Council Regulation (EEC) No 3821/85 of 20 December 1985 on recording equipment in road transport (c. 3821)

[F1 [F2ANNEX I B U.K. REQUIREMENTS FOR CONSTRUCTION, TESTING, INSTALLATION AND INSPECTION

Textual Amendments

F1 Inserted by Council Regulation (EC) No 2135/98 of 24 September 1998 amending Regulation (EEC) No 3821/85 on recording equipment in road transport and Directive 88/599/EEC concerning the application of Regulations (EEC) No 3820/85 and (EEC) No 3821/85.

F2 Substituted by Commission Regulation (EC) No 1360/2002 of 13 June 2002 adapting for the seventh time to technical progress Council Regulation (EEC) No 3821/85 on recording equipment in road transport (Text with EEA relevance).

Appendix 10 GENERIC SECURITY TARGETS

TACHOGRAPH CARD GENERIC SECURITY TARGET U.K.

4. Security enforcing functions U.K.

4.2. User identification and authentication U.K.

The card must identify the entity in which it is inserted and know whether it is an authenticated vehicle unit or not. The card may export any user data whatever the entity it is connected to, except the control [F3and the company card] which may export card holder identification data to authenticated vehicle units only (such that a controller is ensured that the vehicle unit is not a fake one by seeing his name on display or printouts).

Textual Amendments

F3 Inserted by Commission Regulation (EC) No 432/2004 of 5 March 2004 adapting for the eighth time to technical progress Council Regulation (EEC) No 3821/85 of 20 December 1985 on recording equipment in road transport (Text with EEA relevance).

4.2.1. User identification U.K.

Assignment (FIA_UID.1.1) List of TSF mediated actions : none.

[X1Assignment (FIA_ATD.1.1) List of security attributes :

Editorial Information

X1 Substituted by Corrigendum to Commission Regulation (EC) No 1360/2002 of 13 June 2002 adapting for the seventh time to technical progress Council Regulation (EEC) No 3821/85 on recording equipment in road transport (Official Journal of the European Communities L 207 of 5 August 2002).

USER_GROUP

VEHICLE_UNIT, NON_VEHICLE_UNIT,

USER_ID

Vehicle Registration Number (VRN) and registering Member State code (USER_ID is known for USER_GROUP = VEHICLE_UNIT only).]

4.2.2. User authentication U.K.

Assignment (FIA_UAU.1.1) List of TSF mediated actions :

Driver and Workshop cards: export user data with security attributes (card data download function),
Control card: export user data without security attributes except cardholder identification data.

[UIA_301] Authentication of a vehicle unit shall be performed by means of proving that it possesses security data that only the system could distribute.

Selection (FIA_UAU.3.1 and FIA_UAU.3.2): prevent.

Assignment (FIA_UAU.4.1) Identified authentication mechanism(s) : any authentication mechanism.

[UIA_302] The Workshop card shall provide an additional authentication mechanism by checking a PIN code (This mechanism is intended for the vehicle unit to ensure the identity of the card holder, it is not intended to protect workshop card content).

4.2.3. Authentication failures U.K.

[F4Additionally the following assignments describe the card reaction for each single user authentication failure.

Textual Amendments

F4 Substituted by Commission Regulation (EC) No 432/2004 of 5 March 2004 adapting for the eighth time to technical progress Council Regulation (EEC) No 3821/85 of 20 December 1985 on recording equipment in road transport (Text with EEA relevance).

Assignment (FIA_AFL.1.1) Number : 1, list of authentication events : authentication of a card interface device.

Assignment (FIA_AFL.1.2) List of actions :

warn the entity connected,
assume the user as NON_VEHICLE_UNIT.

Additionally the following assignments] describe the card reaction in the case of failure of the additional authentication mechanism required in UIA_302.

Assignment (FIA_AFL.1.1) Number : 5, list of authentication events : PIN checks (workshop card).

Assignment (FIA_AFL.1.2) List of actions :

warn the entity connected,
block the PIN check procedure such that any subsequent PIN check attempt will fail,
be able to indicate to subsequent users the reason of the blocking.] ]