• There are no items in your cart

09/30204756 DC : 0

Superseded

Superseded

A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.

View Superseded by

BS ISO/IEC 11770-1 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - KEY MANAGEMENT - PART 1: FRAMEWORK

Available format(s)

Hardcopy , PDF

Superseded date

31-12-2010

Superseded by

BS ISO/IEC 11770-1:2010

Language(s)

English

€23.37
Excluding VAT

Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Symbols and abbreviated terms
5 General discussion of key management
  5.1 General
  5.2 Protection of keys
      5.2.1 General aspects of key management
      5.2.2 Protection by cryptographic techniques
      5.2.3 Protection by non-cryptographic techniques
      5.2.4 Protection by physical means
      5.2.5 Protection by organisational means
  5.3 Generic key life cycle model
      5.3.1 Key life cycle definitions
      5.3.2 Transitions between key states
      5.3.3 Transitions, services and keys
6 Concepts of key management
  6.1 Key management services
      6.1.1 Summary of key management services
      6.1.2 Generate-Key
      6.1.3 Register-Key
      6.1.4 Create-Key-Certificate
      6.1.5 Distribute-Key
      6.1.6 Install-Key
      6.1.7 Store key
      6.1.8 Derive-Key
      6.1.9 Archive-Key
      6.1.10 Revoke-Key
      6.1.11 Deregister-Key
      6.1.12 Destroy-Key
  6.2 Support services
      6.2.1 Key management facility services
      6.2.2 User-oriented services
7 Conceptual models for key distribution for two entities
  7.1 Introduction to key distribution
  7.2 Key distribution between two communicating entities
  7.3 Key distribution within one domain
  7.4 Key distribution between two domains
8 Specific service providers
Annex A (informative) - Threats to key management
Annex B (informative) - Key management information objects
Annex C (informative) - Classes of cryptographic applications
  C.1 Common classification of cryptographic systems
  C.2 Authentication services and keys
  C.3 Encryption services and keys
Annex D (informative) - Certificate lifecycle management
  D.1 General
  D.2 Certification Authority (CA)
      D.2.1 CA's responsibilities
      D.2.2 CA's asymmetric key pair
  D.3 Certification process
      D.3.1 Model for public key certification
      D.3.2 Registration
      D.3.3 Relationships between legal entities
      D.3.4 Certificate generation
      D.3.5 Renewal/Lifetime
  D.4 Distribution and use of public key certificate
      D.4.1 Requirements and procedures
      D.4.2 Distribution and storage of public key
             certificates
      D.4.3 Verification of public key certificates
  D.5 Certification paths
  D.6 Certificate revocation
      D.6.1 Revocation requirements
      D.6.2 Revocation lists
Bibliography

Committee
IST/33 IT
DocumentType
Draft
Pages
38
PublisherName
British Standards Institution
Status
Superseded
SupersededBy

ISO/IEC 18031:2011 Information technology Security techniques Random bit generation
ISO/IEC 19772:2009 Information technology Security techniques Authenticated encryption
ISO/IEC 11770-2:2008 Information technology Security techniques Key management Part 2: Mechanisms using symmetric techniques
ISO/IEC 11770-4:2006 Information technology Security techniques Key management Part 4: Mechanisms based on weak secrets
ISO/IEC 19790:2012 Information technology — Security techniques — Security requirements for cryptographic modules
ISO/IEC 10181-1:1996 Information technology Open Systems Interconnection Security frameworks for open systems: Overview
ISO/IEC 9594-8:2017 Information technology Open Systems Interconnection The Directory Part 8: Public-key and attribute certificate frameworks
ISO 7498-2:1989 Information processing systems Open Systems Interconnection Basic Reference Model Part 2: Security Architecture
ISO/IEC 29150:2011 Information technology — Security techniques — Signcryption
ISO/IEC 11770-3:2015 Information technology Security techniques Key management Part 3: Mechanisms using asymmetric techniques
ISO/IEC 9798-1:2010 Information technology Security techniques Entity authentication Part 1: General

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.