Skip to content
Please enter a keyword to search

  • ISO/IEC 15945:2002

    Current The latest, up-to-date edition.

    Information technology — Security techniques — Specification of TTP services to support the application of digital signatures

    Available format(s):  Hardcopy, PDF, PDF 3 Users, PDF 5 Users, PDF 9 Users

    Language(s):  English, French

    Published date:  14-02-2002

    Publisher:  International Organization for Standardization

    Add To Cart

    Abstract - (Show below) - (Hide below)

    This Recommendation | International Standard will define those TTP services needed to support the application of digital

    signatures for the purpose of non-repudiation of creation of documents.

    This Recommendation | International Standard will also define interfaces and protocols to enable interoperability

    between entities associated with these TTP services.

    Definitions of technical services and protocols are required to allow for the implementation of TTP services and related

    commercial applications.

    This Recommendation | International Standard focuses on:

    ? implementation and interoperability;

    ? service specifications; and

    ? technical requirements.

    This Recommendation | International Standard does not describe the management of TTPs or other organizational,

    operational or personal issues. Those topics are mainly covered in ITU-T Rec. X.842 | ISO/IEC TR 14516, Information

    technology ? Security techniques ? Guidelines on the use and management of Trusted Third Party services.

    NOTE 1 ? Because interoperability is the main issue of this Recommendation | International Standard, the following restrictions

    hold:

    i) Only those services which may be offered by a TTP, either to end entities or to another TTP, are covered in this

    Recommendation | International Standard.

    ii) Only those services which may be requested and/or delivered by means of standardizable digital messages are

    covered.

    iii) Only those services for which widely acceptable standardized messages can be agreed upon at the time this

    Recommendation | International Standard is published are specified in detail.

    Further services will be specified in separate documents when widely acceptable standardized messages are available for them. In

    particular, time stamping services will be defined in a separate document.

    NOTE 2 ? The data structures and messages in this Recommendation | International Standard will be specified in accordance to

    RFC documents, RFC 2510 and RFC 2511 (for certificate management services) and to RFC 2560 (for OCSP services). The

    certificate request format also allows interoperability with PKCS#10. See Annex C for references to the documents mentioned in

    this Note.

    NOTE 3 ? Other standardization efforts for TTP services in specific environments and applications, like SET or EDIFACT, exist.

    These are outside of the scope of this Recommendation | International Standard.

    NOTE 4 ? This Recommendation | International Standard defines technical specifications for services. These specifications are

    independent of policies, specific legal regulations, and organizational models (which, for example, might define how duties and

    responsibilities are shared between Certification Authorities and Registration Authorities). Of course, the policy of TTPs offering

    the services described in this Recommendation | International Standard will need to specify how legal regulations and the other

    aspects mentioned before will be fulfilled by the TTP. In particular, the policy has to specify how the validity of digital signatures

    and certificates is determined.

    General Product Information - (Show below) - (Hide below)

    Committee ISO/IEC JTC 1/SC 27
    Document Type Standard
    Publisher International Organization for Standardization
    Status Current

    Standards Referenced By This Book - (Show below) - (Hide below)

    12/30236961 DC : 0 BS ISO/IEC 20008-1 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - ANONYMOUS DIGITAL SIGNATURES - PART 1: GENERAL
    BS ISO/IEC 14888-2:2008 Information technology. Security techniques. Digital signatures with appendix Integer factorization based mechanisms
    08/30194076 DC : DRAFT DEC 2008 BS ISO 21091 - HEALTH INFORMATICS - DIRECTORY SERVICES FOR SECURITY, COMMUNICATIONS AND IDENTIFICATION OF PROFESSIONALS AND PATIENTS
    CSA ISO TS 17090-2 : 2005 HEALTH INFORMATICS - PUBLIC KEY INFRASTRUCTURE - PART 2: CERTIFICATE PROFILE
    16/30339535 DC : 0 BS EN 62056-5-3 ED 3.0 - ELECTRICITY METERING DATA EXCHANGE - THE DLMS/COSEM SUITE - PART 5-3: DLMS/COSEM APPLICATION LAYER
    08/30169511 DC : DRAFT DEC 2008 BS ISO/IEC 13888-3 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - NON-REPUDIATION - PART 3: MECHANISMS USING ASYMMETRIC TECHNIQUES
    BS ISO/IEC 17922:2017 Information technology. Security techniques. Telebiometric authentication framework using biometric hardware security module
    DIN EN ISO 22600-2 E : 2015 HEALTH INFORMATICS - PRIVILEGE MANAGEMENT AND ACCESS CONTROL - PART 2: FORMAL MODELS (ISO 22600-2:2014)
    CSA ISO/IEC TR 14516 : 2004 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR THE USE AND MANAGEMENT OF TRUSTED THIRD PARTY SERVICES
    CAN/CSA-ISO/IEC TR 14516-04 (R2017) Information Technology - Security Techniques - Guidelines for the use and Management of Trusted Third Party Services (Adopted ISO/IEC TR 14516:2002, first edition, 2002-06-15)
    CSA ISO/IEC TR 14516 : 2004 : R2012 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR THE USE AND MANAGEMENT OF TRUSTED THIRD PARTY SERVICES
    I.S. EN 62056-5-3:2017 ELECTRICITY METERING DATA EXCHANGE - THE DLMS/COSEM SUITE - PART 5-3: DLMS/COSEM APPLICATION LAYER
    UNI EN ISO 22600-2 : 2014 HEALTH INFORMATICS - PRIVILEGE MANAGEMENT AND ACCESS CONTROL - PART 2: FORMAL MODELS
    ISO 17090-2:2015 Health informatics Public key infrastructure Part 2: Certificate profile
    EN 62056-5-3:2017 Electricity metering data exchange - The DLMS/COSEM suite - Part 5-3: DLMS/COSEM application layer
    BS EN ISO 21091:2013 Health informatics. Directory services for healthcare providers, subjects of care and other entities
    EG 202 009-1 : 1.3.1 USER GROUP; QUALITY OF TELECOM SERVICES; PART 1: METHODOLOGY FOR IDENTIFICATION OF INDICATORS RELEVANT TO THE USERS
    BS EN 62056-5-3:2017 Electrcity metering data exchange. The DLMS/COSEM suite DLMS/COSEM application layer
    BS ISO/IEC 20008-1:2013 Information technology. Security techniques. Anonymous digital signatures General
    ISO/TS 17090-3:2002 Health informatics Public key infrastructure Part 3: Policy management of certification authority
    12/30271004 DC : 0 BS ISO 22600-2 - HEALTH INFORMATICS - PRIVILEGE MANAGEMENT AND ACCESS CONTROL - PART 2: FORMAL MODELS
    07/30169475 DC : 0 BS ISO 15782-1 - CERTIFICATE MANAGEMENT FOR FINANCIAL SERVICES - PART 1: PUBLIC KEY CERTIFICATES
    BS ISO/IEC 15945:2002 Information technology. Security techniques. Specification of TTP services to support the application of digital signatures
    BS ISO 17090-1:2013 Health informatics. Public key infrastructure Overview of digital certificate services
    CSA ISO/IEC 13888-3 : 2010 : R2015 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - NON-REPUDIATION - PART 3: MECHANISMS USING ASYMMETRIC TECHNIQUES
    CSA ISO TS 17090-3 : 2005 HEALTH INFORMATICS - PUBLIC KEY INFRASTRUCTURE - PART 3: POLICY MANAGEMENT OF CERTIFICATION AUTHORITY
    CSA ISO/IEC 14888-2 : 2009 : R2014 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - DIGITAL SIGNATURES WITH APPENDIX - PART 2: INTEGER FACTORIZATION BASED MECHANISMS
    ISO/IEC 18370-2:2016 Information technology Security techniques Blind digital signatures Part 2: Discrete logarithm based mechanisms
    ISO 21188:2018 Public key infrastructure for financial services — Practices and policy framework
    ISO/IEC 13888-3:2009 Information technology Security techniques Non-repudiation Part 3: Mechanisms using asymmetric techniques
    DD ISO/TS 17090-2:2002 Health informatics. Public key infrastructure Certificate profile
    17/30281253 DC : 0 BS ISO 21188 - PUBLIC KEY INFRASTRUCTURE FOR FINANCIAL SERVICES - PRACTICES AND POLICY FRAMEWORK
    BS ISO/IEC 13888-3:1997 Information technology. Security techniques. Non-repudiation Mechanisms using asymmetric techniques
    15/30286868 DC : 0 BS ISO/IEC 14888-3 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - DIGITAL SIGNATURES WITH APPENDIX - PART 3: DISCRETE LOGARITHM BASED MECHANISMS
    16/30266969 DC : 0 BS ISO/IEC 17922 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - TELEBIOMETRIC AUTHENTICATION FRAMEWORK USING BIOMETRIC HARDWARE SECURITY MODULE
    DD ISO/TS 17090-1:2002 Health informatics. Public key infrastructure Framework and overview
    BS ISO/IEC 14888-3 : 2006 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - DIGITAL SIGNATURES WITH APPENDIX - PART 3: DISCRETE LOGARITHM BASED MECHANISMS
    BS EN ISO 22600-2:2014 Health informatics. Privilege management and access control Formal models
    BS ISO 17090-3:2008 Health informatics. Public key infrastructure Policy management of certification authority
    ISO/TS 22600-2:2006 Health informatics Privilege management and access control Part 2: Formal models
    CSA ISO/IEC 14888-2 : 2009 : INC : COR 1 : 2016 : R201400 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - DIGITAL SIGNATURES WITH APPENDIX - PART 2: INTEGER FACTORIZATION BASED MECHANISMS
    CSA ISO/IEC 14888-3 : 2018 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - DIGITAL SIGNATURES WITH APPENDIX - PART 3: DISCRETE LOGARITHM BASED MECHANISMS
    CSA ISO TS 17090-1 : 2005 HEALTH INFORMATICS - PUBLIC KEY INFRASTRUCTURE - PART 1: FRAMEWORK AND OVERVIEW
    ISO/IEC 20248:2018 Information technology Automatic identification and data capture techniques Data structures Digital signature meta structure
    ISO 15782-1:2009 Certificate management for financial services Part 1: Public key certificates
    ISO/TS 17090-1:2002 Health informatics Public key infrastructure Part 1: Framework and overview
    IEC 62056-5-3:2017 Electrcity metering data exchange - The DLMS/COSEM suite - Part 5-3: DLMS/COSEM application layer
    EN ISO 21091:2013 Health informatics - Directory services for healthcare providers, subjects of care and other entities (ISO 21091:2013)
    EN ISO 22600-2:2014 Health informatics - Privilege management and access control - Part 2: Formal models (ISO 22600-2:2014)
    BS ISO/IEC 18370-2:2016 Information technology. Security techniques. Blind digital signatures Discrete logarithm based mechanisms
    CSA Z21091 : 2007 HEALTH INFORMATICS - DIRECTORY SERVICES FOR SECURITY, COMMUNICATIONS AND IDENTIFICATION OF PROFESSIONALS AND PATIENTS
    ISO 17090-1:2013 Health informatics Public key infrastructure Part 1: Overview of digital certificate services
    I.S. EN ISO 21091:2013 HEALTH INFORMATICS - DIRECTORY SERVICES FOR HEALTHCARE PROVIDERS, SUBJECTS OF CARE AND OTHER ENTITIES (ISO 21091:2013)
    05/30092187 DC : DRAFT APR 2005 ISO 21188 - PUBLIC KEY INFRASTRUCTURE FOR FINANCIAL SERVICES - PRACTICES AND POLICY FRAMEWORK
    BS ISO 15782-1:2009 Certificate management for financial services Public key certificates
    BS ISO/IEC TR 14516:2002 Information technology. Security techniques. Guidelines for the use and management of trusted third party services
    BS ISO 17090-2:2015 Health informatics. Public key infrastructure Certificate profile
    BS ISO 21188:2006 Public key infrastructure for financial services. Practices and policy framework
    DD ISO/TS 17090-3:2002 Health informatics. Public key infrastructure Policy management of certification authority
    ISO 17090-3:2008 Health informatics Public key infrastructure Part 3: Policy management of certification authority
    04/30124095 DC : DRAFT OCT 2004 BS EN ISO 21549-7 - HEALTH INFORMATICS - PATIENT HEALTHCARD DATA - PART 7: ELECTRONIC PRESCRIPTIONS (MEDICATION DATA)
    DIN EN ISO 22600-2:2015-02 HEALTH INFORMATICS - PRIVILEGE MANAGEMENT AND ACCESS CONTROL - PART 2: FORMAL MODELS (ISO 22600-2:2014)
    CSA ISO/IEC 14888-2 :2009 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - DIGITAL SIGNATURES WITH APPENDIX - PART 2: INTEGER FACTORIZATION BASED MECHANISMS
    ISO/IEC 20008-1:2013 Information technology — Security techniques — Anonymous digital signatures — Part 1: General
    ISO/IEC TR 14516:2002 Information technology Security techniques Guidelines for the use and management of Trusted Third Party services
    ISO/TS 17090-2:2002 Health informatics Public key infrastructure Part 2: Certificate profile
    ISO/IEC 14888-2:2008 Information technology Security techniques Digital signatures with appendix Part 2: Integer factorization based mechanisms
    ISO/IEC 14888-3:2016 Information technology — Security techniques — Digital signatures with appendix — Part 3: Discrete logarithm based mechanisms
    ISO 21091:2013 Health informatics — Directory services for healthcare providers, subjects of care and other entities
    ISO 22600-2:2014 Health informatics Privilege management and access control Part 2: Formal models
    15/30268544 DC : 0 BS ISO/IEC 18370-1 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - BLIND DIGITAL SIGNATURES - PART 1: GENERAL
    13/30274150 DC : 0 BS ISO 17090-2 - HEALTH INFORMATICS - PUBLIC KEY INFRASTRUCTURE - PART 2: CERTIFICATE PROFILE
    UNI EN ISO 21091 : 2013 HEALTH INFORMATICS - DIRECTORY SERVICES FOR HEALTHCARE PROVIDERS, SUBJECTS OF CARE AND OTHER ENTITIES
    ISO/IEC 14888-1:2008 Information technology Security techniques Digital signatures with appendix Part 1: General
    BS ISO/IEC 14888-1:1998 Information technology. Security techniques. Digital signatures with appendix General
    ISO/IEC 17922:2017 Information technology — Security techniques — Telebiometric authentication framework using biometric hardware security module
    EN 319 411-1 : 1.2.2 ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY AND SECURITY REQUIREMENTS FOR TRUST SERVICE PROVIDERS ISSUING CERTIFICATES; PART 1: GENERAL REQUIREMENTS
    15/30268565 DC : 0 BS ISO/IEC 18370-2 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - BLIND DIGITAL SIGNATURES - PART 2: DISCRETE LOGARITHM BASED MECHANISMS
    DD ISO/TS 22600-2:2006 Health informatics. Privilege management and access control Formal models
    07/30161232 DC : 0 BS ISO/IEC 11770-3 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - KEY MANAGEMENT - PART 3: MECHANISMS USING ASYMMETRIC TECHNIQUES
    CSA ISO/IEC 13888-3:2010 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - NON-REPUDIATION - PART 3: MECHANISMS USING ASYMMETRIC TECHNIQUES
    I.S. EN ISO 22600-2:2014 HEALTH INFORMATICS - PRIVILEGE MANAGEMENT AND ACCESS CONTROL - PART 2: FORMAL MODELS (ISO 22600-2:2014)

    Standards Referencing This Book - (Show below) - (Hide below)

    ISO/IEC 13888-2:2010 Information technology Security techniques Non-repudiation Part 2: Mechanisms using symmetric techniques
    ISO/IEC 15408-2:2008 Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional components
    ISO/IEC 10181-7:1996 Information technology Open Systems Interconnection Security frameworks for open systems: Security audit and alarms framework
    ISO/IEC 14888-3:2016 Information technology — Security techniques — Digital signatures with appendix — Part 3: Discrete logarithm based mechanisms
    ISO/IEC 8825-1:2015 Information technology ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER) Part 1:
    ISO/IEC 11770-2:2008 Information technology Security techniques Key management Part 2: Mechanisms using symmetric techniques
    ISO/IEC 15408-3:2008 Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance components
    ISO/IEC 9796-3:2006 Information technology — Security techniques — Digital signature schemes giving message recovery — Part 3: Discrete logarithm based mechanisms
    ISO/IEC 8824-2:2015 Information technology Abstract Syntax Notation One (ASN.1): Information object specification Part 2:
    ISO/IEC 13888-3:2009 Information technology Security techniques Non-repudiation Part 3: Mechanisms using asymmetric techniques
    ISO/IEC 10181-3:1996 Information technology Open Systems Interconnection Security frameworks for open systems: Access control framework
    ISO/IEC 10181-1:1996 Information technology Open Systems Interconnection Security frameworks for open systems: Overview
    ISO/IEC 9594-8:2017 Information technology Open Systems Interconnection The Directory Part 8: Public-key and attribute certificate frameworks
    ISO/IEC 9594-3:2017 Information technology Open Systems Interconnection The Directory Part 3: Abstract service definition
    ISO/IEC 9594-6:2017 Information technology Open Systems Interconnection The Directory Part 6: Selected attribute types
    ISO/IEC 8824-4:2015 Information technology Abstract Syntax Notation One (ASN.1): Parameterization of ASN.1 specifications Part 4:
    ISO/IEC 14888-1:2008 Information technology Security techniques Digital signatures with appendix Part 1: General
    ISO/IEC 10118-1:2016 Information technology Security techniques Hash-functions Part 1: General
    ISO/IEC 13888-1:2009 Information technology Security techniques Non-repudiation Part 1: General
    ISO/IEC 10181-4:1997 Information technology Open Systems Interconnection Security frameworks for open systems: Non-repudiation framework Part 4:
    ISO/IEC 10181-2:1996 Information technology Open Systems Interconnection Security frameworks for open systems: Authentication framework
    ISO/IEC 9796-2:2010 Information technology Security techniques Digital signature schemes giving message recovery Part 2: Integer factorization based mechanisms
    ISO/IEC 15946-2:2002 Information technology Security techniques Cryptographic techniques based on elliptic curves Part 2: Digital signatures
    ISO/IEC 10118-3:2004 Information technology Security techniques Hash-functions Part 3: Dedicated hash-functions
    ISO/IEC 10181-5:1996 Information technology Open Systems Interconnection Security frameworks for open systems: Confidentiality framework
    ISO/IEC 15408-1:2009 Information technology — Security techniques — Evaluation criteria for IT security — Part 1: Introduction and general model
    ISO/IEC 8824-1:2015 Information technology Abstract Syntax Notation One (ASN.1): Specification of basic notation Part 1:
    ISO/IEC 9594-2:2017 Information technology Open Systems Interconnection The Directory Part 2: Models
    ISO/IEC 10181-6:1996 Information technology Open Systems Interconnection Security frameworks for open systems: Integrity framework
    ISO/IEC 10118-2:2010 Information technology Security techniques Hash-functions Part 2: Hash-functions using an n-bit block cipher
    ISO/IEC 14888-2:2008 Information technology Security techniques Digital signatures with appendix Part 2: Integer factorization based mechanisms
    ISO/IEC 8824-3:2015 Information technology Abstract Syntax Notation One (ASN.1): Constraint specification Part 3:
    ISO/IEC 11770-1:2010 Information technology Security techniques Key management Part 1: Framework
    ISO/IEC 9594-5:2017 Information technology Open Systems Interconnection The Directory Part 5: Protocol specifications
    ISO/IEC 11770-3:2015 Information technology Security techniques Key management Part 3: Mechanisms using asymmetric techniques
    View more information

    • Access your standards online with a subscription

      Features

      • Simple online access to standards, technical information and regulations
      • Critical updates of standards and customisable alerts and notifications
      • Multi - user online standards collection: secure, flexibile and cost effective