| name |
RISE Konnektor V3.0 |
genuscreen 8.0 |
| category |
ICs, Smart Cards and Smart Card-Related Devices and Systems |
Boundary Protection Devices and Systems |
| scheme |
DE |
DE |
| status |
active |
active |
| not_valid_after |
21.03.2026 |
05.04.2028 |
| not_valid_before |
22.02.2021 |
06.04.2023 |
| cert_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1052V3b_pdf(1).pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1194c_pdf.pdf |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1052V3a_pdf.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1194a_pdf.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1052V3b_pdf.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1194b_pdf.pdf |
| manufacturer |
Research Industrial Systems Engineering (RISE) Forschungs-, Entwicklungs- und Großprojekteberatung GmbH |
genua GmbH |
| manufacturer_web |
https://www.rise-world.com/ |
https://www.genua.de |
| security_level |
ADV_FSP.4, ADV_INT.1, ALC_FLR.2, AVA_VAN.5, ALC_TAT.1, EAL3+, ADV_TDS.3 |
AVA_VAN.4, ALC_PAM.1, ALC_FLR.2, ASE_TSS.2, EAL4+ |
| dgst |
7cb0f260dac98ca0 |
700b0783f3fe80bb |
| heuristics/cert_id |
BSI-DSZ-CC-1052-V3-2021 |
BSI-DSZ-CC-1194-2023 |
| heuristics/cert_lab |
BSI |
BSI |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
AGD_PRE.1, ALC_TAT.1, AVA_VAN.5, ADV_FSP.4, ALC_DEL.1, AGD_OPE.1, ADV_ARC.1, ADV_TDS.3, ATE_DPT.1, ADV_INT.1, ALC_FLR.2, ADV_IMP.1 |
ASE_INT.1, ALC_CMC.4, ASE_ECD.1, ADV_IMP.1, ATE_COV.2, ALC_TAT.1, ASE_SPD.1, ALC_DEL.1, ALC_LCD.1, AGD_OPE.1, AGD_PRE.1, ALC_CMS.4, ATE_FUN.1, ADV_ARC.1, ASE_OBJ.2, ADV_TDS.3, ATE_DPT.1, ALC_FLR.2, ASE_TSS.2, ASE_REQ.2, ALC_DVS.1, ADV_FSP.4, ALC_PAM.1, ATE_IND.2, AVA_VAN.4, ADV_TAT.1, ASE_CCL.1 |
| heuristics/extracted_versions |
3.0 |
8.0 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
BSI-DSZ-CC-1052-V4-2021 |
{} |
| heuristics/report_references/directly_referencing |
BSI-DSZ-CC-1052-V2-2020 |
BSI-DSZ-CC-1142-2020 |
| heuristics/report_references/indirectly_referenced_by |
BSI-DSZ-CC-1052-V5-2022, BSI-DSZ-CC-1052-V4-2021, BSI-DSZ-CC-1052-V6-2024 |
{} |
| heuristics/report_references/indirectly_referencing |
BSI-DSZ-CC-1052-V2-2020, BSI-DSZ-CC-1052-2018 |
BSI-DSZ-CC-1142-2020 |
| heuristics/scheme_data |
|
- category: Network and Network related Devices and Systems
- cert_id: BSI-DSZ-CC-1194-2023
- certification_date: 06.04.2023
- enhanced:
- applicant: genua GmbH Domagkstrasse 7 85551 Kirchheim
- assurance_level: EAL4+,AVA_VAN.4,ASE_TSS.2,ALC_PAM.1
- cert_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1194c_pdf.pdf?__blob=publicationFile&v=1
- certification_date: 06.04.2023
- description: The TOE makes VPN and firewall functionality available and easy to manage. It protects networks at the border to the Internet by filtering incoming and outgoing data traffic. It protects the data flowing between several protected networks against unauthorised inspection and modification. It consists of software on a number (at least 2) of machines (genuscreen appliances) that work as network filters, hereafter called firewall components, and another machine to manage this network of firewall components. This machine, the management system (genucenter management system), is a central component.
- entries: [frozendict({'id': 'BSI-DSZ-CC-1194-2023-MA-01 (Ausstellungsdatum / Certification Date 17.11.2023) Assurance Continuity Maintenance Report with partial re-evaluation applying ALC_PAM for patch management Assurance Continuity / Maintanance Report', 'description': 'and firewall functionality available and easy to manage. It consists only of software and documentation. It protects networks at the border to the Internet by filtering incoming and outgoing data traffic. It also protects the data flowing between several protected networks against unauthorised inspection and modification.'}), frozendict({'id': 'BSI-DSZ-CC-1194-2023', 'description': 'Certificate'})]
- evaluation_facility: secuvera GmbH
- expiration_date: 05.04.2028
- product: genuscreen 8.0
- report_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1194a_pdf.pdf?__blob=publicationFile&v=1
- target_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1194b_pdf.pdf?__blob=publicationFile&v=1
- product: genuscreen 8.0
- url: https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Netzwerk_und_Kommunikationsprodukte/1194.html
- vendor: genua GmbH
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
9cb61513b74a0fce |
{} |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0097b_pdf.pdf |
{} |
| pdf_data/cert_filename |
1052V3b_pdf(1).pdf |
1194c_pdf.pdf |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
- BSI:
- BSI-CC-PP- 0082-V2-2014: 1
- BSI-CC-PP- 0098-V2: 1
- BSI-CC-PP-0082: 1
- BSI-CC-PP-0097-V2: 11
- BSI-CC-PP-0098-: 1
- BSI-CC-PP-0098-V2: 7
|
|
| pdf_data/cert_keywords/cc_security_level |
|
- EAL:
- EAL 2: 1
- EAL 4: 2
- EAL 4 augmented: 1
- EAL 5: 1
|
| pdf_data/cert_keywords/cc_sar |
- ADV:
- ADV_ARC: 2
- ADV_ARC.1: 1
- ADV_FSP.4: 7
- ADV_IMP.1: 9
- ADV_TDS.1: 1
- ADV_TDS.2: 2
- ADV_TDS.3: 7
- AGD:
- AGD_OPE: 1
- AGD_OPE.1: 12
- AGD_PRE.1: 1
- ALC:
- ALC_DEL.1: 6
- ALC_FLR.2: 6
- ALC_TAT.1: 8
- ATE:
- AVA:
|
- ALC:
- ALC_FLR: 1
- ALC_FLR.2: 1
- ALC_PAM.1: 1
- ASE:
- AVA:
|
| pdf_data/cert_keywords/cc_sfr |
- FAU:
- FAU_GEN: 16
- FAU_GEN.1: 5
- FAU_GEN.2: 1
- FAU_STG: 2
- FCS:
- FCS_CKM: 89
- FCS_CKM.1: 14
- FCS_CKM.2: 6
- FCS_CKM.4: 13
- FCS_COP: 77
- FCS_COP.1: 12
- FDP:
- FDP_ACC: 11
- FDP_ACC.1: 7
- FDP_ACF: 8
- FDP_ACF.1: 5
- FDP_ETC: 8
- FDP_ETC.2: 4
- FDP_IFC: 20
- FDP_IFC.1: 7
- FDP_IFF: 21
- FDP_IFF.1: 16
- FDP_ITC: 8
- FDP_ITC.1: 12
- FDP_ITC.2: 17
- FDP_RIP: 6
- FDP_RIP.1: 1
- FDP_UIT: 8
- FDP_UIT.1: 2
- FIA:
- FMT:
- FMT_MOF: 13
- FMT_MOF.1: 1
- FMT_MSA: 48
- FMT_MSA.1: 2
- FMT_MSA.3: 6
- FMT_MSA.4: 1
- FMT_MTD: 8
- FMT_MTD.1: 1
- FMT_SMF: 18
- FMT_SMF.1: 4
- FMT_SMR: 23
- FMT_SMR.1: 6
- FMT_SMR.1.1: 1
- FPT:
- FPT_EMS: 17
- FPT_EMS.1: 7
- FPT_EMS.1.1: 2
- FPT_EMS.1.2: 2
- FPT_STM: 11
- FPT_STM.1: 2
- FPT_TDC: 22
- FPT_TDC.1: 6
- FPT_TST: 7
- FPT_TST.1: 3
- FTP:
- FTP_ITC: 50
- FTP_ITC.1: 26
- FTP_TRP: 14
- FTP_TRP.1: 5
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
- AES_competition:
- AES:
- AES: 22
- AES-128: 3
- AES-256: 2
- HPC:
- constructions:
- MAC:
- HMAC: 31
- HMAC-SHA-256: 1
- HMAC-SHA-384: 1
- HMAC-SHA-512: 1
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
- SHA:
- SHA1:
- SHA2:
- SHA-2: 2
- SHA-256: 5
- SHA256: 2
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
- IKE:
- IPsec:
- TLS:
- SSL:
- TLS:
- TLS: 139
- TLS 1.2: 2
- TLS 1.3: 1
- VPN:
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
