EG 201 057 : 1.1.2
Current
The latest, up-to-date edition.
TELECOMMUNICATIONS SECURITY; TRUSTED THIRD PARTIES (TTP); REQUIREMENTS FOR TTP SERVICES
Hardcopy , PDF
English
Important note : Users cannot be edited or removed once added to your Multi user PDF.
Intellectual property rights
Foreword
Introduction
1. Scope
2. References
3. Definitions and abbreviations
3.1 Definitions
3.2 Abbreviations
4. General aspects
4.1 Use of a TTP
4.2 Delimitation of security services for confidentiality
and digital signatures
4.3 Establishing trust in a TTP scheme
4.4 TTP management
4.5 User interactions with TTPs
4.6 TTP services, functions and applications
5. TTP services and functions
5.1 Key management services for symmetric cryptosystems
5.2 Key management services for asymmetric cryptosystems
5.3 Key escrow/recovery services
5.4 Identification and authentication support services
5.5 Access control support services
5.6 Non-repudiation services
5.7 Auxiliary support services
5.8 Functions against services
6. TTP interfaces
6.1 Types of interface
6.2 Interface requirements
7. Legal aspects
7.1 Liability
7.2 Legal basis for digital signatures
7.3 Protection of privacy and personal data
7.4 Export control
7.5 Lawful interception
7.6 Lawful access
8. Commercial issues
8.1 Competition and openness
8.2 Scope and flexibility
8.3 Licensing and accreditation
8.4 Billing of TTP services
Annex A: Basis for a standardized TTP scheme
A.1 General standardization requirements
A.2 Security requirements for a TTP scheme
A.3 TTP functional and interface requirements to be
standardized
Annex B: Examples of the use of TTP services
B.1 TTP based security services
B.2 Certification authority
B.3 Key escrow/recovery centre
B.4 Trusted key distribution centre
B.5 Fraud detection centre
B.6 Legal services
B.7 Guaranteed date and time stamping
B.8 Negotiable document transaction
B.9 Storage of electronic information
Annex C: National and international policies
C.1 European Union
C.2 France
C.3 Germany
C.4 Netherlands
C.5 United Kingdom
C.6 OECD
C.7 United States of America
History
Describes the requirements for TTP services in order to safe guard the confidentiality of electronic information including key certification, key escrow/recovery, authentication, access control and non-repudiation services.
| Committee |
SEC
|
| DocumentType |
Standard
|
| Pages |
44
|
| PublisherName |
European Telecommunications Standards Institute
|
| Status |
Current
|
| Standards | Relationship |
| UNE-EG 201057 V1.1.2:2003 | Identical |
| ISO/IEC 9594-8:2017 | Information technology Open Systems Interconnection The Directory Part 8: Public-key and attribute certificate frameworks |
| ISO 7498-2:1989 | Information processing systems Open Systems Interconnection Basic Reference Model Part 2: Security Architecture |
| ETR 331 : 20001 | SECURITY TECHNIQUES ADVISORY GROUP (STAG) - DEFINITION OF USER REQUIREMENTS FOR LAWFUL INTERCEPTION OF TELECOMMUNICATIONS |
| ISO/IEC 11770-1:2010 | Information technology Security techniques Key management Part 1: Framework |
| ECMA 235 : 1ED 96 | THE ECMA GSS-API MECHANISM |
| ECMA 219 : 2ED 96 | AUTHENTICATION AND PRIVILEGE ATTRIBUTE SECURITY APPLICATION WITH RELATED KEY DISTRIBUTION FUNCTIONS - PART 1, 2 AND 3 |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.