| name |
STARCOS 3.7 COS GKV |
STARCOS 3.7 COS HBA-SMC |
| category |
ICs, Smart Cards and Smart Card-Related Devices and Systems |
ICs, Smart Cards and Smart Card-Related Devices and Systems |
| scheme |
DE |
DE |
| status |
archived |
active |
| not_valid_after |
20.09.2023 |
18.06.2026 |
| not_valid_before |
20.09.2018 |
18.06.2021 |
| cert_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0976V2c_pdf.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0976V4c_pdf.pdf |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0976V2a_pdf.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0976V4a_pdf.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0976V2b_pdf.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0976V4b_pdf.pdf |
| manufacturer |
G+D Mobile Security GmbH |
G+D Mobile Security GmbH |
| manufacturer_web |
https://www.gi-de.com/de/de/mobile-security/ |
https://www.gi-de.com/de/de/mobile-security/ |
| security_level |
AVA_VAN.5, ALC_DVS.2, EAL4+, ATE_DPT.2 |
AVA_VAN.5, ALC_DVS.2, EAL4+, ATE_DPT.2 |
| dgst |
ab8ff147e1138090 |
e86ac89b4f665c58 |
| heuristics/cert_id |
BSI-DSZ-CC-0976-V2-2018 |
BSI-DSZ-CC-0976-V4-2021 |
| heuristics/cert_lab |
BSI |
BSI |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ASE_INT.1, ALC_TAT.1, ATE_FUN.1, ADV_IMP.1, ALC_FLR.1, ASE_TSS.1, AGD_PRE.1, ASE_CCL.1, ALC_CMS.4, ALC_DVS.2, ATE_IND.2, AVA_VAN.5, ASE_SPD.1, ATE_DPT.2, ASE_OBJ.2, ADV_FSP.4, ATE_COV.2, ASE_REQ.2, ALC_CMC.4, ADV_ARC.1, ALC_DEL.1, AGD_OPE.1, ADV_TDS.3, ALC_LCD.1, ASE_ECD.1 |
ASE_INT.1, ALC_TAT.1, ATE_FUN.1, ADV_IMP.1, ALC_FLR.1, ASE_TSS.1, AGD_PRE.1, ASE_CCL.1, ALC_CMS.4, ALC_DVS.2, ATE_IND.2, AVA_VAN.5, ASE_SPD.1, ATE_DPT.2, ASE_OBJ.2, ADV_FSP.4, ATE_COV.2, ASE_REQ.2, ALC_CMC.4, ADV_ARC.1, ALC_DEL.1, AGD_OPE.1, ADV_TDS.3, ALC_LCD.1, ASE_ECD.1 |
| heuristics/extracted_versions |
3.7 |
3.7 |
| heuristics/prev_certificates |
BSI-DSZ-CC-0976-2015 |
BSI-DSZ-CC-0976-2015, BSI-DSZ-CC-0976-V2-2018, BSI-DSZ-CC-0976-V3-2019 |
| heuristics/next_certificates |
BSI-DSZ-CC-0976-V3-2019, BSI-DSZ-CC-0976-V4-2021 |
{} |
| heuristics/report_references/directly_referenced_by |
BSI-DSZ-CC-0976-V3-2019 |
{} |
| heuristics/report_references/directly_referencing |
BSI-DSZ-CC-0976-2015, BSI-DSZ-CC-0945-V2-2018 |
BSI-DSZ-CC-0976-V3-2019, BSI-DSZ-CC-1110-V3-2020 |
| heuristics/report_references/indirectly_referenced_by |
BSI-DSZ-CC-0976-V3-2019, BSI-DSZ-CC-1243-2024, BSI-DSZ-CC-0976-V4-2021 |
{} |
| heuristics/report_references/indirectly_referencing |
BSI-DSZ-CC-0945-V2-2018, BSI-DSZ-CC-0945-2017, BSI-DSZ-CC-0916-2015, BSI-DSZ-CC-0782-2012, BSI-DSZ-CC-0782-V2-2015, BSI-DSZ-CC-0891-2015, BSI-DSZ-CC-0976-2015, BSI-DSZ-CC-0891-V2-2016, BSI-DSZ-CC-0879-2014 |
BSI-DSZ-CC-0945-V3-2018, BSI-DSZ-CC-0945-V2-2018, BSI-DSZ-CC-0945-2017, BSI-DSZ-CC-0916-2015, BSI-DSZ-CC-1110-V2-2019, BSI-DSZ-CC-0782-2012, BSI-DSZ-CC-0782-V2-2015, BSI-DSZ-CC-1110-2019, BSI-DSZ-CC-0891-2015, BSI-DSZ-CC-1110-V3-2020, BSI-DSZ-CC-0976-V3-2019, BSI-DSZ-CC-0976-2015, BSI-DSZ-CC-0891-V2-2016, BSI-DSZ-CC-0976-V2-2018, BSI-DSZ-CC-0879-2014 |
| heuristics/scheme_data |
|
- category: eHealth
- cert_id: BSI-DSZ-CC-0976-V4-2021
- certification_date: 18.06.2021
- enhanced:
- applicant: Giesecke & Devrient GmbH seit 1. Juli 2017 Giesecke+Devrient Mobile Security GmbH Prinzregentenstr. 159 81677 München
- assurance_level: EAL4+,ALC_DVS.2,ATE_DPT.2,AVA_VAN.5
- cert_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0976V4c_pdf.pdf?__blob=publicationFile&v=3
- certification_date: 18.06.2021
- description: The Target of Evaluation (TOE) is the product STARCOS 3.6 COSGKV C1 developed by Giesecke & Devrient GmbH. The TOE is a smart card product according to the G2 Card Operating System (G2-COS) specification from gematik. The TOE is intended to be used as a card operating system platform for specific card types and applications of the card generation G2 in the framework of the German health care system, and therefore implements the mandatory part of the G2-COS specification with the base functionality of the operating system platform only. The TOE implements from the PP-0082-V2 the base part without any of the optional packages.
- entries: [frozendict({'id': 'BSI-DSZ-CC-0976-V4-2021-MA-01 (Ausstellungsdatum / Certification Date 09.05.2022)', 'description': 'The partial ALC re-evaluation for procedure 0976-V4 covers the update of the product life-cycle concerning the involved development and production sites. The certified product itself did not change.'}), frozendict({'id': 'BSI-DSZ-CC-0976-V4-2021 (Ausstellungsdatum / Certification Date 18.06.2021, gültig bis / valid until 17.06.2026) Zertifizierungsreport / Certification Report', 'description': 'Software'}), frozendict({'id': 'BSI', 'description': 'The partial ALC re-evaluation for procedure 0976-V3 covers the update of the product life-cycle concerning the involved development and production sites. The certified product itself did not change.'}), frozendict({'id': 'BSI-DSZ-CC-0976-V3-2019-MA-01 (Ausstellungsdatum / Certification Date 15.06.2021)', 'description': 'Maintenance Report'}), frozendict({'id': 'BSI-DSZ-CC-0976-V3-2019 (Ausstellungsdatum / Certification Date 21.11.2019, gültig bis / valid until 20.11.2024)', 'description': '), to adaptations in the life-cycle model as well as to the integration of the functional package Contactless and further specific changes in the Embedded Software including a corresponding update of the related user guidance documentation. In particular, the TOE’s (crypto) implementation was re-evaluated and reassessed.'}), frozendict({'id': 'BSI-DSZ-CC-0976-V2-2018 (Ausstellungsdatum / Certification Date 20.09.2018, gültig bis / valid until 19.09.2023)', 'description': 'Software'}), frozendict({'id': 'BSI-DSZ-CC-0976-2015-MA-01 (Ausstellungsdatum / Certification Date 02.08.2018)', 'description': 'The changes are related to an update and reevaluation of the product life-cycle caused by changes in the development and porduction sites. The certified product itself did not change.'}), frozendict({'id': 'BSI-DSZ-CC-0976-2015-RA-01 (Ausstellungsdatum / Certification Date 19.09.2017)', 'description': 'Security Target'}), frozendict({'id': 'BSI-DSZ-CC-0976-2015 (Ausstellungsdatum / Certification Date 29.12.2015, gültig bis / valid until 28.12.2020)', 'description': 'Security Target'})]
- evaluation_facility: SRC Security Research & Consulting GmbH
- expiration_date: 17.06.2026
- product: STARCOS 3.7 COS HBA-SMC
- protection_profile: Card Operating System Generation 2 (PP COS G2), Version 2.1, 10 July 2019, BSI-CC-PP-0082-V4-2019
- report_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0976V4a_pdf.pdf?__blob=publicationFile&v=3
- target_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0976V4b_pdf.pdf?__blob=publicationFile&v=3
- product: STARCOS 3.7 COS HBA-SMC
- subcategory: Smartcards
- url: https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Gesundheitswesen_SmartCards/0976_0976V2_0976V3_0976V4.html
- vendor: Giesecke & Devrient GmbH seit 1. Juli 2017 Giesecke+Devrient Mobile Security GmbH
|
| heuristics/st_references/directly_referenced_by |
{} |
BSI-DSZ-CC-1068-V3-2022, BSI-DSZ-CC-1067-V3-2022, BSI-DSZ-CC-1068-V4-2023, BSI-DSZ-CC-1067-V4-2023 |
| heuristics/st_references/directly_referencing |
BSI-DSZ-CC-0945-V2-2018 |
BSI-DSZ-CC-1110-V3-2020 |
| heuristics/st_references/indirectly_referenced_by |
{} |
BSI-DSZ-CC-1068-V3-2022, BSI-DSZ-CC-1067-V3-2022, BSI-DSZ-CC-1068-V4-2023, BSI-DSZ-CC-1067-V4-2023 |
| heuristics/st_references/indirectly_referencing |
BSI-DSZ-CC-0945-V2-2018 |
BSI-DSZ-CC-1110-V3-2020 |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| pdf_data/cert_filename |
0976V2c_pdf.pdf |
0976V4c_pdf.pdf |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
- DE:
- BSI-DSZ-CC-0976-V2-2018: 1
|
- DE:
- BSI-DSZ-CC-0976-V4-2021: 1
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
- EAL:
- EAL 2: 1
- EAL 4: 1
- EAL 4 augmented: 1
- EAL 5: 1
|
- EAL:
- EAL 2: 1
- EAL 4: 1
- EAL 4 augmented: 1
- EAL 5: 1
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
- ISO:
- ISO/IEC 15408: 2
- ISO/IEC 18045: 2
|
- ISO:
- ISO/IEC 15408: 2
- ISO/IEC 18045: 2
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
- /Author: Bundesamt für Sicherheit in der Informationstechnik
- /CreationDate: D:20180924082539+02'00'
- /Creator: Writer
- /Keywords: "Common Criteria, Certification, Zertifizierung, PP-0082-V3, G+D, STARCOS 3.7, eHealth"
- /ModDate: D:20181010074008+02'00'
- /Producer: LibreOffice 5.2
- /Subject: STARCOS 3.7 COS GKV
- /Title: Certificate BSI-DSZ-CC-0976-V2-2018
- pdf_file_size_bytes: 356208
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
- /Author: Bundesamt für Sicherheit in der Informationstechnik
- /CreationDate: D:20210629121438+02'00'
- /Creator: Writer
- /Keywords: "Common Criteria, Certification, Zertifizierung, G2 COS, eHealth, STARCOS 3.7 COS HBA-SMC, Giesecke+Devrient Mobile Security GmbH"
- /ModDate: D:20210629121708+02'00'
- /Producer: LibreOffice 6.3
- /Subject: STARCOS 3.7 COS HBA-SMC from G+D Mobile Security GmbH, Giesecke+Devrient Mobile Security GmbH
- /Title: Certificate BSI-DSZ-CC-0976-V4-2021
- pdf_file_size_bytes: 241574
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
| pdf_data/report_filename |
0976V2a_pdf.pdf |
0976V4a_pdf.pdf |
| pdf_data/report_frontpage |
- DE:
- cc_security_level: Common Criteria Part 3 conformant EAL 4 augmented by ALC_DVS.2, ATE_DPT.2 and AVA_VAN.5
- cc_version: PP conformant Common Criteria Part 2 extended
- cert_id: BSI-DSZ-CC-0976-V2-2018
- cert_item: STARCOS 3.7 COS GKV
- cert_lab: BSI
- developer: Giesecke+Devrient Mobile Security GmbH
- match_rules: ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)']
- ref_protection_profiles: Card Operating System Generation 2 (PP COS G2), Version 2.0, 19 June 2018, BSI-CC-PP-0082-V3- 2018
|
- DE:
- cc_security_level: Common Criteria Part 3 conformant EAL 4 augmented by ALC_DVS.2, ATE_DPT.2 and AVA_VAN.5
- cc_version: PP conformant Common Criteria Part 2 extended
- cert_id: BSI-DSZ-CC-0976-V4-2021
- cert_item: STARCOS 3.7 COS HBA-SMC
- cert_lab: BSI
- developer: Giesecke+Devrient Mobile Security GmbH
- match_rules: ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)']
- ref_protection_profiles: Card Operating System Generation 2 (PP COS G2), Version 2.1, 10 July 2019, BSI-CC-PP-0082-V4- 2019
|
| pdf_data/report_keywords/cc_cert_id |
- DE:
- BSI-DSZ-CC-0945-: 1
- BSI-DSZ-CC-0945-V2-2018: 6
- BSI-DSZ-CC-0976-2015: 3
- BSI-DSZ-CC-0976-V2-2018: 24
- BSI-DSZ-CC-S-0083-2017: 1
- BSI-DSZ-CC-S-0095-2018: 2
|
- DE:
- BSI-DSZ-CC-0976-V3-2019: 3
- BSI-DSZ-CC-0976-V4-2021: 26
- BSI-DSZ-CC-1110-: 2
- BSI-DSZ-CC-1110-V3-2020: 7
- BSI-DSZ-CC-S-0128-: 1
- BSI-DSZ-CC-S-0128-2019: 1
- BSI-DSZ-CC-S-0132-2019: 1
- BSI-DSZ-CC-S-0144-2020: 2
|
| pdf_data/report_keywords/cc_protection_profile_id |
- BSI:
- BSI-CC-PP-0082-V3-: 1
- BSI-CC-PP-0082-V3-2018: 3
|
- BSI:
- BSI-CC-PP-0082-V4-: 1
- BSI-CC-PP-0082-V4-2019: 3
|
| pdf_data/report_keywords/cc_security_level |
- EAL:
- EAL 1: 1
- EAL 2: 2
- EAL 2+: 1
- EAL 4: 5
- EAL 4 augmented: 3
- EAL 5: 4
- EAL 5+: 1
- EAL 6: 1
|
- EAL:
- EAL 1: 1
- EAL 2: 2
- EAL 2+: 1
- EAL 4: 5
- EAL 4 augmented: 3
- EAL 5: 4
- EAL 5+: 1
- EAL 6: 1
- EAL5+: 1
- EAL6: 1
|
| pdf_data/report_keywords/cc_sar |
- ALC:
- ALC_CMC.4: 1
- ALC_CMS.4: 1
- ALC_DEL.1: 1
- ALC_DVS.2: 5
- ALC_FLR: 3
- ALC_LCD.1: 1
- ALC_TAT.1: 1
- ATE:
- AVA:
|
- ADV:
- ALC:
- ALC_CMC.4: 1
- ALC_CMS.4: 1
- ALC_DEL.1: 1
- ALC_DVS.2: 5
- ALC_FLR: 2
- ALC_LCD.1: 1
- ALC_TAT.1: 1
- ATE:
- AVA:
|
| pdf_data/report_keywords/cc_sfr |
- FCS:
- FCS_CKM: 3
- FCS_COP: 22
- FCS_COP.1: 1
- FCS_RNG: 1
- FCS_RNG.1: 1
- FPT:
|
- FCS:
- FCS_CKM: 4
- FCS_COP: 29
- FCS_RNG: 3
- FCS_RNG.1: 1
- FIA:
- FPT:
- FTP:
|
| pdf_data/report_keywords/cc_claims |
|
|
| pdf_data/report_keywords/vendor |
- GD:
- Giesecke & Devrient: 2
- Giesecke+Devrient: 32
- Infineon:
- Infineon: 11
- Infineon Technologies AG: 7
|
- GD:
- G+D: 2
- Giesecke & Devrient: 3
- Giesecke+Devrient: 29
- Infineon:
- Infineon: 11
- Infineon Technologies AG: 7
|
| pdf_data/report_keywords/eval_facility |
- SRC:
- SRC Security Research & Consulting: 3
- TUV:
- TÜV Informationstechnik: 1
|
- SRC:
- SRC Security Research & Consulting: 3
- TUV:
- TÜV Informationstechnik: 1
|
| pdf_data/report_keywords/symmetric_crypto |
- AES_competition:
- DES:
- constructions:
|
- AES_competition:
- constructions:
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
- FI:
- DFA: 1
- fault injection: 1
- malfunction: 1
- physical tampering: 1
- SCA:
- DPA: 1
- SPA: 1
- side channel: 1
- other:
|
- FI:
- DFA: 1
- fault injection: 1
- malfunction: 1
- physical tampering: 1
- SCA:
- DPA: 1
- SPA: 1
- side channel: 1
- other:
|
| pdf_data/report_keywords/technical_report_id |
- BSI:
- BSI 7148: 1
- BSI TR-03116-1: 1
- BSI TR-03143: 4
- BSI TR-03144: 9
|
- BSI:
- BSI 7148: 1
- BSI TR-03116-1: 1
- BSI TR-03143: 5
- BSI TR-03144: 10
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
- BSI:
- AIS 1: 1
- AIS 14: 1
- AIS 19: 1
- AIS 20: 3
- AIS 23: 1
- AIS 25: 2
- AIS 26: 3
- AIS 31: 3
- AIS 32: 1
- AIS 34: 2
- AIS 35: 2
- AIS 36: 5
- AIS 38: 1
- FIPS:
- FIPS PUB 180-4: 1
- FIPS PUB 186-4: 1
- FIPS PUB 197: 1
- ISO:
- ISO/IEC 15408: 4
- ISO/IEC 17065: 2
- ISO/IEC 18045: 4
- RFC:
|
- BSI:
- AIS 1: 1
- AIS 14: 1
- AIS 19: 1
- AIS 20: 6
- AIS 23: 1
- AIS 25: 4
- AIS 26: 4
- AIS 31: 5
- AIS 32: 1
- AIS 34: 4
- AIS 35: 2
- AIS 36: 5
- AIS 37: 2
- AIS 38: 1
- AIS 46: 2
- FIPS:
- FIPS 180-4: 9
- FIPS 197: 12
- FIPS PUB 180-4: 1
- FIPS PUB 197: 1
- ISO:
- ISO/IEC 15408: 4
- ISO/IEC 17065: 2
- ISO/IEC 18031:2005: 1
- ISO/IEC 18045: 4
- PKCS:
- RFC:
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
- ConfidentialDocument:
- 8 August 2018, Giesecke+Devrient Mobile Security GmbH (confidential document) [11] Guidance Documentation STARCOS 3.7 – Main Document, Version 1.0, 4 April 2018: 1
- Target STARCOS 3.7 COS GKV, Version 1.7, 8 August 2018, Giesecke+Devrient Mobile Security GmbH (confidential document) [7] Security Target Lite BSI-DSZ-CC-0976-V2-2018, Security Target Lite STARCOS 3.7 COS GKV: 1
- being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification: 1
- for STARCOS 3.7 COS GKV, Version 2.4, 10 August 2018, SRC Security Research & Consulting GmbH (confidential document) [10] Configuration List BSI-DSZ-CC-0976-V2-2018, Configuration List STARCOS 3.7 COS GKV, Version 1: 1
- procedure BSI-DSZ-CC-0945-V2-2018, Version 2.03, 4 April 2018, TÜV Informationstechnik GmbH (confidential document) [21] Einführung der Gesundheitskarte, Spezifikation des Card Operating System (COS), Elektrische: 1
|
- ConfidentialDocument:
- 1.1, 19 May 2021, Giesecke+Devrient Mobile Security GmbH (confidential document) [11] Guidance Documentation STARCOS 3.7 COS HBA-SMC – Main Document, Version 1.6, 23 March 2021: 1
- Target STARCOS 3.7 COS HBA-SMC, Version 2.0, 22 April 2021, Giesecke+Devrient Mobile Security GmbH (confidential document) 7 specifically • AIS 1, Version 14, Durchführung der Ortsbesichtigung in der Entwicklungsumgebung: 1
- being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification: 1
- design step H13, Version 3.3, 22 April 2020, Infineon Technologies AG, BSI-DSZ-CC-1110-V3-2020 (confidential document) Security Target Lite of the underlying hardware platform, Security Target IFX_CCI_000003h: 1
- for STARCOS 3.7 COS HBA-SMC, Version 2.9, 2 June 2021, SRC Security Research & Consulting GmbH (confidential document) [10] Configuration List BSI-DSZ-CC-0976-V4-2021, Configuration List STARCOS 3.7 COS HBA-SMC: 1
- procedure BSI-DSZ-CC-1110-V3-2020, Version 1, 23 April 2020, TÜV Informationstechnik GmbH (confidential document) [21] Einführung der Gesundheitskarte, Spezifikation des Card Operating System (COS), Elektrische: 1
|
| pdf_data/report_metadata |
- /Author: Bundesamt für Sicherheit in der Informationstechnik
- /CreationDate: D:20180924082509+02'00'
- /Creator: Writer
- /Keywords: "Common Criteria, Certification, Zertifizierung, PP-0082-V3, G+D, STARCOS 3.7, eHealth"
- /ModDate: D:20180928152043+02'00'
- /Producer: LibreOffice 5.2
- /Subject: STARCOS 3.7 COS GKV
- /Title: Certification Report BSI-DSZ-CC-0976-V2-2018
- pdf_file_size_bytes: 954514
- pdf_hyperlinks: https://www.bsi.bund.de/, http://www.sogisportal.eu/, https://www.bsi.bund.de/zertifizierung, http://www.commoncriteriaportal.org/cc/, https://www.bsi.bund.de/zertifizierungsreporte, http://www.commoncriteriaportal.org/, https://www.bsi.bund.de/AIS
- pdf_is_encrypted: False
- pdf_number_of_pages: 36
|
- /Author: Bundesamt für Sicherheit in der Informationstechnik
- /CreationDate: D:20210629114835+02'00'
- /Creator: Writer
- /Keywords: "Common Criteria, Certification, Zertifizierung, G2 COS, eHealth, STARCOS 3.7 COS HBA-SMC, Giesecke+Devrient Mobile Security GmbH"
- /ModDate: D:20210629121138+02'00'
- /Producer: LibreOffice 6.3
- /Subject: STARCOS 3.7 COS HBA-SMC from G+D Mobile Security GmbH, Giesecke+Devrient Mobile Security GmbH
- /Title: Certification Report BSI-DSZ-CC-0976-V4-2021
- pdf_file_size_bytes: 936127
- pdf_hyperlinks: https://www.bsi.bund.de/, https://www.sogis.eu/, https://www.bsi.bund.de/zertifizierung, http://www.commoncriteriaportal.org/cc/, https://www.bsi.bund.de/zertifizierungsreporte, http://www.commoncriteriaportal.org/, https://www.bsi.bund.de/AIS
- pdf_is_encrypted: False
- pdf_number_of_pages: 40
|
| pdf_data/st_filename |
0976V2b_pdf.pdf |
0976V4b_pdf.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
- DE:
- BSI-DSZ-CC-0945-V2-2018: 2
|
- DE:
- BSI-DSZ-CC-1110-V3-2020: 2
|
| pdf_data/st_keywords/cc_protection_profile_id |
- BSI:
- BSI-CC-PP- 0082-V3: 1
- BSI-CC-PP- 0084-2014: 10
- BSI-CC-PP-0082-: 1
- BSI-CC-PP-0082-V3: 28
- BSI-CC-PP-0084-: 3
- BSI-CC-PP-0084-2007: 1
- BSI-CC-PP-0084-2014: 54
- BSI-PP-0084-: 2
- BSI-PP-0084-2014: 8
|
- BSI:
- BSI-CC-PP- 0082-V4: 2
- BSI-CC-PP- 0084-2014: 6
- BSI-CC-PP-0035-2007: 1
- BSI-CC-PP-0082-V3: 1
- BSI-CC-PP-0082-V4: 27
- BSI-CC-PP-0084-: 4
- BSI-CC-PP-0084-2007: 1
- BSI-CC-PP-0084-2014: 57
- BSI-PP-0084-: 2
- BSI-PP-0084-2014: 8
|
| pdf_data/st_keywords/cc_security_level |
- EAL:
- EAL 4: 2
- EAL 6: 2
- EAL4: 14
- EAL4 augmented: 4
|
- EAL:
- EAL 4: 2
- EAL 6: 2
- EAL4: 14
- EAL4 augmented: 4
- EAL6: 1
- EAL6+: 1
|
| pdf_data/st_keywords/cc_sar |
- ADV:
- ADV_ARC: 2
- ADV_ARC.1: 9
- ADV_FSP: 2
- ADV_FSP.4: 6
- ADV_IMP: 2
- ADV_IMP.1: 6
- ADV_TDS.3: 3
- AGD:
- AGD_OPE: 2
- AGD_OPE.1: 6
- AGD_PRE: 2
- AGD_PRE.1: 2
- ALC:
- ALC_CMC: 2
- ALC_CMC.4: 1
- ALC_CMS: 2
- ALC_CMS.4: 1
- ALC_DEL: 2
- ALC_DEL.1: 1
- ALC_DVS: 2
- ALC_DVS.2: 12
- ALC_FLR.1: 1
- ALC_LCD.1: 1
- ALC_TAT.1: 1
- ASE:
- ASE_CCL.1: 1
- ASE_ECD: 1
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.2: 1
- ASE_SPD.1: 1
- ASE_TSS.1: 1
- ATE:
- ATE_COV: 2
- ATE_COV.2: 1
- ATE_DPT.1: 1
- ATE_DPT.2: 11
- ATE_FUN.1: 6
- ATE_IND.2: 5
- AVA:
|
- ADV:
- ADV_ARC: 2
- ADV_ARC.1: 9
- ADV_FSP: 2
- ADV_FSP.4: 6
- ADV_IMP: 2
- ADV_IMP.1: 6
- ADV_TDS.3: 3
- AGD:
- AGD_OPE: 2
- AGD_OPE.1: 6
- AGD_PRE: 2
- AGD_PRE.1: 2
- ALC:
- ALC_CMC: 2
- ALC_CMC.4: 1
- ALC_CMS: 2
- ALC_CMS.4: 1
- ALC_DEL: 2
- ALC_DEL.1: 1
- ALC_DVS: 2
- ALC_DVS.2: 12
- ALC_FLR.1: 1
- ALC_LCD.1: 1
- ALC_TAT.1: 1
- ASE:
- ASE_CCL.1: 1
- ASE_ECD: 2
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.2: 1
- ASE_SPD.1: 1
- ASE_TSS.1: 1
- ATE:
- ATE_COV: 2
- ATE_COV.2: 1
- ATE_DPT.1: 1
- ATE_DPT.2: 11
- ATE_FUN.1: 6
- ATE_IND.2: 5
- AVA:
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FCS:
- FCS_CKM: 39
- FCS_CKM.1: 24
- FCS_CKM.2: 6
- FCS_CKM.4: 42
- FCS_CKM.4.1: 1
- FCS_COP: 104
- FCS_COP.1: 17
- FCS_COP.1.1: 1
- FCS_RNG: 11
- FCS_RNG.1: 17
- FCS_RNG.1.1: 1
- FDP:
- FDP_ACC: 99
- FDP_ACC.1: 36
- FDP_ACF: 88
- FDP_ACF.1: 35
- FDP_IFC: 7
- FDP_IFC.1: 11
- FDP_ITC.1: 21
- FDP_ITC.2: 21
- FDP_ITT: 7
- FDP_ITT.1: 3
- FDP_RIP.1: 10
- FDP_RIP.1.1: 1
- FDP_SDC: 8
- FDP_SDC.1: 3
- FDP_SDI: 7
- FDP_SDI.1: 1
- FDP_SDI.2: 11
- FDP_SDI.2.1: 1
- FDP_SDI.2.2: 1
- FIA:
- FIA_AFL: 22
- FIA_AFL.1: 4
- FIA_API: 1
- FIA_API.1: 13
- FIA_API.1.1: 1
- FIA_ATD.1: 10
- FIA_ATD.1.1: 1
- FIA_SOS.1: 8
- FIA_SOS.1.1: 1
- FIA_UAU.1: 15
- FIA_UAU.1.1: 1
- FIA_UAU.1.2: 1
- FIA_UAU.4: 10
- FIA_UAU.4.1: 1
- FIA_UAU.5: 15
- FIA_UAU.5.1: 1
- FIA_UAU.5.2: 1
- FIA_UAU.6: 10
- FIA_UAU.6.1: 1
- FIA_UID.1: 13
- FIA_UID.1.1: 1
- FIA_UID.1.2: 1
- FIA_USB.1: 19
- FIA_USB.1.1: 1
- FIA_USB.1.2: 1
- FIA_USB.1.3: 1
- FMT:
- FMT_LIM: 15
- FMT_LIM.1: 3
- FMT_LIM.2: 2
- FMT_MSA: 60
- FMT_MSA.1: 6
- FMT_MSA.3: 33
- FMT_MSA.3.1: 1
- FMT_MSA.3.2: 1
- FMT_MTD: 29
- FMT_MTD.1: 3
- FMT_SMF.1: 48
- FMT_SMF.1.1: 2
- FMT_SMR.1: 33
- FMT_SMR.1.1: 2
- FMT_SMR.1.2: 1
- FPT:
- FPT_EMS: 1
- FPT_EMS.1: 11
- FPT_EMS.1.1: 1
- FPT_EMS.1.2: 1
- FPT_FLS: 7
- FPT_FLS.1: 16
- FPT_FLS.1.1: 1
- FPT_ITE: 3
- FPT_ITE.1: 11
- FPT_ITE.1.1: 1
- FPT_ITE.1.2: 1
- FPT_ITE.2: 11
- FPT_ITE.2.1: 3
- FPT_ITE.2.2: 1
- FPT_ITT: 7
- FPT_ITT.1: 3
- FPT_PHP: 7
- FPT_PHP.3: 4
- FPT_TDC.1: 10
- FPT_TDC.1.1: 1
- FPT_TDC.1.2: 1
- FPT_TST: 2
- FPT_TST.1: 11
- FPT_TST.1.1: 1
- FPT_TST.1.2: 1
- FPT_TST.1.3: 1
- FRU:
- FTP:
- FTP_ITC: 9
- FTP_ITC.1: 3
- FTP_ITE: 1
|
- FAU:
- FCS:
- FCS_CKM: 83
- FCS_CKM.1: 39
- FCS_CKM.2: 9
- FCS_CKM.4: 64
- FCS_CKM.4.1: 1
- FCS_COP: 189
- FCS_COP.1: 27
- FCS_COP.1.1: 1
- FCS_RNG: 34
- FCS_RNG.1: 20
- FCS_RNG.1.1: 3
- FCS_RNG.1.2: 2
- FDP:
- FDP_ACC: 123
- FDP_ACC.1: 44
- FDP_ACF: 110
- FDP_ACF.1: 41
- FDP_IFC: 7
- FDP_IFC.1: 16
- FDP_ITC.1: 35
- FDP_ITC.2: 35
- FDP_ITT: 7
- FDP_ITT.1: 3
- FDP_RIP: 9
- FDP_RIP.1: 12
- FDP_RIP.1.1: 1
- FDP_SDC: 8
- FDP_SDC.1: 3
- FDP_SDI: 7
- FDP_SDI.1: 1
- FDP_SDI.2: 11
- FDP_SDI.2.1: 1
- FDP_SDI.2.2: 1
- FDP_UCT: 7
- FDP_UCT.1: 1
- FDP_UIT: 8
- FDP_UIT.1: 2
- FIA:
- FIA_ACC: 1
- FIA_ACF: 1
- FIA_AFL: 22
- FIA_AFL.1: 4
- FIA_API: 10
- FIA_API.1: 16
- FIA_API.1.1: 1
- FIA_ATD: 10
- FIA_ATD.1: 20
- FIA_ATD.1.1: 1
- FIA_SOS.1: 8
- FIA_SOS.1.1: 1
- FIA_UAU: 50
- FIA_UAU.1: 20
- FIA_UAU.1.1: 1
- FIA_UAU.1.2: 1
- FIA_UAU.4: 12
- FIA_UAU.4.1: 1
- FIA_UAU.5: 17
- FIA_UAU.5.1: 1
- FIA_UAU.5.2: 1
- FIA_UAU.6: 12
- FIA_UAU.6.1: 1
- FIA_UID: 14
- FIA_UID.1: 19
- FIA_UID.1.1: 1
- FIA_UID.1.2: 1
- FIA_USB: 32
- FIA_USB.1: 30
- FIA_USB.1.1: 1
- FIA_USB.1.2: 1
- FIA_USB.1.3: 2
- FMT:
- FMT_LIM: 15
- FMT_LIM.1: 3
- FMT_LIM.2: 2
- FMT_MSA: 68
- FMT_MSA.1: 8
- FMT_MSA.3: 39
- FMT_MSA.3.1: 1
- FMT_MSA.3.2: 1
- FMT_MTD: 38
- FMT_MTD.1: 4
- FMT_SMF.1: 51
- FMT_SMF.1.1: 1
- FMT_SMR: 9
- FMT_SMR.1: 41
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FMT_SRM: 1
- FPT:
- FPT_EMS: 10
- FPT_EMS.1: 15
- FPT_EMS.1.1: 1
- FPT_EMS.1.2: 1
- FPT_FLS: 7
- FPT_FLS.1: 16
- FPT_FLS.1.1: 1
- FPT_ITE: 11
- FPT_ITE.1: 11
- FPT_ITE.1.1: 1
- FPT_ITE.1.2: 1
- FPT_ITE.2: 13
- FPT_ITE.2.1: 5
- FPT_ITE.2.2: 1
- FPT_ITT: 7
- FPT_ITT.1: 3
- FPT_PHP: 7
- FPT_PHP.3: 4
- FPT_TDC.1: 10
- FPT_TDC.1.1: 1
- FPT_TDC.1.2: 1
- FPT_TST: 2
- FPT_TST.1: 11
- FPT_TST.1.1: 1
- FPT_TST.1.2: 1
- FPT_TST.1.3: 1
- FRU:
- FTP:
- FTP_ITC: 22
- FTP_ITC.1: 12
- FTP_ITE: 1
- FTP_TRP.1: 5
|
| pdf_data/st_keywords/cc_claims |
|
- O:
- O.AES: 7
- O.PACE_CHIP: 2
- O.RND: 8
- T:
|
| pdf_data/st_keywords/vendor |
- GD:
- Infineon:
- Infineon: 2
- Infineon Technologies AG: 2
- NXP:
- STMicroelectronics:
|
- GD:
- Infineon:
- Infineon: 2
- Infineon Technologies AG: 2
- NXP:
- STMicroelectronics:
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
- AES_competition:
- DES:
- constructions:
|
- AES_competition:
- constructions:
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
- SHA:
- SHA1:
- SHA2:
- SHA-224: 2
- SHA-256: 11
- SHA-384: 6
- SHA-512: 4
|
- SHA:
- SHA1:
- SHA2:
- SHA-224: 2
- SHA-256: 11
- SHA-384: 6
- SHA-512: 4
|
| pdf_data/st_keywords/crypto_scheme |
- KA:
- Key Agreement: 1
- Key agreement: 1
- MAC:
|
- KA:
- Key Agreement: 1
- Key agreement: 1
- MAC:
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
- Brainpool:
- brainpoolP256r1: 2
- brainpoolP384r1: 2
- brainpoolP512r1: 2
|
- Brainpool:
- brainpoolP256r1: 4
- brainpoolP384r1: 4
- brainpoolP512r1: 4
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
- FI:
- DFA: 1
- Malfunction: 15
- malfunction: 1
- physical tampering: 3
- SCA:
- DPA: 1
- Leak-Inherent: 13
- Physical Probing: 2
- SPA: 1
- side channel: 1
- other:
- Bleichenbacher attack: 1
- JIL: 3
|
- FI:
- DFA: 1
- Malfunction: 17
- malfunction: 1
- physical tampering: 3
- SCA:
- DPA: 1
- Leak-Inherent: 15
- Physical Probing: 2
- SPA: 1
- side channel: 1
- other:
- Bleichenbacher attack: 1
- JIL: 3
|
| pdf_data/st_keywords/technical_report_id |
- BSI:
- BSI TR-03111: 3
- BSI TR-03143: 2
|
- BSI:
- BSI TR-03111: 3
- BSI TR-03143: 2
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
- BSI:
- CC:
- CCMB-2017-04-001: 2
- CCMB-2017-04-002: 2
- CCMB-2017-04-003: 2
- CCMB-2017-04-004: 2
- CCMB-2017-05-001: 1
- FIPS:
- FIPS 180-4: 1
- FIPS 197: 2
- FIPS PUB 180-4: 1
- FIPS PUB 197: 1
- ISO:
- NIST:
- PKCS:
- RFC:
|
- BSI:
- CC:
- CCMB-2017-04-001: 1
- CCMB-2017-04-002: 1
- CCMB-2017-04-003: 1
- CCMB-2017-04-004: 1
- CCMB-2017-05-001: 1
- FIPS:
- FIPS 180-4: 1
- FIPS 197: 4
- FIPS PUB 180-4: 1
- FIPS PUB 197: 1
- ISO:
- NIST:
- PKCS:
- RFC:
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
|
- OutOfScope:
- and cryptographic key sizes 2048 bits and 3072 bits modulus length for RSA private key operation is out of scope for the TOE. 371 The TOE shall meet the requirement “Cryptographic operation – CB ECC (FCS_COP.1/CB: 1
- out of scope: 1
|
| pdf_data/st_metadata |
- /Author: Giesecke+Devrient Mobile Security GmbH
- /Bearbeitet von: Alexander Summerer
- /Category: Security Target Lite to BSI-CC-PP-0082-V2
- /Company: Giesecke & Devrient
- /CreationDate: D:20180808112026+02'00'
- /Creator: Acrobat PDFMaker 11 für Word
- /Eigentümer: G&D
- /Erstellt von: Alexander Summerer
- /Gegenstand: Common Criteria Protection Security Target
- /Keywords: Version 1.7, 08.08.2018
- /ModDate: D:20180808112215+02'00'
- /Producer: Adobe PDF Library 11.0
- /SourceModified: D:20180808091919
- /Subject: Security Target Lite STARCOS 3.7 COS GKV
- /Title: G+D MS Security Target Lite to BSI-PP-0082-V2
- pdf_file_size_bytes: 1267620
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 129
|
- /Author: Giesecke+Devrient Mobile Security GmbH
- /CreationDate: D:20210617104602+02'00'
- /Creator: Microsoft® Word für Microsoft 365
- /Keywords: Version 1.0/18.05.2021
- /ModDate: D:20210617104602+02'00'
- /Producer: Microsoft® Word für Microsoft 365
- /Subject: Security Target STARCOS 3.7 COS HBA-SMC
- /Title: G+D MS Security Target to BSI-PP-0082-V4
- pdf_file_size_bytes: 2539468
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 166
|
| state/cert/convert_garbage |
False |
False |
| state/cert/convert_ok |
True |
True |
| state/cert/download_ok |
True |
True |
| state/cert/extract_ok |
True |
True |
| state/cert/pdf_hash |
Different |
Different |
| state/cert/txt_hash |
Different |
Different |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |