iTeh Standards logo
EURUSD
Your shopping cart is empty.
SIST

SIST EN 419212-2:2018

(Main)

Application Interface for Secure Elements for Electronic Identification, Authentication and Trusted Services - Part 2: Signature and Seal Services

Application Interface for Secure Elements for Electronic Identification, Authentication and Trusted Services - Part 2: Signature and Seal Services

This part specifies mechanisms for SEs to be used as qualified signature creation devices covering:
•   Signature creation and mobile signature creation
•   User verification
•   Password based authentication
The specified mechanisms are suitable for other purposes like services in the context of EU Regulation 910/2014 of the European Parliament and the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC.
The particular case of seal is also covered by the specification. The differences between seal and signature are exposed in Annex B. Annex B also explains how the mechanisms for SEs as qualified signature creation devices can be used for SEs as qualified seal creation devices.
Mobile signature is an alternative to the classical signature case which is performed by a secure element. Mobile signature is encouraged by the large widespread of mobile devices and the qualification authorized by the eIDAS Regulation. The particular case of remote signature (or server signing) is covered by this specification in Annex C.
In the rest of this document, except Annex B, there will be no particular notion of a seal since it technically compares to the signature.

Anwendungsschnittstelle für sichere Elemente, die als qualifizierte elektronische Signatur-/Siegelerstellungseinheiten verwendet werden - Teil 2: Zusätzliche Dienste

Identification personnelle et dispositifs associés, éléments de sécurité, systèmes, opérations et protection de la vie privée dans un environnement multisectoriel - Partie 2 : Services de signatures et de cachets

La présente partie spécifie les mécanismes pour l'utilisation de SE comme dispositifs de création de signatures qualifiés, qui recouvrent :
   la création de signatures et création de signatures mobiles ;
   la vérification de l’utilisateur ;
   l’authentification par mot de passe.
Les mécanismes spécifiés conviennent à d'autres objectifs, tels que les services dans le cadre de [2].
Le cas particulier du cachet est également traité par la spécification. Les différences entre cachet et signature sont présentées dans l’Annexe B. L’Annexe B explique également comment les mécanismes des SE servant de dispositifs de création de signatures qualifiés peuvent être utilisés pour les SE servant de dispositifs de création de cachets qualifiés.
La signature mobile est une variante de la signature traditionnelle qui est exécutée par un élément de sécurité. La signature mobile bénéficie de la grande diffusion des dispositifs mobiles et de la qualification autorisée par le Règlement eIDAS [2]. Le cas particulier de la signature à distance (ou signature par serveur) est traité par la présente spécification dans l’Annexe C.
Dans la suite du présent document, à l’exception de l’Annexe B, il n’y aura aucune notion particulière relative au cachet, puisque, sur un plan technique, il est comparable à la signature.

Uporabniški vmesnik za varnostne elemente za elektronsko identifikacijo, avtentifikacijo in zanesljivost storitev - 2. del: Podpis in dodatne storitve

Ta del določa mehanizme za uporabo varnostnih elementov (SE) kot kvalificiranih naprav za elektronsko podpisovanje in zajema: • oblikovanje podpisa in mobilno oblikovanje podpisa,
• preverjanje uporabnika,
• preverjanje pristnosti na podlagi gesla.
Opredeljeni mehanizmi so primerni za druge namene, kot so storitve v okviru Uredbe (EU) št. 910/2014 Evropskega parlamenta in sveta z dne 23. julija 2014 o elektronski identifikaciji in storitvah zaupanja za elektronske transakcije na notranjem trgu ter razveljavitve Direktive 1999/93/ES. Specifikacija zajema tudi poseben primer žiga. Razlike med žigom in podpisom so izpostavljene v dodatku B. Dodatek B tudi pojasnjuje, kako se lahko mehanizmi za varnostne elemente kot kvalificirana sredstva za elektronsko podpisovanje uporabljajo za varnostne elemente kot naprave za ustvarjanje kvalificiranega elektronskega žiga. Alternativa običajnemu podpisu je mobilni podpis, ki ga izvede varnostni element. Mobilni podpis se spodbuja zaradi razširjenega obsega mobilnih naprav in kvalifikacij, odobrenih z uredbo o elektronski identifikaciji (eIDAS). Poseben primer podpisa na daljavo (ali strežniškega podpisa) je zajet v tej specifikaciji v dodatku C.
Preostanek dokumenta z izjemo dodatka B posebej ne omenja pomena žiga, saj je v tehničnem smislu podoben podpisu.

