The TOE type is an open GlobalPlatform SE implementing the GlobalPlatform Card Specification ([GPCS]) and a Java Card runtime environment.
The TOE provides secure application execution and storage, protection of application code and data from unauthorised access and support for cryptographic key management and operations, CVM management, multiapplication deployment, and personalisation.
The TOE is composed of the following components:
- The certified hardware, either an IC and Dedicated Software certified against [PP-0084] or a 3S in SoC certified against [PP- 0117].
- The Java Card System including the runtime environment (JCRE), virtual machine (JCVM), and API (JCAPI). Native code may complete this layer. This may be certified according to [PP-JC]. The Java Card System is compliant with Java Card specifications versions ranging from 2.2 to 3.2 Classic Edition, including postissuance installation facilities of applications verified off-card.
- The GlobalPlatform Framework as a set of components covering the Card Manager (OPEN), the Trusted Framework, the GlobalPlatform APIs, and the ISD. Note that the APSD(s) and CASD(s) are optional.
The TOE user security guidance is part of the TOE.
The SE PP extends the Java Card PP Open Configuration [PP-JC] with security requirements for the GlobalPlatform Framework of the TOE. Following the approach used in the Java Card PP, the IC and the IC Dedicated Software are covered by security objectives for the TOE environment. In a conformant Security Target (ST), these become objectives for the TOE.



