Samsung VPN on Tizen v2.3
August 21, 2015
National Information Assurance Partnership
Common Criteria Evaluation and Validation Scheme
Validation Report
Samsung Z VPN on Tizen v2.3
Report Number: CCEVS-VR-VID10613-2015
Version 1.0
August 21, 2015
National Institute of Standards and Technology National Security Agency
Information Technology Laboratory Information Assurance Directorate
100 Bureau Drive 9800 Savage Road STE 6940
Gaithersburg, MD 20899 Fort George G. Meade, MD 20755-6940
®
TM
VALIDATION REPORT
Samsung Z VPN on Tizen v2.3
ii
ACKNOWLEDGEMENTS
Validation Team
Jerome Myers, Senior Validator
The Aerospace Corporation
Luke Florer, Lead Validator
The Aerospace Corporation
Common Criteria Testing Laboratory
Christopher Gugel, CC Technical Director
Justin Fisher
Chris Rakaczky
Booz Allen Hamilton (BAH)
Linthicum Heights, Maryland
Samsung VPN on Tizen v2.3
August 21, 2015
Table of Contents
1 EXECUTIVE SUMMARY................................................................................................................................4
2 IDENTIFICATION ...........................................................................................................................................5
3 ASSUMPTIONS AND CLARIFICATION OF SCOPE.................................................................................6
4 ARCHITECTURAL INFORMATION............................................................................................................8
4.1 TOE INTRODUCTION........................................................................................................................................8
4.2 PHYSICAL BOUNDARIES...................................................................................................................................8
5 SECURITY POLICY ......................................................................................................................................10
5.1 CRYPTOGRAPHIC SUPPORT.............................................................................................................................10
5.2 USER DATA PROTECTION...............................................................................................................................10
5.3 IDENTIFICATION AND AUTHENTICATION........................................................................................................10
5.4 SECURITY MANAGEMENT ..............................................................................................................................10
5.5 PROTECTION OF THE TSF...............................................................................................................................10
5.6 TRUSTED PATH/CHANNELS............................................................................................................................10
6 DOCUMENTATION.......................................................................................................................................11
7 EVALUATED CONFIGURATION...............................................................................................................12
8 IT PRODUCT TESTING................................................................................................................................13
8.1 TEST CONFIGURATION ...................................................................................................................................13
8.2 DEVELOPER TESTING .....................................................................................................................................13
8.3 EVALUATION TEAM INDEPENDENT TESTING..................................................................................................13
8.4 EVALUATION TEAM VULNERABILITY TESTING..............................................................................................14
9 RESULTS OF THE EVALUATION..............................................................................................................15
9.1 EVALUATION OF THE SECURITY TARGET (ASE) ............................................................................................15
9.2 EVALUATION OF THE DEVELOPMENT (ADV).................................................................................................15
9.3 EVALUATION OF THE GUIDANCE DOCUMENTS (AGD)...................................................................................16
9.4 EVALUATION OF THE LIFE CYCLE SUPPORT ACTIVITIES (ALC).....................................................................16
9.5 EVALUATION OF THE TEST DOCUMENTATION AND THE TEST ACTIVITY (ATE).............................................16
9.6 VULNERABILITY ASSESSMENT ACTIVITY (VAN) ..........................................................................................16
9.7 SUMMARY OF EVALUATION RESULTS ............................................................................................................17
10 VALIDATOR COMMENTS ..........................................................................................................................18
11 ANNEXES ........................................................................................................................................................19
12 SECURITY TARGET .....................................................................................................................................20
13 LIST OF ACRONYMS....................................................................................................................................21
14 TERMINOLOGY ............................................................................................................................................22
15 BIBLIOGRAPHY ............................................................................................................................................23
VALIDATION REPORT
Samsung Z VPN on Tizen v2.3
4
1 Executive Summary
This report documents the assessment of the National Information Assurance Partnership
(NIAP) validation team of the evaluation of Samsung Z VPN on Tizen v2.3, provided by
Samsung Electronics Corporation. It presents the evaluation results, their justifications,
and the conformance results. This Validation Report is not an endorsement of the Target
of Evaluation by any agency of the U.S. government, and no warranty is either expressed
or implied.
