09/30204756 DC : 0
Superseded
A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.
View Superseded by
BS ISO/IEC 11770-1 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - KEY MANAGEMENT - PART 1: FRAMEWORK
Hardcopy , PDF
31-12-2010
English
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Symbols and abbreviated terms
5 General discussion of key management
5.1 General
5.2 Protection of keys
5.2.1 General aspects of key management
5.2.2 Protection by cryptographic techniques
5.2.3 Protection by non-cryptographic techniques
5.2.4 Protection by physical means
5.2.5 Protection by organisational means
5.3 Generic key life cycle model
5.3.1 Key life cycle definitions
5.3.2 Transitions between key states
5.3.3 Transitions, services and keys
6 Concepts of key management
6.1 Key management services
6.1.1 Summary of key management services
6.1.2 Generate-Key
6.1.3 Register-Key
6.1.4 Create-Key-Certificate
6.1.5 Distribute-Key
6.1.6 Install-Key
6.1.7 Store key
6.1.8 Derive-Key
6.1.9 Archive-Key
6.1.10 Revoke-Key
6.1.11 Deregister-Key
6.1.12 Destroy-Key
6.2 Support services
6.2.1 Key management facility services
6.2.2 User-oriented services
7 Conceptual models for key distribution for two entities
7.1 Introduction to key distribution
7.2 Key distribution between two communicating entities
7.3 Key distribution within one domain
7.4 Key distribution between two domains
8 Specific service providers
Annex A (informative) - Threats to key management
Annex B (informative) - Key management information objects
Annex C (informative) - Classes of cryptographic applications
C.1 Common classification of cryptographic systems
C.2 Authentication services and keys
C.3 Encryption services and keys
Annex D (informative) - Certificate lifecycle management
D.1 General
D.2 Certification Authority (CA)
D.2.1 CA's responsibilities
D.2.2 CA's asymmetric key pair
D.3 Certification process
D.3.1 Model for public key certification
D.3.2 Registration
D.3.3 Relationships between legal entities
D.3.4 Certificate generation
D.3.5 Renewal/Lifetime
D.4 Distribution and use of public key certificate
D.4.1 Requirements and procedures
D.4.2 Distribution and storage of public key
certificates
D.4.3 Verification of public key certificates
D.5 Certification paths
D.6 Certificate revocation
D.6.1 Revocation requirements
D.6.2 Revocation lists
Bibliography
Committee |
IST/33 IT
|
DocumentType |
Draft
|
Pages |
38
|
PublisherName |
British Standards Institution
|
Status |
Superseded
|
SupersededBy |
ISO/IEC 18031:2011 | Information technology Security techniques Random bit generation |
ISO/IEC 19772:2009 | Information technology Security techniques Authenticated encryption |
ISO/IEC 11770-2:2008 | Information technology Security techniques Key management Part 2: Mechanisms using symmetric techniques |
ISO/IEC 11770-4:2006 | Information technology Security techniques Key management Part 4: Mechanisms based on weak secrets |
ISO/IEC 19790:2012 | Information technology — Security techniques — Security requirements for cryptographic modules |
ISO/IEC 10181-1:1996 | Information technology Open Systems Interconnection Security frameworks for open systems: Overview |
ISO/IEC 9594-8:2017 | Information technology Open Systems Interconnection The Directory Part 8: Public-key and attribute certificate frameworks |
ISO 7498-2:1989 | Information processing systems Open Systems Interconnection Basic Reference Model Part 2: Security Architecture |
ISO/IEC 29150:2011 | Information technology — Security techniques — Signcryption |
ISO/IEC 11770-3:2015 | Information technology Security techniques Key management Part 3: Mechanisms using asymmetric techniques |
ISO/IEC 9798-1:2010 | Information technology Security techniques Entity authentication Part 1: General |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.