name |
Insurance Security Token Server (ISTS), Version 2.0.9 |
Insurance Security Token Server (ISTS), Version 2.0.5 |
category |
Network and Network-Related Devices and Systems |
Network and Network-Related Devices and Systems |
scheme |
DE |
DE |
status |
active |
archived |
not_valid_after |
01.02.2026 |
20.11.2022 |
not_valid_before |
02.02.2021 |
20.11.2017 |
cert_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1150c_pdf.pdf |
None |
report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1150a_pdf.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1038a_pdf.pdf |
st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1150b_pdf.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1038b_pdf.pdf |
manufacturer |
GDV Dienstleistungs-GmbH |
GDV Dienstleistungs-GmbH |
manufacturer_web |
https://www.gdv-dl.de |
https://www.gdv-dl.de |
security_level |
EAL2 |
EAL2 |
dgst |
3a0c756666671c71 |
d5473ae4db111992 |
heuristics/cert_id |
BSI-DSZ-CC-1150-2021 |
BSI-DSZ-CC-1038-2017 |
heuristics/cert_lab |
BSI |
BSI |
heuristics/cpe_matches |
{} |
{} |
heuristics/direct_transitive_cves |
{} |
{} |
heuristics/extracted_sars |
ADV_TDS.1, ATE_IND.2, ATE_COV.1, ADV_FSP.2, ASE_SPD.1, ASE_TSS.1, ADV_ARC.1, ASE_ECD.1, AVA_VAN.2, ALC_CMC.2, ALC_DEL.1, ATE_FUN.1, AGD_OPE.1, ASE_REQ.2, AGD_PRE.1, ASE_OBJ.2, ASE_INT.1, ASE_CCL.1, ALC_CMS.2 |
ADV_TDS.1, ATE_IND.2, ATE_COV.1, ADV_FSP.2, ASE_SPD.1, ASE_TSS.1, ADV_ARC.1, ASE_ECD.1, AVA_VAN.2, ALC_CMC.2, ALC_DEL.1, ATE_FUN.1, AGD_OPE.1, ASE_REQ.2, AGD_PRE.1, ASE_OBJ.2, ASE_INT.1, ASE_CCL.1, ALC_CMS.2 |
heuristics/extracted_versions |
2.0.9 |
2.0.5 |
heuristics/indirect_transitive_cves |
{} |
{} |
heuristics/related_cves |
{} |
{} |
heuristics/report_references/directly_referenced_by |
{} |
BSI-DSZ-CC-1150-2021 |
heuristics/report_references/directly_referencing |
BSI-DSZ-CC-1038-2017 |
BSI-DSZ-CC-0943-2015 |
heuristics/report_references/indirectly_referenced_by |
{} |
BSI-DSZ-CC-1150-2021 |
heuristics/report_references/indirectly_referencing |
BSI-DSZ-CC-0943-2015, BSI-DSZ-CC-1038-2017 |
BSI-DSZ-CC-0943-2015 |
heuristics/scheme_data |
- category: Server applications
- cert_id: BSI-DSZ-CC-1150-2021
- certification_date: 02.02.2021
- enhanced:
- applicant: GDV Dienstleistungs-GmbH
Glockengießerwall 1
20095 Hamburg
- assurance_level: EAL2
- cert_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1150c_pdf.pdf?__blob=publicationFile&v=1
- certification_date: 02.02.2021
- description: The Target of Evaluation (TOE) is a Security Token Service (STS). It has been implemented as a pure software application and due to the field of operation in the context of insurance it is further referenced as Insurance Security Token Service (ISTS).
The software application provides software based security tokens used for authentication purposes of the Trusted German Insurance Cloud (TGIC) web services. In addition, the TOE provides the possibility to validate and to cancel the issued tokens. Further the security features of the TOE comprise the functionality Security Audit, Identification and Authentication whereas some authentication mechanisms are provided by the operational environment and finally Security Management.
- evaluation_facility: TÜV Informationstechnik GmbH
- expiration_date: 01.02.2026
- product: Insurance Security Token Server (ISTS), Version 2.0.9
- report_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1150a_pdf.pdf?__blob=publicationFile&v=1
- target_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1150b_pdf.pdf?__blob=publicationFile&v=1
- product: Insurance Security Token Server (ISTS), Version 2.0.9
- subcategory: Other server applications
- url: https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Serveranwendungen_Sonstiges/1150.html
- vendor: GDV Dienstleistungs-GmbH
|
|
heuristics/st_references/directly_referenced_by |
{} |
{} |
heuristics/st_references/directly_referencing |
{} |
{} |
heuristics/st_references/indirectly_referenced_by |
{} |
{} |
heuristics/st_references/indirectly_referencing |
{} |
{} |
heuristics/verified_cpe_matches |
{} |
{} |
maintenance_updates |
|
|
protection_profiles |
|
|
pdf_data/cert_filename |
1150c_pdf.pdf |
None |
pdf_data/cert_frontpage |
|
|
pdf_data/cert_keywords/cc_cert_id |
|
|
pdf_data/cert_keywords/cc_protection_profile_id |
|
|
pdf_data/cert_keywords/cc_security_level |
|
|
pdf_data/cert_keywords/cc_sar |
|
|
pdf_data/cert_keywords/cc_sfr |
|
|
pdf_data/cert_keywords/cc_claims |
|
|
pdf_data/cert_keywords/vendor |
|
|
pdf_data/cert_keywords/eval_facility |
|
|
pdf_data/cert_keywords/symmetric_crypto |
|
|
pdf_data/cert_keywords/asymmetric_crypto |
|
|
pdf_data/cert_keywords/pq_crypto |
|
|
pdf_data/cert_keywords/hash_function |
|
|
pdf_data/cert_keywords/crypto_scheme |
|
|
pdf_data/cert_keywords/crypto_protocol |
|
|
pdf_data/cert_keywords/randomness |
|
|
pdf_data/cert_keywords/cipher_mode |
|
|
pdf_data/cert_keywords/ecc_curve |
|
|
pdf_data/cert_keywords/crypto_engine |
|
|
pdf_data/cert_keywords/tls_cipher_suite |
|
|
pdf_data/cert_keywords/crypto_library |
|
|
pdf_data/cert_keywords/vulnerability |
|
|
pdf_data/cert_keywords/side_channel_analysis |
|
|
pdf_data/cert_keywords/technical_report_id |
|
|
pdf_data/cert_keywords/device_model |
|
|
pdf_data/cert_keywords/tee_name |
|
|
pdf_data/cert_keywords/os_name |
|
|
pdf_data/cert_keywords/cplc_data |
|
|
pdf_data/cert_keywords/ic_data_group |
|
|
pdf_data/cert_keywords/standard_id |
- ISO:
- ISO/IEC 15408: 2
- ISO/IEC 18045: 2
|
|
pdf_data/cert_keywords/javacard_version |
|
|
pdf_data/cert_keywords/javacard_api_const |
|
|
pdf_data/cert_keywords/javacard_packages |
|
|
pdf_data/cert_keywords/certification_process |
|
|
pdf_data/cert_metadata |
- /Author: Bundesamt für Sicherheit in der Informationstechnik
- /CreationDate: D:20210205065853+01'00'
- /Creator: Writer
- /Keywords: "Common Criteria, Certification, Zertifizierung, Serveranwendung, ISTS"
- /ModDate: D:20210302091356+01'00'
- /Producer: LibreOffice 6.3
- /Subject: Insurance Security Token Server (ISTS), Version 2.0.9