General Information

Status
Published
Public Enquiry End Date
30-Dec-2016
Publication Date
05-Mar-2018
ICS
35.240.15 - Identification cards. Chip cards. Biometrics
Technical Committee
ITC - Information technology
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
22-Dec-2017
Due Date
26-Feb-2018
Completion Date
06-Mar-2018
Directive
910/2014 - Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing directive 1999/93/EC
Mandate
M/460 - Standardisation Mandate to the European Standardisation Organizations CEN, CENELEC and ETSI in the field of Information and Communication Technologies applied to Electronic Signatures
Ref Project
EN 419212-2:2017 - Application Interface for Secure Elements for Electronic Identification, Authentication and Trusted Services - Part 2: Signature and Seal Services

Relations

Replaces
SIST EN 419212-2:2015 - Application Interface for smart cards used as Secure Signature Creation Devices - Part 2: Additional Services
Effective Date
20-Dec-2017
Replaces
SIST EN 419212-1:2015 - Application Interface for smart cards used as Secure Signature Creation Devices - Part 1: Basic services
Effective Date
20-Dec-2017
SIST EN 419212-2:2018 - BARVESIST EN 419212-2:2018 - BARVE
PreviousNext
Standard
SIST EN 419212-2:2018 - BARVE
English language
115 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)


2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.Uporabniški vmesnik za varnostne elemente za elektronsko identifikacijo, avtentifikacijo in zanesljivost storitev - 2. del: Podpis in dodatne storitveAnwendungsschnittstelle für sichere Elemente, die als qualifizierte elektronische Signatur-/Siegelerstellungseinheiten verwendet werden - Teil 2: Zusätzliche DiensteApplication Interface for Secure Elements for Electronic Identification, Authentication and Trusted Services - Part 2: Signature and Seal Services35.240.15Identification cards. Chip cards. BiometricsICS:Ta slovenski standard je istoveten z:EN 419212-2:2017SIST EN 419212-2:2018en,fr,de01-april-2018SIST EN 419212-2:2018SLOVENSKI
STANDARDSIST EN 419212-2:2015SIST EN 419212-1:20151DGRPHãþD

EUROPEAN STANDARD NORME EUROPÉENNE EUROPÄISCHE NORM
EN 419212-2
December
t r s y ICS
u wä t v rä s w Supersedes EN
v s { t s tæ sã t r s vá EN
v s { t s tæ tã t r s vEnglish Version
Application Interface for Secure Elements for Electronic Identificationá Authentication and Trusted Services æ Part
tã Signature and Seal Services Interface applicative des éléments sécurisés utilisés comme dispositifs de création de signature signatures et de cachets
Anwendungsschnittstelle für sichere Elementeá die als qualifizierte elektronische SignaturæZusätzliche Dienste This European Standard was approved by CEN on
x February
t r s yä
egulations which stipulate the conditions for giving this European Standard the status of a national standard without any alterationä Upætoædate lists and bibliographical references concerning such national standards may be obtained on application to the CENæCENELEC Management Centre or to any CEN memberä
translation under the responsibility of a CEN member into its own language and notified to the CENæCENELEC Management Centre has the same status as the official versionsä
CEN members are the national standards bodies of Austriaá Belgiumá Bulgariaá Croatiaá Cyprusá Czech Republicá Denmarká Estoniaá Finlandá Former Yugoslav Republic of Macedoniaá Franceá Germanyá Greeceá Hungaryá Icelandá Irelandá Italyá Latviaá Lithuaniaá Luxembourgá Maltaá Netherlandsá Norwayá Polandá Portugalá Romaniaá Serbiaá Slovakiaá Sloveniaá Spainá Swedená Switzerlandá Turkey and United Kingdomä
EUROPEAN COMMITTEE FOR STANDARDIZATION COMITÉ EUROPÉEN DE NORMALISATION EUROPÄISCHES KOMITEE FÜR NORMUNG
CEN-CENELEC Management Centre:
Avenue Marnix 17,
B-1000 Brussels
t r s y CEN All rights of exploitation in any form and by any means reserved worldwide for CEN national Membersä Refä Noä EN
v s { t s tæ tã t r s y ESIST EN 419212-2:2018