- TLS:
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA: 2
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA: 2
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: 2
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: 2
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: 2
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: 2
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: 2
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: 1
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384136: 1
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
- BSI:
- BSI TR-03116-1: 3
- BSI TR-03144: 1
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
- CC:
- CCMB-2017-04-002: 1
- CCMB-2017-04-003: 1
- CCMB-2017-04-004: 1
- FIPS:
- FIPS 180-4: 1
- FIPS 197: 2
- FIPS PUB 180-4: 4
- PKCS:
- RFC:
- RFC 1323: 1
- RFC 2104: 3
- RFC 2131: 2
- RFC 2132: 2
- RFC 2401: 1
- RFC 2402: 1
- RFC 2404: 2
- RFC 2406: 2
- RFC 2460: 1
- RFC 2560: 1
- RFC 2663: 1
- RFC 3268: 1
- RFC 3279: 1
- RFC 3526: 1
- RFC 3602: 3
- RFC 3947: 1
- RFC 4035: 1
- RFC 4055: 2
- RFC 4301: 5
- RFC 4302: 2
- RFC 4303: 6
- RFC 4330: 1
- RFC 4346: 1
- RFC 4868: 2
- RFC 5246: 5
- RFC 5280: 1
- RFC 5289: 2
- RFC 5639: 1
- RFC 5905: 1
- RFC 7296: 8
- RFC 791: 1
- RFC 793: 1
- RFC 8017: 3
- RFC 8422: 2
- RFC 8446: 1
- RFC 958: 1
- X509:
|
- ISO:
- ISO/IEC 15408: 2
- ISO/IEC 18045: 2
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
- /Author: SRC Security Research & Consulting GmbH
- /CreationDate: D:20210112120904+01'00'
- /Creator: Microsoft® Word 2016
- /ModDate: D:20210317094253+01'00'
- /Producer: Microsoft® Word 2016
- /Subject: RISE-Konnektor
- /Title: RISE-Konnektor
- pdf_file_size_bytes: 2663498
- pdf_hyperlinks: https://www.dimdi.de/, https://www.rfc-editor.org/rfc/rfc8017.txt, https://www.rfc-editor.org/rfc/rfc4868.txt, http://tools.ietf.org/html/rfc4302, https://www.ietf.org/rfc/rfc5996.txt, http://tools.ietf.org/html/rfc4301, http://www.ietf.org/rfc/rfc5280.txt, http://tools.ietf.org/html/rfc2663, http://tools.ietf.org/html/rfc4330, http://tools.ietf.org/html/rfc2402, https://www.rfc-editor.org/rfc/rfc2404.txt, https://www.rfc-editor.org/rfc/rfc3526.txt, https://www.rfc-editor.org/rfc/rfc3602.txt, https://www.ietf.org/rfc/rfc2131.txt, http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf, http://tools.ietf.org/html/rfc791, http://www.eecis.udel.edu/~mills/ntp/html/release.html, http://www.dimdi.de/, https://www.ietf.org/rfc/rfc4303.txt, http://tools.ietf.org/html/rfc5996, https://www.gematik.de/, http://tools.ietf.org/html/rfc4303, http://tools.ietf.org/html/rfc958, https://www.ietf.org/rfc/rfc5905.txt, https://www.ietf.org/rfc/rfc2406.txt, http://tools.ietf.org/html/rfc2460, https://www.ietf.org/rfc/rfc2132.txt, http://tools.ietf.org/html/rfc2406, http://tools.ietf.org/html/, http://tools.ietf.org/html/rfc1323, https://www.ietf.org/rfc/rfc4035.txt, http://www.bundesnetzagentur.de/, http://www.gematik.de/, http://tools.ietf.org/html/rfc2401, https://www.bmg.bund.de/, https://www.rfc-editor.org/rfc/rfc4055.txt, https://www.ietf.org/rfc/rfc7296.txt, http://tools.ietf.org/html/rfc793
- pdf_is_encrypted: False
- pdf_number_of_pages: 155
|
- /Author: Bundesamt für Sicherheit in der Informationstechnik
- /Keywords: Common Criteria, Certification, Zertifizierung, BSI-DSZ-CC-1194-2023, firewall and VPN gateway, genuscreen 8.0, genua GmbH
- /Subject: Common Criteria, Certification, Zertifizierung, BSI-DSZ-CC-1194-2023, firewall and VPN gateway, genuscreen 8.0, genua GmbH
- /Title: Certificate BSI-DSZ-CC-1194-2023 for genuscreen 8.0 from genua GmbH
- pdf_file_size_bytes: 325879
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
| pdf_data/report_filename |
1052V3a_pdf.pdf |
1194a_pdf.pdf |
| pdf_data/report_frontpage |
- DE:
- cert_id: BSI-DSZ-CC-1052-V3-2021
- cert_item: RISE Konnektor V3.0
- cert_lab: BSI
- developer: Research Industrial Systems Engineering (RISE) Forschungs-, Entwicklungs- und Großprojektberatung GmbH
- match_rules: ['(BSI-DSZ-CC-.+?) zu (.+?) der (.*)']
|
- DE:
- cc_security_level: Common Criteria Part 3 extended EAL 4 augmented by ALC_FLR.2, ASE_TSS.2, AVA_VAN.4 and ALC_PAM.1
- cc_version: Product specific Security Target Common Criteria Part 2 extended
- cert_id: BSI-DSZ-CC-1194-2023
- cert_item: genuscreen 8.0
- cert_lab: BSI
- developer: genua GmbH
- match_rules: ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)']
- ref_protection_profiles: None
|
| pdf_data/report_keywords/cc_cert_id |
- DE:
- BSI-DSZ-CC-1052-V2-2020: 3
- BSI-DSZ-CC-1052-V3-2021: 16
|
- DE:
- BSI-DSZ-CC-1142-2020: 3
- BSI-DSZ-CC-1194-2023: 15
|
| pdf_data/report_keywords/cc_protection_profile_id |
- BSI:
- BSI-CC-PP-0097-: 1
- BSI-CC-PP-0097-V2: 3
|
|
| pdf_data/report_keywords/cc_security_level |
- EAL:
- EAL 1: 1
- EAL 2: 2
- EAL 2+: 1
- EAL 3: 4
- EAL 4: 4
- EAL 5: 3
- EAL 5+: 1
- EAL 6: 1
|
- EAL:
- EAL 1: 1
- EAL 2: 3
- EAL 4: 8
- EAL 4 augmented: 3
- EAL 5: 3
- EAL 5+: 1
- EAL 6: 1
|
| pdf_data/report_keywords/cc_sar |
- ADV:
- ADV_FSP.4: 4
- ADV_IMP.1: 4
- ADV_TDS.3: 4
- ALC:
- ALC_FLR: 3
- ALC_FLR.2: 4
- ALC_TAT.1: 4
- AVA:
|
- ALC:
- ALC_FLR: 3
- ALC_FLR.2: 5
- ALC_PAM.1: 5
- ASE:
- AVA:
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
|
- A:
- A.ADMIN: 2
- A.HANET: 2
- A.INIT: 2
- A.LOCAL: 2
- A.NOEVIL: 2
- A.PHYSEC: 3
- A.REMOTE_AUTH: 2
- A.REST: 2
- A.SINGEN: 2
- A.TIMESTMP: 2
|
| pdf_data/report_keywords/vendor |
|
|
| pdf_data/report_keywords/eval_facility |
- SRC:
- SRC Security Research & Consulting: 6
|
|
| pdf_data/report_keywords/symmetric_crypto |
- AES_competition:
- AES:
- AES: 8
- AES-128: 2
- AES-256: 2
- constructions:
- MAC:
- HMAC: 12
- HMAC-SHA-256: 2
- HMAC-SHA-384: 1
- HMAC-SHA-512: 1
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
- MD:
- SHA:
- SHA1:
- SHA2:
- SHA-256: 2
- SHA-384: 1
- SHA256: 1
- SHA3:
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
- IKE:
- IPsec:
- SSH:
- TLS:
- VPN:
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
- BSI:
- BSI 7148: 1
- BSI TR-02102: 1
- BSI TR-03116-1: 1
|
- BSI:
- BSI 7148: 1
- BSI TR-02102: 1
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
- BSI:
- AIS 20: 2
- AIS 32: 1
- AIS 34: 1
- AIS 46: 1
- FIPS:
- FIPS 180-4: 8
- FIPS 186-4: 4
- FIPS 197: 4
- FIPS 202: 1
- FIPS PUB 180-4: 1
- FIPS180-4: 3
- ISO:
- ISO/IEC 15408: 4
- ISO/IEC 17065: 2
- ISO/IEC 18045: 4
- NIST:
- PKCS:
- RFC:
- RFC 1321: 1
- RFC 2104: 5
- RFC 2404: 4
- RFC 3268: 5
- RFC 3279: 1
- RFC 3526: 4
- RFC 3602: 4
- RFC 4055: 2
- RFC 4301: 4
- RFC 4303: 4
- RFC 4346: 2
- RFC 4492: 4
- RFC 4868: 3
- RFC 5083: 1
- RFC 5084: 1
- RFC 5116: 2
- RFC 5246: 7
- RFC 5280: 2
- RFC 5289: 3
- RFC 5639: 1
- RFC 5652: 1
- RFC 5751: 1
- RFC 7027: 2
- RFC 7292: 2
- RFC 7296: 6
- RFC 8017: 8
- X509:
|
- BSI:
- AIS 20: 2
- AIS 32: 1
- AIS 34: 1
- AIS 38: 1
- AIS 46: 1
- ISO:
- ISO/IEC 15408: 4
- ISO/IEC 17065: 2
- ISO/IEC 18045: 4
- X509:
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
|
- ConfidentialDocument:
- being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification: 1
- for genuscreen 8.0 from genua GmbH, Version 3, Date: 30.03.2023, secuvera GmbH (confidential document) [8] Guidance documentation for the TOE, genuscreen Installations- und Konfigurationshandbuch: 1
- OutOfScope:
- L2TP VPN, MOBIKE VPN, Dynamic Routing, genucenter HA, Remote Maintenance, getimagesfromcpt) are out of scope of the evaluated configuration. 18 / 26 BSI-DSZ-CC-1194-2023 Certification Report All information: 1
- components were installed on physical hardware, the installation of the TOE on virtual machines is out of scope of the evaluated configuration. For the operational configuration the genuscreens and the: 1
- out of scope: 2
|
| pdf_data/report_metadata |
|
- /Author: Bundesamt für Sicherheit in der Informationstechnik
- /Keywords: Common Criteria, Certification, Zertifizierung, BSI-DSZ-CC-1194-2023, firewall and VPN gateway, genuscreen 8.0, genua GmbH
- /Subject: Common Criteria, Certification, Zertifizierung, BSI-DSZ-CC-1194-2023, firewall and VPN gateway, genuscreen 8.0, genua GmbH
- /Title: Certification Report BSI-DSZ-CC-1194-2023 for genuscreen 8.0 from genua GmbH
- pdf_file_size_bytes: 525558
- pdf_hyperlinks: http://www.commoncriteriaportal.org/cc/, https://www.sogis.eu/, https://www.bsi.bund.de/AIS, http://www.commoncriteriaportal.org/, https://www.commoncriteriaportal.org/, https://www.bsi.bund.de/zertifizierung, https://www.bsi.bund.de/zertifizierungsreporte, https://www.bsi.bund.de/
- pdf_is_encrypted: False
- pdf_number_of_pages: 26
|
| pdf_data/st_filename |
1052V3b_pdf.pdf |
1194b_pdf.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
- BSI:
- BSI-CC-PP- 0082-V2-2014: 1
- BSI-CC-PP- 0098-V2: 1
- BSI-CC-PP-0082: 1
- BSI-CC-PP-0097-V2: 11
- BSI-CC-PP-0098-: 1
- BSI-CC-PP-0098-V2: 7
|
|
| pdf_data/st_keywords/cc_security_level |
|
- EAL:
- EAL4: 4
- EAL4 augmented: 1
|
| pdf_data/st_keywords/cc_sar |
- ADV:
- ADV_ARC: 2
- ADV_ARC.1: 1
- ADV_FSP.4: 7
- ADV_IMP.1: 9
- ADV_TDS.1: 1
- ADV_TDS.2: 2
- ADV_TDS.3: 7
- AGD:
- AGD_OPE: 1
- AGD_OPE.1: 12
- AGD_PRE.1: 1
- ALC:
- ALC_DEL.1: 6
- ALC_FLR.2: 6
- ALC_TAT.1: 8
- ATE:
- AVA:
|
- ADV:
- ADV_ARC: 1
- ADV_ARC.1: 4
- ADV_FSP: 1
- ADV_FSP.1: 1
- ADV_FSP.2: 2
- ADV_FSP.4: 2
- ADV_IMP: 1
- ADV_IMP.1: 3
- ADV_INT: 2
- ADV_SPM: 2
- ADV_TAT.1: 1
- ADV_TDS: 1
- ADV_TDS.1: 1
- ADV_TDS.2: 1
- ADV_TDS.3: 2
- AGD:
- AGD_OPE: 1
- AGD_OPE.1: 3
- AGD_PRE: 1
- AGD_PRE.1: 3
- ALC:
- ALC_CMC: 1
- ALC_CMC.4: 1
- ALC_CMS: 1
- ALC_CMS.4: 1
- ALC_DEL: 3
- ALC_DEL.1: 1
- ALC_DVS: 1
- ALC_DVS.1: 2
- ALC_FLR: 1
- ALC_FLR.2: 4
- ALC_LCD: 1
- ALC_LCD.1: 2
- ALC_PAM: 30
- ALC_PAM.1: 52
- ALC_TAT: 1
- ALC_TAT.1: 1
- ASE:
- ASE_CCL: 1
- ASE_CCL.1: 1
- ASE_ECD: 1
- ASE_ECD.1: 3
- ASE_INT: 1
- ASE_INT.1: 1
- ASE_OBJ: 1
- ASE_OBJ.2: 1
- ASE_REQ: 1
- ASE_REQ.1: 2
- ASE_REQ.2: 1
- ASE_SPD: 1
- ASE_SPD.1: 1
- ASE_TSS: 1
- ASE_TSS.2: 4
- ATE:
- ATE_COV: 1
- ATE_COV.1: 1
- ATE_COV.2: 1
- ATE_DPT: 1
- ATE_DPT.1: 2
- ATE_FUN: 1
- ATE_FUN.1: 4
- ATE_IND: 1
- ATE_IND.2: 1
- AVA:
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FAU_GEN: 16
- FAU_GEN.1: 5
- FAU_GEN.2: 1
- FAU_STG: 2
- FCS:
- FCS_CKM: 89
- FCS_CKM.1: 14
- FCS_CKM.2: 6
- FCS_CKM.4: 13
- FCS_COP: 77
- FCS_COP.1: 12
- FDP:
- FDP_ACC: 11
- FDP_ACC.1: 7
- FDP_ACF: 8
- FDP_ACF.1: 5
- FDP_ETC: 8
- FDP_ETC.2: 4
- FDP_IFC: 20
- FDP_IFC.1: 7
- FDP_IFF: 21
- FDP_IFF.1: 16
- FDP_ITC: 8
- FDP_ITC.1: 12
- FDP_ITC.2: 17
- FDP_RIP: 6
- FDP_RIP.1: 1
- FDP_UIT: 8
- FDP_UIT.1: 2
- FIA:
- FMT:
- FMT_MOF: 13
- FMT_MOF.1: 1
- FMT_MSA: 48
- FMT_MSA.1: 2
- FMT_MSA.3: 6
- FMT_MSA.4: 1
- FMT_MTD: 8
- FMT_MTD.1: 1
- FMT_SMF: 18
- FMT_SMF.1: 4
- FMT_SMR: 23
- FMT_SMR.1: 6
- FMT_SMR.1.1: 1
- FPT:
- FPT_EMS: 17
- FPT_EMS.1: 7
- FPT_EMS.1.1: 2
- FPT_EMS.1.2: 2
- FPT_STM: 11
- FPT_STM.1: 2
- FPT_TDC: 22
- FPT_TDC.1: 6
- FPT_TST: 7
- FPT_TST.1: 3
- FTP:
- FTP_ITC: 50
- FTP_ITC.1: 26
- FTP_TRP: 14
- FTP_TRP.1: 5
|
- FAU:
- FAU_GEN: 17
- FAU_GEN.1: 5
- FAU_GEN.2: 1
- FAU_SAR: 10
- FAU_SAR.1: 3
- FAU_SAR.3: 1
- FAU_UPD: 1
- FCS:
- FCS_CKM: 87
- FCS_CKM.1: 20
- FCS_CKM.4: 23
- FCS_COP: 70
- FCS_COP.1: 22
- FCS_RNG: 1
- FCS_RNG.1: 20
- FCS_RNG.1.1: 2
- FCS_RNG.1.2: 2
- FDP:
- FDP_IFC: 43
- FDP_IFC.1: 31
- FDP_IFC.2: 2
- FDP_IFF: 34
- FDP_IFF.1: 37
- FDP_ITC.1: 2
- FDP_ITT: 21
- FDP_ITT.1: 3
- FIA:
- FIA_ATD: 5
- FIA_ATD.1: 1
- FIA_SOS: 5
- FIA_SOS.1: 1
- FIA_UAU: 10
- FIA_UAU.2: 1
- FIA_UAU.6: 1
- FIA_UID: 5
- FIA_UID.1: 3
- FIA_UID.2: 2
- FMT:
- FMT_MOF: 5
- FMT_MOF.1: 1
- FMT_MSA: 122
- FMT_MSA.1: 24
- FMT_MSA.2: 3
- FMT_MSA.3: 18
- FMT_SMF: 39
- FMT_SMF.1: 22
- FMT_SMR: 6
- FMT_SMR.1: 25
- FPT:
- FPT_ITT: 8
- FPT_ITT.1: 2
- FPT_STM.1: 4
- FPT_TEE: 7
- FPT_TEE.1: 2
- FPT_TRC: 6
- FPT_TRC.1.1: 1
- FPT_TRC.1.2: 1
- FPT_UPD: 31
|
| pdf_data/st_keywords/cc_claims |
|
- A:
- A.ADMIN: 3
- A.HANET: 3
- A.INIT: 3
- A.LOCAL: 3
- A.NOEVIL: 3
- A.PHYSEC: 3
- A.REMOTE_AUTH: 3
- A.REST: 3
- A.SINGEN: 4
- A.TIMESTMP: 3
- O:
- O.AUDREC: 5
- O.AUTH: 10
- O.AVAIL: 7
- O.CONFID: 13
- O.INTEG: 11
- O.MEDIAT: 4
- O.NOREPLAY: 13
- O.PATCH: 3
- OE:
- OE.ADMIN: 2
- OE.CERTKEYS: 3
- OE.HANET: 5
- OE.INIT: 7
- OE.LOCAL: 1
- OE.NOEVIL: 3
- OE.PHYSEC: 4
- OE.REMOTE_AUTH: 2
- OE.REST: 3
- OE.SINGEN: 4
- OE.TIMESTMP: 6
- T:
- T.MEDIAT: 3
- T.MMODIFY: 3
- T.MODIFY: 3
- T.MSNIFF: 3
- T.NOAUTH: 3
- T.SELPRO: 3
- T.SNIFF: 3
|
| pdf_data/st_keywords/vendor |
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
- AES_competition:
- AES:
- AES: 22
- AES-128: 3
- AES-256: 2
- HPC:
- constructions:
- MAC:
- HMAC: 31
- HMAC-SHA-256: 1
- HMAC-SHA-384: 1
- HMAC-SHA-512: 1
|
- AES_competition:
- constructions:
- MAC:
- HMAC: 4
- HMAC-SHA-256: 1
- HMAC-SHA-384: 1
- HMAC-SHA-512: 1
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
- SHA:
- SHA1:
- SHA2:
- SHA-2: 2
- SHA-256: 5
- SHA256: 2
|
- SHA:
- SHA2:
- SHA-256: 2
- SHA-384: 3
- SHA-512: 2
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
- IKE:
- IPsec:
- TLS:
- SSL:
- TLS:
- TLS: 139
- TLS 1.2: 2
- TLS 1.3: 1
- VPN:
|
- IKE:
- IKE: 83
- IKEv1: 10
- IKEv2: 20
- IPsec:
- SSH:
- TLS:
- VPN:
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
- TLS:
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA: 2
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA: 2
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: 2
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: 2
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: 2
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: 2
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: 2
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: 1
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384136: 1
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
- BSI:
- BSI TR-03116-1: 3
- BSI TR-03144: 1
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
- CC:
- CCMB-2017-04-002: 1
- CCMB-2017-04-003: 1
- CCMB-2017-04-004: 1
- FIPS:
- FIPS 180-4: 1
- FIPS 197: 2
- FIPS PUB 180-4: 4
- PKCS:
- RFC:
- RFC 1323: 1
- RFC 2104: 3
- RFC 2131: 2
- RFC 2132: 2
- RFC 2401: 1
- RFC 2402: 1
- RFC 2404: 2
- RFC 2406: 2
- RFC 2460: 1
- RFC 2560: 1
- RFC 2663: 1
- RFC 3268: 1
- RFC 3279: 1
- RFC 3526: 1
- RFC 3602: 3
- RFC 3947: 1
- RFC 4035: 1
- RFC 4055: 2
- RFC 4301: 5
- RFC 4302: 2
- RFC 4303: 6
- RFC 4330: 1
- RFC 4346: 1
- RFC 4868: 2
- RFC 5246: 5
- RFC 5280: 1
- RFC 5289: 2
- RFC 5639: 1
- RFC 5905: 1
- RFC 7296: 8
- RFC 791: 1
- RFC 793: 1
- RFC 8017: 3
- RFC 8422: 2
- RFC 8446: 1
- RFC 958: 1
- X509:
|
- BSI:
- AIS 20: 1
- AIS 31: 1
- AIS20: 2
- AIS31: 1
- CC:
- CCMB-2017-04-001: 1
- CCMB-2017-04-002: 1
- CCMB-2017-04-003: 1
- CCMB-2017-04-004: 1
- ISO:
- PKCS:
- RFC:
- RFC 2104: 1
- RFC 2409: 1
- RFC 2460: 1
- RFC 3414: 1
- RFC 3602: 1
- RFC 4109: 1
- RFC 4253: 1
- RFC 4301: 1
- RFC 4306: 1
- RFC 4307: 1
- RFC 4344: 1
- RFC 4418: 1
- RFC 4754: 1
- RFC 4868: 1
- RFC 5114: 1
- RFC 5280: 1
- RFC 5590: 1
- RFC 5639: 1
- RFC 5656: 1
- RFC 5903: 1
- RFC 6040: 1
- RFC 6151: 1
- RFC 6239: 1
- RFC 6353: 1
- RFC 6668: 1
- RFC 6818: 1
- RFC 6960: 1
- RFC 7296: 1
- RFC 7427: 1
- RFC 7617: 1
- RFC2104: 4
- RFC2409: 2
- RFC2460: 1
- RFC3414: 1
- RFC3602: 4
- RFC4253: 2
- RFC4301: 1
- RFC4307: 1
- RFC4344: 1
- RFC4418: 4
- RFC4754: 2
- RFC4868: 4
- RFC5114: 2
- RFC5280: 1
- RFC5639: 3
- RFC5903: 3
- RFC6239: 3
- RFC6353: 1
- RFC6960: 1
- RFC7296: 2
- RFC8017: 2
- X509:
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
|
- OutOfScope:
- 10 No Remote Maintenance The remote maintenance feature using a rendezvous genuscreen appliance is out of scope. 1.4.11.11 No getimagesfromcpt The command line tool getimagesfromcpt must not be used to install: 1
- a smartcard to perform cryptographic operations for IPsec usage. However, usage of the smartcard is out of scope for this TOE. The smartcard can however be used as an entropy source both for genuscreen and: 1
- can, however, be used in certified configurations. If cryptographic functions are used, they are out of scope of the TOE. 1.4.10 Secure Initialisation of genuscreen (Firewall Component) To guarantee that all: 1
- hardware has not been evaluated. Also, operating the genucenter software on a virtual machine is out of scope for this certification. If the virtual genucenter is used, the end user has to ensure that all: 1
- out of scope: 4
|
| pdf_data/st_metadata |
- /Author: SRC Security Research & Consulting GmbH
- /CreationDate: D:20210112120904+01'00'
- /Creator: Microsoft® Word 2016
- /ModDate: D:20210317094253+01'00'
- /Producer: Microsoft® Word 2016
- /Subject: RISE-Konnektor
- /Title: RISE-Konnektor
- pdf_file_size_bytes: 2663498
- pdf_hyperlinks: https://www.dimdi.de/, https://www.rfc-editor.org/rfc/rfc8017.txt, https://www.rfc-editor.org/rfc/rfc4868.txt, http://tools.ietf.org/html/rfc4302, https://www.ietf.org/rfc/rfc5996.txt, http://tools.ietf.org/html/rfc4301, http://www.ietf.org/rfc/rfc5280.txt, http://tools.ietf.org/html/rfc2663, http://tools.ietf.org/html/rfc4330, http://tools.ietf.org/html/rfc2402, https://www.rfc-editor.org/rfc/rfc2404.txt, https://www.rfc-editor.org/rfc/rfc3526.txt, https://www.rfc-editor.org/rfc/rfc3602.txt, https://www.ietf.org/rfc/rfc2131.txt, http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf, http://tools.ietf.org/html/rfc791, http://www.eecis.udel.edu/~mills/ntp/html/release.html, http://www.dimdi.de/, https://www.ietf.org/rfc/rfc4303.txt, http://tools.ietf.org/html/rfc5996, https://www.gematik.de/, http://tools.ietf.org/html/rfc4303, http://tools.ietf.org/html/rfc958, https://www.ietf.org/rfc/rfc5905.txt, https://www.ietf.org/rfc/rfc2406.txt, http://tools.ietf.org/html/rfc2460, https://www.ietf.org/rfc/rfc2132.txt, http://tools.ietf.org/html/rfc2406, http://tools.ietf.org/html/, http://tools.ietf.org/html/rfc1323, https://www.ietf.org/rfc/rfc4035.txt, http://www.bundesnetzagentur.de/, http://www.gematik.de/, http://tools.ietf.org/html/rfc2401, https://www.bmg.bund.de/, https://www.rfc-editor.org/rfc/rfc4055.txt, https://www.ietf.org/rfc/rfc7296.txt, http://tools.ietf.org/html/rfc793
- pdf_is_encrypted: False
- pdf_number_of_pages: 155
|
- /Author: genua GmbH
- /Keywords: firewall, and, VPN, gateway
- /Subject: Common Criteria certification
- /Title: genuscreen 8.0 Security Target
- pdf_file_size_bytes: 402456
- pdf_hyperlinks: http://www.ecc-brainpool.org/download/Domain-parameters.pdf, http://www.ietf.org/rfc/rfc4754.txt, http://dx.doi.org/10.17487/RFC8017, https://tools.ietf.org/html/draft-miller-secsh-umac-01, http://www.ietf.org/rfc/rfc6239.txt, http://www.ietf.org/rfc/rfc4307.txt, http://www.ietf.org/rfc/rfc5656.txt, http://www.ietf.org/rfc/rfc4344.txt, http://www.ietf.org/rfc/rfc5280.txt, http://dx.doi.org/10.6028/NIST.FIPS.186-4, http://www.ietf.org/rfc/rfc2104.txt, https://doi.org/10.17487/RFC8017, http://dx.doi.org/10.6028/NIST.FIPS.180-4, https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Interpretationen/AIS_31_pdf.html, http://dx.doi.org/10.6028/NIST.SP.800-38A, http://www.ietf.org/rfc/rfc6960.txt, http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf, http://www.ietf.org/rfc/rfc5114.txt, http://www.ietf.org/rfc/rfc6353.txt, https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Interpretationen/AIS_20_pdf.html, http://www.ietf.org/rfc/rfc3414.txt, http://www.ietf.org/rfc/rfc4418.txt, http://www.ietf.org/rfc/rfc2460.txt, http://www.ietf.org/rfc/rfc5639.txt, http://www.ietf.org/rfc/rfc5903.txt, http://www.ietf.org/rfc/rfc4868.txt, http://www.ietf.org/rfc/rfc3602.txt, http://dx.doi.org/10.6028/NIST.SP.800-38D, http://www.ietf.org/rfc/rfc4301.txt, http://www.ietf.org/rfc/rfc4253.txt, https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Interpretationen/AIS_31_Functionality_classes_for_random_number_generators_e.pdf?__blob=publicationFile, http://www.ietf.org/rfc/rfc7296.txt, http://www.ietf.org/rfc/rfc2409.txt
- pdf_is_encrypted: False
- pdf_number_of_pages: 83
|
| state/cert/convert_garbage |
False |
False |
| state/cert/convert_ok |
True |
True |
| state/cert/download_ok |
True |
True |
| state/cert/extract_ok |
True |
True |
| state/cert/pdf_hash |
Different |
Different |
| state/cert/txt_hash |
Different |
Different |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |