<![CDATA[The second level e-KTP reader device is an electronic data reader device stored in the e-KTP chip by applying a verification device in the form of a fingerprint/face scan. The data stored in the e-KTP chip is personal data that is general and specific, as stated in Law Number 27 of 2022. Therefore, users of e-KTP readers as controllers and processors of personal data are obliged to prevent unauthorised access lawfully by using a security system reliably, safely and responsibly. Permendagri Number 76 of 2020 requires compliance with product standards by involving relevant K/L agencies in the security sector as a form of supervision. Based on BSSN Regulation 15 of 2019, implementing the evaluation process in Indonesia's common criteria scheme requires a Protection Profile document to support the evaluation of IT device security. However, there is no Protection Profile document for e-KTP reader devices that have been certified so that it can be used as a reference in developing IT devices to support the evaluation of IT device security. Therefore, in this study, developing Protection Profiles for e-KTP readers based on ISO/IEC 15408 and ISO/IEC TS 19608: 2018 was carried out to prepare functional security requirements and security guarantees by considering the protection of personal data. While the developing method used is based on ISO/IEC TR 15446:2017. The results of this study are preparing a Protection Profile document consisting of 25 functional security requirements to fulfil 8 device security objectives with a level of security assurance at Evaluation Assurance Level (EAL) 4. Then the design results are tested based on the Assurance Protection Profile Evaluation class (APE) ISO/IEC 18045:2022 and declared to meet the criteria based on the ISO/IEC 15408 series.]]>
Copyrights © 2023
