- Product Name :
- Adapter Compatible High-Speed Juki Card Software
- Version of TOE :
- 2.00
- Product Type :
- IT Product (IC chip firmware)
- Certification No. :
- C0191
- Date :
- 2008-10-30
- Version of Common Criteria:
- 2.3
- Conformance Claim :
- EAL4 Augmented with AVA_MSU.3
- PP Identifier :
- None
- Vendor :
- NTT Communications Corporation
-
- POC :
- MAKOTO KUMAKURA
- Division :
- Innovative Financial Systems Department
- Phone :
- +81-3-6701-9455
- E-mail :
-
- Evaluation Facility :
- Electronic Commerce Security Technology Laboratory Inc.
- Certification/Validation Report :
(176 KB)(2009-04-14) - CC Certificate Image :
(453KB)(2009-04-07) - Security Target :
(678 KB)(2009-04-14)
PRODUCT DESCRIPTION
Description of TOE
The target TOE of this ST is software built into Juki cards used in Juki Net, which is used to control data recorded and applications (hereafter referred to as APs) installed on Juki cards.
This TOE is installed on Juki cards, and intended to realize the secure issuance of Juki cards from the card issuer to cardholders, verification of cardholders, and protect cardholder information stored on
Juki cards. Juki Net is implemented to connect Japan痴 city, town and village systems via electric communication lines, based on the resident ledgers managed by each city, town and village, and increase efficiency of data processing of the resident ledgers. Juki cards are used to issue copies of resident certificates in wide areas, take exceptional measures of move-in and move-out, and check identification of residents. Juki cards are inserted into the Juki card readers/writers being connected to the operating terminals of Juki Net installed at the counters of cities, towns and villages in Japan. Through Juki card readers/writers, Juki cards are used to communicate the operating terminals of cities, towns and villages and realize various operations. This TOE is intended to provide security functions, when realizing requirements as stated above, such as authentication of users, access control, cryptographic communication, and securing of application independency.
TOE security functions
This TOE has the following security function.
-
1. Identification and authentication functions
- Identification function
- PIN verification function
- External authentication function
2. Access control functions
- File management function
- SD management function
- AP management function
- Key management function
3. Cryptographic communication function
- Secure messaging function
4. Execution management function
- Authentication status management function
- State transition management function
- Command execution control function
5. Domain separation function
- Domain separation function
6. Data recovery function
- Power-off abnormality detection function
- Fault recovery function