Release Notes
KNOX™ Premium SDK Version 2.3 January 2015
Samsung KNOX™ Premium SDK Release Notes Copyright © 2015 Samsung Electronics Co. Ltd. ii
Copyright Notice
Copyright © 2015 Samsung Electronics Co. Ltd. All rights reserved. Samsung is a registered trademark of Samsung Electronics Co. Ltd.
Samsung KNOX is a trademark of Samsung Electronics, Co., Ltd. in the United States and other countries. Specifications and designs
are subject to change without notice. Non-metric weights and measurements are approximate. All data were deemed correct at time
of creation. Samsung is not liable for errors or omissions. Android and Google Play are trademarks of Google Inc. ARM and TrustZone
are registered trademarks of ARM Limited (or its subsidiaries) in the EU and/or elsewhere. iOS is a trademark of Apple Inc., registered
in the U.S. and other countries. Microsoft Azure and Microsoft Active Directory are either registered trademarks or trademarks of
Microsoft Corporation in the United States and/or other countries. All brand, product, service names and logos are trademarks and/or
registered trademarks of their respective owners and are hereby recognized and acknowledged.
Samsung KNOX Premium SDK Information
Version: 2.3
Supported Target Platform
Android 5.0 (Lollipop)
Document History
Date SDK
Version
Doc
Version Description of changes
12/27/12 1.0 1.0 Base document version.
7/10/13 1.0.1 1.0.1.0 Added new KNOX 1.0.1 polices. Removed KNOX Takeover APIs
10/21/13 1.1.0 1.1.0 Added new KNOX 1.1.0 and 1.0.2
3/4/14 2.0 2.0.0 Added new KNOX 2.0 (includes KNOX 1.2 APIs) Separated Smart Card (SC)
SDK
7/8/14 2.1 2.1.0 Added new KNOX 2.1 polices
Update on released KNOX 2.0 polices
9/25/14 2.2 2.2.0 Updated all existing policies & features till KNOX 2.1. Added new KNOX 2.2
polices.
1/14/15 2.3 2.3.0 Updated all existing policies & features till KNOX 2.2. Added new KNOX 2.3
polices.
Contact Information
Samsung Electronics Co., Ltd
416, Maetan-3dong,
Yeongtong-gu Suwon-City
Gyeonggi-do, 443-742
Samsung Enterprise Mobility Solutions – Santa Clara
Samsung Research America, Ltd
3920 Freedom Circle; Suite 101
Santa Clara, CA 95054
United States of America
Samsung KNOX™ Premium SDK Release Notes Copyright © 2015 Samsung Electronics Co. Ltd. iii
Contents 1 Introduction ................................................................................................................... iv
Audience ............................................................................................................................................................................................ iv Additional documentation .......................................................................................................................................................... iv
2 Installation and configuration ...................................................................................... 5
3 Supported features......................................................................................................... 6
4 New features and enhancements ............................................................................... 10
Constants ......................................................................................................................................................................................... 10 Deprecated policies ..................................................................................................................................................................... 10
5 Issues fixed ................................................................................................................. 11
Helper APIs deprecated & not supported .......................................................................................................................... 11 APIs removed in KNOX 2.0 ....................................................................................................................................................... 12 Constants deprecated and not supported in KNOX 2.0 ............................................................................................... 12 APIs description, sample code enhancement .................................................................................................................... 12
6 Known issues ................................................................................................................. 13
Samsung KNOX™ Premium SDK Release Notes Copyright © 2015 Samsung Electronics Co. Ltd. iv
1 Introduction This release contains the policies released as part of the Enterprise Device Management KNOX
Project.
The Enterprise Device Management project is part of a broader on-going effort to make Samsung
Android Smart phones & Tablets enterprise friendly.
These policies are intended to be used by any Device Management client to enforce organization
specific policies on employee devices. MDM clients developed by Samsung Partners are intended
to make use of these policies to satisfy their and their customer’s requirements.
Audience
Enterprise Development Teams at:
o Samsung HQ (Suwon, South Korea)
o MCL B2B (Santa Clara, USA)
o SIDI (Campinas, Brazil)
o Samsung Partners
Additional documentation
The following documentation is also available for additional information regarding the Samsung
KNOX Standard and KNOX Premium SDKs:
Samsung KNOX™ Premium SDK Developer Guide—Describes the Samsung KNOX
Premium and Standard SDK APIs and explains how to use them to develop Android™ app
containers and other mobile enterprise features that can be implemented in Enterprise-
managed Samsung KNOX-enabled mobile devices. This guide includes Java device and
container use case examples.
You should consult this guide if you want to implement an agent APK that calls KNOX
SDK APIs and communicates with the partner’s management server. The partner agent
APK must be installed on the device by the user or IT admin, typically through Google
Play or side loading. The advantage of this approach is that this is the traditional model
that supports pre-KNOX 2.0 versions of the SDK.
Samsung KNOX™ Quality Criteria for MDM Solutions—Describes the quality criteria for
Samsung KNOX that each MDM partner should implement with their mobile device
management solution.
Samsung KNOX™ Premium SDK Release Notes Copyright © 2015 Samsung Electronics Co. Ltd. 5
2 Installation and configuration The KNOX Premium SDK policies are currently developed on Android KitKat.
The required MDM client should be installed on this device and the new policies can be exercised.
Samsung KNOX™ Premium SDK Release Notes Copyright © 2015 Samsung Electronics Co. Ltd. 6
3 Supported features
Policies
The following are the list of policies which have been developed till KNOX 2.2
Policy Group Policy KNOX
Version
Audit Log
Enable/Disable Audit Log Service KNOX 1.0
Manage/Monitor Audit Log Feature Parameters KNOX 1.0
Dump Audit Log Information KNOX 1.0
Additional Audit Log Features KNOX 1.0
Container Application Policy
group
Container Package management KNOX 1.0
Start/Stop an Application KNOX 1.0
Enable/Disable Application KNOX 1.0
Write data in application home directory. KNOX 1.0
Add/Get/Check/Remove the packages in the intall white list. KNOX 1.0
Home shortcut KNOX 1.0
Prevent user from clear data certain application KNOX 1.0
Prevent user from clear cache certain application KNOX 1.0
Container Firewall Policy
group
Application inside container based Firewall KNOX 1.0
Get active IPTABLES rules KNOX 1.0
Web Filtering / Reporting KNOX 1.0
Redirect Exceptions KNOX 1.0
Kernel routing table information KNOX 1.0
Container Restriction Policy
Group
Allow/Disallow Camera KNOX 1.0
Allow/Disallow Share List KNOX 1.0
Allow/Disallow Use Secure Keyboard KNOX 1.0
Certificate Management
Manage trusted CA restriction list KNOX 1.0
Notify MDM admin of certificate failure events KNOX 1.0
Notify user of certificate failure events KNOX 1.0
Display to the user the identity of the entity that signed an
application upon user request
KNOX 1.0
Manage untrusted certificate restriction list KNOX 1.0
Certificates Revocation Status Check KNOX 1.0
Certificate Validation at install time KNOX 1.0
Container VPN Policy group Add/Remove Per App VPN in Container KNOX 1.0
List packages with VPN profile KNOX 1.0
Add/Remove VPN profile in Container KNOX 1.0
Enterprise Container Container Creation policy KNOX 1.0
Container removal policy KNOX 1.0
Samsung KNOX™ Premium SDK Release Notes Copyright © 2015 Samsung Electronics Co. Ltd. 7
Management Policy group Container Information Policy KNOX 1.0
Container Activation/Deactivation policy KNOX 1.0
Container Activation/Deactivation policy KNOX 1.0
Container Password Policy
Group
Password Age IT policy rule KNOX 1.0
Maximum Password History IT policy rule KNOX 1.0
Minimum number of complex characters KNOX 1.0
Password Policy Delay KNOX 1.0
Password Change enforcement KNOX 1.0
Maximum password attempts for Container disable KNOX 1.0
Password Maximum Repeated Characters KNOX 1.0
Password Maximum Repeated Numerics KNOX 1.0
Password Forbidden Personal Data KNOX 1.0
Maximum Sequence of Characters KNOX 1.0
Minimum change in Password Characters KNOX 1.0
Enable / Disable Make password visible option KNOX 1.0
Password sufficient. KNOX 1.0
Enterprise Single-Sign-On
(Added late binding
support)
Get SSO error code
KNOX 1.0.1
Get EnterpriseSSOPolicy object KNOX 1.0.1
Enterprise ISL Group
Perform Prebaseline scan KNOX 1.0
First time device approval using MDM KNOX 1.0
Perform Integrity scan KNOX 1.0
Clear integrity baseline KNOX 1.0
Add 3rd party package to baseline KNOX 1.0
Remove3rd party package from baseline KNOX 1.0
Update the current baseline KNOX 1.0
Register callback with integrity service KNOX 1.0
Request binding to integrity service agent KNOX 1.0
Check if integrity service agent is ready KNOX 1.0
start the runtime Integrity monitoring KNOX 1.0
stop the runtime Integrity monitoring KNOX 1.0
get the List of ISA KNOX 2.0
Attestation
Start attestation KNOX 1.0.1
Start attestation with nonce KNOX 1.0.1
Set the attestation server URL KNOX 1.0.1
Get device KNOX id KNOX 1.0.1
KNOX Enterprise License
Management
Activate KNOX Enterprise License KNOX 1.0.1
Enterprise Premium VPN
Policy Group
Connect/Disconnect Per app VPN KNOX 1.0
Set/Get certificates for authentication KNOX 1.0
Set/Get VPN Connections KNOX 1.0
Set/Get VPN mode KNOX 1.0
Enable/Disable Route and setting. KNOX 1.0
Remove VPN Connection KNOX 1.0
SEAndroid Policy
Enforcement
Update SEAndroid Policy KNOX 1.0
Update Mapping of File Paths to Security Labels KNOX 1.0
Update Mapping of Android Properties to Security Labels KNOX 1.0
Samsung KNOX™ Premium SDK Release Notes Copyright © 2015 Samsung Electronics Co. Ltd. 8
Update Mapping of Java Applications to Security Contexts KNOX 1.0
Revoke SEAndroid policies KNOX 1.0
Get the SEAndroid Agent owner KNOX 1.0
Get the status of the SELinux property KNOX 1.0
Get AMS Enforce State KNOX 1.0
Get AMS Log Level KNOX 1.0
Set SELinux Enforcing KNOX 1.0
SmartCard Policy group Enable/Disable SmartCard credentials for Email KNOX 1.0
Enable/Disable SmartCard Authentication for Browser KNOX 1.0
Enterprise Single-Sign-On
Set/get customer ID KNOX 1.0
Set Application whitelist KNOX 1.0
Delete Application whitelist KNOX 1.0
Delete Application whitelist state KNOX 1.0
Set Customer Information KNOX 1.0
Force user to re-authenticate KNOX 1.0
Unenroll user from SSO service KNOX 1.0
Enterprise KNOX Manager Get KNOX Version KNOX 1.0
Get KNOXified State KNOX 1.0
Enterprise Container
Management Policy group
Container Activation/Deactivation Policy KNOX 1.0.2
Container Activation/Deactivation Policy KNOX 1.0.2
Generic VPN Policy Group
Connect/Disconnect Per app VPN
KNOX 1.1.0
Set/Get Certificates for authentication KNOX 1.1.0
Set/Get VPN Connections KNOX 1.1.0
Set/Get VPN mode KNOX 1.1.0
Enhanced VPN Functionality KNOX 1.1.0
Remove VPN Connection KNOX 1.1.0
Get state/Error-status of the profile KNOX 1.1.0
SEAndroid Policy
Enforcement
Get SELinux Mode KNOX 1.0.2
Get the SEInfo from PackageName KNOX 1.0.2
Get the SEInfo from Certificate KNOX 1.0.2
Get Domain from PackageName KNOX 1.0.2
Get Domain from SEInfo, PackageName KNOX 1.0.2
Get DataType from PackageName KNOX 1.0.2
Get DataType from SEInfo, PackageName KNOX 1.0.2
Update MAC Permission KNOX 1.0.2
KNOX Enterprise License
Manager
De-Activate license KNOX 1.2
Container Remote content
provider policy group
Data sync management policy KNOX 2.0
Container Remote content
provider policy group
File moving policy KNOX 2.0
Container Remote content
provider policy group
Application moving policy KNOX 2.0
Certificate Management Prevent removal of certificates / resetingkeystore KNOX 2.0
Certificate Management Permit an application to read private keys KNOX 2.0
KNOX Container
Management Policy group
Container Creation policy KNOX 2.0
KNOX Container
Management Policy group
Container removal policy KNOX 2.0
KNOX Container
Management Policy group
Container Information Policy KNOX 2.0
KNOX Container
Management Policy group
Container configuration policy KNOX 2.0
Samsung KNOX™ Premium SDK Release Notes Copyright © 2015 Samsung Electronics Co. Ltd. 9
KNOX Container
Management Policy group
Container Activation/Deactivation policy. KNOX 2.0
KNOX Container
Management Policy group
Self Uninstall Policy KNOX 2.0
KNOX Enterprise License
Manager
Activate license(non-admin) KNOX 2.0
KNOX Enterprise License
Manager
De-Activate license (non-admin) KNOX 2.0
SmartCard Policy group Enforce certificate alias name used for SmartCard credentials
for S/MIME Email
KNOX 2.0
SmartCard Policy group Bluetooth Secure Access to Card reader KNOX 2.0
SmartCard Policy group Select certificate alias name for SmartCard Authentication
with Browser
KNOX 2.0
KNOX VPN Management
Group
Connect/Disconnect Per app Vpn. KNOX 2.0
Enterprise KNOX Client
Certificate Manager Policy
Group
Manage Client Certificates KNOX 2.0
Enterprise KNOX TIMA
Keystore Policy Group
Manage TIMA Keystore KNOX 2.0
SEAMS Manage SEAMs APIs KNOX 2.0
Advanced Restriction Policy Manage Firmware Auto update KNOX 2.0
Advanced Restriction Policy Manage CC Mode KNOX 2.0
Advanced Restriction Policy Exclusive admin support KNOX 2.0
Advanced Restriction Policy ODE Trusted Boot verification KNOX 2.0
Container Smartcard Access
policy
Enable smartcard access policies inside container KNOX 2.0
Container Configuration
policy
Add/Get/Check/Remove the packages in the install white
list.
KNOX 2.0
Container Configuration
policy
Allow/Disallow secure keypad usage IT policy rule KNOX 2.0
Container Configuration
policy
Container Activation/Deactivation policy KNOX 2.0
Container Configuration
policy
Resetting container password KNOX 2.0
Enterprise Single-Sign-On Push data to SSO service KNOX 2.0
Enterprise Single-Sign-On Request setup SSO service KNOX 2.0
Enterprise Single-Sign-On Check if EnterpriseSSOPolicy service is ready KNOX 2.0
Enterprise KNOX Client
Certificate Manager Policy
Group
Manage Client Certificates
KNOX 2.1
Enterprise KNOX Certificate
Enroll Policy Group
Certificate enrollment, renewal and deletion operations with
different protocols like SCEP, CMC, CMP
KNOX 2.1
SEAMs Manage SEAMs APIs KNOX 2.1
Advanced Restriction Policy API whether CC mode supported or not KNOX 2.1
Container Configuration
policy
Reset container on reboot KNOX 2.1
Container Configuraton
Management Policy Group
Password pattern restriction KNOX 2.1
Container Configuraton
Management Policy Group
Light Weight Container (LWC) configuration KNOX 2.1
Container Configuraton
Management Policy Group
Container Only Mode (COM) configuration KNOX 2.1
Certificate Policy Group Allow/Block installation of self signed applications KNOX 2.2
Enterprise Billing Policy
Group
APN based Enterprise split billing KNOX 2.2
Container Management
Policy Group
Remove Configuration Type KNOX 2.2
Container Management
Policy Group
Create Container(Creation Param) KNOX 2.2
Container Configuration
policy group.
Reset container password KNOX 2.2
Container Configuration
Policy Group
Manage Hibernation Timeout KNOX 2.2
Container Configuration
Policy Group
Manage Wi-Fi network SSID KNOX 2.2
Container Configuration
Policy Group
Enable external sdcard. KNOX 2.2
Container Configuration
Policy Group
Manage External Storage White and Black List KNOX 2.2
Container Configuration
Policy Group
Manage Remote Control KNOX 2.2
KNOX Configuration Type MultiFactor Authentication KNOX 2.2
Samsung KNOX™ Premium SDK Release Notes Copyright © 2015 Samsung Electronics Co. Ltd. 10
4 New features and enhancements
Policies
The following are the list of policies which have been developed in KNOX 2.3.
Policy Group Policy KNOX
Version
KNOX Container
Configuration Policy
group
Container Configuration:
KNOXConfigurationType.setBiometricAuthenticationEnabled(int
bioAuth, boolean enable)
KNOXConfigurationType.isBiometricAuthenticationEnabled(int bioAuth)
KNOX 2.3
KNOX Container
Management
Container Management:
ContainerConfigurationPolicy.setSettingsOptionEnabled(String option,
boolean enable)
ContainerConfigurationPolicy.isSettingsOptionEnabled(String option)
KNOX 2.3
Constants
The following are the list of constants which have been developed in KNOX 2.3
Class Constant
KNOX
Version
ContainerConfigurationPolicy OPTION_CALLER_INFO KNOX 2.3
Deprecated policies
The following are the list of policies which have been deprecated in KNOX 2.3
Policy Group Policy
KNOX
Version
Enterprise ISL Group EnterpriseISLPolicy class
IntegrityResultSubscriber class
EnterpriseKNOXManager.getEnterpriseISLPolicy()
KNOX 1.0
Samsung KNOX™ Premium SDK Release Notes Copyright © 2015 Samsung Electronics Co. Ltd. 11
5Issues fixed
Helper APIs deprecated & not supported
The following are the list of helper APIs which have been deprecated and not supported in
KNOX 2.0
Policy Group Policy
KNOX
Version
KNOX Container
Configuration
Policy group
Container configuration policy
KNOXConfigurationType.setAirCommandEnabled()
KNOXConfigurationType.setAllowAllShare()
KNOXConfigurationType.setAllowCustomColorIdentification()
KNOXConfigurationType.setAllowDLNADataTransfer()
KNOXConfigurationType.setAllowExportAndDeleteFiles()
KNOXConfigurationType.setAllowExportFiles()
KNOXConfigurationType.setAllowImportFiles()
KNOXConfigurationType.setAllowPrint()
KNOXConfigurationType.setAllowShortCutCreation()
KNOXConfigurationType.setAllowUniversalCallerId()
KNOXConfigurationType.setCameraModeChangeEnabled()
KNOXConfigurationType.setGearSupportEnabled()
KNOXConfigurationType.setModifyLockScreenTimeout()
KNOXConfigurationType.setPenWindowEnabled()
KNOXConfigurationType.getAirCommandEnabled()
KNOXConfigurationType.getAllowAllShare()
KNOXConfigurationType.getAllowCustomColorIdentification()
KNOXConfigurationType.getAllowDLNADataTransfer()
KNOXConfigurationType.getAllowExportAndDeleteFiles()
KNOXConfigurationType.getAllowExportFiles()
KNOXConfigurationType.getAllowImportFiles()
KNOXConfigurationType.getAllowPrint()
KNOXConfigurationType.getAllowShortCutCreation()
KNOXConfigurationType.getAllowUniversalCallerId()
KNOXConfigurationType.getCameraModeChangeEnabled()
KNOXConfigurationType.getGearSupportEnabled()
KNOXConfigurationType.getModifyLockScreenTimeout()
KNOXConfigurationType.getPenWindowEnabled()
KNOX 2.0
Samsung KNOX™ Premium SDK Release Notes Copyright © 2015 Samsung Electronics Co. Ltd. 12
APIs removed in KNOX 2.0
The following are the list of APIs which have been removed in KNOX 2.0
Policy Group Policy
KNOX
Version
Enterprise KNOX
Client Certificate
Manager Policy Group
Manage Client Certificates
ClientCertificateManager.generateCSR()
ClientCertificateManager.installObject()
ClientCertificateManager.registerForDefaultCertificate()
KNOX
2.0
SEAMs Manage SEAMs APIs
SEAMS.getMDMOwnPolicyStatus()
SEAMS.revokeSELinuxPolicy()
SEAMS.setAllPolicyConfig(FileInputStreamfis, booleanreloadPolicy)
SEAMS.setFileContexts(byte[] fileContexts, booleanreloadPolicy)
SEAMS.setMDMOwnPolicyStatus()
SEAMS.setMacPermission(byte[] macPerm, booleanreloadPolicy)
SEAMS.setPropertyContexts(byte[] propertyContexts,
booleanreloadPolicy)
SEAMS.setSEAppContexts(byte[] seAppContexts,
booleanreloadPolicy)
SEAMS.setSELinuxPolicy(byte[] sePolicy, booleanreloadPolicy)
KNOX
2.0
Constants deprecated and not supported in KNOX 2.0
The following are the list of constants which have been deprecated and not supported in KNOX
2.0
Class Constant KNOX
Version
RCPPolicy RCPPolicy.BOOKMARKS
RCPPolicy.CALL_LOG
RCPPolicy.CLIPBOARD
RCPPolicy.SHORTCUTS
RCPPolicy.SMS
KNOX
2.0
APIs description, sample code enhancement
Not applicable at time of release.
Samsung KNOX™ Premium SDK Release Notes Copyright © 2015 Samsung Electronics Co. Ltd. 13
6 Known issues Not applicable at time of release.
Top Related