🔥🔥 Don’t Miss Out on Our End of Autumn Sale. If you have any questions, feel free to click the bottom right corner to contact our customer service..

Concat us[email protected]
Shopping Cart

No products in the cart.

🔍
BS EN 419221-5:2018

BS EN 419221-5:2018

$215.11

Protection Profiles for TSP Cryptographic Modules – Cryptographic Module for Trust Services

Published By Publication Date Number of Pages
BSI 2018 82
PDF Format Searchable Printable Preview Now
Guaranteed Safe Checkout
Categories: ,

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

This part of EN 419221 specifies a Protection Profile for cryptographic modules suitable for use by trust service providers supporting electronic signature and electronic sealing operations, certificate issuance and revocation, time stamp operations, and authentication services, as identified by the (EU) No 910/2014 regulation of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market (eIDAS) in [Regulation]. The Protection Profile also includes optional support for protected backup of keys. The document follows the rules and conventions laid out in Common Criteria part 1 [CC1], Annex B “Specification of Protection Profiles”.

PDF Catalog

PDF Pages PDF Title
2 undefined
9 1 Scope
2 Normative references
10 3 Terms and definitions
3.1 Terms and definitions
11 3.2 Abbreviations
4 Protection Profile
4.1 General
12 4.2 Protection Profile Reference
4.3 Protection Profile Overview
4.3.1 General
13 4.3.2 EU Qualified Electronic Signature / Seal Creation Device
4.4 TOE Overview
4.4.1 TOE type
4.4.1.1 General
16 4.4.1.2 Cryptographic Functions
17 4.4.1.3 Key Management
19 4.4.1.4 Cryptographic Algorithms
4.4.1.5 Backup
4.4.1.6 Audit
20 4.4.2 Usage and major security features of the TOE
4.4.2.1 General
4.4.2.2 Use Case 1: Local signing
21 4.4.2.3 Use Case 2: Support for Remote Server Signing
4.4.3 Available non-TOE hardware/software/firmware
5 Conformance Claim
5.1 CC Conformance Claim
5.2 PP Claim
5.3 Conformance Rationale
22 5.4 Conformance Statement
6 Security Problem Definition
6.1 Assets
6.2 Subjects
6.3 Threats
6.3.1 General
23 6.3.2 T.KeyDisclose — Unauthorised disclosure of secret/private key
6.3.3 T.KeyDerive — Derivation of secret/private key
6.3.4 T.KeyMod — Unauthorised modification of a key
6.3.5 T.KeyMisuse — Misuse of a key
6.3.6 T.KeyOveruse — Overuse of a key
6.3.7 T.DataDisclose — Disclosure of sensitive client application data
6.3.8 T.DataMod — Unauthorised modification of client application data
24 6.3.9 T.Malfunction — Malfunction of TOE hardware or software
6.4 Organisational Security Policies
6.4.1 P.Algorithms — Use of approved cryptographic algorithms
6.4.2 P.KeyControl — Support for control of keys
6.4.3 P.RNG — Random Number Generation
25 6.4.4 P.Audit — Audit trail generation
6.5 Assumptions
6.5.1 A.ExternalData — Protection of data outside TOE control
6.5.2 A.Env — Protected operating environment
6.5.3 A.DataContext — Appropriate use of TOE functions
26 6.5.4 A.UAuth — Authentication of application users
6.5.5 A.AuditSupport — Audit data review
6.5.6 A.AppSupport — Application security support
7 Security Objectives
7.1 General
7.2 Security Objectives for the TOE
7.2.1 General
7.2.2 OT.PlainKeyConf — Protection of confidentiality of plaintext secret keys
7.2.3 OT.Algorithms — Use of approved cryptographic algorithms
27 7.2.4 OT.KeyIntegrity — Protection of integrity of keys
7.2.5 OT.Auth — Authorization for use of TOE functions and data
7.2.6 OT.KeyUseConstraint — Constraints on use of keys
7.2.7 OT.KeyUseScope — Defined scope for use of a key after authorization
28 7.2.8 OT.DataConf — Protection of confidentiality of sensitive client application data
7.2.9 OT.DataMod — Protection of integrity of client application data
7.2.10 OT.ImportExport — Secure import and export of keys
7.2.11 OT.Backup — Secure backup of user data
29 7.2.12 OT.RNG — Random number quality
7.2.13 OT.TamperDetect — Tamper Detection
7.2.14 OT.FailureDetect — Detection of TOE hardware or software failures
7.2.15 OT.Audit — Generation of audit trail
7.3 Security Objectives for the Operational Environment
7.3.1 General
7.3.2 OE.ExternalData — Protection of data outside TOE control
30 7.3.3 OE.Env — Protected operating environment
7.3.4 OE.DataContext — Appropriate use of TOE functions
7.3.5 OE.Uauth — Authentication of application users
7.3.6 OE.AuditSupport — Audit data review
31 7.3.7 OE.AppSupport — Application security support
8 Extended Components Definitions
8.1 Generation of random numbers (FCS_RNG)
8.1.1 General
8.1.2 Family behaviour
8.1.3 Component levelling
32 8.2 Basic TSF Self Testing (FPT_TST_EXT.1)
8.2.1 General
8.2.2 Family behaviour
8.2.3 Component levelling
33 9 Security Requirements
9.1 General
9.2 Typographical Conventions
9.3 SFR Architecture
9.3.1 SFR Relationships
35 9.3.2 SFRs and the Key Lifecycle
37 9.4 Security Functional Requirements
9.4.1 General
9.4.2 Cryptographic Support (FCS)
40 9.4.3 Identification and authentication (FIA)
43 9.4.4 User data protection (FDP)
49 9.4.5 Trusted path/channels (FTP)
51 9.4.6 Protection of the TSF (FPT)
53 9.4.7 Security management (FMT)
60 9.4.8 Security audit data generation (FAU)
62 9.5 Security Assurance Requirements
9.5.1 General
63 9.5.2 Refinements of Security Assurance Requirements
67 10 Rationales
10.1 Security Objectives Rationale
10.1.1 Security Objectives Coverage
68 10.1.2 Security Objectives Sufficiency
10.1.2.1 General
10.1.2.2 Threats
69 10.1.2.3 Organisational Security Policies
70 10.1.2.4 Assumptions
10.2 Security Requirements Rationale
10.2.1 Security Requirements Coverage
72 10.2.2 SFR Dependencies
74 10.2.3 Rationale for SARs
75 10.2.4 AVA_VAN.5 Advanced methodical vulnerability analysis
76 Annex A (informative)Mapping to Regulation (EU) 910/2014

Related products

BS EN 419221-5:2018
$215.11