This page was not yet optimized for use on mobile devices.
Mobiles eHealth Kartenterminal ORGA 930 M online, 4.9.0: 1.0.0
CSV information ?
| Status | active |
|---|---|
| Valid from | 18.01.2023 |
| Valid until | 17.01.2028 |
| Scheme | 🇩🇪 DE |
| Manufacturer | Worldlline Healthcare GmbH |
| Category | Other Devices and Systems |
| Security level | AVA_VAN.5, ALC_TAT.1, ADV_IMP.1, EAL3+, ADV_TDS.3, ADV_FSP.4 |
| Maintenance updates | Mobiles eHealth Kartenterminal ORGA 930 M online, Version 4.10.0:1.0.0 (02.01.2024) Certification report Security target |
Heuristics summary ?
Certificate ID: BSI-DSZ-CC-0596-V3-2023
Certificate ?
Extracted keywords
Security level
EAL 3, EAL 4, EAL 2, EAL 3 augmentedSecurity Assurance Requirements (SAR)
ADV_TDS.3, ADV_IMP.1, ADV_FSP.4, ALC_TAT.1, ALC_FLR, AVA_VAN.5Protection profiles
BSI-CC-PP-0052-2015Certificates
BSI-DSZ-CC-0596-V3-2023Standards
ISO/IEC 15408, ISO/IEC 18045File metadata
| Title | Certificate BSI-DSZ-CC-0596-V3-2023 |
|---|---|
| Subject | Common Criteria, Certification, Zertifizierung, SMGW, Site Certification, Theben |
| Keywords | "Common Criteria, Certification, Zertifizierung, SMGW, Site Certification, Theben" |
| Author | Bundesamt für Sicherheit in der Informationstechnik |
| Pages | 1 |
Certification report ?
Extracted keywords
Symmetric Algorithms
AES-256, AES, HPCAsymmetric Algorithms
RSA-4096Hash functions
SHA-1, SHA-512Block cipher modes
GCMSecurity level
EAL 3, EAL 4, EAL 2, EAL 1, EAL 5+, EAL 6, EAL 3 augmentedSecurity Assurance Requirements (SAR)
ADV_TDS.3, ADV_IMP.1, ADV_FSP.4, ALC_TAT.1, ALC_FLR, ALC_DEL, AVA_VAN.5Protection profiles
BSI-CC-PP-0052-2015, BSI-CC-PP- 0052-2015Certificates
BSI-DSZ-CC-0596-V3-2023, BSI-DSZ-CC-0596-V2-, BSI-DSZ-CC-0950-V2-2018, BSI-DSZ-CC-0928, BSI-DSZ-CC-0596-V2-2018Evaluation facilities
TÜV InformationstechnikCertification process
being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, GmbH [7] Evaluation Technical Report Summary, Version 2, 2023-01-06, TÜV Informationstechnik GmbH, (confidential document) [8] Common Criteria Protection Profile Mobile Card Terminal for the German Healthcare System, from Evaluation of the Product ORGA v 6141 online and ORGA 930 online, Worldline Healthcare GmbH (confidential document) [10] Bedienungsanleitung Mobiles eHealth Kartenterminal ORGA 930 M online mit Firmware-Version 4.9Standards
FIPS197, PKCS#1, AIS 1, AIS 14, AIS 19, AIS 23, AIS 34, AIS 41, AIS 45, AIS 46, RFC6234, RFC3174, ISO/IEC 15408, ISO/IEC 18045, ISO/IEC 17065, X.509Technical reports
BSI TR-02102, BSI 7148File metadata
| Title | Certification Report BSI-DSZ-CC-0596-V3-2023 |
|---|---|
| Subject | Common Criteria, Certification, Zertifizierung, SMGW, Site Certification, Theben |
| Keywords | "Common Criteria, Certification, Zertifizierung, SMGW, Site Certification, Theben" |
| Author | Bundesamt für Sicherheit in der Informationstechnik |
| Pages | 26 |
Frontpage
| Certificate ID | BSI-DSZ-CC-0596-V3-2023 |
|---|---|
| Certified item | Mobiles eHealth Kartenterminal ORGA 930 M online 4.9.0: 1.0.0 |
| Certification lab | BSI |
| Developer | Worldline Healthcare GmbH |
References
Outgoing- BSI-DSZ-CC-0950-V2-2018 - archived - KoCoBox MED+ Netzkonnektor, 1.3.4
- BSI-DSZ-CC-0596-V2-2018 - archived - ORGA 930 M online and Cherry ST-1530
Security target ?
Extracted keywords
Symmetric Algorithms
AES, AES-256, AES-, HPCAsymmetric Algorithms
RSA-4096Hash functions
SHA-1, SHA-512Block cipher modes
GCMVendor
MicrosoftSecurity level
EAL3+, EAL 3, EAL 3 augmentedClaims
O.MANAGEMENT, O.LOG_DATA, O.PIN, O.RESIDUAL, O.SELFTESTS, O.PROTECTION, O.AUTH_STATE, O.LOG_CARDS, O.TRANSFER, O.DMS_CONNECT, O.TIME, O.SEALING, O.DMS_CONNECTION, T.MAN_HW, T.DATA, T.ACCESS, T.AUTH_STATE, T.ADMIN_PIN, T.FIRMWARE, A.MEDIC, A.ADMIN, A.CARDS, A.DMS, A.ENVIRONME, A.PHYSICAL, A.ENVIRONMENT, A.DEVELOPER, OE.DMS, OE.PHYSICAL, OE.MEDIC, OE.ADMIN, OE.CARDS, OE.ENVIRONMENT, OE.DEVELOPER, OSP.LOG_DATA, OSP.LOG_CARDS, OSP.TRANSFER, OSP.DMS_CONNE, OSP.TIME, OSP.SEALING, OSP.SELFTESTS, OSP.EMERGENCY_, OSP.DMS_CONN, OSP.EMERGENCY, OSP.DMS_CONNECTION, OSP.EMERGENCY_DATASecurity Assurance Requirements (SAR)
ADV_FSP.4, ADV_IMP.1, ADV_TDS.3, ADV_ARC.1, AGD_KAL, AGD_IAN, AGD_OPE.1, AGD_PRE.1, ALC_TAT.1, ALC_DEL, ALC_CMC.3, ALC_CMS.3, ALC_DEL.1, ALC_DVS.1, ALC_LCD.1, ATE_COV.2, ATE_DPT.1, ATE_FUN.1, ATE_IND.2, AVA_VAN.5Security Functional Requirements (SFR)
FCS_CKM.1, FCS_CKM.4, FCS_COP, FCS_COP.1, FCS_CKM.1.1, FCS_CKM.2, FCS_CKM.4.1, FDP_SVR, FDP_ACC.1, FDP_ACF.1, FDP_IFC, FDP_IFF, FDP_ITC.1, FDP_RIP, FDP_SDI.2, FDP_SVR.1, FDP_SVR.1.1, FDP_SVR.1.2, FDP_SVR.1.3, FDP_ITC.2, FDP_ACC.1.1, FDP_ACF.1.1, FDP_ACF.1.2, FDP_ACF.1.3, FDP_ACF.1.4, FDP_IFC.1, FDP_IFF.1, FDP_ITC.1.1, FDP_ITC.1.2, FDP_ITC.1.3, FDP_RIP.1, FDP_SDI.2.1, FDP_SDI.2.2, FDP_SDI.1, FIA_AFL, FIA_SOS.1, FIA_UAU.1, FIA_UAU.5, FIA_UAU.7, FIA_UID.1, FIA_UAU.5.1, FIA_UAU.5.2, FIA_AFL.1, FIA_SOS.1.1, FIA_UAU.7.1, FIA_UAU.1.1, FIA_UAU.1.2, FIA_UID.1.1, FIA_UID.1.2, FMT_MSA.1, FMT_MSA.3, FMT_MTD.1, FMT_MTD.3, FMT_SMF.1, FMT_SMR.1, FMT_MTD, FMT_MSA.1.1, FMT_MSA.3.1, FMT_MSA.3.2, FMT_MTD.1.1, FMT_MTD.3.1, FMT_SMF.1.1, FMT_SMR.1.1, FMT_SMR.1.2, FPT_STM.1, FPT_PHP.1, FPT_TST.1, FPT_STM.1.1, FPT_PHP.1.1, FPT_PHP.1.2, FPT_TST.1.1, FPT_TST.1.2, FPT_TST.1.3, FTA_SSL.3, FTA_SSL.4, FTA_SSL.3.1, FTA_SSL.4.1, FTP_ITC.1Protection profiles
BSI-CC-PP-0052, BSI-CC-PP-0032, BSI-CC-PP- 0052Certificates
BSI-DSZ-CC-0596-V3-2022Side-channel analysis
physical tamperingCertification process
out of scope, done by an authorised card that is out of scope of this ST, the TOE • Signature generation for emergency data1 on the eHC (done by an authorised card that is out of scope of this ST) 1.4.6 Physical Protection of the TOE The TOE cannot counter physical attacks concerningStandards
RFC8017, X.509Technical reports
BSI TR-03116-1, BSI 7500, BSI 7586File metadata
| Title | ORGA 900 Security Target |
|---|---|
| Author | gematik GmbH |
| Pages | 77 |
Heuristics ?
Certificate ID: BSI-DSZ-CC-0596-V3-2023
Extracted SARs
ATE_COV.2, ADV_TDS.3, AGD_OPE.1, ALC_DVS.1, ALC_DEL.1, AGD_PRE.1, ALC_CMC.3, ALC_LCD.1, ATE_DPT.1, ALC_CMS.3, ALC_TAT.1, ADV_IMP.1, AVA_VAN.5, ATE_FUN.1, ATE_IND.2, ADV_ARC.1, ADV_FSP.4Similar certificates
| Name | Certificate ID | |
|---|---|---|
| Stationäres eHealth Kartenterminal ORGA 6141 online 3.9.0:2.0.0/ 3.9.0:1.2.0 | BSI-DSZ-CC-0519-V5-2024 | Compare |
Scheme data ?
| Cert Id | BSI-DSZ-CC-0596-V3-2023 | |
|---|---|---|
| Product | Mobiles eHealth Kartenterminal ORGA 930 M online, 4.9.0: 1.0.0 | |
| Vendor | Worldline Healthcare GmbH | |
| Certification Date | 18.01.2023 | |
| Category | eHealth | |
| Url | https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Gesundheitswesen_Kartenlesegeraete/0596V2_0596V3.html | |
| Enhanced | ||
| Product | Mobiles eHealth Kartenterminal ORGA 930 M online, 4.9.0: 1.0.0 | |
| Applicant | Worldline Healthcare GmbH Konrad-Zuse-Ring 1 24220 Flintbek | |
| Evaluation Facility | TÜV Informationstechnik GmbH | |
| Assurance Level | EAL3+,AVA_VAN.5,ALC_TAT.1,ADV_TDS.3,ADV_IMP.1,ADV_FSP.4 | |
| Protection Profile | Common Criteria Protection Profile Mobile Card Terminal for the German Healthcare System (MobCT), Version 1.4, BSI-CC-PP-0052-2015, 24 September 2014 | |
| Certification Date | 18.01.2023 | |
| Expiration Date | 17.01.2028 | |
| Entries | [frozendict({'id': 'BSI-DSZ-CC-0596-V3-2023-MA-01 (Ausstellungsdatum / Certification Date 02.01.2024)', 'description': ', an improvement of power consumption management and a truststore update of the productive environment.'}), frozendict({'id': 'BSI-DSZ-CC-0596-V3-2023 (Ausstellungsdatum / Certification Date 18.01.2023, gültig bis / valid until 17.01.2028)', 'description': 'as product optimizing and Updates of the Open Source components. The Secure Delivery Chain was improved, as it is now independent from the forwarder with new security measures.'}), frozendict({'id': 'BSI-DSZ-CC-0596-V2-2018-MA-3 (23.11.2020)', 'description': 'TOEs are the mobile card terminal “ORGA 930 M” and the most widely identical “Cherry ST-1530” in Version 4.7.0:1.0.0 with integrated smart card readers. The TOE fulfills the requirements to be used with the German electronic Health Card (eHC) and the German Professional Card (HPC) based on the regulations of the German healthcare System.'}), frozendict({'id': 'BSI-DSZ-CC-0596-V2-MA-02 (19.12.2018)', 'description': 'The certified product itself did not change compared to 0596-V2-2018.'}), frozendict({'id': 'BSI-DSZ-CC-0596-V2-2018 (Ausstellungsdatum / Certification Date 25.09.2010, gültig bis / valid until 24.09.2018)', 'description': 'Certificate'})] | |
| Report Link | https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte05/0596V3a_pdf.pdf?__blob=publicationFile&v=2 | |
| Target Link | https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte05/0596V3b_pdf.pdf?__blob=publicationFile&v=2 | |
| Cert Link | https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte05/0596V3c_pdf.pdf?__blob=publicationFile&v=2 | |
| Description | TOEs are the mobile card terminal “ORGA 930 M” and the most widely identical “Cherry ST-1530” in Version 4.7.0:1.0.0 with integrated smart card readers. The TOE fulfills the requirements to be used with the German electronic Health Card (eHC) and the German Professional Card (HPC) based on the regulations of the German healthcare system. | |
| Subcategory | Card reader | |
References ?
Updates ?
-
09.11.2024 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The scheme_data property was updated, with the
{'certification_date': '2023-01-18', 'enhanced': {'__update__': {'applicant': 'Worldline Healthcare GmbH Konrad-Zuse-Ring 1 24220 Flintbek', 'protection_profile': 'Common Criteria Protection Profile Mobile Card Terminal for the German Healthcare System (MobCT), Version 1.4, BSI-CC-PP-0052-2015, 24 September 2014', 'certification_date': '2023-01-18', 'expiration_date': '2028-01-17'}}}data.
- The scheme_data property was updated, with the
-
22.08.2024 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The report property was updated, with the
{'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '3e288b207550e45ff5c15e7db43876919ec9b60d50a64cb26b14dfec1a04753b', 'txt_hash': 'b17d89660b79c3367cd15b07ab391fd008916602ee02e8db6b360b408abb4041'}data. - The st property was updated, with the
{'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '7c78acd29f34a9208114ab6d54e6a759960d6f671012a028ee07a55250f18dd7', 'txt_hash': '47dd8da847c15e7154db1c1f0c9861463b7a4f7a5a319722422315db86cc362b'}data. - The cert property was updated, with the
{'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '1df23ac7a357c86904542e99aa05d169144e48a2d253280918200487aa71d527', 'txt_hash': '24a0777ddf24758aaaf55f08489f08897c740d0510b49ccd6f18cdc487a7b1fc'}data.
The PDF extraction data was updated.
- The report_metadata property was set to
{'pdf_file_size_bytes': 801696, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 26, '/Author': 'Bundesamt für Sicherheit in der Informationstechnik', '/Keywords': '"Common Criteria, Certification, Zertifizierung, SMGW, Site Certification, Theben"', '/Subject': 'Common Criteria, Certification, Zertifizierung, SMGW, Site Certification, Theben', '/Title': 'Certification Report BSI-DSZ-CC-0596-V3-2023', 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['https://www.bsi.bund.de/', 'https://www.commoncriteriaportal.org/', 'http://www.commoncriteriaportal.org/cc/', 'https://www.bsi.bund.de/zertifizierung', 'http://www.commoncriteriaportal.org/', 'https://www.bsi.bund.de/AIS', 'https://www.bsi.bund.de/zertifizierungsreporte', 'https://www.sogis.eu/']}}. - The st_metadata property was set to
{'pdf_file_size_bytes': 955165, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 77, '/Author': 'gematik GmbH', '/Title': 'ORGA 900 Security Target', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}. - The cert_metadata property was set to
{'pdf_file_size_bytes': 327524, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 1, '/Author': 'Bundesamt für Sicherheit in der Informationstechnik', '/Keywords': '"Common Criteria, Certification, Zertifizierung, SMGW, Site Certification, Theben"', '/Subject': 'Common Criteria, Certification, Zertifizierung, SMGW, Site Certification, Theben', '/Title': 'Certificate BSI-DSZ-CC-0596-V3-2023', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}. - The report_frontpage property was set to
{'DE': {'match_rules': ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)'], 'cert_id': 'BSI-DSZ-CC-0596-V3-2023', 'cert_item': 'Mobiles eHealth Kartenterminal ORGA 930 M online 4.9.0: 1.0.0', 'developer': 'Worldline Healthcare GmbH', 'cert_lab': 'BSI', 'ref_protection_profiles': 'Common Criteria Protection Profile Mobile Card Terminal for the German Healthcare System (MobCT), Version 1.4, BSI-CC-PP-0052-2015, 24 September 2014', 'cc_version': 'PP conformant Common Criteria Part 2 extended', 'cc_security_level': 'Common Criteria Part 3 conformant EAL 3 augmented by AVA_VAN.5, ALC_TAT.1, ADV_TDS.3, ADV_IMP.1, ADV_FSP.4'}}. - The report_keywords property was set to
{'cc_cert_id': {'DE': {'BSI-DSZ-CC-0596-V3-2023': 14, 'BSI-DSZ-CC-0596-V2-': 1, 'BSI-DSZ-CC-0950-V2-2018': 1, 'BSI-DSZ-CC-0928': 1, 'BSI-DSZ-CC-0596-V2-2018': 1}}, 'cc_protection_profile_id': {'BSI': {'BSI-CC-PP-0052-2015': 3, 'BSI-CC-PP- 0052-2015': 1}}, 'cc_security_level': {'EAL': {'EAL 3': 4, 'EAL 4': 4, 'EAL 2': 3, 'EAL 1': 1, 'EAL 5+': 1, 'EAL 6': 1, 'EAL 3 augmented': 3}}, 'cc_sar': {'ADV': {'ADV_TDS.3': 4, 'ADV_IMP.1': 4, 'ADV_FSP.4': 4}, 'ALC': {'ALC_TAT.1': 4, 'ALC_FLR': 3, 'ALC_DEL': 1}, 'AVA': {'AVA_VAN.5': 5}}, 'cc_sfr': {}, 'cc_claims': {}, 'vendor': {}, 'eval_facility': {'TUV': {'TÜV Informationstechnik': 3}}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES-256': 1, 'AES': 2}, 'HPC': {'HPC': 4}}}, 