- /Title: Zertifizierungsreport BSI-DSZ-CC-1150-2021
- pdf_file_size_bytes: 255156
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
|
pdf_data/report_filename |
1150a_pdf.pdf |
1038a_pdf.pdf |
pdf_data/report_frontpage |
- DE:
- cert_id: BSI-DSZ-CC-1150-2021
- cert_item: Insurance Security Token Server (ISTS), Version 2.0.9
- cert_lab: BSI
- developer: GDV Dienstleistungs-GmbH
- match_rules: ['(BSI-DSZ-CC-.+?) zu (.+?) der (.*)']
|
- DE:
- cert_id: BSI-DSZ-CC-1038-2017
- cert_item: Insurance Security Token Service (ISTS), Version 2.0.5
- cert_lab: BSI
- developer: GDV Dienstleistungs-GmbH
- match_rules: ['(BSI-DSZ-CC-.+?) zu (.+?) der (.*)']
|
pdf_data/report_keywords/cc_cert_id |
- DE:
- BSI-DSZ-CC-1038-2017: 2
- BSI-DSZ-CC-1150-2021: 15
|
- DE:
- BSI-DSZ-CC-0943-2015: 3
- BSI-DSZ-CC-1038-2017: 19
|
pdf_data/report_keywords/cc_protection_profile_id |
|
|
pdf_data/report_keywords/cc_security_level |
- EAL:
- EAL 1: 1
- EAL 2: 5
- EAL 4: 1
|
|
pdf_data/report_keywords/cc_sar |
|
|
pdf_data/report_keywords/cc_sfr |
|
|
pdf_data/report_keywords/cc_claims |
- OE:
- OE.ENVIRONMENT: 1
- OE.NOEVIL: 1
- OE.PHYSEC: 1
- OE.PKI: 1
- OE.PUBLIC: 1
|
- OE:
- OE.ENVIRONMENT: 1
- OE.NOEVIL: 1
- OE.PHYSEC: 1
- OE.PKI: 1
- OE.PUBLIC: 1
|
pdf_data/report_keywords/vendor |
|
|
pdf_data/report_keywords/eval_facility |
- TUV:
- TÜV Informationstechnik: 3
- TÜViT: 2
|
- TUV:
- TÜV Informationstechnik: 2
- TÜViT: 1
|
pdf_data/report_keywords/symmetric_crypto |
|
|
pdf_data/report_keywords/asymmetric_crypto |
|
|
pdf_data/report_keywords/pq_crypto |
|
|
pdf_data/report_keywords/hash_function |
|
|
pdf_data/report_keywords/crypto_scheme |
|
|
pdf_data/report_keywords/crypto_protocol |
|
|
pdf_data/report_keywords/randomness |
|
|
pdf_data/report_keywords/cipher_mode |
|
|
pdf_data/report_keywords/ecc_curve |
|
|
pdf_data/report_keywords/crypto_engine |
|
|
pdf_data/report_keywords/tls_cipher_suite |
|
|
pdf_data/report_keywords/crypto_library |
|
|
pdf_data/report_keywords/vulnerability |
|
|
pdf_data/report_keywords/side_channel_analysis |
|
|
pdf_data/report_keywords/technical_report_id |
|
|
pdf_data/report_keywords/device_model |
|
|
pdf_data/report_keywords/tee_name |
|
|
pdf_data/report_keywords/os_name |
|
|
pdf_data/report_keywords/cplc_data |
|
|
pdf_data/report_keywords/ic_data_group |
|
|
pdf_data/report_keywords/standard_id |
- BSI:
- AIS 14: 1
- AIS 19: 1
- AIS 32: 1
- AIS 41: 1
- AIS 45: 1
- ISO:
- ISO/IEC 15408: 4
- ISO/IEC 17065: 2
- ISO/IEC 18045: 4
- X509:
|
- BSI:
- AIS 19: 1
- AIS 32: 1
- AIS 35: 1
- AIS 36: 1
- AIS 38: 1
- AIS 41: 2
- AIS 45: 1
- AIS14: 1
- AIS19: 1
- AIS32: 1
- AIS41: 1
- AIS45: 1
- ISO:
- ISO/IEC 15408: 4
- ISO/IEC 17065: 2
- ISO/IEC 18045: 4
- X509:
|
pdf_data/report_keywords/javacard_version |
|
|
pdf_data/report_keywords/javacard_api_const |
|
|
pdf_data/report_keywords/javacard_packages |
|
|
pdf_data/report_keywords/certification_process |
|
|
pdf_data/report_metadata |
- /Author: Bundesamt für Sicherheit in der Informationstechnik
- /CreationDate: D:20210205065853+01'00'
- /Creator: Writer
- /Keywords: "Common Criteria, Certification, Zertifizierung, Serveranwendung, ISTS"
- /ModDate: D:20210218090032+01'00'
- /Producer: LibreOffice 6.3
- /Subject: Insurance Security Token Server (ISTS), Version 2.0.9
- /Title: Zertifizierungsreport BSI-DSZ-CC-1150-2021
- pdf_file_size_bytes: 473718
- pdf_hyperlinks: https://www.commoncriteriaportal.org/, https://www.bsi.bund.de/AIS, https://www.bsi.bund.de/zertifizierungsreporte, https://www.sogis.eu/, https://www.ibm.com/support/knowledgecenter/SS9H2Y_10.0/com.ibm.dp.doc/introduction.html, https://www.bsi.bund.de/zertifizierung, https://www.commoncriteriaportal.org/cc/
- pdf_is_encrypted: False
- pdf_number_of_pages: 31
|
|
pdf_data/st_filename |
1150b_pdf.pdf |
1038b_pdf.pdf |
pdf_data/st_frontpage |
|
|
pdf_data/st_keywords/cc_cert_id |
|
|
pdf_data/st_keywords/cc_protection_profile_id |
|
|
pdf_data/st_keywords/cc_security_level |
|
|
pdf_data/st_keywords/cc_sar |
- ADV:
- ADV_ARC.1: 1
- ADV_FSP.2: 1
- ADV_TDS.1: 1
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.2: 1
- ALC_CMS.2: 1
- ALC_DEL.1: 1
- ASE:
- ASE_CCL.1: 1
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.2: 1
- ASE_SPD.1: 1
- ASE_TSS.1: 1
- ATE:
- ATE_COV.1: 1
- ATE_FUN.1: 1
- ATE_IND.2: 1
- AVA:
|
- ADV:
- ADV_ARC.1: 1
- ADV_FSP.2: 1
- ADV_TDS.1: 1
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.2: 1
- ALC_CMS.2: 1
- ALC_DEL.1: 1
- ASE:
- ASE_CCL.1: 1
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.2: 1
- ASE_SPD.1: 1
- ASE_TSS.1: 1
- ATE:
- ATE_COV.1: 1
- ATE_FUN.1: 1
- ATE_IND.2: 1
- AVA:
|
pdf_data/st_keywords/cc_sfr |
- FAU:
- FAU_GEN: 3
- FAU_GEN.1: 11
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FAU_GEN.2: 9
- FAU_GEN.2.1: 1
- FIA:
- FIA_UAU.1: 13
- FIA_UAU.1.1: 1
- FIA_UAU.1.2: 1
- FIA_UAU.5: 10
- FIA_UAU.5.1: 1
- FIA_UAU.5.2: 1
- FIA_UID.1: 11
- FIA_UID.1.1: 1
- FIA_UID.1.2: 1
- FMT:
- FMT_SMF.1: 8
- FMT_SMF.1.1: 1
- FPT:
|
- FAU:
- FAU_GEN: 3
- FAU_GEN.1: 11
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FAU_GEN.2: 9
- FAU_GEN.2.1: 1
- FIA:
- FIA_UAU.1: 13
- FIA_UAU.1.1: 1
- FIA_UAU.1.2: 1
- FIA_UAU.5: 10
- FIA_UAU.5.1: 1
- FIA_UAU.5.2: 1
- FIA_UID.1: 11
- FIA_UID.1.1: 1
- FIA_UID.1.2: 1
- FMT:
- FMT_SMF.1: 8
- FMT_SMF.1.1: 1
- FPT:
|
pdf_data/st_keywords/cc_claims |
- A:
- A.ENVIRONMENT: 3
- A.NOEVIL: 3
- A.PHYSEC: 3
- A.PKI: 3
- A.PUBLIC: 3
- O:
- O.ACCOUNT: 6
- O.AUDREC: 4
- O.STS: 5
- OE:
- OE.ENVIRONMENT: 3
- OE.NOEVIL: 2
- OE.PHYSEC: 3
- OE.PKI: 3
- OE.PUBLIC: 2
- T:
|
- A:
- A.ENVIRONMENT: 3
- A.NOEVIL: 3
- A.PHYSEC: 3
- A.PKI: 3
- A.PUBLIC: 3
- O:
- O.ACCOUNT: 6
- O.AUDREC: 4
- O.STS: 5
- OE:
- OE.ENVIRONMENT: 3
- OE.NOEVIL: 2
- OE.PHYSEC: 3
- OE.PKI: 3
- OE.PUBLIC: 2
- T:
|
pdf_data/st_keywords/vendor |
|
|
pdf_data/st_keywords/eval_facility |
- TUV:
- TÜV Informationstechnik: 3
- TÜViT: 1
- tuvit: 1
|
- TUV:
- TÜV Informationstechnik: 3
- TÜViT: 1
- tuvit: 1
|
pdf_data/st_keywords/symmetric_crypto |
- AES_competition:
- DES:
- constructions:
|
|
pdf_data/st_keywords/asymmetric_crypto |
|
|
pdf_data/st_keywords/pq_crypto |
|
|
pdf_data/st_keywords/hash_function |
- SHA:
- SHA2:
- SHA-256: 4
- SHA-512: 1
- SHA256: 1
- SHA512: 1
|
|
pdf_data/st_keywords/crypto_scheme |
|
|
pdf_data/st_keywords/crypto_protocol |
|
|
pdf_data/st_keywords/randomness |
|
|
pdf_data/st_keywords/cipher_mode |
|
|
pdf_data/st_keywords/ecc_curve |
|
|
pdf_data/st_keywords/crypto_engine |
|
|
pdf_data/st_keywords/tls_cipher_suite |
- TLS:
- TLS_RSA_WITH_AES_256_CBC_SHA: 1
|
- TLS:
- TLS_RSA_WITH_AES_256_CBC_SHA: 1
|
pdf_data/st_keywords/crypto_library |
|
|
pdf_data/st_keywords/vulnerability |
|
|
pdf_data/st_keywords/side_channel_analysis |
|
|
pdf_data/st_keywords/technical_report_id |
|
|
pdf_data/st_keywords/device_model |
|
|
pdf_data/st_keywords/tee_name |
|
|
pdf_data/st_keywords/os_name |
|
|
pdf_data/st_keywords/cplc_data |
|
|
pdf_data/st_keywords/ic_data_group |
|
|
pdf_data/st_keywords/standard_id |
- CC:
- CCMB-2017-04-001: 1
- CCMB-2017-04-002: 1
- CCMB-2017-04-003: 1
- FIPS:
- FIPS PUB 180-4: 1
- FIPS PUB 197: 1
- PKCS:
- RFC:
- RFC 3268: 1
- RFC 6234: 1
- RFC 6238: 2
- RFC 6931: 1
- RFC3268: 2
- RFC6234: 1
- RFC6238: 1
- RFC6931: 3
- X509:
|
- CC:
- CCMB-2017-04-001: 1
- CCMB-2017-04-002: 1
- CCMB-2017-04-003: 1
- FIPS:
- FIPS PUB 180-4: 1
- FIPS PUB 197: 1
- PKCS:
- RFC:
- RFC 3268: 1
- RFC 6931: 1
- RFC3268: 2
- RFC6931: 3
- X509:
|
pdf_data/st_keywords/javacard_version |
|
|
pdf_data/st_keywords/javacard_api_const |
|
|
pdf_data/st_keywords/javacard_packages |
|
|
pdf_data/st_keywords/certification_process |
|
|
pdf_data/st_metadata |
|
|
state/cert/convert_garbage |
False |
False |
state/cert/convert_ok |
True |
False |
state/cert/download_ok |
True |
False |
state/cert/extract_ok |
True |
False |
state/cert/pdf_hash |
Different |
Different |
state/cert/txt_hash |
Different |
Different |
state/report/convert_garbage |
False |
False |
state/report/convert_ok |
True |
True |
state/report/download_ok |
True |
True |
state/report/extract_ok |
True |
True |
state/report/pdf_hash |
Different |
Different |
state/report/txt_hash |
Different |
Different |
state/st/convert_garbage |
False |
False |
state/st/convert_ok |
True |
True |
state/st/download_ok |
True |
True |
state/st/extract_ok |
True |
True |
state/st/pdf_hash |
Different |
Different |
state/st/txt_hash |
Different |
Different |