DIN EN 419211-3-2014 Protection profiles for secure signature creation device - Part 3 Device with key import German version EN 419211-3 2013《安全签名生成设备的保护配置 第3部分 带密匙导入的设备 德文版本EN 419.pdf

上传人:deputyduring120 文档编号:674678 上传时间:2018-12-27 格式:PDF 页数:47 大小:2.05MB
下载 相关 举报
DIN EN 419211-3-2014 Protection profiles for secure signature creation device - Part 3 Device with key import German version EN 419211-3 2013《安全签名生成设备的保护配置 第3部分 带密匙导入的设备 德文版本EN 419.pdf_第1页
第1页 / 共47页
DIN EN 419211-3-2014 Protection profiles for secure signature creation device - Part 3 Device with key import German version EN 419211-3 2013《安全签名生成设备的保护配置 第3部分 带密匙导入的设备 德文版本EN 419.pdf_第2页
第2页 / 共47页
DIN EN 419211-3-2014 Protection profiles for secure signature creation device - Part 3 Device with key import German version EN 419211-3 2013《安全签名生成设备的保护配置 第3部分 带密匙导入的设备 德文版本EN 419.pdf_第3页
第3页 / 共47页
DIN EN 419211-3-2014 Protection profiles for secure signature creation device - Part 3 Device with key import German version EN 419211-3 2013《安全签名生成设备的保护配置 第3部分 带密匙导入的设备 德文版本EN 419.pdf_第4页
第4页 / 共47页
DIN EN 419211-3-2014 Protection profiles for secure signature creation device - Part 3 Device with key import German version EN 419211-3 2013《安全签名生成设备的保护配置 第3部分 带密匙导入的设备 德文版本EN 419.pdf_第5页
第5页 / 共47页
点击查看更多>>
资源描述

1、March 2014 Translation by DIN-Sprachendienst.English price group 18No part of this translation may be reproduced without prior permission ofDIN Deutsches Institut fr Normung e. V., Berlin. Beuth Verlag GmbH, 10772 Berlin, Germany,has the exclusive right of sale for German Standards (DIN-Normen).ICS

2、03.160; 35.040; 35.240.15!%,Se“2094866www.din.deDDIN EN 419211-3Protection profiles for secure signature creation device Part 3: Device with key import;English version EN 419211-3:2013,English translation of DIN EN 419211-3:2014-03Schutzprofile fr sichere Signaturerstellungseinheiten Teil 3: Einheit

3、en mit Schlsselimport;Englische Fassung EN 419211-3:2013,Englische bersetzung von DIN EN 419211-3:2014-03Profils de protection des dispositifs scuriss de cration de signature Partie 3: Dispositif avec import de cl;Version anglaise EN 419211-3:2013,Traduction anglaise de DIN EN 419211-3:2014-03www.be

4、uth.deIn case of doubt, the German-language original shall be considered authoritative.Document comprises 47 pages 01.14 DINEN 419211-3:2014-032 A comma is used as the decimal marker. National foreword This document (EN 419211-3:2013) has been prepared by Technical Committee CEN/TC 224 “Personal ide

5、ntification, electronic signature and cards and their related systems and operations” (Secretariat: AFNOR, France). The responsible German body involved in its preparation was the Normenausschuss Informationstechnik und Anwendungen (Information Technology and selected IT Applications Standards Commi

6、ttee), Working Committee NA 043-01-17-04 UA Austauschprotokolle bei Chip-Karten. EUROPEAN STANDARD NORME EUROPENNE EUROPISCHE NORM EN 419211-3 October 2013 ICS 03.160; 35.040; 35.240.15 Supersedes CWA 14169:2004English Version Protection profiles for secure signature creation device - Part 3: Device

7、 with key import Profils de protection des dispositifs scuriss de cration de signature - Partie 3: Dispositif avec import de cl Schutzprofile fr sichere Signaturerstellungseinheiten - Teil3: Einheiten mit Schlsselimport This European Standard was approved by CEN on 14 September 2013. CEN members are

8、 bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to t

9、he CEN-CENELEC Management Centre or to any CEN member. This European Standard exists in three official versions (English, French, German). A version in any other language made by translation under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management Cen

10、tre has the same status as the official versions. CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuan

11、ia, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom. EUROPEAN COMMITTEE FOR STANDARDIZATION COMIT EUROPEN DE NORMALISATION EUROPISCHES KOMITEE FR NORMUNG CEN-CENELEC Management Centre: Avenue Marnix 17, B-10

12、00 Brussels 2013 CEN All rights of exploitation in any form and by any means reserved worldwide for CEN national Members. Ref. No. EN 419211-3:2013 EEN 419211-3:2013 (E) 2 Contents Foreword 3 1 Scope . 5 2 Normative references. 5 3 Terms and definitions 5 4 PP introduction . 5 4.1 PP reference . 5 4

13、.2 PP overview 5 4.3 TOE overview 6 5 Conformance claims 11 5.1 CC conformance claim 11 5.2 PP claim, Package claim . 11 5.3 Conformance rationale 11 5.4 Conformance statement 11 6 Security problem definition . 12 6.1 Assets, users and threat agents . 12 6.2 Threats 12 6.3 Organisational security po

14、licies . 13 6.4 Assumptions . 14 7 Security objectives. 14 7.1 Security objectives for the TOE 14 7.2 Security objectives for the operational environment . 16 7.3 Security objectives rationale 18 8 Extended components definition . 22 9 Security requirements . 23 9.1 Security functional requirements

15、. 23 9.2 Security assurance requirements 38 9.3 Security requirements rationale . 39 Bibliography 45 DIN EN 419211-3:2014-03 EN 419211-3:2013 (E) 3 Foreword This document (EN 419211-3:2013) has been prepared by Technical Committee CEN/TC 224 “Personal identification, electronic signature and cards a

16、nd their related systems and operations”, the secretariat of which is held by AFNOR. This European Standard shall be given the status of a national standard, either by publication of an identical text or by endorsement, at the latest by April 2014, and conflicting national standards shall be withdra

17、wn at the latest by April 2014. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. CEN and/or CENELEC shall not be held responsible for identifying any or all such patent rights. This document supersedes CWA 14169:2004. This document

18、 was submitted to the CEN Enquiry under reference prEN 14169-3. According to the CEN/CENELEC Internal Regulations, the national standards organisations of the following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Esto

19、nia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom. DIN EN 419211-3:2014-03

20、 EN 419211-3:2013 (E) 4 Introduction This series of European Standards specifies Common Criteria protection profiles for secure signature creation devices and is issued by the European Committee for Standardization, Information Society Standardization System (CEN/ISSS) as update of the Electronic Si

21、gnatures (E-SIGN) CEN/ISSS workshop agreement (CWA) 14169:2004, Annex B and Annex C on the protection profile secure signature creation devices, “EAL 4+“. This series of European Standards consists of the following parts: Protection profiles for secure signature creation device Part 1: Overview; Pro

22、tection profiles for secure signature creation device Part 2: Device with key generation; Protection profiles for secure signature creation device Part 3: Device with key import; Protection profiles for secure signature creation device Part 4: Extension for device with key generation and trusted cha

23、nnel to certificate generation application; Protection profiles for secure signature creation device Part 5: Extension for device with key generation and trusted channel to signature creation application; Protection profiles for secure signature creation device Part 6: Extension for device with key

24、import and trusted channel to signature creation application. Preparation of this document as a protection profile (PP) follows the rules of the Common Criteria version 3.1 2, 3 and 4. DIN EN 419211-3:2014-03 EN 419211-3:2013 (E) 5 1 Scope This European Standard specifies a protection profile for a

25、secure signature creation device with signing keys import possibility: SSCD with key import (SSCD KI). 2 Normative references The following documents, in whole or in part, are normatively referenced in this document and are indispensable for its application. For dated references, only the edition ci

26、ted applies. For undated references, the latest edition of the referenced document (including any amendments) applies. prEN 14169-1:2011, Protection profiles for secure signature creation device Part 1: Overview 3 Terms and definitions For the purposes of this document, the acronyms, terms and defin

27、itions given in prEN 14169-1:2011 apply. 4 PP introduction 4.1 PP reference Title: Protection profiles for secure signature creation device Part 3: Device with key import Version: 1.0.2 Author: CEN / CENELEC (TC224/WG17) Publication date: 2012-07-24 Registration: BSI-CC-PP-0075 CC version: 3.1 Revis

28、ion 3 Editor: Arnold Abromeit, TV Informationstechnik GmbH General status: final Keywords: secure signature creation device, electronic signature, digital signature, key import 4.2 PP overview This Protection Profile is established by CEN as a European Standard for products to create electronic sign

29、atures. It fulfils requirements of Directive11999/93/ec of the European parliament and of the council of 13 December 1999 on a community framework for electronic signatures. In accordance with article 9 of this European Directive this standard can be indicated by the European commission in the Offic

30、ial Journal of the European Communities as generally recognised standard for electronic signature products. This protection profile defines security functional requirements and security assurance requirements that comply with those defined in Annex III of the Directive for a secure signature creatio

31、n device (SSCD). This secure signature creation device is the target of evaluation (TOE) for this protection profile. 1This European Directive is referred to in this PP as “the directive”. DINEN 419211-3:2014-03EN 419211-3:2013 (E) 6European Union Member States may presume that there is compliance w

32、ith the requirements laid down in Annex III of the Directive 1 when an electronic signature product is evaluated to a Security Target (ST) that is compliant with this Protection Profile (PP). This Protection Profile describes core security requirements for a secure device that can import a signing k

33、ey2(signature creation data, SCD) and operates to create electronic signatures with the imported key. A device evaluated according to this protection profile and used in the specified environments can be trusted to create any type of digital signature. As such this PP can be used for any device that

34、 has been configured to create a digital signature. Specifically this PP allows the qualification of a product as a device for creating an advanced electronic signature as defined in the Directive. The intent of this Protection Profile is to specify security functional and assurance requirements def

35、ined in the Directive 1, Annex III for secure signature creation devices (SSCD), which is the target of evaluation (TOE). Member States shall presume that there is compliance with the requirements laid down in Annex III of the Directive 1 when an electronic signature product is evaluated to a Securi

36、ty Target (ST) that is compliant with this Protection Profile (PP). EN 419211-3 defines the core security requirements for SSCD importing signature creation data (SCD) and creating advanced electronic signature, which if based on valid qualified certificates are qualified electronic signatures. A SS

37、CD, which fulfils only these core security requirements, may be used by the signatory in a secure environment for signature creation. The CSP will generate SCD/SVD pair in a secure environment and import the SCD into the SSCD so that it can be delivered to the signer with at least one SCD and possib

38、ly Certificate info stored in the SSCD. The TOE may implement additional security functions e.g. to support integrity protection of imported data to be signed. The related security requirements are not subject of this core PP but extended PP EN14169-6 “Protection profiles for secure signature creati

39、on device Part 6: Device with key import and Trusted Communication with Signature creation application” will address them claiming conformance to this core PP. The assurance level for this PP is EAL4 augmented with AVA_VAN.5. 4.3 TOE overview 4.3.1 Operation of the TOE This subclause presents a func

40、tional overview of the TOE in its distinct operational environments: - The preparation environment, where the TOE interacts with a certification service provider (CSP) through a SCD/SVD generation application to import the signature creation data (SCD) and a certificate generation application (CGA)

41、to obtain a certificate for the signature validation data (SVD) corresponding to the SCD the certification service provider has generated. The SCD/SVD generation application transmits the SVD to the CGA. The initialisation environment interacts further with the TOE to personalise it with the initial

42、 value of the reference authentication data (RAD). - The signing environment where the TOE interacts with a signer through a signature creation application (SCA) to sign data after authenticating the signer as its signatory. The signature creation 2An SSCD that can import SCD/SVD was defined in the

43、previous version of this PP (CWA 14169) as a Type 2 SSCD. The notion of types does not exist anymore in this series of ENs. In order to refer to the same functionality, a reference to EN 419211-3 (i.e. Part 3) should be used. DIN EN 419211-3:2014-03 EN 419211-3:2013 (E) 7application provides the dat

44、a to be signed (DTBS), or a unique representation thereof (DTBS/R) as input to the TOE signature creation function and obtains the resulting digital signature3. - The management environments where the TOE interacts with the user or an SSCD-provisioning service provider to perform management operatio

45、ns, e.g. for the signatory to reset a blocked RAD. A single device, e.g. a smart card terminal, may provide the required secure environment for management and signing. The preparation environment, the signing environment and the management environment are secure and protect data exchanged with the T

46、OE. Figure 3 in prEN 14169-1:2011 illustrates the operational environment. The TOE stores signature creation data (SCD) and reference authentication data (RAD). The TOE may store multiple instances of SCD. In this case the TOE provides a function to identify each SCD and the SCA can provide an inter

47、face to the signer to select an SCD for use in the signature creation function of the SSCD. The TOE protects the confidentiality and integrity of the SCD and restricts its use in signature creation to its signatory. The digital signature created by the TOE may be used to create an advanced electroni

48、c signature as defined in Article 5.1 of the Directive. Determining the state of the certificate as qualified is beyond the scope of this standard. The signature creation application is assumed to protect the integrity of the input it provides to the TOE signature creation function as being consistent with the user data authorised for signing by the signatory. Unless implicitly known to the TOE, the SCA indicates the kind of the signing input (as DTBS/R) it provides and computes any hash value required.

展开阅读全文
相关资源
  • DIN EN 818-7-2008 Short link chain for lifting purposes - Safety - Part 7 Fine tolerance hoist chain Grade T (Types T DAT and DT)(includes Amendment A1 2008) Ge.pdfDIN EN 818-7-2008 Short link chain for lifting purposes - Safety - Part 7 Fine tolerance hoist chain Grade T (Types T DAT and DT)(includes Amendment A1 2008) Ge.pdf
  • DIN EN 1677-3-2008 Components for slings - Safety - Part 3 Forged steel self-locking hooks Grade 8(includes Amendment A1 2008) English version of DIN EN 1677-3 .pdfDIN EN 1677-3-2008 Components for slings - Safety - Part 3 Forged steel self-locking hooks Grade 8(includes Amendment A1 2008) English version of DIN EN 1677-3 .pdf
  • DIN EN 1677-2-2008 Components for slings - Safety - Part 2 Forged steel lifting hooks with latch Grade 8(includes Amendment A1 2008) English version of DIN EN 1.pdfDIN EN 1677-2-2008 Components for slings - Safety - Part 2 Forged steel lifting hooks with latch Grade 8(includes Amendment A1 2008) English version of DIN EN 1.pdf
  • DIN EN 1670-2007 Building hardware - Corrosion resistance - Requirements and test methods English version of DIN EN 1670 2007-06《建筑五金器具 耐腐蚀 要求和试验方法》.pdfDIN EN 1670-2007 Building hardware - Corrosion resistance - Requirements and test methods English version of DIN EN 1670 2007-06《建筑五金器具 耐腐蚀 要求和试验方法》.pdf
  • DIN EN 1656-2010 Chemical disinfectants and antiseptics - Quantitative suspension test for the evaluation of bactericidal activity of chemical disinfectants and.pdfDIN EN 1656-2010 Chemical disinfectants and antiseptics - Quantitative suspension test for the evaluation of bactericidal activity of chemical disinfectants and.pdf
  • DIN EN 1230-2-2018 Paper and board intended to come into contact with foodstuffs - Sensory analysis - Part 2 Off-flavour (taint) German version EN 1230-2 2009《用.pdfDIN EN 1230-2-2018 Paper and board intended to come into contact with foodstuffs - Sensory analysis - Part 2 Off-flavour (taint) German version EN 1230-2 2009《用.pdf
  • DIN EN 1176-7-2008 Playground equipment and surfacing - Part 7 Guidance on installation inspection maintenance and operation English version of DIN EN 1176-7 20.pdfDIN EN 1176-7-2008 Playground equipment and surfacing - Part 7 Guidance on installation inspection maintenance and operation English version of DIN EN 1176-7 20.pdf
  • DIN EN 1176-5-2008 Playground equipment and surfacing - Part 5 Additional specific safety requirements and test methods for carousels English version of DIN EN .pdfDIN EN 1176-5-2008 Playground equipment and surfacing - Part 5 Additional specific safety requirements and test methods for carousels English version of DIN EN .pdf
  • DIN EN 1159-1-2007 Advanced technical ceramics - Ceramic composites - Thermophysical properties - Part 1 Determination of thermal expansion (includes Corrigendu.pdfDIN EN 1159-1-2007 Advanced technical ceramics - Ceramic composites - Thermophysical properties - Part 1 Determination of thermal expansion (includes Corrigendu.pdf
  • DIN EN 1093-4-2008 Safety of machinery - Evaluation of the emission of airborne hazardous substances - Part 4 Capture efficiency of an exhaust system - Tracer m.pdfDIN EN 1093-4-2008 Safety of machinery - Evaluation of the emission of airborne hazardous substances - Part 4 Capture efficiency of an exhaust system - Tracer m.pdf
  • 猜你喜欢
    相关搜索

    当前位置:首页 > 标准规范 > 国际标准 > DIN

    copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
    备案/许可证编号:苏ICP备17064731号-1