BILISIM TEKNOLOJILERI TEST VE BELGELENDIRME DAÏRESI BASKANLIGI / INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT |Dokiiman No BTBD-03-01-FR-01 CCCS CERTIFICATION REPORT \Yayin Tarihi 30/07/2015 IRevizyon Tarihi 29/04/2016 INo} 05 Certification Report EAL 4+ (ALC_DVS.2) Evaluation of C6H SZ. ETB Elektronik Teknoloji ve Bilisim Hizmetleri San. Tic. Ltd. Sti. E-Bio KEC - Secure Smartcard Readers Firmware v1.1 issued by Turkish Standards Institution Common Criteria Certification Scheme Certificate Number: 21.0.03/TSE-CCCS-60 Ci Bu dokümanın ho elektronik ortamda TSE Dokiiman Yénetim Sisteminden takip edilmelidir. Sayfa 1/16 BILISIM TEKNOLOJILERI TEST VE BELGELENDIRME DAiRESi BASKANLIGI/ Doküman No |BTBD-03-01-FR-01 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT 30/07/2015 CCCS CERTIFICATION REPORT Mayin Tariht [Revizyon Tarihi 29/04/2016 |Nol 05 TABLE OF CONTENTS TABLE OF CONTENTS sn 2 DOCUMENT INFORMATION... 3 DOCUMENT CHANGE LOG . ssssesssssassascosaaasscanscanisaiicaanatoncn an ciciinannaceninieeam nnn amN IRR 3 DISCLAMMER ..............0020.2002002:0 00050 nice ee ee RMS 4 FOREWORD RECOGNITION OF THE CERTIFICATE. 1 - EXECUTIVE SUMMARY 1.1 TOE OV VIEW rennes 7 1.2 Threats er eee SEE Se SR emerente 7 2 CERTIFICATION RESULTS....uesunssnensennnsnnesunanssnsssnnunuenunsnnnunnennsnnrannsnnannnunnnnnnenennsannensnenssnnsnnunsnensnnnnsnnsnnssnrsnnnne 8 2.1 Identification of Target of Evaluation sn 8 2.2 Security Policy 2.3 Assumptions and Clarification of Scope 2.4 Architectural Information 2.4.1 Logical SCOPE ie 9 2.4.2 Physical Scope 2.5 Documentation 2.6 IT Product Testing . 2.7 Evaluated Configuration... 13 2.8 Results of the Evaluation... ss 13 2.9 Evaluator Comments / Recommendations...................................... 14 3 SECURITY TARGET . 4 BIBLIOGRAPHY... Sayfa 2/16 okümanin giincelligi, elektronik ortamda TSE Dokiiman Yénetim Sisteminden takip edilmelidir. BiLiSiM TEKNOLOJILERI TEST VE BELGELENDIRME DAIRESi BASKANLIGI/ okiman No |BTBD-03-01-FR-01 <> INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT Yayın Tarihi [30/07/2015 CCCS CERTIFICATION REPORT Reviyon Tai 29/04/2016 |Nol 05 DOCUMENT INFORMATION Date of Issue July 9th, 2019 Approval Date July 9th, 2019 Certification Report Number | 21.0.03/18-006 Sponsor and Developer ETB Elektronik Teknoloji ve Bilisim Hizmetleri San. Tic. Ltd. Sti. Evaluation Facility Beam Technology Test Center TOE E-Bio KEC - Secure Smartcard Readers Firmware v1.1 Pages 16 Prepared by Cem ERDIVAN Common Criteria Inspection Expert Etre Reviewed by Ibrahim Halil KIRMIZI Common Criteria Technical Responsible 2. (Software Product Group) This report has been prepared by the Certification Expert and reviewed by the Technical Responsible of which signatures are above. DOCUMENT CHANGE LOG Release | Date Pages Affected Remarks/Change Reference 1.0 | July 9th, 2019 All First Release Bu dokiimanin sino Later ortamda TSE Dokiiman Yénetim Sisteminden takip edilmelidir. Sayfa 3/16 BiLISIM TEKNOLOJILERI TEST VE BELGELENDIRME DAÏRESI BASKANLIGI / Doküman No |BTBD-03-01-FR-01 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT CCCS CERTIFICATION REPORT IYayın Tarihi [30/07/2015 Reon arti 29/04/2016. [No] 05 DISCLAIMER This certification report and the IT product in the associated Common Criteria document has been evaluated at an accredited and licensed evaluation facility conformance to Common Criteria for IT Security Evaluation, version 3.1,revision 5, using Common Methodology for IT Products Evaluation, version 3.1, revision 5. This certification report and the associated Common Criteria document apply only to the identified version and release of the product in its evaluated configuration. Evaluation has been conducted in accordance with the provisions of the CCCS, and the conclusions of the evaluation facility in the evaluation report are consistent with the evidence adduced. This report and its associated Common Criteria document are not an endorsement of the product by the Turkish Standardization Institution, or any other organization that recognizes or gives effect to this report and its associated Common Criteria document, and no warranty is given for the product by the Turkish Standardization Institution, or any other organization that recognizes or gives effect to this report and its associated Common Criteria document. Sayfa 4/16 Bu dokümanın gi i, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir. ck BILISIM TEKNOLOJILERI TEST VE BELGELENDIRME DAIRESI BASKANLIGI / Doküman No |BTBD-03-01-FR-01 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT |Yayın Tarihi |30/07/2015 CCCS CERTIFICATION REPORT Revizyoo Tarihi 29/04/2016 — No} 05 FOREWORD The Certification Report is drawn up to submit the Certification Commission the results and evaluation information upon the completion of a Common Criteria evaluation service performed under the Common Criteria Certification Scheme. Certification Report covers all non-confidential security and technical information related with a Common Criteria evaluation which is made under the ITCD Common Criteria Certification Scheme. This report is issued publicly to and made available to all relevant parties for reference and use. The Common Criteria Certification Scheme (CCSS) provides an evaluation and certification service to ensure the reliability of Information Security (IS) products. Evaluation and tests are conducted by a public or commercial Common Criteria Evaluation Facility (CCTL = Common Criteria Testing Laboratory) under CCCS’ supervision. CCEF is a facility, licensed as a result of inspections carried out by CCCS for performing tests and evaluations which will be the basis for Common Criteria certification. As a prerequisite for such certification, the CCEF has to fulfill the requirements of the standard ISO/IEC 17025 and should be accredited by accreditation bodies. The evaluation and tests related with the concerned product have been performed by Beam Technology Testing Facility, which is a commercial CCTL. A Common Criteria Certificate given to a product means that such product meets the security requirements defined in its security target document that has been approved by the CCCS. The Security Target document is where requirements defining the scope of evaluation and test activities are set forth. Along with this certification report, the user of the IT product should also review the security target document in order to understand any assumptions made in the course of evaluations, the environment where the IT product will run, security requirements of the IT product and the level of assurance provided by the product. This certification report is associated with the Common Criteria Certificate issued by the CCCS for E-Bio KEC - Secure Smartcard Readers Firmware v1.1 whose evaluation was completed on July 5, 2019 and whose evaluation technical report was drawn up by Beam Technology (as CCTL), and with the Security Target document with version no 1.6 of the relevant product. The certification report, certificate of product evaluation and security target document are posted on the ITCD Certified Products List at bilisim.tse.org.tr portal and the Common Criteria Portal (the official web site of the Common Criteria Project). Sayfa 5/16 Bu dokümagıpggüncellißi, elektronik ortamda TSE Dokiiman Yönetim Sisteminden takip edilmelidir. cr BILISIM TEKNOLOJILERI TEST VE BELGELENDIRME DAÏRESI BASKANLIGI / Doküman No |BTBD-03-01-FR-01 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT > Yayın Tarihi {30/07/2015 CCCS CERTIFICATION REPORT [Reviayon Tarihi 29/04/2016 Nd 05 RECOGNITION OF THE CERTIFICATE The Common Criteria Recognition Arrangement logo is printed on the certificate to indicate that this certificate is issued in accordance with the provisions of the CCRA. The CCRA has been signed by the Turkey in 2003 and provides mutual recognition of certificates based on the CC evaluation assurance levels up to and including EAL2. The current list of signatory nations and approved certification schemes can be found on: http://www.commoncriteriaportal.org. Bu dokümanın emf Mt ortamda TSE Dokiiman Yénetim Sisteminden takip edilmelidir. ec Sayfa 6/16 BiLiSiM TEKNOLOJILERI TEST VE BELGELENDIRME DAIRESI BASKANLIGI / Doküman No _ |BTBD-03-01-FR-O1 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT CCCS CERTIFICATION REPORT ayin Tarihi [30/07/2015 |Revizyon Tarihi 29/04/2016 [Naf 05 1- EXECUTIVE SUMMARY 1.1 TOE Overview The TOE is the Secure Smartcard Reader (SSR) Application Firmware running on SSR Device. The SSR is the identity verification terminal for the eID Verification System (eIDVS) defined by TS 13584. As the application firmware of the SSR, the TOE performs identity verification of Service Requester and Service Attendee according to the eIDVS, securely communicating with the other system components and as a result of the identity verification, produces an Identity Verification Assertion (TVA) signed by the Secure Access Module (SAM) inside the SRR. The TOE also covers the root certificates used for the identification & authentication purposes. The following security mechanisms are primarily mediated in the TOE: e Identification and Authentication, o Cardholder verification by using PIN and biometrics (fingerprint, finger vein, or palm vein data). Authentication of eID Card by the TOE, Authentication of Role Holder by eID Card and by the TOE, Authentication of SAM by the TOE and by eID Card, Authentication of the TOE by SAM and by Card Holder (Service Requester and Service Attendee) and by external entities, e Secure Communication between the TOE and o SAM o eID Card o Role Holder o other trusted IT Components e Security Management, Self-Protection, Audit 0000 Among the certificates used in the eID Verification System, certificates of the root CA, device management CA and eID management CA are included in the TOE. TOE is the application firmware which is loaded into the embedded flash memory of E-Bio KEC. E-Bio KEC one of the terminal devices designed for eID Verification System. It provides personal identity verification and digital signature operations for smartcard based services over electronic media. E-Bio KEC will mainly used in public institutions like hospitals, pharmacies and banks. 1.2 Threats Threats are provided in Table 5 of Security Target Document v1.6. Sayfa 7/16 Bu dokiimanin git i, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir. cc BILISIM TEKNOLOJILERI TEST VE BELGELENDIRME DAÏRESI BASKANLIGI / Doküman No |BTBD-03-01-FR-01 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT CCCS CERTIFICATION REPORT (Haye Tarihè_ON7PNIS [Revizyon Tarihi 29/04/2016 |No, 05 2 CERTIFICATION RESULTS 2.1 Identification of Target of Evaluation Certificate Number 21.0.03/TSE-CCCS-60 TOE Name and Version E-Bio KEC - Secure Smartcard Readers Firmware v1.1 Security Target Title Security Target Version E-Bio KEC - Secure Smartcard Readers Firmware v1.1 Security Target V1.6 Protection Profile Conformance Security Target Date February 22, 2019 Assurance Level EAL4+ (ALC_DVS.2) Criteria e Common Criteria for Information Technology Security Evaluation, Part 1: Introduction and General Model; CCMB- 2012-09-001, Version 3.1, Revision 5, April 2017 e Common Criteria for Information Technology Security Evaluation, Part 2: Security Functional Components; CCMB- 2012-09-002, Version 3.1 Revision 5, April 2017 e Common Criteria for Information Technology Security Evaluation, Part 3: Security Assurance Components; CCMB- 2012-09-003, Version 3.1 Revision 5, April 2017 Methodology Common Criteria for Information Technology Security Evaluation, Evaluation Methodology; CCMB-2012-09-004, Version 3.1, Revision 5, April 2017 Protection Profile for Application Firmware of Secure Smartcard Reader (SSR) for Electronic Identity Verification System, Version 2.8, 01.08.2017 Common Criteria Conformance ® Common Criteria for Information Technology Security Evaluation, Part 1: Introduction and General Model, Version 3.1, Revision 5, April 2017 e Common Criteria for Information Technology Security Evaluation, Part 2: Security Functional Components, Version 3.1, Revision 5, April 2017, conformant e Common Criteria for Information Technology Security Evaluation, Part 3: Security Assurance Components, Version 3.1, Revision 5, April 2017, conformant Sponsor and Developer ETB Elektronik Teknoloji ve Bilisim Hizmetleri San. Tic. Ltd. Sti. Evaluation Facility Beam Technology Test Center Certification Scheme TSE CCCS 2.2 Security Policy TOE Security Policy consists of security functions described in section 2.4.1 Logical Scope. 2.3 Assumptions and Clarification of Scope Please refer to Security Target Document v1.6 Table 6 for OSPs and Table 7 for Assumptions. et Bu dokumann ea elektronik ortamda TSE Dokiiman Yénetim Sisteminden takip edilmelidir. Sayfa 8/16

BILISIM TEKNOLOJILERI TEST VE BELGELENDIRME DAÏRESI BASKANLIGI / IDoküman No |BTBD-03-01-FR-01 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT CCCS CERTIFICATION REPORT [ran Tarii_ potas 2 05 |Revizyon Tarihi [29/04/2016 2.4 Architectural Information 2.4.1 Logical Scope The primary security features ofthe TOE are: e Security audit: TOE Security Functionality generates an audit record of the auditable events which will be explained in the ST. Audit logs for the following events are provided: © 00000000000000 Insertion and removal of e[D Card and SAM Service requester authentication Service attendee authentication Start and end of secure messaging Card authentication Received data integrity failure Role holder authentication SAM authentication SAM-PIN verification failure TOE update IVP verification OCSP answer verification Switching to offline mode (for TOE on SSR Type III) SAS authentication (for TOE on SSR Type II) Tamper event detection e Cryptographic Support: Cryptographic support involves Cryptographic key generation, Encryption/Decryption, Cryptographic key destruction provided by the TOE. Cryptographic operations are involved during the following functionalities: oo0o000 00000 Secure Messaging are founded between TOE and eID; TOE and SAM; TOE and Role Holder TLS Key Generation is performed between TOE and APS for TOE on SSR Type III; between TOE and SAS for TOE on SSR Type If To Encrypt/Decrypt the stored IVAs on SSR Type III Service Attendee authentication Service Requester authentication eID Card authentication SAM authentication Role Holder Device authentication SAS authentication for TOE on SSR Type II APS authentication for TOE on SSR Type III e Identification and Authentication: This feature contains that the users must be identified and authenticated before any action which related to security on the TOE. User roles are defined on system. Authentication failure handling, user identification and authentication, Multiple authentication mechanism for different users, reauthenticating, protected authentication feedback are supplied by the TOE. Identification and authentication functionalities for the followings are provided by the TOE: Sayfa 9/16 Bu dokümanın abs. elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir. es BILISIM TEKNOLOJILERI TEST VE BELGELENDIRME DAIRESi BASKANLIGI/ Doküman No |BTBD-03-01-FR-01 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT CCCS CERTIFICATION REPORT 9 |Yayın Tarihi |30/07/2015 ReizonTarni [29/04/2016 [Nos Service Attendee identification & authentication Service Requester identification & authentication eID Card identification & authentication SAM identification & authentication Role Holder Device identification & authentication SAS identification & authentication for TOE on SSR Type II APS identification & authentication for TOE on SSR Type III o000000 e Communication : This feature contains communication methods between the TOE and other devices which the TOE can communicate. Following communications channels are provided by the TOE: o Communication between TOE and eID Communication between TOE and SAM Communication between TOE and Role Holder Communication between TOE and SPCA (on SSR Type I — Type II without SAS) Communication between TOE and SAS (on SSR Type II with SAS) Communication between TOE and APS (on SSR Type III) Communication between TOE and IVS (on SSR Type III) Communication between TOE and IVPS (on SSR Type III) Communication between TOE and OCSP (on SSR Type III) 00000000 e Security Management: This feature contains managing security functions and data for different situations. Security roles, rules and conditions are identified and management is supplied according to roles, rules and conditions and only authorized people access the TOE. e Protection of the TSF: The TOE protects the TOE Security Functions and TSF data. This feature contains protection of cryptographic keys, digital signature protection/verification, data authentication, SAM-PIN, cryptographic credentials, [VA data fields, software integrity self-test and other TSF data protection. Temper protection is also supported by the TOE. e User Data Protection: This feature encloses monitoring user data stored in containers controlled by the TSF for any integrity error. Critical data in terms of keys, user passwords is used by the TOE and it is protected against losing and stealing. Integrity checking method, subset flow control rules, security attributes are provided by the TOE. e Trusted Path/Channels: This feature involves cryptographic communication protocols between itself and defined trusted products. Trusted channels supported by the TOE are the followings: o Trusted path/channel between TOE and eID Trusted path/channel between TOE and SAM Trusted path/channel between TOE and Role Holder Trusted path/channel between TOE and SPCA (on SSR Type I — Type II without SAS) Trusted path/channel between TOE and SAS (on SSR Type II with SAS) Trusted path/channel between TOE and APS (on SSR Type III) Trusted path/channel between TOE and IVS (on SSR Type II) Trusted path/channel between TOE and IVPS (on SSR Type III) Trusted path/channel between TOE and OCSP (on SSR Type III) 00000000 Sayfa 10/16 Bu dokiimanin “pes elektronik ortamda TSE Dokiiman Yénetim Sisteminden takip edilmelidir. cc BILISIM TEKNOLOJILERI TEST VE BELGELENDIRME DAiRESi BASKANLIGI / Doküman No |BTBD-03-01-FR-01 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT CCCS CERTIFICATION REPORT ayin Tarihi = {30/07/2015 Revigon Tanti 29/04/2016 No 05 2.4.2 Physical Scope TOE: E-Bio KEC - Secure Smartcard Readers Firmware v1.1 SSR (es) C9) area Figure 1 Hardware Environment of TOE — Type 1 Sayfa 11/16 Bu dokiimanin aie stent ortamda TSE Dokiiman Yénetim Sisteminden takip edilmelidir. CR BiLisiM TEKNOLOJILERI TEST VE BELGELENDIRME DAIRESI BASKANLIGI/ Doküman No |BTBD-03-01-FR-01 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT CCCS CERTIFICATION REPORT Yayin Tarihi 30/07/2015 Revigon arti 29/04/2016 |Nd os Figure 2 Hardware Environment of TOE — Type 2 Figure 3 Hardware Environment of TOE — Type 3 More can be found in Security Target Document v1.6 in detail. 2.5 Documentation These documents listed below are provided to customer by the developer alongside the TOE: v1.2 Release Date February 22, 2019 January 29, 2019 January 28, 2019 Document Name E-Bio KEC - Secure Smartcard Readers Firmware v1.1 Security Target User Manual Installation Procedures 2.6 IT Product Testing e Developer Testing: All TSFIs and subsystem/module behaviors have been tested by developer. Developer has conducted 25 functional tests in total. e Evaluator Testing: Evaluator has conducted 14 of 25 developer tests. Additionally, evaluator has prepared 34 independent tests. TOE has passed all 48 functional tests to demonstrate that its security functions work as it is defined in the ST. e Penetration Tests: TOE has been tested against common threats and other threats surfaced by vulnerability analysis. As a result, 23 penetration tests have been conducted. TOE proved that it is resistant to “Attacker with Enhanced-Basic Attack Potential”. Sayfa 12/16 Bu dokiimanin a ortamda TSE Dokiiman Yénetim Sisteminden takip edilmelidir. ac BILISIM TEKNOLOJILERI TEST VE BELGELENDIRME DAIRESI BASKANLIGI / Dokiiman No |BTBD-03-01-FR-01 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT CCCS CERTIFICATION REPORT fee Teri _ 00720! RoimonTarhi [29/04/2016 |Nd os 2.7 Evaluated Configuration TOE configuration: E-Bio KEC - Secure Smartcard Readers Firmware v1.1 Required Hardware Configuration: e Processing Unit: Arm Cortex A9 1.2 Ghz processing unit support NEON/VFP e Memory: 4 Gb Nand Flash Memory and 512 DDR SDRAM Real Time Controller Security Access Module (SAM), placed into the SIM card slot Display: 320X480 resolution TFT-LCD Keypad: 18 keys keypad/virtual keypad Connections: > Micro USB port for PC connection > 10/100 Mbit Ethernet port for network connection > Wi-Fi Module > GSM Module > USB device connection for biometric sensor Power Supply: +9V power supply input Battery: 7.4V 2500mAh 2.8 Results of the Evaluation The verdict for the CC Part 3 assurance components (according to EAL4+ (ALC_DVS.2) and the security target evaluation) is summarized in the following table: Class Heading Class Family _| Description Result ADV: ADV_ARC.1_ | Security architecture description PASS Development ADV FSP.4 Complete functional specification PASS ADV_IMP.1 | Implementation representation ofthe TSF PASS ADV_TDS.3 | Basic modular design PASS AGD: AGD _OPE.I | Operational user guidance PASS Guidance AGD _PRE.I Preparative procedures PASS Documents ALC: ALC_CMC.4_| Production support, acceptance procedures and automation | PASS Lifecycle Support | ALC_CMS.4 | Problem tracking CM coverage PASS ALC_DEL.1 _| Delivery procedures PASS ALC_DVS.2__| Sufficiency of security measures PASS ALC LCD.1 | Developer defined life-cycle model PASS ALC _TAT.1 | Well-defined development tools PASS ASE: ASE_CCL.I Conformance claims PASS Bu dokümanin güngeU{ÿi, elektronik ortamda TSE Doküman Yünetim Sisteminden takip edilmelidir. et Sayfa 13/16 BILISIM TEKNOLOJILERI TEST VE BELGELENDIRME INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT DAÏRESI BASKANLIGI / |Doküman No |BTBD-03-01-FR-01 CCCS CERTIFICATION REPORT pare Tac FLE RRevigon Tarihi |29/04/2016 Ind os Class Heading Class Family | Description Result Security Target ASE ECD.I Extended components definition PASS evaluation ASE _INT.1 ST introduction PASS ASE _OBJ.2 Security objectives PASS ASE REQ.2 | Derived security requirements PASS ASE SPD.1 Security problem definition PASS ASE TSS.1 TOE summary specification PASS ATE: ATE _COV.2__| Analysis of coverage PASS Tests ATE_DPT.1 Testing: basic design PASS ATE FUN.1 _| Functional testing PASS ATE_IND.2 Independent testing - sample PASS AVA: AVA_VAN.3_ | Focused vulnerability analysis PASS Vulnerability Analysis 2.9 Evaluator Comments / Recommendations No recommendations or comments have been communicated to CCCS by the evaluators related to the evaluation process of “E-Bio KEC - Secure Smartcard Readers Firmware v1.1” product, result of the evaluation, or the ETR. Bu dokümanın güpegßigi, elektronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir. as Sayfa 14/16 BILISIM TEKNOLOJILERI TEST VE BELGELENDIRME DAIRESi BASKANLIGI/ Doküman No |BTBD-03-01-FR-01 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT |Yayın Tarihi [30/07/2015 CCCS CERTIFICATION REPORT ReiyonTarni [29/04/2016 nd os 3 SECURITY TARGET The security target associated with this Certification Report is identified by the following terminology: Title: E-Bio KEC - Secure Smartcard Readers Firmware v1.1 Version: v1.6 Date of Document: February 22, 2019 This Security Target describes the TOE, intended IT environment, security objectives, security requirements (for the TOE and IT environment), TOE security functions and all necessary rationale. Bu dokümanın since ron ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir. <-¢ Sayfa 15/16 BILISIM TEKNOLOJILERI TEST VE BELGELENDIRME DAÏRESI BASKANLIGI / \Doküman No |BTBD-03-01-FR-01 INFORMATION TECHNOLOGIES TEST AND CERTIFICATION DEPARTMENT CCCS CERTIFICATION REPORT Kayın Tarini [300072015 inonTarni [29/04/2016 Ind 05 4 BIBLIOGRAPHY [1] Common Criteria for Information Technology Security Evaluation, Version 3.1 Revision 5, April 2017 [2] Common Methodology for Information Technology Security Evaluation, CEM, Version 3.1 Revision 5, April 2017 [3] BTBD-03-01-TL-01 Certification Report Preparation Instructions, Rel. Date: February 8, 2016 [4] ETR v2.2 of E-Bio KEC - Secure Smartcard Readers Firmware v1.1, Rel. Date: July 5th, 2019 [5] E-Bio KEC - Secure Smartcard Readers Firmware v1.1 Security Target, Version 1.6, Rel. Date: February 22, 2019 Sayfa 16/16 Bu dokümanın sinceigfekronik ortamda TSE Doküman Yönetim Sisteminden takip edilmelidir. ec