Certification Report - Common Criteriacommoncriteriaportal.org/files/epfiles/HSM Flow Control... ·...

Certification Report

EAL 4+ (ALC_DVS.2)

Evaluation of

TÜBİTAK BİLGEM UEKAE

UEKAE Dirak Serisi HSM (HARDWARE SECURITY

MODULE) Flow Control Firmware V2.13

issued by

Turkish Standards Institution

Common Criteria Certification Scheme

3

PRODUCT CERTIFICATION CENTER

COMMON CRITERIA CERTIFICATION SCHEME

CERTIFICATION REPORT

Date of Issue: 28/12/2012

Page : 3 / 19

Rev. No : 00 Date of Rev:

Document No: PCC-09-FR-011

TABLE OF CONTENTS

Table of contents ................................................................................................................................. 3 Document Information ....................................................................................................................... 4 Document Change Log ....................................................................................................................... 4 DISCLAIMER ..................................................................................................................................... 4 FOREWORD ....................................................................................................................................... 5 RECOGNITION OF THE CERTIFICATE ...................................................................................... 6 1 EXECUTIVE SUMMARY .............................................................................................................. 7 2 CERTIFICATION RESULTS ....................................................................................................... 11 2.1 Identification of Target of Evaluation ..................................................................................... 11 2.2 Security Policy ............................................................................................................................. 11 2.3 Assumptions and Clarification of Scope .................................................................................... 12 2.4 Architectural Information .......................................................................................................... 13 2.5 Documentation ............................................................................................................................ 14 2.6 IT Product Testing ...................................................................................................................... 14 2.7 Evaluated Configuration ............................................................................................................ 15 2.8 Results of the Evaluation ............................................................................................................ 15 2.9 Evaluator Comments / Recommendations ................................................................................. 15 3 SECURITY TARGET .................................................................................................................... 16 4 GLOSSARY .................................................................................................................................... 16 5 BIBLIOGRAPHY ........................................................................................................................... 16 6 ANNEXES ...................................................................................................................................... 17

4





Page : 4 / 19



Document Information

Date of Issue 15.03.2013

Version of Report 1.00

Author Kerem KEMANECİ

Technical Responsible Mustafa YILMAZ

Approved Mariye Umay AKKAYA

Date Approved 15.03.2013

Certification Number 14.10.06/13-007

Sponsor and Developer TÜBİTAK BİLGEM UEKAE

Evaluation Lab TÜBİTAK BİLGEM OKTEM

TOE Name UEKAE Dirak Serisi HSM (HARDWARE SECURITY


Pages 17

Document Change Log

Release Date Pages Affected Remarks/Change Reference

V0.1 05.03.2013 All Initial

V1.0 15.03.2013 All Final Release

DISCLAIMER

This certification report and the IT product defined in the associated Common Criteria document

has been evaluated at an accredited and licensed evaluation facility conformance to Common

Criteria for IT Security Evaluation, version 3.1,revision 3, using Common Methodology for IT

Products Evaluation, version 3.1, revision3 This certification report and the associated Common

Criteria document apply only to the identified version and release of the product in its evaluated

configuration. Evaluation has been conducted in accordance with the provisions of the CCCS, and

the conclusions of the evaluation facility in the evaluation report are consistent with the evidence

adduced. This report and its associated Common Criteria document are not an endorsement of the

product by the Turkish Standardization Institution, or any other organization that recognizes or

gives effect to this report and its associated Common Criteria document, and no warranty is given

for the product by the Turkish Standardization Institution, or any other organization that recognizes

or gives effect to this report and its associated Common Criteria document.

5





Page : 5 / 19



FOREWORD

The Certification Report is drawn up to submit the Certification Committee the results and

evaluation information upon the completion of a Common Criteria evaluation service performed

under the Common Criteria Certification Scheme. Certification Report covers all non-confidential

security and technical information related with a Common Criteria evaluation which is made under

the PCC Common Criteria Certification Scheme. This report is issued publicly to and made

available to all relevant parties for reference and use.

