Zestaw norm i standardów, które opisują różne aspekty rozwiązań stosowanych w PKI. - PDF

Description
Zestaw norm i standardów, które opisują różne aspekty rozwiązań stosowanych w PKI. Standardy i normy polskie oraz międzynarodowe (ISO, ECBS, UE): DIRECTIVE /93/EC DIRECTIVE OF THE EUROPEAN PARLIAMENT AND

Please download to get full document.

View again

of 9
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Information
Category:

Leadership & Management

Publish on:

Views: 16 | Pages: 9

Extension: PDF | Download: 0

Share
Transcript
Zestaw norm i standardów, które opisują różne aspekty rozwiązań stosowanych w PKI. Standardy i normy polskie oraz międzynarodowe (ISO, ECBS, UE): DIRECTIVE /93/EC DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 13 December on a Community framework for electronic signatures PN-EN ISO : - Bankowość. Zarządzanie kluczami w bankowości detalicznej PrPN-ISO Bankowość Elementy danych związane z zarządzaniem kluczami (detal) PN-ISO/IEC do3: - Technika informatyczna. Techniki zabezpieczeń. Niezaprzeczalność PN-ISO/IEC do3: Techniki zabezpieczeń. Zarządzanie kluczami PN-ISO/IEC do3:1996 Technika informatyczna - Techniki zabezpieczeń. Funkcje skrótu ISO/DIS Certificate management for financial services - Part 1: Public Key Certificates ISO Banking - Certificate management - Part 2: Certificate extensions ISO/IEC :1997 Information technology -- Open Systems Interconnection - - Security frameworks for open systems: Non-repudiation framework ISO 8732, Banking - Key management (wholesale) , ISO 11166, Banking - Key management by means of asymmetric algorithms - Part 1 and 2 ISO 8731, Banking - Approved Algorithms for message Authentication - Part 1and 2 ISO/IEC TR ITU-T X.842 Wytyczne dla użytkowania i zarządzania usługami Zaufanej Trzeciej Strony. ISO/IEC 9797, Information technology - Security techniques - Data integrity mechanism using a cryptographic check function employing a block cipher algorithm , ISO 8372, Information processing - Modes of operation for a 64-bit block cipher algorithm , ISO/IEC Information technology - Security techniques - Digital signatures American National Standard for Financial Services ANS X9.79-1:2001 Part 1: PKI Practices and Policy Framework ITU-T X500 OSI The Directory: Overview of concept, models and services ECBS-TC4, TR402 Report 402 Certification authorities , ECBS-TC4, TR405 Report 405 Key recovery in financial systems , ECBS-TC4, TR406 Report 406 Guidelines on algorithms usage and key management Standardy i normy organizacji międzynarodowych i korporacyjnych ETSI -European Telecommunications Standards Institute Identyfikator Nazwa standardu Rodzaj EG V1.1.2 ( ) Telecommunications Security; Trusted Third Parties (TTP); ETSI Guide Requirements for TTP services ETSI TS V1.1.1 ( ) Policy requirements for certification authorities issuing qualified certificates ETSI TS V1.2.1 ( ) Qualified certificate profile ETSI ES V1.2.2 ( ) Electronic signature formats TR 101 xxx V0.4.2 (-11) Telecommunications Security; Electronic signature standardization report ETSI TS V1.1.1 ( ) Time Stamping Profile ETSI Standard Report Draft ETSI TS xxxx STF 178-T1 draft I 3/11/2001 Policy requirements for timestamping authorities ETSI TR X XV0.0.2 ( ) XML Format for Signature Policies Report TR 101 xxx V0.4.2 (-11) Telecommunications Security; Electronic signature standardization Report report CEN/ISSS Workshop on Electronic Signatures (WS/E-Sign), EESSI - European Electronic Signature Standardization Initiative, Numer Nazwa Data publikacji, status N : Area G2: N 140 CWA14171 Area G1 N 141 N143 N144 N N 165 CWA N Security Requirements for Trustworthy Systems Managing Certificates for Electronic Signatures Procedures for electronic signature verification Berlin/ Draft CWA Version: 0.17 Issued: CWA Berlin/ Version , 2001 Security Requirements for CWA: Berlin/ Version: 3.9 Signature Creation Systems Issued: Conformity Assessment Guidance. EESSI Part 1 General Conformity Assessment Guidance. EESSI Part 2 Certification Authority and Process Conformity Assessment Guidance. Berlin/ Draft Version: 0.6 Part 3 - Trustworthy systems Issued: managing certificates for electronic signatures EESSI Conformity Assessment EESSI Issued: Guidance. Part 4 Signature creation applications and procedures for electronic signature verification Conformity Assessment Guidance. EESSI Issued: Part 5 - Secure signature creation Area F N 136 Area F N 137 devices Workshop Agreement Group F - B- EAL 4 Workshop Agreement Group F- A- EAL 4. Berlin/ Berlin/ Rodzaj