Security environments . 100 Annex B (informative)
Seals and Signatures . 108 Annex C (informative)
Remote Signatures . 111 SIST EN 419212-2:2018

Part 3: “Device Authentication” describes the device authentication protocols and the related key management services to establish a secure channel.
Part 4: “Privacy specific Protocols” describes functions and services to provide privacy to identification services.
Part 5: “Trusted eServices” describes services that may be used in conjunction with signature services described in Part 2.
This document has been prepared under a mandate given to CEN by the European Commission and the European Free Trade Association. According to the CEN-CENELEC Internal Regulations, the national standards organisations of the following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom. SIST EN 419212-2:2018

Signature creation and mobile signature creation
User verification
Password based authentication The specified mechanisms are suitable for other purposes like services in the context of [2]. The particular case of seal is also covered by the specification. The differences between seal and signature is exposed in Annex B. Annex B also explains how the mechanisms for SEs as qualified signature creation devices can be used for SEs as qualified seal creation devices. Mobile signature is an alternative to the classical signature case which is performed by a secure element. Mobile signature is encouraged by the large widespread of mobile devices and the qualification authorized by the eIDAS Regulation [2]. The particular case of remote signature (or server signing) is covered by this specification in Annex C. In the rest of this document, except Annex B, there will be no particular notion of a seal since it technically compares to the signature. 2 Normative references The following documents, in whole or in part, are normatively referenced in this document and are indispensable for its application. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. ISO/IEC 7816-4:2013, Identification cards — Integrated circuit cards — Part 4: Organization, security and commands for interchange ISO/IEC 7816-8:2004, Identification cards – Integrated circuit cards – Part 8: Commands for security operations ISO/IEC 7816-11:2004, Identification cards — Integrated circuit cards — Part 11: Personal verification through biometric methods ISO/IEC 7816-15, Identification cards — Integrated circuit cards — Part 15: Cryptographic information application ISO/IEC 9797-1:2011, Information technology — Security techniques — Message Authentication Codes (MACs) — Part 1: Mechanisms using a block cipher ISO 11568-2:2012, Financial services — Key management (retail) — Part 2: Symmetric ciphers, their key management and life cycle ISO/IEC 14888-2:2008, Information technology — Security techniques — Digital signatures with appendix — Part 2: Integer factorization based mechanisms ISO/IEC 19794-2:2005, Information technology — Biometric data interchange formats — Part 2: Finger minutiae data ISO/IEC 15946-5, Information technology — Security techniques — Cryptographic techniques based on elliptic curves — Part 5: Elliptic curve generation, 2009-12-15 SIST EN 419212-2:2018

3 Terms and definitions For the purposes of this document, terms and definitions in EN 419212-1 apply. 4 Symbols and abbreviations For the purposes of this document, symbols and abbreviations in EN 419212-1 apply. 5 Signature application 5.1 Application Flow Figure 1 shows an execution flow for a signature creation as it is mandated in [1].
1 Available at https://www.bsi.bund.de/DE/Publikationen/TechnischeRichtlinien/tr03110/index_htm.html SIST EN 419212-2:2018

Figure 1 — Interaction sequences between SCA and QSCD in compliance with EU regulation The corresponding technical implementation is given in this document and as various mechanisms are specified for device authentication and user verification with a number of resulting combinations, Figure 2 gives some example execution flows for typical signature cards. Each card implements a signature application and they differ in the combination of privacy and security features. A card with a contact interface that is used in a trusted environment may not require any device authentication. In contrast, contactless cards are vulnerable to skimming and eavesdropping attacks and hence require protection. Reading SN.ICC would be a possible start for a non-privacy protecting device authentication (e.g. EN 419212-3, 3.9) whereas the card is addressed through contacts. For privacy protection (e.g. EN 419212-3, 3.6, EN 419212-3, 3.7) reading SN.ICC would not be desirable. Instead a password based mechanism may be involved which prevents the card being addressed unless a password, e.g. secret PIN or Card Access Number printed on the card is entered first. This is suitable for contactless cards which shall not allow communication without either the explicit act-of-will of the card holder or proof of legitimate physical possession of the card. In multi-application environments device authentication may be performed on card (e.g. MF level) prior to application selection. Whether for basic or additional services, a device authentication is always mandatory if the environment where the signature device is being used, is not known to be trustable. This is typical for public environment (e.g. airport, merchandise, POS). Only in trusted environments (e.g. company, campus) can device authentication be skipped. SIST EN 419212-2:2018

Figure 2 — Execute signature services Figure 2 shows the selection of additional services in the context of the ESIGN application. User verification might be required for some of the additional services. The detailed access conditions are described in the appropriate security environments. NOTE
* For contactless case in untrusted environment, two choices are possible. Either the reading of CIA file (refer to 14) and the selection of application are done before device authentication, in conformity with Figure 1, or the device authentication is done first.
PKCS#15 takes into account privacy preserving measures involving EF.DIR so that to meet data minimizing property requirements (new component enhanced CIODDO under EF.DIR ensures that the IFD can access DF.CIA content only once security protocols i.e. PACE are fulfilled). This prevent the leakage of user information from CIA file and preserve privacy. 5.2 Trusted environment versus untrusted environment According to the definitions in “trusted environment” (EN 419212-1, 3.58) and “untrusted environment” (EN 419212-1, 3.63), this specification describes additional mechanisms in order to accomplish the required security as claimed in the protection profile [3]. The additional mechanisms according to this specification are: - Device authentication SIST EN 419212-2:2018

to be secured by organisational means Untrusted Environment (public) to be secured by cryptographical means Contact communication channel has been established As in generic case no authentication protocol necessary (see 5 “Signature application”) Chip and Terminal Authentication, see device authentication protocols according to EN 419212-3, clause 3. Contactless communication channel has been established Password Based authentication (PACEv2) with provision of secure channel by secure Messaging (restricted to specific types of passwords e.g. biometric passwords or passwords stored as keys inside the ICC (see 8 “Password-based authentication protocols”) 1. Password based authentication (PACEv2) with provision of secure channel by Secure Messaging 2. Chip and Terminal authentication e.g. see privacy and /or mEAC device authentication protocol according to EN 419212-3, clause 3. NOTE The RSA transport protocol (EN 419212-3, clause 3.8) is not suitable, unless the SN.ICC is set to a “dummy value” for privacy reasons. 5.3 Selection of ESIGN application 5.3.1 General An ESIGN application is selected by its Application Identifier (AID) [see ISO/IEC 7816-5:2004]. The RID is registered by the ISO registration authority and has the following value: A0 00 00 01 67. The first 10 bytes of the AID have the following value AID = A0 00 00 01 67 || “ESIGN” = A0 00 00 01 67 45 53 49 47 4E with Category = 'A.' (international) PIX = 'ESIGN' = 5 bytes NOTE The maximum possible size of the PIX is 11 bytes (refer to ISO/IEC 7816-4, 12.2.3). The remaining 6 bytes may be used by CEN to distinguish between different implementations in the scope of this standard. SIST EN 419212-2:2018
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

Loading comments...

This May Also Interest You

SIST
SIST-TS CEN/TS 17489-5:2025(Main)
Personal identification - Secure and interoperable European breeder documents - Part 5: Trust establishment and management processes
CEN/TS 17489-5:2025

1.1   Objective
This document is intended for the use of breeder document issuing authorities both policymakers and technical, for having uniform formats that conform to printed as well as digital requirements of CEN member and associated states (including EU member states).
The objectives are:
a)   provision of a common set of formats of breeder documents – printed and digital to be implemented by CEN member and associated states (including EU member states), with the extended objective of their acceptance internationally;
b)   the focus is on having common recognizable formats as well as prevention of identity fraud, particularly related to the use of breeder documents to obtain national and international ID documents, such as passports, and residence permits.
1.2   Human dimension of identity management
Each country’s identity management system also provides a framework for observing and protecting many of the human rights embodied in international declarations and conventions. Depending on the provisions in place, the system can ensure that citizens can exercise a wide range of rights, such as rights to property, privacy, freedom of movement and free choice of place of residence, as well as access to social services such as education, healthcare and social security. In states with more advanced technological infrastructure, population registration provides the basis for the establishment of a number of citizen-oriented computerized services, also known as e-services and e-government. Identity management is also central to prevention of discrimination in exercising guaranteed rights.
The identity management infrastructure provides the backbone for a functioning and viable state by securing civil, population and tax registers, as well other systems such as healthcare benefits, voter lists and the issuance of travel and identity documents based on verifiable identities. Such flaws may become visible during elections, where shortcomings in voter lists can affect confidence in the election process. In essence, a secure identity management system can be seen as the foundation, a root level, that is able to then feed into and help numerous other branches of key state services function effectively and accurately (OSCE, 2017, p.13) [27].
1.3   Security dimension of identity management
One of the key elements of a secure environment for cross-border travel is that the travel documents used by visitors meet international standards in terms of security of the document itself and security in that the document reflects the genuine identity of its holder. Similarly, the systems for issuing travel documents need to be linked to identity management systems to streamline decision-making processes, preferably through modernized systems that reflect developments in document security technology. As entries in registers or officially issued identification documents provide access to specific services, criminal networks are constantly looking for possible gaps in identity management systems to obtain genuine documents under fabricated or stolen identities. Documents obtained as result of gaps in identity management have enabled criminals to target business entities and cause significant financial losses through the use of genuine documents issued to non-existent identities (OSCE, 2017, p.14) [27].
Both legal and illegal immigration breeder docs are regularly used to determine an identity if no MRTD or eMRTD is presented. An identity which will be printed on an eRP, Foreigners ppt, Refugees travel doc etc. unless other supportive evidence of identity is provided.
Organized crime has not overlooked this and fraudulently obtained or falsified travel documents are regularly presented to hide the true identity.
Since a significant portion of the world’s population cannot reliably prove their identity, they rely on verbally presented identities and/or supportive breeder documents when registering in another country.
Asylum applicants who...

  • Technical specification
    69 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TS CEN/TS 18139:2025(Main)
Personal identification - European guide for biometric recognition applications based on ID documents (ERG)
CEN/TS 18139:2025

This document defines requirements and provides guidance on:
•   capturing of facial images to be used for verification or identification purposes in applications based on reference images in identity or similar documents and traveller or visa databases;
•   capturing of fingerprint images to be used for verification or identification purposes in applications based on reference images in identity or similar documents and traveller or visa databases;
•   data quality maintenance for biometric data captured by/for verification or identification applications;
•   data authenticity maintenance for biometric data captured by/for verification or identification ap-plications.
This document addresses the following aspects which are specific for biometric data capturing:
•   biometric data quality and interoperability assurance;
•   data authenticity assurance;
•   morphing and other presentation attacks and biometric data injection attacks;
•   accessibility and usability;
•   recognition algorithms and their evaluation;
•   privacy and data protection;
•   optimal process design.
The following aspects are out of scope:
•   other aspects of IT security;
•   data capturing for ID document enrolment purposes, e.g. passport or ID card enrolment.

  • Technical specification
    30 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TS CEN/TS 17489-2:2025(Main)
Secure and interoperable European Breeder Documents — Part 2: Data model
CEN/TS 17489-2:2024

This document specifies the abstract data model for breeder document data and the specific encodings of this abstract data model used in the CEN breeder document framework.
The abstract data model is a semantic description of the birth, marriage / partnership, and death certificate data, independently from their specific encoding. This abstract data model is extensible for further standardized and proprietary data of birth, marriage / partnership, and death certificates as well as for other types of breeder documents.
This abstract data model is technology agnostic, i.e. it is applicable for paper-based, server-based, and hardware-based breeder documents as well as further breeder document designs and technologies.
The specific encodings of this abstract data model comprise the encodings to be used for the machine readable technologies specified in part 3 of the framework as well as the encoding of human readable breeder document data. These encodings are used in the birth, marriage / partnership, and death certificate profiles specified in part 4 of the framework.

  • Technical specification
    25 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TS CEN/TS 18099:2025(Main)
Biometric data injection attack detection
CEN/TS 18099:2024

This document provides an overview on:
-   Definitions on Biometric Data Injection Attack,
-   Biometric Data Injection Attack use case on main biometric system hardware for enrolment and verification,
-   Injection Attack Instruments on systems using one or several biometric modalities.
This document provides guidance on:
-   System for the detection of Injection Attack Instruments (defined in 3.12),
-   Appropriate mitigation risk of Injection Attack Instruments,
-   Creation of test plan for the evaluation of Injection Attack Detection system (defined in 3.9).
If presentation attacks testing is out of scope of this document, note that these two characteristics are in the scope of this document:
-   Presentation Attack Detection systems which can be used as injection attack instrument defence mechanism and/or injection attack method defence mechanism. Yet, no presentation attack testing will be performed by the laboratory to be compliant with this document (out of scope).
-   Bona Fide Presentation testing in order to test the ability of the Target Of Evaluation to correctly classify legitimate users.
The following aspects are out of scope:
-   Presentation Attack testing (as they are covered in ISO/IEC 30107 standards),
-   Biometric attacks which are not classified as Type 2 attacks (see Figure 1),
-   Evaluation of implementation of cryptographic mechanisms like secure elements,
-   Injection Attack Instruments rejected due to quality issues.

  • Technical specification
    37 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TP CEN/TR 18108:2025(Main)
Personal identification - Usage of biometrics in breeder documents
CEN/TR 18108:2024

This document provides guidance on usage of biometrics in breeder documents, in particular regarding
-   encoding of biometric reference data;
-   data quality maintenance for biometric reference data;
-   data authenticity maintenance for biometric reference data; and
-   privacy preservation of biometric reference data.
This document addresses advantages and disadvantages of biometric modes, in particular regarding
-   verification performance;
-   privacy impact;
-   feasibility of biometric acquisition considering the age of the capture subjects;
-   limits of validity and need for updating biometric reference data.
The following aspects are out of scope:
-   format and structure of breeder documents;
-   general security aspects, which are covered in CEN/TS 17489-1 [1].

  • Technical report
    18 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN ISO 21549-7:2024(Main)
Health informatics - Patient healthcard data - Part 7: Medication data (ISO 21549-7:2024)
EN ISO 21549-7:2024

This document applies to situations in which such data is recorded on or transported by patient healthcards compliant with the physical dimensions of ID-1 cards defined by ISO/IEC 7810.
This document specifies the basic structure of the data contained within the medication data object, but does not specify or mandate particular data sets for storage on devices.
The purpose of this document is for cards to provide information to other health professionals and to the patient or its non-professional caregiver.
It can also be used to carry a new prescription from the prescriber to the dispenser/pharmacy in the design of its sets.
Medication data include the following four components:
—     medication notes: additional information related to medication and the safe use of medicines by the patient such as medication history, sensitivities and allergies;
—     medication prescriptions: to carry a new prescription from the prescriber to the dispenser/pharmacy;
—     medication dispensed: the records of medications dispensed for the patient;
—     medication references: pointers to other systems that contain information that makes up medication prescription and the authority to dispense.
The following topics are beyond the scope of this document:
—     physical or logical solutions for the practical functioning of particular types of data cards;
—     how the message is processed further “downstream” of the interface between two systems;
—     the form which the data takes for use outside the data card, or the way in which such data is visibly represented on the data card or elsewhere.
NOTE            Not only does the definition of “medicinal products” differ from country to country, but also the same name can relate to entirely different products in some countries. Therefore, it is important to consider the safety of the patient when the card is used across borders.
This document describes and defines the Medication data objects used within or referenced by patient-held health data cards using UML, plain text and Abstract Syntax Notation (ASN.1).
This document does not describe nor define the common objects defined within ISO 21549-2.

  • Standard
    51 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TP CEN/TR 18030:2024(Main)
Personal identification - Biometrics - Overview of biometric verification systems implemented across Europe
CEN/TR 18030:2023

This Technical Report provides an overview of the current deployment of biometric systems within Europe. It addresses the challenges that are being faced, in order to detect the current needs for improving the specifications for the implementation and deployment of biometric systems. This Technical Report considers all kind of deployments, from border control to ad-hoc services. As most of the deployed systems are based on the use of fingerprints or face recognition, this Technical Report will focus on these two biometric modalities, from the system integrator and interoperability points of view.
Identity documents, in terms of production, structure, interoperability, etc., are out of the scope of this TR. The TR is focused on the performance at system level.
The current European legislative initiatives around this topic (e.g., Entry/Exit System, framework for interoperability between EU information systems, etc.) need a robust framework study about the availability of standard technologies to improve interoperability in biometric products around the European Union.
By showing these needs, a set of recommendations for future standardization works is provided.
From a methodological perspective, the report gathers information of different entities with this classification:
- Capture/enrolment of biometrics including the quality assurance and the generation of feature or biometric models from the images.
- Best practices and guidelines to use biometrics in Europe.
- Data Quality environment using biometrics in European networks.

  • Technical report
    33 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN ISO 21549-5:2024(Main)
Health informatics - Patient healthcard data - Part 5: Identification data (ISO 21549-5:2023)
EN ISO 21549-5:2023

This document describes and defines the basic structure of the identification data objects held on healthcare data cards, but it does not specify particular data sets for storage on devices.
This document does not apply to the detailed functions and mechanisms of the following services (although its structures can accommodate suitable data objects elsewhere specified):
—    security functions and related services that are likely to be specified by users for data cards depending on their specific application, e.g. confidentiality protection, data integrity protection and authentication of persons and devices related to these functions;
—    access control services;
—    the initialization and issuing process (which begins the operating lifetime of an individual data card, and by which the data card is prepared for the data to be subsequently communicated to it according to this document).
Therefore, this document does not cover:
—    physical or logical solutions for the practical functioning of particular types of data card;
—    the forms that data take for use outside the data card, or the way in which such data are visibly represented on the data card or elsewhere.

  • Standard
    17 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN ISO/IEC 2382-37:2024(Main)
Information technology - Vocabulary - Part 37: Biometrics (ISO/IEC 2382-37:2022)
EN ISO/IEC 2382-37:2023

This document establishes a systematic description of the concepts in the field of biometrics pertaining to recognition of human beings. This document also reconciles variant terms in use in pre-existing International Standards on biometrics against the preferred terms, thereby clarifying the use of terms in this field.
This document does not cover concepts (represented by terms) from information technology, pattern recognition, biology, mathematics, etc. Biometrics uses such fields of knowledge as a basis.
In principle, mode-specific terms are outside of scope of this document.

  • Standard
    42 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TP CEN/TR 17982:2024(Main)
European Digital Identity Wallets standards Gap Analysis
CEN/TR 17982:2023

This document identifies relevant existing standards and standards work in progress around European Digital Identity Wallets. It also identifies missing work items and overlaps in standards and is supposed to work as a roadmap for future standardization projects in the area.

  • Technical report
    39 pages
    English language
    sale 10% off
    e-Library read for
    1 day