| name |
genuscreen 4.0 |
secunet konnektor 2.0.0 und 2.0.1, Version 5.50.1:2.0.0 und 5.50.1:2.0.1 |
| category |
Boundary Protection Devices and Systems |
Other Devices and Systems |
| scheme |
DE |
DE |
| status |
archived |
active |
| not_valid_after |
30.10.2019 |
18.10.2028 |
| not_valid_before |
29.10.2014 |
19.10.2023 |
| cert_link |
|
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1044V7c_pdf.pdf |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0823a_pdf.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1044V7a_pdf.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0823b_pdf.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1044V7b_pdf.pdf |
| manufacturer |
GeNUA mbH |
Secunet Security Networks AG |
| manufacturer_web |
https://www.genua.de/ |
https://www.secunet.com/en/ |
| security_level |
ASE_TSS.2, AVA_VAN.4, ALC_FLR.2, EAL4+ |
ADV_FSP.4, AVA_VAN.5, ALC_FLR.2, ADV_IMP.1, ALC_TAT.1, EAL3+, ADV_TDS.3 |
| dgst |
4577a1ed977931d9 |
298babdc373a838c |
| heuristics/cert_id |
BSI-DSZ-CC-0823-2014 |
BSI-DSZ-CC-1044-V7-2023 |
| heuristics/cert_lab |
BSI |
BSI |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ASE_INT.1, ALC_CMC.4, ASE_ECD.1, APE_ECD.1, ADV_IMP.1, ATE_COV.2, ALC_TAT.1, ASE_SPD.1, ALC_DEL.1, ALC_LCD.1, AGD_OPE.1, AGD_PRE.1, ALC_CMS.4, ATE_FUN.1, APE_REQ.2, ADV_ARC.1, ASE_OBJ.2, APE_CCL.1, ADV_TDS.3, ATE_DPT.1, ALC_FLR.2, ASE_TSS.2, ASE_REQ.2, ALC_DVS.1, ADV_INT.3, APE_INT.1, APE_SPD.1, ADV_FSP.4, ATE_IND.2, APE_OBJ.2, AVA_VAN.4, ADV_TAT.1, ASE_CCL.1, ADV_SPM.1 |
AGD_PRE.1, ALC_TAT.1, ALC_CMS.4, AVA_VAN.5, ALC_DEL.1, ADV_FSP.4, AGD_OPE.1, ADV_ARC.1, ADV_TDS.3, ATE_DPT.1, ALC_FLR.2, ADV_IMP.1 |
| heuristics/extracted_versions |
4.0 |
2.0.1, 2.0.0, 5.50.1 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
BSI-DSZ-CC-0966-2015 |
{} |
| heuristics/report_references/directly_referencing |
BSI-DSZ-CC-0565-2009 |
{} |
| heuristics/report_references/indirectly_referenced_by |
BSI-DSZ-CC-0966-2015 |
{} |
| heuristics/report_references/indirectly_referencing |
BSI-DSZ-CC-0382-2007, BSI-DSZ-CC-0565-2009 |
{} |
| heuristics/scheme_data |
|
- category: eHealth
- cert_id: BSI-DSZ-CC-1044-V7-2023
- certification_date: 19.10.2023
- enhanced:
- applicant: secunet Security Networks AG Kurfürstenstraße 58 45138 Essen
- assurance_level: EAL3,AVA_VAN.5,ALC_TAT.1,ALC_FLR.2,ADV_TDS.3,ADV_IMP.1,ADV_FSP.4
- cert_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1044V7c_pdf.pdf?__blob=publicationFile&v=1
- certification_date: 19.10.2023
- description: Target of evaluation (TOE) is the product secunet konnektor 2.0.0 provided by secunet Security Networks AG. The TOE is a pure software TOE consisting of the Netzkonnektor as specified in the protection profile Common Criteria Schutzprofil (Protection Profile), Schutzprofil 1: Anforderungen an den Netzkonnektor, BSI-CC-PP-0097, Version 1.5, 27.04.2018, Bundesamt für Sicherheit in der Informationstechnik (BSI)
- entries: [frozendict({'id': 'BSI-DSZ-CC-1044-V7-2023-MA-02 (Ausstellungsdatum / Certification Date 19.08.2024) Maintenance Report', 'description': 'is part of the Konnektor and it is delivered pre-installed on exactly one hardware-configuration.'}), frozendict({'id': 'BSI-DSZ-CC-1044-V7-2023-MA-01 (Ausstellungsdatum / Certification Date 31.10.2023) Maintenance Report', 'description': 'is part of the Konnektor and it is delivered pre-installed on exactly one hardware-configuration.'}), frozendict({'id': 'BSI-DSZ-CC-1044-V7-2023 (Ausstellungsdatum / Certification Date 19.10.2023, gültig bis / valid until 18.10.2028)', 'description': 'is part of the Konnektor and it is delivered pre-installed on exactly one hardware-configuration.'}), frozendict({'id': 'BSI-DSZ-CC-1044-V6-2022-MA-01 (Ausstellungsdatum / Certification Date 21.11.2022) Maintenance Report', 'description': 'is part of the Konnektor and it is delivered pre-installed on exactly one hardware-configuration.'}), frozendict({'id': 'BSI-DSZ-CC-1044-V6-2022 (Ausstellungsdatum / Certification Date 09.09.2022, gültig bis / valid until 08.09.2027)', 'description': 'The Target of evaluation (TOE) is a software product consisting of the Netzkonnektor as specified in the Protection Profile BSI-CC-PP-0097. The Netzkonnektor includes the security functionality of a Firewall, a VPN-client, an NTP Server, a name service (DNS) and a DHCP service. The TOE also includes the basic functions for establishment of secure TLS connections to other IT products. The TOE is part of the Konnektor and it is delivered pre-installed on exactly one hardware-configuration.'}), frozendict({'id': 'BSI-DSZ-CC-1044-V5-2022 (Ausstellungsdatum / Certification Date 08.04.2022, gültig bis / valid until 07.04.2027)', 'description': 'is part of the Konnektor and it is delivered pre-installed on exactly one hardware-configuration.'}), frozendict({'id': 'BSI-DSZ-CC-1044-V4-2021 (Ausstellungsdatum / Certification Date 16.07.2021, gültig bis / valid until 15.07.2026)', 'description': ')'}), frozendict({'id': 'BSI-DSZ-CC-1044-V3-2020 (Ausstellungsdatum / Certification Date 06.11.2020, gültig bis / valid until 05.11.2025)', 'description': 'The Target of evaluation (TOE) is a software product consisting of the Netzkonnektor as specified in the Protection Profile BSI-CC-PP-0097. The Netzkonnektor includes the security functionality of a Firewall, a VPN-client, an NTP Server, a name service (DNS) and a DHCP service. The TOE also includes the basic functions for establishment of secure TLS connections to other IT products. The TOE is part of the Konnektor and it is delivered pre-installed on exactly one hardware-configuration.'}), frozendict({'id': 'BSI-DSZ-CC-1044-V2-2019-MA-01 (Ausstellungsdatum / Certification Date 10.06.2020) Maintenance Report', 'description': 'is part of the Konnektor and it is delivered pre-installed on exactly one hardware-configuration."'