| name |
STARCOS 3.7 COS HBA-SMC |
STARCOS 3.6 COSGKV C1 |
| category |
ICs, Smart Cards and Smart Card-Related Devices and Systems |
ICs, Smart Cards and Smart Card-Related Devices and Systems |
| scheme |
DE |
DE |
| status |
active |
archived |
| not_valid_after |
18.06.2026 |
29.12.2020 |
| not_valid_before |
18.06.2021 |
29.12.2015 |
| cert_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0976V4c_pdf.pdf |
|
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0976V4a_pdf.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0976a_pdf.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0976V4b_pdf.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0976b_pdf.pdf |
| manufacturer |
G+D Mobile Security GmbH |
G+D Mobile Security GmbH |
| manufacturer_web |
https://www.gi-de.com/de/de/mobile-security/ |
https://www.gi-de.com/de/de/mobile-security/ |
| security_level |
AVA_VAN.5, ALC_DVS.2, EAL4+, ATE_DPT.2 |
AVA_VAN.5, ALC_DVS.2, EAL4+, ATE_DPT.2 |
| dgst |
e86ac89b4f665c58 |
40039372a991315f |
| heuristics/cert_id |
BSI-DSZ-CC-0976-V4-2021 |
BSI-DSZ-CC-0976-2015 |
| heuristics/cert_lab |
BSI |
BSI |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ASE_INT.1, ALC_TAT.1, ATE_FUN.1, ADV_IMP.1, ALC_FLR.1, ASE_TSS.1, AGD_PRE.1, ASE_CCL.1, ALC_CMS.4, ALC_DVS.2, ATE_IND.2, AVA_VAN.5, ASE_SPD.1, ATE_DPT.2, ASE_OBJ.2, ADV_FSP.4, ATE_COV.2, ASE_REQ.2, ALC_CMC.4, ADV_ARC.1, ALC_DEL.1, AGD_OPE.1, ADV_TDS.3, ALC_LCD.1, ASE_ECD.1 |
APE_REQ.2, ASE_INT.1, ALC_TAT.1, ATE_FUN.1, APE_INT.1, ADV_IMP.1, ADV_SPM.1, ASE_TSS.1, APE_SPD.1, APE_ECD.1, AGD_PRE.1, ASE_CCL.1, ALC_CMS.4, ALC_DVS.2, ATE_IND.2, ADV_INT.3, AVA_VAN.5, ASE_SPD.1, ATE_DPT.2, ASE_OBJ.2, ADV_FSP.4, ATE_COV.2, ASE_REQ.2, ALC_CMC.4, ADV_ARC.1, ALC_FLR.3, ALC_DEL.1, APE_OBJ.2, ADV_TDS.3, ALC_LCD.1, AGD_OPE.1, APE_CCL.1, ASE_ECD.1 |
| heuristics/extracted_versions |
3.7 |
3.6 |
| heuristics/prev_certificates |
BSI-DSZ-CC-0976-2015, BSI-DSZ-CC-0976-V2-2018, BSI-DSZ-CC-0976-V3-2019 |
{} |
| heuristics/next_certificates |
{} |
BSI-DSZ-CC-0976-V2-2018, BSI-DSZ-CC-0976-V3-2019, BSI-DSZ-CC-0976-V4-2021 |
| heuristics/report_references/directly_referenced_by |
{} |
BSI-DSZ-CC-0976-V2-2018 |
| heuristics/report_references/directly_referencing |
BSI-DSZ-CC-0976-V3-2019, BSI-DSZ-CC-1110-V3-2020 |
BSI-DSZ-CC-0782-V2-2015, BSI-DSZ-CC-0916-2015 |
| heuristics/report_references/indirectly_referenced_by |
{} |
BSI-DSZ-CC-0976-V3-2019, BSI-DSZ-CC-0976-V2-2018, BSI-DSZ-CC-1243-2024, BSI-DSZ-CC-0976-V4-2021 |
| heuristics/report_references/indirectly_referencing |
BSI-DSZ-CC-0945-V3-2018, BSI-DSZ-CC-0945-V2-2018, BSI-DSZ-CC-0945-2017, BSI-DSZ-CC-0916-2015, BSI-DSZ-CC-1110-V2-2019, BSI-DSZ-CC-0782-2012, BSI-DSZ-CC-0782-V2-2015, BSI-DSZ-CC-1110-2019, BSI-DSZ-CC-0891-2015, BSI-DSZ-CC-1110-V3-2020, BSI-DSZ-CC-0976-V3-2019, BSI-DSZ-CC-0976-2015, BSI-DSZ-CC-0891-V2-2016, BSI-DSZ-CC-0976-V2-2018, BSI-DSZ-CC-0879-2014 |
BSI-DSZ-CC-0782-V2-2015, BSI-DSZ-CC-0916-2015, BSI-DSZ-CC-0879-2014, BSI-DSZ-CC-0782-2012 |
| heuristics/scheme_data |
- category: eHealth
- cert_id: BSI-DSZ-CC-0976-V4-2021
- certification_date: 18.06.2021
- enhanced:
- applicant: Giesecke & Devrient GmbH seit 1. Juli 2017 Giesecke+Devrient Mobile Security GmbH Prinzregentenstr. 159 81677 München
- assurance_level: EAL4+,ALC_DVS.2,ATE_DPT.2,AVA_VAN.5
- cert_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0976V4c_pdf.pdf?__blob=publicationFile&v=3
- certification_date: 18.06.2021
- description: The Target of Evaluation (TOE) is the product STARCOS 3.6 COSGKV C1 developed by Giesecke & Devrient GmbH. The TOE is a smart card product according to the G2 Card Operating System (G2-COS) specification from gematik. The TOE is intended to be used as a card operating system platform for specific card types and applications of the card generation G2 in the framework of the German health care system, and therefore implements the mandatory part of the G2-COS specification with the base functionality of the operating system platform only. The TOE implements from the PP-0082-V2 the base part without any of the optional packages.
- entries: [frozendict({'id': 'BSI-DSZ-CC-0976-V4-2021-MA-01 (Ausstellungsdatum / Certification Date 09.05.2022)', 'description': 'The partial ALC re-evaluation for procedure 0976-V4 covers the update of the product life-cycle concerning the involved development and production sites. The certified product itself did not change.'}), frozendict({'id': 'BSI-DSZ-CC-0976-V4-2021 (Ausstellungsdatum / Certification Date 18.06.2021, gültig bis / valid until 17.06.2026) Zertifizierungsreport / Certification Report', 'description': 'Software'}), frozendict({'id': 'BSI', 'description': 'The partial ALC re-evaluation for procedure 0976-V3 covers the update of the product life-cycle concerning the involved development and production sites. The certified product itself did not change.'}), frozendict({'id': 'BSI-DSZ-CC-0976-V3-2019-MA-01 (Ausstellungsdatum / Certification Date 15.06.2021)', 'description': 'Maintenance Report'}), frozendict({'id': 'BSI-DSZ-CC-0976-V3-2019 (Ausstellungsdatum / Certification Date 21.11.2019, gültig bis / valid until 20.11.2024)', 'description': '), to adaptations in the life-cycle model as well as to the integration of the functional package Contactless and further specific changes in the Embedded Software including a corresponding update of the related user guidance documentation. In particular, the TOE’s (crypto) implementation was re-evaluated and reassessed.'}), frozendict({'id': 'BSI-DSZ-CC-0976-V2-2018 (Ausstellungsdatum / Certification Date 20.09.2018, gültig bis / valid until 19.09.2023)', 'description': 'Software'}), frozendict({'id': 'BSI-DSZ-CC-0976-2015-MA-01 (Ausstellungsdatum / Certification Date 02.08.2018)', 'description': 'The changes are related to an update and reevaluation of the product life-cycle caused by changes in the development and porduction sites. The certified product itself did not change.'}), frozendict({'id': 'BSI-DSZ-CC-0976-2015-RA-01 (Ausstellungsdatum / Certification Date 19.09.2017)', 'description': 'Security Target'}), frozendict({'id': 'BSI-DSZ-CC-0976-2015 (Ausstellungsdatum / Certification Date 29.12.2015, gültig bis / valid until 28.12.2020)', 'description': 'Security Target'})]
- evaluation_facility: SRC Security Research & Consulting GmbH
- expiration_date: 17.06.2026
- product: STARCOS 3.7 COS HBA-SMC
- protection_profile: Card Operating System Generation 2 (PP COS G2), Version 2.1, 10 July 2019, BSI-CC-PP-0082-V4-2019
- report_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0976V4a_pdf.pdf?__blob=publicationFile&v=3
- target_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0976V4b_pdf.pdf?__blob=publicationFile&v=3
- product: STARCOS 3.7 COS HBA-SMC
- subcategory: Smartcards
- url: https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Gesundheitswesen_SmartCards/0976_0976V2_0976V3_0976V4.html
- vendor: Giesecke & Devrient GmbH seit 1. Juli 2017 Giesecke+Devrient Mobile Security GmbH
|
|
| heuristics/st_references/directly_referenced_by |
BSI-DSZ-CC-1068-V3-2022, BSI-DSZ-CC-1067-V3-2022, BSI-DSZ-CC-1068-V4-2023, BSI-DSZ-CC-1067-V4-2023 |
{} |
| heuristics/st_references/directly_referencing |
BSI-DSZ-CC-1110-V3-2020 |
BSI-DSZ-CC-0782-V2-2015 |
| heuristics/st_references/indirectly_referenced_by |
BSI-DSZ-CC-1068-V3-2022, BSI-DSZ-CC-1067-V3-2022, BSI-DSZ-CC-1068-V4-2023, BSI-DSZ-CC-1067-V4-2023 |
{} |
| heuristics/st_references/indirectly_referencing |
BSI-DSZ-CC-1110-V3-2020 |
BSI-DSZ-CC-0782-V2-2015 |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| pdf_data/cert_filename |
0976V4c_pdf.pdf |
|
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
- DE:
- BSI-DSZ-CC-0976-V4-2021: 1
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
- EAL:
- EAL 2: 1
- EAL 4: 1
- EAL 4 augmented: 1
- EAL 5: 1
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
- ISO:
- ISO/IEC 15408: 2
- ISO/IEC 18045: 2
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
- /Author: Bundesamt für Sicherheit in der Informationstechnik
- /CreationDate: D:20210629121438+02'00'
- /Creator: Writer
- /Keywords: "Common Criteria, Certification, Zertifizierung, G2 COS, eHealth, STARCOS 3.7 COS HBA-SMC, Giesecke+Devrient Mobile Security GmbH"
- /ModDate: D:20210629121708+02'00'
- /Producer: LibreOffice 6.3
- /Subject: STARCOS 3.7 COS HBA-SMC from G+D Mobile Security GmbH, Giesecke+Devrient Mobile Security GmbH
- /Title: Certificate BSI-DSZ-CC-0976-V4-2021
- pdf_file_size_bytes: 241574
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
|
| pdf_data/report_filename |
0976V4a_pdf.pdf |
0976a_pdf.pdf |
| pdf_data/report_frontpage |
- DE:
- cc_security_level: Common Criteria Part 3 conformant EAL 4 augmented by ALC_DVS.2, ATE_DPT.2 and AVA_VAN.5
- cc_version: PP conformant Common Criteria Part 2 extended
- cert_id: BSI-DSZ-CC-0976-V4-2021
- cert_item: STARCOS 3.7 COS HBA-SMC
- cert_lab: BSI
- developer: Giesecke+Devrient Mobile Security GmbH
- match_rules: ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)']
- ref_protection_profiles: Card Operating System Generation 2 (PP COS G2), Version 2.1, 10 July 2019, BSI-CC-PP-0082-V4- 2019
|
- DE:
- cc_security_level: Common Criteria Part 3 conformant EAL 4 augmented by AVA_VAN.5, ATE_DPT.2 and ALC_DVS.2 SOGIS Recognition Agreement
- cc_version: PP conformant Common Criteria Part 2 extended
- cert_id: BSI-DSZ-CC-0976-2015
- cert_item: STARCOS 3.6 COSGKV C1
- cert_lab: BSI
- developer: Giesecke & Devrient GmbH
- match_rules: ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)']
- ref_protection_profiles: Card Operating System Generation 2 (PP COS G2), Version 1.9, 18 November 2014, BSI-CC-PP-0082-V2-2014
|
| pdf_data/report_keywords/cc_cert_id |
- DE:
- BSI-DSZ-CC-0976-V3-2019: 3
- BSI-DSZ-CC-0976-V4-2021: 26
- BSI-DSZ-CC-1110-: 2
- BSI-DSZ-CC-1110-V3-2020: 7
- BSI-DSZ-CC-S-0128-: 1
- BSI-DSZ-CC-S-0128-2019: 1
- BSI-DSZ-CC-S-0132-2019: 1
- BSI-DSZ-CC-S-0144-2020: 2
|
- DE:
- BSI-DSZ-CC-0782-V2-2015: 8
- BSI-DSZ-CC-0916-2015: 3
- BSI-DSZ-CC-0976: 4
- BSI-DSZ-CC-0976-2015: 24
- BSI-DSZ-CC-S-0017-2014: 2
- BSI-DSZ-CC-S-0029-2014: 2
- BSI-DSZ-CC-S-0031-2014: 2
|
| pdf_data/report_keywords/cc_protection_profile_id |
- BSI:
- BSI-CC-PP-0082-V4-: 1
- BSI-CC-PP-0082-V4-2019: 3
|
- BSI:
- BSI-CC-PP-0082-V2-2014: 4
|
| pdf_data/report_keywords/cc_security_level |
- EAL:
- EAL 1: 1
- EAL 2: 2
- EAL 2+: 1
- EAL 4: 5
- EAL 4 augmented: 3
- EAL 5: 4
- EAL 5+: 1
- EAL 6: 1
- EAL5+: 1
- EAL6: 1
|
- EAL:
- EAL 1: 7
- EAL 2: 4
- EAL 3: 4
- EAL 4: 13
- EAL 4 augmented: 3
- EAL 5: 10
- EAL 5+: 1
- EAL 6: 4
- EAL 7: 4
- ITSEC:
|
| pdf_data/report_keywords/cc_sar |
- ADV:
- ALC:
- ALC_CMC.4: 1
- ALC_CMS.4: 1
- ALC_DEL.1: 1
- ALC_DVS.2: 5
- ALC_FLR: 2
- ALC_LCD.1: 1
- ALC_TAT.1: 1
- ATE:
- AVA:
|
- ADV:
- ADV_ARC: 1
- ADV_ARC.1: 1
- ADV_FSP: 1
- ADV_FSP.1: 1
- ADV_FSP.2: 1
- ADV_FSP.3: 1
- ADV_FSP.4: 1
- ADV_FSP.5: 1
- ADV_FSP.6: 1
- ADV_IMP: 1
- ADV_IMP.1: 1
- ADV_IMP.2: 1
- ADV_INT: 1
- ADV_INT.1: 1
- ADV_INT.2: 1
- ADV_INT.3: 1
- ADV_SPM: 1
- ADV_SPM.1: 1
- ADV_TDS: 1
- ADV_TDS.1: 1
- ADV_TDS.2: 1
- ADV_TDS.3: 1
- ADV_TDS.4: 1
- ADV_TDS.5: 1
- ADV_TDS.6: 1
- AGD:
- AGD_OPE: 1
- AGD_OPE.1: 1
- AGD_PRE: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC: 1
- ALC_CMC.1: 1
- ALC_CMC.2: 1
- ALC_CMC.3: 1
- ALC_CMC.4: 2
- ALC_CMC.5: 1
- ALC_CMS: 1
- ALC_CMS.1: 1
- ALC_CMS.2: 1
- ALC_CMS.3: 1
- ALC_CMS.4: 2
- ALC_CMS.5: 1
- ALC_DEL: 1
- ALC_DEL.1: 2
- ALC_DVS: 1
- ALC_DVS.1: 1
- ALC_DVS.2: 7
- ALC_FLR: 3
- ALC_FLR.1: 1
- ALC_FLR.2: 1
- ALC_FLR.3: 1
- ALC_LCD.1: 2
- ALC_LCD.2: 1
- ALC_TAT: 1
- ALC_TAT.1: 2
- ALC_TAT.2: 1
- ALC_TAT.3: 1
- APE:
- APE_CCL.1: 1
- APE_ECD.1: 1
- APE_INT.1: 1
- APE_OBJ.1: 1
- APE_OBJ.2: 1
- APE_REQ.1: 1
- APE_REQ.2: 1
- APE_SPD.1: 1
- ASE:
- ASE_CCL: 1
- ASE_CCL.1: 1
- ASE_ECD: 1
- ASE_ECD.1: 1
- ASE_INT: 1
- ASE_INT.1: 1
- ASE_OBJ: 1
- ASE_OBJ.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.1: 1
- ASE_REQ.2: 1
- ASE_SPD: 1
- ASE_SPD.1: 1
- ASE_TSS: 1
- ASE_TSS.1: 1
- ASE_TSS.2: 1
- ATE:
- ATE_COV: 1
- ATE_COV.1: 1
- ATE_COV.2: 1
- ATE_COV.3: 1
- ATE_DPT: 1
- ATE_DPT.1: 1
- ATE_DPT.2: 6
- ATE_DPT.3: 1
- ATE_DPT.4: 1
- ATE_FUN: 1
- ATE_FUN.1: 1
- ATE_FUN.2: 1
- ATE_IND: 1
- ATE_IND.1: 1
- ATE_IND.2: 1
- ATE_IND.3: 1
- AVA:
- AVA_VAN: 2
- AVA_VAN.1: 1
- AVA_VAN.2: 1
- AVA_VAN.3: 1
- AVA_VAN.4: 1
- AVA_VAN.5: 6
|
| pdf_data/report_keywords/cc_sfr |
- FCS:
- FCS_CKM: 4
- FCS_COP: 29
- FCS_RNG: 3
- FCS_RNG.1: 1
- FIA:
- FPT:
- FTP:
|
- FCS:
- FCS_CKM.1: 2
- FCS_COP: 2
- FCS_COP.1: 30
- FCS_RNG: 1
- FCS_RNG.1: 1
- FPT:
|
| pdf_data/report_keywords/cc_claims |
|
|
| pdf_data/report_keywords/vendor |
- GD:
- G+D: 2
- Giesecke & Devrient: 3
- Giesecke+Devrient: 29
- Infineon:
- Infineon: 11
- Infineon Technologies AG: 7
|
- GD:
- Infineon:
- Infineon: 11
- Infineon Technologies AG: 7
|
| pdf_data/report_keywords/eval_facility |
- SRC:
- SRC Security Research & Consulting: 3
- TUV:
- TÜV Informationstechnik: 1
|
- SRC:
- SRC Security Research & Consulting: 3
- TUV:
- TÜV Informationstechnik: 1
|
| pdf_data/report_keywords/symmetric_crypto |
- AES_competition:
- constructions:
|
- AES_competition:
- DES:
- constructions:
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
- FI:
- DFA: 1
- fault injection: 1
- malfunction: 1
- physical tampering: 1
- SCA:
- DPA: 1
- SPA: 1
- side channel: 1
- other:
|
- FI:
- DFA: 1
- fault injection: 1
- malfunction: 1
- physical tampering: 1
- SCA:
- DPA: 1
- SPA: 1
- side channel: 1
- other:
|
| pdf_data/report_keywords/technical_report_id |
- BSI:
- BSI 7148: 1
- BSI TR-03116-1: 1
- BSI TR-03143: 5
- BSI TR-03144: 10
|
- BSI:
- BSI 7148: 1
- BSI TR-03116-1: 1
- BSI TR-03143: 4
- BSI TR-03144: 11
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
- BSI:
- AIS 1: 1
- AIS 14: 1
- AIS 19: 1
- AIS 20: 6
- AIS 23: 1
- AIS 25: 4
- AIS 26: 4
- AIS 31: 5
- AIS 32: 1
- AIS 34: 4
- AIS 35: 2
- AIS 36: 5
- AIS 37: 2
- AIS 38: 1
- AIS 46: 2
- FIPS:
- FIPS 180-4: 9
- FIPS 197: 12
- FIPS PUB 180-4: 1
- FIPS PUB 197: 1
- ISO:
- ISO/IEC 15408: 4
- ISO/IEC 17065: 2
- ISO/IEC 18031:2005: 1
- ISO/IEC 18045: 4
- PKCS:
- RFC:
|
- BSI:
- AIS 1: 1
- AIS 14: 1
- AIS 19: 1
- AIS 20: 3
- AIS 23: 1
- AIS 25: 2
- AIS 26: 3
- AIS 31: 3
- AIS 32: 1
- AIS 34: 2
- AIS 35: 1
- AIS 36: 4
- AIS 38: 1
- FIPS:
- FIPS PUB 180-4: 1
- FIPS PUB 186-4: 1
- FIPS PUB 197: 1
- ISO:
- ISO/IEC 15408: 4
- ISO/IEC 17065: 2
- ISO/IEC 18045: 4
- PKCS:
- RFC:
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
- ConfidentialDocument:
- 1.1, 19 May 2021, Giesecke+Devrient Mobile Security GmbH (confidential document) [11] Guidance Documentation STARCOS 3.7 COS HBA-SMC – Main Document, Version 1.6, 23 March 2021: 1
- Target STARCOS 3.7 COS HBA-SMC, Version 2.0, 22 April 2021, Giesecke+Devrient Mobile Security GmbH (confidential document) 7 specifically • AIS 1, Version 14, Durchführung der Ortsbesichtigung in der Entwicklungsumgebung: 1
- being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification: 1
- design step H13, Version 3.3, 22 April 2020, Infineon Technologies AG, BSI-DSZ-CC-1110-V3-2020 (confidential document) Security Target Lite of the underlying hardware platform, Security Target IFX_CCI_000003h: 1
- for STARCOS 3.7 COS HBA-SMC, Version 2.9, 2 June 2021, SRC Security Research & Consulting GmbH (confidential document) [10] Configuration List BSI-DSZ-CC-0976-V4-2021, Configuration List STARCOS 3.7 COS HBA-SMC: 1
- procedure BSI-DSZ-CC-1110-V3-2020, Version 1, 23 April 2020, TÜV Informationstechnik GmbH (confidential document) [21] Einführung der Gesundheitskarte, Spezifikation des Card Operating System (COS), Elektrische: 1
|
- ConfidentialDocument:
- 2015, Giesecke & Devrient GmbH (confidential document) [11] Guidance Documentation STARCOS 3.6 – Main Document, Version 1.7, 25 July 2015, Giesecke &: 1
- Security Target STARCOS 3.6 COSGKV C1, Version 1.0.7, 10 December 2015, Giesecke & Devrient GmbH (confidential document) [7] Security Target Lite BSI-DSZ-CC-0976, Security Target Lite STARCOS 3.6 COSGKV C1, Version 1.0: 1
- and certification procedure is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification: 1
- for STARCOS 3.6 COSGKV C1, Version 1.3, 11 December 2015, SRC Security Research & Consulting GmbH (confidential document) [10] Configuration List BSI-DSZ-CC-0976, Configuration List STARCOS 3.6 COSGKV C1, Version 1.2, 11: 1
- procedure BSI-DSZ-CC-0782-V2-2015, Version 7, 21 October 2015, TÜV Informationstechnik GmbH (confidential document) [21] Einführung der Gesundheitskarte, Spezifikation des Card Operating System (COS), Elektrische: 1
|
| pdf_data/report_metadata |
- /Author: Bundesamt für Sicherheit in der Informationstechnik
- /CreationDate: D:20210629114835+02'00'
- /Creator: Writer
- /Keywords: "Common Criteria, Certification, Zertifizierung, G2 COS, eHealth, STARCOS 3.7 COS HBA-SMC, Giesecke+Devrient Mobile Security GmbH"
- /ModDate: D:20210629121138+02'00'
- /Producer: LibreOffice 6.3
- /Subject: STARCOS 3.7 COS HBA-SMC from G+D Mobile Security GmbH, Giesecke+Devrient Mobile Security GmbH
- /Title: Certification Report BSI-DSZ-CC-0976-V4-2021
- pdf_file_size_bytes: 936127
- pdf_hyperlinks: https://www.bsi.bund.de/, https://www.sogis.eu/, https://www.bsi.bund.de/zertifizierung, http://www.commoncriteriaportal.org/cc/, https://www.bsi.bund.de/zertifizierungsreporte, http://www.commoncriteriaportal.org/, https://www.bsi.bund.de/AIS
- pdf_is_encrypted: False
- pdf_number_of_pages: 40
|
- /Author: Bundesamt für Sicherheit in der Informationstechnik
- /CreationDate: D:20160107150744+01'00'
- /Creator: Writer
- /Keywords: "Common Criteria, Certification, Zertifizierung, eGK, STARCOS, Generation 2, Health Care System"
- /ModDate: D:20160108103345+01'00'
- /Producer: LibreOffice 4.2
- /Subject: eHealth / G2-COS Card Platform from G&D
- /Title: Certification Report BSI-DSZ-CC-0976-2015
- pdf_file_size_bytes: 1362924
- pdf_hyperlinks: https://www.bsi.bund.de/, http://www.commoncriteriaportal.org/, https://www.bsi.bund.de/zertifizierung
- pdf_is_encrypted: False
- pdf_number_of_pages: 46
|
| pdf_data/st_filename |
0976V4b_pdf.pdf |
0976b_pdf.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
- DE:
- BSI-DSZ-CC-1110-V3-2020: 2
|
- DE:
- BSI-DSZ-CC-0782-V2-2015: 2
|
| pdf_data/st_keywords/cc_protection_profile_id |
- BSI:
- BSI-CC-PP- 0082-V4: 2
- BSI-CC-PP- 0084-2014: 6
- BSI-CC-PP-0035-2007: 1
- BSI-CC-PP-0082-V3: 1
- BSI-CC-PP-0082-V4: 27
- BSI-CC-PP-0084-: 4
- BSI-CC-PP-0084-2007: 1
- BSI-CC-PP-0084-2014: 57
- BSI-PP-0084-: 2
- BSI-PP-0084-2014: 8
|
- BSI:
- BSI-CC-PP- 0035-2007: 7
- BSI-CC-PP- 0082-V2: 1
- BSI-CC-PP-0035: 5
- BSI-CC-PP-0035-: 9
- BSI-CC-PP-0035-2007: 49
- BSI-CC-PP-0035-2007-2007: 1
- BSI-CC-PP-0059: 1
- BSI-CC-PP-0071: 1
- BSI-CC-PP-0072: 1
- BSI-CC-PP-0075: 1
- BSI-CC-PP-0082-: 3
- BSI-CC-PP-0082-V2: 32
- BSI-CC-PP-0084-2014: 1
- BSI-PP-0035: 1
- BSI-PP-0035-: 3
- BSI-PP-0035-2007: 5
|
| pdf_data/st_keywords/cc_security_level |
- EAL:
- EAL 4: 2
- EAL 6: 2
- EAL4: 14
- EAL4 augmented: 4
- EAL6: 1
- EAL6+: 1
|
- EAL:
- EAL4: 14
- EAL4 augmented: 4
|
| pdf_data/st_keywords/cc_sar |
- ADV:
- ADV_ARC: 2
- ADV_ARC.1: 9
- ADV_FSP: 2
- ADV_FSP.4: 6
- ADV_IMP: 2
- ADV_IMP.1: 6
- ADV_TDS.3: 3
- AGD:
- AGD_OPE: 2
- AGD_OPE.1: 6
- AGD_PRE: 2
- AGD_PRE.1: 2
- ALC:
- ALC_CMC: 2
- ALC_CMC.4: 1
- ALC_CMS: 2
- ALC_CMS.4: 1
- ALC_DEL: 2
- ALC_DEL.1: 1
- ALC_DVS: 2
- ALC_DVS.2: 12
- ALC_FLR.1: 1
- ALC_LCD.1: 1
- ALC_TAT.1: 1
- ASE:
- ASE_CCL.1: 1
- ASE_ECD: 2
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.2: 1
- ASE_SPD.1: 1
- ASE_TSS.1: 1
- ATE:
- ATE_COV: 2
- ATE_COV.2: 1
- ATE_DPT.1: 1
- ATE_DPT.2: 11
- ATE_FUN.1: 6
- ATE_IND.2: 5
- AVA:
|
- ADV:
- ADV_ARC: 2
- ADV_ARC.1: 9
- ADV_FSP: 2
- ADV_FSP.4: 6
- ADV_IMP: 2
- ADV_IMP.1: 6
- ADV_TDS.3: 3
- AGD:
- AGD_OPE: 2
- AGD_OPE.1: 6
- AGD_PRE: 2
- AGD_PRE.1: 2
- ALC:
- ALC_CMC: 2
- ALC_CMC.4: 1
- ALC_CMS: 2
- ALC_CMS.4: 1
- ALC_DEL: 2
- ALC_DEL.1: 1
- ALC_DVS: 2
- ALC_DVS.2: 11
- ALC_LCD.1: 1
- ALC_TAT.1: 1
- APE:
- ASE:
- ASE_CCL.1: 1
- ASE_ECD: 1
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.2: 1
- ASE_SPD.1: 1
- ASE_TSS.1: 1
- ATE:
- ATE_COV: 2
- ATE_COV.2: 1
- ATE_DPT.1: 1
- ATE_DPT.2: 10
- ATE_FUN.1: 6
- ATE_IND.2: 5
- AVA:
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FCS:
- FCS_CKM: 83
- FCS_CKM.1: 39
- FCS_CKM.2: 9
- FCS_CKM.4: 64
- FCS_CKM.4.1: 1
- FCS_COP: 189
- FCS_COP.1: 27
- FCS_COP.1.1: 1
- FCS_RNG: 34
- FCS_RNG.1: 20
- FCS_RNG.1.1: 3
- FCS_RNG.1.2: 2
- FDP:
- FDP_ACC: 123
- FDP_ACC.1: 44
- FDP_ACF: 110
- FDP_ACF.1: 41
- FDP_IFC: 7
- FDP_IFC.1: 16
- FDP_ITC.1: 35
- FDP_ITC.2: 35
- FDP_ITT: 7
- FDP_ITT.1: 3
- FDP_RIP: 9
- FDP_RIP.1: 12
- FDP_RIP.1.1: 1
- FDP_SDC: 8
- FDP_SDC.1: 3
- FDP_SDI: 7
- FDP_SDI.1: 1
- FDP_SDI.2: 11
- FDP_SDI.2.1: 1
- FDP_SDI.2.2: 1
- FDP_UCT: 7
- FDP_UCT.1: 1
- FDP_UIT: 8
- FDP_UIT.1: 2
- FIA:
- FIA_ACC: 1
- FIA_ACF: 1
- FIA_AFL: 22
- FIA_AFL.1: 4
- FIA_API: 10
- FIA_API.1: 16
- FIA_API.1.1: 1
- FIA_ATD: 10
- FIA_ATD.1: 20
- FIA_ATD.1.1: 1
- FIA_SOS.1: 8
- FIA_SOS.1.1: 1
- FIA_UAU: 50
- FIA_UAU.1: 20
- FIA_UAU.1.1: 1
- FIA_UAU.1.2: 1
- FIA_UAU.4: 12
- FIA_UAU.4.1: 1
- FIA_UAU.5: 17
- FIA_UAU.5.1: 1
- FIA_UAU.5.2: 1
- FIA_UAU.6: 12
- FIA_UAU.6.1: 1
- FIA_UID: 14
- FIA_UID.1: 19
- FIA_UID.1.1: 1
- FIA_UID.1.2: 1
- FIA_USB: 32
- FIA_USB.1: 30
- FIA_USB.1.1: 1
- FIA_USB.1.2: 1
- FIA_USB.1.3: 2
- FMT:
- FMT_LIM: 15
- FMT_LIM.1: 3
- FMT_LIM.2: 2
- FMT_MSA: 68
- FMT_MSA.1: 8
- FMT_MSA.3: 39
- FMT_MSA.3.1: 1
- FMT_MSA.3.2: 1
- FMT_MTD: 38
- FMT_MTD.1: 4
- FMT_SMF.1: 51
- FMT_SMF.1.1: 1
- FMT_SMR: 9
- FMT_SMR.1: 41
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FMT_SRM: 1
- FPT:
- FPT_EMS: 10
- FPT_EMS.1: 15
- FPT_EMS.1.1: 1
- FPT_EMS.1.2: 1
- FPT_FLS: 7
- FPT_FLS.1: 16
- FPT_FLS.1.1: 1
- FPT_ITE: 11
- FPT_ITE.1: 11
- FPT_ITE.1.1: 1
- FPT_ITE.1.2: 1
- FPT_ITE.2: 13
- FPT_ITE.2.1: 5
- FPT_ITE.2.2: 1
- FPT_ITT: 7
- FPT_ITT.1: 3
- FPT_PHP: 7
- FPT_PHP.3: 4
- FPT_TDC.1: 10
- FPT_TDC.1.1: 1
- FPT_TDC.1.2: 1
- FPT_TST: 2
- FPT_TST.1: 11
- FPT_TST.1.1: 1
- FPT_TST.1.2: 1
- FPT_TST.1.3: 1
- FRU:
- FTP:
- FTP_ITC: 22
- FTP_ITC.1: 12
- FTP_ITE: 1
- FTP_TRP.1: 5
|
- FAU:
- FCS:
- FCS_CKM: 54
- FCS_CKM.1: 29
- FCS_CKM.2: 9
- FCS_CKM.4: 54
- FCS_CKM.4.1: 1
- FCS_COP: 136
- FCS_COP.1: 24
- FCS_COP.1.1: 1
- FCS_RNG: 12
- FCS_RNG.1: 23
- FCS_RNG.1.1: 3
- FCS_RNG.1.2: 2
- FDP:
- FDP_ACC: 101
- FDP_ACC.1: 36
- FDP_ACF: 89
- FDP_ACF.1: 35
- FDP_IFC: 5
- FDP_IFC.1: 9
- FDP_ITC.1: 26
- FDP_ITC.2: 26
- FDP_ITT: 6
- FDP_ITT.1: 4
- FDP_RIP.1: 10
- FDP_RIP.1.1: 1
- FDP_SDI.1: 1
- FDP_SDI.2: 9
- FDP_SDI.2.1: 1
- FDP_SDI.2.2: 1
- FIA:
- FIA_AFL: 22
- FIA_AFL.1: 4
- FIA_API: 6
- FIA_API.1: 16
- FIA_API.1.1: 2
- FIA_ATD.1: 10
- FIA_ATD.1.1: 1
- FIA_SOS.1: 8
- FIA_SOS.1.1: 1
- FIA_UAU.1: 15
- FIA_UAU.1.1: 1
- FIA_UAU.1.2: 1
- FIA_UAU.4: 10
- FIA_UAU.4.1: 1
- FIA_UAU.5: 15
- FIA_UAU.5.1: 1
- FIA_UAU.5.2: 1
- FIA_UAU.6: 10
- FIA_UAU.6.1: 1
- FIA_UID.1: 13
- FIA_UID.1.1: 1
- FIA_UID.1.2: 1
- FIA_USB.1: 20
- FIA_USB.1.1: 1
- FIA_USB.1.2: 1
- FIA_USB.1.3: 1
- FMT:
- FMT_LIM: 11
- FMT_LIM.1: 5
- FMT_LIM.2: 4
- FMT_MSA: 59
- FMT_MSA.1: 6
- FMT_MSA.3: 33
- FMT_MSA.3.1: 1
- FMT_MSA.3.2: 1
- FMT_MTD: 29
- FMT_MTD.1: 3
- FMT_SMF.1: 48
- FMT_SMF.1.1: 2
- FMT_SMR.1: 33
- FMT_SMR.1.1: 2
- FMT_SMR.1.2: 1
- FPT:
- FPT_EMS: 5
- FPT_EMS.1: 12
- FPT_EMS.1.1: 3
- FPT_EMS.1.2: 3
- FPT_FLS: 5
- FPT_FLS.1: 17
- FPT_FLS.1.1: 1
- FPT_ITE: 9
- FPT_ITE.1: 15
- FPT_ITE.1.1: 2
- FPT_ITE.1.2: 2
- FPT_ITE.2: 13
- FPT_ITE.2.1: 4
- FPT_ITE.2.2: 2
- FPT_ITT: 5
- FPT_ITT.1: 5
- FPT_PHP: 5
- FPT_PHP.3: 6
- FPT_TDC.1: 10
- FPT_TDC.1.1: 1
- FPT_TDC.1.2: 1
- FPT_TST: 2
- FPT_TST.1: 11
- FPT_TST.1.1: 1
- FPT_TST.1.2: 1
- FPT_TST.1.3: 1
- FRU:
- FTP:
- FTP_ITC: 9
- FTP_ITC.1: 3
- FTP_ITE: 1
|
| pdf_data/st_keywords/cc_claims |
- O:
- O.AES: 7
- O.PACE_CHIP: 2
- O.RND: 8
- T:
|
|
| pdf_data/st_keywords/vendor |
- GD:
- Infineon:
- Infineon: 2
- Infineon Technologies AG: 2
- NXP:
- STMicroelectronics:
|
- GD:
- G&D: 6
- Giesecke & Devrient: 9
- Infineon:
- Infineon: 2
- Infineon Technologies AG: 2
- NXP:
- STMicroelectronics:
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
- AES_competition:
- constructions:
|
- AES_competition:
- DES:
- constructions:
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
- SHA:
- SHA1:
- SHA2:
- SHA-224: 2
- SHA-256: 11
- SHA-384: 6
- SHA-512: 4
|
- SHA:
- SHA1:
- SHA2:
- SHA-2: 1
- SHA-224: 2
- SHA-256: 12
- SHA-384: 6
- SHA-512: 4
|
| pdf_data/st_keywords/crypto_scheme |
- KA:
- Key Agreement: 1
- Key agreement: 1
- MAC:
|
- KA:
- Key Agreement: 1
- Key agreement: 1
- MAC:
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
- Brainpool:
- brainpoolP256r1: 4
- brainpoolP384r1: 4
- brainpoolP512r1: 4
|
- Brainpool:
- brainpoolP256r1: 2
- brainpoolP384r1: 2
- brainpoolP512r1: 2
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
- FI:
- DFA: 1
- Malfunction: 17
- malfunction: 1
- physical tampering: 3
- SCA:
- DPA: 1
- Leak-Inherent: 15
- Physical Probing: 2
- SPA: 1
- side channel: 1
- other:
- Bleichenbacher attack: 1
- JIL: 3
|
- FI:
- DFA: 1
- Malfunction: 20
- malfunction: 1
- physical tampering: 3
- SCA:
- DPA: 2
- Leak-Inherent: 17
- Physical Probing: 2
- SPA: 2
- side channel: 1
- timing attacks: 1
- other:
- Bleichenbacher attack: 1
- JIL: 1
|
| pdf_data/st_keywords/technical_report_id |
- BSI:
- BSI TR-03111: 3
- BSI TR-03143: 2
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
- BSI:
- CC:
- CCMB-2017-04-001: 1
- CCMB-2017-04-002: 1
- CCMB-2017-04-003: 1
- CCMB-2017-04-004: 1
- CCMB-2017-05-001: 1
- FIPS:
- FIPS 180-4: 1
- FIPS 197: 4
- FIPS PUB 180-4: 1
- FIPS PUB 197: 1
- ISO:
- NIST:
- PKCS:
- RFC:
|
- BSI:
- CC:
- CCMB-2012-09-001: 3
- CCMB-2012-09-002: 2
- CCMB-2012-09-003: 3
- CCMB-2012-09-004: 2
- FIPS:
- FIPS 180-4: 1
- FIPS 197: 2
- ISO:
- ISO/IEC 7816: 2
- ISO/IEC 9797-1: 1
- NIST:
- NIST SP 800-38B: 1
- NIST SP 800-67: 2
- PKCS:
- RFC:
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
- OutOfScope:
- and cryptographic key sizes 2048 bits and 3072 bits modulus length for RSA private key operation is out of scope for the TOE. 371 The TOE shall meet the requirement “Cryptographic operation – CB ECC (FCS_COP.1/CB: 1
- out of scope: 1
|
|
| pdf_data/st_metadata |
- /Author: Giesecke+Devrient Mobile Security GmbH
- /CreationDate: D:20210617104602+02'00'
- /Creator: Microsoft® Word für Microsoft 365
- /Keywords: Version 1.0/18.05.2021
- /ModDate: D:20210617104602+02'00'
- /Producer: Microsoft® Word für Microsoft 365
- /Subject: Security Target STARCOS 3.7 COS HBA-SMC
- /Title: G+D MS Security Target to BSI-PP-0082-V4
- pdf_file_size_bytes: 2539468
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 166
|
- /Author: Giesecke & Devrient GmbH
- /CreationDate: D:20151210183631+01'00'
- /Creator: Microsoft® Word 2010
- /Keywords: Version 1.0.1/10.12.15
- /ModDate: D:20151210183631+01'00'
- /Producer: Microsoft® Word 2010
- /Subject: Security Target Lite STARCOS 3.6 COSGKV C1
- /Title: Giesecke&Devrient Security Target to BSI-PP-0082-V2
- pdf_file_size_bytes: 2396621
- pdf_hyperlinks: http://tools.ietf.org/html/rfc5639
- pdf_is_encrypted: False
- pdf_number_of_pages: 134
|
| state/cert/convert_garbage |
False |
False |
| state/cert/convert_ok |
True |
False |
| state/cert/download_ok |
True |
False |
| state/cert/extract_ok |
True |
False |
| state/cert/pdf_hash |
Different |
Different |
| state/cert/txt_hash |
Different |
Different |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |