Baseboard Management Controller Protection Profile with Firmware update Module

Web information

Status active
Valid from 14.11.2022
Scheme 🇫🇷 FR
Category Other Devices and Systems
Security level EAL2+, ALC_FLR.1

Certification report

Certification report PDF TXT

Extracted keywords

Symmetric Algorithms
DES

Security level
EAL 2, EAL2
Security Assurance Requirements (SAR)
ACE_CCL.1, ACE_ECD.1, ACE_INT.1, ACE_OBJ.1, ACE_REQ.1, ACE_SPD.1, ACE_MCO.1, ACE_CCO.1, APE_CCL.1, APE_ECD.1, APE_INT.1, APE_OBJ.2, APE_REQ.2, APE_SPD.1
Security Functional Requirements (SFR)
FAU_GEN.1, FAU_GEN.2, FAU_SAR.1, FAU_SAR.2, FAU_STG.1, FAU_STG.3, FCS_RNG.1, FCS_CKM.1, FCS_CKM.4, FCS_COP.1, FIA_AFL.1, FIA_SOS.1, FIA_UAU.2, FIA_UAU.5, FIA_UAU.7, FIA_UID.2, FMT_MOF.1, FMT_SMF.1, FMT_SMR.1, FPT_FPV.1, FPT_FWU.1, FPT_FLS.1, FPT_RCV.3, FPT_STM.1, FPT_TST.1, FTA_SSL.3, FTA_TAB.1, FTA_TSE.1, FTP_ITC.1, FTP_TRP.1
Protection profiles
ANSSI-CC-PP-2022/01
Certificates
ANSSI-CC-PP-2022/01

Standards
CCMB-2017-04-001, CCMB-2017-04-002, CCMB-2017-04-003, CCMB-2017-04-004

File metadata

Title ANSSI-CC-PP-2022/01
Subject Baseboard Management Controller Protection Profile with Firmware update module
Keywords [ANSSI Crypto] <ou [SOG-IS Crypto]>
Author Leveziel Florian
Creation date D:20221117150630+01'00'
Modification date D:20221117150630+01'00'
Pages 11
Creator Microsoft® Word 2019
Producer Microsoft® Word 2019

Protection Profile

Protection profile PDF TXT

Extracted keywords

Randomness
RNG

Trusted Execution Environments
SE
Vendor
Huawei Technologies Co, Huawei

Security level
EAL2, EAL2 augmented
Security Assurance Requirements (SAR)
AGD_OPE.1, ALC_FLR.1, ALC_FLR
Security Functional Requirements (SFR)
FAU_GEN.1, FAU_GEN.2, FAU_SAR.1, FAU_SAR.2, FAU_STG.1, FAU_STG.3, FAU_GEN.1.1, FAU_GEN.1.2, FAU_GEN.2.1, FAU_SAR.1.1, FAU_SAR.1.2, FAU_SAR.2.1, FAU_STG.1.1, FAU_STG.1.2, FAU_STG.3.1, FCS_RNG, FCS_CKM.1, FCS_CKM.4, FCS_COP.1, FCS_RNG.1, FCS_RNG.1.1, FCS_RNG.1.2, FCS_CKM.1.1, FCS_CKM.4.1, FCS_COP.1.1, FCS_CKM.2, FDP_ITC.1, FDP_ITC.2, FIA_AFL.1, FIA_SOS.1, FIA_UAU.2, FIA_UAU.5, FIA_UAU.7, FIA_UID.2, FIA_AFL.1.1, FIA_AFL.1.2, FIA_SOS.1.1, FIA_UAU.2.1, FIA_UAU.5.1, FIA_UAU.5.2, FIA_UAU.7.1, FIA_UID.2.1, FIA_UID.1, FMT_MOF.1, FMT_SMF.1, FMT_SMR.1, FMT_SMF, FMT_MOF.1.1, FMT_SMF.1.1, FMT_SMR.1.1, FMT_SMT.1, FPT_FPV.1, FPT_FWU.1, FPT_FLS.1, FPT_RCV.3, FPT_STM.1, FPT_TST.1, FPT_FPV.1.1, FPT_FPV.1.2, FPT_FWU.1.1, FPT_FWU.1.2, FPT_FLS.1.1, FPT_RCV.3.1, FPT_RCV.3.2, FPT_RCV.3.3, FPT_RCV.3.4, FPT_STM.1.1, FPT_TST.1.1, FPT_TST.1.2, FPT_TST.1.3, FPT_TST, FTA_SSL.3, FTA_TAB.1, FTA_TSE.1, FTA_SSL.3.1, FTA_TAB.1.1, FTA_TSE.1.1, FTP_ITC.1, FTP_TRP.1, FTP_ITC.1.1, FTP_ITC.1.2, FTP_ITC.1.3, FTP_TRP.1.1, FTP_TRP.1.2, FTP_TRP.1.3
Protection profiles
BSI-CC-PP-0084-2014

Side-channel analysis
physical tampering, fault induction, JIL
Certification process
out of scope, measurements are the first line of defence of operational environment at network level, they are out of scope of the TOE but recommended. The networks outside the operational environment and before the gateway, shall specify methods in chapter 6.2.14 FIA_UAU.5. The methods performed by a remote entity is out of scope of the TOE, yet the communication between the TOE and the remote entity shall be secured by trusted, the GS’s service plane, usually conducts other services and interfaces with other components out of scope of the TOE, it is essential to define that no other management functionality or application shall, with the management operation of the TOE. Such seamless and non-conflicting operational policy is out of scope of the TOE and belongs to the administrator of the cloud or data centre. 4.3.1.5 OE, which means storage outside the GS. This backup place of audit records and logging file is out of scope of the TOE. End of the application note. 6.2.6 FAU_STG.3 Action in Case of Possible Audit Data Loss

Standards
AIS 31

File metadata

Title Protection Profile for a Baseboard Management Controller
Subject Protection Profile
Author Huawei Technologies Co.,Ltd.
Creation date D:20221021093416+02'00'
Modification date D:20221021100710+02'00'
Pages 96
Creator Microsoft® Word 2019
Producer Microsoft® Word 2019

References

No references are available for this protection profile.

Updates

  • The protection profile data changed.
  • The protection profile data changed.
  • The protection profile data changed.
  • The protection profile was first processed.

Raw data 

{
  "_id": "ea2b21b40726b393",
  "_type": "sec_certs.sample.protection_profile.ProtectionProfile",
  "dgst": "ea2b21b40726b393",
  "heuristics": {
    "_type": "sec_certs.sample.protection_profile.ProtectionProfile.Heuristics"
  },
  "pdf_data": {
    "_type": "sec_certs.sample.protection_profile.ProtectionProfile.PdfData",
    "pp_filename": "anssi-profil-pp-2022_01en.pdf",
    "pp_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {},
      "cc_claims": {},
      "cc_protection_profile_id": {
        "BSI": {
          "BSI-CC-PP-0084-2014": 1
        }
      },
      "cc_sar": {
        "AGD": {
          "AGD_OPE.1": 2
        },
        "ALC": {
          "ALC_FLR": 1,
          "ALC_FLR.1": 11
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL2": 2,
          "EAL2 augmented": 2
        }
      },
      "cc_sfr": {
        "FAU": {
          "FAU_GEN.1": 15,
          "FAU_GEN.1.1": 1,
          "FAU_GEN.1.2": 1,
          "FAU_GEN.2": 9,
          "FAU_GEN.2.1": 1,
          "FAU_SAR.1": 9,
          "FAU_SAR.1.1": 1,
          "FAU_SAR.1.2": 1,
          "FAU_SAR.2": 7,
          "FAU_SAR.2.1": 1,
          "FAU_STG.1": 9,
          "FAU_STG.1.1": 1,
          "FAU_STG.1.2": 1,
          "FAU_STG.3": 5,
          "FAU_STG.3.1": 1
        },
        "FCS": {
          "FCS_CKM.1": 10,
          "FCS_CKM.1.1": 1,
          "FCS_CKM.2": 1,
          "FCS_CKM.4": 10,
          "FCS_CKM.4.1": 1,
          "FCS_COP.1": 20,
          "FCS_COP.1.1": 1,
          "FCS_RNG": 2,
          "FCS_RNG.1": 9,
          "FCS_RNG.1.1": 2,
          "FCS_RNG.1.2": 2
        },
        "FDP": {
          "FDP_ITC.1": 4,
          "FDP_ITC.2": 2
        },
        "FIA": {
          "FIA_AFL.1": 6,
          "FIA_AFL.1.1": 1,
          "FIA_AFL.1.2": 1,
          "FIA_SOS.1": 7,
          "FIA_SOS.1.1": 1,
          "FIA_UAU.2": 13,
          "FIA_UAU.2.1": 1,
          "FIA_UAU.5": 10,
          "FIA_UAU.5.1": 1,
          "FIA_UAU.5.2": 1,
          "FIA_UAU.7": 9,
          "FIA_UAU.7.1": 1,
          "FIA_UID.1": 2,
          "FIA_UID.2": 10,
          "FIA_UID.2.1": 1
        },
        "FMT": {
          "FMT_MOF.1": 13,
          "FMT_MOF.1.1": 1,
          "FMT_SMF": 12,
          "FMT_SMF.1": 19,
          "FMT_SMF.1.1": 1,
          "FMT_SMR.1": 12,
          "FMT_SMR.1.1": 1,
          "FMT_SMT.1": 1
        },
        "FPT": {
          "FPT_FLS.1": 12,
          "FPT_FLS.1.1": 1,
          "FPT_FPV.1": 22,
          "FPT_FPV.1.1": 6,
          "FPT_FPV.1.2": 2,
          "FPT_FWU.1": 12,
          "FPT_FWU.1.1": 2,
          "FPT_FWU.1.2": 4,
          "FPT_RCV.3": 9,
          "FPT_RCV.3.1": 1,
          "FPT_RCV.3.2": 1,
          "FPT_RCV.3.3": 1,
          "FPT_RCV.3.4": 1,
          "FPT_STM.1": 13,
          "FPT_STM.1.1": 1,
          "FPT_TST": 2,
          "FPT_TST.1": 9,
          "FPT_TST.1.1": 1,
          "FPT_TST.1.2": 1,
          "FPT_TST.1.3": 1
        },
        "FTA": {
          "FTA_SSL.3": 11,
          "FTA_SSL.3.1": 1,
          "FTA_TAB.1": 6,
          "FTA_TAB.1.1": 1,
          "FTA_TSE.1": 8,
          "FTA_TSE.1.1": 1
        },
        "FTP": {
          "FTP_ITC.1": 13,
          "FTP_ITC.1.1": 1,
          "FTP_ITC.1.2": 1,
          "FTP_ITC.1.3": 1,
          "FTP_TRP.1": 14,
          "FTP_TRP.1.1": 1,
          "FTP_TRP.1.2": 1,
          "FTP_TRP.1.3": 1
        }
      },
      "certification_process": {
        "OutOfScope": {
          "measurements are the first line of defence of operational environment at network level, they are out of scope of the TOE but recommended. The networks outside the operational environment and before the gateway": 1,
          "out of scope": 6,
          "shall specify methods in chapter 6.2.14 FIA_UAU.5. The methods performed by a remote entity is out of scope of the TOE, yet the communication between the TOE and the remote entity shall be secured by trusted": 2,
          "the GS\u2019s service plane, usually conducts other services and interfaces with other components out of scope of the TOE, it is essential to define that no other management functionality or application shall": 1,
          "which means storage outside the GS. This backup place of audit records and logging file is out of scope of the TOE. End of the application note. 6.2.6 FAU_STG.3 Action in Case of Possible Audit Data Loss": 1,
          "with the management operation of the TOE. Such seamless and non-conflicting operational policy is out of scope of the TOE and belongs to the administrator of the cloud or data centre. 4.3.1.5 OE": 1
        }
      },
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "hash_function": {},
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "RNG": {
          "RNG": 28
        }
      },
      "side_channel_analysis": {
        "FI": {
          "fault induction": 1,
          "physical tampering": 2
        },
        "other": {
          "JIL": 1
        }
      },
      "standard_id": {
        "BSI": {
          "AIS 31": 1
        }
      },
      "symmetric_crypto": {},
      "technical_report_id": {},
      "tee_name": {
        "IBM": {
          "SE": 2
        }
      },
      "tls_cipher_suite": {},
      "vendor": {
        "Huawei": {
          "Huawei": 2,
          "Huawei Technologies Co": 2
        }
      },
      "vulnerability": {}
    },
    "pp_metadata": {
      "/Author": "Huawei Technologies Co.,Ltd.",
      "/CreationDate": "D:20221021093416+02\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word 2019",
      "/ModDate": "D:20221021100710+02\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word 2019",
      "/Subject": "Protection Profile",
      "/Title": "Protection Profile for a Baseboard Management Controller",
      "pdf_file_size_bytes": 1395936,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "http://www.huawei.com/"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 96
    },
    "report_filename": "anssi-cc-pp-2022_01fr.pdf",
    "report_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {
        "FR": {
          "ANSSI-CC-PP-2022/01": 12
        }
      },
      "cc_claims": {},
      "cc_protection_profile_id": {
        "ANSSI": {
          "ANSSI-CC-PP-2022/01": 12
        }
      },
      "cc_sar": {
        "ACE": {
          "ACE_CCL.1": 1,
          "ACE_CCO.1": 1,
          "ACE_ECD.1": 1,
          "ACE_INT.1": 1,
          "ACE_MCO.1": 1,
          "ACE_OBJ.1": 1,
          "ACE_REQ.1": 1,
          "ACE_SPD.1": 1
        },
        "APE": {
          "APE_CCL.1": 1,
          "APE_ECD.1": 1,
          "APE_INT.1": 1,
          "APE_OBJ.2": 1,
          "APE_REQ.2": 1,
          "APE_SPD.1": 1
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 2": 1,
          "EAL2": 1
        }
      },
      "cc_sfr": {
        "FAU": {
          "FAU_GEN.1": 1,
          "FAU_GEN.2": 1,
          "FAU_SAR.1": 1,
          "FAU_SAR.2": 1,
          "FAU_STG.1": 1,
          "FAU_STG.3": 1
        },
        "FCS": {
          "FCS_CKM.1": 1,
          "FCS_CKM.4": 1,
          "FCS_COP.1": 1,
          "FCS_RNG.1": 1
        },
        "FIA": {
          "FIA_AFL.1": 1,
          "FIA_SOS.1": 1,
          "FIA_UAU.2": 1,
          "FIA_UAU.5": 1,
          "FIA_UAU.7": 1,
          "FIA_UID.2": 1
        },
        "FMT": {
          "FMT_MOF.1": 1,
          "FMT_SMF.1": 1,
          "FMT_SMR.1": 1
        },
        "FPT": {
          "FPT_FLS.1": 1,
          "FPT_FPV.1": 1,
          "FPT_FWU.1": 1,
          "FPT_RCV.3": 1,
          "FPT_STM.1": 1,
          "FPT_TST.1": 1
        },
        "FTA": {
          "FTA_SSL.3": 1,
          "FTA_TAB.1": 1,
          "FTA_TSE.1": 1
        },
        "FTP": {
          "FTP_ITC.1": 1,
          "FTP_TRP.1": 1
        }
      },
      "certification_process": {},
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "hash_function": {},
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {
        "CC": {
          "CCMB-2017-04-001": 1,
          "CCMB-2017-04-002": 1,
          "CCMB-2017-04-003": 1,
          "CCMB-2017-04-004": 1
        }
      },
      "symmetric_crypto": {
        "DES": {
          "DES": {
            "DES": 1
          }
        }
      },
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "report_metadata": {
      "/Author": "Leveziel Florian",
      "/CreationDate": "D:20221117150630+01\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word 2019",
      "/Keywords": "[ANSSI Crypto] \u003cou [SOG-IS Crypto]\u003e",
      "/ModDate": "D:20221117150630+01\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word 2019",
      "/Subject": "Baseboard Management Controller Protection Profile with Firmware update module",
      "/Title": "ANSSI-CC-PP-2022/01",
      "pdf_file_size_bytes": 1416919,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "http://www.commoncriteriaportal.org/",
          "http://www.sogis.eu/",
          "mailto:[email protected]",
          "http://www.ssi.gouv.fr/"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 11
    }
  },
  "state": {
    "_type": "sec_certs.sample.protection_profile.ProtectionProfile.InternalState",
    "pp": {
      "_type": "sec_certs.sample.document_state.DocumentState",
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "json_hash": null,
      "pdf_hash": "033195cd0206743645467091f80376349c93048391b454e01de0313169b81486",
      "txt_hash": "1a297f5a4caa2e646fbcecd3b09522242b5269c44dff84c9dfbb67406571c331"
    },
    "report": {
      "_type": "sec_certs.sample.document_state.DocumentState",
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "json_hash": null,
      "pdf_hash": "532b8dd374f19977268f593744e3abdb1793d34f5c000c1353c0dde3850b44b6",
      "txt_hash": "ccb49bf7856270b56127a5963042dc31836fee5eb36f8dd2adf85ba48947172c"
    }
  },
  "web_data": {
    "_type": "sec_certs.sample.protection_profile.ProtectionProfile.WebData",
    "category": "Other Devices and Systems",
    "is_collaborative": false,
    "maintenances": [],
    "name": "Baseboard Management Controller Protection Profile with Firmware update Module",
    "not_valid_after": null,
    "not_valid_before": "2022-11-14",
    "pp_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/anssi-profil-pp-2022_01en.pdf",
    "report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/anssi-cc-pp-2022_01fr.pdf",
    "scheme": "FR",
    "security_level": {
      "_type": "Set",
      "elements": [
        "ALC_FLR.1",
        "EAL2+"
      ]
    },
    "status": "active",
    "version": "1.0"
  }
}