'asymmetric_crypto': {'RSA': {'RSA-4096': 2}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 1}, 'SHA2': {'SHA-512': 3}}}, 'crypto_scheme': {}, 'crypto_protocol': {}, 'randomness': {}, 'cipher_mode': {'GCM': {'GCM': 2}}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {'BSI': {'BSI TR-02102': 1, 'BSI 7148': 1}}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS197': 1}, 'PKCS': {'PKCS#1': 1}, 'BSI': {'AIS 1': 1, 'AIS 14': 1, 'AIS 19': 1, 'AIS 23': 1, 'AIS 34': 1, 'AIS 41': 1, 'AIS 45': 1, 'AIS 46': 1}, 'RFC': {'RFC6234': 2, 'RFC3174': 1}, 'ISO': {'ISO/IEC 15408': 4, 'ISO/IEC 18045': 4, 'ISO/IEC 17065': 2}, 'X509': {'X.509': 2}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'ConfidentialDocument': {'being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification': 1, 'GmbH [7] Evaluation Technical Report Summary, Version 2, 2023-01-06, TÜV Informationstechnik GmbH, (confidential document) [8] Common Criteria Protection Profile Mobile Card Terminal for the German Healthcare System': 1, 'from Evaluation of the Product ORGA v 6141 online and ORGA 930 online, Worldline Healthcare GmbH (confidential document) [10] Bedienungsanleitung Mobiles eHealth Kartenterminal ORGA 930 M online mit Firmware-Version 4.9': 1}}}. - The st_keywords property was set to
{'cc_cert_id': {'DE': {'BSI-DSZ-CC-0596-V3-2022': 2}}, 'cc_protection_profile_id': {'BSI': {'BSI-CC-PP-0052': 1, 'BSI-CC-PP-0032': 1, 'BSI-CC-PP- 0052': 1}}, 'cc_security_level': {'EAL': {'EAL3+': 2, 'EAL 3': 4, 'EAL 3 augmented': 3}}, 'cc_sar': {'ADV': {'ADV_FSP.4': 5, 'ADV_IMP.1': 5, 'ADV_TDS.3': 5, 'ADV_ARC.1': 1}, 'AGD': {'AGD_KAL': 2, 'AGD_IAN': 2, 'AGD_OPE.1': 1, 'AGD_PRE.1': 1}, 'ALC': {'ALC_TAT.1': 5, 'ALC_DEL': 1, 'ALC_CMC.3': 1, 'ALC_CMS.3': 1, 'ALC_DEL.1': 1, 'ALC_DVS.1': 1, 'ALC_LCD.1': 1}, 'ATE': {'ATE_COV.2': 1, 'ATE_DPT.1': 1, 'ATE_FUN.1': 1, 'ATE_IND.2': 1}, 'AVA': {'AVA_VAN.5': 8}}, 'cc_sfr': {'FCS': {'FCS_CKM.1': 22, 'FCS_CKM.4': 24, 'FCS_COP': 37, 'FCS_COP.1': 8, 'FCS_CKM.1.1': 1, 'FCS_CKM.2': 2, 'FCS_CKM.4.1': 1}, 'FDP': {'FDP_SVR': 2, 'FDP_ACC.1': 24, 'FDP_ACF.1': 17, 'FDP_IFC': 48, 'FDP_IFF': 45, 'FDP_ITC.1': 24, 'FDP_RIP': 12, 'FDP_SDI.2': 7, 'FDP_SVR.1': 11, 'FDP_SVR.1.1': 5, 'FDP_SVR.1.2': 3, 'FDP_SVR.1.3': 3, 'FDP_ITC.2': 11, 'FDP_ACC.1.1': 1, 'FDP_ACF.1.1': 1, 'FDP_ACF.1.2': 4, 'FDP_ACF.1.3': 1, 'FDP_ACF.1.4': 2, 'FDP_IFC.1': 13, 'FDP_IFF.1': 26, 'FDP_ITC.1.1': 1, 'FDP_ITC.1.2': 1, 'FDP_ITC.1.3': 1, 'FDP_RIP.1': 2, 'FDP_SDI.2.1': 1, 'FDP_SDI.2.2': 1, 'FDP_SDI.1': 1}, 'FIA': {'FIA_AFL': 15, 'FIA_SOS.1': 7, 'FIA_UAU.1': 15, 'FIA_UAU.5': 9, 'FIA_UAU.7': 9, 'FIA_UID.1': 15, 'FIA_UAU.5.1': 2, 'FIA_UAU.5.2': 2, 'FIA_AFL.1': 4, 'FIA_SOS.1.1': 1, 'FIA_UAU.7.1': 2, 'FIA_UAU.1.1': 1, 'FIA_UAU.1.2': 1, 'FIA_UID.1.1': 1, 'FIA_UID.1.2': 1}, 'FMT': {'FMT_MSA.1': 9, 'FMT_MSA.3': 26, 'FMT_MTD.1': 12, 'FMT_MTD.3': 6, 'FMT_SMF.1': 15, 'FMT_SMR.1': 21, 'FMT_MTD': 6, 'FMT_MSA.1.1': 1, 'FMT_MSA.3.1': 1, 'FMT_MSA.3.2': 1, 'FMT_MTD.1.1': 1, 'FMT_MTD.3.1': 1, 'FMT_SMF.1.1': 1, 'FMT_SMR.1.1': 1, 'FMT_SMR.1.2': 1}, 'FPT': {'FPT_STM.1': 11, 'FPT_PHP.1': 6, 'FPT_TST.1': 6, 'FPT_STM.1.1': 1, 'FPT_PHP.1.1': 1, 'FPT_PHP.1.2': 1, 'FPT_TST.1.1': 1, 'FPT_TST.1.2': 1, 'FPT_TST.1.3': 1}, 'FTA': {'FTA_SSL.3': 8, 'FTA_SSL.4': 8, 'FTA_SSL.3.1': 2, 'FTA_SSL.4.1': 1}, 'FTP': {'FTP_ITC.1': 1}}, 'cc_claims': {'O': {'O.MANAGEMENT': 10, 'O.LOG_DATA': 7, 'O.PIN': 7, 'O.RESIDUAL': 6, 'O.SELFTESTS': 6, 'O.PROTECTION': 8, 'O.AUTH_STATE': 9, 'O.LOG_CARDS': 3, 'O.TRANSFER': 3, 'O.DMS_CONNECT': 1, 'O.TIME': 6, 'O.SEALING': 3, 'O.DMS_CONNECTION': 5}, 'T': {'T.MAN_HW': 4, 'T.DATA': 3, 'T.ACCESS': 3, 'T.AUTH_STATE': 3, 'T.ADMIN_PIN': 3, 'T.FIRMWARE': 3}, 'A': {'A.MEDIC': 3, 'A.ADMIN': 3, 'A.CARDS': 4, 'A.DMS': 4, 'A.ENVIRONME': 1, 'A.PHYSICAL': 2, 'A.ENVIRONMENT': 2, 'A.DEVELOPER': 2}, 'OE': {'OE.DMS': 5, 'OE.PHYSICAL': 6, 'OE.MEDIC': 9, 'OE.ADMIN': 9, 'OE.CARDS': 7, 'OE.ENVIRONMENT': 6, 'OE.DEVELOPER': 2}, 'OSP': {'OSP.LOG_DATA': 4, 'OSP.LOG_CARDS': 3, 'OSP.TRANSFER': 3, 'OSP.DMS_CONNE': 1, 'OSP.TIME': 3, 'OSP.SEALING': 3, 'OSP.SELFTESTS': 3, 'OSP.EMERGENCY_': 1, 'OSP.DMS_CONN': 1, 'OSP.EMERGENCY': 1, 'OSP.DMS_CONNECTION': 1, 'OSP.EMERGENCY_DATA': 1}}, 'vendor': {'Microsoft': {'Microsoft': 4}}, 'eval_facility': {}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 10, 'AES-256': 1, 'AES-': 1}, 'HPC': {'HPC': 21}}}, 'asymmetric_crypto': {'RSA': {'RSA-4096': 2}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 