Manualshelf

Specifications

ManualsBrandsVDO ManualsOtherDTCO 1381 REL. 1.3 -
21222324252627282930
S E C U R I T Y T A R G E T D T C O 1 3 8 1 , R e l e a s e 1 . 3 v
Designed by
Date
Department
Released by
Winfried Rogenz
Date
2012-04-25
Department
I CV AM TTS
LR
H
Designation
Security Target DTCO 1381, Release 1.3v
Document
40225345 SPE 000 AB
Version
Pages
27 / 52
Observe
Protection marks for restricting the use of documents and products
(DIN 34: 1998-01)
The copying, distribution and utilization of this document as well as the
communication of its contents to others without expressed authorization
is prohibited. Offenders will be held liable for the payment of damages.
All rights reserved in the event of the grant of a patent, utility model or
ornamental design registration.
Observe
Protection marks for restricting the use of documents and products
(DIN 34: 1998-01)
6.1.2 User identification and authentication
UIA_207
The VU shall permanently and selectively track the identity of two users, by monitoring
the tachograph cards inserted in respectively the driver slot and the co-driver slot of the
equipment.
UIA_208
The user identity shall consist of:
-
a user group:
-
DRIVER (driver card),
-
CONTROLLER (control card),
-
WORKSHOP (workshop card),
-
COMPANY (company card),
-
UNKNOWN (no card inserted),
-
a user ID, composed of :
-
the card issuing Member State code and of the card number,
-
UNKNOWN if user group is UNKNOWN.
UNKNOWN identities may be implicitly or explicitly known.
UIA_209
The VU shall authenticate its users at card insertion.
UIA_210
The VU shall re-authenticate its users:
-
At power supply recovery,
-
periodically or after occurrence of specific events (
TBD by manufacturers: every 12
hours and more frequently than once per day
).
UIA_211
Authentication shall be performed by means of proving that the card inserted is a valid
tachograph card, possessing security data that only the system could distribute. Authen-
tication shall be mutual and triggered by the VU.
UIA_212
In addition to the above, workshops shall be required to be successfully authenticated
through a PIN check. PIN's shall be at least 4 characters long.
Note: In the case the PIN is transferred to the VU from an outside equipment located in
the vicinity of the VU, PIN confidentiality need not be protected during the transfer.
UIA_213
The VU shall detect and prevent use of authentication data that has been copied and
replayed.
UIA_214
After 5 consecutive unsuccessful authentication attempts have been detected, the SEF
shall:
-
generate an audit record of the event,
-
warn the user,
-
assume the user as UNKNOWN, and the card as non valid (definition z) and re-
quirement 007).