Download Security Target class 2 smart card reader SPR532

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
page
44
page
45
Transcript 
page 26/45
6 TOE summary specification “ASE_TSS.1”
6.1
TOE security functions
To realize a qualified electronic signature it is necessary that the user identifies
himself or herself to the signature application. This could be done for instance using
a PIN of his or her signature card.
The private PIN code has therefore to be protected.
The PIN data should be stored in the smart card reader only as long as the
corresponding command is sent to the smart card or until the smart card is removed.
The security specific functions to ward off any threats and reach the security
objectives are listed below:
SF.PINCMD:
The firmware in the reader checks the commands sent to the reader by means
of the command structure compliant to the USB smart card reader
specification.
If the commands for Verification or Modification of the PIN are recognized and
if the command, which has to be forwarded to the smart card, contains one of
the following instruction bytes:
• VERIFY (ISO/IEC 7816-4):
INS=0x20
• CHANGE REFERENCE DATA (ISO/IEC 7816-4): INS=0x24
• ENABLE VERIFICATION REQUIREMENT (ISO/IEC 7816-4):
INS=0x28
• DISABLE VERIFICATION REQUIREMENT (ISO/IEC 7816-4):
INS=0x26
• RESET RETRY COUNTER (ISO/IEC 7816-4):
INS=0x2C
• UNBLOCK APPLICATION (EMV2004):
INS=0x18
it will be switched into the mode for secure PIN entry over the integrated
keypad.
The RS232 version of the reader emulates the protocol, which is specified for
the USB smart card reader, so for both host interface versions an identical
data stream will be processed by the security functions.
The security function SF.PINCMD recognizes the command for PIN entry,
sent by the host software, and inserts the PIN data entered over the keypad to
the corresponding place in the command to the smart card. As well, only the
fact that one of the numeric keys is pressed is reported to the host.
Certification label:
CC: BSI-DSZ-CC-0394
SigG: BSI.02080.TE.XX.2006
SCM Microsystems GmbH, Oskar-Messter-Straße 13, 85737 Ismaning, Germany, Tel.: +49 89 9595-5000
Version 1.23
Document ID: CCASESPR
Date: 04.07.2006
Related documents
SOFTPRO Technisches Datenblatt - Technical
SOFTPRO Technisches Datenblatt - Technical
Smartcard reader Leo V2 Security Target Lite
Smartcard reader Leo V2 Security Target Lite
MPL-30/PCIW32 MPL-31/PCIW64 取扱説明書応用機能編
MPL-30/PCIW32 MPL-31/PCIW64 取扱説明書応用機能編
Common-Criteria-Dokument Sicherheitsvorgaben EAL3+
Common-Criteria-Dokument Sicherheitsvorgaben EAL3+
SecOVID Reader III
SecOVID Reader III
ATI Technologies XP100 Specifications
ATI Technologies XP100 Specifications
SCM CHIPDRIVE Time Recording 6.0
SCM CHIPDRIVE Time Recording 6.0
SigG Herstellererklärung zum eHealth Terminal GT900
SigG Herstellererklärung zum eHealth Terminal GT900
Cool Automation 7000F User manual
Cool Automation 7000F User manual
Security Target 0175 public
Security Target 0175 public
950 Safe Protector : Instruction & Installation Manual
950 Safe Protector : Instruction & Installation Manual
Kobil Chipkartenterminal Security Target - BSI
Kobil Chipkartenterminal Security Target - BSI