}), frozendict({'id': 'BSI-DSZ-CC-1044-V2-2019 (Ausstellungsdatum / Certification Date 13.11.2019, gültig bis / valid until 12.11.2024)', 'description': 'Certificate'}), frozendict({'id': 'BSI-DSZ-CC-1044-2019-MA-02 (Ausstellungsdatum / Certification Date 19.09.2019) Maintanance Report', 'description': 'Maintanance Report'}), frozendict({'id': 'BSI-DSZ-CC-1044-2019_MA-01 (Ausstellungsdatum / Certification Date 06.06.2019) Maintenance Report', 'description': 'The change compared to the certified product was made at the level of adjustment of the guidance document.'}), frozendict({'id': 'BSI-DSZ-CC-1044-2019 (Ausstellungsdatum / Certification Date 25.01.2019, gültig bis / valid until 24.01.2024) Zertifizierungsreport / Certification Report', 'description': 'Certificate'})]
- evaluation_facility: SRC Security Research & Consulting GmbH
- expiration_date: 18.10.2028
- product: secunet konnektor 2.0.0 und 2.0.1, Version 5.50.1:2.0.0 und 5.50.1:2.0.1
- protection_profile: Common Criteria Schutzprofil (Protection Profile) Schutzprofil 1: Anforderungen an den Netzkonnektor, Version 1.6.6, BSI-CC-PP-0097-V2-2020-MA-01 vom 15.04.2021
- report_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1044V7a_pdf.pdf?__blob=publicationFile&v=1
- target_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1044V7b_pdf.pdf?__blob=publicationFile&v=1
- product: secunet konnektor 2.0.0 und 2.0.1, Version 5.50.1:2.0.0 und 5.50.1:2.0.1
- subcategory: Software
- url: https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Gesundheitswesen_Software/1044_1044V2_1044V3_1044V4_1044V5_1044V6_1044V7.html
- vendor: secunet Security Networks AG
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
19e2d2b1593c97a5 |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
{} |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0097V2b_pdf.pdf |
| pdf_data/cert_filename |
|
1044V7c_pdf.pdf |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
- DE:
- BSI-DSZ-CC-1044-V7-2023: 1
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
- EAL:
- EAL 2: 1
- EAL 3: 1
- EAL 4: 1
- EAL 5: 1
|
| pdf_data/cert_keywords/cc_sar |
|
- ADV:
- ADV_FSP.4: 1
- ADV_IMP.1: 1
- ADV_TDS.3: 1
- ALC:
- ALC_FLR: 1
- ALC_FLR.2: 1
- ALC_TAT.1: 1
- AVA:
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
- ISO:
- ISO/IEC 15408: 2
- ISO/IEC 18045: 2
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
- /Author: Bundesamt für Sicherheit in der Informtionstechnik
- /Keywords: "Common Criteria, Certification, Zertifizierung, Konnektor"
- /Subject: Common Criteria, Certification, Zertifizierung, Konnektor
- /Title: Zertifizierungsreport BSI-DSZ-CC-1044-V7-2023
- pdf_file_size_bytes: 393008
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
| pdf_data/report_filename |
0823a_pdf.pdf |
1044V7a_pdf.pdf |
| pdf_data/report_frontpage |
- DE:
- cc_security_level: Common Criteria Part 3 conformant EAL 4 augmented by ALC_FLR.2, ASE_TSS.2, AVA_VAN.4 SOGIS Recognition Agreement for components up to EAL 4
- cc_version: Product specific Security Target Common Criteria Part 2 extended
- cert_id: BSI-DSZ-CC-0823-2014
- cert_item: genuscreen 4.0
- cert_lab: BSI
- developer: genua mbh
- match_rules: ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)']
- ref_protection_profiles: None
|
- DE:
- cert_id: BSI-DSZ-CC-1044-V7-2023
- cert_item: secunet konnektor 2.0.0 und 2.0.1, Version 5.50.1:2.0.0 und 5.50.1:2.0.1
- cert_lab: BSI
- developer: secunet Security Networks AG
- match_rules: ['(BSI-DSZ-CC-.+?) zu (.+?) der (.*)']
|
| pdf_data/report_keywords/cc_cert_id |
- DE:
- BSI-DSZ-CC-0565-2009: 3
- BSI-DSZ-CC-0823: 1
- BSI-DSZ-CC-0823-2014: 18
|
- DE:
- BSI-DSZ-CC-1044-V6-2022-MA-01: 2
- BSI-DSZ-CC-1044-V7-2023: 18
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
- EAL:
- EAL 1: 7
- EAL 2: 4
- EAL 3: 4
- EAL 4: 17
- EAL 4 augmented: 3
- EAL 5: 9
- EAL 5+: 1
- EAL 6: 4
- EAL 7: 4
- ITSEC:
|
- EAL:
- EAL 1: 1
- EAL 2: 3
- EAL 3: 4
- EAL 4: 4
- EAL 5: 1
- EAL 5+: 1
- EAL 6: 1
|
| pdf_data/report_keywords/cc_sar |
- ADV:
- ADV_ARC: 1
- ADV_ARC.1: 1
- ADV_FSP: 1
- ADV_FSP.1: 1
- ADV_FSP.2: 1
- ADV_FSP.3: 1
- ADV_FSP.4: 1
- ADV_FSP.5: 1
- ADV_FSP.6: 1
- ADV_IMP: 1
- ADV_IMP.1: 1
- ADV_IMP.2: 1
- ADV_INT: 1
- ADV_INT.1: 1
- ADV_INT.2: 1
- ADV_INT.3: 1
- ADV_SPM: 1
- ADV_SPM.1: 1
- ADV_TDS: 1
- ADV_TDS.1: 1
- ADV_TDS.2: 1
- ADV_TDS.3: 1
- ADV_TDS.4: 1
- ADV_TDS.5: 1
- ADV_TDS.6: 1
- AGD:
- AGD_OPE: 1
- AGD_OPE.1: 1
- AGD_PRE: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC: 1
- ALC_CMC.1: 1
- ALC_CMC.2: 1
- ALC_CMC.3: 1
- ALC_CMC.4: 1
- ALC_CMC.5: 1
- ALC_CMS: 1
- ALC_CMS.1: 1
- ALC_CMS.2: 1
- ALC_CMS.3: 1
- ALC_CMS.4: 1
- ALC_CMS.5: 1
- ALC_DEL: 1
- ALC_DEL.1: 1
- ALC_DVS: 1
- ALC_DVS.1: 1
- ALC_DVS.2: 1
- ALC_FLR: 3
- ALC_FLR.1: 1
- ALC_FLR.2: 6
- ALC_FLR.3: 1
- ALC_LCD.1: 1
- ALC_LCD.2: 1
- ALC_TAT: 1
- ALC_TAT.1: 1
- ALC_TAT.2: 1
- ALC_TAT.3: 1
- APE:
- APE_CCL.1: 1
- APE_ECD.1: 1
- APE_INT.1: 1
- APE_OBJ.1: 1
- APE_OBJ.2: 1
- APE_REQ.1: 1
- APE_REQ.2: 1
- APE_SPD.1: 1
- ASE:
- ASE_CCL: 1
- ASE_CCL.1: 1
- ASE_ECD: 1
- ASE_ECD.1: 1
- ASE_INT: 1
- ASE_INT.1: 1
- ASE_OBJ: 1
- ASE_OBJ.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.1: 1
- ASE_REQ.2: 1
- ASE_SPD: 1
- ASE_SPD.1: 1
- ASE_TSS: 1
- ASE_TSS.1: 1
- ASE_TSS.2: 7
- ATE:
- ATE_COV: 1
- ATE_COV.1: 1
- ATE_COV.2: 1
- ATE_COV.3: 1
- ATE_DPT: 1
- ATE_DPT.1: 1
- ATE_DPT.2: 1
- ATE_DPT.3: 1
- ATE_DPT.4: 1
- ATE_FUN: 1
- ATE_FUN.1: 1
- ATE_FUN.2: 1
- ATE_IND: 1
- ATE_IND.1: 1
- ATE_IND.2: 1
- ATE_IND.3: 1
- AVA:
- AVA_VAN: 2
- AVA_VAN.1: 1
- AVA_VAN.2: 1
- AVA_VAN.3: 1
- AVA_VAN.4: 7
- AVA_VAN.5: 1
|
- ADV:
- ADV_FSP.4: 4
- ADV_IMP.1: 4
- ADV_TDS.3: 4
- ALC:
- ALC_CMS: 1
- ALC_CMS.4: 1
- ALC_FLR: 3
- ALC_FLR.2: 4
- ALC_TAT.1: 4
- AVA:
|
| pdf_data/report_keywords/cc_sfr |
|
- FCS:
- FCS_CKM: 6
- FCS_CKM.1: 1
- FCS_COP: 14
- FDP:
- FPT:
- FTP:
|
| pdf_data/report_keywords/cc_claims |
- A:
- A.ADMIN: 3
- A.HANET: 3
- A.INIT: 3
- A.NOEVIL: 3
- A.PHYSEC: 4
- A.RANDOM: 4
- A.SINGEN: 3
- A.TIMESTMP: 2
- OE:
- OE.ADMIN: 1
- OE.HANET: 1
- OE.INIT: 1
- OE.NOEVIL: 1
- OE.PHYSEC: 1
- OE.RANDOM: 1
- OE.SINGEN: 1
- OE.TIMESTMP: 1
|
|
| pdf_data/report_keywords/vendor |
|
|
| pdf_data/report_keywords/eval_facility |
|
