CSRC   nistlogo
Home Library Services Events Advisories Contact Site Map  
SEARCH

PKI Home

Application Programming Interface (API)

Computer Security Objects Register (CSOR)

Documents

Federal Bridge Certification Authority (FBCA)

Interoperability Testbed

MISPC

Modeling PKI Architectures

Program Overview

Secure Mail

Testing PKI Components

TWG

NIST Cryptographic Standards

 
 


 
Security Requirements for PKI Components
developing a validation program for PKI components

The Certificate Issuing and Management Components (CIMC) Family of Protection Profiles defines requirements for components that issue, revoke, and manage public key certificates, such as X.509 public key certificates. A CIMC always includes a Certification Authority (CA) and may include Registration Authorities (RAs) and other subcomponents.

A CIMC consists of the hardware, software, and firmware that are responsible for issuing, revoking, and managing public key certificates. A CIMC does not include environmental controls (e.g., controlled access facility, temperature), policies and procedures, personnel controls (e.g., background checks and security clearances), and other administrative controls.

Version 1.0 of the Certificate Issuing and Management Components Protection Profile is now available in PDF format. This document specifies the functional and assurance security requirements for a CIMC. The intent of this family of Protection Profiles is to ensure specification of the complete set of requirements for a CIMC and not the specification of a subset of requirements implemented in a specific CIMC subcomponent. It includes all the technical features of a CIMC, regardless of which CIMC subcomponent performs the function. The document does not differentiate between functions that are typically performed by a CA and functions that are typically performed by a RA.

Revision History

  • November 3, 1999 - Initial Public Release Draft (titled Security Requirements for Certificate Issuing and Management Components).
  • December 16, 1999 - Second Public Release Draft.
    • Added sections on TOE Security Environment and Security Objectives.
    • All other sections of the document remain unchanged from initial public relase draft.
  • March 15, 2000 - Third Public Release Draft
    • This is the first draft of the Protection Profile in which all functional security requirements have been written in accordance with the Common Criteria.
    • The following aspects of the Protection Profile are not yet complete:
      • The CIMC access control policy has not yet been written.
      • Function security requirements that are not completely specified and that must be completed by the Security Target author (i.e., where the document says "ST assignment") must include some guidance to the ST author. This guidance has not yet been written.
  • May 5, 2000 - Fourth Public Release Draft
    • Added CIMC access control policy.
    • Added "applications notes" to provide guidance to the ST author on completing functional security requirements that are not completely specified.
  • July 7, 2000 - Fifth Public Release Draft
    • Changed certificate registration and certificate profile sections to allow for certificate formats other than X.509.
    • Added requirements that apply when OCSP is used to distribute revocation information.
    • Miscellaneous changes based on reviewers comments.
  • September 29, 2000 - Release of Certificate Issuing and Management Components document for Common Criteria Validation
  • January 26, 2001 - Minor editorial revisions.
  • September 5, 2001 - More minor editorial revisions.
    • Some assumptions, threats, objectives, and organization security policies were added, removed, or reworded.
    • Some functional security requirements were re-worded for clarification (without changing the meaning of the requirement).
    • FIA_AFL.1 was changed to exempt some authentications performed within FIPS 140-1 validated cryptographic modules from the FIA_AFL.1 requirements.
    • For Security Level 2, more cryptographic operations are required to be performed in FIPS 140-1 level 2 validated cryptographic modules instead of level 1.
  • October 31, 2001 - Version 1.0.
    • Redefined the TOE boundary. Many functional security requirements that were previously requirements for the TOE are now requirements for the IT environment. Functional security requirements that were moved to the IT environment include those functions that are performed by FIPS 140-1 validated cryptographic modules and those functions typically performed by operating systems.
 

Please read our NIST disclaimer and privacy policy.
The Computer Security Resource Center is in the Computer Security Division of the Information Technology Laboratory at the National Institute of Standards and Technology .
NIST is an agency of the U.S. Commerce Department's Technology Administration.
Please send comments or suggestions to cimc@nist.gov
Last Modified: October 30, 2001.