PP for a Secure Signature Creation Device - Part 2: Device with Key Generation

SSCD / Smart card and similar devices

Certification Body

Bundesamt für Sicherheit in der Informationstechnik (BSI)

Sponsor

CEN/ISSS

Point of Contact

  • CEN/ISSS, Rue de Stassart 36, 1050, Brussels, Belgium
  • Zertifizierung@bsi.bund.de

Certification ID

BSI-CC-PP-0059-2009-MA-01 which updates

BSI-CC-PP-0059-2009

PP Version

V2.0.1

CC Version

3.1 Revision 3

CC Conformance Claim

CC part 2 extended
CC part 3 conformant
EAL 4 augmented by AVA_VAN.5
Conformance claims to this protection profile requires strict conformance

Certification status

Maintained 21 February 2012
Certified 11 December 2009

Language

English

Summary

The Protection Profile (PP) is established by CEN/ISSS for use by the European Commission in accordance with the procedure laid down in Article 9 of the Directive 1999/93/ec of the European parliament and of the council of 13 December 1999 on a Community framework for electronic signatures, also referred to as the 'Directive' in the remainder of the PP, as generally recognised standard for electronic-signature products in the Official Journal of the European Communities.

The intent of the Protection Profile is to specify functional and assurance requirements defined in the Directive for a secure signature-creation device (SSCD) which is the target of evaluation (TOE). The Protection Profile describes core security requirements for a secure device that can generate a signing key (signature-creation data, SCD) and operates to create electronic signatures with the generated key.

After an SSCD has generated a signing key, the corresponding public key (signature verification data, SVD) has to be provided as input to a certificate generating application (CGA). Security requirements for export of the SVD are not covered within this document.

When operated in a secure environment for signature creation a signer may use an SSCD that fulfils only these core security requirements to create an advanced electronic signature. Security requirements for an SSCD used in other environments are not subject of this Protection Profile.

Relation to other PPs

The maintained Protection Profile is an update of the following Protection Profile :

  • V1.03 (BSI-CC-PP-0059-2009)

The Protection Profile is an update of the Protection Profile V1.04 certified under BSI-PP-0005-2002 in order to comply to Common Criteria Version 3.1.