- SRC:
- SRC Security Research & Consulting: 2
|
| pdf_data/report_keywords/symmetric_crypto |
- AES_competition:
- constructions:
|
- AES_competition:
- constructions:
- MAC:
- HMAC: 12
- HMAC-SHA-256: 1
- HMAC-SHA-384: 1
- HMAC-SHA-512: 1
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
- IKE:
- IPsec:
- TLS:
- TLS:
- TLS: 34
- TLS v1.2: 7
- TLSv1.2: 1
- VPN:
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
- BSI:
- BSI 7125: 2
- BSI 7138: 2
- BSI 7148: 1
- BSI TR-02102: 1
|
- BSI:
- BSI 7148: 1
- BSI TR-02102: 1
- BSI TR-03116-1: 1
- BSI TR-03154: 1
- BSI TR-03155: 1
- BSI TR-03157: 2
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
- BSI:
- AIS 32: 1
- AIS 34: 1
- AIS 38: 1
- ISO:
- ISO/IEC 15408: 4
- ISO/IEC 17065: 2
- ISO/IEC 18045: 4
|
- BSI:
- AIS 20: 2
- AIS 32: 1
- AIS 34: 2
- FIPS:
- FIPS 180-4: 10
- FIPS 197: 4
- FIPS PUB 180-4: 1
- FIPS180-4: 5
- FIPS186-4: 2
- FIPS197: 1
- ISO:
- ISO/IEC 15408: 4
- ISO/IEC 17065: 2
- ISO/IEC 18045: 4
- PKCS:
- RFC:
- RFC 2104: 1
- RFC 3268: 1
- RFC 7027: 1
- RFC-2104: 3
- RFC-2404: 1
- RFC-3268: 3
- RFC-3526: 1
- RFC-3602: 2
- RFC-4106: 1
- RFC-4301: 3
- RFC-4303: 3
- RFC-4492: 2
- RFC-4868: 1
- RFC-4880: 1
- RFC-5116: 1
- RFC-5246: 4
- RFC-5289: 1
- RFC-5639: 6
- RFC-6931: 1
- RFC-6954: 1
- RFC-7296: 3
- RFC-8017: 5
- RFC-8247: 1
- RFC2104: 1
- RFC2404: 1
- RFC3268: 1
- RFC3526: 2
- RFC3602: 1
- RFC4055: 1
- RFC4106: 1
- RFC4301: 1
- RFC4303: 1
- RFC4346: 1
- RFC4868: 1
- RFC4880: 1
- RFC5246: 1
- RFC5280: 1
- RFC5289: 1
- RFC5639: 2
- RFC5996: 1
- RFC7027: 1
- RFC7292: 1
- RFC7296: 3
- RFC8017: 3
- RFC8247: 1
- X509:
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
- ConfidentialDocument:
- Evaluation Technical Report BSI-DSZ-CC-0823 for genuscreen 4.0 from genua mbH of secuvera GmbH (confidential document) [8] Guidance documentation for the TOE, genucenter Installations- und Konfigurationshandbuch: 1
- OutOfScope:
- The genucenter must be operated on real hardware. Running the genucenter in a virtual machine is out of scope for this TOE. The Security Target [6] is the basis for this certification. It is not based on a: 1
- or Mobile Clients, L2TP VPN, LDAP Authentication, Dynamic Routing, and virtual genucenter are out of scope of the evaluated configuration. In general, all information contained in the Security Target [6: 1
- out of scope: 2
|
|
| pdf_data/report_metadata |
|
- /Author: Bundesamt für Sicherheit in der Informtionstechnik
- /Keywords: "Common Criteria, Certification, Zertifizierung, Konnektor"
- /Subject: Common Criteria, Certification, Zertifizierung, Konnektor
- /Title: Zertifizierungsreport BSI-DSZ-CC-1044-V7-2023
- pdf_file_size_bytes: 620033
- pdf_hyperlinks: https://www.sogis.eu/, https://www.bsi.bund.de/AIS, https://www.iana.org/assignments/ikev2-parameters/ikev2-parameters.xhtml#ikev2-parameters-6, https://www.commoncriteriaportal.org/, https://www.commoncriteriaportal.org/cc/, https://www.bsi.bund.de/zertifizierung, https://www.bsi.bund.de/zertifizierungsreporte, https://www.bsi.bund.de/
- pdf_is_encrypted: False
- pdf_number_of_pages: 35
|
| pdf_data/st_filename |
0823b_pdf.pdf |
1044V7b_pdf.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
- DE:
- BSI-DSZ-CC-1044-V7-2023: 1
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
- BSI:
- BSI-CC-PP-0097: 4
- BSI-CC-PP-0097“: 2
- BSI-CC-PP-0098: 6
|
| pdf_data/st_keywords/cc_security_level |
- EAL:
- EAL4: 3
- EAL4 augmented: 1
|
|
| pdf_data/st_keywords/cc_sar |
- ADV:
- ADV_ARC: 1
- ADV_ARC.1: 4
- ADV_FSP: 1
- ADV_FSP.1: 1
- ADV_FSP.2: 2
- ADV_FSP.4: 2
- ADV_IMP: 1
- ADV_IMP.1: 3
- ADV_INT: 2
- ADV_SPM: 2
- ADV_TAT.1: 1
- ADV_TDS: 1
- ADV_TDS.1: 1
- ADV_TDS.2: 1
- ADV_TDS.3: 2
- AGD:
- AGD_OPE: 1
- AGD_OPE.1: 3
- AGD_PRE: 1
- AGD_PRE.1: 3
- ALC:
- ALC_CMC: 1
- ALC_CMC.4: 1
- ALC_CMS: 1
- ALC_CMS.4: 1
- ALC_DEL: 1
- ALC_DEL.1: 1
- ALC_DVS: 1
- ALC_DVS.1: 2
- ALC_FLR: 1
- ALC_FLR.2: 3
- ALC_LCD: 1
- ALC_LCD.1: 2
- ALC_TAT: 1
- ALC_TAT.1: 1
- ASE:
- ASE_CCL: 1
- ASE_CCL.1: 1
- ASE_ECD: 1
- ASE_ECD.1: 3
- ASE_INT: 1
- ASE_INT.1: 1
- ASE_OBJ: 1
- ASE_OBJ.2: 1
- ASE_REQ: 1
- ASE_REQ.1: 2
- ASE_REQ.2: 1
- ASE_SPD: 1
- ASE_SPD.1: 1
- ASE_TSS: 1
- ASE_TSS.2: 4
- ATE:
- ATE_COV: 1
- ATE_COV.1: 1
- ATE_COV.2: 1
- ATE_DPT: 1
- ATE_DPT.1: 2
- ATE_FUN: 1
- ATE_FUN.1: 4
- ATE_IND: 1
- ATE_IND.2: 1
- AVA:
|
- ADV:
- ADV_ARC: 2
- ADV_ARC.1: 1
- ADV_FSP.4: 7
- ADV_IMP.1: 9
- ADV_TDS.1: 1
- ADV_TDS.2: 2
- ADV_TDS.3: 7
- AGD:
- AGD_OPE: 1
- AGD_OPE.1: 13
- AGD_PRE.1: 1
- ALC:
- ALC_DEL.1: 5
- ALC_FLR.2: 6
- ALC_TAT.1: 8
- ATE:
- AVA:
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FAU_GEN: 20
- FAU_GEN.1: 5
- FAU_GEN.2: 1
- FAU_SAR: 12
- FAU_SAR.1: 3
- FAU_SAR.3: 1
- FCS:
- FCS_CKM: 143
- FCS_CKM.1: 29
- FCS_CKM.4: 31
- FCS_COP: 100
- FCS_COP.1: 29
- FDP:
- FDP_IFC: 53
- FDP_IFC.1: 33
- FDP_IFF: 43
- FDP_IFF.1: 37
- FDP_ITT: 32
- FDP_ITT.1: 4
- FIA:
- FIA_ATD: 6
- FIA_ATD.1: 1
- FIA_SOS: 6
- FIA_SOS.1: 1
- FIA_UAU: 12
- FIA_UAU.2: 1
- FIA_UAU.6: 1
- FIA_UID: 6
- FIA_UID.1: 3
- FIA_UID.2: 2
- FMT:
- FMT_IFC.2: 2
- FMT_MOF: 6
- FMT_MOF.1: 1
- FMT_MSA: 166
- FMT_MSA.1: 26
- FMT_MSA.2: 4
- FMT_MSA.3: 18
- FMT_SMF: 49
- FMT_SMF.1: 22
- FMT_SMR: 8
- FMT_SMR.1: 26
- FPT:
- FPT_ITT: 8
- FPT_ITT.1: 3
- FPT_STM.1: 3
- FPT_TEE: 8
- FPT_TEE.1: 2
- FPT_TRC: 6
- FPT_TRC.1: 1
- FPT_TRC.1.1: 1
- FPT_TRC.1.2: 1
- FTP:
|
- FAU:
- FAU_GEN: 16
- FAU_GEN.1: 5
- FAU_GEN.2: 1
- FAU_STG: 2
- FCS:
- FCS_CKM: 87
- FCS_CKM.1: 14
- FCS_CKM.2: 6
- FCS_CKM.4: 13
- FCS_COP: 77
- FCS_COP.1: 12
- FDP:
- FDP_ACC: 11
- FDP_ACC.1: 7
- FDP_ACF: 5
- FDP_ACF.1: 5
- FDP_ETC: 8
- FDP_ETC.2: 4
- FDP_IFC: 18
- FDP_IFC.1: 7
- FDP_IFF: 20
- FDP_IFF.1: 20
- FDP_ITC: 17
- FDP_ITC.1: 15
- FDP_ITC.2: 17
- FDP_RIP: 6
- FDP_RIP.1: 1
- FDP_UIT: 6
- FDP_UIT.1: 2
- FIA:
- FIA_UAU: 11
- FIA_UAU.1: 2
- FIA_UID: 9
- FIA_UID.1: 5
- FMT:
- FMT_MOF: 12
- FMT_MOF.1: 1
- FMT_MSA: 40
- FMT_MSA.1: 2
- FMT_MSA.3: 7
- FMT_MTD: 7
- FMT_MTD.1: 2
- FMT_SMF: 19
- FMT_SMF.1: 4
- FMT_SMR.1: 28
- FMT_SMR.1.1: 1
- FPT:
- FPT_EMS: 16
- FPT_EMS.1: 7
- FPT_EMS.1.1: 2
- FPT_EMS.1.2: 2
- FPT_STM: 11
- FPT_STM.1: 2
- FPT_TDC: 22
- FPT_TDC.1: 6
- FPT_TST: 7
- FPT_TST.1: 3
- FTP:
- FTP_ITC: 41
- FTP_ITC.1: 21
- FTP_TRP: 13
- FTP_TRP.1: 6
|
| pdf_data/st_keywords/cc_claims |
- A:
- A.ADMIN: 4
- A.HANET: 5
- A.INIT: 4
- A.NOEVIL: 4
- A.PHYSEC: 4
- A.RANDOM: 4
- A.SINGEN: 5
- A.TIMESTMP: 4
- O:
- O.AUDREC: 5
- O.AUTH: 12
- O.AVAIL: 5
- O.CONFID: 13
- O.INTEG: 9
- O.MEDIAT: 4
- O.NOREPLAY: 13
- O.RS: 11
- OE:
- OE.ADMIN: 2
- OE.HANET: 5
- OE.INIT: 7
- OE.NOEVIL: 3
- OE.PHYSEC: 4
- OE.RANDOM: 3
- OE.SINGEN: 4
- OE.TIMESTMP: 5
- T:
- T.MEDIAT: 4
- T.MMODIFY: 4
- T.MODIFY: 4
- T.MSNIFF: 4
- T.NOAUTH: 4
- T.SELPRO: 4
- T.SNIFF: 4
|
|
| pdf_data/st_keywords/vendor |
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
- AES_competition:
- constructions:
|
- AES_competition:
- AES:
- AES: 24
- AES-128: 3
- AES-256: 2
- HPC:
- constructions:
- MAC:
- HMAC: 33
- HMAC-SHA-256: 1
- HMAC-SHA-384: 1
- HMAC-SHA-512: 1
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
|
- SHA:
- SHA1:
- SHA2:
- SHA-2: 2
- SHA-256: 6
- SHA256: 1
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
|
- IKE:
- IPsec:
- TLS:
- SSL:
- TLS:
- TLS: 148
- TLS 1.2: 2
- TLS 1.3: 2
- VPN:
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
- Brainpool:
- brainpoolP256r1: 4
- brainpoolP384r1: 1
- NIST:
- NIST P-256: 3
- P-256: 5
- P-384: 2
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
- TLS:
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA: 3
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA: 3
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: 3
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: 2
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: 3
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: 3
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: 3
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: 2
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384131: 1
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
- BSI:
- BSI TR-03111: 2
- BSI TR-03116-1: 3
- BSI TR-03144: 1
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
- BSI:
- FIPS:
- PKCS:
- RFC:
- RFC2104: 7
- RFC2409: 9
- RFC2460: 2
- RFC2617: 1
- RFC2965: 1
- RFC3502: 1
- RFC3526: 5
- RFC3602: 1
- RFC4253: 6
- RFC4301: 1
- RFC4344: 1
- RFC4418: 7
- RFC4432: 1
- RFC5656: 7
|
- CC:
- CCMB-2017-04-002: 1
- CCMB-2017-04-003: 1
- CCMB-2017-04-004: 1
- FIPS:
- FIPS 180-4: 1
- FIPS 197: 2
- FIPS PUB 180-4: 5
- FIPS PUB 186-4: 2
- PKCS:
- PKCS #12: 1
- PKCS#1: 2
- PKCS#12: 2
- RFC:
- RFC 1323: 1
- RFC 2104: 2
- RFC 2131: 2
- RFC 2132: 2
- RFC 2401: 1
- RFC 2402: 1
- RFC 2404: 2
- RFC 2406: 2
- RFC 2460: 1
- RFC 2560: 1
- RFC 2663: 1
- RFC 3268: 1
- RFC 3526: 1
- RFC 3602: 3
- RFC 4055: 2
- RFC 4106: 2
- RFC 4301: 5
- RFC 4302: 2
- RFC 4303: 6
- RFC 4330: 1
- RFC 4868: 2
- RFC 5246: 4
- RFC 5280: 1
- RFC 5289: 2
- RFC 5639: 3
- RFC 5905: 1
- RFC 7027: 1
- RFC 7296: 7
- RFC 791: 1
- RFC 793: 1
- RFC 8017: 3
- RFC 8422: 2
- RFC 8446: 1
- RFC 958: 1
- RFC-5639: 1