The Common Criteria Certification Scheme (CCSS) provides an evaluation and certification service

to ensure the reliability of Information Security (IS) products. Evaluation and tests are conducted

by a public or commercial Common Criteria Evaluation Facility (CCTL) under CCCS’ supervision.

CCEF is a facility, licensed as a result of inspections carried out by CCCS for performing tests and

evaluations which will be the basis for Common Criteria certification. As a prerequisite for such

certification, the CCEF has to fulfill the requirements of the standard ISO/IEC 17025 and should be

accredited by accreditation bodies. The evaluation and tests related with the concerned product

have been performed by TÜBİTAK BİLGEM OKTEM, which is a public/commercial CCTL.

A Common Criteria Certificate given to a product means that such product meets the security

requirements defined in its security target document that has been approved by the CCCS. The

Security Target document is where requirements defining the scope of evaluation and test activities

are set forth. Along with this certification report, the user of the IT product should also review the

security target document in order to understand any assumptions made in the course of evaluations,

the environment where the IT product will run, security requirements of the IT product and the level

of assurance provided by the product.

This certification report is associated with the Common Criteria Certificate issued by the CCCS for

UEKAE Dirak Serisi HSM (HARDWARE SECURITY MODULE) Flow Control Firmware (product

version: V2.13 ) whose evaluation was completed on 31/12/2012 and whose evaluation technical

report was drawn up by TÜBİTAK BİLGEM OKTEM (as CCTL), and with the Security Target

document with version no Rev 05 of the relevant product.

The certification report, certificate of product evaluation and security target document are posted

on the PCC Certified Products List at bilisim.tse.org.tr portal and the Common Criteria Portal (the

official web site of the Common Criteria Project).

6





Page : 6 / 19



RECOGNITION OF THE CERTIFICATE

The Common Criteria Recognition Arrangement logo is printed on the certificate to indicate that

this certificate is issued in accordance with the provisions of the CCRA.

The CCRA has been signed by the Turkey in 2003 and provides mutual recognition of certificates

based on the CC evaluation assurance levels up to and including EAL4. The current list of

signatory nations and approved certification schemes can be found on:

http://www.commoncriteriaportal.org.

7





Page : 7 / 19



1 - EXECUTIVE SUMMARY

Evaluated IT product name: UEKAE Dirak Serisi HSM (HARDWARE SECURITY


Developer’s Name: TÜBİTAK BİLGEM UEKAE

Name of CCTL: TÜBİTAK OKTEM

Assurance Package: EAL 4+ (ALC_DVS.2)

Completion Date of Evaluation: 31.12.2012

UEKAE Dirak Serisi HSM device is a PCI-e module that provides physical and logical

protection for the cryptographic keys and confidential data of critical applications. It enhances

security for industry standard computing platforms and provides cryptographic hardware

acceleration. The HSM protects cryptographic keys and data from environmental threats, thanks to

its protected, tamper-resistant hardware design. In case of intrusion attempt the system detects this

event and clears all confidential keys and data.

TOE is a data flow control firmware on UEKAE Dirak Serisi HSM device. This firmware is

composed of several applications working on an embedded operating system. This operating system

is running on a processor located on UEKAE Dirak Serisi HSM device.

TOE supports the following functionalities;

Digital signature, data encryption and digital rights management using the following

cryptographic algorithms;

RSA Public key standard with up to 2048 bit key length,

Symmetric key encryption AES, DES,

HASH Functions SHA-1, SHA-256.

Storage of confidential keys and data on a high capacity (32 Mbit) temper-resistant memory,

Robust key generation, using a hardware random number generator (RNG) following FIPS

140-2, according to FIPS 186-2 specifications,

Secure backup, restore and transfer of keys and data,

Emergency erase,

Secured software update.

