• Shopping Cart
    There are no items in your cart

ISO 13491-1:2007

Withdrawn

Withdrawn

A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.

View Superseded by

Banking Secure cryptographic devices (retail) Part 1: Concepts, requirements and evaluation methods

Available format(s)

Hardcopy , PDF , PDF 3 Users , PDF 5 Users , PDF 9 Users

Withdrawn date

28-09-2018

Superseded by

ISO 13491-1:2016

Language(s)

English

Published date

11-06-2007

€60.00
Excluding VAT

ISO 13491-1:2007 specifies the requirements for secure cryptographic devices (SCDs) based on the cryptographic processes defined in ISO 9564, ISO 16609 and ISO 11568.

ISO 13491-1:2007 has two primary purposes:

  • to state the requirements concerning both the operational characteristics of SCDs and the management of such devices throughout all stages of their life cycle, and
  • to standardize the methodology for verifying compliance with those requirements.

Appropriate device characteristics are necessary to ensure that the device has the proper operational capabilities and provides adequate protection for the data it contains. Appropriate device management is necessary to ensure that the device is legitimate, that it has not been modified in an unauthorized manner (e.g. by bugging) and that any sensitive data placed within the device (e.g. cryptographic keys) has not been subject to disclosure or change.

Absolute security is not achievable in practical terms. Cryptographic security depends upon each life cycle phase of the SCD and the complementary combination of appropriate management procedures and secure cryptographic characteristics. These management procedures implement preventive measures to reduce the opportunity for a breach of SCD security. These aim for a high probability of detection of any unauthorized access to sensitive or confidential data, should device characteristics fail to prevent or detect the security compromise.

Annex A provides an informative illustration of the concepts of security levels described in ISO 13491-1:2007 as being applicable to SCDs.

DocumentType
Standard
Pages
30
PublisherName
International Organization for Standardization
Status
Withdrawn
SupersededBy
Supersedes

Standards Relationship
AS 2805.14.1-2011 Identical
BS ISO 13491-1:2007 Identical
AS 2805.14.1-2000 Identical

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.