UNCLASSIFIED / NON CLASSIFIÉ
CCCS-PP-011-CR
COMMON CRITERIA CERTIFICATION REPORT
PP-Configuration for Peripheral Sharing
Device and User Authentication Devices,
version 1.0, 19 July 2019
5 January 2024
2
UNCLASSIFIED / NON CLASSIFIÉ
FOREWORD
This certification report is an UNCLASSIFIED publication, issued under the authority of the Chief, Communications Security
Establishment (CSE).
The PP Configuration identified in this certification report has been evaluated at an approved testing laboratory established
under the Canadian Centre for Cyber Security (CCCS). This certification report applies only to the identified version and
release of the PP Configuration. The evaluation has been conducted in accordance with the provisions of the Canadian CC
Scheme, and the conclusions of the testing laboratory in the evaluation report are consistent with the evidence adduced.
If your organization has identified a requirement for this certification report and would like more detailed information, please
contact:
Canadian Centre for Cyber Security
Contact Centre and Information Services
contact@cyber.gc.ca | 1-833-CYBER-88 (1-833-292-3788)
3
UNCLASSIFIED / NON CLASSIFIÉ
OVERVIEW
The Canadian Common Criteria Scheme provides a third-party evaluation service for determining the trustworthiness of
Information Technology (IT) security products. Evaluations are performed by a commercial Common Criteria Testing
Laboratory (CCTL) under the oversight of the Certification Body, which is managed by the Canadian Centre for Cyber
Security.
A CCTL is a commercial facility that has been approved by the Certification Body to perform Common Criteria evaluations; a
significant requirement for such approval is accreditation to the requirements of ISO/IEC 17025, the General Requirements
for the Competence of Testing and Calibration Laboratories.
This certification report is posted to the Common Criteria portal (the official website of the International Common Criteria
Program).
4
UNCLASSIFIED / NON CLASSIFIÉ
TABLE OF CONTENTS
Executive Summary......................................................................................................................................... 5
1 Identification ........................................................................................................................................... 6
2 PP-Configuration Description ..................................................................................................................... 7
3 Security Problem Description and Objectives................................................................................................. 8
3.1 Assumptions..................................................................................................................................................... 8
3.2 Threats ............................................................................................................................................................. 9
3.3 Organizational Security Policies......................................................................................................................... 9
3.4 Security Objectives...........................................................................................................................................10
4 Security Requirements .............................................................................................................................13
4.1 Base Security Functional Requirements.............................................................................................................13
4.2 Optional Security Functional Requirements........................................................................................................14
4.3 Selection-Based Security Functional Requirements ............................................................................................15
4.4 Security Assurance Requirements .....................................................................................................................16
5 Results of the Evaluation ..........................................................................................................................18
6 References.............................................................................................................................................19
5
UNCLASSIFIED / NON CLASSIFIÉ
EXECUTIVE SUMMARY
This report documents the results of the evaluation of the PP-Configuration for Peripheral Sharing Device and User
Authentication Devices, version 1.0 (PP-Config. for PSD-UA_v1.0). It presents a summary of the PP-Config. for PSD-UA_v1.0
together with the evaluation results.
This PP-Configuration defines (by reference to the Supporting Documents for the included PP-Modules) how to evaluate a
TOE that claims conformance to the following:
• Protection Profile for Peripheral Sharing Device Version 4.0; and
• PP-Module for User Authentication Devices Version 1.0.
In order to promote thoroughness and efficiency, the evaluation of the PP-Config. for PSD-UA_v1.0 was performed
concurrent with the first product evaluation against the PP-Configuration’s requirements. In this case the Target of
Evaluation (TOE) for this first product was the Adder AS-4CR Multi-Domain Card Reader Firmware Version 40040-0E7
(hereafter referred to as “Adder PSD Devices”). The evaluation was performed by the EWA-Canada Common Criteria Testing
Laboratory and was completed in January 2024. This evaluation addressed the base requirements of PP-Config. for PSD-
UA_v1.0, as well as most of the requirements contained in Appendices A and B.
An additional evaluation of the PP-Configuration was performed by the EWA-Canada Common Criteria Testing Laboratory to
confirm that it meets the claimed ACE assurance requirements.
The evaluations determined that the PP-Config. for PSD-UA_v1.0 is both Common Criteria Part 2 Extended and Part 3
Conformant. The PP-Config. for PSD-UA_v1.0 was evaluated at an approved Common Criteria Testing Laboratory using the
Common Methodology for IT Security Evaluation (version 3.1, revision 5) for conformance to the Common Criteria for IT
Security Evaluation (version 3.1, revision 5).
The Canadian Centre for Cyber Security, as the Certification Body, found that the evaluations demonstrated that the PP-
Config. for PSD-UA_v1.0 meets the requirements of the ACE components. The conclusions of the testing laboratory in the
Assurance Activity Report (AAR) are consistent with the evidence produced.
6
UNCLASSIFIED / NON CLASSIFIÉ
1 IDENTIFICATION
The evaluation of the PP-Configuration for Peripheral Sharing Device, Analog Audio Output Devices, Keyboard/Mouse
Devices, User Authentication Devices, and Video/Display Devices, version 1.0 (PP-Config. for PSD-UA_v1.0) was performed
concurrently with the first product evaluation against the PP-Configuration. The Target of Evaluation (TOE) was the Adder
AS-4CR Multi-Domain Card Reader Firmware Version 40040-0E7 (hereafter referred to as “Adder KVM Devices”). The
evaluation was performed by the EWA-Canada Common Criteria Testing Laboratory and was completed in January 2024.
The PP-Config. for PSD-UA_v1.0 contains a set of “base” requirements, comprised of “base” requirement that all conformant
STs must include, and additionally contains “Optional” and “Selection-based” requirements. The PP-Configuration contains
Implementation-Dependent Optional Requirements that are dependent on the TOE implementing a particular function. The
Selection-based requirements are additional requirements based on selections made within the PP-Configuration; if certain
selections are made, then additional requirements will need to be included.
The following identifies the PP-Configuration that was the subject of the evaluation and certification, together with
supporting information from the base evaluation performed against this PP-Configuration.
PP-Configuration PP-Configuration for Peripheral Sharing Device and User Authentication Devices, version 1.0
Base-PP Protection Profile for Peripheral Sharing Device, version 4.0 (PP_PSD_v4.0)
PP-Modules in PP-
Configuration
PP-Module for User Authentication Devices Version 1.0 (MOD_UA_v1.0)
Security Target Adder AS-4CR Multi-Domain Card Reader Firmware Version 40040-0E7 Security Target,
Version 1.4B, 5 January 2024
CC Version Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 5
Conformance Result CC Part 2 Extended, CC Part 3 Conformant
CC Testing Lab EWA-Canada
7
UNCLASSIFIED / NON CLASSIFIÉ
2 PP-CONFIGURATION DESCRIPTION
The PP-Config. for PSD-UA_v1.0 describes common security requirements for Peripheral Sharing Devices (PSDs). That
includes functionality for analog audio devices, user authentication devices, keyboard/mouse devices, and video/display
devices. The PSD can share these peripherals between multiple computers or support a single connected computer.
8
UNCLASSIFIED / NON CLASSIFIÉ
3 SECURITY PROBLEM DESCRIPTION AND OBJECTIVES
3.1 ASSUMPTIONS
The specific conditions listed here are assumed to exist in the TOE’s Operational Environment. These assumptions include
both practical realities in the development of the TOE security requirements and the essential environmental conditions on
the use of the TOE.
Table 1: Assumptions
Assumption Name Assumption Definition
From PP_PSD_v4.0
A.NO_TEMPEST Computers and peripheral devices connected to the PSD are not TEMPEST approved.
A.PHYSICAL The environment provides physical security commensurate with the value of the TOE and the data
it processes and contains.
A.NO_WIRELESS_DEVICES The environment includes no wireless peripheral devices.
A.TRUSTED_ADMIN PSD Administrators and users are trusted to follow and apply all guidance in a trusted manner.
A.TRUSTED_CONFIG Personnel configuring the PSD and its operational environment follow the applicable security
configuration guidance.
A.USER_ALLOWED_ACCESS All PSD users are allowed to interact with all connected computers. It is not the role of the PSD to
prevent or otherwise control user access to connected computers. Computers or their connected
network shall have the required means to authenticate the user and to control access to their
various resources.
9
UNCLASSIFIED / NON CLASSIFIÉ
3.2 THREATS
TOEs conforming to the PP-Config. for PSD-UA_v1.0 counter the following threats.
Table 2: Threats
Threat Name Threat Definition
From PP_PSD_v4.0
T.DATA_LEAK A connection via the PSD between one or more computers may allow unauthorized data flow
through the PSD or its connected peripherals.
T.SIGNAL_LEAK A connection via the PSD between one or more computers may allow unauthorized data flow
through bit‐by‐bit signaling.
T.RESIDUAL_LEAK A PSD may leak (partial, residual, or echo) user data between the intended connected computer
and another unintended connected computer.
T.UNINTENDED_USE A PSD may connect the user to a computer other than the one to which the user intended to
connect.
T.UNAUTHORIZED_DEVICES The use of an unauthorized peripheral device with a specific PSD peripheral port may allow
unauthorized data flows between connected devices or enable an attack on the PSD or its
connected computers.
T.LOGICAL_TAMPER An attached device (computer or peripheral) with malware, or otherwise under the control of a
malicious user, could modify or overwrite code or data stored in the PSD’s volatile or non‐volatile
memory to allow unauthorized information flows.
T.PHYSICAL_TAMPER A malicious user or human agent could physically modify the PSD to allow unauthorized
information flows.
T.REPLACEMENT A malicious human agent could replace the PSD during shipping, storage, or use with an alternate
device that does not enforce the PSD security policies.
T.FAILED Detectable failure of a PSD may cause an unauthorized information flow or weakening of PSD
security functions.
3.3 ORGANIZATIONAL SECURITY POLICIES
No organizational security policies have been identified that are specific to Peripheral Sharing Devices.
10
UNCLASSIFIED / NON CLASSIFIÉ
3.4 SECURITY OBJECTIVES
The following table contains security objectives for the TOE.
Table 3: TOE Security Objectives
TOE Security Objective TOE Security Objective Definition
From PP_PSD_v4.0
O.COMPUTER_INTERFACE
_ISOLATION
The PSD shall prevent unauthorized data flow to ensure that the PSD and its connected
peripheral devices cannot be exploited in an attempt to leak data. The TOE‐Computer interface
shall be isolated from all other PSD‐Computer interfaces while TOE is powered. (Addressed
by: FDP_APC_EXT.1)
O.COMPUTER_INTERFACE
_ISOLATION_TOE_UNPOWERED
The PSD shall not allow data to transit a PSD‐Computer interface while the PSD is unpowered.
(Addressed by: FDP_APC_EXT.1)
O.USER_DATA_ISOLATION The PSD shall route user data, such as keyboard entries, only to the computer selected by the
user. The PSD shall provide isolation between the data flowing from the peripheral device to the
selected computer and any non‐selected computer. (Addressed by: FDP_APC_EXT.1)
O.NO_USER_DATA_RETENTION The PSD shall not retain user data in non‐volatile memory after power up or, if supported,
factory reset. (Addressed by: FDP_RIP_EXT.1, FDP_RIP_EXT.2 (optional))
O.NO_OTHER_EXTERNAL
_INTERFACES
The PSD shall not have any external interfaces other than those implemented by the TSF.
(Addressed by: FDP_PDC_EXT.1)
O.LEAK_PREVENTION_SWITCHING The PSD shall ensure that there are no switching mechanisms that allow signal data leakage
between connected computers. (Addressed by: FDP_SWI_EXT.1, FDP_SWI_EXT.2 (selection‐
based))
O.AUTHORIZED_USAGE The TOE shall explicitly prohibit or ignore unauthorized switching mechanisms, either because it
supports only one connected computer or because it allows only authorized mechanisms to
switch between connected computers. Authorized switching mechanisms shall require express
user action restricted to console buttons, console switches, console touch screen, wired remote
control, and peripheral devices using a guard. Unauthorized switching mechanisms include
keyboard shortcuts, also known as “hotkeys,” automatic port scanning, control through a
connected computer, and control through keyboard shortcuts. Where applicable, the results of
the switching activity shall be indicated by the TSF so that it is clear to the user that the
switching mechanism was engaged as intended. A conformant TOE may also provide a
management function to configure some aspects of the TSF. If the TOE provides this
functionality, it shall ensure that whatever management functions it provides can only be
performed by authorized administrators and that an audit trail of management activities is
generated. (Addressed by: FAU_GEN.1 (optional), FDP_SWI_EXT.1, FDP_SWI_EXT.2 (selection‐
based), FIA_UAU.2 (optional), FIA_UID.2 (optional), FMT_MOF.1 (optional), FMT_SMF.1
(optional), FMT_SMR.1 (optional), FPT_STM.1 (optional), FTA_CIN_EXT.1 (selection‐based))
11
UNCLASSIFIED / NON CLASSIFIÉ
TOE Security Objective TOE Security Objective Definition
O.PERIPHERAL_PORTS_ISOLATION The PSD shall ensure that data does not flow between peripheral devices connected to different
PSD interfaces. (Addressed by: FDP_APC_EXT.1)
O.REJECT_UNAUTHORIZED
_PERIPHERAL
The PSD shall reject unauthorized peripheral device types and protocols. (Addressed by:
FDP_PDC_EXT.1)
O.REJECT_UNAUTHORIZED
_ENDPOINTS
The PSD shall reject unauthorized peripheral devices connected via a Universal Serial Bus (USB)
hub. (Addressed by: FDP_PDC_EXT.1)
O.NO_TOE_ACCESS The PSD firmware, software, and memory shall not be accessible via its external ports.
(Addressed by: FPT_NTA_EXT.1)
O.TAMPER_EVIDENT_LABEL The PSD shall be identifiable as authentic by the user and the user must be made aware of any
procedures or other such information to accomplish authentication. This feature must be
available upon receipt of the PSD and continue to be available during the PSD deployment. The
PSD shall be labeled with at least one visible unique identifying tamper‐evident marking that can
be used to authenticate the device. The PSD manufacturer must maintain a complete list of
manufactured PSD articles and their respective identification markings’ unique identifiers.
(Addressed by: FPT_PHP.1)
O.ANTI_TAMPERING The PSD shall be physically enclosed so that any attempts to open or otherwise access the
internals or modify the connections of the PSD would be evident, and optionally thwarted
through disablement of the TOE. Note: This applies to a wired remote control as well as the
main chassis of the PSD. (Addressed by: FPT_PHP.1, FPT_PHP.3 (optional))
O.SELF_TEST The PSD shall perform self‐tests following power up or powered reset. (Addressed by:
FPT_TST.1)
O.SELF_TEST_FAIL_TOE_DISABLE The PSD shall enter a secure state upon detection of a critical failure. (Addressed by:
FPT_FLS_EXT.1, FPT_TST_EXT.1)
O.SELF_TEST_FAIL_INDICATION The PSD shall provide clear and visible user indications in the case of a self‐test failure.
(Addressed by: FPT_TST_EXT.1)
From MOD_UA_v1.0
O.USER_AUTHENTICATION_
ISOLATION
The TOE shall isolate the user authentication function from all other TOE functions.
O.SESSION_TERMINATION The TOE shall immediately terminate an open session with the selected computer upon
disconnection of the authentication element.
12
UNCLASSIFIED / NON CLASSIFIÉ
The following table contains security objectives for the Operational Environment.
Table 4: Environmental Security Objectives
Environmental Security Obj. Environmental Security Objective Definition
From PP_PSD_v4.0
OE.NO_TEMPEST The operational environment will not use TEMPEST approved equipment
OE.PHYSICAL The operational environment will provide physical security, commensurate with the value of the
PSD and the data that transits it.
OE.NO_WIRELESS_DEVICES The operational environment will not include wireless keyboards, mice, audio, user
authentication, or video devices.
OE.TRUSTED_ADMIN The operational environment will ensure that trusted PSD Administrators and users are
appropriately trained.
OE.TRUSTED_CONFIG The operational environment will ensure that administrators configuring the PSD and its
operational environment follow the applicable security configuration guidance.
13
UNCLASSIFIED / NON CLASSIFIÉ
4 SECURITY REQUIREMENTS
4.1 BASE SECURITY FUNCTIONAL REQUIREMENTS
The following table contains the “base” requirements that are levied by the PP_PSD_v4.0 and were certified as part of the
Adder PSD Devices evaluation activity.
Table 5: “Base” Security Functional Requirements for the PP_PSD_v4.0
Requirement Class Requirement Component Verified By
FDP: User Data Protection FDP_APC_EXT.1: Active PSD Connections ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
FDP_PDC_EXT.1: Peripheral Device Connection ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
FDP_RIP_EXT.1: Residual Information Protection ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
FDP_SWI_EXT.1: PSD Switching ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
FPT: Protection of the
TSF
FPT_FLS_EXT.1: Failure with Preservation of
Secure State
ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
FPT_NTA_EXT.1: No Access to TOE ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
FPT_PHP.1: Passive Detection of Physical Attack ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
FPT_TST.1: TSF Testing ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
FPT_TST_EXT.1: TSF Testing ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
The PP Module that comprises this PP-configuration levies the following additional “base” requirements, that were certified
as part of the Adder PSD Devices evaluation activity.
14
UNCLASSIFIED / NON CLASSIFIÉ
Table 6: “Base” Security Functional Requirements for the MOD_UA_v1.0
Requirement Class Requirement Component Verified By
FDP: User Data Protection FDP_FIL_EXT.1/UA: Device Filtering (User
Authentication Devices)
ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
FDP_PDC_EXT.2/UA: Authorized Devices (User
Authentication Devices)
ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
FDP_PDC_EXT.4: Supported Authentication Device ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
FDP_PWR_EXT.1: Powered By Computer ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
FDP_TER_EXT.1: Session Termination ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
FDP_UAI_EXT.1: User Authentication Isolation ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
4.2 OPTIONAL SECURITY FUNCTIONAL REQUIREMENTS
The following table contains the “optional” requirements that are specified within the PP_PSD_v4.0 and were certified as
part of the Adder PSD Devices evaluation activity.
Table 7: “Optional” Security Functional Requirements for the PP_PSD_v4.0
Requirement Class Requirement Component Verified By
FAU: Security Audit FAU_GEN.1: Audit Data Generation ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
FDP: User Data Protection FDP_RIP_EXT.2: Purge of Residual Information ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
FIA: Identification and
Authentication
FIA_UAU.2: User Authentication Before Any Action ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
FIA_UID.2: User Identification Before Any Action ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
FMT: Security
Management
FMT_MOF.1: Management of Security Functions
Behaviour
ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
FMT_SMF.1: Specification of Management
Functions
ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
15
UNCLASSIFIED / NON CLASSIFIÉ
Requirement Class Requirement Component Verified By
FMT_SMR.1: Security Roles ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
FPT: Protection of the
TSF
FPT_PHP.3: Resistance to Physical Attack ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
FPT_STM.1: Reliable Time Stamps ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
4.3 SELECTION-BASED SECURITY FUNCTIONAL REQUIREMENTS
The following table contains the “selection-based” requirements that are specified within the PP_PSD_v4.0 and were
certified as part of the Adder PSD Devices evaluation activity.
Table 8: “Selection-Based” Security Functional Requirements for the PP_PSD_v4.0
Requirement Class Requirement Component Verified By
FDP: User Data Protection FDP_SWI_EXT.2: PSD Switching Methods ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
FTA: TOE Access FTA_CIN_EXT.1 : Continuous Indications ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
The PP Module that comprises this PP-configuration levies the following additional “selection-based” requirements. Some of
these requirements were certified as part of the Adder PSD Devices evaluation activity, and the remainder were certified as
part of the independent ACE evaluation activity.
Table 9: “Selection-Based” Security Functional Requirements for the MOD_UA_v1.0
Requirement Class Requirement Component Verified By
FDP: User Data Protection FDP_TER_EXT.2: Session Termination of Removed
Devices
ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
FDP_TER_EXT.3: Session Termination upon
Switching
ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
16
UNCLASSIFIED / NON CLASSIFIÉ
4.4 SECURITY ASSURANCE REQUIREMENTS
The following are the assurance requirements contained in the PP_PSD_v4.0. None of the PP Modules comprising the PP-
configuration levied any additional assurance requirements.
Table 11: Security Assurance Requirements
Requirement Class Requirement Component Verified By
ASE: Security Target ASE_CCL.1: Conformance Claims ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
ASE_ECD.1: Extended Components Definition ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
ASE_INT.1: ST Introduction ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
ASE_OBJ.2: Security Objectives ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
ASE_REQ.2: Derived Security Requirements ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
ASE_SPD.1: Security Problem Definition ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
ASE_TSS.1: TOE Summary Specification ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
ADV: Development ADV_FSP.1: Basic Functional Specification ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
AGD: Guidance
Documents
AGD_OPE.1: Operational User Guidance ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
AGD_PRE.1: Preparative Procedures ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
ALC: Life Cycle Support ALC_CMC.1: Labeling of the TOE ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
ALC_CMS.1: TOE CM Coverage ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
ATE: Tests ATE_IND.1: Independent Testing – Conformance ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
AVA: Vulnerability
Assessment
AVA_VAN.1: Vulnerability Survey ST: Adder PSD Devices (PP-Config. for
PSD-UA_v1.0)
17
UNCLASSIFIED / NON CLASSIFIÉ
18
UNCLASSIFIED / NON CLASSIFIÉ
5 RESULTS OF THE EVALUATION
Note that for ACE elements and work units identical to ASE elements and work units, the testing laboratory performed the
ACE work units concurrent to the ASE work units. In addition, the testing laboratory performed an independent ACE
evaluation of the PP-Modules that comprised the PP-Configuration.
Table 12: Evaluation Results
ACE Requirement Evaluation Verdict Verified By
ACE_INT.1: PP-Module Introduction Pass • ST: Adder PSD Devices (PP-Config. for PSD-
UA_v1.0)
• ACE Evaluation
ACE_CCL.1: PP-Module Conformance Claims Pass • ST: Adder PSD Devices (PP-Config. for PSD-
UA_v1.0)
• ACE Evaluation
ACE_SPD.1: PP-Module Security Problem
Definition
Pass • ST: Adder PSD Devices (PP-Config. for PSD-
UA_v1.0)
• ACE Evaluation
ACE_OBJ.1: PP-Module Security Objectives Pass • ST: Adder PSD Devices (PP-Config. for PSD-
UA_v1.0)
• ACE Evaluation
ACE_ECD.1: PP-Module Extended
Components Definition
Pass • ST: Adder PSD Devices (PP-Config. for PSD-
UA_v1.0)
• ACE Evaluation
ACE_REQ.1: PP-Module Security
Requirements
Pass • ST: Adder PSD Devices (PP-Config. for PSD-
UA_v1.0)
• ACE Evaluation
ACE_MCO.1: PP-Module Consistency Pass • ST: Adder PSD Devices (PP-Config. for PSD-
UA_v1.0)
• ACE Evaluation
ACE_CCO.1: PP-Configuration Consistency Pass • ST: Adder PSD Devices (PP-Config. for PSD-
UA_v1.0)
• ACE Evaluation
19
UNCLASSIFIED / NON CLASSIFIÉ
6 REFERENCES
Reference
Common Criteria for Information Technology Security Evaluation, Version 3.1 Revision 5, April 2017.
Common Methodology for Information Technology Security Evaluation, CEM, Version 3.1 Revision 5, April 2017.
Protection Profile for Peripheral Sharing Device, Version 4.0, 19 July 2019.
PP-Module for User Authentication Devices, Version 1.0, 19 July 2019
PP-Configuration for Peripheral Sharing Device and User Authentication Devices, Version 1.0, 19 July 2019.
Supporting Document: Mandatory Technical Document PP-Module for User Authentication Devices, Version 1.0,
19 July 2019
Adder AS-4CR Multi-Domain Card Reader Firmware Version 40040-0E7 Security Target, Version 1.4, 5 January
2024.
Assurance Activity Report Adder AS-4CR Multi-Domain Card Reader Firmware Version 40040-0E7, Version 2.1, 5
January 2024.
Common Criteria Certification Report Adder AS-4CR Multi-Domain Card Reader Firmware Version 40040-0E7,
Version 1.0, 5 January 2024.