I.S. CWA 14170:2004
Withdrawn
A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.
SECURITY REQUIREMENTS FOR SIGNATURE CREATION APPLICATIONS
Hardcopy , PDF
07-06-2018
English
23-07-2004
Important note : Users cannot be edited or removed once added to your Multi user PDF.
Foreword
Introduction
1. Scope
2. References
3. Definitions
4. Abbreviations
5. Signature Creation Functional Model
5.1 Signature Creation Objectives
5.2 Model
5.3 Signature Creation Applications
5.4 Secure Signature Creation Devices
5.5 Signature Creation Application Instantiation
5.6 Control and possession of Signature Creation
Systems
6. Signed Data Object Information Model
6.1 Signer's Document (SD)
6.2 Signature Attributes
6.3 Data To Be Signed (DTBS)
6.4 Data To Be Signed (Formatted) (DTBSF)
6.5 Data To Be Signed Representation (DTBSR)
6.6 Advanced Electronic Signature
6.7 Qualified Electronic Signature
6.8 Signed Data Object
6.9 Signer's Authentication Data (not shown)
7. Overall Security Requirements of the SCA
7.1 Introduction
7.2 Trusted Path
7.2.1 Basic Trusted Path Requirement
7.2.2 Requirements for Public SCA
7.2.3 Referencing the correct SD and Signature
Attributes
7.3 Requirements for Distributed Signature Creation
Applications
7.4 Requirements resulting from un-trusted processes
and communications ports
7.5 Post signature verification of the Signed Data
Object
7.6 Requirements of the DTBS
8. SD Presentation Component (SDP)
8.1 Purpose
8.2 Background
8.3 Data Content Type Requirements
8.4 SD Non-ambiguity Requirements
8.5 Requirements for Presentation Insensitive SDs
8.6 Hidden Text and Active Code Requirements
9. Signature Attribute Viewer (SAV)
10. Signer Interaction Component (SIC)
10.1 High level user interface principles
10.2 Signature Invocation
10.3 Signature process inactivity timeout
10.4 Signer Control Functions
10.5 Retrieval of Signer's Characteristics
10.6 User Interface Aspects
11. Signer's Authentication Component (SAC)
11.1 General Aspects
11.2 Obtaining the Signer's Authentication Data
11.3 Knowledge based Signer Authentication
11.4 Biometric Signer Authentication
11.5 Provision of the wrong Signer's Authentication
Data
11.6 Change of Signer's Authentication Data and Reset
of the Retry Counter
11.7 Signer's Authentication Data User Interface Aspects
11.8 Security Requirements for the SAC Component
12. Data To Be Signed Formatter (DTBSF)
12.1 Functions of the DTBSF component
12.2 Security Requirements for the DTBSF component
13. Data Hashing Component (DHC)
13.1 Functions of the DHC Component
13.2 Production of the DTBS Representation
13.3 Formatting of the electronic signature input
13.4 Security Requirements for the DHC Component
14. SCDev/SCA Communicator (SSC)
14.1 Interaction Sequences
14.2 Establishing the Physical Communication
14.3 Retrieval of SCDev Token Information
14.4 Selection of the SCDev functionality on a
multi-application platform
14.5 Retrieval of Certificates
14.6 Selection of Signature Creation Data
14.7 Performing Signer Authentication
14.8 Digital Signature Computation
14.9 Signature Logging
14.10 Security requirements for the SSC Component
15. SCD/SCA Authenticator (SSA)
15.1 SCA - SCDev Authentication for SCA under service
provider's control
15.2 Security Requirements for the SSA Component
16. SD Composer (SDC)
16.1 Security Requirements for the SDC Component
17. Signed Data Object Composer (SDOC)
18. External Interface for Input/Output
18.1 Risks to the SCA
18.2 Import of Certificates
18.3 Import of an SD and Signature Attributes
18.4 Download of SCA Components
18.5 Security Requirements for Input Control
Annex A (Informative) - General Recommendations
A.1 Operation of the Signature Creation Application
A.2 Requirement on the environment
A.3 Presentation insensitive SD
Annex B Guidance to implement a User Interface
B.1 Purpose
B.2 User interface consistency
B.3 Use of colour
B.4 Feedback
B.5 Security Breach detection
B.6 Invalid choice
B.7 Preservation of information presentation
B.8 Personalisation
B.9 Signer's Control when integrating with user
profiling techniques
B.10 Configure/Edit Signature Creation process
B.11 Distinguishing between certificates
B.12 Timing of operations
B.13 Security of terminals in public domain
B.14 User retention of secrets
B.15 User instructions
B.16 Presentation of operational sequence
B.17 Presentation of distinguishable parts
B.18 Guidance
B.19 Terminology
B.20 Error tolerance
B.21 Informative error messages
B.22 Single handed operation of public SCAs
B.23 Cancellation of operation
B.24 Undo operation
B.25 Signer's Authentication Component (SAC)
B.25.1 Choice of signer authentication method
B.25.2 Biometric signer authentication
Annex C Signature Logging Component (SLC)
Annex D (Informative) - SCDev Holder Indicator (SHI)
Annex E (Informative) - References
Outlines security requirements for Signature Creation Applications that create Advanced Electronic Signatures.
| DocumentType |
Standard
|
| Pages |
65
|
| PublisherName |
National Standards Authority of Ireland
|
| Status |
Withdrawn
|
| EN 419221-5:2018 | Protection Profiles for TSP Cryptographic Modules - Part 5: Cryptographic Module for Trust Services |
| I.S. EN 419221-5:2018 | PROTECTION PROFILES FOR TSP CRYPTOGRAPHIC MODULES - PART 5: CRYPTOGRAPHIC MODULE FOR TRUST SERVICES |
| EN 1332-1:2009 | Identification card systems - Human-machine interface - Part 1: Design principles for the user interface |
| ETR 029 : 20001 | HUMAN FACTORS (HF) - ACCESS TO TELECOMMUNICATIONS FOR PEOPLE WITH SPECIAL NEEDS - RECOMMENDATIONS FOR IMPROVING & ADAPTING TELECOMMUNICATION TERMINALS & SERVICES FOR PEOPLE WITH IMPAIRMENTS |
| ES 201 381 : 1.1.1 | HUMAN FACTORS (HF) - TELECOMMUNICATIONS KEYPADS AND KEYBOARDS - TACTILE IDENTIFIERS |
| EN 1332-3:2008 | Identification card systems - Man-machine interface - Part 3: Keypads |
| ETR 334 : 20001 | HUMAN FACTORS (HF) - THE IMPLICATIONS OF HUMAN AGEING FOR THE DESIGN OF TELEPHONE TERMINALS |
| ETR 333 : 20002 | HUMAN FACTORS (HF) - TEXT TELEPHONY - BASIC USER REQUIREMENTS AND RECOMMENDATIONS |
| EN 1332-2:1998 | Identification card systems - Man-machine interface - Part 2: Dimensions and location of a tactile identifier for ID-1 cards |
| ETR 345 : 20001 | HUMAN FACTORS (HF) - CHARACTERISTICS OF TELEPHONE KEYPADS AND KEYBOARDS - REQUIREMENTS OF ELDERLY AND DISABLED PEOPLE |
| DIN V 66291-1:2000-04 | CHIPCARDS WITH DIGITAL SIGNATUR APPLICATION/FUNCTION ACCORDING TO SIGG AND SIGV - PART 1: APPLICATION INTERFACE |
| ETR 116 : 20001 | HUMAN FACTORS GUIDELINES FOR ISDN TERMINAL EQUIPMENT DESIGN |
| EN 1332-4:2007 | Identification card systems - Man-machine interface - Part 4: Coding of user requirements for people with special needs |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.