Protection Profile Digital Tachograph Vehicle Unit (VU PP) Version 1.0 BSI-CC-PP-0057-2010



Similar documents
JTEMS A Community for the Evaluation and Certification of Payment Terminals

BSI-DSZ-CC for. Digital Tachograph EFAS-4.0, Version 02. from. intellic GmbH

BSI-DSZ-CC-S for. Dream Chip Technologies GmbH Germany. Dream Chip Technologies GmbH

BSI-DSZ-CC-S for. GLOBALFOUNDRIES Singapore Pte. Ltd. GLOBALFOUNDRIES Singapore Pte. Ltd.

Details for the structure and content of the ETR for Site Certification. Version 1.0

Joint Interpretation Library. Security Evaluation and Certification of Digital Tachographs

ETSI TS : Electronic Signatures and Infrastructures (ESI): Policy

BSI-DSZ-CC for. tru/cos tacho v1.1. from. Trueb AG

BSI-PP for. Protection Profile Secure Signature-Creation Device Type 1, Version developed by

Cryptographic Modules, Security Level Enhanced. Endorsed by the Bundesamt für Sicherheit in der Informationstechnik

Low Assurance Protection Profile for a VPN gateway

ISO The international IT security standard. Marcel Weinand / Marcel Weinand

Protection Profile for UK Dual-Interface Authentication Card

Low Assurance Protection Profile for a VoIP Infrastructure

Supporting Document Guidance. Security Architecture requirements (ADV_ARC) for smart cards and similar devices. April Version 2.

Spoof Detection and the Common Criteria

BSI-DSZ-CC for. Microsoft Forefront Unified Access Gateway 2010 (CC) Version / Build from. Microsoft Corporation

BSI-DSZ-CC for. Oracle Database 11g Release 2 Enterprise Edition. from. Oracle Corporation

BSI-DSZ-CC for. IBM Security Access Manager for Enterprise Single Sign-On, Version 8.2. from. IBM Corporation

Certification Report. NXP Secure Smart Card Controller P40C012/040/072 VD

Protection Profile for the Security Module of a Smart Meter Gateway (Security Module PP)

BSI - Federal Office for Information Security. Evaluation and Certification of IT Security Technology in Germany

BSI-DSZ-CC for. IBM Tivoli Access Manager for e-business version FP4 with IBM Tivoli Federated Identity Manager version 6.2.

BSI-DSZ-CC for

Fingerprint Spoof Detection Protection Profile

Security IC Platform Protection Profile

BSI-DSZ-CC for. NXP J3A081, J2A081 and J3A041 Secure Smart Card Controller Revision 3. from. NXP Semiconductors Germany GmbH

BSI-DSZ-CC For. Microsoft Windows Server 2008 R2 Hyper-V, Release from. Microsoft Corporation

BSI-DSZ-CC for. Microsoft SQL Server 2012 Database Engine Enterprise Edition x64 (English), Version (including Service Pack 1)

Technical information on the IT security certification of products, protection profiles and sites

BSI-DSZ-CC for. JBoss Enterprise Application Platform 5 Version and from. Red Hat

Common Criteria Protection Profile

BSI-DSZ-CC for. PR/SM for IBM zenterprise EC12 GA1 Driver Level D12K. from. IBM Corporation

BSI-DSZ-CC for

Writing a Protection Profile for a Security Service Package

Common Criteria Protection Profile. electronic Health Card (ehc) elektronische Gesundheitskarte (egk) BSI-PP-0020-V MA01

Joint Interpretation Library

Common Criteria Protection Profile. Electronic Identity Card (ID_Card PP) BSI-CC-PP Approved by the Federal Ministry of Interior. Version 1.

Joint Interpretation Library. Guidance for smartcard evaluation

Update on the German Scheme

Smartcard IC Platform Protection Profile

Build a CC assurance package dedicated to your risk assessment. Francois GUERIN Security Program Manager francois.guerin@gemalto.

Certification Report. Utimaco Safeware AG. debiszert-dsz-itsec SafeGuard Sign&Crypt, Version 2.0. The Modern Service Provider

BSI-DSZ-CC For. Red Hat Enterprise Linux, Version 5.6 Virtualization with KVM. from. Red Hat, Inc.

Certification Report BSI-DSZ-CC for. Cisco VoIP Telephony Solution. Version 1.0. from. Cisco Systems, Inc.

BSI-DSZ-CC for. Microsoft Forefront Threat Management Gateway 2010 Version / Build from. Microsoft Corporation

Australasian Information Security Evaluation Program

Computer and Network Security

BSI-CC-PP for. Cryptographic Modules, Security Level "Enhanced", Version from. Bundesamt für Sicherheit in der Informationstechnik

BSI-DSZ-CC for. IBM RACF for z/os, Version 1, Release 12. from. IBM Corporation

Guidelines for Developer Documentation

C015 Certification Report

BSI-DSZ-CC for. LANCOM Systems Operating System LCOS 8.70 CC with IPsec VPN. from. LANCOM Systems GmbH

Low Assurance Protection Profile for a Software Based Personal Firewall for home Internet use

Security Target. Astaro Security Gateway V8 Packet Filter Version Assurance Level EAL4+ Common Criteria v3.1

BSI-PP for. Smart Card Security User Group Smart Card Protection Profile (SCSUG-SCPP) Version 3.0. developed by

2008 by Bundesamt für Sicherheit in der Informationstechnik (BSI) Godesberger Allee , Bonn

BSI-DSZ-CC for. Red Hat Enterprise Linux, Version 6.2 on IBM Hardware for Power and System z Architectures. from. Red Hat, Inc.

BSI-DSZ-CC for

EPASSPORT WITH BASIC ACCESS CONTROL AND ACTIVE AUTHENTICATION

Estonian National CA Policy

Common Criteria. Introduction Magnus Ahlbin. Emilie Barse Emilie Barse Magnus Ahlbin

Italian Tachograph MSA Policy v.1.1

Protection Profile for the Gateway of a Smart Metering System (Smart Meter Gateway PP)

Certification Report

Supporting Document Guidance. Smartcard Evaluation. February Version 2.0 CCDB

Challenges in the Information Age

Mutual Recognition Agreement of Information Technology Security Evaluation Certificates

2008 by Bundesamt für Sicherheit in der Informationstechnik (BSI) Godesberger Allee , Bonn

Preventing fraud in epassports and eids

Certification Report. NXP J3E145_M64, J3E120_M65, J3E082_M65, J2E145_M64, J2E120_M65, and J2E082_M65 Secure Smart Card Controller Revision 3

Common Criteria Protection Profile. electronic Health Card (ehc) elektronische Gesundheitskarte (egk)

Korean National Protection Profile for Voice over IP Firewall V1.0 Certification Report

Security Target for PalmSecure

Australasian Information Security Evaluation Program

How To Manage Security In The Cloud

Common Criteria for Information Technology Security Evaluation. Part 1: Introduction and general model. August Version 2.

Common Criteria v3.1 Vulnerability Assessment: What is new?

Cloud Computing - Starting Points for Privacy and Transparency

BSI-DSZ-CC for. MN67S150 Smart Card IC Version RV08 including IC Dedicated Software. from. Panasonic Semiconductor Solutions Co., Ltd.

Certification Report

COMMON CERTIFICATE POLICY FOR THE EXTENDED ACCESS CONTROL INFRASTRUCTURE FOR PASSPORTS AND TRAVEL DOCUMENTS ISSUED BY EU MEMBER STATES

BSI-DSZ-CC for. Red Hat Enterprise Linux, Version 6.2 with KVM Virtualization for x86 Architectures. from. Red Hat, Inc.

Common Criteria Protection Profile for Inspection Systems (IS) BSI-CC-PP Version 1.01 (15 th April 2010)

Common Criteria Evaluation Challenges for SELinux. Doc Shankar IBM Linux Technology Center

Certification Report BSI-DSZ-CC for. Renesas AE45C1 (HD65145C1) Smartcard Integrated Circuit Version 01. from. Renesas Technology Corp.

Information Security Standards by Dr. David Brewer Gamma Secure Systems Limited Diamond House, 149 Frimley Road Camberley, Surrey, GU15 2PS

IT Security Certification and Criteria Progress, Problems and Perspectives

Digital Tachograph System Turkish Authority (TR-A) Policy

Operating System Protection Profile. Common Criteria Protection Profile BSI-CC-PP-0067 Version 2.0

General Requirements for Accreditation of ASNITE. Testing Laboratories of Information Technology. (The 12th Edition) November 1, 2014

Common Methodology for Information Technology Security Evaluation. Evaluation methodology. September Version 3.1 Revision 4 CCMB

CERTIFICATE. certifies that the. Info&AA v1.0 Attribute Service Provider Software. developed by InfoScope Ltd.

Common Criteria for Information Technology Security Evaluation. Part 3: Security assurance components. September Version 3.

Information Technology Security Evaluation Criteria. ITSEC Joint Interpretation Library (ITSEC JIL)

Information security audit (IS audit) - A guideline for IS audits based on IT-Grundschutz

CERTIFICATION REPORT

Protection Profile for Portable Storage Media (PSMPP) Common Criteria Protection Profile BSI-CC-PP Version 1.0

On Security Evaluation Testing

Securing VoIP Networks using graded Protection Levels

Transcription:

Protection Profile Digital Tachograph Vehicle Unit (VU PP) Version 1.0 BSI-CC-PP-0057-2010 Dipl.-Phys. Certification Federal Office for Information Security (BSI), Germany

Topics of VU-PP CC 3.1 R3 Overview Security Concept of the Digital Tachograph Security Objectives for the TOE (VU PP, CC 3.1 R3) Security Objectives for the Operational Environment (VU PP, CC 3.1 R3) Primary Assets to be protected (VU PP, CC 3.1 R3) Secondary Assets to be protected (VU PP, CC 3.1 R3) Security Functional Requirements (VU PP, CC 3.1 R3) Security Assurance Requirements (VU PP, CC 3.1 R3) Outlook Folie 2

Overview The Digital Tachograph Systems consists of Vehicle Unit, Motion Sensor and Tachograph Cards. The System with different components will be installed in road transport vehicles (e.g. truck over 3.5T, bus 9 Persons) The Security of the technical components of the Digital Tachograph System (e.g. vehicle unit) expressed in the European Commission Regulation 1360/2002, Annex I B, Appendix 10 (Generic Security Target written according to ITSEC) Generic Security Target is issued by the European Commission (basis for the VU PP) Joint Interpretation Library (JIL),Version 1.12, Security Evaluation and Certification of Digital Tachographs, interpretation of the Security Certification according to Commission Regulation (Annex IB) Folie 3

Overview This new Protection Profile should reflect the content of the Generic Security Target (GST) in Appendix 10 of Annex IB (issued by the EC) and Joint Interpretation Library (JIL, Digital Tachographs), V1.12 The intention is the coverage of the requirements in Appendix 10 by the security functional requirements of the current PP and the JIL document GST (ITSEC:E3, high) ===> CC EAL4+ Draft developments of the PP for VU have been commented by the European Schemes and manufacturers Folie 4

Security Concept of the Digital Tachograph Mechanical Interface Sensor Tachograph Cards:driver, control, workshop and company cards Secure Controller Secure Components Secure Components Motion Sensor 2 Card Reader Display Printer Memory Calibration Secure Components Vehicle Unit Interaction between Components of Digital Tachograph Folie 5

Security Objectives for the TOE (VU PP, CC 3.1 R3) O.Access The TOE must control user access to functions and data. O.Accountability The TOE must collect accurate accountability data. O.Audit The TOE must audit attempts to undermine system security and should trace them to associated users. O.Authentication The TOE should authenticate users and connected entities (when a trusted path needs to be established between entities). O.Integrity The TOE must maintain stored data integrity. Folie 6

Security Objectives for the TOE (VU PP, CC 3.1 R3) O.Output The TOE must ensure that data output reflects accurately data measured or stored. O.Processing The TOE must ensure that processing of inputs to derive user data is accurate. O.Reliability The TOE must provide a reliable service. O.Secured_Data_ Exchange The TOE must secure data exchanges with the motion sensor and with tachograph cards. O.Software_Analysis There shall be no way to analyse or debug software in the field after the TOE activation. Folie 7

Security Objectives for the Operational Environment (VU PP, CC 3.1 R3) Design environment Manufacturing environment Workshops environment End-user environment Folie 8

Security Objectives for the Operational Environment (VU PP, CC 3.1 R3) OE.Activation Vehicle manufacturers and fitters or workshops shall activate the TOE after its installation before the vehicle leaves the premises where installation took place. OE.Approved_Workshops Installation, calibration and repair of recording equipment shall be carried by trusted and approved fitters or workshops. OE.Faithful_Calibration Approved fitters and workshops shall enter proper vehicle parameters in recording equipment during calibration. Folie 9

Primary Assets to be protected (VU PP, CC 3.1 R3) Object No. 1 2 Asset user data (recorded or stored in the TOE) user data transferred between the TOE and an external device connected Definition Any data, other than security data and authentication data, recorded or stored by the VU, required by Commission Regulation All user data being transferred from or to the TOE. A TOE communication partner can be: - a motion sensor, - a tachograph card, or - an external medium for data download. Generic security Integrity Authenticity Confidentiality Integrity Authenticity Folie 10

Secondary Assets to be protected (VU PP, CC 3.1 R3) Object Asset No. 1 Accessibility to the TOE functions and data only for authorised subjects 2 3 Definition Generic Security Availability Property of the TOE to restrict access to TSF and TSF-data stored in the TOE to subjects only. Genuineness of the Property of the TOE to Availability TOE be authentic in order to provide the claimed security functionality in a proper way. TOE immanent secret Secret security Confidentiality security data elements: All Keys used Integrity (e.g. symmetric master key, session keys) Folie 11

Security Functional Requirements (VU PP, CC 3.1 R3) Identification and authentication of motion sensor and tachograph cards, Access control to functions and stored data, Accountability of users, Audit of events and faults, Prevention of object reuse for secret data, Accuracy of recorded and stored data, Reliability of services, Secure data exchange (e.g. MS or Tach. Cards). Folie 12

Security Assurance Requirements (VU PP, CC 3.1 R3) Common Criteria Part 3 conformant EAL 4 augmented by ATE_DPT.2 and AVA_VAN.5 ID: BSI-CC-PP-0057-2010 Why ATE_DPT.2? Folie 13

Outlook The advantages of this CC VU PP: Easy creation of the Security Target for manufacturer Applying the new evaluation technique according to CC improvement Applying the latest CEM after harmonization with different schemes Using the latest CC interpretation during certification Comparability of the certification results between schemes CC has more acceptance than ITSEC in the world Next steps: PPs for Tachograph Cards and Motion Sensors Folie 14

Contact Bundesamt für Sicherheit in der Informationstechnik (BSI) Referat 322 - Zertifizierung Godesberger Allee 185-189 53175 Bonn Tel: +49 (0)228-99-9582-111 zertifizierung@bsi.bund.de www.bsi.bund.de www.bsi-fuer-buerger.de Folie 15

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information