Trustworthy Systems Supporting Server Signing - Part 1: General System Security Requirements

1.1   General
This document specifies security requirements and recommendations for Trustworthy Systems Supporting Server Signing (TW4S) that generate digital signatures.
The TW4S is composed at least of one Server Signing Application (SSA) and one Signature Creation Device (SCDev) or one remote Signature Creation Device.
A remote SCDev is a SCDev extended with remote control provided by a Signature Activation Module (SAM) executed in a tamper protected environment. This module uses the Signature Activation Data (SAD), collected through a Signature Activation Protocol (SAP), in order to guarantee with a high level of confidence that the signing keys are used under sole control of the signer.
The SSA uses a SCDev or a remote SCDev in order to generate, maintain and use the signing keys under the sole control of their authorized signer. Signing key import from CAs is out of scope.
So when the SSA uses a remote SCDev, the authorized signer remotely controls the signing key with a high level of confidence.
A TW4S is intended to deliver to the signer or to some other application, a digital signature created based on the data to be signed.
This standard:
-   provides commonly recognized functional models of TW4S;
-   specifies overall requirements that apply across all of the services identified in the functional model;
-   specifies security requirements for each of the services identified in the TW4S;
-   specifies security requirements for sensitive system components which may be used by the TW4S.
This standard is technology and protocol neutral and focuses on security requirements.
1.2   Outside of the scope
The following aspects are considered outside of the scope of this document:
-   other trusted services that may be used alongside this service such as certificate issuance, signature validation service, time-stamping service and information preservation service;
-   any application or system outside of the TW4S (in particular the signature creation application including the creation of advanced signature formats);
-   signing key and signing certificate import from CAs;
-   the legal interpretation of the form of signature (e.g. electronic signature, electronic seal, qualified or otherwise).
1.3   Audience
This standard specifies security requirements that are intended to be followed by:
-   providers of TW4S systems;
-   Trust Service Providers (TSP) offering a signature creation service.

Vertrauenswürdige Systeme, die Serversignaturen unterstützen - Teil 1: Allgemeine Systemsicherheitsanforderungen

Systèmes fiables de serveur de signature électronique - Partie 1: Exigences de sécurité générales du système

Zaupanja vredni sistemi, ki podpirajo strežniško podpisovanje - 1. del: Splošne varnostne zahteve sistema

Področje uporabe predlaganega 1. dela standarda 419241 (Varnostne zahteve) zajema varnostne zahteve in priporočila za zaupanja vredne sisteme, ki podpirajo strežniško podpisovanje (TW4S) in generirajo digitalne podpise. Te digitalne podpise ustvarja oddaljeno sredstvo za elektronsko podpisovanje (rSCDev). Oddaljeno sredstvo za elektronsko podpisovanje je sredstvo za elektronsko podpisovanje (SCDev), ki uporablja varne kanale za elektronsko komunikacijo z namenom zagotavljanja zanesljivega okolja za elektronsko podpisovanje, ki je pod izključnim nadzorom podpisnika. Ta predlagani 1. del standarda 419241 bo obstoječi standard CEN/TS 419241 prilagodil zahtevam nove Uredbe EU št. 910/2014 in TS pretvoril v EN.

General Information

Status
Published
Publication Date
03-Jul-2018
Withdrawal Date
30-Jan-2019
Current Stage

Relations

Buy Standard

Standard
EN 419241-1:2018 - BARVE
English language
43 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)


2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.Zaupanja vredni sistemi, ki podpirajo strežniško podpisovanje - 1. del: Splošne varnostne zahteve sistemaVertrauenswürdige Systeme, die Serversignaturen unterstützen - Teil 1: Allgemeine SystemsicherheitsanforderungenSystèmes fiables de Serveur de Signature électronique - Partie 1: Exigences de sécurité générales du systèmeTrustworthy Systems Supporting Server Signing - Part 1: General System Security Requirements35.030Informacijska varnostIT SecurityICS:Ta slovenski standard je istoveten z:EN 419241-1:2018SIST EN 419241-1:2018en,fr,de01-oktober-2018SIST EN 419241-1:2018SLOVENSKI
STANDARDSIST-TS CEN/TS 419241:20141DGRPHãþD

EUROPEAN STANDARD NORME EUROPÉENNE EUROPÄISCHE NORM
EN 419241-1
July
t r s z English Version
Trustworthy Systems Supporting Server Signing æ Part
sã General System Security Requirements Systèmes fiables de serveur de signature électronique æPartie
sã Exigences de sécurité générales du système
Vertrauenswürdige Systemeá die Serversignaturen unterstützen æ Teil
sã Allgemeine Systemsicherheitsanforderungen This European Standard was approved by CEN on
u r April
t r s zä
egulations which stipulate the conditions for giving this European Standard the status of a national standard without any alterationä Upætoædate lists and bibliographical references concerning such national standards may be obtained on application to the CENæCENELEC Management Centre or to any CEN memberä
translation under the responsibility of a CEN member into its own language and notified to the CENæCENELEC Management Centre has the same status as the official versionsä
CEN members are the national standards bodies of Austriaá Belgiumá Bulgariaá Croatiaá Cyprusá Czech Republicá Denmarká Estoniaá Finlandá Former Yugoslav Republic of Macedoniaá Franceá Germanyá Greeceá Hungaryá Icelandá Irelandá Italyá Latviaá Lithuaniaá Luxembourgá Maltaá Netherlandsá Norwayá Polandá Portugalá Romaniaá Serbiaá Slovakiaá Sloveniaá Spainá Swedená Switzerlandá Turkey and United Kingdomä
EUROPEAN COMMITTEE FOR STANDARDIZATION COMITÉ EUROPÉEN DE NORMALISATION EUROPÄISCHES KOMITEE FÜR NORMUNG
CEN-CENELEC Management Centre:
Rue de la Science 23,
B-1040 Brussels
t r s z CEN All rights of exploitation in any form and by any means reserved worldwide for CEN national Membersä Refä Noä EN
v s { t v sæ sã t r s z ESIST EN 419241-1:2018

Requirements for electronic identification means, characteristics and design . 34 A.1 Enrolment . 34 A.1.1 Application and registration . 34 A.1.2 Identity proofing and verification (natural person) . 34 A.1.3 Identity proofing and verification (legal person) . 37 A.1.4 Binding between the electronic identification means of natural and legal persons . 39 A.2 Electronic identification means and authentication . 40 A.2.1 Electronic identification means characteristics and design . 40 A.2.2 Authentication mechanism . 41 Bibliography . 42
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.