dokumentu RFC -Request for Comments Uwaga: niektóre standardy RFC zawierają inne (np. PKCS RSA Laboratories) wymienione w zestawieniach ujętych przy innych organizacjach standaryzujących dla zachowania kompletu pozostawiono te standardy w tym zestawieniu Nr RFC Tytuł standardu Firmy opracowujące Wydane / ważność 1319 Updates: RFC 1115 The MD2 Message-Digest Algorithm The MD5 Message-Digest Algorithm 1422 Obsoletes : Obsoletes : 1115 Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management Privacy Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and Identifiers 1424 Privacy Enhancement for Internet Electronic Mail: Part IV: Key Certification and Related Services 1519 Obsoletes : 1338 Classless Inter-Domain Routing (CIDR):an Address Assignment and Aggregation Strategy RSA Laboratories April 1992 MIT Laboratory for Computer Science and RSA Data Security, Inc BBN IAB IRTF PSRG, IETF PEM April 1992 February 1993 IRTF PSRG, IETF PEM WG February 1993 RSA Laboratories BARRNet; cisco, MERIT; OARnet 1738 Uniform Resource Locators (URL) CERN, Xerox Corporation, University of Minnesota 1778 The String Representation of University of Michigan; Obsoletes Standard Attribute Syntaxes ISODE Consortium; : 1488 Performance Systems February 1993 September 1993 December 1994 International; NeXor Ltd Internet Protocol, Version 6 (IPv6) Xerox PARC Networks December 2104 HMAC: Keyed-Hashing for IBM; UCSD February Message Authentication Key words for use in RFCs to Harvard University Indicate Requirement Levels Best Current Practice IETF Policy on Character Sets and UNINETT January Languages Best Current Practice 2279 UTF-8, a transformation format of Alis Technologies January Obsoletes ISO : S/MIME Version 2 Message RSA Data Security Internet Mail Consortium; Netscape 2312 S/MIME Version 2 Certificate Internet Mail Consortium; Handling RSA Data Security; Netscape 2313 PKCS #1: RSA Encryption Version 1.5 RSA Laboratories East 2314 PKCS #10: Certification Request Syntax Version 1.5 RSA Laboratories East 2315 PKCS #7: Cryptographic Message Syntax Version 1.5 RSA Laboratories, East 2321 RITA -The Reliable Internetwork Cohesive Network Systems 1 April Troubleshooting Agent 2459 Internet X.509 Public Key Certificate and CRL Profile 2510 Internet X.509 Public Key Certificate Management Protocols 2511 Internet X.509 Certificate Request Message Format 2527 Internet X.509 Public Key Certificate Policy and Certification Practices Framework 2528 Representation of Key Exchange Algorithm (KEA) Keys in Internet X.509 Public Key Certificates 2559 Updates: 1778 Internet X.509 Public Key Operational Protocols - LDAPv X.509 Internet Public Key Online Certificate Status Protocol OCSP 2585 Internet X.509 Public Key Operational Protocols: FTP and HTTP 2587 Internet X.509 Public Key LDAPv2 Schema SPYRUS; VeriSign; NIST; Citicorp Entrust Technologies; SSE VeriSign; DoD Entrust Technologies CygnaCom Solutions, Inc. VeriSign, Inc. SPYRUS; NIST January Entrust; Netscape: Xcert April VeriSign; CertCo; ValiCert; Entrust Technologies June SPYRUS; IMC May Entrust; Netscape; Xcert June 2630 Cryptographic Message Syntax SPYRUS June 2631 Diffie-Hellman Key Agreement RTFM Inc. June Method Typ dokumentu - PKIX (Public-Key X.509), organizacja - IETF (Internet Engineering Task Force) Identyfikator Nazwa Wydany draft-ietf-pkix-ac509prof- An Internet Attribute Certificate Profile 8th June txt for Authorization draft-ietf-pkix-cmcarchive-00.txt CMC Extensions: Server Side Key July 13, 2001 Generation and Key Archival draft-ietf-pkix-dpv-dpd- Delegated Path Validation and July, txt draft-ietf-pkix-ipki-newrfc txt draft-ietf-pkix-ipkipkalgs-03.txt draft-ietf-pkix-new-part1-08 draft-ietf-pkix-pi-02.txt draft-ietf-pkix-proxy- 01.txt draft-ietf-pkix-rfc2510bis- 04.txt draft-ietf-pkix-rfc2511bis- 02.txt draft-ietf-pkix-rfc2797- bis-01.txt draft-ietf-pkix-scvp-06.txt Delegated Path Discovery Protocols Internet X.509 Public Key Certificate Policy and Certification Practices Framework Algorithms and Identifiers for theinternet X.509 Public Key Certificate and CRL Profile Internet X.509 Public Key Certificate and CRL Profile Target category: Standard Track Internet X.509 Public Key Permanent Identifier Internet X.509 Public Key Proxy Certificate Profile S. Farrell Internet X.509 Public Key Certificate Management Protocols Internet X.509 Public Key Certificate Request Message Format (CRMF) Certificate Management Messages over CMS Simple Certificate Validation Protocol (SCVP) July 12, 2001 July, 2001 July 2001 October, 2001 August 2001 May, 2001 May 2001 July 2001 Paul Hoffman Typ dokumentu -PKCS (Public Key Cryptography Standard a set of commonly applied data cryptography standards developed by RSA Data Security Inc.) Identyfikator Tytuł Firma opracowująca Wydany / ważność #1 v2.1: RSA Cryptography Standard RSA Laboratories January 5, 2001 #3 Version 1.4 Diffie-Hellman Key-Agreement Standard RSA Laboratories November 1, 1993 #6 Version 1.5 Extended-Certificate Syntax Standard RSA Laboratories November 1, 1993 * #10 Certification Request Syntax Standard RSA Laboratories Version 1.0 November 1, 1993 #11 v2.11 Cryptographic Token Interface Standard RSA Laboratories November 2000 #15 Conformance Profile RSA Laboratories August 1, 2000 Normy i standardy stosowane w systemach zarządzania bezpieczeństwem. Normy określające zasady budowy struktur i polityk bezpieczeństwa ISO/TR 13569:1997(E) Banking and related financial services Information security guidelines PN - I : Wytyczne do zarządzania bezpieczeństwem systemów informatycznych ISO9807:1991 Banking and related financial services Requirements for message authentication (retail). PN-ISO/IEC :1996 Technika informatyczna - Techniki zabezpieczeń. Mechanizmy uwierzytelniania podmiotów. ISO (BS 7799): Information security management Arkusz l. Code of practice for information security management systems Arkusz 2. for information security management systems RFC 2196 (RFC1224) - Site Security Handbook Normy związane z zarządzaniem bezpieczeństwem Systemów Sieciowych ECBS-TC4, 401 Report 401 Secure banking over the Internet , 1997 PN-92/T Systemy przetwarzania informacji. Współdziałanie systemów otwartych (OSI). Podstawowy model odniesienia. Architektura zabezpieczeń. ISO/IEC (X.509), Information technology Open Systems Interconnection The Directory. ISO Information technology - Open Systems Interconnection - Systems Management: Security Alarm Reporting Function ISO/IEC :1993 Information technology -- Open Systems Interconnection -- Systems Management: Security audit trail function ISO Information technology - Open Systems Interconnection - Systems Management: Objects and Attributes for Access Control ISO/IEC , Information technology - Open Systems Interconnection - Security frameworks for open systems - Part 1: Overview , (equivalent to ITU-T Rec X 810, ) ISO/IEC , Information technology - Open Systems Interconnection - Security frameworks for open systems - Part 2: Authentication framework , (equivalent to ITU-T Rec X 811, ) ISO/IEC , Information technology - Open Systems Interconnection - Security frameworks for open systems - Part 3: Access control framework , Draft ISO/IEC , Information technology - Open Systems Interconnection - Security frameworks for open systems - Part 4: Non-repudiation framework , Draft ISO/IEC , Information technology - Open Systems Interconnection - Security frameworks for open systems - Part 5: Integrity framework , Draft ISO/IEC , Information technology - Open Systems Interconnection - Security frameworks for open systems - Part 6: Confidentiality framework , Draft ISO/IEC :1996 Information technology -- Open Systems Interconnection -- Security frameworks for open systems: Security audit and alarms framework ISO/IEC :1996 Information technology -- Open Systems Interconnection -- Generic upper layers security: Overview, models and notation ISO/IEC :1996 Information technology -- Open Systems Interconnection -- Generic upper layers security: Security Exchange Service Element (SESE) service definition ISO/IEC :1996 Information technology -- Open Systems Interconnection -- Generic upper layers security: Security Exchange Service Element (SESE) protocol specification ISO/IEC :1996 Information technology -- Open Systems Interconnection -- Generic upper layers security: Protecting transfer syntax specification ISO/IEC :1997 Information technology -- Open Systems Interconnection -- Generic upper layers security: Security Exchange Service Element (SESE) Protocol Implementation Conformance Statement (PICS) proforma ISO/IEC :1997 Information technology -- Open Systems Interconnection -- Generic upper layers security: Protecting transfer syntax Protocol Implementation Conformance Statement (PICS) proforma Normy związane z zarządzaniem bezpieczeństwem przy użyciu kart ISO Smart Cards ISO/IEC :1993, Identification cards -, Identification of issuers Part1: Numbering system ISO/IEC :1993, Identification cards - Identification of issuers Part 2:Application and registration procedures. ISO/IEC : Identification cards -- Integrated circuit(s) cards with contacts -- Part 8: Security related interindustry commands ISO 8583:1993, Financial transaction card originated messages Interchange message specifications. PN-EN ISO Karty transakcji finansowych. Architektura zabezpieczenia systemów obsługujących transakcje finansowe za pomocą kart elektronicznych. PN-EN :2000 Karty transakcji finansowych. Architektura zabezpieczeń systemów obsługujących transakcje finansowe za pomocą kart elektronicznych. Cykl życia karty. ISO :1996 Financial transaction cards -- Security architecture of financial transaction systems using integrated circuit cards -- Part 2: Transaction process PN-EN ISO : Karty transakcji finansowych. Architektura zabezpieczeń systemów obsługujących transakcje finansowe za pomocą kart elektronicznych. Powiązania przez klucz kryptograficzny. ISO :1996 Financial transaction cards -- Security architecture of financial transaction systems using integrated circuit cards -- Part 4: Secure application modules ISO : Financial transaction cards -- Security architecture of financial transaction systems using integrated circuit cards -- Part 5: Use of algorithms ISO :1994 Financial transaction cards -- Security architecture of financial transaction systems using integrated circuit cards -- Part 6: Cardholder verification ISO : Financial transaction cards -- Security architecture of financial transaction systems using integrated circuit cards -- Part 7: Key management ISO : Financial transaction cards -- Security architecture of financial transaction systems using integrated circuit cards -- Part 8: General principles and overview Inne normy związane z zarządzaniem bezpieczeństwem ISO/IEC : Information technology -- Security techniques -- Evaluation criteria for IT security -- Part 1: Introduction and general model ISO/IEC : Information technology -- Security techniques -- Evaluation criteria for IT security -- Part 2: Security functional requirements ISO/IEC : Information technology -- Security techniques -- Evaluation criteria for IT security -- Part 3: Security assurance requirements ISO 8649 Information technology - Open Systems Interconnection - Service definision for the Association Control Service Element ISO Banking - Requirements for Message Authentication (Wholesale) ISO Banking - Approved Algorithms for Message Authentication ISO /IEC 9797, Information technology Security techniques Data integrity mechanism using a cryptographic check function employing a block cipher algorithm. ISO/IEC Banking - Secure cryptographic devices (retail) CCITT Recommendation X.800 Security Architecture for Open System Interconnection for CCITT Applications FIPS PUB- FEDERAL INFORMATION PROCESSING STANDARDS PUBLICATION Identyfikator Nazwa Data publikacji FIPS PUB 31 Guidelines FOR AUTOMATIC DATA 1974 JUNE PROCESSING PHYSICAL SECURITY AND RISK MANAGEMENT FIPS 46-3 Data Encryption Standard FIPS PUB 73 Guidelines for SECURITY OF COMPUTER 1980 JUNE 30 APPLICATION FIPS PUB 87 Guidelines for ADP Contingency Planning 1981 MARCH 27 FIPS 113 Authentication FIPS 112 Password Usage FIPS PUB SECURITY REQUIREMENTS FOR CRYPTOGRAPHIC MODULES 1994 January 11 FIPS PUB SECURITY REQUIREMENTS FOR Issued CRYPTOGRAPHIC MODULES (Supersedes FIPS PUB 140-1, 1994 January 11) FIPS PUB SECURE HASH STANDARD April 17 American National Standards Institute (ANSI) ANSI X The Data Encryption Algorithm (DEA) ANSI X Data Link Encryption ANSI X Data Encryption Algorithm - Modes of operation for the DEA ANSI NCITS Personal Identification Number - PIN Pad ANSI X Bank Cards - Magnetic Stripe Data Content (Track 3) ANSI X Interchange Message for Debit and Credit Card Message Exchange among Financial Institution ANSI X Banking - Personal Identification Number Management and Security ANSI X Financial Institution Message Authentication ANSI X Financial Institution Key Management (Wholesale) ANSI X Financial Institution Retail Message Authentication ANSI X Financial Institution Encryption for Wholesale Financial Messages ANSI X9.24. Financial Services - Key Management Using the DEA ANSI X , Public Key Cryptography for the Financial Services Industry - Part1: The Digital Signature Algorithms (DSA). ANSI X , Public Key Cryptography for Financial Services Industry- The Secure Hash Algorithm (SHA-1) - Part 2 ANSI X9.57: Public Key Cryptography for the Financial Services Industry: Certificate Management. ANSI X Electronic Data Interchange Security Services X12.58 (version 2)
Related Search
Similar documents
View more...
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks