Common Criteria Protection Profile for Document Management Terminal DMT-PP BSI-CC-PP-0064-V2-2018 Version 2.0 Federal Office for Information Security Post Box 20 03 63 D-53133 Bonn Phone: +49 22899 9582-0 E-Mail: [email protected] Internet: https://www.bsi.bund.de © Federal Office for Information Security 2018 Table of Contents Table of Contents 1 PP Introduction................................................................................................................................................................................... 5 1.1 PP Reference.................................................................................................................................................................................. 5 1.2 Terminology................................................................................................................................................................................... 5 1.3 TOE Overview............................................................................................................................................................................... 5 1.3.1 Major security features of a TOE.................................................................................................................................... 7 1.3.2 TOE Type................................................................................................................................................................................... 7 1.3.3 Required non-TOE hardware/software......................................................................................................................7 1.3.4 Location of input or output-devices............................................................................................................................8 1.3.5 Protocol overview................................................................................................................................................................. 9 2 Conformance Claim....................................................................................................................................................................... 10 2.1 CC Conformance Claim......................................................................................................................................................... 10 2.2 PP Claim........................................................................................................................................................................................ 10 2.3 Package Claim............................................................................................................................................................................. 10 2.4 Conformance Claim Rationale........................................................................................................................................... 10 2.5 Conformance Statement........................................................................................................................................................ 10 3 Security Problem Definition....................................................................................................................................................... 11 3.1 TOE security policy.................................................................................................................................................................. 11 3.1.1 Subjects.................................................................................................................................................................................... 11 3.1.2 Objects..................................................................................................................................................................................... 11 3.2 Assets............................................................................................................................................................................................... 12 3.3 Security Attributes.................................................................................................................................................................... 14 3.4 Threats............................................................................................................................................................................................ 14 3.5 Assumptions................................................................................................................................................................................ 15 3.6 Organizational Security Policies (OSP)............................................................................................................................16 4 Security Objectives.......................................................................................................................................................................... 20 4.1 Security Objectives for the TOE.......................................................................................................................................... 20 4.2 Security Objectives for the Operational Environment............................................................................................22 4.3 Security Objectives Rationale.............................................................................................................................................. 25 4.3.1 Threats and objectives...................................................................................................................................................... 25 4.3.2 Assumptions......................................................................................................................................................................... 27 4.3.3 Organizational Security Policies..................................................................................................................................27 5 Extended Component Definitions........................................................................................................................................... 30 5.1 Family: Generation of random numbers (FCS_RNG)...............................................................................................30 5.2 Family: Authentication Proof of Identity (FIA_API).................................................................................................31 6 Security Requirements.................................................................................................................................................................. 32 6.1 Security functional requirements..................................................................................................................................... 32 6.1.1 Class FAU - Logging........................................................................................................................................................... 32 6.1.2 Class FCS - Cryptographic Protocols.........................................................................................................................33 6.1.3 Class FDP – User Data Protection...............................................................................................................................37 6.1.4 Class FIA – Identification and Authentication......................................................................................................37 6.1.5 Class FMT – Security Management............................................................................................................................39 6.1.6 Class FPT - TSF physical protection...........................................................................................................................41 6.1.7 Class FTP - Trusted Paths................................................................................................................................................ 42 Federal Office for Information Security 3 Table of Contents 6.2 Security Assurance Requirements.....................................................................................................................................42 6.3 Security Requirements Rationale...................................................................................................................................... 42 6.3.1 Security Functional Requirements Rationale.......................................................................................................42 6.3.2 Security Functional Requirements Dependency Rationale............................................................................45 6.3.3 Security Assurance Requirements Rationale.........................................................................................................47 6.3.4 Security Requirements – Mutual Support and Internal Consistency........................................................47 A PP-Module – User Interface Unit DMT-PP-UIU................................................................................................................49 A.1 PP-Module introduction........................................................................................................................................................ 49 A.1.1 PP-Module reference.......................................................................................................................................................