Details
- Part of collection
- Publication date
- 31 January 2024
- Author
- European Union Agency for Cybersecurity
- Type of Documents
- State-of-the-art Documents
- Certification Schemes
- ICT Solutions
- Hardware, Software and Components
Description
The Common Criteria (CC) are being widely used for smart card products security evaluation. Smart card evaluation showed very early a need for interpretation and supporting documents.
The initial reason was that a smart card is built up with a combination of two parts: a hardware integrated circuit (IC) part and a software part often developed by different actors with specific objectives. Another reason is that the software part may be layered itself consisting of an “Operating System layer” with possibly integrated applicative functions and an “Application layer” on top of it that may contain different applications.
All these software parts can be developed by different actors with specific objectives. One objective was to independently perform one evaluation of a platform to address several applications and customers. Another objective was to create one or several applications to load on one or several certified platforms. The objective for Application Integration was to install one or several applications onto one already certified platform to reduce the evaluation effort keeping a high level of confidence.