Skip to main content

EUDI Security Requirements

85 requirements mapped to controls.

Requirements

RequirementTitleControlsOwner
GEN-5-01Risk management framework per EN 319 401SID-ORG-03operator
GEN-5-02Risk assessment considering CIR 2024/2981 risk registerSID-ORG-03operator
GEN-6.1-01Wallet service practice statement per EN 319 401SID-ORG-06operator
GEN-6.2-01Terms and conditions per EN 319 401SID-ORG-07operator
GEN-6.2-02Published T&C shall include privacy policySID-ORG-07operator
GEN-6.3-01Information and network security policy per EN 319 401SID-ORG-01operator
GEN-7.1.1-01Organizational requirements per EN 319 401SID-ORG-02operator
GEN-7.1.1-02Operate ISMS based on proven standardsSID-ORG-03operator
GEN-7.3.2-02Classification level for WSCA/WSCD critical assetsSID-CRYPTO-02, SID-CRYPTO-03platform
GEN-7.5-02Use ECCG Agreed Cryptographic MechanismsSID-CRYPTO-01, SID-CRYPTO-04, SID-CRYPTO-05platform
GEN-7.5-03Critical crypto assets on provider systems protected with HSM-level resistanceSID-CRYPTO-01platform
GEN-7.9.1-01Monitoring and logging per EN 319 401SID-AUDIT-01, SID-OPS-06platform
GEN-7.9.2-01Incident response per EN 319 401SID-OPS-01operator
GEN-7.9.6-01Fraud management processSID-OPS-07operator
WPS-8.1.1-Sec-01Issue WUA to each wallet unit, authenticate wallet instanceSID-HARD-06platform
WPS-8.1.1-Sec-02Verify wallet instance integrity before issuing WUASID-HARD-06platform
WPS-8.1.2-Fun-01Provision initial WSCA/WSCD during wallet activationSID-CRYPTO-02, SID-KEY-01platform
WUG-8.2.1-Fun-01Wallet unit generates or imports key pair for each PID/attestationSID-CRYPTO-03platform
WUG-8.2.1-Sec-02Private keys bound to WSCA/WSCD, never leaveSID-CRYPTO-02, SID-CRYPTO-03, SID-KEY-01, SID-KEY-03platform
WUM-8.2.2-Fun-01Support batch issuance methodsSID-TRANS-02platform
WUM-8.2.2-Fun-04User can manually initiate re-issuanceSID-DATA-07platform
WUM-8.2.2-Fun-06Compare re-issued attributes with existing, notify user of changesSID-DATA-07platform
WUM-8.2.2-Sec-07Prove re-issued credential goes to same wallet unit/WSCASID-KEY-01, SID-DATA-07platform
WUM-8.2.2-Fun-09Delete all PIDs/attestations of same type and provider simultaneouslySID-PRIV-03platform
WUM-8.2.2-Fun-10No provider notification on user-initiated deletionSID-PRIV-01platform
WUM-8.2.2-Sec-11Securely destroy WSCA/WSCD key material on deletionSID-CRYPTO-03, SID-KEY-03platform
WUP-8.2.3-Fun-01Relying party authentication using access certificate against LoTESID-TRUST-01, SID-TRUST-02, SID-TRUST-03platform
WUP-8.2.3-Fun-02Inform user if RP authentication failsSID-TRUST-03, SID-HARD-01, SID-TRUST-05platform
WUP-8.2.3-Fun-03Do not present attributes if RP auth failsSID-TRUST-03platform
WUP-8.2.3-Fun-04Display RP identity and requested attributes, ask user approvalSID-ACCESS-03platform
WUP-8.2.3-Fun-09PID presentation approval linked to WSCA/WSCD authenticationSID-AUTH-01, SID-KEY-01, SID-KEY-03platform
WUP-8.2.3-Fun-11Present only requested attributes after user approvalSID-DATA-01, SID-DATA-02, SID-PRIV-01platform
WUP-8.2.3-Sec-14Ensure presented attribute values are same as issuedSID-DATA-01, SID-DATA-02, SID-PRIV-02, SID-CRYPTO-04platform
WUH-8.3.1-Sec-01App-level auth shall not enable use of WSCA/WSCD-protected keysSID-AUTH-01, SID-KEY-01, SID-AUTH-05platform
WUH-8.3.1-Sec-02No operation before app-level authenticationSID-AUTH-01, SID-AUTH-02, SID-ACCESS-02, SID-AUTH-05platform
WUH-8.3.1-Sec-06Session idle timeout with user-configurable shorter timeoutSID-AUTH-02platform
WUH-8.3.1-Sec-07WSCA/WSCD authentication with 2+ factors of different categoriesSID-KEY-03, SID-CRYPTO-02platform
WUH-8.3.1-Sec-08WSCA/WSCD final verification on WSCD, resist high attack potentialSID-KEY-03platform
WUH-8.3.1-Sec-10WSCA/WSCD auth valid for single user-authorized operationSID-KEY-03platform
WUH-8.3.2-Sec-01Validate all external input format before useSID-HARD-02, SID-ACCESS-02, SID-TRANS-04platform
WUH-8.3.2-Sec-02Reject invalid input with minimal error message, warn userSID-HARD-01, SID-HARD-02platform
WUH-8.3.2-Sec-03Verify authenticity of external input before displaying to userSID-TRUST-03, SID-HARD-02platform
WUH-8.3.3-Sec-01Ensure LoTE is up-to-date before authenticity checkSID-TRUST-02, SID-TRUST-04platform
WUH-8.3.3-Sec-02Verify provider is in LoTE before authenticity checkSID-TRUST-01, SID-TRUST-03platform
WUH-8.3.3-Sec-03Use trust anchor from LoTE to verify item authenticitySID-TRUST-01, SID-TRUST-02, SID-KEY-02platform
WUH-8.3.3-Sec-04Parse/validate item after authenticity check, including expirySID-DATA-04platform
WUH-8.3.3-Sec-05Check revocation list is up-to-date before revocation checkSID-DATA-03platform
WUH-8.3.3-Sec-06Verify item has not been revokedSID-DATA-03platform
WIN-8.4.1-Sec-01Securely store/process data according to sensitivitySID-CRYPTO-03platform
WIN-8.4.1-Sec-03Prevent leakage of sensitive dataSID-HARD-05, SID-HARD-01, SID-HARD-08, SID-DATA-09platform
WIN-8.4.1-Sec-04Use cryptographically secure RNG for all random numbersSID-CRYPTO-05platform
WIN-8.4.1-Sec-06Mutual authentication and encryption between wallet unit componentsSID-TRANS-01, SID-AUTH-04platform
WIN-8.4.2-Sec-01Use platform UI mechanisms securelySID-HARD-05, SID-HARD-08platform
WIN-8.4.2-Sec-02Display information consistently, aware of phishingSID-AUTH-01, SID-HARD-05, SID-TRUST-03platform
WIN-8.4.3-Sec-01Require up-to-date platform versionSID-ARCH-02operator
WIN-8.4.3-Sec-02Mechanism to enforce wallet updatesSID-OPS-05platform
WIN-8.4.3-Sec-03Only use software components without known vulnerabilitiesSID-OPS-04platform
WIN-8.4.3-Sec-05Validate integrity of the platformSID-HARD-06platform
WIN-8.4.3-Sec-06Anti-tampering mechanismsSID-HARD-05platform
WIN-8.4.3-Sec-07Anti-static analysis mechanismsSID-ARCH-01, SID-HARD-09platform
WIN-8.4.3-Sec-08Anti-dynamic analysis techniquesSID-ARCH-01, SID-HARD-09platform
WIN-8.4.3-Sec-09Start activation process immediately after installSID-HARD-04platform
WIN-8.4.3-Sec-10Activation only with authenticated wallet provider backendSID-HARD-04, SID-TRANS-01platform
WIN-8.4.4-01Implement OWASP ASVS level 3SID-HARD-01, SID-HARD-02, SID-HARD-05, SID-AUTH-01, SID-CRYPTO-03, SID-HARD-08, SID-HARD-09platform
WIN-8.4.4-02Use only ECCG recommended crypto algorithmsSID-CRYPTO-01, SID-CRYPTO-04, SID-CRYPTO-05platform
WSA-8.5-01WSCA authenticates wallet provider before accepting requestsSID-KEY-01, SID-KEY-03platform
WSA-8.5-02WSCA authenticates wallet instance before accepting requestsSID-KEY-01, SID-KEY-03platform
WSA-8.5-06WSCA/WSCD with 2+ factor auth at LoA highSID-CRYPTO-02, SID-KEY-03platform
WSA-8.5-07WSCA mechanisms to manage and use keysSID-KEY-01, SID-CRYPTO-03platform
WSA-8.5-08WSCA only allows use of WSCD assets after user authenticationSID-KEY-01, SID-KEY-03, SID-AUTH-01platform
CS-I.2-ICTICT system conformity (infrastructure, hardening, monitoring)SID-OPS-02, SID-OPS-09operator
CS-I.2-DevDevelopment process (secure SDLC, code review, testing)SID-OPS-08, SID-OPS-12platform
CS-I.2-ChangeChange management processSID-OPS-05platform
CS-I.2-VulnVulnerability management processSID-OPS-04platform
CS-I.2-IncidentIncident management processSID-OPS-01operator
CS-I.2-FraudFraud management processSID-OPS-07operator
CS-I.3-WIWallet instance certified per FiTCEM Protection Profile + CIR 2015/1502SID-HARD-06, SID-OPS-08, SID-OPS-09platform
CS-I.3-WSCAWSCA certified per WSCA Protection Profile (CEN TC224 WG17)SID-KEY-01, SID-KEY-03, SID-KEY-04platform
CS-I.3-WUSWallet unit service evaluatedSID-AUTH-01, SID-AUTH-02, SID-TRANS-02, SID-TRANS-03platform
CS-I.3-LoadLoading and update process per EN 319 401SID-OPS-05operator
CS-I.3-ProvWallet provisioning and management serviceSID-AUTH-01, SID-HARD-04platform
CS-I.5-PIDPID provisioning service certified separatelySID-ARCH-02operator
CS-I.6-ValidValidation service for wallet/RP validitySID-TRUST-01, SID-TRUST-02platform
CS-II.1-SurvAnnual surveillance evaluation readinessSID-ORG-05operator
CS-III-PublicPublicly available security informationSID-ORG-06operator