| name |
ST3 Ace (ST3 Ace Token Manager v1.0.13.927, ST3 Ace Middleware v1.0.13.910, and SecureCOS Firmware v5.2) |
System Software for e-STUDIO555/ 655/755/855 V3.0 |
| category |
Products for Digital Signatures |
Multi-Function Devices |
| scheme |
MY |
JP |
| status |
archived |
archived |
| not_valid_after |
20.12.2018 |
15.02.2013 |
| not_valid_before |
20.12.2013 |
29.06.2009 |
| cert_link |
None |
None |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ISCB-5-RPT-C051-CR-v1a.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0219_erpt2.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/SecureMetric%20ST3%20Ace%20Security%20Target%20v1.1.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0219_est.pdf |
| manufacturer |
SecureMetric Technology Sdn Bhd |
Toshiba TEC Corporation |
| manufacturer_web |
https://www.securemetric.com/ |
https://www.toshibatec.co.jp/en/ |
| security_level |
EAL2 |
EAL3 |
| dgst |
e8f4eb037a6f1f14 |
30634ffd7f9cbb7c |
| heuristics/cert_id |
ISCB-5-RPT-C051-CR-v1a |
JISEC-CC-CRP-C0219 |
| heuristics/cert_lab |
[] |
[] |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ASE_CCL.1, ATE_FUN.1, ASE_OBJ.2, ALC_CMS.2, ASE_INT.1, ASE_REQ.2, AGD_PRE.1, ATE_IND.2, ASE_ECD.1, AVA_VAN.2, ADV_TDS.1, ASE_SPD.1, ALC_CMC.2, ADV_FSP.2, ATE_COV.1, AGD_OPE.1, ALC_DEL.1, ASE_TSS.1, ADV_ARC.1 |
ASE_CCL.1, ATE_FUN.1, ASE_OBJ.2, ASE_INT.1, ASE_REQ.2, AGD_PRE.1, ATE_IND.2, ATE_DPT.1, ASE_ECD.1, AVA_VAN.2, ADV_FSP.3, ALC_LCD.1, ASE_SPD.1, ATE_COV.2, ALC_CMC.3, ADV_TDS.2, ALC_DVS.1, ALC_CMS.3, AGD_OPE.1, ALC_DEL.1, ASE_TSS.1, ADV_ARC.1 |
| heuristics/extracted_versions |
5.2, 1.0.13.910, 1.0.13.927 |
3.0 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
- cert_no: 2013-012-C051
- certification_date: 20.12.2013
- developer: SecureMetric Technology Sdn Bhd
- enhanced:
- assurance_level: EAL2
- category: Products for Digital Signatures
- cert_id: C051
- certification_date: 20.12.2013
- developer: Yau Wai Chung2-2, Incubator 2, Technology Park MalaysiaLebuhraya Puchong - Sg. Besi, Bukit Jalil57000 Kuala LumpurMALAYSIA URL: http://www.securemetric.comEmail: [email protected]: + 603-8996 8225Fax: + 603-8996 7225
- expiration_date: 20.12.2018
- mutual_recognition: MyCC
- product: ST3 Ace (ST3 Ace Token Manager v1.0.13.927, ST3 Ace Middleware v1.0.13.910, and SecureCOS Firmware v5.2)
- report_link: https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C051/ISCB-5-RPT-C051-CR-v1a.pdf
- scope: The Target of Evaluation (TOE) is ST3 Ace that consists of ST3 Ace Token Manager v1.0.13.927, ST3 Ace Middleware v1.0.13.910, and SecureCOS Firmware v5.2. The TOE provides secure storage to store digital certificate(s) and cryptographic keys. The ST3 Ace follows the PKCS#11 standard and implements authentication via PIN to prevent unauthorised access to the token. The TOE is comprised of the three following core components of the ST3 Ace product: SecureCOS Operating System: The operating system (firmware) embedded in a microprocessor smart chip based USB token. The firmware provides the core cryptographic functionality of the TOE. ST3 Ace Middleware: Two compiled binaries that utilise exported APIs to provide an interface to the core cryptographic security functionality of the TOE, providing developers with an easily accessible method for engaging PKI-related functionality to support the development of enterprise authentication and integrity solutions. ST3 Ace Token Manager: The TOE provides an application for the user to manage the cryptographic key security of the TOE. The middleware and Token Manager are installed on a host computer for third party application to communicate with SecureCOS and provides key security functionality of the TOE. The scope of evaluation covers major security functions described as below: Cryptographic Operations - The TOE provides cryptographic library, which includes 3DES, RSA, MD5 and SHA-1, for cryptographic operations that can be used by third party applications such as encryption and decryption of email. The third party applications are outside the TOE evaluation scope. The TOE also provides the functionality to digitally sign documents and files. User Authentication - The TOE allows authorised users to access the TOE once the user is successfully identified and authenticated by the TOE. TOE user has to provide correct user PIN in order to access to TOE. The TOE enforces token blocking after 6 failed authentication attempts and Security Officer (SO) PIN is needed to unblock the token and reset the user PIN. The integration with the Token Management System Registration Authority (TMS RA) will allow a user to unblock the TOE and reset the User PIN without to deliver the physical token to the token management team. However, Secure Code is required in order to submit the unblock request or reset user PIN via TMS RA. TMS RA is outside the scope of the evaluation. Security Management - The TOE provides management functions such as token management (name change, PIN change, unblock token) and object management (view object, export/import object).
- status: Archive
- target_link: https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C051/SecureMetric%20ST3%20Ace%20Security%20Target%20v1.1.pdf
- type: PKI-related security solutions that provides secure storage to store digital certificate(s) and cryptographic keys.
- expiration_date: 20.12.2018
- level: EAL2
- product: ST3 Ace (ST3 Ace Token Manager v1.0.13.927, ST3 Ace Middleware v1.0.13.910, and SecureCOS Firmware v5.2)
- recognition: MyCC
- url: https://iscb.cybersecurity.my/index.php/certification/product-certification/mycc/archived-certified-products-and-systems/submission-view/85
|
- cert_id: JISEC-CC-CRP-C0219
- certification_date:
- claim: EAL3
- enhanced:
- assurance_level: EAL3
- cc_version: 3.1
- description: PRODUCT DESCRIPTION Description of TOE The TOE is the system software of the digital multi function device 兎-STUDIO555/655/755/855・manufactured by TOSHIBA TEC CORPORATION. The TOE controls general functions as a digital multi function device (Copy, Scan, Print and Fax), and provides functions of e-Filing Box and Shared folder. TOE security functionality The TOE provides function of data overwrite and complete deletion on the user document data deleted from HDD in the 兎-STUDIO555/655/755/855・(except following data: fax reception; expired user document data stored in e-Filing Box and Shared folder after such data痴 effective period). The function of data overwrite and complete deletion includes the function to collectively and completely delete all user document data from the HDD before the HDD is disposed or replaced. This function also prevents unauthorized restore of data.
- evaluation_facility: Electronic Commerce Security Technology Laboratory Inc. Evaluation Center
- product: Japanese name: e-STUDIO555/655/755/855 System Software English name: System Software for e-STUDIO555/655/755/855
- product_type: data protection function in Multi Function Device
- toe_version: V3.0
- vendor: TOSHIBA TEC CORPORATION
- expiration_date: 01.03.2013
- supplier: TOSHIBA TEC CORPORATION
- toe_japan_name: e-STUDIO555/655/755/855 System Software V3.0
- toe_overseas_link: https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0219_it9249.html
- toe_overseas_name: System Software for e-STUDIO 555/655/755/855 V3.0
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
{} |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
{} |
{} |
| pdf_data/cert_filename |
None |
None |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
|
| pdf_data/report_filename |
ISCB-5-RPT-C051-CR-v1a.pdf |
c0219_erpt2.pdf |
| pdf_data/report_frontpage |
|
|
| pdf_data/report_keywords/cc_cert_id |
- MY:
- ISCB-5-RPT-C051-CR-v1a: 29
|
- JP:
- CRP-C0219-01: 1
- Certification No. C0219: 2
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
|
|
| pdf_data/report_keywords/cc_sar |
|
|
| pdf_data/report_keywords/cc_sfr |
- FCS:
- FCS_CKM: 2
- FCS_CKM.4.1: 1
- FCS_COP: 4
- FIA:
- FIA_AFL.1.1: 1
- FIA_ATD.1.1: 1
- FIA_UAU.2.1: 1
- FMT:
- FMT_SMF.1.1: 1
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
|
|
| pdf_data/report_keywords/cc_claims |
|
- A:
- A.NO_ERASE_STOP: 1
- A.SECURITY_ENABLED: 1
- A.TRUST_SE: 1
- T:
- T.STOREDATA_ACCESS: 1
- T.TEMPDATA_ACCESS: 1
|
| pdf_data/report_keywords/vendor |
|
|
| pdf_data/report_keywords/eval_facility |
|
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
- FIPS:
- FIPS 180-2: 3
- FIPS 46-3: 2
- ISO:
- ISO/IEC 18045: 2
- ISO/IEC15408: 2
- PKCS:
|
- CC:
- CCMB-2006-09-001: 2
- CCMB-2007-09-002: 2
- CCMB-2007-09-003: 2
- CCMB-2007-09-004: 2
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
|
|
| pdf_data/report_metadata |
- /Author: ISCB Department
- /Category: PUBLIC
- /Caveat: FINAL
- /Classification: PUBLIC
- /Company: CyberSecurity Malaysia
- /CreationDate: D:20131220170040+08'00'
- /Creator: Acrobat PDFMaker 10.1 for Word
- /Developer: SecureMetric Technology Sdn Bhd
- /Document Type: CR
- /Identifier: ISCB-5-RPT-C051-CR-v1a
- /Index: MyCB_TMP_002
- /Keywords: ST3 Ace
- /ModDate: D:20131220170049+08'00'
- /Phase: Release
- /Producer: Adobe PDF Library 10.0
- /Project Code: C051
- /Released: 20 December 2013
- /ST Date: 21 November 2013
- /ST Title: ST3 Ace Security Target
- /ST Version: 1.1
- /SourceModified: D:20131220090019
- /Sponsor: SecureMetric Technology Sdn Bhd
- /Subject: ST3 Ace (ST3 Ace Token Manager v1.0.13.927, ST3 Ace Middleware v1.0.13.910, and SecureCOS Firmware v5.2)
- /TOE Name: ST3 Ace
- /TOE Version: ST3 Ace Token Manager (v1.0.13.927), ST3 Ace Middleware (v1.0.13.910), SecureCOS Firmware (v5.2)
- /Title: C051 Certification Report
- /Version: v1a
- pdf_file_size_bytes: 421845
- pdf_hyperlinks: mailto:[email protected], http://www.commoncriteriaportal.org/, http://www.cybersecurity.my/mycc
- pdf_is_encrypted: True
- pdf_number_of_pages: 29
|
- /CreationDate: D:20120817154119+09'00'
- /Creator: Microsoft® Word 2010
- /ModDate: D:20120817154231+09'00'
- /Producer: Microsoft® Word 2010
- pdf_file_size_bytes: 404730
- pdf_hyperlinks: {}
- pdf_is_encrypted: True
- pdf_number_of_pages: 27
|
| pdf_data/st_filename |
SecureMetric ST3 Ace Security Target v1.1.pdf |
c0219_est.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
|
|
| pdf_data/st_keywords/cc_sar |
- ADV:
- ADV_ARC.1: 1
- ADV_FSP.2: 1
- ADV_TDS.1: 1
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.2: 1
- ALC_CMS.2: 1
- ALC_DEL.1: 1
- ASE:
- ASE_CCL.1: 4
- ASE_ECD.1: 1
- ASE_INT.1: 4
- ASE_OBJ.2: 4
- ASE_REQ.2: 4
- ASE_SPD.1: 4
- ASE_TSS.1: 4
- ATE:
- ATE_COV.1: 1
- ATE_FUN.1: 1
- ATE_IND.2: 1
- AVA:
|
- ADV:
- ADV_ARC.1: 1
- ADV_FSP.3: 1
- ADV_TDS.2: 1
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.3: 1
- ALC_CMS.3: 1
- ALC_DEL.1: 1
- ALC_DVS.1: 1
- ALC_LCD.1: 1
- ASE:
- ASE_CCL.1: 1
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.2: 1
- ASE_SPD.1: 1
- ASE_TSS.1: 1
- ATE:
- ATE_COV.2: 1
- ATE_DPT.1: 1
- ATE_FUN.1: 1
- ATE_IND.2: 1
- AVA:
|
| pdf_data/st_keywords/cc_sfr |
- FCS:
- FCS_CKM: 15
- FCS_CKM.1: 11
- FCS_CKM.2: 4
- FCS_CKM.4: 21
- FCS_CKM.4.1: 1
- FCS_COP: 25
- FCS_COP.1: 5
- FDP:
- FDP_IFF: 2
- FDP_ITC.1: 10
- FDP_ITC.2: 10
- FIA:
- FIA_AFL.1: 6
- FIA_AFL.1.1: 1
- FIA_AFL.1.2: 1
- FIA_ATD.1: 5
- FIA_ATD.1.1: 1
- FIA_UAU.1: 1
- FIA_UAU.2: 7
- FIA_UAU.2.1: 1
- FIA_UID.1: 4
- FMT:
- FMT_MTD: 18
- FMT_MTD.1: 1
- FMT_SMF.1: 12
- FMT_SMF.1.1: 1
- FMT_SMR.1: 15
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
|
|
| pdf_data/st_keywords/cc_claims |
- A:
- O:
- O.AUTHENTICATE: 5
- O.CRYPT: 4
- O.DISCLOSURE: 1
- O.KEYPROTECT: 3
- O.MODIFY: 4
- OE:
- OE.AUTHDATA: 3
- OE.INSTALL: 3
- T:
- T.COMINT: 3
- T.DISCLOSURE: 2
- T.IMPERSON: 3
- T.MODIFY: 2
|
- A:
- A.NO_ERASE_STOP: 3
- A.SECURITY_ENABLED: 3
- A.TRUST_SE: 3
- O:
- O.STOREDATA_OVERWRITE: 4
- O.TEMPDATA_OVERWRITE: 6
- OE:
- OE.HDD_ERASE: 3
- OE.NO_ERASE_STOP: 3
- OE.SECURITY_ENABLED: 2
- OE.TRUST_SE: 2
- T:
- T.STOREDATA_ACCESS: 3
- T.TEMPDATA_ACCESS: 3
|
| pdf_data/st_keywords/vendor |
|
- Microsoft:
- Microsoft: 3
- Microsoft Corporation: 1
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
|
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
|
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
- FIPS:
- FIPS 180-2: 3
- FIPS 46-3: 2
- PKCS:
|
- CC:
- CCMB-2006-09-001: 1
- CCMB-2007-09-002: 1
- CCMB-2007-09-003: 1
- CCMB-2007-09-004: 1
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
|
|
| pdf_data/st_metadata |
|
- /Author:
- /CreationDate: D:20100402133829+09'00'
- /Creator: PScript5.dll Version 5.2
- /ModDate: D:20100402133829+09'00'
- /Producer: Acrobat Distiller 6.0.1 (Windows)
- /Title: Microsoft Word - E_e-STUDIO555_655_755_855用システムソフトウェアSecurity Target Ver11_English_.doc
- pdf_file_size_bytes: 297045
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 26
|
| state/cert/convert_garbage |
None |
None |
| state/cert/convert_ok |
False |
False |
| state/cert/download_ok |
False |
False |
| state/cert/extract_ok |
False |
False |
| state/cert/pdf_hash |
Equal |
Equal |
| state/cert/txt_hash |
Equal |
Equal |
| state/report/convert_garbage |
None |
None |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
None |
None |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |