This page was not yet optimized for use on mobile devices.
ST3 Ace (ST3 Ace Token Manager v1.0.13.927, ST3 Ace Middleware v1.0.13.910, and SecureCOS Firmware v5.2)
CSV information ?
| Status | archived |
|---|---|
| Valid from | 20.12.2013 |
| Valid until | 20.12.2018 |
| Scheme | 🇲🇾 MY |
| Manufacturer | SecureMetric Technology Sdn Bhd |
| Category | Products for Digital Signatures |
| Security level | EAL2 |
Heuristics summary ?
Certificate ID: ISCB-5-RPT-C051-CR-v1a
Certificate ?
Certification report ?
Extracted keywords
Symmetric Algorithms
DES, 3DES, TDESHash functions
SHA-1, MD5Block cipher modes
ECB, CBCSecurity level
EAL2, EAL 2Security Functional Requirements (SFR)
FCS_CKM, FCS_CKM.4.1, FCS_COP, FIA_AFL.1.1, FIA_ATD.1.1, FIA_UAU.2.1, FMT_SMR.1.1, FMT_SMF.1.1, FMT_SMR.1.2Certificates
ISCB-5-RPT-C051-CR-v1aStandards
FIPS 180-2, FIPS 46-3, PKCS#11, ISO/IEC15408, ISO/IEC 18045File metadata
| Title | C051 Certification Report |
|---|---|
| Subject | ST3 Ace (ST3 Ace Token Manager v1.0.13.927, ST3 Ace Middleware v1.0.13.910, and SecureCOS Firmware v5.2) |
| Keywords | ST3 Ace |
| Author | ISCB Department |
| Creation date | D:20131220170040+08'00' |
| Modification date | D:20131220170049+08'00' |
| Pages | 29 |
| Creator | Acrobat PDFMaker 10.1 for Word |
| Producer | Adobe PDF Library 10.0 |
Security target ?
Extracted keywords
Symmetric Algorithms
DES, TDES, 3-DESHash functions
SHA-1, MD5Block cipher modes
ECB, CBCVendor
MicrosoftSecurity level
EAL2Claims
O.AUTHENTICATE, O.KEYPROTECT, O.CRYPT, O.MODIFY, O.DISCLOSURE, T.COMINT, T.DISCLOSURE, T.IMPERSON, T.MODIFY, A.USER, A.HOST, OE.AUTHDATA, OE.INSTALLSecurity Assurance Requirements (SAR)
ADV_ARC.1, ADV_FSP.2, ADV_TDS.1, AGD_OPE.1, AGD_PRE.1, ALC_CMS.2, ALC_CMC.2, ALC_DEL.1, ATE_IND.2, ATE_FUN.1, ATE_COV.1, AVA_VAN.2, ASE_INT.1, ASE_CCL.1, ASE_SPD.1, ASE_OBJ.2, ASE_REQ.2, ASE_TSS.1, ASE_ECD.1Security Functional Requirements (SFR)
FCS_CKM, FCS_CKM.4, FCS_COP, FCS_CKM.2, FCS_COP.1, FCS_CKM.4.1, FCS_CKM.1, FDP_IFF, FDP_ITC.1, FDP_ITC.2, FIA_AFL.1, FIA_ATD.1, FIA_UAU.2, FIA_AFL.1.1, FIA_AFL.1.2, FIA_UID.1, FIA_ATD.1.1, FIA_UAU.1, FIA_UAU.2.1, FMT_MTD, FMT_SMF.1, FMT_SMR.1, FMT_SMF.1.1, FMT_SMR.1.1, FMT_SMR.1.2, FMT_MTD.1Standards
FIPS 46-3, FIPS 180-2, PKCS#11File metadata
| Title | ST3 Ace Security Target |
|---|---|
| Subject | ST3 Ace |
| Author | Muzamir Mohamad |
| Creation date | D:20131121162318+11'00' |
| Modification date | D:20131121162537+11'00' |
| Pages | 32 |
| Creator | Acrobat PDFMaker 11 for Word |
| Producer | Adobe PDF Library 11.0 |
Heuristics ?
Certificate ID: ISCB-5-RPT-C051-CR-v1a
Extracted SARs
ADV_FSP.2, ALC_CMC.2, ASE_CCL.1, ASE_TSS.1, ATE_COV.1, ATE_FUN.1, AGD_OPE.1, ADV_TDS.1, ALC_CMS.2, ASE_OBJ.2, ALC_DEL.1, ATE_IND.2, ASE_INT.1, ASE_REQ.2, ADV_ARC.1, AGD_PRE.1, ASE_ECD.1, ASE_SPD.1, AVA_VAN.2Similar certificates
Scheme data ?
| Cert No | 2013-012-C051 | |
|---|---|---|
| Developer | SecureMetric Technology Sdn Bhd | |
| Level | EAL2 | |
| Product | ST3 Ace (ST3 Ace Token Manager v1.0.13.927, ST3 Ace Middleware v1.0.13.910, and SecureCOS Firmware v5.2) | |
| Certification Date | 20-12-2013 | |
| Expiration Date | 20-12-2018 | |
| Recognition | MyCC | |
| Url | https://iscb.cybersecurity.my/index.php/certification/product-certification/mycc/archived-certified-products-and-systems/submission-view/85 | |
| Enhanced | ||
| Cert Id | C051 | |
| Product | ST3 Ace (ST3 Ace Token Manager v1.0.13.927, ST3 Ace Middleware v1.0.13.910, and SecureCOS Firmware v5.2) | |
| Developer | Yau Wai Chung2-2, Incubator 2, Technology Park MalaysiaLebuhraya Puchong - Sg. Besi, Bukit Jalil57000 Kuala LumpurMALAYSIA URL: http://www.securemetric.comEmail: [email protected]: + 603-8996 8225Fax: + 603-8996 7225 | |
| Category | Products for Digital Signatures | |
| Type | PKI-related security solutions that provides secure storage to store digital certificate(s) and cryptographic keys. | |
| Scope | The Target of Evaluation (TOE) is ST3 Ace that consists of ST3 Ace Token Manager v1.0.13.927, ST3 Ace Middleware v1.0.13.910, and SecureCOS Firmware v5.2. The TOE provides secure storage to store digital certificate(s) and cryptographic keys. The ST3 Ace follows the PKCS#11 standard and implements authentication via PIN to prevent unauthorised access to the token. The TOE is comprised of the three following core components of the ST3 Ace product: SecureCOS Operating System: The operating system (firmware) embedded in a microprocessor smart chip based USB token. The firmware provides the core cryptographic functionality of the TOE. ST3 Ace Middleware: Two compiled binaries that utilise exported APIs to provide an interface to the core cryptographic security functionality of the TOE, providing developers with an easily accessible method for engaging PKI-related functionality to support the development of enterprise authentication and integrity solutions. ST3 Ace Token Manager: The TOE provides an application for the user to manage the cryptographic key security of the TOE. The middleware and Token Manager are installed on a host computer for third party application to communicate with SecureCOS and provides key security functionality of the TOE. The scope of evaluation covers major security functions described as below: Cryptographic Operations - The TOE provides cryptographic library, which includes 3DES, RSA, MD5 and SHA-1, for cryptographic operations that can be used by third party applications such as encryption and decryption of email. The third party applications are outside the TOE evaluation scope. The TOE also provides the functionality to digitally sign documents and files. User Authentication - The TOE allows authorised users to access the TOE once the user is successfully identified and authenticated by the TOE. TOE user has to provide correct user PIN in order to access to TOE. The TOE enforces token blocking after 6 failed authentication attempts and Security Officer (SO) PIN is needed to unblock the token and reset the user PIN. The integration with the Token Management System Registration Authority (TMS RA) will allow a user to unblock the TOE and reset the User PIN without to deliver the physical token to the token management team. However, Secure Code is required in order to submit the unblock request or reset user PIN via TMS RA. TMS RA is outside the scope of the evaluation. Security Management - The TOE provides management functions such as token management (name change, PIN change, unblock token) and object management (view object, export/import object). | |
| Assurance Level | EAL2 | |
| Certification Date | 20-12-2013 | |
| Expiration Date | 20-12-2018 | |
| Mutual Recognition | MyCC | |
| Report Link | https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C051/ISCB-5-RPT-C051-CR-v1a.pdf | |
| Target Link | https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C051/SecureMetric%20ST3%20Ace%20Security%20Target%20v1.1.pdf | |
| Status | Archive | |
References ?
No references are available for this certificate.
Updates ?
-
22.08.2024 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The report property was updated, with the
{'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': 'cae4c4f17ce80a6a2cefd69e11ab3912560b7e4d095b0a76c504bc416a65168a', 'txt_hash': 'c17419bda46cbef41324c78216f21b20638c44d33fe18343c35625a46b9fc69d'}data. - The st property was updated, with the
{'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': 'd7b7be846d8dbe8dd99e7ad2a3f55b5590d581d9c635d95ce5d5be197270088c', 'txt_hash': 'a8073ce6cc36823d5544997df1551c39a38be5de5a8ae95461abb7a3f582d8e7'}data.
The PDF extraction data was updated.
- The report_metadata property was set to
{'pdf_file_size_bytes': 421845, 'pdf_is_encrypted': True, 'pdf_number_of_pages': 29, '/Author': 'ISCB Department', '/Category': 'PUBLIC', '/Caveat': 'FINAL', '/Classification': 'PUBLIC', '/Company': 'CyberSecurity Malaysia', '/CreationDate': "D:20131220170040+08'00'", '/Creator': 'Acrobat PDFMaker 10.1 for Word', '/Developer': 'SecureMetric Technology Sdn Bhd', '/Document Type': 'CR', '/Identifier': 'ISCB-5-RPT-C051-CR-v1a', '/Index': 'MyCB_TMP_002', '/Keywords': 'ST3 Ace', '/ModDate': "D:20131220170049+08'00'", '/Phase': 'Release', '/Producer': 'Adobe PDF Library 10.0', '/Project Code': 'C051', '/Released': '20 December 2013', '/ST Date': '21 November 2013', '/ST Title': 'ST3 Ace Security Target', '/ST Version': '1.1', '/SourceModified': 'D:20131220090019', '/Sponsor': 'SecureMetric Technology Sdn Bhd', '/Subject': 'ST3 Ace (ST3 Ace Token Manager v1.0.13.927, ST3 Ace Middleware v1.0.13.910, and SecureCOS Firmware v5.2)', '/TOE Name': 'ST3 Ace', '/TOE Version': 'ST3 Ace Token Manager (v1.0.13.927), ST3 Ace Middleware (v1.0.13.910), SecureCOS Firmware (v5.2)', '/Title': 'C051 Certification Report', '/Version': 'v1a', 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['http://www.cybersecurity.my/mycc', 'mailto:[email protected]', 'http://www.commoncriteriaportal.org/']}}. - The st_metadata property was set to
{'pdf_file_size_bytes': 381558, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 32, '/Author': 'Muzamir Mohamad', '/Category': 'ASE', '/Company': 'BAE Systems Detica', '/CreationDate': "D:20131121162318+11'00'", '/Creator': 'Acrobat PDFMaker 11 for Word', '/Develop_Fullname': 'SecureMetric Technology Sdn Bhd', '/Developer_Shortname': 'SecureMetric', '/Document_Classification': 'COMMERCIAL-IN-CONFIDENCE', '/Document_ID': 'ACE_EAL2_ST', '/Document_Phase': 'Released', '/Document_Released': '21-NOV-13', '/Document_Version': '1.1', '/Evaluation_CC': '3.1 (REV 4)', '/Evaluation_EAL': 'EAL2', '/ModDate': "D:20131121162537+11'00'", '/Producer': 'Adobe PDF Library 11.0', '/Product_Fullname': 'ST3 Ace', '/Product_Shortname': 'ST3 Ace', '/Product_Version': 'ST3_Manager.exe v1.0.13.0927, st3csp11.dll & st3csp11_s.dll v1.0.13.0910 and SecureCOS firmware v5.2', '/SourceModified': 'D:20131121044244', '/Subject': 'ST3 Ace', '/TOE_Title': 'ST3 Ace', '/TOE_Version': 'ST3 Ace Token Manager v1.0.13.927, ST3 Ace Middleware v1.0.13.910 and SecureCOS Firmware v5.2', '/Title': 'ST3 Ace Security Target', 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['http://en.wikipedia.org/wiki/Password', 'http://en.wikipedia.org/wiki/Federal_Information_Processing_Standard', 'http://en.wikipedia.org/wiki/XOR', 'http://en.wikipedia.org/wiki/Cryptographic_hash_function', 'http://en.wikipedia.org/wiki/Bit', 'http://en.wikipedia.org/wiki/National_Security_Agency', 'http://en.wikipedia.org/wiki/Secure_Hash_Algorithm', 'http://en.wikipedia.org/wiki/National_Institute_of_Standards_and_Technology']}}. - The report_frontpage property was set to
{}. - The report_keywords property was set to
{'cc_cert_id': {'MY': {'ISCB-5-RPT-C051-CR-v1a': 29}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL2': 7, 'EAL 2': 2}}, 'cc_sar': {}, 'cc_sfr': {'FCS': {'FCS_CKM': 2, 'FCS_CKM.4.1': 1, 'FCS_COP': 4}, 'FIA': {'FIA_AFL.1.1': 1, 'FIA_ATD.1.1': 1, 'FIA_UAU.2.1': 1}, 'FMT': {'FMT_SMR.1.1': 1, 'FMT_SMF.1.1': 1, 'FMT_SMR.1.2': 1}}, 'cc_claims': {}, 'vendor': {}, 'eval_facility': {}, 'symmetric_crypto': {'DES': {'DES': {'DES': 1}, '3DES': {'3DES': 4, 'TDES': 6}}}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 5}}, 'MD': {'MD5': {'MD5': 5}}}, 'crypto_scheme': {}, 'crypto_protocol': {}, 'randomness': {}, 'cipher_mode': {'ECB': {'ECB': 1}, 'CBC': {'CBC': 2}}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS 180-2': 3, 'FIPS 46-3': 2}, 'PKCS': {'PKCS#11': 14}, 'ISO': {'ISO/IEC15408': 2, 'ISO/IEC 18045': 2}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}. - The st_keywords property was set to
{'cc_cert_id': {}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL2': 9}}, 'cc_sar': {'ADV': {'ADV_ARC.1': 1, 'ADV_FSP.2': 1, 'ADV_TDS.1': 1}, 'AGD': {'AGD_OPE.1': 1, 'AGD_PRE.1': 1}, 'ALC': {'ALC_CMS.2': 1, 'ALC_CMC.2': 1, 'ALC_DEL.1': 1}, 'ATE': {'ATE_IND.2': 1, 'ATE_FUN.1': 1, 'ATE_COV.1': 1}, 'AVA': {'AVA_VAN.2': 1}, 'ASE': {'ASE_INT.1': 4, 'ASE_CCL.1': 4, 'ASE_SPD.1': 4, 'ASE_OBJ.2': 4, 'ASE_REQ.2': 4, 'ASE_TSS.1': 4, 'ASE_ECD.1': 1}}, 'cc_sfr': {'FCS': {'FCS_CKM': 15, 'FCS_CKM.4': 21, 'FCS_COP': 25, 'FCS_CKM.2': 4, 'FCS_COP.1': 5, 'FCS_CKM.4.1': 1, 'FCS_CKM.1': 11}, 'FDP': {'FDP_IFF': 2, 'FDP_ITC.1': 10, 'FDP_ITC.2': 10}, 'FIA': {'FIA_AFL.1': 6, 'FIA_ATD.1': 5, 'FIA_UAU.2': 7, 'FIA_AFL.1.1': 1, 'FIA_AFL.1.2': 1, 'FIA_UID.1': 4, 'FIA_ATD.1.1': 1, 'FIA_UAU.1': 1, 'FIA_UAU.2.1': 1}, 'FMT': {'FMT_MTD': 18, 'FMT_SMF.1': 12, 'FMT_SMR.1': 15, 'FMT_SMF.1.1': 1, 'FMT_SMR.1.1': 1, 'FMT_SMR.1.2': 1, 'FMT_MTD.1': 1}}, 'cc_claims': {'O': {'O.AUTHENTICATE': 5, 'O.KEYPROTECT': 3, 'O.CRYPT': 4, 'O.MODIFY': 4, 'O.DISCLOSURE': 1}, 'T': {'T.COMINT': 3, 'T.DISCLOSURE': 2, 'T.IMPERSON': 3, 'T.MODIFY': 2}, 'A': {'A.USER': 3, 'A.HOST': 2}, 'OE': {'OE.AUTHDATA': 3, 'OE.INSTALL': 3}}, 'vendor': {'Microsoft': {'Microsoft': 2}}, 'eval_facility': {}, 'symmetric_crypto': {'DES': {'DES': {'DES': 3}, '3DES': {'TDES': 12, '3-DES': 1}}}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 5}}, 'MD': {'MD5': {'MD5': 8}}}, 'crypto_scheme': {}, 'crypto_protocol': {}, 'randomness': {}, 'cipher_mode': {'ECB': {'ECB': 1}, 'CBC': {'CBC': 2}}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS 46-3': 2, 'FIPS 180-2': 3}, 'PKCS': {'PKCS#11': 7}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}. - The report_filename property was set to
ISCB-5-RPT-C051-CR-v1a.pdf. - The st_filename property was set to
SecureMetric ST3 Ace Security Target v1.1.pdf.
The computed heuristics were updated.
- The cert_id property was set to
ISCB-5-RPT-C051-CR-v1a. - The extracted_sars property was set to
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_VAN', 'level': 2}]}.
- The report property was updated, with the
-
17.08.2024 The certificate data changed.
Certificate changed
The report_link was updated.
- The new value is
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ISCB-5-RPT-C051-CR-v1a.pdf.
The st_link was updated.
- The new value is
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/SecureMetric%20ST3%20Ace%20Security%20Target%20v1.1.pdf.
The state of the certificate object was updated.
- The report property was updated, with the
{'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None}data.
The PDF extraction data was updated.
- The report_metadata property was set to
None. - The report_frontpage property was set to
None. - The report_keywords property was set to
None. - The report_filename property was set to
None.
The computed heuristics were updated.
- The cert_id property was set to
None.
- The new value is
-
12.08.2024 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The st property was updated, with the
{'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None}data.
The PDF extraction data was updated.
- The st_metadata property was set to
None. - The st_keywords property was set to
None. - The st_filename property was set to
None.
The computed heuristics were updated.
- The extracted_sars property was set to
None.
- The st property was updated, with the
-
23.07.2024 The certificate was first processed.
New certificate
A new Common Criteria certificate with the product name ST3 Ace (ST3 Ace Token Manager v1.0.13.927, ST3 Ace Middleware v1.0.13.910, and SecureCOS Firmware v5.2) was processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "Products for Digital Signatures",
"cert_link": null,
"dgst": "e8f4eb037a6f1f14",
"heuristics": {
"_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
"annotated_references": null,
"cert_id": "ISCB-5-RPT-C051-CR-v1a",
"cert_lab": null,
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_TDS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DEL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_TSS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_FUN",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_REQ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMC",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_CCL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_PRE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_ECD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_COV",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_IND",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_OBJ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_OPE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_INT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_SPD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_ARC",
"level": 1
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"1.0.13.910",
"1.0.13.927",
"5.2"
]
},
"indirect_transitive_cves": null,
"related_cves": null,
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"scheme_data": {
"cert_no": "2013-012-C051",
"certification_date": "20-12-2013",
"developer": "SecureMetric Technology Sdn Bhd",
"enhanced": {
"assurance_level": "EAL2",
"category": "Products for Digital Signatures",
"cert_id": "C051",
"certification_date": "20-12-2013",
"developer": "Yau Wai Chung2-2, Incubator 2, Technology Park MalaysiaLebuhraya Puchong - Sg. Besi, Bukit Jalil57000 Kuala LumpurMALAYSIA\nURL: http://www.securemetric.comEmail: [email protected]: + 603-8996 8225Fax: + 603-8996 7225",
"expiration_date": "20-12-2018",
"mutual_recognition": "MyCC",
"product": "ST3 Ace (ST3 Ace Token Manager v1.0.13.927, ST3 Ace Middleware v1.0.13.910, and SecureCOS Firmware v5.2)",
"report_link": "https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C051/ISCB-5-RPT-C051-CR-v1a.pdf",
"scope": "The Target of Evaluation (TOE) is ST3 Ace that consists of ST3 Ace Token Manager v1.0.13.927, ST3 Ace Middleware v1.0.13.910, and SecureCOS Firmware v5.2. The TOE provides secure storage to store digital certificate(s) and cryptographic keys. The ST3 Ace follows the PKCS#11 standard and implements authentication via PIN to prevent unauthorised access to the token.\nThe TOE is comprised of the three following core components of the ST3 Ace product:\n\nSecureCOS Operating System: The operating system (firmware) embedded in a microprocessor smart chip based USB token. The firmware provides the core cryptographic functionality of the TOE.\nST3 Ace Middleware: Two compiled binaries that utilise exported APIs to provide an interface to the core cryptographic security functionality of the TOE, providing developers with an easily accessible method for engaging PKI-related functionality to support the development of enterprise authentication and integrity solutions.\nST3 Ace Token Manager: The TOE provides an application for the user to manage the cryptographic key security of the TOE. The middleware and Token Manager are installed on a host computer for third party application to communicate with SecureCOS and provides key security functionality of the TOE.\n\nThe scope of evaluation covers major security functions described as below:\n\nCryptographic Operations - The TOE provides cryptographic library, which includes 3DES, RSA, MD5 and SHA-1, for cryptographic operations that can be used by third party applications such as encryption and decryption of email. The third party applications are outside the TOE evaluation scope. The TOE also provides the functionality to digitally sign documents and files.\nUser Authentication - The TOE allows authorised users to access the TOE once the user is successfully identified and authenticated by the TOE. TOE user has to provide correct user PIN in order to access to TOE. The TOE enforces token blocking after 6 failed authentication attempts and Security Officer (SO) PIN is needed to unblock the token and reset the user PIN. The integration with the Token Management System Registration Authority (TMS RA) will allow a user to unblock the TOE and reset the User PIN without to deliver the physical token to the token management team. However, Secure Code is required in order to submit the unblock request or reset user PIN via TMS RA. TMS RA is outside the scope of the evaluation.\nSecurity Management - The TOE provides management functions such as token management (name change, PIN change, unblock token) and object management (view object, export/import object).",
"status": "Archive",
"target_link": "https://iscb.cybersecurity.my/resources/document/mycc/mycpr/C051/SecureMetric%20ST3%20Ace%20Security%20Target%20v1.1.pdf",
"type": "PKI-related security solutions that provides secure storage to store digital certificate(s) and cryptographic keys."
},
"expiration_date": "20-12-2018",
"level": "EAL2",
"product": "ST3 Ace (ST3 Ace Token Manager v1.0.13.927, ST3 Ace Middleware v1.0.13.910, and SecureCOS Firmware v5.2)",
"recognition": "MyCC",
"url": "https://iscb.cybersecurity.my/index.php/certification/product-certification/mycc/archived-certified-products-and-systems/submission-view/85"
},
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": []
},
"manufacturer": "SecureMetric Technology Sdn Bhd",
"manufacturer_web": "https://www.securemetric.com/",
"name": "ST3 Ace (ST3 Ace Token Manager v1.0.13.927, ST3 Ace Middleware v1.0.13.910, and SecureCOS Firmware v5.2)",
"not_valid_after": "2018-12-20",
"not_valid_before": "2013-12-20",
"pdf_data": {
"_type": "sec_certs.sample.cc.CCCertificate.PdfData",
"cert_filename": null,
"cert_frontpage": null,
"cert_keywords": null,
"cert_metadata": null,
"report_filename": "ISCB-5-RPT-C051-CR-v1a.pdf",
"report_frontpage": {},
"report_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {
"MY": {
"ISCB-5-RPT-C051-CR-v1a": 29
}
},
"cc_claims": {},
"cc_protection_profile_id": {},
"cc_sar": {},
"cc_security_level": {
"EAL": {
"EAL 2": 2,
"EAL2": 7
}
},
"cc_sfr": {
"FCS": {
"FCS_CKM": 2,
"FCS_CKM.4.1": 1,
"FCS_COP": 4
},
"FIA": {
"FIA_AFL.1.1": 1,
"FIA_ATD.1.1": 1,
"FIA_UAU.2.1": 1
},
"FMT": {
"FMT_SMF.1.1": 1,
"FMT_SMR.1.1": 1,
"FMT_SMR.1.2": 1
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 2
},
"ECB": {
"ECB": 1
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {
"MD": {
"MD5": {
"MD5": 5
}
},
"SHA": {
"SHA1": {
"SHA-1": 5
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 180-2": 3,
"FIPS 46-3": 2
},
"ISO": {
"ISO/IEC 18045": 2,
"ISO/IEC15408": 2
},
"PKCS": {
"PKCS#11": 14
}
},
"symmetric_crypto": {
"DES": {
"3DES": {
"3DES": 4,
"TDES": 6
},
"DES": {
"DES": 1
}
}
},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"report_metadata": {
"/Author": "ISCB Department",
"/Category": "PUBLIC",
"/Caveat": "FINAL",
"/Classification": "PUBLIC",
"/Company": "CyberSecurity Malaysia",
"/CreationDate": "D:20131220170040+08\u002700\u0027",
"/Creator": "Acrobat PDFMaker 10.1 for Word",
"/Developer": "SecureMetric Technology Sdn Bhd",
"/Document Type": "CR",
"/Identifier": "ISCB-5-RPT-C051-CR-v1a",
"/Index": "MyCB_TMP_002",
"/Keywords": "ST3 Ace",
"/ModDate": "D:20131220170049+08\u002700\u0027",
"/Phase": "Release",
"/Producer": "Adobe PDF Library 10.0",
"/Project Code": "C051",
"/Released": "20 December 2013",
"/ST Date": "21 November 2013",
"/ST Title": "ST3 Ace Security Target",
"/ST Version": "1.1",
"/SourceModified": "D:20131220090019",
"/Sponsor": "SecureMetric Technology Sdn Bhd",
"/Subject": "ST3 Ace (ST3 Ace Token Manager v1.0.13.927, ST3 Ace Middleware v1.0.13.910, and SecureCOS Firmware v5.2)",
"/TOE Name": "ST3 Ace",
"/TOE Version": "ST3 Ace Token Manager (v1.0.13.927), ST3 Ace Middleware (v1.0.13.910), SecureCOS Firmware (v5.2)",
"/Title": "C051 Certification Report",
"/Version": "v1a",
"pdf_file_size_bytes": 421845,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"mailto:[email protected]",
"http://www.commoncriteriaportal.org/",
"http://www.cybersecurity.my/mycc"
]
},
"pdf_is_encrypted": true,
"pdf_number_of_pages": 29
},
"st_filename": "SecureMetric ST3 Ace Security Target v1.1.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {},
"cc_claims": {
"A": {
"A.HOST": 2,
"A.USER": 3
},
"O": {
"O.AUTHENTICATE": 5,
"O.CRYPT": 4,
"O.DISCLOSURE": 1,
"O.KEYPROTECT": 3,
"O.MODIFY": 4
},
"OE": {
"OE.AUTHDATA": 3,
"OE.INSTALL": 3
},
"T": {
"T.COMINT": 3,
"T.DISCLOSURE": 2,
"T.IMPERSON": 3,
"T.MODIFY": 2
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"ADV": {
"ADV_ARC.1": 1,
"ADV_FSP.2": 1,
"ADV_TDS.1": 1
},
"AGD": {
"AGD_OPE.1": 1,
"AGD_PRE.1": 1
},
"ALC": {
"ALC_CMC.2": 1,
"ALC_CMS.2": 1,
"ALC_DEL.1": 1
},
"ASE": {
"ASE_CCL.1": 4,
"ASE_ECD.1": 1,
"ASE_INT.1": 4,
"ASE_OBJ.2": 4,
"ASE_REQ.2": 4,
"ASE_SPD.1": 4,
"ASE_TSS.1": 4
},
"ATE": {
"ATE_COV.1": 1,
"ATE_FUN.1": 1,
"ATE_IND.2": 1
},
"AVA": {
"AVA_VAN.2": 1
}
},
"cc_security_level": {
"EAL": {
"EAL2": 9
}
},
"cc_sfr": {
"FCS": {
"FCS_CKM": 15,
"FCS_CKM.1": 11,
"FCS_CKM.2": 4,
"FCS_CKM.4": 21,
"FCS_CKM.4.1": 1,
"FCS_COP": 25,
"FCS_COP.1": 5
},
"FDP": {
"FDP_IFF": 2,
"FDP_ITC.1": 10,
"FDP_ITC.2": 10
},
"FIA": {
"FIA_AFL.1": 6,
"FIA_AFL.1.1": 1,
"FIA_AFL.1.2": 1,
"FIA_ATD.1": 5,
"FIA_ATD.1.1": 1,
"FIA_UAU.1": 1,
"FIA_UAU.2": 7,
"FIA_UAU.2.1": 1,
"FIA_UID.1": 4
},
"FMT": {
"FMT_MTD": 18,
"FMT_MTD.1": 1,
"FMT_SMF.1": 12,
"FMT_SMF.1.1": 1,
"FMT_SMR.1": 15,
"FMT_SMR.1.1": 1,
"FMT_SMR.1.2": 1
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 2
},
"ECB": {
"ECB": 1
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {
"MD": {
"MD5": {
"MD5": 8
}
},
"SHA": {
"SHA1": {
"SHA-1": 5
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 180-2": 3,
"FIPS 46-3": 2
},
"PKCS": {
"PKCS#11": 7
}
},
"symmetric_crypto": {
"DES": {
"3DES": {
"3-DES": 1,
"TDES": 12
},
"DES": {
"DES": 3
}
}
},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Microsoft": {
"Microsoft": 2
}
},
"vulnerability": {}
},
"st_metadata": {
"/Author": "Muzamir Mohamad",
"/Category": "ASE",
"/Company": "BAE Systems Detica",
"/CreationDate": "D:20131121162318+11\u002700\u0027",
"/Creator": "Acrobat PDFMaker 11 for Word",
"/Develop_Fullname": "SecureMetric Technology Sdn Bhd",
"/Developer_Shortname": "SecureMetric",
"/Document_Classification": "COMMERCIAL-IN-CONFIDENCE",
"/Document_ID": "ACE_EAL2_ST",
"/Document_Phase": "Released",
"/Document_Released": "21-NOV-13",
"/Document_Version": "1.1",
"/Evaluation_CC": "3.1 (REV 4)",
"/Evaluation_EAL": "EAL2",
"/ModDate": "D:20131121162537+11\u002700\u0027",
"/Producer": "Adobe PDF Library 11.0",
"/Product_Fullname": "ST3 Ace",
"/Product_Shortname": "ST3 Ace",
"/Product_Version": "ST3_Manager.exe v1.0.13.0927, st3csp11.dll \u0026 st3csp11_s.dll v1.0.13.0910 and SecureCOS firmware v5.2",
"/SourceModified": "D:20131121044244",
"/Subject": "ST3 Ace",
"/TOE_Title": "ST3 Ace",
"/TOE_Version": "ST3 Ace Token Manager v1.0.13.927, ST3 Ace Middleware v1.0.13.910 and SecureCOS Firmware v5.2",
"/Title": "ST3 Ace Security Target",
"pdf_file_size_bytes": 381558,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://en.wikipedia.org/wiki/Password",
"http://en.wikipedia.org/wiki/Secure_Hash_Algorithm",
"http://en.wikipedia.org/wiki/National_Institute_of_Standards_and_Technology",
"http://en.wikipedia.org/wiki/National_Security_Agency",
"http://en.wikipedia.org/wiki/Federal_Information_Processing_Standard",
"http://en.wikipedia.org/wiki/Bit",
"http://en.wikipedia.org/wiki/Cryptographic_hash_function",
"http://en.wikipedia.org/wiki/XOR"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 32
}
},
"protection_profiles": {
"_type": "Set",
"elements": []
},
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ISCB-5-RPT-C051-CR-v1a.pdf",
"scheme": "MY",
"security_level": {
"_type": "Set",
"elements": [
"EAL2"
]
},
"st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/SecureMetric%20ST3%20Ace%20Security%20Target%20v1.1.pdf",
"state": {
"_type": "sec_certs.sample.cc.CCCertificate.InternalState",
"cert": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": false,
"download_ok": false,
"extract_ok": false,
"pdf_hash": null,
"txt_hash": null
},
"report": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "cae4c4f17ce80a6a2cefd69e11ab3912560b7e4d095b0a76c504bc416a65168a",
"txt_hash": "c17419bda46cbef41324c78216f21b20638c44d33fe18343c35625a46b9fc69d"
},
"st": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "d7b7be846d8dbe8dd99e7ad2a3f55b5590d581d9c635d95ce5d5be197270088c",
"txt_hash": "a8073ce6cc36823d5544997df1551c39a38be5de5a8ae95461abb7a3f582d8e7"
}
},
"status": "archived"
}