TY - GEN
T1 - Development of protection profile and security target for Indonesia electronic ID card's (KTP-el) card reader based on common criteria V3.1:2012/SNI ISO/IEC 15408:2014
AU - Aminanto, Muhamad Erza
AU - Sutikno, Sarwono
N1 - Publisher Copyright:
© 2014 IEEE.
PY - 2015/1/9
Y1 - 2015/1/9
N2 - Indonesia electronic identity card (KTP-el) system consisting wireless smartcard, smartcard reader and inhabitants database. Personal data of card holder are stored inside the card. These data can be viewed or taken by unauthorized party. Therefore, in this paper, we discuss about possible threats to the physical of KTP-el reader and the data reading process by KTP-el reader, to consolidate security of data reading process by KTP-el reader. Then, we generate Protection Profile (PP) and Security Target (ST) for KTP-el reader based on the Common Criteria (CC). We have shown how the development process of an IT product with security features that follows the international agreement, by generating the PP and ST document. This paper also conducted a gap analysis between the list of security requirements defined in PP/ST and security features of KTP-el reader prototype owned by Indonesia Agency for the Assessment and Application of Technology (BPPT). Lastly, we propose the list of recommended security requirements that shall be considered by BPPT to consolidate security of KTP-el reader.
AB - Indonesia electronic identity card (KTP-el) system consisting wireless smartcard, smartcard reader and inhabitants database. Personal data of card holder are stored inside the card. These data can be viewed or taken by unauthorized party. Therefore, in this paper, we discuss about possible threats to the physical of KTP-el reader and the data reading process by KTP-el reader, to consolidate security of data reading process by KTP-el reader. Then, we generate Protection Profile (PP) and Security Target (ST) for KTP-el reader based on the Common Criteria (CC). We have shown how the development process of an IT product with security features that follows the international agreement, by generating the PP and ST document. This paper also conducted a gap analysis between the list of security requirements defined in PP/ST and security features of KTP-el reader prototype owned by Indonesia Agency for the Assessment and Application of Technology (BPPT). Lastly, we propose the list of recommended security requirements that shall be considered by BPPT to consolidate security of KTP-el reader.
KW - common criteria
KW - protection profile
KW - security requirement
KW - security target
KW - smartcard
KW - smartcard reader
UR - http://www.scopus.com/inward/record.url?scp=84922188778&partnerID=8YFLogxK
U2 - 10.1109/ICAICTA.2014.7005905
DO - 10.1109/ICAICTA.2014.7005905
M3 - Conference contribution
AN - SCOPUS:84922188778
T3 - Proceedings - 2014 International Conference on Advanced Informatics: Concept, Theory and Application, ICAICTA 2014
SP - 1
EP - 6
BT - Proceedings - 2014 International Conference on Advanced Informatics
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2014 International Conference on Advanced Informatics: Concept, Theory and Application, ICAICTA 2014
Y2 - 20 August 2014 through 21 August 2014
ER -