Protection Profile List

Basic Resident Registration Card V2 Embedded Software Protection Profile

Japan Agency for Local Authority Information Systems
Last Updated 2015-10-22
Protection Profile Name :
Basic Resident Registration Card V2 Embedded Software Protection Profile
Version of PP :
Technology Type :
Basic Resident Registration Card, Embedded Software
Certification No. :
Date :
Version of Common Criteria:
Conformance Claim :
EAL4 Augmented with AVA_VAN.5
PP Identifier :
Procurement Entity :


Description of PP

The PP provides security requirements for the embedded software of the Basic Resident Registration Card (BRR Card) Version 2. BRR Card is an IC card for the Basic Resident Registration Network System (BRR Net).
The TOE is a software embedded in BRR Card. The software consists of the BRR application program (BRR-AP) and the platform software. BRR-AP is the essential application program for BRR Card. The platform software provides operating environment for BRR-AP and additional APs.


PP security functionality

BRR Card provides secure measures to use BRR Net services. Major security features of the TOE are as follows:

- Secure communication
  Protects communication channel between BRR Card and the external device from disclosure and modification.
- Mutual authentication
  BRR Card and the external device authenticate each other.
- Card holder authentication
  BRR-AP authenticates the card holder.
- Stored data protection
  Protects stored data in the TOE from illegal access.


Security functional requirements

PP requires the following security functional requirements:

Security audit Non-repudiation of origin/receipt Cryptographic functionality Access control
Data authentication Export data protection Information flow control Import data protection
Internal transfer data protection Residual information protection Rollback Stored data integrity
Transfer data confidentiality Transfer data integrity Identification and authentication Security management
Privacy Control Security functionality protection Resource utilisation management TOE access control
Trusted path/channels