1}, 'SHA2': {'SHA-512': 6}}}, 'crypto_scheme': {}, 'crypto_protocol': {}, 'randomness': {}, 'cipher_mode': {'GCM': {'GCM': 3}}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {'FI': {'physical tampering': 4}}, 'technical_report_id': {'BSI': {'BSI TR-03116-1': 1, 'BSI 7500': 1, 'BSI 7586': 1}}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'RFC': {'RFC8017': 2}, 'X509': {'X.509': 7}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'OutOfScope': {'out of scope': 1, 'done by an authorised card that is out of scope of this ST': 1, 'the TOE • Signature generation for emergency data1 on the eHC (done by an authorised card that is out of scope of this ST) 1.4.6 Physical Protection of the TOE The TOE cannot counter physical attacks concerning': 1}}}. - The cert_keywords property was set to
{'cc_cert_id': {'DE': {'BSI-DSZ-CC-0596-V3-2023': 1}}, 'cc_protection_profile_id': {'BSI': {'BSI-CC-PP-0052-2015': 1}}, 'cc_security_level': {'EAL': {'EAL 3': 1, 'EAL 4': 1, 'EAL 2': 1, 'EAL 3 augmented': 1}}, 'cc_sar': {'ADV': {'ADV_TDS.3': 1, 'ADV_IMP.1': 1, 'ADV_FSP.4': 1}, 'ALC': {'ALC_TAT.1': 1, 'ALC_FLR': 1}, 'AVA': {'AVA_VAN.5': 1}}, 'cc_sfr': {}, 'cc_claims': {}, 'vendor': {}, 'eval_facility': {}, 'symmetric_crypto': {}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {}, 'crypto_scheme': {}, 'crypto_protocol': {}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'ISO': {'ISO/IEC 15408': 2, 'ISO/IEC 18045': 2}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}. - The report_filename property was set to
0596V3a_pdf.pdf. - The st_filename property was set to
0596V3b_pdf.pdf. - The cert_filename property was set to
0596V3c_pdf.pdf.
The computed heuristics were updated.
- The cert_lab property was set to
['BSI']. - The cert_id property was set to
BSI-DSZ-CC-0596-V3-2023. - The report_references property was updated, with the
{'directly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0950-V2-2018', 'BSI-DSZ-CC-0596-V2-2018']}, 'indirectly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0950-V2-2018', 'BSI-DSZ-CC-0950-2017', 'BSI-DSZ-CC-0928-2018', 'BSI-DSZ-CC-0596-V2-2018']}}data. - The extracted_sars property was updated, with the
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DVS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_DPT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}]}values added.
- The report property was updated, with the
-
17.08.2024 The certificate data changed.
Certificate changed
The report_link was updated.
- The new value is
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0596V3a_pdf.pdf.
The st_link was updated.
- The new value is
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0596V3b_pdf.pdf.
The state of the certificate object was updated.
- The report property was updated, with the
{'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None}data. - The cert property was updated, with the
{'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None}data.
The PDF extraction data was updated.
- The report_metadata property was set to
None. - The cert_metadata property was set to
None. - The report_frontpage property was set to
None. - The report_keywords property was set to
None. - The cert_keywords property was set to
None. - The report_filename property was set to
None. - The cert_filename property was set to
None.
The computed heuristics were updated.
- The cert_lab property was set to
None. - The cert_id property was set to
None. - The report_references property was updated, with the
{'directly_referencing': None, 'indirectly_referencing': None}data.
- The new value is
-
12.08.2024 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The st property was updated, with the
{'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None}data.
The PDF extraction data was updated.
- The st_metadata property was set to
None. - The st_keywords property was set to
None. - The st_filename property was set to
None.
The computed heuristics were updated.
- The report_references property was updated, with the
{'indirectly_referencing': {'__discard__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0950-2017']}}}data. - The extracted_sars property was updated, with the
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DVS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_DPT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}]}values discarded.
- The st property was updated, with the
-
23.07.2024 The certificate was first processed.
New certificate
A new Common Criteria certificate with the product name Mobiles eHealth Kartenterminal ORGA 930 M online, 4.9.0: 1.0.0 was processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "Other Devices and Systems",
"cert_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0596V3c_pdf.pdf",
"dgst": "a91d0202506bb11c",
"heuristics": {
"_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
"annotated_references": null,
"cert_id": "BSI-DSZ-CC-0596-V3-2023",
"cert_lab": [
"BSI"
],
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_IND",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_DPT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_TAT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_ARC",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_LCD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_PRE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_OPE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_IMP",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_FUN",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DVS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMC",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 5
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DEL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_COV",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_TDS",
"level": 3
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"4.9.0",
"1.0.0"
]
},
"indirect_transitive_cves": null,
"related_cves": null,
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-0596-V2-2018",
"BSI-DSZ-CC-0950-V2-2018"
]
},
"indirectly_referenced_by": null,
"indirectly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-0596-V2-2018",
"BSI-DSZ-CC-0928-2018",
"BSI-DSZ-CC-0950-V2-2018",
"BSI-DSZ-CC-0950-2017"
]
}
},
"scheme_data": {
"category": "eHealth",
"cert_id": "BSI-DSZ-CC-0596-V3-2023",
"certification_date": "2023-01-18",
"enhanced": {
"applicant": "Worldline Healthcare GmbH Konrad-Zuse-Ring 1 24220 Flintbek",
"assurance_level": "EAL3+,AVA_VAN.5,ALC_TAT.1,ADV_TDS.3,ADV_IMP.1,ADV_FSP.4",
"cert_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte05/0596V3c_pdf.pdf?__blob=publicationFile\u0026v=2",
"certification_date": "2023-01-18",
"description": "TOEs are the mobile card terminal \u201cORGA 930 M\u201d and the most widely identical \u201cCherry ST-1530\u201d in Version 4.7.0:1.0.0 with integrated smart card readers. The TOE fulfills the requirements to be used with the German electronic Health Card (eHC) and the German Professional Card (HPC) based on the regulations of the German healthcare system.",
"entries": [
{
"description": ", an improvement of power consumption management and a truststore update of the productive environment.",
"id": "BSI-DSZ-CC-0596-V3-2023-MA-01 (Ausstellungsdatum / Certification Date 02.01.2024)"
},
{
"description": "as product optimizing and Updates of the Open Source components. The Secure Delivery Chain was improved, as it is now independent from the forwarder with new security measures.",
"id": "BSI-DSZ-CC-0596-V3-2023 (Ausstellungsdatum / Certification Date 18.01.2023, g\u00fcltig bis / valid until 17.01.2028)"
},
{
"description": "TOEs are the mobile card terminal \u201cORGA 930 M\u201d and the most widely identical \u201cCherry ST-1530\u201d in Version 4.7.0:1.0.0 with integrated smart card readers. The TOE fulfills the requirements to be used with the German electronic Health Card (eHC) and the German Professional Card (HPC) based on the regulations of the German healthcare System.",
"id": "BSI-DSZ-CC-0596-V2-2018-MA-3 (23.11.2020)"
},
{
"description": "The certified product itself did not change compared to 0596-V2-2018.",
"id": "BSI-DSZ-CC-0596-V2-MA-02 (19.12.2018)"
},
{
"description": "Certificate",
"id": "BSI-DSZ-CC-0596-V2-2018 (Ausstellungsdatum / Certification Date 25.09.2010, g\u00fcltig bis / valid until 24.09.2018)"
}
],
"evaluation_facility": "T\u00dcV Informationstechnik GmbH",
"expiration_date": "2028-01-17",
"product": "Mobiles eHealth Kartenterminal ORGA 930 M online, 4.9.0: 1.0.0",
"protection_profile": "Common Criteria Protection Profile Mobile Card Terminal for the German Healthcare System (MobCT), Version 1.4, BSI-CC-PP-0052-2015, 24 September 2014",
"report_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte05/0596V3a_pdf.pdf?__blob=publicationFile\u0026v=2",
"target_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte05/0596V3b_pdf.pdf?__blob=publicationFile\u0026v=2"
},
"product": "Mobiles eHealth Kartenterminal ORGA 930 M online, 4.9.0: 1.0.0",
"subcategory": "Card reader",
"url": "https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Gesundheitswesen_Kartenlesegeraete/0596V2_0596V3.html",
"vendor": "Worldline Healthcare GmbH"
},
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.cc.CCCertificate.MaintenanceReport",
"maintenance_date": "2024-01-02",
"maintenance_report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0596V3ma1a_pdf.pdf",
"maintenance_st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0596V3ma1b_pdf.pdf",
"maintenance_title": "Mobiles eHealth Kartenterminal ORGA 930 M online, Version 4.10.0:1.0.0"
}
]
},
"manufacturer": "Worldlline Healthcare GmbH",
"manufacturer_web": "https://de.worldline.com",
"name": "Mobiles eHealth Kartenterminal ORGA 930 M online, 4.9.0: 1.0.0",
"not_valid_after": "2028-01-17",
"not_valid_before": "2023-01-18",
"pdf_data": {
"_type": "sec_certs.sample.cc.CCCertificate.PdfData",
"cert_filename": "0596V3c_pdf.pdf",
"cert_frontpage": null,
"cert_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-0596-V3-2023": 1
}
},
"cc_claims": {},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP-0052-2015": 1
}
},
"cc_sar": {
"ADV": {
"ADV_FSP.4": 1,
"ADV_IMP.1": 1,
"ADV_TDS.3": 1
},
"ALC": {
"ALC_FLR": 1,
"ALC_TAT.1": 1
},
"AVA": {
"AVA_VAN.5": 1
}
},
"cc_security_level": {
"EAL": {
"EAL 2": 1,
"EAL 3": 1,
"EAL 3 augmented": 1,
"EAL 4": 1
}
},
"cc_sfr": {},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"ISO": {
"ISO/IEC 15408": 2,
"ISO/IEC 18045": 2
}
},
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"cert_metadata": {
"/Author": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"/Keywords": "\"Common Criteria, Certification, Zertifizierung, SMGW, Site Certification, Theben\"",
"/Subject": "Common Criteria, Certification, Zertifizierung, SMGW, Site Certification, Theben",
"/Title": "Certificate BSI-DSZ-CC-0596-V3-2023",
"pdf_file_size_bytes": 327524,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 1
},
"report_filename": "0596V3a_pdf.pdf",
"report_frontpage": {
"DE": {
"cc_security_level": "Common Criteria Part 3 conformant EAL 3 augmented by AVA_VAN.5, ALC_TAT.1, ADV_TDS.3, ADV_IMP.1, ADV_FSP.4",
"cc_version": "PP conformant Common Criteria Part 2 extended",
"cert_id": "BSI-DSZ-CC-0596-V3-2023",
"cert_item": "Mobiles eHealth Kartenterminal ORGA 930 M online 4.9.0: 1.0.0",
"cert_lab": "BSI",
"developer": "Worldline Healthcare GmbH",
"match_rules": [
"(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)"
],
"ref_protection_profiles": "Common Criteria Protection Profile Mobile Card Terminal for the German Healthcare System (MobCT), Version 1.4, BSI-CC-PP-0052-2015, 24 September 2014"
}
},
"report_keywords": {
"asymmetric_crypto": {
"RSA": {
"RSA-4096": 2
}
},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-0596-V2-": 1,
"BSI-DSZ-CC-0596-V2-2018": 1,
"BSI-DSZ-CC-0596-V3-2023": 14,
"BSI-DSZ-CC-0928": 1,
"BSI-DSZ-CC-0950-V2-2018": 1
}
},
"cc_claims": {},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP- 0052-2015": 1,
"BSI-CC-PP-0052-2015": 3
}
},
"cc_sar": {
"ADV": {
"ADV_FSP.4": 4,
"ADV_IMP.1": 4,
"ADV_TDS.3": 4
},
"ALC": {
"ALC_DEL": 1,
"ALC_FLR": 3,
"ALC_TAT.1": 4
},
"AVA": {
"AVA_VAN.5": 5
}
},
"cc_security_level": {
"EAL": {
"EAL 1": 1,
"EAL 2": 3,
"EAL 3": 4,
"EAL 3 augmented": 3,
"EAL 4": 4,
"EAL 5+": 1,
"EAL 6": 1
}
},
"cc_sfr": {},
"certification_process": {
"ConfidentialDocument": {
"GmbH [7] Evaluation Technical Report Summary, Version 2, 2023-01-06, T\u00dcV Informationstechnik GmbH, (confidential document) [8] Common Criteria Protection Profile Mobile Card Terminal for the German Healthcare System": 1,
"being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification": 1,
"from Evaluation of the Product ORGA v 6141 online and ORGA 930 online, Worldline Healthcare GmbH (confidential document) [10] Bedienungsanleitung Mobiles eHealth Kartenterminal ORGA 930 M online mit Firmware-Version 4.9": 1
}
},
"cipher_mode": {
"GCM": {
"GCM": 2
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"TUV": {
"T\u00dcV Informationstechnik": 3
}
},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 1
},
"SHA2": {
"SHA-512": 3
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"BSI": {
"AIS 1": 1,
"AIS 14": 1,
"AIS 19": 1,
"AIS 23": 1,
"AIS 34": 1,
"AIS 41": 1,
"AIS 45": 1,
"AIS 46": 1
},
"FIPS": {
"FIPS197": 1
},
"ISO": {
"ISO/IEC 15408": 4,
"ISO/IEC 17065": 2,
"ISO/IEC 18045": 4
},
"PKCS": {
"PKCS#1": 1
},
"RFC": {
"RFC3174": 1,
"RFC6234": 2
},
"X509": {
"X.509": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 2,
"AES-256": 1
},
"HPC": {
"HPC": 4
}
}
},
"technical_report_id": {
"BSI": {
"BSI 7148": 1,
"BSI TR-02102": 1
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"report_metadata": {
"/Author": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"/Keywords": "\"Common Criteria, Certification, Zertifizierung, SMGW, Site Certification, Theben\"",
"/Subject": "Common Criteria, Certification, Zertifizierung, SMGW, Site Certification, Theben",
"/Title": "Certification Report BSI-DSZ-CC-0596-V3-2023",
"pdf_file_size_bytes": 801696,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://www.commoncriteriaportal.org/",
"https://www.bsi.bund.de/AIS",
"https://www.bsi.bund.de/zertifizierungsreporte",
"https://www.bsi.bund.de/zertifizierung",
"http://www.commoncriteriaportal.org/cc/",
"https://www.bsi.bund.de/",
"https://www.sogis.eu/",
"http://www.commoncriteriaportal.org/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 26
},
"st_filename": "0596V3b_pdf.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {
"RSA": {
"RSA-4096": 2
}
},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-0596-V3-2022": 2
}
},
"cc_claims": {
"A": {
"A.ADMIN": 3,
"A.CARDS": 4,
"A.DEVELOPER": 2,
"A.DMS": 4,
"A.ENVIRONME": 1,
"A.ENVIRONMENT": 2,
"A.MEDIC": 3,
"A.PHYSICAL": 2
},
"O": {
"O.AUTH_STATE": 9,
"O.DMS_CONNECT": 1,
"O.DMS_CONNECTION": 5,
"O.LOG_CARDS": 3,
"O.LOG_DATA": 7,
"O.MANAGEMENT": 10,
"O.PIN": 7,
"O.PROTECTION": 8,
"O.RESIDUAL": 6,
"O.SEALING": 3,
"O.SELFTESTS": 6,
"O.TIME": 6,
"O.TRANSFER": 3
},
"OE": {
"OE.ADMIN": 9,
"OE.CARDS": 7,
"OE.DEVELOPER": 2,
"OE.DMS": 5,
"OE.ENVIRONMENT": 6,
"OE.MEDIC": 9,
"OE.PHYSICAL": 6
},
"OSP": {
"OSP.DMS_CONN": 1,
"OSP.DMS_CONNE": 1,
"OSP.DMS_CONNECTION": 1,
"OSP.EMERGENCY": 1,
"OSP.EMERGENCY_": 1,
"OSP.EMERGENCY_DATA": 1,
"OSP.LOG_CARDS": 3,
"OSP.LOG_DATA": 4,
"OSP.SEALING": 3,
"OSP.SELFTESTS": 3,
"OSP.TIME": 3,
"OSP.TRANSFER": 3
},
"T": {
"T.ACCESS": 3,
"T.ADMIN_PIN": 3,
"T.AUTH_STATE": 3,
"T.DATA": 3,
"T.FIRMWARE": 3,
"T.MAN_HW": 4
}
},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP- 0052": 1,
"BSI-CC-PP-0032": 1,
"BSI-CC-PP-0052": 1
}
},
"cc_sar": {
"ADV": {
"ADV_ARC.1": 1,
"ADV_FSP.4": 5,
"ADV_IMP.1": 5,
"ADV_TDS.3": 5
},
"AGD": {
"AGD_IAN": 2,
"AGD_KAL": 2,
"AGD_OPE.1": 1,
"AGD_PRE.1": 1
},
"ALC": {
"ALC_CMC.3": 1,
"ALC_CMS.3": 1,
"ALC_DEL": 1,
"ALC_DEL.1": 1,
"ALC_DVS.1": 1,
"ALC_LCD.1": 1,
"ALC_TAT.1": 5
},
"ATE": {
"ATE_COV.2": 1,
"ATE_DPT.1": 1,
"ATE_FUN.1": 1,
"ATE_IND.2": 1
},
"AVA": {
"AVA_VAN.5": 8
}
},
"cc_security_level": {
"EAL": {
"EAL 3": 4,
"EAL 3 augmented": 3,
"EAL3+": 2
}
},
"cc_sfr": {
"FCS": {
"FCS_CKM.1": 22,
"FCS_CKM.1.1": 1,
"FCS_CKM.2": 2,
"FCS_CKM.4": 24,
"FCS_CKM.4.1": 1,
"FCS_COP": 37,
"FCS_COP.1": 8
},
"FDP": {
"FDP_ACC.1": 24,
"FDP_ACC.1.1": 1,
"FDP_ACF.1": 17,
"FDP_ACF.1.1": 1,
"FDP_ACF.1.2": 4,
"FDP_ACF.1.3": 1,
"FDP_ACF.1.4": 2,
"FDP_IFC": 48,
"FDP_IFC.1": 13,
"FDP_IFF": 45,
"FDP_IFF.1": 26,
"FDP_ITC.1": 24,
"FDP_ITC.1.1": 1,
"FDP_ITC.1.2": 1,
"FDP_ITC.1.3": 1,
"FDP_ITC.2": 11,
"FDP_RIP": 12,
"FDP_RIP.1": 2,
"FDP_SDI.1": 1,
"FDP_SDI.2": 7,
"FDP_SDI.2.1": 1,
"FDP_SDI.2.2": 1,
"FDP_SVR": 2,
"FDP_SVR.1": 11,
"FDP_SVR.1.1": 5,
"FDP_SVR.1.2": 3,
"FDP_SVR.1.3": 3
},
"FIA": {
"FIA_AFL": 15,
"FIA_AFL.1": 4,
"FIA_SOS.1": 7,
"FIA_SOS.1.1": 1,
"FIA_UAU.1": 15,
"FIA_UAU.1.1": 1,
"FIA_UAU.1.2": 1,
"FIA_UAU.5": 9,
"FIA_UAU.5.1": 2,
"FIA_UAU.5.2": 2,
"FIA_UAU.7": 9,
"FIA_UAU.7.1": 2,
"FIA_UID.1": 15,
"FIA_UID.1.1": 1,
"FIA_UID.1.2": 1
},
"FMT": {
"FMT_MSA.1": 9,
"FMT_MSA.1.1": 1,
"FMT_MSA.3": 26,
"FMT_MSA.3.1": 1,
"FMT_MSA.3.2": 1,
"FMT_MTD": 6,
"FMT_MTD.1": 12,
"FMT_MTD.1.1": 1,
"FMT_MTD.3": 6,
"FMT_MTD.3.1": 1,
"FMT_SMF.1": 15,
"FMT_SMF.1.1": 1,
"FMT_SMR.1": 21,
"FMT_SMR.1.1": 1,
"FMT_SMR.1.2": 1
},
"FPT": {
"FPT_PHP.1": 6,
"FPT_PHP.1.1": 1,
"FPT_PHP.1.2": 1,
"FPT_STM.1": 11,
"FPT_STM.1.1": 1,
"FPT_TST.1": 6,
"FPT_TST.1.1": 1,
"FPT_TST.1.2": 1,
"FPT_TST.1.3": 1
},
"FTA": {
"FTA_SSL.3": 8,
"FTA_SSL.3.1": 2,
"FTA_SSL.4": 8,
"FTA_SSL.4.1": 1
},
"FTP": {
"FTP_ITC.1": 1
}
},
"certification_process": {
"OutOfScope": {
"done by an authorised card that is out of scope of this ST": 1,
"out of scope": 1,
"the TOE \u2022 Signature generation for emergency data1 on the eHC (done by an authorised card that is out of scope of this ST) 1.4.6 Physical Protection of the TOE The TOE cannot counter physical attacks concerning": 1
}
},
"cipher_mode": {
"GCM": {
"GCM": 3
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 1
},
"SHA2": {
"SHA-512": 6
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {
"FI": {
"physical tampering": 4
}
},
"standard_id": {
"RFC": {
"RFC8017": 2
},
"X509": {
"X.509": 7
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 10,
"AES-": 1,
"AES-256": 1
},
"HPC": {
"HPC": 21
}
}
},
"technical_report_id": {
"BSI": {
"BSI 7500": 1,
"BSI 7586": 1,
"BSI TR-03116-1": 1
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Microsoft": {
"Microsoft": 4
}
},
"vulnerability": {}
},
"st_metadata": {
"/Author": "gematik GmbH",
"/Title": "ORGA 900 Security Target",
"pdf_file_size_bytes": 955165,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 77
}
},
"protection_profiles": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.protection_profile.ProtectionProfile",
"pp_eal": null,
"pp_ids": null,
"pp_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0052b_pdf.pdf",
"pp_name": "Common Criteria Protection Profile Mobile Card Terminal for the German Healthcare System (MobCT\u0026..."
}
]
},
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0596V3a_pdf.pdf",
"scheme": "DE",
"security_level": {
"_type": "Set",
"elements": [
"ALC_TAT.1",
"ADV_TDS.3",
"EAL3+",
"AVA_VAN.5",
"ADV_IMP.1",
"ADV_FSP.4"
]
},
"st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0596V3b_pdf.pdf",
"state": {
"_type": "sec_certs.sample.cc.CCCertificate.InternalState",
"cert": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "1df23ac7a357c86904542e99aa05d169144e48a2d253280918200487aa71d527",
"txt_hash": "24a0777ddf24758aaaf55f08489f08897c740d0510b49ccd6f18cdc487a7b1fc"
},
"report": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "3e288b207550e45ff5c15e7db43876919ec9b60d50a64cb26b14dfec1a04753b",
"txt_hash": "b17d89660b79c3367cd15b07ab391fd008916602ee02e8db6b360b408abb4041"
},
"st": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "7c78acd29f34a9208114ab6d54e6a759960d6f671012a028ee07a55250f18dd7",
"txt_hash": "47dd8da847c15e7154db1c1f0c9861463b7a4f7a5a319722422315db86cc362b"
}
},
"status": "active"
}