{"id":349271,"date":"2024-10-20T00:35:47","date_gmt":"2024-10-20T00:35:47","guid":{"rendered":"https:\/\/pdfstandards.shop\/product\/uncategorized\/bs-en-419251-32013\/"},"modified":"2024-10-26T00:15:47","modified_gmt":"2024-10-26T00:15:47","slug":"bs-en-419251-32013","status":"publish","type":"product","link":"https:\/\/pdfstandards.shop\/product\/publishers\/bsi\/bs-en-419251-32013\/","title":{"rendered":"BS EN 419251-3:2013"},"content":{"rendered":"

This European Standard contains packages that define security requirements for an authentication device. This document is Part 3. Part 1 and Part 2 are Protections Profiles \u2013 PP\u2013 based on the packages defined in this document. Packages contained in this document can be added in a Security Target \u2013ST- claiming PP of Part 1 or Part 2.<\/p>\n

PDF Catalog<\/h4>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
PDF Pages<\/th>\nPDF Title<\/th>\n<\/tr>\n
8<\/td>\n1 Scope
2 Normative references
3 Conformance
3.1 CC Conformance Claim
3.2 PP Claim
3.3 Package Claim
3.4 Conformance Rationale <\/td>\n<\/tr>\n
9<\/td>\n3.5 Conformance Statement
4 Terms and definitions <\/td>\n<\/tr>\n
11<\/td>\n5 Symbols and abbreviations
6 Overview of the target of evaluation
6.1 TOE Type
6.2 TOE Usage <\/td>\n<\/tr>\n
12<\/td>\n6.3 Security Features of the TOE
6.4 Required non-TOE Hardware and Software
6.5 Protection Profile Usage
6.6 Groups
6.6.1 General
6.6.2 Main groups
6.6.2.1 General
6.6.2.2 Core group <\/td>\n<\/tr>\n
13<\/td>\n6.6.2.3 KeyImp group
6.6.2.4 KeyGen group
6.6.2.5 Admin group
6.6.3 Environment groups
6.6.3.1 General
6.6.3.2 Trusted PersoAppli
6.6.3.3 Trusted AuthAppli <\/td>\n<\/tr>\n
14<\/td>\n6.6.3.4 Trusted Verifier
6.6.3.5 Trusted CA
6.6.3.6 Trusted AdminAppli
6.6.3.7 Untrusted PersoAppli
6.6.3.8 Untrusted AuthAppli
6.6.3.9 Untrusted Verifier
6.6.3.10 Untrusted CA <\/td>\n<\/tr>\n
15<\/td>\n6.6.3.11 Untrusted AdminAppli
6.7 Configurations
6.7.1 General
6.7.2 Rules <\/td>\n<\/tr>\n
16<\/td>\n6.7.3 Possible Configurations
6.7.3.1 General
6.7.3.2 Basic configurations
6.7.3.3 Transfer configurations <\/td>\n<\/tr>\n
17<\/td>\n6.8 TOE Environment
6.8.1 Overall view <\/td>\n<\/tr>\n
18<\/td>\n6.8.2 Personalisation application
6.8.2.1 General
6.8.2.2 Functionalities <\/td>\n<\/tr>\n
19<\/td>\n6.8.2.3 Communication
6.8.3 Administration application
6.8.3.1 General
6.8.3.2 Functionalities <\/td>\n<\/tr>\n
20<\/td>\n6.8.3.3 Communication
6.8.4 Authentication application
6.8.4.1 General
6.8.4.2 Functionalities
6.8.4.3 Communication <\/td>\n<\/tr>\n
21<\/td>\n6.8.5 Verifier
6.8.5.1 Functionalities
6.8.5.2 Communication
6.8.6 Key Generator
6.8.6.1 Functionalities
6.8.6.2 Communication <\/td>\n<\/tr>\n
22<\/td>\n6.8.7 Certification Authority
6.8.7.1 Functionalities
6.8.7.2 Communication
6.8.8 Examples of applications
6.8.8.1 General
6.8.8.2 Simple Access Control <\/td>\n<\/tr>\n
23<\/td>\n6.8.8.3 E-government
6.8.8.4 Multiple application TOE <\/td>\n<\/tr>\n
24<\/td>\n6.9 Life Cycle
6.9.1 Overview <\/td>\n<\/tr>\n
25<\/td>\n6.9.2 Pre-Personalisation phase
6.9.3 Personalisation phase
6.9.3.1 General <\/td>\n<\/tr>\n
26<\/td>\n6.9.3.2 Personalisation application
6.9.4 Usage phase
6.9.4.1 Authentication application <\/td>\n<\/tr>\n
27<\/td>\n6.9.4.2 Administration application
6.9.4.3 Verifier <\/td>\n<\/tr>\n
28<\/td>\n7 Security problem definition
7.1 Assets
7.1.1 General
7.1.2 Core group
7.1.2.1 Assets protected by the TOE
7.1.2.2 Sensitive assets of the TOE
7.1.3 KeyGen group <\/td>\n<\/tr>\n
29<\/td>\n7.1.4 Admin group
7.2 Users
7.2.1 Core group <\/td>\n<\/tr>\n
30<\/td>\n7.2.2 KeyImp group
7.2.3 KeyGen group
7.2.4 Admin group
7.3 Threats
7.3.1 General <\/td>\n<\/tr>\n
31<\/td>\n7.3.2 Core group <\/td>\n<\/tr>\n
32<\/td>\n7.3.3 KeyGen group
7.3.4 Admin group
7.4 Organisational security policies
7.4.1 Core group
7.4.1.1 Provided services
