In the second part of the Cammon Criteria standards, there is a class called FTP . For security reasons, smart cards and Java cards mention that a card must meet these requirements. Below you see two elements of this class for my JCOP v2.4.2 r3 smart card:
6.1.9.10 FTP_ITC.1 / CM trusted channel between TSF
The TSF must provide a communication channel between itself and another reliable IT product that is logically different from other communication channels and provides certified identification of its end points and protects the channel data from modification or disclosure of information.
- FTP_ITC.1.2 / CM: [Editorial Refined]
The TSF must allow the CAD placed in the secure environment of the card issuer to initiate communication through a trusted channel.
TSF must initiate communication through a trusted channel to download / install a new application package to the card. Application Note: there is no dynamic download of the package to the Java card. Platform. New packages can be installed on the card only at the request of the card issuer.
6.1.14.2 FTP_ITC.1 / LifeCycle Inter-TSF Trusted Channel
The TSF must provide a communication channel between itself and another trusted IT product that is logically distinct from other communication channels and provides identification of its endpoints and protection of the channel data from change or disclosure.
The TSF permits [assignment: another trusted IT product] to initiate communication through a trusted channel.
TSF [: ].
, , , ? APDU ?
, APDU ? , SELECT APDU plain (= 00a40400...)? ?
user3739941