Bundesamt für Sicherheit in der Informationstechnik

The Joint BSI/TeleTrusT-Preevaluation Project

In 1997 the government of the Federal Republic of Germany established the Information and Communication Services Act [IuKDG]. This act contains the Digital Signature Act [SigG] as article 3. On top of that law the German parliament approved the Digital Signature Ordinance [SigV]. The aim of SigG and SigV is the definition of requirements that enable the legal equality of manual and digital signatures concerning legal binding, authenticity and integrity of electronic documents in the future. One specific requirement of SigV (§ 17) is the evaluation of technical components based on the Information Technology Security Evaluation Criteria [ITSEC]. Especially technical components for the generation of signature keys, the storing and the application facilities of the private signature key require an evaluation according to assurance level E4 of ITSEC. A formal model of security policy (FMSP) is needed to reach this level.

One class of appropriate devices for the generation of digital signatures are SmartCards. The German standardisation organisation (DIN) developed a standard for SmartCards with signature application/function [DIN]. The aim of this task was to guarantee interoperability between different SmartCards with signature functionality and SmartCard applications on the PC or Smart card reader . This standard has the quality of a specification. It defines the interface between a terminal (interface device) and a digital signature card, which is in compliance with the German digital signature law. This specification takes all the necessary German legal regulations into account. It is based on the ISO-Standard 7816 part 4, 5, 6 and 8 [ISO7816] and contains respective file structure, flow diagram of application and command structure.

Within the joint BSI/TeleTrusT-preevaluation project this specification was used to prepare a Generic Security Target and an according Formal Security Policy Model for the product-neutral software of the digital signature application in compliance with the mentioned DIN-standard.

The aim of doing this is to give best assistance to real Digital Signature SmartCard product evaluations.

The whole project was organized in three working packages headed by Dr. Giesela Meister; Giesecke & Devrient . Besides the sponsors the chip card manufactors ( Giesecke &Devrient, Siemens, Orga,) and the following institutions were in involved doing the work: German Research Center for Artificial Intelligence (DFKI), debis it security services and s3lab.

Documents as pdf-files for download:

Generic Security Target

Formal Model of Security Policy and its Informal Interpretation

The formal proofs of the Formal Security Policy Model are contained in the data base of the VSE system. This system was used to specify and verify the formal model.