BS EN 419221-5:2018 pdf free.Protection Profiles for TSP Cryptographic Modules Cryptographic Module for Trust Services.
BS EN 419221-5 This part of EN 419221 specifies a Protection Profile for cryptographic modules which is intended to besuitable for use by trust service providers supporting electronic signature and electronic sealingoperations,certificate issuance and revocation, time stamp operations, and authentication services, asidentified by the (EU) No 910/2014 regulation of the European Parliament and of the Council onelectronic identification and trust services for electronic transactions in the internal market(Regulation(EU) No 910/2014 eIDAS) in[10]. The Protection Profile also includes optional support for protectedbackup of keys. The document follows the rules and conventions laid out in Common Criteria Part 1 [CC1],Annex B”Specification of Protection Profiles”.
The following documents are referred to in the text in such a way that some or all of their contentconstitutes requirements of this document. For dated references, only the edition cited applies. Forundated references, the latest edition of the referenced document (including any amendments) applies.ISO/IEC 19790:2012,Information technology -Security techniques — Security requirements forcryptographic modules
Common Criteria for Information Technology Security Evaluation, Part 1: Introduction and generalmodel (Version 3.1 Revision 4,September 2012),CCMB-2012-09-001[CC1]
Common Criteria for Information Technology Security Evaluation,Part 2: Security functionalrequirements, (Version 3.1 Revision 4, September 2012), CCMB-2012-09-002 [CC2]
Common Criteria for Information Technology Security Evaluation，Part 3: Security assurancerequirements, (Version 3.1 Revision 4, September 2012), CCMB-2012-09-003[CC3]
Authorization Data data, including data particular to the user, which is used to control access to (and thus use of) a key.Data particular to the user may include data derived from a secret known only by the user, data derivedfrom a device held by the user and/or data derived from biometric features of the user. Other parts ofthe authorization data may include data held within the cryptographic module,data held byadministrator(s) or data provided by the application
electronic seal data in electronic form which is attached to or logically associated with other data in electronic form toensure the latter’s origin and integrity.
electronic timestamp data in electronic form which binds other data in electronic form to a particular time establishingevidence that the latter data existed at that time.
secret key either a secret key used in symmetric cryptographic functions,or a private key used in asymmetriccryptographic functions.BS EN 419221-5 pdf download.