September 27, 201112th ICCC in Malaysia

Kenjiro SASAOKAGeneral Manager, Councilor

IT Security CenterInformation-technology Promotion Agency (IPA)

Update on Japanese Scheme - Enforcement utilizing certified products for procurement in Japanese Government -

Japan Information Technology Security Evaluation and Certification Scheme

1

Topics

2

1. Legal Basis of JISEC2. Update on IPA3. Overview of JISEC4. Renewal of Scheme Documents5. Hardware (smartcard etc.) Evaluation6. Certification Statistcis7. PP Compliant MFPs8. Reinforcement of National Procurement Policy9. Renewal of JISEC Website10.Collaboration within CCRA for future improvement

1. Legal Basis of JISEC, IPA Certification

3

Information-technology Promotion Agency (IPA) is Incorporated administrative agency, established in 1970 by Japanese Law “Act on Facilitation of Information Processing (Act No.90 of 1970).”

IPA became Certification Body on April 2004 under IT Security Policy of METI, Ministry of Economy, Trade and Industry.Rationale is described in the provision of article 20, paragraph 1, item 5 of “Act on Facilitation of Information Processing”, which was revised on January 5, 2004.

“With the aim to ensure the security and reliability of information processing, evaluates from technical perspective the information processing systems.”

After approval as a Certification Authorizing Participant of CCRA on October 2003, Certification Body transferred from NITE to IPA on April 2004.

NITE is Accreditation Body of JISEC under ASNITE-IT accreditation program, which has the scope of Testing Laboratories for IT security since April 2001.

2. Update on IPA

4

IT Human ResourceDevelopment Headquarters

IT Human ResourceIT Human ResourceDevelopment HeadquartersDevelopment Headquarters

Software EngineeringCenter

Software EngineeringSoftware EngineeringCenterCenter

IT Security CenterIT Security CenterIT Security Center

Open Software CenterOpen Software CenterOpen Software Center

Organization

IPA reviewed the organization structure based on efficiency aspect and ...

IT Skill StandardsCenter

IT Skill StandardsIT Skill StandardsCenterCenter

Japan IT EngineerExamination CenterJapan IT EngineerJapan IT Engineer

Examination CenterExamination Center

ChairmanChairmanChairman

ExecutiveDirectors

ExecutiveExecutiveDirectorsDirectors

Mr. Kazumasa Fujie

Industrial-AcademicCollaboration Center

IndustrialIndustrial--AcademicAcademicCollaboration CenterCollaboration Center

Before 1st July, 2011

2. Update on IPA

5

IT Human ResourceDevelopment Headquarters

IT Human ResourceIT Human ResourceDevelopment HeadquartersDevelopment Headquarters

Software EngineeringCenter

Software EngineeringSoftware EngineeringCenterCenter

IT Security CenterIT Security CenterIT Security Center

Open StandardsPromotion CenterOpen StandardsOpen Standards

Promotion CenterPromotion Center

Organization

Technology Headquarters was established on 1st July, 2011.Software Engineering Center, IT Security Center and Open Standards Promotion Center involved in Technology Headquarters.

Technology HeadquartersTechnology HeadquartersTechnology Headquarters

IT Skill StandardsCenter

IT Skill StandardsIT Skill StandardsCenterCenter

Japan IT EngineerExamination CenterJapan IT EngineerJapan IT Engineer

Examination CenterExamination Center

ChairmanChairmanChairman

ExecutiveDirectors

ExecutiveExecutiveDirectorsDirectors

Mr. Kazumasa Fujie

Industrial-AcademicCollaboration Center

IndustrialIndustrial--AcademicAcademicCollaboration CenterCollaboration Center

As of 1st July, 2011

started 1990. Center established 1997.           

about 100 researchers and staffs.

established 1970. 10 departments & centers.

IT Security Center

Cryptography Research Group

Security Engineering Laboratory(Handling Vulnerability, Virus and Unauthorized Access)

Information Security Certification Office (=JISEC)

Open Standards Promotion Center

Software Engineering Center

Cryptographic Module Validation Program Office(=JCMVP)

Chair: Mr. Fujie

organized  1998.                                                

JISEC  scheme transferred from NITE 2004.                       

14 certifiers. (Including 4 certifiers for H/W certification.)

As of 19th

Aug, 2011

2. Update on IPA IT Security Center (IPA/ISEC)

7

National Institute of Technology and Evaluation (NITE)

National Institute of Technology and Evaluation (NITE)

Information-technology Promotion Agency, JapanInformation-technology Promotion Agency, Japan

Certification

ITSC：IT Security Center, Evaluation Department, ECSEC：Electronic Commerce Security Technology Laboratory Inc. Evaluation Center, MHIR：

Mizuho Information & Research Institute, Inc. Center for Evaluation of Information Security, TÜViT：TÜV Informationstechnik GmbH, Evaluation Body for IT-Security

Procurers and Venders ofIT Products and IT SystemsProcurers and Venders of

IT Products and IT Systems

Certification Report

Certification Report

CertificateEvaluation

accreditation of Evaluation Facilities

ISO/IEC 15408ISO/IEC 15408

ITSC、ECSEC MHIR、TÜViT*

Evaluation Technical Report

Application

Target Products

Hardware SoftwareSmartcard IT Systems

Certification Body

Accreditation Body

Sponsor

Approval of Evaluation Facilities

Application

Evaluation Facility

3. Overview of JISEC(Japan IT Security Evaluation and Certification Scheme)

4. Scheme Documents of JISEC

8

Objective: To approve Evaluation Facility for Hardware (smartcard etc.) evaluationTo improve application procedures for certificationTo clarify provisions of Scheme documents

Scheme Documents – Revised on February 2011CCS-01 : IT Security Evaluation and Certification Scheme

Minor RevisionCCM-01 : Organization and Operation manual of the IT Security Certification

Body IT Security (Quality Manual) Minor Revision

CCM-02 : IT Security Certification ProcedureMajor Revision

CCM-03 : Evaluation Facility Approval ProcedureMajor Revision

STM-01 : Security Target Confirmation ProcedureNEW, separated from CCM-02

4. Scheme Documents of JISEC

9

Changes in “CCM-02 : IT Security Certification Procedure”Evaluation Term : Evaluation works shall be completed within 24 months.Extra charge for travel expense:

Extra charge for travel expense of overseas site visit will be collectedbased on the beneficiaries-pay principle.

Non-disclosure agreement:Third party, who will disclose confidential information during evaluation, can concluded NDA with Certification Body, in such cases for CompositeEvaluation of Smartcard, etc.

Clarification: Provision of Obligation for Sponsor of Certified Product was added.

Changes in “CCM-03 : Evaluation Facility Approval Procedure”Product Categories for Software and/or Hardware (Smartcard etc.) was

introduced to specify the scope of Approval as an Evaluation Facility,and the scope of Qualification as an Evaluator.

Extra charge for travel expense of overseas examination to qualify an evaluatorwas introduced.

Charge for Application from Evaluation Facility was introduced.Clarification: Requirements for Evaluation Facility and Evaluator were revived.

5. Hardware (smartcard etc.) Evaluation

10

JISEC is ready for accepting Application of Hardware certification such as Smartcard or Integrated Circuit.

Technical Manager (Hardware) was designated.

Four certifiers were trained as Certifiers (Hardware) , and after trial certification, they will be approved officially.

Training for AVA_VAN.5 with Test Vehicle on going.

Collaborating Technical Community, Attack Database forvulnerability analysis has developed.

5. Hardware (smartcard etc.) Evaluation

11

Two (2) Hardware Evaluations on Going for Trial

Integrated Circuit RS45C claimed Conformance to BSI-PP-0035Assurance Components: EAL5+ ALC_DVS.2, AVA_VAN.5On going evaluation under JISECAfter successful completion of evaluation, qualification of evaluator(s) and

approval of evaluation facility, CC certificate will be issued.Evaluation Facility is required to have Approval and Accreditation for

Evaluation Facility for Hardware (smartcard etc.) products.

T6ND7 Integrated Circuit Version 1.0 claimed Conformance to BSI-PP-0035Assurance Components: EAL4+ ALC_DVS.2, AVA_VAN.5After successful completion of evaluation, qualification of evaluator(s) and

approval of evaluation facility, CC certificate will be issued.

5. Hardware (smartcard etc.) Evaluation

12

Development of Test Vehicle, which enables objective assessment for Evaluator’s skill in vulnerability analysis of Smartcards

Reference Smartcard with appropriate strength for security countermeasures.To assess evaluator’s skill in power analysis technologyTo assess evaluator’s skill in physical analysis technologyTo assess evaluator’s skill in fault analysis technology

Presentation for Test Vehicle at Session No. on Day Two, 28 September 2011Please come to TRACK A room at 14:00.

1) Some Schemes of CCRA are reviewing the Test Vehicle.

We are ready to accept any comments for improvement.

2) Another type of Test Vehicle such as Java Chip is planned for development.

(As of August, 2011)

13

Certification Statistics ‐ Certificates

0

10

20

30

40

50

60

70

Num

ber of Certificates

Certification 0 2 5 17 23 43 62 59 42 34 26

Assurance Continuity 0 0 0 3 10 9 12 13 10 13 3

ST Confirmation 0 3 6 15 3 3 5 8 4 1 0

FY2001 FY2002 FY2003 FY2004 FY2005 FY2006 FY2007 FY2008 FY2009 FY2010Apr-Aug

2011

6. Certification Statistics

(As of August, 2011)

14

Certification Statistics ‐ EALs

0

5

10

15

20

25

30

35

Num

ber of Certificates

EAL1 0 0 1 1 8 10 10 1 2 1

EAL2 0 1 5 9 16 19 18 4 0 2

EAL3 2 2 8 12 19 27 27 32 32 23

EAL4 0 2 3 1 0 6 4 4 0 0

FY2002 FY2003 FY2004 FY2005 FY2006 FY2007 FY2008 FY2009 FY2010 FY2011

6. Certification Statistics

(As of August, 2011)

15

6. Certification Statistics

Product Categories

68%

11%

4%

4%

2%2%

2%1%1%1%1%1%1%1%0%

Digital MFP

Middleware

DBMS

Smartcards and related Products

Firewalls

Application Software

Network Software

PKI Products

Network Devices

Financial Devices

Software Library

OS

Document Management

Digital Still Camera

Biometrics

RICOH COMPANY, LTD. C0246: Ricoh imagio MP 5000 SP/4000 SP with security card Type 9C0285: Ricoh Aficio MP 4001, … etc.C0286: Ricoh Aficio MP 2851, … etc.C0289: Ricoh Aficio MP 6001, … etc.C0299: Ricoh imagio MP C3301 SP/ … etc.C0300: Ricoh Aficio MP C3001/ … etc.C0301: Ricoh imagio MP 5000 SP/ … etc.C0302: Ricoh Aficio MP C4501/ … etc.

Canon Inc. C0287: Canon imageRUNNER ADVANCE C5000 Series 2600.1 model

Fuji Xerox Co., Ltd.C0294: Xerox Color 550/560 Printer

(As of August 2011)

10 Multi-Function Peripherals are certified as IEEE 2600.1 compliant

16

7. PP Compliant MFPs

17

Established by the Information Security Policy Council on April 21, 2011■Security Requirements on IT Systems【Baseline Requirement】When purchasing component products for the Information System, the Chief Information Security Officer shall examine the necessity of selecting the certified products based on "IT Security Evaluation and Certification Scheme“. If it is necessary and there are multiple candidate products which are equipped with required security functions, he/she shall select the certified product which also satisfies the required assurance level.

【Enhanced Requirement】Chief Information Security Officer shall request for ST evaluation and ST confirmation (ST: Security Target, i.e. the Security Functional Design of the System) by the third party if he/she recognizes critical security requirements in the information system being implemented.

■Procurement of equipments【Baseline Requirement】The Chief Information Security Officer shall specify in the selection criteria that certification based on IT Security Evaluation and Certification Scheme shall be taken into consideration when there are Security Functional Requirements and the procurement is made through the General Assessment Tendering System.

■Software Development【Baseline Requirement】Chief Information Security Officer shall request for ST evaluation and ST confirmation (ST: Security Target, i.e. the Security Functional Design of the Software) by the third party if he/she recognizes critical security requirements in the software being developed.

URL http://www.nisc.go.jp/eng/pdf/K304-101e.pdf

Management Standards for Information Security Measures for the Central Government Computer Systems

8. Reinforcement of National Procurement Policy

18

METI April 21, 2011

URL http://www.meti.go.jp/policy/netsecurity/cclistmetisec2011.pdf (written in Japanese)

Smartcards（IC Cards）

Firewalls OS（Server OS only）

Digital MFP（MFP）

IDS/IPSDatabase （DBMS）

Category

Definition

Use

Criteria

GenerallyRequired Security Functions

Standard EAL

Product that embedded IC chip into the plastic card to record information.

Product placed in boundary of the Internet and internal network to filter the packets, according to the predefined rules.

Basic software used for hardware control and operation of computer.

Product that has printer function in standard, and equips with two functions or more of scanner, fax, and copy by standard.

Product that monitors operational status of network and system, reports and defends invasion to computer network of organization from outside.

Product that manages database as shared data and responds to the access request to data.

Basic Resident Registration Card and IC passport, are widely distributed to the people and used for the personal identification and authorization.

System that protects IT systems which handle critical information to beprotected fromunauthorizedaccess.

Operating Systemas basis of IT Systemwhich handlescritical informationto be protected.

Equipment used for copying, digitization, and transmission of the critical information that should be protected.

System that detects and prevents unauthorized access from the Internet by observing the communication on the network.

Software that is used to store the critical information like personal information that should be protected as data base.(only in Server OSenvironment.)

ISO/IEC 15408Common Criteria

ISO/IEC 15408Common Criteria

ISO/IEC 15408Common Criteria

ISO/IEC 15408Common Criteria

ISO/IEC 15408Common Criteria

ISO/IEC 15408Common Criteria

Select security functions according to needs of procurers in the list of catalogue as below;Security audit, Non-repudiation of origin/receipt, Cryptographic functionality, Access control, Data authentication, Export data protection, Information flow control, Input data protection, Internal transfer data protection, Residualinformation protection, Role-back, Stored data integrity, Transfer data confidentiality, Transfer data integrity,Identification and certification, Security management, Privacy Control, Security functionality protection, Resourceutilization management, TOE access control, Trusted path/channels

Refer to IPA website for security functionalities of each certified products.

EAL4+ and over EAL4 and over EAL3 and over EAL3 and over EAL3 and over EAL2 and over

Product Category List in Management Standards for Information Security Measures

8. Reinforcement of National Procurement Policy

9. Renewal of JISEC Website

19

To Utilize the Certified Products List for National Procurement

Certified Products List for ProcurementList was separated according to CC Version

Certified Products List for CCv3.1 was separated from CCv2.3, CCv2.1.Security Functional Requirements

SFRs Table of each certified product enables easy comparison of certified products in same category.

Archived Products ListDiscontinued Products can be found in Archived Products List. Certified Products List contains only the products on the market. Sponsors of Certified products shall report to Certification Body when certified

product will be sold on the market.Procurer can select the certified products from Certified Products List on

JISEC website.

20

Collaborating MFP and Smartcard Technical Communities...

1) MFP is the major product type in JISEC certified products list.

In other words, JISEC has the most experiences in certification of MFPs.

JISEC plans to contribute to develop the new PP and supporting documents with Technical community and related schemes utilizing its experiences and knowledge.

2) Smartcard is the HOT topic in JISEC scheme.

IPA developed so-called “Test Vehicle” for evaluator assessment. ICSS-JC is Technical Community in Japan, and JISEC is collaborating with them on Study for vulnerability analysis, etc.

10. Collaboration within CCRA

Common Criteria is moving to future successPreparing to react to the future changes in CC and Collaborative PPs.Preparing to revise the requirement for Procurement Policy.Collaborating with Technical Communities for appropriate PPs.

Expand Mutual Recognition among CCRAStatement published in 11th ICCC, Certification within CCRA shall expand in order to eliminate the burden of duplicating evaluations of IT products and Protection Profiles.New Participants of CCRA are welcome!!

To support Government ProcurementTo Promote deployment of CC certified products to Government Organization progressively.

21

10. Collaboration within CCRA

JISEC InformationURL：

English: http://www.ipa.go.jp/security/jisec/jisec_e/Japanese: http://www.ipa.go.jp/security/jisec/

Thank you for your attentionThank you for your attention

Kenjiro SASAOKA

General Manager, CouncilorIT Security CenterIPA, Japan

Japan Information Technology Security Evaluation and Certification Scheme

22