- RFC-7027: 1
- RFC7296: 1
- X509:
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
- OutOfScope:
- 1.4.8.7 Dynamic Routing The dynamic routing feature which uses OSPF only works with IPv4 and is out of scope for this TOE. 1.4.8.8 No virtual genucenter The genucenter must be operated on real hardware: 1
- out of scope: 4
- the genucenter in a virtual machine is out of scope for this TOE. 1.4.9 Physical Scope The physical scope of TOE consists only of software and: 1
- to perform cryptographic operations for IPsec operations. However, usage of the cryptocard is out of scope for this TOE. 1.4.8.2 No USB update The management system genucenter can write configuration: 1
- when the USB stick is plug into the firewall component. However, usage of the USB update is out of scope for this TOE. 1.4.8.3 No FTP and SIP Relays The product allows the configuration of FTP and SIP: 1
|
|
| pdf_data/st_metadata |
- /Author: Roland Meister
- /CreationDate: D:20141023133113+02'00'
- /Creator: Writer
- /Keywords: CC 3.1
- /Producer: LibreOffice 4.1
- /Subject: Common Criteria
- /Title: genucreen 4.0 Security Target
- pdf_file_size_bytes: 657632
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 72
|
- /Author: Röhnelt, Andreas
- pdf_file_size_bytes: 1615315
- pdf_hyperlinks: http://www.ietf.org/rfc/rfc2406.txt, http://www.rfc-editor.org/rfc/rfc3602.txt, http://www.ietf.org/rfc/rfc2132.txt, http://www.ietf.org/rfc/rfc2131.txt, http://tools.ietf.org/html/rfc4302, https://tools.ietf.org/html/rfc5639, http://www.ietf.org/rfc/rfc5905.txt, http://www.ietf.org/rfc/rfc5280.txt, http://tools.ietf.org/html/rfc4301, http://tools.ietf.org/html/rfc2663, http://www.bmg.bund.de/, http://tools.ietf.org/html/rfc4330, http://tools.ietf.org/html/rfc2402, http://www.ietf.org/rfc/rfc4303.txt, http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf, http://tools.ietf.org/html/rfc791, http://www.eecis.udel.edu/~mills/ntp/html/release.html, http://www.dimdi.de/, http://tools.ietf.org/html/rfc4303, http://tools.ietf.org/html/rfc958, http://www.rfc-editor.org/rfc/rfc3526.txt, http://www.ietf.org/rfc/rfc7027.txt, http://tools.ietf.org/html/rfc2460, http://tools.ietf.org/html/rfc2406, http://tools.ietf.org/html/, http://www.rfc-editor.org/rfc/rfc4106.txt, http://www.rfc-editor.org/rfc/rfc4868.txt, http://tools.ietf.org/html/rfc1323, http://www.bundesnetzagentur.de/, http://www.gematik.de/, http://www.rfc-editor.org/rfc/rfc4055.txt, http://tools.ietf.org/html/rfc2401, http://www.rfc-editor.org/rfc/rfc2404.txt, http://tools.ietf.org/html/rfc793, http://www.ietf.org/rfc/rfc7296.txt, http://www.rfc-editor.org/rfc/rfc8017.txt
- pdf_is_encrypted: False
- pdf_number_of_pages: 155
|
| state/cert/convert_garbage |
False |
False |
| state/cert/convert_ok |
False |
True |
| state/cert/download_ok |
False |
True |
| state/cert/extract_ok |
False |
True |
| state/cert/pdf_hash |
Different |
Different |
| state/cert/txt_hash |
Different |
Different |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |