09/30169508 DC : 0
Current
The latest, up-to-date edition.
BS ISO/IEC 13888-2 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - NON-REPUDIATION - PART 2: MECHANISMS USING SYMMETRIC TECHNIQUES
Hardcopy , PDF
English
Foreword
1 Scope
2 Normative references
3 Definitions
3.1 Definitions from ISO 7498-2
3.1.1 data integrity
3.1.2 security policy
3.2 Definitions from ISO/IEC 9797-1
3.2.1 Message Authentication Code (MAC)
3.3 Definitions from ISO/IEC 9798-1
3.3.1 cryptographic check function
3.4 Definitions from ISO/IEC 10181-4
3.4.1 evidence generator
3.5 Definitions from ISO/IEC 11770-1
3.5.1 key
3.5.2 secret key
3.6 Definitions from ISO/IEC 18014
3.6.1 time stamp
3.6.2 time-stamping authority
3.7 Definitions from ISO/IEC 13888-1
3.7.1 data storage
3.7.2 delivery authority
3.7.3 distinguishing identifier
3.7.4 evidence
3.7.5 evidence requester
3.7.6 imprint
3.7.7 non-repudiation exchange
3.7.8 non-repudiation of origin
3.7.9 non-repudiation of delivery
3.7.10 non-repudiation of submission
3.7.11 non-repudiation of transport
3.7.12 non-repudiation policy
3.7.13 non-repudiation token
3.7.14 notary (notary authority)
3.7.15 NRDT
3.7.16 NROT
3.7.17 NRST
3.7.18 NRTT
3.7.19 originator
3.7.20 proof
3.7.21 recipient
3.7.22 secure envelope (SENV)
3.7.23 trusted third party
3.7.24 trusted time-stamp
4 Notation and Abbreviations
4.1 Notation
4.1.1 Notation from ISO/IEC 13888-1
4.1.2 Notation unique for the purposes of this
part of ISO/IEC 13888
5 Symbols (and abbreviated terms)
6 Requirements
7 Secure envelopes
8 Generation and verification of non-repudiation
tokens
8.1 Creation of tokens by the TTP
8.2 Data items used in the non-repudiation
mechanisms
8.2.1 Data items used in secure envelopes
8.2.2 Data items used in non-repudiation tokens
8.3 Non-repudiation tokens
8.3.1 Non-repudiation of origin token
8.3.2 Non-repudiation of delivery token
8.3.3 Time stamping token
8.4 Verification of tokens by the TTP
8.4.1 Verification process
8.4.2 On-line verification of the token
8.4.3 Table of tokens
9 Specific non-repudiation mechanisms
9.1 Mechanisms for non-repudiation
9.2 Mechanism for non-repudiation of origin
9.2.1 Token Generation
9.2.1.1 Transaction 1 - between originator
A and TTP
9.2.1.2 Transaction 2 - from originator A
to recipient B
9.2.1.3 Transaction 3 - between originator
A and TTP
9.2.2 Token Verification
9.3 Mechanism for non-repudiation of delivery
9.3.1 Token generation
9.3.1.1 Transaction 1 - between recipient B
and TT
9.3.1.2 Transaction 2 - from originator to
recipient B
9.3.1.3 Transaction 3 - between recipient B
and originator A
9.3.2 Token Verification
9.4 Mechanism for obtaining a time stamping token
Annex A (informative)
A1 Examples of specific non-repudiation mechanisms
A1.1 Examples of non-repudiation mechanisms
of origin and delivery
A2 Mechanism M1: Mandatory NRO, optional NRD
A2.1 Transaction 1 - between originator A and TTP
A2.2 Transaction 2 - from originator A to recipient B
A2.3 Transaction 3 - between recipient B and TTP
A2.4 Transaction 4 - from recipient B to originator A
A2.5 Transaction 5 - between originator A and recipient
TTP
A3 Mechanisms M2: Mandatory NRO, mandatory NDR
A3.1 Transaction 1 - between originator A and TTP
A3.2 Trasnaction 2 - from originator A to recipient B
A3.3 Transaction 3 - between recipient B and TTP
A3.4 Transaction 4 - between TTP and originator A
A4 Mechanism M3: Mandatory NRO and NRD with
intermediary TTP
A4.1 Transaction 1 - between originator A and TTP
A4.2 Transaction 2 - from TTP to recipient B
A4.3 Transaction 3 - between recipient B and TTP
A4.4 Transaction 4 - between TTP and originator A
Bibliography
Committee |
IST/33 IT
|
DocumentType |
Draft
|
Pages |
26
|
PublisherName |
British Standards Institution
|
Status |
Current
|
ISO/IEC 11770-2:2008 | Information technology Security techniques Key management Part 2: Mechanisms using symmetric techniques |
ISO/IEC 10181-1:1996 | Information technology Open Systems Interconnection Security frameworks for open systems: Overview |
ISO 7498-2:1989 | Information processing systems Open Systems Interconnection Basic Reference Model Part 2: Security Architecture |
ISO/IEC 13888-1:2009 | Information technology Security techniques Non-repudiation Part 1: General |
ISO/IEC 10181-4:1997 | Information technology Open Systems Interconnection Security frameworks for open systems: Non-repudiation framework Part 4: |
ISO/IEC 11770-1:2010 | Information technology Security techniques Key management Part 1: Framework |
ISO/IEC 11770-3:2015 | Information technology Security techniques Key management Part 3: Mechanisms using asymmetric techniques |
ISO/IEC 9798-1:2010 | Information technology Security techniques Entity authentication Part 1: General |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.