PP para un dispositivo seguro de creación de firma - Parte 6: Extensión para dispositivo con importación de clave y comunicación segura con una aplicación de creación de firma

Dispositivo de creación de firma (SSCD)/ Smart card y dispositivos similares

Organismo de Certificación

Bundesamt für Sicherheit in der Informationstechnik (BSI)




  • CEN/ISSS, Rue de Stassart 36, 1050, Brussels, Belgium
  • commoncriteria@bsi.bund.de


BSI-CC-PP-0076-2013-MA-01 que actualiza a:


Versión PP

EN 419211-6:2013, V1.0.4

The official version of the Protection Profile is available via the regular distribution path for EN standards or its national translations (see here for details)

Versión CC

3.1 Revision 4

Conformidad con CC

CC part 2 extended
CC part 3 conformant
EAL 4 augmented by AVA_VAN.5
Conformance claims to this protection profile requires strict conformance

Estado de la certificación

Mantenimiento: 30 junio 2016
Certificado el 16 de abril de 2013




The Protection Profile (PP) has been provided by the Technical Committee CEN/TC 224. It is referenced by the Commission Implementing Decision (EU) 2016/650 of 25 April 2016 laying down standards for the security assessment of qualified signature and seal creation devices pursuant to Articles 30(3) and 39(2) of Regulation (EU) No 910/2014 of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market.

The intent of the Protection Profile is to specify functional and assurance requirements defined in the Directive for a secure signature-creation device (SSCD) which is the target of evaluation (TOE). The Protection Profile describes core security requirements for a secure device that can import a signing key (signature-creation data, SCD) and operates to create electronic signatures with the imported key. The data to be signed or a unique representation thereof (DTBS/R) are sent via a trusted channel between the Signature Creation Application (SCA) and the SSCD. After an SSCD has imported a signing key, the corresponding public key (signature verification data, SVD) has to be provided as input to a certificate generation application (CGA). When operated in a secure environment for signature creation a signer may use an SSCD that fulfils only these core security requirements to create an advanced electronic signature. Security requirements for an SSCD used in other environments are not subject of this Protection Profile.

Otros Perfiles de protección relacionados

Este perfil de protección declara conformidad estricta con PP for a Secure Signature Creation Device - Part 3: Device with key import.

The maintained Protection Profile is an update of the following Protection Profile :

  • V1.0.4 (BSI-CC-PP-0076-2013) due to editorial issues from publishing the official version of the CEN standard