@article{Gustiviana_Suryanto_2023, place={Purwokerto}, title={DEVELOPMENT OF PROTECTION PROFILE FOR SECOND-LEVEL E-KTP CARD READER BASED ON ISO/IEC 15408:2022 AND ISO/IEC TS 19608:2018}, volume={4}, url={https://jutif.if.unsoed.ac.id/index.php/jurnal/article/view/741}, DOI={10.52436/1.jutif.2023.4.2.741}, abstractNote={<p><em>The second level e-KTP reader device is an electronic data reader device stored in the e-KTP chip by applying a verification device in the form of a fingerprint/face scan. The data stored in the e-KTP chip is personal data that is general and specific, as stated in Law Number 27 of 2022. Therefore, users of e-KTP readers as controllers and processors of personal data are obliged to prevent unauthorised access lawfully by using a security system reliably, safely and responsibly. Permendagri Number 76 of 2020 requires compliance with product standards by involving relevant K/L agencies in the security sector as a form of supervision. Based on BSSN Regulation 15 of 2019, implementing the evaluation process in Indonesia’s common criteria scheme requires a Protection Profile document to support the evaluation of IT device security. However, there is no Protection Profile document for e-KTP reader devices that have been certified so that it can be used as a reference in developing IT devices to support the evaluation of IT device security. Therefore, in this study, developing Protection Profiles for e-KTP readers based on ISO/IEC 15408 and ISO/IEC TS 19608: 2018 was carried out to prepare functional security requirements and security guarantees by considering the protection of personal data. While the developing method used is based on ISO/IEC TR 15446:2017. The results of this study are preparing a Protection Profile document consisting of 25 functional security requirements to fulfil 8 device security objectives with a level of security assurance at Evaluation Assurance Level (EAL) 4. Then the design results are tested based on the Assurance Protection Profile Evaluation class (APE) ISO/IEC 18045:2022 and declared to meet the criteria based on the ISO/IEC 15408 series.</em></p&gt;}, number={2}, journal={Jurnal Teknik Informatika (Jutif)}, author={Gustiviana, Yhufi Swastantri and Suryanto, Yohan}, year={2023}, month={Mar.}, pages={265-277} }