PP for a Machine Readable Travel Document with "ICAO Application" Extended Access Control

Passport / Smart card and similar devices

Certification Body

Bundesamt für Sicherheit in der Informationstechnik (BSI)

Sponsor

Bundesamt für Sicherheit in der Informationstechnik (BSI)

Point of Contact

Zertifizierung@bsi.bund.de

Certification ID

BSI-CC-PP-0056-2009

PP Version

V1.10

CC Version

3.1 Revision 2

CC Conformance Claim

CC part 2 extended
CC part 3 conformant
EAL 4 augmented by ALC_DVS.2 and AVA_VAN.5
Conformance claims to this protection profile requires strict conformance

Certification status

Certified 07 May 2009

Language

English

Summary

The Protection Profile defines the security objectives and requirements for the contactless chip of machine readable travel documents (MRTD) based on the requirements and recommendations of the International Civil Aviation Organisation (ICAO).

It addresses the security method Basic Access Control and Extended Access Control in the technical reports of the ICAO New Technology Working Group.

The Target of Evaluation (TOE) defined in the PP is the contactless integrated circuit chip (IC) of machine readable travel documents programmed according to the Logical Data Structure (LDS) and providing the Basic Access Control and Extended Access Control according to the ICAO document. It comprises the circuitry of the MRTD's contactless chip, the IC Dedicated Software, the IC Embedded Software (operating system), the MRTD application and the associated guidance documentation. The Chip is usually integrated into a passport book of a person for whom the issuing state or organisation has personalised the MRTD.

The product life cycle is described in terms of the four life cycle phases: Phase 1"Development", Phase 2 "Manufacturing", Phase 3 "Personalization of the MRTD", Phase 4 "Operational Use". The intention of the PP is to consider at least the phases 1 and parts of phase 2 as part of the evaluation and therefore to define the TOE delivery according to CC after this phase 2 or later.

Relation to other PPs

The Protection Profile is an update of the Protection Profile certified under BSI-PP-0026-2006-MA-01 in order to comply to Common Criteria Version 3.1.