prEN 419111-3
(Main)Protection profiles for signature creation and verification application - Signature creation application - Part 3: Possible extensions
Protection profiles for signature creation and verification application - Signature creation application - Part 3: Possible extensions
This document contains a set of packages. These packages describe security functions that may be added to the core SCA PP prEN 419111-2:2013. The following packages are available:
- Checker package
- Certificate management package
- Secure channel with SSCD package
Schutzprofile für eine Anwendung zum Erzeugen und Prüfen von Signaturen - Signatur Kreation Anwendung - Teil 3: Mögliche Extentionen
Profils de protection pour la création et la vérification de signatures électroniques - Application de création de signature - Partie 3: Extensions possibles
Le présent document contient un groupe d'ensembles. Ces ensembles décrivent les fonctions de sécurité qui peuvent être ajoutées au profil de protection (ou PP pour Protection Profile) de base de l'application de création de signature (ou SCA pour Signature Creation Application) prEN 419111-2:2013 [2]. Les ensembles suivants sont disponibles :
- Ensemble contrôleur
- Ensemble gestion de certificat
- Ensemble canal sécurisé avec dispositif sécurisé de création de signature (ou SSCD pour Secure Signature Creation Device)
Zaščitni profili za uporabo pri oblikovanju in preverjanju podpisov - 3. del: Mogoče razširitve
General Information
Standards Content (Sample)
SLOVENSKI STANDARD
01-april-2013
=DãþLWQLSURILOL]DXSRUDERSULREOLNRYDQMXLQSUHYHUMDQMXSRGSLVRYGHO0RJRþH
UD]ãLULWYH
Protection profiles for signature creation and verification application - Signature creation
application - Part 3: Possible extensions
Schutzprofile für eine Anwendung zum Erzeugen und Prüfen von Signaturen - Signatur
Kreation Anwendung - Teil 3: Mögliche Extentionen
Profils de protection pour la création et la vérification de signatures électroniques -
Application de création de signature - Partie 3: Extensions possibles
Ta slovenski standard je istoveten z: prEN 419111-3
ICS:
35.240.15 Identifikacijske kartice in Identification cards and
sorodne naprave related devices
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
EUROPEAN STANDARD
DRAFT
NORME EUROPÉENNE
EUROPÄISCHE NORM
February 2013
ICS 35.240.15 Will supersede CWA 14170:2004
English Version
Protection profiles for signature creation and verification
application - Signature creation application - Part 3: Possible
extensions
Profils de protection pour la création et la vérification de Schutzprofile für eine Anwendung zum Erzeugen und
signatures électroniques - Application de création de Prüfen von Signaturen - Signatur Kreation Anwendung -
signature - Partie 3: Extensions possibles Teil 3: Mögliche Extentionen
This draft European Standard is submitted to CEN members for enquiry. It has been drawn up by the Technical Committee CEN/TC 224.
If this draft becomes a European Standard, CEN members are bound to comply with the CEN/CENELEC Internal Regulations which
stipulate the conditions for giving this European Standard the status of a national standard without any alteration.
This draft European Standard was established by CEN in three official versions (English, French, German). A version in any other language
made by translation under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management
Centre has the same status as the official versions.
CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania,
Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United
Kingdom.
Recipients of this draft are invited to submit, with their comments, notification of any relevant patent rights of which they are aware and to
provide supporting documentation.
Warning : This document is not a European Standard. It is distributed for review and comments. It is subject to change without notice and
shall not be referred to as a European Standard.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION
EUROPÄISCHES KOMITEE FÜR NORMUNG
Management Centre: Avenue Marnix 17, B-1000 Brussels
© 2013 CEN All rights of exploitation in any form and by any means reserved Ref. No. prEN 419111-3:2013: E
worldwide for CEN national Members.
Contents Page
Foreword .4
1 Scope .5
2 Normative references .5
3 Terms and definitions .5
4 Symbols and abbreviations .5
5 Extended component definition .5
5.1 Definition of the Family FDP_SVR .5
6 Checker package .7
6.1 Conformance .7
6.1.1 CC Conformance Claim .7
6.1.2 EAL Claim .7
6.2 Security problem definition .7
6.2.1 Assets .7
6.2.2 Threats .7
6.2.3 Organisational security policies .7
6.2.4 Assumptions .7
6.3 Security objectives .8
6.3.1 Security objectives for the TOE .8
6.3.2 Security objectives for the operational environment.8
6.3.3 Rationale for Security objectives .8
6.4 Security requirements .8
6.4.1 Introduction .8
6.4.2 Security functional requirements.8
6.4.3 Security Functional Requirement rationale . 10
6.4.4 Rationale for SFR Dependencies . 13
7 Secure channel with SSCD package. 14
7.1 Conformance . 14
7.1.1 CC Conformance Claim . 14
7.1.2 EAL Claim . 14
7.2 Security problem definition . 14
7.2.1 Assets . 14
7.2.2 Threats . 15
7.2.3 Organisational security policies . 15
7.2.4 Assumptions . 15
7.3 Security objectives . 15
7.3.1 Security objectives for the TOE . 15
7.3.2 Security objectives for the operational environment. 15
7.3.3 Rationale for Security objectives . 15
7.4 Security requirements . 15
7.4.1 Introduction . 15
7.4.2 Security functional requirements. 15
7.4.3 Security Functional Requirement rationale . 16
7.4.4 Rationale for SFR Dependencies . 20
Bibliography . 22
Index . 24
Figures
Figure 1 — FDP_SVR component levelling . 6
Tables
Table 1 — Checker SFP – Objects and Operations. 8
Table 2 — Checker SFP – subjects, objects and attributes . 9
Table 3 — Checker operation rules . 9
Table 4 — SFR vs Objectives on the TOE . 10
Table 5 — SFR dependencies . 13
Table 6 — SFR vs Objectives on the TOE . 16
Table 7 — SFR dependencies . 20
Foreword
This document (prEN 419111-3:2013) has been prepared by Technical Committee CEN/TC 224 “Personal
identification, electronic signature and cards and their related systems and operations”, the secretariat of
which is held by AFNOR.
This document is currently submitted to the CEN Enquiry.
This document, together with prEN 419111-1:2013 and prEN 419111-1:2013, will supersede
CWA 14170:2004.
EN 419111 consists of the following parts under the general title "Protection profiles for signature creation and
verification application":
Part 1: Introduction.
This part is an introduction to EN 419111;
Part 2: Signature creation application – Core PP.
This part is a PP for the SCA, specifying only the core security functions;
Part 3: Signature creation application – Possible extensions.
This part specifies possible additional security functions that can be added to the core SCA PP;
Part 4: Signature verification application – Core PP.
This part is a PP for the SVA, specifying only the core security functions;
Part 5: Signature verification application – Possible extensions.
This part specifies possible additional security functions that can be added to the core SVA PP.
1 Scope
This document contains a set of packages. These packages describe security functions that may be added to
the core SCA PP prEN 419111-2:2013 [2]. The following packages are available:
Checker package
Certificate management package
Secure channel with SSCD package
2 Normative references
The following documents, in whole or in part, are normatively referenced in this document and are
indispensable for its application. For dated references, only the edition cited applies. For undated references,
the latest edition of the referenced document (including any amendments) applies.
prEN 419111-1:2013, Protection profiles for signature creation and verification application – Part 1:
Introduction
[NR1] Common Criteria for Information Technology Security Evaluation – Part 1: Introduction and general
model – July 2009 – Version 3.1 Rev. 3 CCMB-2009-07-001
[NR2] Common Criteria for Information Technology Security Evaluation – Part 2: Security functional
components – July 2009 – Version 3.1 Rev. 3 CCMB-2009-07-002
[NR3] Common Criteria for Information Technology Security Evaluation – Part 3: Security assurance
components – July 2009 – Version 3.1 Rev. 3 CCMB-2009-07-003
[NR4] Common Criteria for Information Technology Security Evaluation – Evaluation methodology – July
2009 – Version 3.1 Rev. 3 CCMB-2009-07-004
3 Terms and definitions
For the purposes of this document, the terms and definitions given in prEN 419111-1:2013 apply.
4 Symbols and abbreviations
For the purposes of this document, the symbols and abbreviations given in prEN 419111-1:2013 apply.
5 Extended component definition
5.1 Definition of the Family FDP_SVR
In order to define the IT-security requirements of the TOE completely, an additional functional family
(FDP_SVR) of class FDP (user data protection) is defined. This family describes the f
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.