7.4.1.2 Other services <\/td>\n<\/tr>\n
33<\/td>\n7.4.2 KeyGen group
7.4.3 Admin group
7.5 Assumptions
7.5.1 Core group <\/td>\n<\/tr>\n
34<\/td>\n7.5.2 KeyGen group
7.5.3 Admin group
8 Security objectives
8.1 General \u2212 Transfer of sensitive data <\/td>\n<\/tr>\n
35<\/td>\n8.2 Security objectives for the TOE
8.2.1 Core group
8.2.1.1 Provided service
8.2.1.2 Authentication to the TOE <\/td>\n<\/tr>\n
36<\/td>\n8.2.1.3 TOE management
8.2.2 KeyImp group
8.2.3 KeyGen group
8.2.4 Admin group <\/td>\n<\/tr>\n
37<\/td>\n8.2.5 Untrusted PersoAppli
8.2.6 Untrusted AuthAppli
8.2.7 Untrusted Verifier
8.2.8 Untrusted CA
8.2.9 Untrusted AdminAppli <\/td>\n<\/tr>\n
38<\/td>\n8.3 Security objectives for the operational environment
8.3.1 Core group
8.3.2 KeyImp group <\/td>\n<\/tr>\n
39<\/td>\n8.3.3 Admin group
8.3.4 Trusted PersoAppli
8.3.5 Trusted AuthAppli
8.3.6 Trusted Verifier
8.3.7 Trusted CA
8.3.8 Trusted AdminAppli <\/td>\n<\/tr>\n
40<\/td>\n8.4 Rationale for Security objectives <\/td>\n<\/tr>\n
45<\/td>\n9 Extended component definition \u2013 Definition of the Family FCS_RNG
10 Security requirements
10.1 General <\/td>\n<\/tr>\n
46<\/td>\n10.2 Introduction
10.2.1 Subjects Objects and security attributes <\/td>\n<\/tr>\n
47<\/td>\n10.2.2 Operations
10.2.2.1 Core group
10.2.2.2 KeyImp group
10.2.2.3 KeyGen group
10.2.2.4 Admin group <\/td>\n<\/tr>\n
48<\/td>\n10.2.2.5 Untrusted PersoAppli
10.2.2.6 Untrusted AuthAppli
10.2.2.7 Untrusted Verifier
10.2.2.8 Untrusted CA
10.2.2.9 Untrusted AdminAppli
10.3 Security functional requirements
10.3.1 General <\/td>\n<\/tr>\n
49<\/td>\n10.3.2 Core group
10.3.2.1 Device authentication by the verifier <\/td>\n<\/tr>\n
50<\/td>\n10.3.2.2 User authentication <\/td>\n<\/tr>\n
51<\/td>\n10.3.2.3 Access control <\/td>\n<\/tr>\n
56<\/td>\n10.3.2.4 Protection of the TSF <\/td>\n<\/tr>\n
57<\/td>\n10.3.3 KeyImp group <\/td>\n<\/tr>\n
60<\/td>\n10.3.4 KeyGen group <\/td>\n<\/tr>\n
63<\/td>\n10.3.5 Admin group <\/td>\n<\/tr>\n
67<\/td>\n10.3.6 Untrusted PersoAppli <\/td>\n<\/tr>\n
68<\/td>\n10.3.7 Untrusted AuthAppli
10.3.8 Untrusted Verifier <\/td>\n<\/tr>\n
69<\/td>\n10.3.9 Untrusted CA <\/td>\n<\/tr>\n
70<\/td>\n10.3.10 Untrusted AdminAppli
10.4 Security assurance requirements <\/td>\n<\/tr>\n
71<\/td>\n10.5 SFR \/ Security objectives <\/td>\n<\/tr>\n
76<\/td>\n10.6 SFR Dependencies <\/td>\n<\/tr>\n
78<\/td>\n10.7 Rationale for the Assurance Requirements <\/td>\n<\/tr>\n<\/table>\n","protected":false},"excerpt":{"rendered":"

Security requirements for device for authentication – Additional functionality for security targets<\/b><\/p>\n\n\n\n\n
Published By<\/td>\nPublication Date<\/td>\nNumber of Pages<\/td>\n<\/tr>\n
BSI<\/b><\/a><\/td>\n2013<\/td>\n84<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"featured_media":349273,"template":"","meta":{"rank_math_lock_modified_date":false,"ep_exclude_from_search":false},"product_cat":[693,2641],"product_tag":[],"class_list":{"0":"post-349271","1":"product","2":"type-product","3":"status-publish","4":"has-post-thumbnail","6":"product_cat-35-240-15","7":"product_cat-bsi","9":"first","10":"instock","11":"sold-individually","12":"shipping-taxable","13":"purchasable","14":"product-type-simple"},"_links":{"self":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product\/349271","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product"}],"about":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/types\/product"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/media\/349273"}],"wp:attachment":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/media?parent=349271"}],"wp:term":[{"taxonomy":"product_cat","embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product_cat?post=349271"},{"taxonomy":"product_tag","embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product_tag?post=349271"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}