Among the above mentioned cryptographic functions, Diffie-Hellman, DSA, AES, DES,

SHA-1, SHA-256 cryptographic operations are performed using Open SSL library functions which

are not parts of the TOE. Moreover, RSA cryptographic operations are performed on the FPGA, on

the HSM card. This RSA implementation and the hardware RNG are also not included in the TOE.

UEKAE Dirak Serisi HSM device can be used on Server or PC. TOE provide hardware

protection to critical applications such as public key infrastructures (PKIs), databases, web and

application servers. Due to HSM device hardware acceleration, customers take advantage of

performance increases for cryptographic operations, such as RSA signatures

8





Page : 8 / 19



1.1 TOE major security features for operational use

1.1.1.Identification and Authentication:

The TOE provides its own identification and authentication mechanism. In order to use HSM

a login account, including a login name and password, must be created using a preassigned smart

card. To login to the TOE using the GUI, the user provides login name, password and assigned user

smart card at the prompt.

The TOE compares typed user name and password, and verifies inserted smart cards

certificate to that stored in the HSM database. If either the login name or password is incorrect, or

inserted smart card unverified the login request will fail and no functions will be made available.

1.1.2.Security Management:

The UEKAE Dirak Serisi HSM product provides GUI interface to manage TOE called “HSM

Yönetim”. This GUI is a full-functioned interface from which a user with appropriate permission

can completely administer the TOE.

User permission is a system authorization which enables a user to use HSM management

functions. A user role is a collection of user permissions that may be assigned to a user. The TOE

includes two user roles; Administrator and User.

The TOE provides administrators to use all management functions;

Emergency erase,

Do initialization,

Create Admin/User/Backup Card,

Delete Admin/User,

Backup/Restore Database,

Login/Logout,

Update Software,

Get User List,

Get Storage Information etc.

1.1.3.Key Management:

The TOE provides the following key management functions;

Generate Key,

Delete Key,

Export/Import HSM Database.

FIPS-validated cryptographic operations are used in these functions, ensuring the keys remain

protected at all times. The TOE provides RSA2048 key pair production which includes public-

private key couples due to FIPS 186-3. This production process performed by TOE using primes

that generated by FPGA based prime generator. Keys are archived in a database that located on

tamper resistant memory.

9





Page : 9 / 19



1.1.4.Isolation:

The TOE ensures that only legitimate information flows of user data occur, i.e. the user data

can only be stored on the tamper resistant memories of the TOE and isolates the user data from host

PC and in case of any intrusion from embedded linux file system.

1.1.5.Protection of the TOE:

The TOE implements a measure to protect itself from the integrity intrusion and to ensure that

secure state follows both from legitimate and expected TOE accesses as well as from anticipated

failures.No mechanism is available to modify the TOE firmware via the TSF interface.

1.1.6.Physical protection of the TOE:

The TOE have mechanisms ensure that the TSF is protected from physical tampering and

interference. In addition these passive and active tamper detection mechanisms, the TOE’s physical

structure has protective desing to resist physical tampering. The HSM hardware has a strong

aluminium cover that hide the HSM’s front (component placed) side completely. This cover prevent

direct access to components and their pins. Under this cover there are four tamper switch to perceive

uncovering. In case of these type of intrusion attempt, tamper switches open the power circuit of

NVRAM that keep TOE database and secret keys, thus all of datas on the NVRAM deleted.

The tamper switches also have a connection active tamper detection mechanism. In case of

any intrusion attempt, this mechanism cut off ARM processor – NVRAM communication

physically and writes random datas to NVRAM to ensure that all of content completely deleted.

1.2.Threats:

The threats identified in this section are addressed by the TOE.

T.BYPASS: An unauthorized person may attempt to bypass the security mechanisms of the

TOE because of a defect in the TOE functioning.

T.CAPTURE: The data transmitted from the TOE to IT environment may be captured by a

malicious user by monitoring data bus.

T.DISARRANGE: Data may be disarranged as a result of IT environment driver error while

traversing the connection between TOE and the IT environment.

T.INF_LEAK: An unauthorized person may gather residual information from previous

information flow or internal TOE data by monitoring the padding of the information flows from

TOE because of a defect in the TOE functioning.

T.POOR_TEST: Lack of or insufficient tests that ran from developer to demonstrate that all

TOE security functions operate correctly (including in a fielded TOE) may result in incorrect TOE

behavior being discovered thereby causing potential security vulnerabilities.

T.REPEAT: The TOE permit A user or process may repeatedly send command to the TOE

and cause a data corruption or lost because of a defect in the TOE functioning.

T.UNSECURED_IT: The cryptographic entities may not be created correctly or cryptographic

operations may not execute properly because of unsecured IT environments that used from TOE

developer.

10





Page : 10 / 19



1.3.Organizational Security Policies:

P.EMERGENCY: All encryption keys contained in the default key database shall be deleted

in case of emergency.

P.ERASURE: All encryption keys contained in the default key database shall be deleted upon

the request of the authorized user.

P.CRYPTOGRAPHY: Only NIST FIPS 140-2 validated cryptography (methods and

implementations) are acceptable for key management.

1.4.Assumptions:

There are 5 assumptions those defined in the ST document:

A.CONNECT : The PC on which the TOE is running is not connected directly to an untrusted

network, either assumed not to be connected to any networks or it is connected to a trusted network

which is protected malicious attacks.

A.INSTALL : The Administrator will install and configure the TOE according to the

administrator guidance.

A.NOEVIL : Administrator of the TOE are assumed to be responsible, non-hostile individuals

who will follow by the instruction provided by TOE documentation.

A.PHYSICAL : The TOE will be located in an environment that is physically protected and

well management.(stable power, acceptable temperature) Only the authorized user of the TOE has

physical access.

A.PLATFORM : The Administrator will ensure that the platforms used to host the TOE

conform to the hardware and software outlined in the administrator guidance.

1.5.Evaluation Result:

According to Evaluation Technical Report for this product provides sufficient evidence that it

meets the EAL 4 augmented with ALC_DVS.2 assurance requirements for the evaluated security

functionality.The evaluation was conducted using the Common Methodology for Information

Technology Security Evaluation, Version 3.1 Revision 3. CCS Certification Body declares that the

“UEKAE Dirak Serisi HSM (HARDWARE SECURITY MODULE) Flow Control Firmware

V2.13” evaluation meets all the conditions of the Arrangement on the Recognotion of Common

Criteria Certificates and that the product will be listed on the CCS Certified Product List (CPL) and

the official Common Criteria Portal website.

11





Page : 11 / 19



2 CERTIFICATION RESULTS

2.1 Identification of Target of Evaluation

Project Identifier 14.10.06/TSE-CCCS-014

TOE Name and Version UEKAE Dirak Serisi HSM (HARDWARE SECURITY


Security Target Document Title UEKAE Dirak Serisi HSM (HARDWARE SECURITY

MODULE) Flow Control Firmware V2.13 SECURITY

TARGET

Security Target Document

Version

v.05

Security Target Document Date 12.12.2012

Assurance Level EAL 4+ (ALC_DVS.2)

Criteria Common Criteria for Information Technology Security

Evaluation, Part 1: Introduction and General Model, Version

3.1, Revision 3, July 2009

Common Criteria for Information Technology Security

Evaluation, Part 2: Security Functional Components,

Version 3.1, Revision 3, July 2009


Evaluation, Part 3: Security Assurance Components,Version


Methodology Common Methodology for Information Technology

Security Evaluation, Version 3.1 Revision 3, July 2009

Protection Profile Conformance None

Common Criteria Conformance Common Criteria for Information Technology Security

Evaluation, Part 2: Security Functional Components,

Version 3.1, Revision 3, July 2009


Evaluation, Part 3: Security Assurance Components,Version


Sponsor and Developer TÜBİTAK UEKAE

Evaluation Facility TÜBİTAK BİLGEM OKTEM

Certification Scheme Turkish Standards Institution

Common Criteria Certification Scheme

2.2 Security Policy

The TOE - UEKAE Dirak Serisi HSM (HARDWARE SECURITY MODULE) Flow Control

Firmware is a data flow control firmware on UEKAE Dirak Serisi HSM device. This firmware is


is running on a processor located on UEKAE Dirak Serisi HSM device. UEKAE Dirak Serisi HSM

12





Page : 12 / 19



device is a PCI-e module that provides physical and logical protection for the cryptographic keys

and confidential data of critical applications.

TOE is designed for institutions those requires secure software applications those use

cryptographic keys and confidential data in case of running secure applications. TOE provides

protection against intrusion to the hardware which holds the critical keys and confidential data via

its tamper resistant hardware design and intrusion detection system.

Organizational Security Policies:

All encryption keys contained in the default key database shall be deleted in case of

emergency.

All encryption keys contained in the default key database shall be deleted upon the request

of the authorized user.

Only NIST FIPS 140-2 validated cryptography (methods and implementations) are

acceptable for key management.

2.3 Assumptions and Clarification of Scope

The consumers should know that TOE is a data flow control firmware on UEKAE Dirak

Serisi HSM device. This firmware is composed of several applications working on an embedded

operating system. This operating system is running on a processor located on UEKAE Dirak Serisi

HSM device. UEKAE Dirak Serisi HSM device is a PCIe x1 interface, thus requires a PCIe x1 slot

located on a PC in a secure location.

The consumers who plans to use the product should consider the assumptions below:

The PC on which the TOE is running is not connected directly to an untrusted network,

either assumed not to be connected to any networks or it is connected to a trusted network which is

protected malicious attacks.

The Administrator will install and configure the TOE according to the administrator

guidance.

Administrator of the TOE are assumed to be responsible, non-hostile individuals who will

follow by the instruction provided by TOE documentation.

The TOE will be located in an environment that is physically protected and well managed

(stable power, acceptable temperature) Only the authorized user of the TOE has physical access.

The Administrator will ensure that the platforms used to host the TOE conform to the

hardware and software outlined in the administrator guidance.

TOE is evaluated to meet all assurance requirements to provide security against Enhanced-

Basic Level (EAL 4 augmented with ALC.DVS.2) attackers with the scope of the threats listed

below:

An unauthorized person may attempt to bypass the security mechanisms of the TOE because

13





Page : 13 / 19



of a defect in the TOE functioning.

The data transmitted from the TOE to IT environment may be captured by a malicious user

by monitoring data bus.

Data may be disarranged as a result of IT environment driver error while traversing the

connection between TOE and the IT environment.

An unauthorized person may gather residual information from previous information flow or

internal TOE data by monitoring the padding of the information flows from TOE because of a

defect in the TOE functioning.

Lack of or insufficient tests that ran from developer to demonstrate that all TOE security

functions operate correctly (including in a fielded TOE) may result in incorrect TOE behavior being

discovered thereby causing potential security vulnerabilities.

The TOE permit A user or process may repeatedly send command to the TOE and cause a

data corruption or lost because of a defect in the TOE functioning.

The cryptographic entities may not be created correctly or cryptographic operations may not

execute properly because of unsecured IT environments that used from TOE developer.

2.4 Architectural Information

TOE is a data flow control firmware on an Atmel ARM 9 processor on UEKAE Dirak Serisi

HSM device. On this processor, limited command set Linux kernel (version 2.6.32.9) is installed.

This kernel also include MIRACL (version 5.4.1) and Open SSL (version 0.9.8) libraries for

mathematical and cryptographic operations. On the HSM device, to accelerate public key

cryptographic operations the RSA algorithm is implemented on an FPGA and used by TOE.

Consequently, TOE is an application packet that runs on the Linux operating system and uses above

mentioned cryptographic resources to produce and protect cryptographic variables (keys, initial

vectors etc.) and proceed cryptographic functions. TOE uses these resources in a secure way.

TOE basically manages dataflow between PKCS#11 command interface (for communicating

to host computer), FPGA based RSA2048 algorithm, Open SSL library, True Noise Generator (for

cryptographic variable production), secure memory (for cryptographic variable protection) and SIM

Card in a secure way.

UEKAE Dirak Serisi HSM device has a PCIe x1 interface for being used by the host

computer. PKCS#11 commands, sent by the user software, come to UEKAE Dirak Serisi HSM

device and consequently to TOE via this interface. These commands are to be converted to

UEKAE-HSM data command format by a driver software on the host computer.

The basic function of TOE is proceeding PKCS#11 commands coming from PCIe x1

interface. The user adds PKCS#11 commands in his software code (or directly calls), driver

software converts these commands into UEKAE-HSM data command format. Next, TOE performs

these commands. In addition, there are dedicated management commands for management of HSM

device as authentication, initializing, backup, emergency erase etc. Dedicated management

commands are already in UEKAE-HSM data command format and they do not need to be

14





Page : 14 / 19



converted. The HSM management software on the host computer calls these management functions

and the user does not need to know these commands.

2.5 Documentation

Document list for customers:

UEKAE Dirak Serisi HSM Flow Control Firmware V2.13 SECURITY TARGET v05 (Güvenlik

Hedefi Dokümanı)

UEKAE Dirak Serisi HSM Flow Control Firmware V2.13 YÖNETİCİ KULLANMA

KILAVUZU v03 (Administrator User Manual)

UEKAE Dirak Serisi HSM Flow Control Firmware V2.13 TESLİM, KURULUM,

ÇALIŞTIRMA DOKÜMANI v1.0 (Delivery, Installation, Operating Document)

UEKAE Dirak Serisi HSM Flow Control Firmware V2.13 FONKSİYONEL SPESİFİKASYON

v2 (Functional Specification)

2.6 IT Product Testing

UEKAE Dirak Serisi HSM Flow Control Firmware V2.13 is evaluated for EAL 4. This level

requires developer tests assessment, independent functional testing, penetration tests (vulnerability

analaysis) conducted by evaluator laboratory.

Developer Tests:

Test Scenarios, expected results and obtained results are listed by TÜBİTAK UEKAE testers.

For each test, expected results are same with obtained test results. Developer Tests are explained in

HSM Gelistirici Testleri v2.00 document.

Evaluator Tests:

The evaluator repeated all tests conducted by developer, according to HSM Gelistirici Testleri

v2.00 (Developer Tests) document. Evaluator found that testing approach for each interface

demonstrates the expected behaviour of that interface. There is correspondance between TSFI and

developer tests and all security functions are covered. Test prerequisites, test steps and expected

result(s) adequately test each interface.

Independent Testing:

Independent tests are conducted by the evaluator, the philosphy of independent tests are

focusing the main security functions that could be very critical. After assessing developer tests, the

evaluator creates more number of tests and goes into more details. Independent testing is a process,

if a test is failed the developer is expected to fix the problem, after the update the same test is

repeated. At the end of independent test process all test results are obtained as expected by test

scenarios.

15





Page : 15 / 19



Penetration Tests:

Penetration tests are conducted by the evaluator against all exploitable vulnerabilities and

residual vulnerabilities, detailing for each:

a) its source

b) the SFR(s) not met;

c) a description;

d) whether it is exploitable in its operational environment or not (i.e. exploitable or residual).

e) the amount of time, level of expertise, level of knowledge of the TOE, level of opportunity

and the equipment required to perform the identified vulnerabilities, and the corresponding values

using the tables 3 and 4 of Annex B.4 CEM v3.1 rev3.

Penetration tests are also independent tests those are conducted against vulnerabilities.

Penetration testing work is also a kind of process if a test fails, evaluator is expected to fix the

vulnerability. After update of the TOE test is reconducted. The final results are as expected and all

penetration test results are successful.

2.7 Evaluated Configuration

TOE is a data flow control firmware on UEKAE Dirak Serisi HSM device. This firmware is


is running on a processor located on UEKAE Dirak Serisi HSM device.

The physical boundary of the TOE is depicted below. The evaluator used the same configuration of

TOE and the same environment during the evaluation process.

2.8 Results of the Evaluation

All evaluator actions are satisfied for the evaluation level of EAL4+ (ALC_DVS.2) as defined

by the Common Criteria and the Common Methodology. The overall verdict for the evaluation is

PASS. The results are supported by the evidence in the ETR.

2.9 Evaluator Comments / Recommendations

The TOE must be protected against insecure network connections.

Responsible administrators should follow administrator guidence document for the

conforming environment of the TOE and also installation and configuration of the TOE.

16





Page : 16 / 19



The location of the TOE must be managed well (stable power, proper temperature etc. ) and

only authorized users must have physical access to the TOE. Measures must be taken against non-

hostile users.

3 SECURITY TARGET

The Security Target associated with this Certification Report is identified by the following

description of identity:

Title: UEKAE Dirak Serisi HSM Flow Control Firmware V2.13 SECURITY TARGET

Version: 05

Date: 12.12.2012

4 GLOSSARY CCCS: Common Criteria Certification Scheme (TSE)

CCTL: Common Criteria Test Laboratory (OKTEM)

CCMB: Common Criteria Management Board

CEM: Common Evaluation Methodology

ETR: Evaluation Technical Report

IT: Information Technology

PCC: Product Certification Center

ST: Security Target

TOE: Target of Evaluation

TSF: TOE Security Function

TSFI: TSF Interface

SFR: Security Functional Requirement

EAL:

AES:

DES:

RSA:

SHA:

HSM:

PKI:

GUI:

UEKAE:

FIPS:

FPGA:

Evaluation Assurance Level

Advanced Encryption Standard

Data Encryption Standard

Rivest, Shamir and Adleman

Secure Hash Algorithm

Hardware Security Module

Public Key Infrastructure

Graphical User Interface

Ulusal Elektronik ve Kriptoloji Araştırma

Ensitüsü

Federal Information Processing Standard

Field Programmable Gate Array

5 BIBLIOGRAPHY

[1]Common Criteria for Information Technology Security Evaluation, Part 1: Introduction and

General Model; CCMB-2009-07-001, Version 3.1, Revision 3, July 2009

17





Page : 17 / 19



[2]Common Criteria for Information Technology Security Evaluation, Part 2: Security

Functional Components; CCMB-2009-07-002, Version 3.1, Revision 3, July 2009

[3]Common Criteria for Information Technology Security Evaluation, Part 3:Security

Assurance Requirements; CCMB-2009-07-003, Version 3.1, Revision 3, July 2009

[4]Common Methodology for Information Technology Security Evaluation, Evaluation

Methodology; CCMB-2009-07-004, Version 3.1, Revision 3,July 2009

[5]PCC-03-WI-04 CERTIFICATION REPORT PREPARATION INSTRUCTIONS

[6]Evaluation Technical Report v1.0 Date: 31.12.2012

[7] UEKAE Dirak Serisi HSM Flow Control Firmware V2.13 SECURITY TARGET v05

Date: 12.12.2012

6 ANNEXES There is no additional information which is inappropriate for reference in other sections.

18





Page : 18 / 19



19





Page : 19 / 19



Certification Report - Common Criteriacommoncriteriaportal.org/files/epfiles/HSM Flow Control... ·...

Documents

Transcript of Certification Report - Common Criteriacommoncriteriaportal.org/files/epfiles/HSM Flow Control... ·...