BSI PD CEN/TS 419221-4:2016

$198.66

Protection Profiles for TSP cryptographic modules – Cryptographic module for CSP signing operations without backup

Published By	Publication Date	Number of Pages
BSI	2016	52

Guaranteed Safe Checkout

Categories: 35.240.30 - IT applications in information, documentation and publishing, BSI

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

This Technical Specification specifies a protection profile for cryptographic modules used by certification service providers (as specified in Directive 1999/93) for signing operations, without key backup. Target applications include root certification authorities (certification authorities which issue certificates to other CAs and is at the top of a CA hierarchy) and other certification service providers where there is a high risk of direct physical attacks against the module.

PDF Catalog

PDF Pages	PDF Title
4	Contents Page
8	1 Scope 2 Normative references 3 Terms and definitions 4 PP Introduction 4.1 General 4.2 PP Reference
9	4.3 Protection Profile Overview
10	4.4 TOE Overview 4.4.1 TOE type
11	4.4.2 TOE Roles 4.4.3 Usage and major security features of the TOE
13	4.4.4 Available non-TOE hardware/software/firmware 5 Conformance Claim 5.1 CC Conformance Claim 5.2 PP Claim 5.3 Conformance Rationale 5.4 Conformance Statement
14	6 Security Problem Definition 6.1 Assets 6.1.1 General 6.1.2 TOE services 6.1.3 TOE Data 6.1.3.1 Keys 6.1.3.2 Internal TOE Data
15	6.1.3.3 External TOE Data 6.2 Threats 6.2.1 General 6.2.2 Threat agents
16	6.2.3 Threats description 6.2.3.1 Threats on Keys
17	6.2.3.2 Threats on internal TOE Data 6.2.3.3 Threats on external TOE Data 6.2.3.4 Threats on TOE Services
19	6.3 Organizational Security Policies 6.4 Assumptions
20	7 Security Objectives 7.1 General 7.2 Security Objectives for the TOE
22	7.3 Security Objectives for the Operational Environment
23	8 Extended Components Definitions 8.1 Extended Component Definitions — Family FCS_RND
24	9 Security Requirements 9.1 General 9.2 Subjects, objects, security attributes and operations 9.2.1 General 9.2.2 Subjects
25	9.2.3 TOE Objects and security attributes 9.2.4 TOE Operations
26	9.3 Security Functional Requirements 9.3.1 General 9.3.2 Security audit (FAU) 9.3.2.1 Audit data generation (FAU_GEN.1)
27	9.3.2.2 User identity association (FAU_GEN.2) 9.3.2.3 Guarantees of audit data availability (FAU_STG.2) 9.3.3 Cryptographic support (FCS) 9.3.3.1 Cryptographic key generation (FCS_CKM.1)
28	9.3.3.2 Cryptographic key distribution (FCS_CKM.2) 9.3.3.3 Cryptographic key destruction (FCS_CKM.4) 9.3.3.4 Cryptographic operation (FCS_COP.1)
29	9.3.3.5 Quality metrics for random numbers (FCS_RND.1) 9.3.4 User data protection (FDP) 9.3.4.1 Subset access control (FDP_ACC.1/CRYPTO) 9.3.4.2 Subset access control (FDP_ACC.1/AUDIT) 9.3.4.3 Security attribute based access control (FDP_ACF.1/CRYPTO)
30	9.3.4.4 Security attribute based access control (FDP_ACF.1/AUDIT)
31	9.3.4.5 Export of user data without security attributes (FDP_ETC.1) 9.3.4.6 Subset residual information protection (FDP_RIP.1) 9.3.4.7 Stored data integrity monitoring and action (FDP_SDI.2) 9.3.5 Identification and authentication (FIA) 9.3.5.1 General 9.3.5.2 Authentication failure handling (FIA_AFL.1)
32	9.3.5.3 User attribute definition (FIA_ATD.1) 9.3.5.4 Verification of secrets (FIA_SOS.1) 9.3.5.5 Timing of authentication (FIA_UAU.1) 9.3.5.6 Timing of identification (FIA_UID.1) 9.3.6 Security management (FMT) 9.3.6.1 Management of security attributes (FMT_MSA.1/ROLE_CRYPTO) 9.3.6.2 Management of security attributes (FMT_MSA.1/ROLE_AUDIT)
33	9.3.6.3 Secure security attributes (FMT_MSA.2) 9.3.6.4 Static attribute initialization (FMT_MSA.3) 9.3.6.5 Management of TSF data (FMT_MTD.1/ACCESS_CONTROL) 9.3.6.6 Management of TSF data (FMT_MTD.1/USER_CRYPTO) 9.3.6.7 Management of TSF data (FMT_MTD.1/USER_AUDIT) 9.3.6.8 Management of TSF data (FMT_MTD.1/RAD) 9.3.6.9 Management of TSF data (FMT_MTD.1/AUDIT) 9.3.6.10 Specification of Management Functions (FMT_SMF.1)
34	9.3.6.11 Security roles (FMT_SMR.1) 9.3.7 Privacy (FPR) — Unobservability (FPR_UNO.1) 9.3.8 Protection of the TOE Security Functions (FPT) 9.3.8.1 Failure with preservation of secure state (FPT_FLS.1)
35	9.3.8.2 Inter-TSF detection of modification (FPT_ITI.1) 9.3.8.3 Notification of physical attack (FPT_PHP.2) 9.3.8.4 Resistance to physical attack (FPT_PHP.3)
36	9.3.8.5 Manual recovery (FPT_RCV.1) 9.3.8.6 TSF testing (FPT_TST.1)
37	9.3.9 Trusted path (FTP) — Trusted path (FTP_TRP.1) 9.4 Security Assurance Requirements
38	9.5 Security Requirements Rationale 9.5.1 Security Problem Definition coverage by Security Objectives 9.5.1.1 General
39	9.5.1.2 Coverage rationale for Threats
42	9.5.1.3 Coverage rationale for Organizational Security Policy 9.5.1.4 Coverage rationale for Assumptions
43	9.5.2 Security Objectives coverage by SFRs
47	9.5.3 SFR Dependencies 9.5.3.1 Justification of unsupported dependencies
48	9.5.4 Rationale for SARs 9.5.5 AVA_VAN.5 Advanced methodical vulnerability analysis

Status

Definitive

Pages

Publication Date

2016-07-31

ISBN

978 0 580 92181 0

Standard Number

PD CEN/TS 419221-4:2016

Title

Protection Profiles for TSP cryptographic modules – Cryptographic module for CSP signing operations without backup

Descriptors

Data storage protection, Certification (approval), Quality assurance systems, Cryptography, Certificates of conformity, Data processing, Electronic data interchange, Information exchange, Data security

Publisher

BSI

Committee

IST/17

ICS Codes

35.240.30 - IT applications in information, documentation and publishing