This page was not yet optimized for use on mobile devices.
genuscreen 7.0
CSV information ?
| Status | active |
|---|---|
| Valid from | 18.08.2020 |
| Valid until | 17.08.2025 |
| Scheme | 🇩🇪 DE |
| Manufacturer | genua GmbH |
| Category | Boundary Protection Devices and Systems |
| Security level | ALC_FLR.2, AVA_VAN.4, ASE_TSS.2, EAL4+ |
Heuristics summary ?
Certificate ID: BSI-DSZ-CC-1142-2020
Certificate ?
Extracted keywords
Security level
EAL 4, EAL 5, EAL 2, EAL 4 augmentedSecurity Assurance Requirements (SAR)
ALC_FLR.2, ALC_FLR, AVA_VAN.4, ASE_TSS.2Certificates
BSI-DSZ-CC-1142-2020Standards
ISO/IEC 15408, ISO/IEC 18045File metadata
| Title | Certification Report BSI-DSZ-CC-1142-2020 |
|---|---|
| Subject | BSI-DSZ-CC-1142-2020 for genuscreen 7.0 from genua GmbH |
| Keywords | "Common Criteria, Certification, Zertifizierung" |
| Author | Bundesamt für Sicherheit in der Informationstechnik |
| Creation date | D:20200826080252+02'00' |
| Modification date | D:20200828100319+02'00' |
| Pages | 1 |
| Creator | Writer |
| Producer | LibreOffice 6.2 |
Certification report ?
Extracted keywords
Symmetric Algorithms
HMACAsymmetric Algorithms
DHHash functions
SHA256, SHA512Schemes
Key ExchangeProtocols
SSH, IKE, IPsec, VPNRandomness
RNGBlock cipher modes
CBCSecurity level
EAL 4, EAL 5, EAL 2, EAL 1, EAL 2+, EAL 5+, EAL 6, EAL 4 augmentedClaims
A.PHYSEC, A.INIT, A.NOEVIL, A.SINGEN, A.ADMIN, A.HANET, A.REMOTE_AUTH, A.TIMESTMPSecurity Assurance Requirements (SAR)
ALC_FLR.2, ALC_FLR, AVA_VAN.4, ASE_TSS.2Certificates
BSI-DSZ-CC-1142-2020, BSI-DSZ-CC-1085-2019Evaluation facilities
secuveraCertification process
out of scope, The genucenter must be operated on real hardware. Running the genucenter in a virtual machine is out of scope for this TOE. The Security Target [6] is the basis for this certification. It is not based on a, components were installed on physical hardware, the installation of the TOE on virtual machines is out of scope of the evaluated configuration. For the operational configuration the firewall appliances and the, VPN, IKEv2/MOBIKE VPN, Dynamic Routing, genucenter HA, Remote Maintenance, genucenter REST API) are out of scope of the evaluated configuration. All information contained in the Security Target [6] and the, being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, for genuscreen 7.0 from genua GmbH, Version 2, Date: 05.08.2020, secuvera GmbH (confidential document) [8] Guidance documentation for the TOE, genucenter Installations- und KonfigurationshandbuchCertification process
out of scope, The genucenter must be operated on real hardware. Running the genucenter in a virtual machine is out of scope for this TOE. The Security Target [6] is the basis for this certification. It is not based on a, components were installed on physical hardware, the installation of the TOE on virtual machines is out of scope of the evaluated configuration. For the operational configuration the firewall appliances and the, VPN, IKEv2/MOBIKE VPN, Dynamic Routing, genucenter HA, Remote Maintenance, genucenter REST API) are out of scope of the evaluated configuration. All information contained in the Security Target [6] and the, being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, for genuscreen 7.0 from genua GmbH, Version 2, Date: 05.08.2020, secuvera GmbH (confidential document) [8] Guidance documentation for the TOE, genucenter Installations- und KonfigurationshandbuchStandards
AIS20, AIS 20, AIS 32, AIS 34, AIS 38, ISO/IEC 15408, ISO/IEC 18045, ISO/IEC 17065Technical reports
BSI TR-02102, BSI 7148File metadata
| Title | Certification Report BSI-DSZ-CC-1142-2020 |
|---|---|
| Subject | BSI-DSZ-CC-1142-2020 for genuscreen 7.0 from genua GmbH |
| Keywords | "Common Criteria, Certification, Zertifizierung" |
| Author | Bundesamt für Sicherheit in der Informationstechnik |
| Creation date | D:20200826080252+02'00' |
| Modification date | D:20200826154915+02'00' |
| Pages | 27 |
| Creator | Writer |
| Producer | LibreOffice 6.2 |
Frontpage
| Certificate ID | BSI-DSZ-CC-1142-2020 |
|---|---|
| Certified item | genuscreen 7.0 |
| Certification lab | BSI |
| Developer | genua GmbH |
References
Incoming- BSI-DSZ-CC-1194-2023 - active - genuscreen 8.0
Security target ?
Extracted keywords
Symmetric Algorithms
AES, HMAC, HMAC-SHA-256Asymmetric Algorithms
ECDH, ECC, Diffie-Hellman, DHHash functions
SHA256, SHA-256, SHA-512Schemes
MAC, Key ExchangeProtocols
SSH, TLS, IKEv2, IKEv1, IKE, IPsec, VPNRandomness
RNGLibraries
OpenSSL, LibreSSLBlock cipher modes
CBC, CTRSecurity level
EAL4, EAL4 augmentedClaims
O.AUTH, O.MEDIAT, O.CONFID, O.INTEG, O.NOREPLAY, O.AUDREC, O.AVAIL, T.NOAUTH, T.SNIFF, T.SELPRO, T.MEDIAT, T.MSNIFF, T.MODIFY, T.MMODIFY, A.PHYSEC, A.INIT, A.NOEVIL, A.SINGEN, A.TIMESTMP, A.ADMIN, A.HANET, A.REMOTE_AUTH, OE.PHYSEC, OE.INIT, OE.NOEVIL, OE.SINGEN, OE.TIMESTMP, OE.ADMIN, OE.HANET, OE.REMOTE_AUTHSecurity Assurance Requirements (SAR)
ADV_INT, ADV_SPM, ADV_ARC, ADV_FSP, ADV_IMP, ADV_TDS, ADV_ARC.1, ADV_TDS.1, ADV_FSP.4, ADV_IMP.1, ADV_TAT.1, ADV_TDS.3, ADV_FSP.1, ADV_FSP.2, ADV_TDS.2, AGD_OPE, AGD_PRE, AGD_OPE.1, AGD_PRE.1, ALC_FLR.2, ALC_CMC, ALC_CMS, ALC_DEL, ALC_DVS, ALC_FLR, ALC_LCD, ALC_TAT, ALC_CMC.4, ALC_DVS.1, ALC_LCD.1, ALC_CMS.4, ALC_DEL.1, ALC_TAT.1, ATE_COV, ATE_DPT, ATE_FUN, ATE_IND, ATE_COV.2, ATE_FUN.1, ATE_DPT.1, ATE_IND.2, ATE_COV.1, AVA_VAN.4, AVA_VAN, ASE_TSS.2, ASE_CCL, ASE_ECD, ASE_INT, ASE_OBJ, ASE_REQ, ASE_SPD, ASE_TSS, ASE_CCL.1, ASE_ECD.1, ASE_REQ.1, ASE_INT.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1Security Functional Requirements (SFR)
FAU_GEN, FAU_GEN.1, FAU_GEN.2, FAU_SAR, FAU_SAR.1, FAU_SAR.3, FCS_RNG, FCS_RNG.1, FCS_RNG.1.1, FCS_RNG.1.2, FCS_COP, FCS_COP.1, FCS_CKM, FCS_CKM.4, FCS_CKM.1, FDP_IFC, FDP_IFC.1, FDP_IFF, FDP_IFF.1, FDP_IFC.2, FDP_ITT, FDP_ITT.1, FIA_ATD, FIA_ATD.1, FIA_SOS, FIA_SOS.1, FIA_UAU, FIA_UAU.2, FIA_UAU.6, FIA_UID, FIA_UID.2, FIA_UID.1, FMT_MSA, FMT_MSA.1, FMT_MSA.3, FMT_SMF, FMT_SMF.1, FMT_MSA.2, FMT_MOF, FMT_MOF.1, FMT_SMR, FMT_SMR.1, FPT_STM.1, FPT_ITT, FPT_ITT.1, FPT_TEE, FPT_TEE.1, FPT_TRC, FPT_TRC.1.1, FPT_TRC.1.2, FPT_TRC.1, FTP_STM.1Certification process
out of scope, and genucenter versions 200, 400, 600 and 800 in the field with hardware revision 6 and 7 which are out of scope for the current certification. The software genuscreen 7.0 runs on this hardware with the same, hardware has not been evaluated. Also, operating the genucenter software on a virtual machine is out of scope for this certification. If the virtual genucenter is used, the end user has to ensure that all, cryptocard to perform cryptographic operations for IPsec usage. However, usage of the cryptocard is out of scope for this TOE. 1.4.10.2 No VPN to Other Appliances or Mobile Clients It is possible to build VPN, 1.4.10.5 No Dynamic Routing The dynamic routing feature which uses OSPF only works with IPv4 and is out of scope for this TOE. 1.4.10.6 No genucenter HA While the HA setup for the genuscreens is part of the, the HA setup for genucenter is out of scope. 1.4.10.7 No Remote Maintenance The remote maintenance feature using a rendezvous genuscreen, is out of scope. 1.4.10.8 No genucenter Rest API The genucenter REST API is out of scope and must not be used. 1.4.11 Physical Scope The physical scope of the TOE consists only of softwareCertification process
out of scope, and genucenter versions 200, 400, 600 and 800 in the field with hardware revision 6 and 7 which are out of scope for the current certification. The software genuscreen 7.0 runs on this hardware with the same, hardware has not been evaluated. Also, operating the genucenter software on a virtual machine is out of scope for this certification. If the virtual genucenter is used, the end user has to ensure that all, cryptocard to perform cryptographic operations for IPsec usage. However, usage of the cryptocard is out of scope for this TOE. 1.4.10.2 No VPN to Other Appliances or Mobile Clients It is possible to build VPN, 1.4.10.5 No Dynamic Routing The dynamic routing feature which uses OSPF only works with IPv4 and is out of scope for this TOE. 1.4.10.6 No genucenter HA While the HA setup for the genuscreens is part of the, the HA setup for genucenter is out of scope. 1.4.10.7 No Remote Maintenance The remote maintenance feature using a rendezvous genuscreen, is out of scope. 1.4.10.8 No genucenter Rest API The genucenter REST API is out of scope and must not be used. 1.4.11 Physical Scope The physical scope of the TOE consists only of softwareStandards
FIPS180-4, PKCS#1, AIS20, AIS31, AIS 20, AIS 31, RFC2409, RFC3526, RFC2104, RFC5639, RFC4418, RFC2460, RFC4253, RFC3502, RFC4301, RFC4432, RFC5656, RFC4344, RFC 2460, RFC 2409, RFC 4306, RFC 4109, RFC 3447, RFC 3526, RFC 2104, RFC 6151, RFC 4418, RFC 5639, RFC 4253, RFC 6668, CCMB-2017-04-001, CCMB-2017-04-002, CCMB-2012-04-003Technical reports
BSI TR-02102, BSI TR-02102-1, BSI TR-02102-2, BSI TR-02102-3, BSI TR-02102-4File metadata
| Title | genuscreen 7.0 Security Target |
|---|---|
| Subject | Common Criteria certification |
| Keywords | firewall |
| Author | genua GmbH |
| Creation date | D:20200717120845+02'00' |
| Modification date | D:20200717120845+02'00' |
| Pages | 71 |
| Creator | LaTeX with hyperref |
| Producer | pdfTeX-1.40.20 |
Heuristics ?
Certificate ID: BSI-DSZ-CC-1142-2020
Extracted SARs
ALC_FLR.2, ALC_TAT.1, ADV_TDS.3, ALC_DVS.1, ALC_CMC.4, ADV_TAT.1, ASE_CCL.1, ALC_LCD.1, ATE_COV.2, ATE_FUN.1, ALC_CMS.4, ATE_DPT.1, AGD_OPE.1, ASE_OBJ.2, ALC_DEL.1, ATE_IND.2, AVA_VAN.4, ADV_IMP.1, ASE_INT.1, ASE_REQ.2, ADV_ARC.1, AGD_PRE.1, ASE_ECD.1, ASE_TSS.2, ASE_SPD.1, ADV_FSP.4References ?
Updates ?
-
22.08.2024 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The st property was updated, with the
{'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': 'a2ae857248933bdb010cbea74937a57df42a6bd6fff12cae0906d86d30f68ba6', 'txt_hash': '04c792eb547f9955e2d088d196bbc2cc349f9e09a8b1849d2b28f041ed7ccb63'}data. - The cert property was updated, with the
{'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': 'c85350fb2baf096bfe6caaa949e7c85dd426e4883ee0b7e7f254c57fd3170956', 'txt_hash': 'bc4e84826fd365bf8ad697740e0b55331e224175eab7e3d4b3554abbfa2eae02'}data.
The PDF extraction data was updated.
- The st_metadata property was set to
{'pdf_file_size_bytes': 1010308, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 71, '/Author': 'genua GmbH', '/Producer': 'pdfTeX-1.40.20', '/Creator': 'LaTeX with hyperref', '/Trapped': '/False', '/ModDate': "D:20200717120845+02'00'", '/Keywords': 'firewall', '/PTEX.Fullbanner': 'This is pdfTeX, Version 3.14159265-2.6-1.40.20 (TeX Live 2019) kpathsea version 6.3.1', '/Title': 'genuscreen 7.0 Security Target', '/Subject': 'Common Criteria certification', '/CreationDate': "D:20200717120845+02'00'", 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['http://www.ecc-brainpool.org/download/Domain-parameters.pdf', 'http://www.ietf.org/rfc/rfc4418.txt', 'http://www.ietf.org/rfc/rfc4253.txt', 'http://www.ietf.org/rfc/rfc2460.txt', 'http://www.ietf.org/rfc/rfc2104.txt', 'http://www.ietf.org/rfc/rfc2409.txt', 'https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Interpretationen/AIS_31_pdf.html', 'http://dx.doi.org/10.6028/NIST.FIPS.180-4', 'http://www.ietf.org/rfc/rfc3447.txt', 'http://dx.doi.org/10.6028/NIST.SP.800-38A', 'http://www.ietf.org/rfc/rfc5639.txt', 'https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Interpretationen/AIS_20_pdf.html', 'http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf', 'https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Interpretationen/AIS_31_Functionality_classes_for_random_number_generators_e.pdf?__blob=publicationFile', 'http://dx.doi.org/10.6028/NIST.FIPS.186-4', 'http://www.ietf.org/rfc/rfc3526.txt', 'https://tools.ietf.org/html/draft-miller-secsh-umac-01']}}. - The cert_metadata property was set to
{'pdf_file_size_bytes': 284767, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 1, '/Author': 'Bundesamt für Sicherheit in der Informationstechnik', '/CreationDate': "D:20200826080252+02'00'", '/Creator': 'Writer', '/Keywords': '"Common Criteria, Certification, Zertifizierung"', '/ModDate': "D:20200828100319+02'00'", '/Producer': 'LibreOffice 6.2', '/Subject': 'BSI-DSZ-CC-1142-2020 for genuscreen 7.0 from genua GmbH', '/Title': 'Certification Report BSI-DSZ-CC-1142-2020', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}. - The st_keywords property was set to
{'cc_cert_id': {}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL4': 4, 'EAL4 augmented': 1}}, 'cc_sar': {'ADV': {'ADV_INT': 2, 'ADV_SPM': 2, 'ADV_ARC': 1, 'ADV_FSP': 1, 'ADV_IMP': 1, 'ADV_TDS': 1, 'ADV_ARC.1': 4, 'ADV_TDS.1': 1, 'ADV_FSP.4': 2, 'ADV_IMP.1': 3, 'ADV_TAT.1': 1, 'ADV_TDS.3': 2, 'ADV_FSP.1': 1, 'ADV_FSP.2': 2, 'ADV_TDS.2': 1}, 'AGD': {'AGD_OPE': 1, 'AGD_PRE': 1, 'AGD_OPE.1': 3, 'AGD_PRE.1': 3}, 'ALC': {'ALC_FLR.2': 3, 'ALC_CMC': 1, 'ALC_CMS': 1, 'ALC_DEL': 1, 'ALC_DVS': 1, 'ALC_FLR': 1, 'ALC_LCD': 1, 'ALC_TAT': 1, 'ALC_CMC.4': 1, 'ALC_DVS.1': 2, 'ALC_LCD.1': 2, 'ALC_CMS.4': 1, 'ALC_DEL.1': 1, 'ALC_TAT.1': 1}, 'ATE': {'ATE_COV': 1, 'ATE_DPT': 1, 'ATE_FUN': 1, 'ATE_IND': 1, 'ATE_COV.2': 1, 'ATE_FUN.1': 4, 'ATE_DPT.1': 2, 'ATE_IND.2': 1, 'ATE_COV.1': 1}, 'AVA': {'AVA_VAN.4': 4, 'AVA_VAN': 1}, 'ASE': {'ASE_TSS.2': 4, 'ASE_CCL': 1, 'ASE_ECD': 1, 'ASE_INT': 1, 'ASE_OBJ': 1, 'ASE_REQ': 1, 'ASE_SPD': 1, 'ASE_TSS': 1, 'ASE_CCL.1': 1, 'ASE_ECD.1': 3, 'ASE_REQ.1': 2, 'ASE_INT.1': 1, 'ASE_OBJ.2': 1, 'ASE_REQ.2': 1, 'ASE_SPD.1': 1}}, 'cc_sfr': {'FAU': {'FAU_GEN': 17, 'FAU_GEN.1': 5, 'FAU_GEN.2': 1, 'FAU_SAR': 10, 'FAU_SAR.1': 3, 'FAU_SAR.3': 1}, 'FCS': {'FCS_RNG': 1, 'FCS_RNG.1': 12, 'FCS_RNG.1.1': 2, 'FCS_RNG.1.2': 2, 'FCS_COP': 67, 'FCS_COP.1': 20, 'FCS_CKM': 86, 'FCS_CKM.4': 22, 'FCS_CKM.1': 21}, 'FDP': {'FDP_IFC': 43, 'FDP_IFC.1': 31, 'FDP_IFF': 34, 'FDP_IFF.1': 37, 'FDP_IFC.2': 2, 'FDP_ITT': 21, 'FDP_ITT.1': 3}, 'FIA': {'FIA_ATD': 5, 'FIA_ATD.1': 1, 'FIA_SOS': 5, 'FIA_SOS.1': 1, 'FIA_UAU': 10, 'FIA_UAU.2': 1, 'FIA_UAU.6': 1, 'FIA_UID': 5, 'FIA_UID.2': 2, 'FIA_UID.1': 3}, 'FMT': {'FMT_MSA': 125, 'FMT_MSA.1': 24, 'FMT_MSA.3': 18, 'FMT_SMF': 39, 'FMT_SMF.1': 22, 'FMT_MSA.2': 3, 'FMT_MOF': 5, 'FMT_MOF.1': 1, 'FMT_SMR': 6, 'FMT_SMR.1': 25}, 'FPT': {'FPT_STM.1': 3, 'FPT_ITT': 7, 'FPT_ITT.1': 3, 'FPT_TEE': 7, 'FPT_TEE.1': 2, 'FPT_TRC': 5, 'FPT_TRC.1.1': 1, 'FPT_TRC.1.2': 1, 'FPT_TRC.1': 1}, 'FTP': {'FTP_STM.1': 1}}, 'cc_claims': {'O': {'O.AUTH': 11, 'O.MEDIAT': 4, 'O.CONFID': 11, 'O.INTEG': 8, 'O.NOREPLAY': 11, 'O.AUDREC': 5, 'O.AVAIL': 7}, 'T': {'T.NOAUTH': 3, 'T.SNIFF': 3, 'T.SELPRO': 3, 'T.MEDIAT': 3, 'T.MSNIFF': 3, 'T.MODIFY': 3, 'T.MMODIFY': 3}, 'A': {'A.PHYSEC': 3, 'A.INIT': 3, 'A.NOEVIL': 3, 'A.SINGEN': 4, 'A.TIMESTMP': 3, 'A.ADMIN': 3, 'A.HANET': 2, 'A.REMOTE_AUTH': 2}, 'OE': {'OE.PHYSEC': 4, 'OE.INIT': 7, 'OE.NOEVIL': 3, 'OE.SINGEN': 4, 'OE.TIMESTMP': 5, 'OE.ADMIN': 2, 'OE.HANET': 4, 'OE.REMOTE_AUTH': 1}}, 'vendor': {}, 'eval_facility': {}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 13}}, 'constructions': {'MAC': {'HMAC': 4, 'HMAC-SHA-256': 1}}}, 'asymmetric_crypto': {'ECC': {'ECDH': {'ECDH': 2}, 'ECC': {'ECC': 3}}, 'FF': {'DH': {'Diffie-Hellman': 6, 'DH': 2}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA2': {'SHA256': 3, 'SHA-256': 5, 'SHA-512': 3}}}, 'crypto_scheme': {'MAC': {'MAC': 2}, 'KEX': {'Key Exchange': 5}}, 'crypto_protocol': {'SSH': {'SSH': 111}, 'TLS': {'TLS': {'TLS': 3}}, 'IKE': {'IKEv2': 6, 'IKEv1': 7, 'IKE': 82}, 'IPsec': {'IPsec': 37}, 'VPN': {'VPN': 20}}, 'randomness': {'RNG': {'RNG': 5}}, 'cipher_mode': {'CBC': {'CBC': 6}, 'CTR': {'CTR': 5}}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {'OpenSSL': {'OpenSSL': 1}, 'LibreSSL': {'LibreSSL': 1}}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {'BSI': {'BSI TR-02102': 2, 'BSI TR-02102-1': 2, 'BSI TR-02102-2': 2, 'BSI TR-02102-3': 2, 'BSI TR-02102-4': 2}}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS180-4': 2}, 'PKCS': {'PKCS#1': 9}, 'BSI': {'AIS20': 2, 'AIS31': 1, 'AIS 20': 2, 'AIS 31': 2}, 'RFC': {'RFC2409': 9, 'RFC3526': 4, 'RFC2104': 6, 'RFC5639': 3, 'RFC4418': 4, 'RFC2460': 1, 'RFC4253': 3, 'RFC3502': 1, 'RFC4301': 1, 'RFC4432': 1, 'RFC5656': 1, 'RFC4344': 1, 'RFC 2460': 1, 'RFC 2409': 1, 'RFC 4306': 1, 'RFC 4109': 1, 'RFC 3447': 1, 'RFC 3526': 1, 'RFC 2104': 1, 'RFC 6151': 1, 'RFC 4418': 1, 'RFC 5639': 1, 'RFC 4253': 1, 'RFC 6668': 1}, 'CC': {'CCMB-2017-04-001': 1, 'CCMB-2017-04-002': 1, 'CCMB-2012-04-003': 1}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'OutOfScope': {'out of scope': 7, 'and genucenter versions 200, 400, 600 and 800 in the field with hardware revision 6 and 7 which are out of scope for the current certification. The software genuscreen 7.0 runs on this hardware with the same': 1, 'hardware has not been evaluated. Also, operating the genucenter software on a virtual machine is out of scope for this certification. If the virtual genucenter is used, the end user has to ensure that all': 1, 'cryptocard to perform cryptographic operations for IPsec usage. However, usage of the cryptocard is out of scope for this TOE. 1.4.10.2 No VPN to Other Appliances or Mobile Clients It is possible to build VPN': 1, '1.4.10.5 No Dynamic Routing The dynamic routing feature which uses OSPF only works with IPv4 and is out of scope for this TOE. 1.4.10.6 No genucenter HA While the HA setup for the genuscreens is part of the': 1, 'the HA setup for genucenter is out of scope. 1.4.10.7 No Remote Maintenance The remote maintenance feature using a rendezvous genuscreen': 1, 'is out of scope. 1.4.10.8 No genucenter Rest API The genucenter REST API is out of scope and must not be used. 1.4.11 Physical Scope The physical scope of the TOE consists only of software': 1}}}. - The cert_keywords property was set to
{'cc_cert_id': {'DE': {'BSI-DSZ-CC-1142-2020': 1}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL 4': 2, 'EAL 5': 1, 'EAL 2': 1, 'EAL 4 augmented': 1}}, 'cc_sar': {'ALC': {'ALC_FLR.2': 1, 'ALC_FLR': 1}, 'AVA': {'AVA_VAN.4': 1}, 'ASE': {'ASE_TSS.2': 1}}, 'cc_sfr': {}, 'cc_claims': {}, 'vendor': {}, 'eval_facility': {}, 'symmetric_crypto': {}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {}, 'crypto_scheme': {}, 'crypto_protocol': {}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'ISO': {'ISO/IEC 15408': 2, 'ISO/IEC 18045': 2}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}. - The st_filename property was set to
1142b_pdf.pdf. - The cert_filename property was set to
1142c_pdf.pdf.
The computed heuristics were updated.
- The extracted_sars property was updated, with the
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_TAT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DVS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TAT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_DPT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 4}]}values added.
- The st property was updated, with the
-
17.08.2024 The certificate data changed.
Certificate changed
The report_link was updated.
- The new value is
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1142a_pdf.pdf.
The st_link was updated.
- The new value is
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1142b_pdf.pdf.
The state of the certificate object was updated.
- The report property was updated, with the
{'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '4d53b348e09cdc04c57bd2a28e090c0d047ce7c850bd86ea71c66122bbeacf37', 'txt_hash': 'b01b1f50e1a26e783559584485ffd0db0afdaf8fce083bb3c76fb1c3b9704962'}data. - The cert property was updated, with the
{'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None}data.
The PDF extraction data was updated.
- The report_metadata property was set to
{'pdf_file_size_bytes': 432163, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 27, '/Author': 'Bundesamt für Sicherheit in der Informationstechnik', '/CreationDate': "D:20200826080252+02'00'", '/Creator': 'Writer', '/Keywords': '"Common Criteria, Certification, Zertifizierung"', '/ModDate': "D:20200826154915+02'00'", '/Producer': 'LibreOffice 6.2', '/Subject': 'BSI-DSZ-CC-1142-2020 for genuscreen 7.0 from genua GmbH', '/Title': 'Certification Report BSI-DSZ-CC-1142-2020', 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['https://www.bsi.bund.de/zertifizierung', 'https://www.bsi.bund.de/AIS', 'https://www.bsi.bund.de/', 'https://www.sogis.eu/', 'http://www.commoncriteriaportal.org/', 'http://www.commoncriteriaportal.org/cc/', 'https://www.bsi.bund.de/zertifizierungsreporte']}}. - The cert_metadata property was set to
None. - The report_frontpage property was set to
{'DE': {'match_rules': ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)'], 'cert_id': 'BSI-DSZ-CC-1142-2020', 'cert_item': 'genuscreen 7.0', 'developer': 'genua GmbH', 'cert_lab': 'BSI', 'ref_protection_profiles': 'None', 'cc_version': 'Product specific Security Target, Common Criteria Part 2 extended', 'cc_security_level': 'Common Criteria Part 3 extended EAL 4 augmented by ALC_FLR.2, ASE_TSS.2 and AVA_VAN.4'}}. - The report_keywords property was set to
{'cc_cert_id': {'DE': {'BSI-DSZ-CC-1142-2020': 15, 'BSI-DSZ-CC-1085-2019': 3}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL 4': 8, 'EAL 5': 3, 'EAL 2': 2, 'EAL 1': 1, 'EAL 2+': 1, 'EAL 5+': 1, 'EAL 6': 1, 'EAL 4 augmented': 3}}, 'cc_sar': {'ALC': {'ALC_FLR.2': 5, 'ALC_FLR': 3}, 'AVA': {'AVA_VAN.4': 5}, 'ASE': {'ASE_TSS.2': 5}}, 'cc_sfr': {}, 'cc_claims': {'A': {'A.PHYSEC': 4, 'A.INIT': 3, 'A.NOEVIL': 3, 'A.SINGEN': 3, 'A.ADMIN': 3, 'A.HANET': 3, 'A.REMOTE_AUTH': 3, 'A.TIMESTMP': 2}}, 'vendor': {}, 'eval_facility': {'secuvera': {'secuvera': 3}}, 'symmetric_crypto': {'constructions': {'MAC': {'HMAC': 1}}}, 'asymmetric_crypto': {'FF': {'DH': {'DH': 1}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA2': {'SHA256': 5, 'SHA512': 5}}}, 'crypto_scheme': {'KEX': {'Key Exchange': 1}}, 'crypto_protocol': {'SSH': {'SSH': 5}, 'IKE': {'IKE': 1}, 'IPsec': {'IPsec': 7}, 'VPN': {'VPN': 7}}, 'randomness': {'RNG': {'RNG': 2}}, 'cipher_mode': {'CBC': {'CBC': 1}}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {'BSI': {'BSI TR-02102': 1, 'BSI 7148': 1}}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'BSI': {'AIS20': 2, 'AIS 20': 2, 'AIS 32': 1, 'AIS 34': 1, 'AIS 38': 1}, 'ISO': {'ISO/IEC 15408': 4, 'ISO/IEC 18045': 4, 'ISO/IEC 17065': 2}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'OutOfScope': {'out of scope': 3, 'The genucenter must be operated on real hardware. Running the genucenter in a virtual machine is out of scope for this TOE. The Security Target [6] is the basis for this certification. It is not based on a': 1, 'components were installed on physical hardware, the installation of the TOE on virtual machines is out of scope of the evaluated configuration. For the operational configuration the firewall appliances and the': 1, 'VPN, IKEv2/MOBIKE VPN, Dynamic Routing, genucenter HA, Remote Maintenance, genucenter REST API) are out of scope of the evaluated configuration. All information contained in the Security Target [6] and the': 1}, 'ConfidentialDocument': {'being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification': 1, 'for genuscreen 7.0 from genua GmbH, Version 2, Date: 05.08.2020, secuvera GmbH (confidential document) [8] Guidance documentation for the TOE, genucenter Installations- und Konfigurationshandbuch': 1}}}. - The cert_keywords property was set to
None. - The report_filename property was set to
1142a_pdf.pdf. - The cert_filename property was set to
None.
The computed heuristics were updated.
- The cert_lab property was set to
['BSI'].
- The new value is
-
12.08.2024 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The report property was updated, with the
{'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None}data. - The st property was updated, with the
{'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None}data.
The PDF extraction data was updated.
- The report_metadata property was set to
None. - The st_metadata property was set to
None. - The report_frontpage property was set to
None. - The report_keywords property was set to
None. - The st_keywords property was set to
None. - The report_filename property was set to
None. - The st_filename property was set to
None.
The computed heuristics were updated.
- The cert_lab property was set to
None. - The extracted_sars property was updated, with the
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_TAT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DVS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TAT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_DPT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 4}]}values discarded.
- The report property was updated, with the
-
23.07.2024 The certificate was first processed.
New certificate
A new Common Criteria certificate with the product name genuscreen 7.0 was processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "Boundary Protection Devices and Systems",
"cert_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1142c_pdf.pdf",
"dgst": "cb3f4b9ba75d937b",
"heuristics": {
"_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
"annotated_references": null,
"cert_id": "BSI-DSZ-CC-1142-2020",
"cert_lab": [
"BSI"
],
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_DPT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DEL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_FUN",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_REQ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_CCL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_PRE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_ECD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DVS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_IND",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_COV",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_OBJ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMC",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_OPE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_TAT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_TSS",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_LCD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_INT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_SPD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_TAT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_ARC",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_TDS",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_IMP",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_FLR",
"level": 2
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"7.0"
]
},
"indirect_transitive_cves": null,
"related_cves": null,
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-1194-2023"
]
},
"directly_referencing": null,
"indirectly_referenced_by": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-1194-2023"
]
},
"indirectly_referencing": null
},
"scheme_data": null,
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": []
},
"manufacturer": "genua GmbH",
"manufacturer_web": "https://www.genua.de",
"name": "genuscreen 7.0",
"not_valid_after": "2025-08-17",
"not_valid_before": "2020-08-18",
"pdf_data": {
"_type": "sec_certs.sample.cc.CCCertificate.PdfData",
"cert_filename": "1142c_pdf.pdf",
"cert_frontpage": null,
"cert_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-1142-2020": 1
}
},
"cc_claims": {},
"cc_protection_profile_id": {},
"cc_sar": {
"ALC": {
"ALC_FLR": 1,
"ALC_FLR.2": 1
},
"ASE": {
"ASE_TSS.2": 1
},
"AVA": {
"AVA_VAN.4": 1
}
},
"cc_security_level": {
"EAL": {
"EAL 2": 1,
"EAL 4": 2,
"EAL 4 augmented": 1,
"EAL 5": 1
}
},
"cc_sfr": {},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"ISO": {
"ISO/IEC 15408": 2,
"ISO/IEC 18045": 2
}
},
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"cert_metadata": {
"/Author": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"/CreationDate": "D:20200826080252+02\u002700\u0027",
"/Creator": "Writer",
"/Keywords": "\"Common Criteria, Certification, Zertifizierung\"",
"/ModDate": "D:20200828100319+02\u002700\u0027",
"/Producer": "LibreOffice 6.2",
"/Subject": "BSI-DSZ-CC-1142-2020 for genuscreen 7.0 from genua GmbH",
"/Title": "Certification Report BSI-DSZ-CC-1142-2020",
"pdf_file_size_bytes": 284767,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 1
},
"report_filename": "1142a_pdf.pdf",
"report_frontpage": {
"DE": {
"cc_security_level": "Common Criteria Part 3 extended EAL 4 augmented by ALC_FLR.2, ASE_TSS.2 and AVA_VAN.4",
"cc_version": "Product specific Security Target, Common Criteria Part 2 extended",
"cert_id": "BSI-DSZ-CC-1142-2020",
"cert_item": "genuscreen 7.0",
"cert_lab": "BSI",
"developer": "genua GmbH",
"match_rules": [
"(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)"
],
"ref_protection_profiles": "None"
}
},
"report_keywords": {
"asymmetric_crypto": {
"FF": {
"DH": {
"DH": 1
}
}
},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-1085-2019": 3,
"BSI-DSZ-CC-1142-2020": 15
}
},
"cc_claims": {
"A": {
"A.ADMIN": 3,
"A.HANET": 3,
"A.INIT": 3,
"A.NOEVIL": 3,
"A.PHYSEC": 4,
"A.REMOTE_AUTH": 3,
"A.SINGEN": 3,
"A.TIMESTMP": 2
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"ALC": {
"ALC_FLR": 3,
"ALC_FLR.2": 5
},
"ASE": {
"ASE_TSS.2": 5
},
"AVA": {
"AVA_VAN.4": 5
}
},
"cc_security_level": {
"EAL": {
"EAL 1": 1,
"EAL 2": 2,
"EAL 2+": 1,
"EAL 4": 8,
"EAL 4 augmented": 3,
"EAL 5": 3,
"EAL 5+": 1,
"EAL 6": 1
}
},
"cc_sfr": {},
"certification_process": {
"ConfidentialDocument": {
"being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification": 1,
"for genuscreen 7.0 from genua GmbH, Version 2, Date: 05.08.2020, secuvera GmbH (confidential document) [8] Guidance documentation for the TOE, genucenter Installations- und Konfigurationshandbuch": 1
},
"OutOfScope": {
"The genucenter must be operated on real hardware. Running the genucenter in a virtual machine is out of scope for this TOE. The Security Target [6] is the basis for this certification. It is not based on a": 1,
"VPN, IKEv2/MOBIKE VPN, Dynamic Routing, genucenter HA, Remote Maintenance, genucenter REST API) are out of scope of the evaluated configuration. All information contained in the Security Target [6] and the": 1,
"components were installed on physical hardware, the installation of the TOE on virtual machines is out of scope of the evaluated configuration. For the operational configuration the firewall appliances and the": 1,
"out of scope": 3
}
},
"cipher_mode": {
"CBC": {
"CBC": 1
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 1
},
"IPsec": {
"IPsec": 7
},
"SSH": {
"SSH": 5
},
"VPN": {
"VPN": 7
}
},
"crypto_scheme": {
"KEX": {
"Key Exchange": 1
}
},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"secuvera": {
"secuvera": 3
}
},
"hash_function": {
"SHA": {
"SHA2": {
"SHA256": 5,
"SHA512": 5
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"RNG": {
"RNG": 2
}
},
"side_channel_analysis": {},
"standard_id": {
"BSI": {
"AIS 20": 2,
"AIS 32": 1,
"AIS 34": 1,
"AIS 38": 1,
"AIS20": 2
},
"ISO": {
"ISO/IEC 15408": 4,
"ISO/IEC 17065": 2,
"ISO/IEC 18045": 4
}
},
"symmetric_crypto": {
"constructions": {
"MAC": {
"HMAC": 1
}
}
},
"technical_report_id": {
"BSI": {
"BSI 7148": 1,
"BSI TR-02102": 1
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"report_metadata": {
"/Author": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"/CreationDate": "D:20200826080252+02\u002700\u0027",
"/Creator": "Writer",
"/Keywords": "\"Common Criteria, Certification, Zertifizierung\"",
"/ModDate": "D:20200826154915+02\u002700\u0027",
"/Producer": "LibreOffice 6.2",
"/Subject": "BSI-DSZ-CC-1142-2020 for genuscreen 7.0 from genua GmbH",
"/Title": "Certification Report BSI-DSZ-CC-1142-2020",
"pdf_file_size_bytes": 432163,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://www.bsi.bund.de/AIS",
"https://www.bsi.bund.de/zertifizierung",
"http://www.commoncriteriaportal.org/",
"https://www.bsi.bund.de/",
"https://www.bsi.bund.de/zertifizierungsreporte",
"https://www.sogis.eu/",
"http://www.commoncriteriaportal.org/cc/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 27
},
"st_filename": "1142b_pdf.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 3
},
"ECDH": {
"ECDH": 2
}
},
"FF": {
"DH": {
"DH": 2,
"Diffie-Hellman": 6
}
}
},
"cc_cert_id": {},
"cc_claims": {
"A": {
"A.ADMIN": 3,
"A.HANET": 2,
"A.INIT": 3,
"A.NOEVIL": 3,
"A.PHYSEC": 3,
"A.REMOTE_AUTH": 2,
"A.SINGEN": 4,
"A.TIMESTMP": 3
},
"O": {
"O.AUDREC": 5,
"O.AUTH": 11,
"O.AVAIL": 7,
"O.CONFID": 11,
"O.INTEG": 8,
"O.MEDIAT": 4,
"O.NOREPLAY": 11
},
"OE": {
"OE.ADMIN": 2,
"OE.HANET": 4,
"OE.INIT": 7,
"OE.NOEVIL": 3,
"OE.PHYSEC": 4,
"OE.REMOTE_AUTH": 1,
"OE.SINGEN": 4,
"OE.TIMESTMP": 5
},
"T": {
"T.MEDIAT": 3,
"T.MMODIFY": 3,
"T.MODIFY": 3,
"T.MSNIFF": 3,
"T.NOAUTH": 3,
"T.SELPRO": 3,
"T.SNIFF": 3
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"ADV": {
"ADV_ARC": 1,
"ADV_ARC.1": 4,
"ADV_FSP": 1,
"ADV_FSP.1": 1,
"ADV_FSP.2": 2,
"ADV_FSP.4": 2,
"ADV_IMP": 1,
"ADV_IMP.1": 3,
"ADV_INT": 2,
"ADV_SPM": 2,
"ADV_TAT.1": 1,
"ADV_TDS": 1,
"ADV_TDS.1": 1,
"ADV_TDS.2": 1,
"ADV_TDS.3": 2
},
"AGD": {
"AGD_OPE": 1,
"AGD_OPE.1": 3,
"AGD_PRE": 1,
"AGD_PRE.1": 3
},
"ALC": {
"ALC_CMC": 1,
"ALC_CMC.4": 1,
"ALC_CMS": 1,
"ALC_CMS.4": 1,
"ALC_DEL": 1,
"ALC_DEL.1": 1,
"ALC_DVS": 1,
"ALC_DVS.1": 2,
"ALC_FLR": 1,
"ALC_FLR.2": 3,
"ALC_LCD": 1,
"ALC_LCD.1": 2,
"ALC_TAT": 1,
"ALC_TAT.1": 1
},
"ASE": {
"ASE_CCL": 1,
"ASE_CCL.1": 1,
"ASE_ECD": 1,
"ASE_ECD.1": 3,
"ASE_INT": 1,
"ASE_INT.1": 1,
"ASE_OBJ": 1,
"ASE_OBJ.2": 1,
"ASE_REQ": 1,
"ASE_REQ.1": 2,
"ASE_REQ.2": 1,
"ASE_SPD": 1,
"ASE_SPD.1": 1,
"ASE_TSS": 1,
"ASE_TSS.2": 4
},
"ATE": {
"ATE_COV": 1,
"ATE_COV.1": 1,
"ATE_COV.2": 1,
"ATE_DPT": 1,
"ATE_DPT.1": 2,
"ATE_FUN": 1,
"ATE_FUN.1": 4,
"ATE_IND": 1,
"ATE_IND.2": 1
},
"AVA": {
"AVA_VAN": 1,
"AVA_VAN.4": 4
}
},
"cc_security_level": {
"EAL": {
"EAL4": 4,
"EAL4 augmented": 1
}
},
"cc_sfr": {
"FAU": {
"FAU_GEN": 17,
"FAU_GEN.1": 5,
"FAU_GEN.2": 1,
"FAU_SAR": 10,
"FAU_SAR.1": 3,
"FAU_SAR.3": 1
},
"FCS": {
"FCS_CKM": 86,
"FCS_CKM.1": 21,
"FCS_CKM.4": 22,
"FCS_COP": 67,
"FCS_COP.1": 20,
"FCS_RNG": 1,
"FCS_RNG.1": 12,
"FCS_RNG.1.1": 2,
"FCS_RNG.1.2": 2
},
"FDP": {
"FDP_IFC": 43,
"FDP_IFC.1": 31,
"FDP_IFC.2": 2,
"FDP_IFF": 34,
"FDP_IFF.1": 37,
"FDP_ITT": 21,
"FDP_ITT.1": 3
},
"FIA": {
"FIA_ATD": 5,
"FIA_ATD.1": 1,
"FIA_SOS": 5,
"FIA_SOS.1": 1,
"FIA_UAU": 10,
"FIA_UAU.2": 1,
"FIA_UAU.6": 1,
"FIA_UID": 5,
"FIA_UID.1": 3,
"FIA_UID.2": 2
},
"FMT": {
"FMT_MOF": 5,
"FMT_MOF.1": 1,
"FMT_MSA": 125,
"FMT_MSA.1": 24,
"FMT_MSA.2": 3,
"FMT_MSA.3": 18,
"FMT_SMF": 39,
"FMT_SMF.1": 22,
"FMT_SMR": 6,
"FMT_SMR.1": 25
},
"FPT": {
"FPT_ITT": 7,
"FPT_ITT.1": 3,
"FPT_STM.1": 3,
"FPT_TEE": 7,
"FPT_TEE.1": 2,
"FPT_TRC": 5,
"FPT_TRC.1": 1,
"FPT_TRC.1.1": 1,
"FPT_TRC.1.2": 1
},
"FTP": {
"FTP_STM.1": 1
}
},
"certification_process": {
"OutOfScope": {
"1.4.10.5 No Dynamic Routing The dynamic routing feature which uses OSPF only works with IPv4 and is out of scope for this TOE. 1.4.10.6 No genucenter HA While the HA setup for the genuscreens is part of the": 1,
"and genucenter versions 200, 400, 600 and 800 in the field with hardware revision 6 and 7 which are out of scope for the current certification. The software genuscreen 7.0 runs on this hardware with the same": 1,
"cryptocard to perform cryptographic operations for IPsec usage. However, usage of the cryptocard is out of scope for this TOE. 1.4.10.2 No VPN to Other Appliances or Mobile Clients It is possible to build VPN": 1,
"hardware has not been evaluated. Also, operating the genucenter software on a virtual machine is out of scope for this certification. If the virtual genucenter is used, the end user has to ensure that all": 1,
"is out of scope. 1.4.10.8 No genucenter Rest API The genucenter REST API is out of scope and must not be used. 1.4.11 Physical Scope The physical scope of the TOE consists only of software": 1,
"out of scope": 7,
"the HA setup for genucenter is out of scope. 1.4.10.7 No Remote Maintenance The remote maintenance feature using a rendezvous genuscreen": 1
}
},
"cipher_mode": {
"CBC": {
"CBC": 6
},
"CTR": {
"CTR": 5
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"LibreSSL": {
"LibreSSL": 1
},
"OpenSSL": {
"OpenSSL": 1
}
},
"crypto_protocol": {
"IKE": {
"IKE": 82,
"IKEv1": 7,
"IKEv2": 6
},
"IPsec": {
"IPsec": 37
},
"SSH": {
"SSH": 111
},
"TLS": {
"TLS": {
"TLS": 3
}
},
"VPN": {
"VPN": 20
}
},
"crypto_scheme": {
"KEX": {
"Key Exchange": 5
},
"MAC": {
"MAC": 2
}
},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {
"SHA": {
"SHA2": {
"SHA-256": 5,
"SHA-512": 3,
"SHA256": 3
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"RNG": {
"RNG": 5
}
},
"side_channel_analysis": {},
"standard_id": {
"BSI": {
"AIS 20": 2,
"AIS 31": 2,
"AIS20": 2,
"AIS31": 1
},
"CC": {
"CCMB-2012-04-003": 1,
"CCMB-2017-04-001": 1,
"CCMB-2017-04-002": 1
},
"FIPS": {
"FIPS180-4": 2
},
"PKCS": {
"PKCS#1": 9
},
"RFC": {
"RFC 2104": 1,
"RFC 2409": 1,
"RFC 2460": 1,
"RFC 3447": 1,
"RFC 3526": 1,
"RFC 4109": 1,
"RFC 4253": 1,
"RFC 4306": 1,
"RFC 4418": 1,
"RFC 5639": 1,
"RFC 6151": 1,
"RFC 6668": 1,
"RFC2104": 6,
"RFC2409": 9,
"RFC2460": 1,
"RFC3502": 1,
"RFC3526": 4,
"RFC4253": 3,
"RFC4301": 1,
"RFC4344": 1,
"RFC4418": 4,
"RFC4432": 1,
"RFC5639": 3,
"RFC5656": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 13
}
},
"constructions": {
"MAC": {
"HMAC": 4,
"HMAC-SHA-256": 1
}
}
},
"technical_report_id": {
"BSI": {
"BSI TR-02102": 2,
"BSI TR-02102-1": 2,
"BSI TR-02102-2": 2,
"BSI TR-02102-3": 2,
"BSI TR-02102-4": 2
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"st_metadata": {
"/Author": "genua GmbH",
"/CreationDate": "D:20200717120845+02\u002700\u0027",
"/Creator": "LaTeX with hyperref",
"/Keywords": "firewall",
"/ModDate": "D:20200717120845+02\u002700\u0027",
"/PTEX.Fullbanner": "This is pdfTeX, Version 3.14159265-2.6-1.40.20 (TeX Live 2019) kpathsea version 6.3.1",
"/Producer": "pdfTeX-1.40.20",
"/Subject": "Common Criteria certification",
"/Title": "genuscreen 7.0 Security Target",
"/Trapped": "/False",
"pdf_file_size_bytes": 1010308,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Interpretationen/AIS_31_pdf.html",
"https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Interpretationen/AIS_31_Functionality_classes_for_random_number_generators_e.pdf?__blob=publicationFile",
"http://dx.doi.org/10.6028/NIST.FIPS.180-4",
"http://www.ietf.org/rfc/rfc2460.txt",
"http://www.ietf.org/rfc/rfc5639.txt",
"http://dx.doi.org/10.6028/NIST.SP.800-38A",
"http://www.ietf.org/rfc/rfc3447.txt",
"http://www.ietf.org/rfc/rfc3526.txt",
"http://www.ietf.org/rfc/rfc2104.txt",
"http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf",
"http://dx.doi.org/10.6028/NIST.FIPS.186-4",
"https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Interpretationen/AIS_20_pdf.html",
"http://www.ecc-brainpool.org/download/Domain-parameters.pdf",
"http://www.ietf.org/rfc/rfc4253.txt",
"http://www.ietf.org/rfc/rfc2409.txt",
"https://tools.ietf.org/html/draft-miller-secsh-umac-01",
"http://www.ietf.org/rfc/rfc4418.txt"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 71
}
},
"protection_profiles": {
"_type": "Set",
"elements": []
},
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1142a_pdf.pdf",
"scheme": "DE",
"security_level": {
"_type": "Set",
"elements": [
"EAL4+",
"ALC_FLR.2",
"AVA_VAN.4",
"ASE_TSS.2"
]
},
"st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1142b_pdf.pdf",
"state": {
"_type": "sec_certs.sample.cc.CCCertificate.InternalState",
"cert": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "c85350fb2baf096bfe6caaa949e7c85dd426e4883ee0b7e7f254c57fd3170956",
"txt_hash": "bc4e84826fd365bf8ad697740e0b55331e224175eab7e3d4b3554abbfa2eae02"
},
"report": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "4d53b348e09cdc04c57bd2a28e090c0d047ce7c850bd86ea71c66122bbeacf37",
"txt_hash": "b01b1f50e1a26e783559584485ffd0db0afdaf8fce083bb3c76fb1c3b9704962"
},
"st": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "a2ae857248933bdb010cbea74937a57df42a6bd6fff12cae0906d86d30f68ba6",
"txt_hash": "04c792eb547f9955e2d088d196bbc2cc349f9e09a8b1849d2b28f041ed7ccb63"
}
},
"status": "active"
}