{"title":"基于通用标准V3.1:2012/SNI ISO/IEC 15408:2014的印度尼西亚电子身份证(KTP-el)读卡器保护配置文件和安全目标的开发","authors":"M. E. Aminanto, S. Sutikno","doi":"10.1109/ICAICTA.2014.7005905","DOIUrl":null,"url":null,"abstract":"Indonesia electronic identity card (KTP-el) system consisting wireless smartcard, smartcard reader and inhabitants database. Personal data of card holder are stored inside the card. These data can be viewed or taken by unauthorized party. Therefore, in this paper, we discuss about possible threats to the physical of KTP-el reader and the data reading process by KTP-el reader, to consolidate security of data reading process by KTP-el reader. Then, we generate Protection Profile (PP) and Security Target (ST) for KTP-el reader based on the Common Criteria (CC). We have shown how the development process of an IT product with security features that follows the international agreement, by generating the PP and ST document. This paper also conducted a gap analysis between the list of security requirements defined in PP/ST and security features of KTP-el reader prototype owned by Indonesia Agency for the Assessment and Application of Technology (BPPT). Lastly, we propose the list of recommended security requirements that shall be considered by BPPT to consolidate security of KTP-el reader.","PeriodicalId":173600,"journal":{"name":"2014 International Conference of Advanced Informatics: Concept, Theory and Application (ICAICTA)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Development of protection profile and security target for Indonesia electronic ID card's (KTP-el) card reader based on common criteria V3.1:2012/SNI ISO/IEC 15408:2014\",\"authors\":\"M. E. Aminanto, S. Sutikno\",\"doi\":\"10.1109/ICAICTA.2014.7005905\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Indonesia electronic identity card (KTP-el) system consisting wireless smartcard, smartcard reader and inhabitants database. Personal data of card holder are stored inside the card. These data can be viewed or taken by unauthorized party. Therefore, in this paper, we discuss about possible threats to the physical of KTP-el reader and the data reading process by KTP-el reader, to consolidate security of data reading process by KTP-el reader. Then, we generate Protection Profile (PP) and Security Target (ST) for KTP-el reader based on the Common Criteria (CC). We have shown how the development process of an IT product with security features that follows the international agreement, by generating the PP and ST document. This paper also conducted a gap analysis between the list of security requirements defined in PP/ST and security features of KTP-el reader prototype owned by Indonesia Agency for the Assessment and Application of Technology (BPPT). Lastly, we propose the list of recommended security requirements that shall be considered by BPPT to consolidate security of KTP-el reader.\",\"PeriodicalId\":173600,\"journal\":{\"name\":\"2014 International Conference of Advanced Informatics: Concept, Theory and Application (ICAICTA)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 International Conference of Advanced Informatics: Concept, Theory and Application (ICAICTA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICAICTA.2014.7005905\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 International Conference of Advanced Informatics: Concept, Theory and Application (ICAICTA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICAICTA.2014.7005905","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Development of protection profile and security target for Indonesia electronic ID card's (KTP-el) card reader based on common criteria V3.1:2012/SNI ISO/IEC 15408:2014
Indonesia electronic identity card (KTP-el) system consisting wireless smartcard, smartcard reader and inhabitants database. Personal data of card holder are stored inside the card. These data can be viewed or taken by unauthorized party. Therefore, in this paper, we discuss about possible threats to the physical of KTP-el reader and the data reading process by KTP-el reader, to consolidate security of data reading process by KTP-el reader. Then, we generate Protection Profile (PP) and Security Target (ST) for KTP-el reader based on the Common Criteria (CC). We have shown how the development process of an IT product with security features that follows the international agreement, by generating the PP and ST document. This paper also conducted a gap analysis between the list of security requirements defined in PP/ST and security features of KTP-el reader prototype owned by Indonesia Agency for the Assessment and Application of Technology (BPPT). Lastly, we propose the list of recommended security requirements that shall be considered by BPPT to consolidate security of KTP-el reader.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
