DIN EN 419211-1-2014 Protection profiles for secure signature creation device - Part 1 Overview German version EN 419211-1 2014《安全签名生成设备的保护配置 第1部分 概述 德文版本EN 419211-1-2014》.pdf

上传人:deputyduring120 文档编号:674676 上传时间:2018-12-27 格式:PDF 页数:23 大小:2.13MB
下载 相关 举报
DIN EN 419211-1-2014 Protection profiles for secure signature creation device - Part 1 Overview German version EN 419211-1 2014《安全签名生成设备的保护配置 第1部分 概述 德文版本EN 419211-1-2014》.pdf_第1页
第1页 / 共23页
DIN EN 419211-1-2014 Protection profiles for secure signature creation device - Part 1 Overview German version EN 419211-1 2014《安全签名生成设备的保护配置 第1部分 概述 德文版本EN 419211-1-2014》.pdf_第2页
第2页 / 共23页
DIN EN 419211-1-2014 Protection profiles for secure signature creation device - Part 1 Overview German version EN 419211-1 2014《安全签名生成设备的保护配置 第1部分 概述 德文版本EN 419211-1-2014》.pdf_第3页
第3页 / 共23页
DIN EN 419211-1-2014 Protection profiles for secure signature creation device - Part 1 Overview German version EN 419211-1 2014《安全签名生成设备的保护配置 第1部分 概述 德文版本EN 419211-1-2014》.pdf_第4页
第4页 / 共23页
DIN EN 419211-1-2014 Protection profiles for secure signature creation device - Part 1 Overview German version EN 419211-1 2014《安全签名生成设备的保护配置 第1部分 概述 德文版本EN 419211-1-2014》.pdf_第5页
第5页 / 共23页
点击查看更多>>
资源描述

1、December 2014 Translation by DIN-Sprachendienst.English price group 13No part of this translation may be reproduced without prior permission ofDIN Deutsches Institut fr Normung e. V., Berlin. Beuth Verlag GmbH, 10772 Berlin, Germany,has the exclusive right of sale for German Standards (DIN-Normen).I

2、CS 35.240.15!%“2278895www.din.deDDIN EN 419211-1Protection profiles for secure signature creation device Part 1: Overview;English version EN 419211-1:2014,English translation of DIN EN 419211-1:2014-12Schutzprofile fr sichere Signaturerstellungseinheiten Teil 1: berblick;Englische Fassung EN 419211-

3、1:2014,Englische bersetzung von DIN EN 419211-1:2014-12Profils de protection pour dispositif scuris de signature lectronique Partie 1: Prsentation gnrale;Version anglaise EN 419211-1:2014,Traduction anglaise de DIN EN 419211-1:2014-12www.beuth.deDocument comprises 23 pagesIn case of doubt, the Germa

4、n-language original shall be considered authoritative.12.14DIN EN 419211-1:2014-12 2 A comma is used as the decimal marker. National foreword This document (EN 419211-1:2014) has been prepared by Technical Committee CEN/TC 224 “Personal identification, electronic signature and cards and their relate

5、d systems and operations” (Secretariat: AFNOR, France). The responsible German body involved in its preparation was the DIN-Normenausschuss Informationstechnik und Anwendungen (DIN Standards Committee Information Technology and selected IT Applications), Subcommittee NA 043-01-17-04 UA Austauschprot

6、okolle bei Chipkarten of Working Committee NA 043-01-17 AA Karten und persnliche Identifikation. EUROPEAN STANDARD NORME EUROPENNE EUROPISCHE NORM EN 419211-1 October 2014 ICS 35.240.15 Supersedes CWA 14169:2004English Version Protection profiles for secure signature creation device - Part 1: Overvi

7、ew Profils de protection pour dispositif scuris de signature lectronique - Partie 1: Prsentation gnrale Schutzprofile fr sichere Signaturerstellungseinheiten - Teil 1: berblick This European Standard was approved by CEN on 25 July 2014. CEN members are bound to comply with the CEN/CENELEC Internal R

8、egulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to any CEN m

9、ember. This European Standard exists in three official versions (English, French, German). A version in any other language made by translation under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management Centre has the same status as the official versions

10、. CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Pola

11、nd, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom. EUROPEAN COMMITTEE FOR STANDARDIZATION COMIT EUROPEN DE NORMALISATION EUROPISCHES KOMITEE FR NORMUNG CEN-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels 2014 CEN All rights of exploitation

12、in any form and by any means reserved worldwide for CEN national Members. Ref. No. EN 419211-1:2014 EEN 419211-1:2014 (E) 2 Contents Page Foreword 3 Introduction .4 1 Scope 5 2 Normative references 5 3 Terminology .5 3.1 Legislative references .5 3.2 Technical terms5 4 Abbreviated terms .8 5 Protect

13、ion Profile Overview 8 6 Target of Evaluation 9 6.1 General 9 6.2 Functions of an SSCD 10 6.3 TOE life cycle 12 6.4 Operations of the TOE 14 7 TOE definitions . 15 7.1 General . 15 7.2 TOE with key generation 15 7.3 TOE with key import . 16 7.4 TOE with key generation and trusted channel to certific

14、ate generation application 16 7.5 TOE with trusted channel to signature creation application . 16 Annex A (informative) Comparison with CWA 14169:2004, Annex C . 20 A.1 General . 20 A.2 Technical Differences . 20 Bibliography . 21 DIN EN 419211-1:2014-12 EN 419211-1:2014 (E) 3 Foreword This document

15、 (EN 419211-1:2014) has been prepared by Technical Committee CEN/TC 224 “Personal identification, electronic signature and cards and their related systems and operations”, the secretariat of which is held by AFNOR. This European Standard shall be given the status of a national standard, either by pu

16、blication of an identical text or by endorsement, at the latest by April 2015 and conflicting national standards shall be withdrawn at the latest by April 2015. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. CEN and/or CENELEC sh

17、all not be held responsible for identifying any or all such patent rights. This document supersedes CWA 14169:2004. Significant changes between this edition and CWA 14169:2004 can be found in Annex A. This document has been prepared under a mandate given to CEN by the European Commission and the Eur

18、opean Free Trade Association. According to the CEN-CENELEC Internal Regulations, the national standards organizations of the following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Repu

19、blic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom. DIN EN 419211-1:2014-12 EN 419211-1:2014 (E) 4 Introducti

20、on This series of European Standards specifies Protection Profiles for Secure Signature Creation Devices and is issued by the European Committee for Standardization (CEN) as an update of the Electronic Signatures (E-SIGN) CEN workshop agreement (CWA) 14169:2004, Annex C on the protection profile sec

21、ure signature creation devices, “EAL 4+”. This series of European Standards consists of the following parts: Part 1: Overview Part 2: Device with key generation Part 3: Device with key import Part 4: Extension for device with key generation and trusted communication with certificate generation appli

22、cation Part 5: Extension for device with key generation and trusted communication with signature creation application Part 6: Extension for device with key import and trusted communication with signature creation application Preparation of the documents in this series of European Standards as protec

23、tion profiles follows the rules of the Common Criteria version 3.1 (2, 3 and 4). DIN EN 419211-1:2014-12 EN 419211-1:2014 (E) 5 1 Scope This European Standard: specifies terms used in specifying protection profiles for secure signature creation devices, specifies functional and operational requireme

24、nts for secure signature creation devices, describes the targets of evaluation for these protection profiles. 2 Normative references Not applicable. 3 Terminology For the purposes of this document, the following terms and definitions apply. 3.1 Legislative references This European Standard reflects

25、the requirement of a European Directive in the technical terms of a protection profile. The following terms are used in the text to reference this Directive: 3.1.1 the Directive Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on “a Community framework for elect

26、ronic signatures” 1 Note 1 to entry: References in this document to a specific article and paragraph of Directive 1999/93/EC are of the form “(the Directive: n.m)”. 3.1.2 annex one of the annexes, Annex I, Annex II or Annex III of the Directive 3.2 Technical terms 3.2.1 administrator user who perfor

27、ms TOE initialization, TOE personalization, or other TOE administrative functions 3.2.2 advanced electronic signature digital signature which meets specific requirements in the Directive: 2.2 Note 1 to entry: According to the Directive a digital signature qualifies as an advanced electronic signatur

28、e if it: is uniquely linked to the signatory; is capable of identifying the signatory; is created using means that the signatory can maintain under their sole control; and is linked to the data to which it relates in such a manner that any subsequent change of the data are detectable. DIN EN 419211-