The evaluation was performed by the Booz Allen Hamilton Inc. Common Criteria
Testing Laboratory (CCTL) in Linthicum Heights, Maryland, United States of America,
and was completed in August 2015. The information in this report is largely derived from
the Evaluation Technical Report (ETR) and associated test reports, all written by Booz
Allen. The evaluation determined that the product is both Common Criteria Part 2
Extended and Part 3 Conformant, and meets the assurance requirements set forth in the
Protection Profile IPsec Virtual Private Network (VPN) Client, version 1.4 (IPsec VPN
Client PP).
The Target of Evaluation (TOE) is the Samsung Z VPN on Tizen v2.3. The Samsung VPN
TOE allows users the ability to have confidentiality, integrity, and protection of data in
transit over a public or private network.
The Target of Evaluation (TOE) identified in this Validation Report has been evaluated at
a NIAP approved Common Criteria Testing Laboratory using the Common Methodology
for IT Security Evaluation (Version 3.1, Rev 4) for conformance to the Common Criteria
for IT Security Evaluation (Version 3.1, Rev 4), as interpreted by the Assurance
Activities contained in the IPsec VPN Client PP. This Validation Report applies only to
the specific version of the TOE as evaluated. The evaluation has been conducted in
accordance with the provisions of the NIAP Common Criteria Evaluation and Validation
Scheme and the conclusions of the testing laboratory in the evaluation technical report is
consistent with the evidence provided.
The validation team provided guidance on technical issues and evaluation processes, and
reviewed the individual work units of the ETR for the IPsec VPN Client PP Assurance
Activities. The validation team found that the evaluation showed that the product satisfies
all of the functional requirements and assurance requirements stated in the Security
Target (ST). Therefore the validation team concludes that the testing laboratory’s
findings are accurate, the conclusions justified, and the conformance results are correct.
The conclusions of the testing laboratory in the evaluation technical report are consistent
with the evidence produced.
The technical information included in this report was obtained from the Samsung Z VPN
on Tizen v2.3 with Qualcomm Processors Security Target Version 1.0 August 21, 2015
and analysis performed by the Validation Team.
VALIDATION REPORT
Samsung Z VPN on Tizen v2.3
5
2 Identification
The CCEVS is a joint National Security Agency (NSA) and National Institute of
Standards effort to establish commercial facilities to perform trusted product evaluations.
Under this program, security evaluations are conducted by commercial testing
laboratories called Common Criteria Testing Laboratories (CCTLs). CCTLs evaluate
products against Protection Profile containing Assurance Activities, which are
interpretation of CEM work units specific to the technology described by the PP.
The NIAP Validation Body assigns Validators to monitor the CCTLs to ensure quality
and consistency across evaluations. Developers of information technology products
desiring a security evaluation contract with a CCTL and pay a fee for their product’s
evaluation. Upon successful completion of the evaluation, the product is added to NIAP’s
Product Compliance List.
Table 1 provides information needed to completely identify the product, including:
 The Target of Evaluation (TOE): the fully qualified identifier of the product as
evaluated.
 The Security Target (ST), describing the security features, claims, and assurances
of the product.
 The conformance result of the evaluation.
 The Protection Profile to which the product is conformant.
 The organizations and individuals participating in the evaluation.
Table 1 – Evaluation Identifiers
Item Identifier
Evaluation
Scheme
United States NIAP Common Criteria Evaluation and Validation
Scheme
TOE Samsung Z VPN on Tizen v2.3
*Refer to Table 2 for Specifications
Protection
Profile
Protection Profile IPsec Virtual Private Network (VPN) Client,
version 1.4
Security Target Samsung Z VPN on Tizen v2.3 with Qualcomm Processors Security
Target Version 1.0 August 21, 2015
Evaluation
Technical Report
Evaluation Technical Report for a Target of Evaluation "Samsung
VPN on Tizen v2.3 with Qualcomm Processors" Evaluation
Technical Report V1.0 dated August 21, 2015
CC Version Common Criteria for Information Technology Security Evaluation,
Version 3.1 Revision 4
Conformance Result CC Part 2 extended, CC Part 3 conformant
Sponsor Samsung Electronics Corporation
Developer Samsung Electronics Corporation
Common Criteria
Testing Lab (CCTL)
Booz Allen Hamilton, Linthicum, Maryland
CCEVS Validators Jerome Myers, The Aerospace Corporation
Luke Florer, The Aerospace Corporation
VALIDATION REPORT
Samsung Z VPN on Tizen v2.3
6
3 Assumptions and Clarification of Scope
3.1 Assumptions
The following assumptions about the operational environment are made regarding its
ability to provide security functionality.
 Information cannot flow onto the network to which the VPN Client's host is
connected without passing through the TOE.
 Physical security, commensurate with the value of the TOE and the data it
contains, is assumed to be provided by the environment.
 Personnel configuring the TOE and its operational environment will follow
the applicable security configuration guidance.
3.2 Threats
The following lists the threats addressed by the TOE. The assumed level of expertise of
the attacker for all the threats identified below is Enhanced-Basic.
 T.TSF_CONFIGURATION — Failure to allow configuration of the TSF
may prevent its users from being able to adequately implement their particular
security policy, leading to a compromise of user information.
 T.TSF_FAILURE — Security mechanisms of the TOE may fail, leading to a
compromise of the TSF.
 T.UNAUTHORIZED_ACCESS — A user may gain unauthorized access to
the TOE data. A malicious user, process, or external IT entity may
masquerade as an authorized entity in order to gain unauthorized access to
data or TOE resources. A malicious user, process, or external IT entity may
misrepresent itself as the TOE to obtain identification and authentication data.
 T.UNAUTHORIZED_UPDATE — A malicious party attempts to supply
the end user with an update to the product that may compromise the security
features of the TOE.
 T.USER_DATA_REUSE — User data may be inadvertently sent to a
destination not intended by the original sender because it is not rendered
inaccessible after it is done being used.
3.3 Objectives
The following identifies the security objectives of the TOE. These security objectives
reflect the stated intent to counter identified threats and/or comply with any security
policies identified.
 O.VPN_TUNNEL — The TOE will provide a network communication
channel protected by encryption that ensures that the VPN Client
communicates with an authenticated VPN Gateway.
 O.RESIDUAL_INFORMATION_CLEARING — The TOE will ensure
that any data contained in a protected resource is not available when the
resource is reallocated.
 O.TOE_ADMINISTRATION — The TOE will provide mechanisms to
allow administrators to be able to configure the TOE.
 O.TSF_SELF_TEST — The TOE will provide the capability to test some
subset of its security functionality to ensure it is operating properly.
VALIDATION REPORT
Samsung Z VPN on Tizen v2.3
7
 O.VERIFIABLE_UPDATES — The TOE will provide the capability to help
ensure that any updates to the TOE can be verified by the administrator to be
unaltered and (optionally) from a trusted source.
3.4 Clarification of Scope
All evaluations (and all products) have limitations, as well as potential misconceptions
that need clarifying. This text covers some of the more important limitations and
clarifications of this evaluation. Note that:
 As with any evaluation, this evaluation only shows that the evaluated
configuration meets the security claims made, with a certain level of assurance.
The level of assurance for this evaluation is defined within the Protection Profile
IPsec Virtual Private Network (VPN) Client, version 1.4 to which this evaluation
claimed exact compliance.
 Consistent with the expectations of the Protection Profile, this evaluation did not
specifically search for, nor seriously attempt to counter, vulnerabilities that were
not “obvious” or vulnerabilities to objectives not claimed in the ST. The CEM
defines an “obvious” vulnerability as one that is easily exploited with a minimum
of understanding of the TOE, technical sophistication and resources.
The evaluated configuration of the TOE includes the Samsung Z VPN on Tizen v2.3
product. The TOE includes all the code that enforces the policies identified (see
Section 5).
The Non-FIPS 140-2 mode of operation is excluded from the evaluation. This mode
will be disabled by configuration. The exclusion of this functionality does not affect
compliance to the Protection Profile IPsec Virtual Private Network (VPN) Client,
version 1.4.
VALIDATION REPORT
Samsung Z VPN on Tizen v2.3
8
4 Architectural Information
Note: The following architectural description is based on the description presented in
the Security Target.
4.1 TOE Introduction
The Target of Evaluation (TOE) is the Samsung Z VPN on Tizen v2.3. The Samsung
Z VPN on Tizen TOE allows users the ability to have confidentiality, integrity, and
protection of data in transit over a public or private network. The TOE is a mobile
operating system based on Linux 3.4 with modifications made to increase the level of
security provided to end users and enterprises. The TOE is intended to be used as part
of an enterprise data solution providing mobile staff with enterprise connectivity. The
TOE is within a configuration as specified in Section 4.2 below.
4.2 Physical Boundaries
The physical boundary of the TOE includes the TOE platform on which the TOE is
installed. This platform includes the MSM8974 model processor of the Snapdragon 800
chipset that has the following specifications:
Table 2 – Operational Environment System Requirements
Component Details
CPU Quad-core Krait 400 CPU at up to 2.3 GHz per core
GPU Qualcomm® Adreno™ 330 GPU
Modem
 Integrated 4G LTE Advanced World Mode, supporting LTE FDD, LTE
TDD, WCDMA (DC-HSPA+, DC-HSUPA), CDMA1x, EV-DO Rev. B,
TD-SCDMA and GSM/EDGE
 3rd generation integrated LTE modem, with support for LTE-Broadcast
RF
4th generation LTE multimode transceiver with Qualcomm RF360™ Front End
solution for world mode bands, lower power and PCB reduction
USB USB 2.0
Bluetooth BT4.0 integrated digital core
WiFi 1-stream 802.11n/ac Integrated digital core
Memory/Storage
LPDDR3 800MHz Dual-channel 32-bit (12.8GBps)/eMMC 5.0 SATA3 SD 3.0
(UHS-I)
The TOE resides on a network and supports the following hardware, software, and
firmware in its environment:
Table 3 – IT Environment Components
Component Definition
Certificate Authority A server in the operational environment that issues digital certificates.
VPN Gateway
A server in the operational environment that performs encryption and decryption of
IP packets as they cross the boundary between a private network and a public
network.
TOE platform
The Samsung Z device and the Tizen version 2.3 software on which the TOE is
installed.
MDM Server
A server in the Operational Environment that is responsible for the administration
of Mobile Devices.
VALIDATION REPORT
Samsung Z VPN on Tizen v2.3
9
VALIDATION REPORT
Samsung Z VPN on Tizen v2.3
10
5 Security Policy
5.1 Cryptographic Support
The IPsec implementation is the primary function of the TOE. IPSec is used by the TOE
to protect communication between itself and a VPN Gateway over an unprotected
network. With the exception of the IPsec implementation, the TOE relies upon the
underlying TOE platform (evaluated against the Protection Profile For Mobile Device
Fundamentals, Version 1.1 12 February 2014) for the cryptographic services specified in
this Security Target.
5.2 User Data Protection
The TOE ensures that residual information is protected from potential reuse in accessible
objects such as network packets by overwriting residual information in the buffer and
padding packet payloads.
5.3 Identification and Authentication
The TOE provides the ability to use, store, and protect X.509v3 certificates as defined by
RFC 5280 and pre-shared keys that are used for IPsec Virtual Private Network (VPN)
connections. The TOE also supports certificate revocation handling.
5.4 Security Management
The TOE, TOE platform, and VPN Gateway provide all functionality to manage the
security functions identified throughout this Security Target. In particular, the IPsec VPN
is fully configurable by a combination of functions provided directly by the TOE and
those available to the associated VPN Gateway.
5.5 Protection of the TSF
The TOE relies upon its underlying platform to perform self-tests that cover the TOE as
well as the functions necessary to securely update the TOE. It performs known answer
power on self-tests (POST) on its cryptographic algorithms to ensure that they are
functioning correctly. Samsung security manager service invokes self-test of the
OpenSSL module at start to ensure that those cryptographic algorithms are working
correctly. If the TOE platform fails its power-up tests, the TOE platform will lock itself,
which will prevent user login. Additionally, the Tizen OS on the TOE platform requires
that all applications bear a valid signature before Tizen will install the application.
5.6 Trusted Path/Channels
The TOE acts as a VPN Client using IPsec to established secure channels to
corresponding VPN Gateways.
VALIDATION REPORT
Samsung Z VPN on Tizen v2.3
11
6 Documentation
The following documentation located on NIAP’s website was used as evidence for
the evaluation of the Samsung Z VPN on Tizen:
 Samsung VPN Client on Samsung Tizen Devices VPN User Guidance
Documentation Version 2.0T August 13, 2015
There are many documents available on Samsung’s support website, but the above
mentioned document is the only one that is to be trusted as having been part of the
evaluation.
This guidance document contains the security-related guidance material for this
evaluation and must be referenced to place the product within the Common Criteria
evaluated configuration. The guidance document is applicable for all configurations
of the Samsung Z VPN on Tizen product claimed by this evaluation.
VALIDATION REPORT
Samsung Z VPN on Tizen v2.3
12
7 Evaluated Configuration
The evaluated configuration, as defined in the Security Target, is Samsung Z VPN on
Tizen v2.3.
To use the product in the evaluated configuration, the product must be configured as
specified in the Samsung VPN Client on Samsung Tizen Devices VPN User Guidance
Documentation Version 2.0T August 13, 2015 document. Refer to Section 6 for
information on where to retrieve the document from NIAP’s website and how to use this
document to configure the TOE into the evaluated configuration.
VALIDATION REPORT
Samsung Z VPN on Tizen v2.3
13
8 IT Product Testing
This section describes the testing efforts of the developer and the evaluation team. It is
derived from information contained in the Evaluation Technical Report for a Target of
Evaluation "Samsung VPN on Tizen v2.3 with Qualcomm Processors" Evaluation
Technical Report V1.0 dated August 21, 2015, which is not publically available.
8.1 Test Configuration
The evaluation team configured one environment for testing the TOE which was
configured according the Samsung VPN Client on Samsung Tizen Devices VPN User
Guidance Documentation Version 2.0T August 13, 2015 document.
The following test tools* were utilized during the testing:
 Wireless access point: Linksys E1200
 NAT Router: Cisco ISR2921
 Wireshark: version 1.12.5
 Ettercap: version 0.8.0
 tcpdump: version 4.3.0
 Certification Authority: OpenSSL 1.0.1
 strongSwan VPN server
 Debugging tools, proprietary to the vendor
*Only the test tools utilized for functional testing have been listed.
8.2 Developer Testing
No evidence of developer testing is required in the Assurance Activities for this product.
8.3 Evaluation Team Independent Testing
The test team's test approach was to test the security mechanisms of the Samsung Z VPN
on Tizen by exercising the external interfaces to the TOE and viewing the TOE behavior
on the platform. The ST and the independent test plan were used to demonstrate test
coverage of all SFR testing assurance activities as defined by the IPsec VPN Client PP
for all security relevant TOE external interfaces. TOE external interfaces that will be
determined to be security relevant are interfaces that
 change the security state of the product,
 permit an object access or information flow that is regulated by the security
policy,
 are restricted to subjects with privilege or behave differently when executed by
subjects with privilege, or
 invoke or configure a security mechanism.
Security functional requirements were determined to be appropriate to a particular
interface if the behavior of the TOE that supported the requirement could be invoked or
observed through that interface. The evaluation team tested each interface for all relevant
behavior of the TOE that applied to that interface.
VALIDATION REPORT
Samsung Z VPN on Tizen v2.3
14
8.4 Evaluation Team Vulnerability Testing
The evaluation team created a set of vulnerability tests to attempt to subvert the security
of the TOE. These tests were created based upon the evaluation team's review of the
vulnerability analysis evidence and independent research. The evaluation team conducted
searches for public vulnerabilities related to the TOE. A few notable resources consulted
include securityfocus.com, the cve.mitre.org, and the nvd.nist.gov.
Upon the completion of the vulnerability analysis research, the team had identified
several generic vulnerabilities upon which to build a test suite. These tests were created
specifically with the intent of exploiting these vulnerabilities within the TOE or its
configuration.
The team tested the following areas:
 Eavesdropping on Communications
In this test, the evaluators manually inspected network traffic to and from the
TOE in order to ensure that no useful or confidential information could be
obtained by a malicious user on the network.
 Port Scanning
Remote access to the TOE should be limited to the standard TOE interfaces and
procedures. This test attempted to find ways to bypass these standard interfaces of
the TOE and open any other vectors of attack.
Note that the underlying OS platform of the mobile device was evaluated concurrently in
order to ensure that threats to the VPN client that originate from the mobile device itself
are appropriately mitigated.
VALIDATION REPORT
Samsung Z VPN on Tizen v2.3
15
9 Results of the Evaluation
The results of the assurance requirements are generally described in this section and are
presented in detail in the proprietary ETR. The reader of this document can assume that
all Assurance Activities and work units received a passing verdict.
A verdict for an assurance component is determined by the resulting verdicts assigned to
the corresponding evaluator action elements. The evaluation was conducted based upon
CC version 3.1 rev 4 and CEM version 3.1 rev 4. The evaluation determined the Samsung
Z VPN on Tizen TOE to be Part 2 extended, and meets the SARs contained in the PP.
Additionally the evaluator performed the Assurance Activities specified in the IPsec VPN
Client PP.
The following evaluation results are extracted from the non-proprietary Evaluation
Technical Report provided by the CCTL, and are augmented with the validator’s
observations thereof.
9.1 Evaluation of the Security Target (ASE)
The evaluation team applied each ASE CEM work unit. The ST evaluation ensured the
ST contains a description of the environment in terms of policies and assumptions, a
statement of security requirements claimed to be met by the Samsung Z VPN on Tizen
product that are consistent with the Common Criteria, and product security function
descriptions that support the requirements. Additionally the evaluator performed an
assessment of the Assurance Activities specified in the Protection Profile IPsec Virtual
Private Network (VPN) Client, version 1.4 (IPsec VPN Client PP).
The validator reviewed the work of the evaluation team, and found that sufficient
evidence and justification was provided by the evaluation team to confirm that the
evaluation was conducted in accordance with the requirements of the CEM, and that the
conclusion reached by the evaluation team was justified.
9.2 Evaluation of the Development (ADV)
The evaluation team applied each ADV CEM work unit. The evaluation team assessed
the design documentation and found it adequate to aid in understanding how the TSF
provides the security functions. The design documentation consists of a functional
specification contained in the Security Target’s TOE Summary Specification.
Additionally the evaluator performed the Assurance Activities specified in the IPsec VPN
Client PP related to the examination of the information contained in the TOE Summary
Specification.
The validator reviewed the work of the evaluation team, and found that sufficient
evidence and justification was provided by the evaluation team to confirm that the
evaluation was conducted in accordance with the Assurance Activities, and that the
conclusion reached by the evaluation team was justified.
VALIDATION REPORT
Samsung Z VPN on Tizen v2.3
16
9.3 Evaluation of the Guidance Documents (AGD)
The evaluation team applied each AGD CEM work unit. The evaluation team ensured the
adequacy of the user guidance in describing how to use the operational TOE.
Additionally, the evaluation team ensured the adequacy of the administrator guidance in
describing how to securely administer the TOE. The guides were assessed during the
design and testing phases of the evaluation to ensure they were complete. Additionally
the evaluator performed the Assurance Activities specified in the IPsec VPN Client PP
related to the examination of the information contained in the operational guidance
documents.
The validator reviewed the work of the evaluation team, and found that sufficient
evidence and justification was provided by the evaluation team to confirm that the
evaluation was conducted in accordance with the Assurance Activities, and that the
conclusion reached by the evaluation team was justified.
9.4 Evaluation of the Life Cycle Support Activities (ALC)
The evaluation team applied each ALC CEM work unit. The evaluation team found that
the TOE was identified.
The validator reviewed the work of the evaluation team, and found that sufficient
evidence and justification was provided by the evaluation team to confirm that the
evaluation was conducted in accordance with the requirements of the CEM, and that the
conclusion reached by the evaluation team was justified.
9.5 Evaluation of the Test Documentation and the Test Activity (ATE)
The evaluation team applied each ATE CEM work unit. The evaluation team ran the set
of tests specified by the Assurance Activities in the IPsec VPN Client PP and recorded
the results in a Test Report, summarized in the Evaluation Technical Report.
The validator reviewed the work of the evaluation team, and found that sufficient
evidence was provided by the evaluation team to show that the evaluation activities
addressed the test activities in the IPsec VPN Client PP, and that the conclusion reached
by the evaluation team was justified.
9.6 Vulnerability Assessment Activity (VAN)
The evaluation team applied each AVA CEM work unit. The evaluation team performed
a public search for vulnerabilities, performed vulnerability testing and did not discover
any issues with the TOE.
The validator reviewed the work of the evaluation team, and found that sufficient
evidence and justification was provided by the evaluation team to confirm that the
evaluation addressed the vulnerability analysis Assurance Activities in the IPsec VPN
Client PP, and that the conclusion reached by the evaluation team was justified.
VALIDATION REPORT
Samsung Z VPN on Tizen v2.3
17
9.7 Summary of Evaluation Results
The evaluation team’s assessment of the evaluation evidence demonstrates that the claims
in the ST are met. Additionally, the evaluation team’s test activities also demonstrated the
accuracy of the claims in the ST.
The validation team’s assessment of the evidence provided by the evaluation team is that
it demonstrates that the evaluation team performed the Assurance Activities in the IPsec
VPN Client PP, and correctly verified that the product meets the claims in the ST.
VALIDATION REPORT
Samsung Z VPN on Tizen v2.3
18
10 Validator Comments
The validation team notes that the evaluated configuration is dependent upon the
Samsung Z VPN on Tizen TOE being configured for FIPS operation.
Please note that the functionality evaluated is scoped exclusively to the security
functional requirements specified in the Security Target. Other functionality included in
the product was not assessed as part of this evaluation. All other functionality provided
by the devices needs to be assessed separately and no further conclusions can be drawn
about their effectiveness.
VALIDATION REPORT
Samsung Z VPN on Tizen v2.3
19
11 Annexes
Not applicable
VALIDATION REPORT
Samsung Z VPN on Tizen v2.3
20
12 Security Target
The security target for this product’s evaluation is Samsung Z VPN on Tizen v2.3 with
Qualcomm Processors Security Target Version 1.0 August 21, 2015.
VALIDATION REPORT
Samsung Z VPN on Tizen v2.3
21
13 List of Acronyms
Acronym Definition
AES Advanced Encryption Standard
AF Authorization factor
AS Authorization subsystem
CA Certificate Authority
CLI Command Line Interface
CMS Central Management System
COTS Commercial Off-The-Shelf
CMVP Cryptographic Module Validation Program
DH Diffie-Hellman
DN Distinguished Name
DoD Department of Defense
DRBG Deterministic Random Bit Generator
EAL Evaluation Assurance Level
ECDSA Elliptic Curve Digital Signature Algorithm
ES Encryption Subsystem
FIPS Federal Information Processing Standards
GUI Graphical User Interface
ID Identification
IKE Internet Key Exchange
ISSE Information System Security Engineers
IT Information Technology
MDM Mobile Device Manager
OSP Organization Security Policy
PP Protection Profile
PSK Pre-shared Key
RGB Random Bit Generator
SA Security Association
SAR Security Assurance Requirements
SCP Secure Copy
SFR Security Functional Requirement
SPD Security Policy Database
SSH Secure Shell
SSL Secure Sockets Layer
ST Security Target
TLS Transport Layer Security
TSF TOE Security Functionality
TSFI TSF Interface
TSS TOE Summary Specification
TOE Target of Evaluation
VALIDATION REPORT
Samsung Z VPN on Tizen v2.3
22
14 Terminology
Terminology Definition
Administrator
A user that has administrative privilege to configure the TOE in privileged
mode.
Authentication Server
(AS)
An entity designed to facilitate the authentication of an entity (user or client)
that attempts to access a protected network.
Critical Security
Parameter (CSP)
Security related information, e.g. secret and private cryptographic keys, and
authentication data such as passwords and PINs, whose disclosure or
modification can compromise the security of a cryptographic module.
Entropy Source
This cryptographic function provides a seed for a random number generator
by accumulating the outputs from one or more noise sources. The
functionality includes a measure of the minimum work required to guess a
given output and tests to ensure that the noise sources are operating
properly.
FIPS-approved
cryptographic function
A security function (e.g., cryptographic algorithm, cryptographic key
management technique, or authentication technique) that is either: 1)
specified in a Federal Information Processing Standard (FIPS), or 2)
adopted in a FIPS and specified either in an appendix to the FIPS or in a
document referenced by the FIPS.
Private Network A network that is protected from access by unauthorized users or entities.
Privileged Mode
A TOE operational mode that allows a user to perform functions that require
IT Environment administrator privileges.
Public Network
A network that is visible to all users and entities and does not protect
against unauthorized access (e.g. internet).
Security Administrator Synonymous with Authorized Administrator.
Security Assurance
Requirement (SAR)
Description of how assurance is to be gained that the TOE meets the SFR.
Security Functional
Requirement (SFR)
Translation of the security objectives for the TOE into a standardized
language.
Security Target (ST)
Implementation-dependent statement of security needs for a specific
identified TOE.
Target of Evaluation
(TOE)
Set of software, firmware and/or hardware possibly accompanied by
guidance. For this PP the TOE is the VPN Client.
Threat Agent
An entity that tries to harm an information system through destruction,
disclosure, modification of data, and/or denial of service.
TOE Security
Functionality (TSF)
Combined functionality of all hardware, software, and firmware of a TOE
that must be relied upon for the correct enforcement of the SFRs.
TOE Summary
Specification (TSS)
A description of how the TOE satisfies all of the SFRs.
Trusted Channel An encrypted connection between the TOE and a trusted remote server.
Unauthorized User
An entity (device or user) who has not been authorized by an authorized
administrator to access the TOE or private network.
Unprivileged Mode
A TOE operational mode that only provides VPN Client functions for the
VPN Client user.
VPN Client
The TOE allows remote users to use client computers to establish an
encrypted IPsec tunnel across an unprotected public network to a private
network
VPN Client User A user operating the TOE in unprivileged mode.
VPN Gateway
A component that performs encryption and decryption of IP packets as they
cross the boundary between a private network and a public network
Table 4: CC Specific Terminology
VALIDATION REPORT
Samsung Z VPN on Tizen v2.3
23
15 Bibliography
1. Common Criteria for Information Technology Security Evaluation – Part 1:
Introduction and general model, Version 3.1 Revision 4.
2. Common Criteria for Information Technology Security Evaluation – Part 2:
Security functional requirements, Version 3.1 Revision 4.
3. Common Criteria for Information Technology Security Evaluation – Part 3:
Security assurance requirements, Version 3.1 Revision 4.
4. Common Evaluation Methodology for Information Technology Security
Evaluation, Version 3.1 Revision 4.
5. Samsung Z VPN on Tizen v2.3 with Qualcomm Processors Security Target
Version 1.0 August 21, 2015.
6. Evaluation Technical Report for a Target of Evaluation "Samsung VPN on Tizen
v2.3 with Qualcomm Processors" Evaluation Technical Report V1.0 dated August
21, 2015.
7. Samsung VPN Client on Samsung Tizen Devices VPN User Guidance
Documentation Version 2.0T August 13, 2015.
8. Assurance Activity Report, Samsung Z VPN on Tizen v2.3 with Qualcomm
Processors V1.0 dated August 21, 2015.