Skip to main content

Standards

This page gives an overview of the various norms and standards around eIDAS. These norms translate the high-level requirements of the eIDAS regulation into more concrete technical language and requirements.

EN 419221-5

Title: Protection Profiles for TSP Cryptographic Modules – Part 5: Cryptographic Module for Trust Services

Content: This norm defines the requirements of a Cryptographic Module (CM) used by eIDAS trust services. This includes the functionality of traditional HSMs: key generation, signing, random number generation, backup, role concept, and so on.

Audience: HSM vendors have their devices certified according to this norm. Primus HSM is certified as such a CM.

EN 419241-1

Title: Trustworthy Systems Supporting Server Signing – Part 1: General System Security Requirements

Content: As the name implies, this norm defines the general system requirements (functionality and security) of a remote signing architecture. This includes the Server Signing Application, the signer's environment versus the TSP environment, the Signature Creation Device (with the CM and SAM), and how all of these components interact. This norm also specifies SCAL1/SCAL2 (for authorization) and the requirements on signer authentication.

Audience: Trust service operators have their overall system (architecture, integration, environment) certified according to this norm.

EN 419241-2

Title: Trustworthy Systems Supporting Server Signing – Part 2: Protection Profile for QSCD for Server Signing

Content: This norm describes the security objectives and the security requirements for a Signature Activation Module (SAM). The concept of a SAM is already introduced by EN 419241-1, where it is part of the overall system and integral for achieving SCAL2.

Audience: SAM vendors have their SAM product certified according to this norm. Primus HSM is certified as such a SAM.

Protection Profiles

EN 419221-5 and EN 419241-2 are Protection Profiles for a CM and a SAM, respectively. Protection Profiles enable buyers to trust that a product achieves a certain security level.

A Protection Profile (PP) starts from a security problem (objective, assumptions, threats) and defines security functional requirements (SFR) and security assurance requirements (SAR) that ensure that the security objective is met. These requirements are implementation-agnostic. Vendors define a Security Target for their product (for example, see the Primus HSM Security Target). Independent labs then test the product and verify that the Security Target fulfills the requirements of the PP. This results in the issuing of a Common Criteria certificate, which certifies the product for a specific PP (see the Primus HSM certificate).

Responsibilities

Product vendors (such as Securosys) build CM and SAM products (such as Primus HSM) and carry them through the certification process. This gives buyers the assurance that the requirements of EN 419221-5 and EN 419241-2 are met.

Trust Service Providers (TSPs) assemble these products into a complete trust service offering. The TSP needs to obtain a certification under EN 419241-1, to validate the TSP environment and the integration of the individual products.

Get started withCloudHSM for free.
Other questions?Ask Sales.
Feedback
Need help?