29、1:2014-12 EN 419211-1:2014 (E) 6 3.2.3 authentication data information used to verify the claimed identity of a user 3.2.4 certificate digital signature used as electronic attestation binding signature verification data to a person confirming the identity of that person as legitimate signer (the dir

30、ective: 2.9) 3.2.5 certificate info information associated with an SCD/SVD pair that may be stored in a secure signature creation device Note 1 to entry: Certificate info may include: a signers public key certificate, or one or more hash values of a signers public key certificate together with an id

31、entifier of the hash function used to compute the hash values, or a public key certificate as defined in X.509. Note 2 to entry: Certificate info may contain information to allow the user to distinguish between several certificates. 3.2.6 certificate generation application CGA collection of applicat

32、ion components that receive the SVD from the SSCD to generate a certificate obtaining data to be included in the certificate and to create a digital signature of the certificate 3.2.7 certification service provider CSP entity that issues certificates or provides other services related to electronic

33、signatures (the Directive: 2.11) 3.2.8 data to be signed DTBS all of the electronic data to be signed including a user message and signature attributes 3.2.9 data to be signed or its unique representation DTBS/R data received by a secure signature creation device as input in a single signature creat

34、ion operation Note 1 to entry: Examples of DTBS/R are: a hash value of the data to be signed (DTBS), or an intermediate hash value of a first part of the DTBS complemented with a remaining part of the DTBS, or the DTBS. 3.2.10 legitimate user user of a secure signature creation device who gains poss

35、ession of it from an SSCD-provisioning service provider and who can be authenticated by the SSCD as its signatory DIN EN 419211-1:2014-12 EN 419211-1:2014 (E) 7 3.2.11 qualified certificate public key certificate that meets the requirements laid down in Annex I and that is provided by a CSP that ful

36、fils the requirements laid down in Annex II (the Directive: 2.10) 3.2.12 qualified electronic signature an advanced electronic signature which is based on a qualified certificate and which is created by an SSCD 3.2.13 reference authentication data RAD data persistently stored by the TOE for authenti

37、cation of the signatory 3.2.14 secure signature creation device SSCD a signature-creation device which meets the requirements laid down in Annex III Note 1 to entry: An SSCD may be evaluated according to the security target conforming to a PP as defined in the series of European Standards. 3.2.15 si

38、gnatory a person who holds (and is a legitimate user) of an SSCD and acts either on their own behalf or on behalf of the natural or legal person or entity they represent 3.2.16 signature creation application SCA application complementing an SSCD with a user interface with the purpose to create an el

39、ectronic signature 3.2.17 signature creation data SCD unique data, such as codes or private cryptographic keys, which are used by the signatory to create an electronic signature Note 1 to entry: For the PPs of this standard the SCD is held in the SSCD. 3.2.18 signature creation system SCS complete s

40、ystem that creates an electronic signature consisting of an SCA and an SSCD 3.2.19 signature verification data SVD data, such as codes or public cryptographic keys, which are used for the purpose of verifying an electronic signature 3.2.20 SSCD-provisioning service service to prepare and provide an

41、SSCD to a subscriber and to support the signatory with certification of generated keys and administrative functions of the SSCD DIN EN 419211-1:2014-12 EN 419211-1:2014 (E) 8 3.2.21 user entity (human user or external IT entity) outside the TOE that interacts with the TOE 3.2.22 user message data de

42、termined by the signatory as the correct input for signing 3.2.23 verification authentication data VAD data input to an SSCD for authentication of the signatory 4 Abbreviated terms CC Common Criteria aCGA certificate generation application DTBS data to be signed DTBS/R data to be signed or its uniqu

43、e representation EAL evaluation assurance level aIT information technology PP protection profile aRAD reference authentication data SCA signature creation application SCD signature creation data SCS signature creation system SDO signed data object SFP security Function Policy SSCD secure signature c

44、reation device ST security Target aSVD signature verification data TOE target of evaluation aTSF TOE security functionality aVAD verification authentication data aSee Bibliography 2, 3, 4 for details on the specification of Common Criteria. 5 Protection Profile Overview This series of documents cons

45、titutes a suite of protection profiles, which are established by CEN as European Standards for products to create electronic signatures. They fulfil requirements of Directive1)1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatu

46、res. 1) This European Directive is referred to in this series of protection profiles as “the Directive”. DIN EN 419211-1:2014-12 EN 419211-1:2014 (E) 9 In accordance with Article 9 of this European Directive these standards can be indicated by the European Commission in the Official Journal of the E

47、uropean Communities as generally recognized standards for electronic signature products. These protection profiles formally specify the security functional and assurance requirements defined in Annex III of the Directive for a secure signature creation device (SSCD). This secure signature creation d

48、evice is the target of evaluation (TOE) for the protection profiles. European Union Member States may presume that there is compliance with the requirements laid down in Annex III of the Directive when an electronic signature product is evaluated to a Security Target (ST) that is compliant with one

49、or more of the Protection Profiles (PPs) of this standard. For an electronic signature product that has been evaluated according to Common Criteria (version 3.1) as conforming to a Security Target (ST) that is compliant with one or more of these Protection Profiles (PP) this European Standard implies that European Union Member States shall presume compliance with the requirements in Annex III of the Directive for that product. Part 2 of this series of European Standards specifies a protection profile for an S

展开阅读全文
相关资源
  • DIN EN 818-7-2008 Short link chain for lifting purposes - Safety - Part 7 Fine tolerance hoist chain Grade T (Types T DAT and DT)(includes Amendment A1 2008) Ge.pdfDIN EN 818-7-2008 Short link chain for lifting purposes - Safety - Part 7 Fine tolerance hoist chain Grade T (Types T DAT and DT)(includes Amendment A1 2008) Ge.pdf
  • DIN EN 1677-3-2008 Components for slings - Safety - Part 3 Forged steel self-locking hooks Grade 8(includes Amendment A1 2008) English version of DIN EN 1677-3 .pdfDIN EN 1677-3-2008 Components for slings - Safety - Part 3 Forged steel self-locking hooks Grade 8(includes Amendment A1 2008) English version of DIN EN 1677-3 .pdf
  • DIN EN 1677-2-2008 Components for slings - Safety - Part 2 Forged steel lifting hooks with latch Grade 8(includes Amendment A1 2008) English version of DIN EN 1.pdfDIN EN 1677-2-2008 Components for slings - Safety - Part 2 Forged steel lifting hooks with latch Grade 8(includes Amendment A1 2008) English version of DIN EN 1.pdf
  • DIN EN 1670-2007 Building hardware - Corrosion resistance - Requirements and test methods English version of DIN EN 1670 2007-06《建筑五金器具 耐腐蚀 要求和试验方法》.pdfDIN EN 1670-2007 Building hardware - Corrosion resistance - Requirements and test methods English version of DIN EN 1670 2007-06《建筑五金器具 耐腐蚀 要求和试验方法》.pdf
  • DIN EN 1656-2010 Chemical disinfectants and antiseptics - Quantitative suspension test for the evaluation of bactericidal activity of chemical disinfectants and.pdfDIN EN 1656-2010 Chemical disinfectants and antiseptics - Quantitative suspension test for the evaluation of bactericidal activity of chemical disinfectants and.pdf
  • DIN EN 1230-2-2018 Paper and board intended to come into contact with foodstuffs - Sensory analysis - Part 2 Off-flavour (taint) German version EN 1230-2 2009《用.pdfDIN EN 1230-2-2018 Paper and board intended to come into contact with foodstuffs - Sensory analysis - Part 2 Off-flavour (taint) German version EN 1230-2 2009《用.pdf
  • DIN EN 1176-7-2008 Playground equipment and surfacing - Part 7 Guidance on installation inspection maintenance and operation English version of DIN EN 1176-7 20.pdfDIN EN 1176-7-2008 Playground equipment and surfacing - Part 7 Guidance on installation inspection maintenance and operation English version of DIN EN 1176-7 20.pdf
  • DIN EN 1176-5-2008 Playground equipment and surfacing - Part 5 Additional specific safety requirements and test methods for carousels English version of DIN EN .pdfDIN EN 1176-5-2008 Playground equipment and surfacing - Part 5 Additional specific safety requirements and test methods for carousels English version of DIN EN .pdf
  • DIN EN 1159-1-2007 Advanced technical ceramics - Ceramic composites - Thermophysical properties - Part 1 Determination of thermal expansion (includes Corrigendu.pdfDIN EN 1159-1-2007 Advanced technical ceramics - Ceramic composites - Thermophysical properties - Part 1 Determination of thermal expansion (includes Corrigendu.pdf
  • DIN EN 1093-4-2008 Safety of machinery - Evaluation of the emission of airborne hazardous substances - Part 4 Capture efficiency of an exhaust system - Tracer m.pdfDIN EN 1093-4-2008 Safety of machinery - Evaluation of the emission of airborne hazardous substances - Part 4 Capture efficiency of an exhaust system - Tracer m.pdf
  • 猜你喜欢
  • ASTM F748-2016 Standard Practice for Selecting Generic Biological Test Methods for Materials and Devices《选择材料和设备的通用生物试验方法的标准实施规程》.pdf ASTM F748-2016 Standard Practice for Selecting Generic Biological Test Methods for Materials and Devices《选择材料和设备的通用生物试验方法的标准实施规程》.pdf
  • ASTM F749-1998(2007)e1 Standard Practice for Evaluating Material Extracts by Intracutaneous Injection in the Rabbit《兔子皮内注射评定材料抽提物》.pdf ASTM F749-1998(2007)e1 Standard Practice for Evaluating Material Extracts by Intracutaneous Injection in the Rabbit《兔子皮内注射评定材料抽提物》.pdf
  • ASTM F749-1998(2012) Standard Practice for Evaluating Material Extracts by Intracutaneous Injection in the Rabbit《用兔子皮内注射法评定材料提取物的标准实施规程》.pdf ASTM F749-1998(2012) Standard Practice for Evaluating Material Extracts by Intracutaneous Injection in the Rabbit《用兔子皮内注射法评定材料提取物的标准实施规程》.pdf
  • ASTM F749-2013 Standard Practice for Evaluating Material Extracts by Intracutaneous Injection in the Rabbit《用兔子皮内注射法评定材料提取物的标准实施规程》.pdf ASTM F749-2013 Standard Practice for Evaluating Material Extracts by Intracutaneous Injection in the Rabbit《用兔子皮内注射法评定材料提取物的标准实施规程》.pdf
  • ASTM F750-1987(2007)e1 Standard Practice for Evaluating Material Extracts by Systemic Injection in the Mouse《用给老鼠有系统注射评定药物材料浸渍物》.pdf ASTM F750-1987(2007)e1 Standard Practice for Evaluating Material Extracts by Systemic Injection in the Mouse《用给老鼠有系统注射评定药物材料浸渍物》.pdf
  • ASTM F750-1987(2012) Standard Practice for Evaluating Material Extracts by Systemic Injection in the Mouse《用老鼠系统注射法评定材料提取物的标准实施规程》.pdf ASTM F750-1987(2012) Standard Practice for Evaluating Material Extracts by Systemic Injection in the Mouse《用老鼠系统注射法评定材料提取物的标准实施规程》.pdf
  • ASTM F754-2000 Standard Specification for Implantable Polytetrafluoroethylene (PTFE) Polymer Fabricated in Sheet Tube and Rod Shapes《薄片状、管状和棒状聚四氟乙烯聚合体植入物标准规范》.pdf ASTM F754-2000 Standard Specification for Implantable Polytetrafluoroethylene (PTFE) Polymer Fabricated in Sheet Tube and Rod Shapes《薄片状、管状和棒状聚四氟乙烯聚合体植入物标准规范》.pdf
  • ASTM F754-2008 Standard Specification for Implantable Polytetrafluoroethylene (PTFE) Sheet Tube and Rod Shapes Fabricated from Granular Molding Powders《用颗粒成型粉末制成薄板、管及杆状的可植入聚四氟乙烯聚合物.pdf ASTM F754-2008 Standard Specification for Implantable Polytetrafluoroethylene (PTFE) Sheet Tube and Rod Shapes Fabricated from Granular Molding Powders《用颗粒成型粉末制成薄板、管及杆状的可植入聚四氟乙烯聚合物.pdf
  • ASTM F754-2008(2015) Standard Specification for Implantable Polytetrafluoroethylene (PTFE) Sheet Tube and Rod Shapes Fabricated from Granular Molding Powders《用颗粒成型粉末制成板状 管状及杆状可植入聚四.pdf ASTM F754-2008(2015) Standard Specification for Implantable Polytetrafluoroethylene (PTFE) Sheet Tube and Rod Shapes Fabricated from Granular Molding Powders《用颗粒成型粉末制成板状 管状及杆状可植入聚四.pdf
  • 相关搜索

    当前位置:首页 > 标准规范 > 国际标准 > DIN

    copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
    备案/许可证编号:苏ICP备17064731号-1