EN 419211-2:2013

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.Schutzprofile für sichere Signaturerstellungseinheiten - Teil 2: Geräte mit SchlüsselerzeugungProfils de protection des dispositifs sécurisés de création de signature - Partie 2: Dispositif avec génération de cléProtection Profile for Secure signature creation device - Part 2: Device with key generation35.100.05UHãLWYHMultilayer applications35.040Nabori znakov in kodiranje informacijCharacter sets and information coding03.160Pravo. UpravaLaw. AdministrationICS:Ta slovenski standard je istoveten z:EN 419211-2:2013SIST EN 419211-2:2013en01-september-2013SIST EN 419211-2:2013SLOVENSKI
STANDARD
EUROPEAN STANDARD NORME EUROPÉENNE EUROPÄISCHE NORM
EN 419211-2
July 2013 ICS 03.160; 35.040; 35.240.15 Supersedes CWA 14169:2004English Version
Protection profiles for secure signature creation device - Part 2: Device with key generation
Profils de protection des dispositifs sécurisés de création de signature - Partie 2: Dispositif avec génération de clé
Schutzprofile für sichere Signaturerstellungseinheiten - Teil 2: Geräte mit Schlüsselerzeugung This European Standard was approved by CEN on 8 May 2013.
CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to any CEN member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management Centre has the same status as the official versions.
CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION EUROPÄISCHES KOMITEE FÜR NORMUNG
Management Centre:
Avenue Marnix 17,
B-1000 Brussels © 2013 CEN All rights of exploitation in any form and by any means reserved worldwide for CEN national Members. Ref. No. EN 419211-2:2013: ESIST EN 419211-2:2013

According to the CEN-CENELEC Internal Regulations, the national standards organisations of the following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom. SIST EN 419211-2:2013

Information technology — Security techniques — Evaluation criteria for IT security — Part 1: Introduction and general model ISO/IEC 15408-22), Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional components ISO/IEC 15408-32), Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance components 3 Conventions and terminology 3.1 Conventions The content and structure of this document follow the rules and conventions laid out in ISO/IEC 15408-1. Normative aspects of content in this European Standard are specified according to the Common Criteria rules and not specifically identified by “shall”. 3.2 Terms and definitions For the purposes of this document, the acronyms, terms and definitions given in prEN 419211-1 apply. 4 PP introduction 4.1 PP reference Title: Protection profiles for secure signature creation device — Part 2: Device with key generation Version: 2.0.1. Author: CEN (TC224/WG17) Publication date:
2013 Registration: BSI-CC-PP-0059-2009-MA-01 CC version: 3.1 Revision 3
1) To be published. This document was submitted to the Enquiry procedure under reference prEN 14169-1. 2) ISO/IEC 15408-1, -2 and -3 respectively correspond to Common Criteria for Information Technology Security Evaluation, Parts 1, 2 and 3.
final draft Keywords: secure signature creation device, electronic signature, digital signature 4.2 PP overview This Protection Profile is established by CEN as a European standard for products to create electronic signatures. It fulfils requirements of Directive 1999/93/EC3) of the European Parliament and of the Council of 13 December 1999 on a community framework for electronic signatures. In accordance with Article 9 of this European Directive, this standard can be indicated by the European Commission in the Official Journal of the European Union as a generally recognised standard for electronic signature products. This protection profile defines security functional requirements and security assurance requirements that comply with those defined in Annex III of the directive for a secure signature creation device (SSCD). This secure signature creation device is the target of evaluation (TOE) for this protection profile. European Union Member States may presume that there is compliance with the requirements laid down in Annex III of the directive when an electronic signature product is evaluated to a Security Target (ST) that is compliant with this Protection Profile (PP). This Protection Profile describes core security requirements for a secure device that can generate a signing key4) (signature creation data, SCD) and operates to create electronic signatures with the generated key. A device evaluated according to this protection profile and used in the specified environments can be trusted to create any type of digital signature. As such, this PP can be used for any device that has been configured to create a digital signature. Specifically this PP allows the qualification of a product as a device for creating an advanced electronic signature as defined in the directive. After an SSCD has generated a signing key, the corresponding public key (signature verification data, SVD) has to be provided as input to a certificate generation application (CGA). Security requirements for export of the SVD are described in a protection profile that extends this PP (prEN 419211-4, Protection profiles for secure signature creation device — Part 4: Extension for device with key generation and trusted channel to certificate generation application)5) and not in this document. When operated in a secure environment for signature creation a signer may use an SSCD that fulfils only these core security requirements to create an advanced electronic signature.6) Security requirements for an SSCD used in environments where the communication between SSCD and the signature creation application (SCA) is assumed to be protected by the SSCD and the SCA are described in a separate protection profile that extend this PP (prEN 419211-5, Protection profiles for secure signature creation device — Part 5: Extension for device with key generation and trusted channel to signature creation application)7) and not in this document. These extended Protection Profiles claim conformance to this PP.
3) This European Directive is referred to in this PP as “the directive”. 4) An SSCD that can generate its own SCD/SVD was defined in the previous version of this PP (CWA 14169) as a Type 3 SSCD. The notion of types does not exist anymore in this series of ENs. In order to refer to the same functionality, a reference to EN 419211-2 (i.e. Part 2) should be used. 5) This document was submitted to the Enquiry procedure under reference prEN 14169-4. 6) An advanced electronic signature is defined as an electronic signature created by an SSCD using a public key with a public key certificate created as specified in the directive. 7) This document was submitted to the Enquiry procedure under reference prEN 14169-5. SIST EN 419211-2:2013
...