the table of
FDP_ACF.1.1].
FDP_ACF.1.3 The TSF shall explicitly authorise access of subjects to objects based on
the following additional rules: [None].
FDP_ACF.1.4 The TSF shall explicitly deny access of subjects to objects based on the
following additional rules: [None].
Dependencies: FDP_ACC.1 Subset access control.
FMT_MSA.3 Static attribute initialization
Hierarchical to: No other components.
Application Notes: HAG stands for “Huawei AppGallery”. The initial been used for only
labelling purpose.
4.2.9 Complete access control (FDP_ACC.1)
FDP_ACC.1.1 The TSF shall enforce the [access control SFP (HAG)] on
[operations/rules based on the information stated in the table of
FDP_ACF.1.1].
Dependencies: FDP_ACF.1 Security attribute based access control
Hierarchical to: No other components.
Page 15
Application Notes: HAG stands for “Huawei AppGallery”. The initial been used for only
labelling purpose.
4.2.10 User-initiated termination (FTA_SSL.4)
FTA_SSL.4.1 The TSF shall allow user-initiated termination of the user's own
interactive session.
Dependencies: No dependencies.
Hierarchical to: No other components.
Application Notes: None.
4.2.11 Inter-TSF trusted channel (FTP_ITC.1)
FTP_ITC.1.1 The TSF shall provide a communication channel between itself and
another trusted IT product that is logically distinct from other
communication channels and provides assured identification of its end
points and protection of the channel data from modification or
disclosure.
FTP_ITC.1.2 The TSF shall permit [the TSF] to initiate communication via the trusted
channel.
FTP_ITC.1.3 The TSF shall initiate communication via the trusted channel for [secure
communication with TOE server].
Dependencies: No dependencies.
Hierarchical to: No other components.
Application Notes: None.
Page 16
5 TOE Security Assurance Requirements
EAL1 provides an evaluation of the TOE as made available to the customer, including independent
testing against a specification, and an examination of the guidance documentation provided. It is
intended that an EAL1 evaluation could be successfully conducted without assistance from the
developer of the TOE, and for minimal outlay.
EAL1 provides a basic level of assurance by a limited Security Target (ST) and an analysis of the SFRs in
that Security Target (ST) using a functional and interface specification and guidance documentation,
to understand the security behaviour.
The analysis is supported by a search for potential vulnerabilities in the public domain and
independent testing (functional and penetration) of the TSF.
EAL1 also provides assurance through unique identification of the TOE and of the relevant evaluation
documents. Below is the listed of security assurance requirements defined by EAL1.
Table 7: SAR
ASSURANCE CLASS ASSURANCE COMPONENTS
ADV: Development ADV_FSP.1 Basic functional specification
AGD: Guidance documents AGD_OPE.1 Operational user guidance
AGD_PRE.1 Preparative procedures
ALC: Life cycle support ALC_CMC.1 Labelling of the TOE
ALC_CMS.1 TOE CM coverage
ASE: Security Target
evaluation
ASE_CCL.1 Conformance claims
ASE_ECD.1 Extended components definition
ASE_INT.1 ST Introduction
ASE_OBJ.1 Security objectives for the operational environment
ASE_REQ.1 Stated security requirements
ASE_TSS.1 TOE summary specification
ATE: Tests ATE_IND.1 Independent testing – conformance
AVA: Vulnerability assessment AVA_VAN.1 Vulnerability survey
Page 17
6 TOE Summary Specification
6.1.1 Overview
This section provides the TOE summary specification in which, illustrates the mapping of justifications
on the TOE security functions in achieving the consistency with the logical scope of the TOE. Thus, the
following mapping that leads with the scope of TOE shall justify the requirements of SFRs defined.
6.1.2 Mapping of TOE Logical Scope towards the SFRs
The following the descriptions of mapping between TOE logical scope with the list of Security
Functional Requirements (SFRs) defined in this document. Whilst this mapping shall elaborate the
components of the TOE defined in the Logical Scope are meeting the SFRs as per required by the CEM.
Table 8: Mapping between Logical Scope and SFRs
LOGICAL SCOPE SECURITY FUNCTIONAL REQUIREMENT (SFR)
Identification and Authentication FIA_ATD.1
FIA_UAU.2
FIA_UID.2
Security Management FMT_MSA.1
FMT_MSA.3
FMT_SMF.1
FMT_SMR.1
FDP_ACC.1
FDP_ACF.1
Secure Communication FTA_SSL.4
FTP_ITC.1
6.1.2.1 Identification and Authentication
The TOE shall enforce security login through the identification and authentication processes where
TOE user shall provide valid email address and password or phone number and verification code as
login credential. The TOE protects all relevant data and configuration related to TOE operations as well
TOE user in the TOE registration database, whilst enforcing secure authentication through the
credential.
The TOE interacts with TOE server from Huawei Cloud to process the incoming request from the TOE
and TOE user. The TOE implements access control and authentication measures to ensure that TOE
Page 18
data and functionality is not misused by unauthorised 3rd
parties. Note that, the TOE server is not part
of the TOE scope of evaluation.
Each TOE login process supported through secure communication in between TOE and TOE server
hosted by Huawei Cloud. Details of the TOE operations of the identification and authentication
functions of the TOE kindly refer to TOE Guidance documentations. Note that, the TOE server is not
part of TOE scope.
6.1.2.2 Security Management
TOE user shall have accessed the TOE using registered and verified credential in protecting the TOE
from illegitimate access and outside threats. Any accessibility channel to the TOE shall be within
approve and secure operational environment of the TOE and its underlying operating system, Huawei
Android operating system.
Through the TOE, the TOE user shall manage the operations of the TOE by managing each functions
of the TOE which are the following, as stated below.
a. Purchase, download, and install the paid 3rd
party mobile application(s);
b. Monitor and update the 3rd
party mobile application(s) has been notified by the TOE upon
update available;
c. Remove selected 3rd
party mobile application(s) selected by TOE user
d. Receiving rewards;
e. Managing gifts (claim and redeem);
f. Writing comment/remark; and
g. Perform pre-orders.
Detail operations of the security management functions of the TOE, kindly refer to TOE Guidance
documentations.
6.1.2.3 Secure Communication
TOE initiate secure communication with the TOE server (managed by Huawei Cloud) and vice versa,
with the objective of ensuring the TOE as whole solution are not being compromise or the transmitted
data were not being tampered in its operations along the way. Transmission of data request by the
TOE especially for 3rd
party mobile application download and updates shall be in a secure
communication channel approved by Huawei Cloud operations. This is to preventing attacker from
access the TOE and made unauthorized changes.
Any activities performed by the TOE user on the TOE such as download and updating 3rd
party mobile
application are terminated (disconnected from secure communication session) if the TOE user exiting
the TOE through force exit (using method of “Clear All” functions) through the push button “switch
application” of the navigation menu.
Page 19
In the event of the TOE user exit or close or in certain case of the TOE process are put in the background
mode by the underlying operating system, the secure communication between TOE and TOE server
will be disconnected to protect the communication from communication threats and risk. Once the
TOE is re-open back by the TOE user, the TOE will initiated secure communication with the TOE server.
The secure communication channel is secured by using international standards or industry-recognized
security protocols that supports the following secure protocols: TLS v1.0, v1.1, v1.2 and v1.3.
END OF DOCUMENT