ImageVerifierCode 换一换
格式:PDF , 页数:30 ,大小:791.54KB ,
资源ID:1029250      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-1029250.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(SANS 13888-1-2010 Information technology - Security techniques - Non-repudiation Part 1 General《信息技术 安全技术 抗抵赖 第1部分:总则》.pdf)为本站会员(towelfact221)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

SANS 13888-1-2010 Information technology - Security techniques - Non-repudiation Part 1 General《信息技术 安全技术 抗抵赖 第1部分:总则》.pdf

1、 Collection of SANS standards in electronic format (PDF) 1. Copyright This standard is available to staff members of companies that have subscribed to the complete collection of SANS standards in accordance with a formal copyright agreement. This document may reside on a CENTRAL FILE SERVER or INTRA

2、NET SYSTEM only. Unless specific permission has been granted, this document MAY NOT be sent or given to staff members from other companies or organizations. Doing so would constitute a VIOLATION of SABS copyright rules. 2. Indemnity The South African Bureau of Standards accepts no liability for any

3、damage whatsoever than may result from the use of this material or the information contain therein, irrespective of the cause and quantum thereof. ISBN 978-0-626-23721-9 SANS 13888-1:2010Edition 2 ISO/IEC 13888-1:2009Edition 3SOUTH AFRICAN NATIONAL STANDARD Information technology Security techniques

4、 Non-repudiation Part 1: General This national standard is the identical implementation of ISO/IEC 13888-1:2009 and is adopted with the permission of the International Organization for Standardization and the International Electrotechnical Commission. Published by SABS Standards Division 1 Dr Latega

5、n Road Groenkloof Private Bag X191 Pretoria 0001Tel: +27 12 428 7911 Fax: +27 12 344 1568 www.sabs.co.za SABS SANS 13888-1:2010 Edition 2 ISO/IEC 13888-1:2009 Edition 3 Table of changes Change No. Date Scope National foreword This South African standard was approved by National Committee SABS SC 71F

6、, Information technology Information security, in accordance with procedures of the SABS Standards Division, in compliance with annex 3 of the WTO/TBT agreement. This SANS document was published in March 2010. This SANS document supersedes SANS 13888-1:2005 (edition 1). Reference numberISO/IEC 13888

7、-1:2009(E)ISO/IEC 2009INTERNATIONAL STANDARD ISO/IEC13888-1Third edition2009-07-15Information technology Security techniques Non-repudiation Part 1: General Technologies de linformation Techniques de scurit Non-rpudiation Partie 1: Gnralits SANS 13888-1:2010This s tandard may only be used and printe

8、d by approved subscription and freemailing clients of the SABS .ISO/IEC 13888-1:2009(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are lice

9、nsed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of t

10、he software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating

11、to it is found, please inform the Central Secretariat at the address given below. COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2009 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including phot

12、ocopying and microfilm, without permission in writing from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org Published in Swi

13、tzerland ii ISO/IEC 2009 All rights reservedSANS 13888-1:2010This s tandard may only be used and printed by approved subscription and freemailing clients of the SABS .ISO/IEC 13888-1:2009(E) ISO/IEC 2009 All rights reserved iiiContents Page Foreword iv Introduction v 1 Scope . 1 2 Normative referenc

14、es . 1 3 Terms and definitions. 1 4 Symbols and abbreviated terms . 8 5 Organisation of the remainder of this part of ISO/IEC 13888. 8 6 Requirements 9 7 Generic non-repudiation services. 9 7.1 Entities involved in the provision and verification of evidence. 9 7.2 Non-repudiation services. 10 8 Trus

15、ted third party involvement 10 8.1 General. 10 8.2 Evidence generation phase . 10 8.3 Evidence transfer, storage and retrieval phase. 11 8.4 Evidence verification phase 11 9 Evidence generation and verification mechanisms 12 9.1 General. 12 9.2 Secure envelopes . 12 9.3 Digital signatures 13 9.4 Evi

16、dence verification mechanism . 13 10 Non-repudiation tokens 13 10.1 General. 13 10.2 Generic non-repudiation token . 14 10.3 Time-stamping token 15 10.4 Notarization token. 15 11 Specific non-repudiation services 15 11.1 General. 15 11.2 Non-repudiation of origin. 16 11.3 Non-repudiation of delivery

17、 . 16 11.4 Non-repudiation of submission. 16 11.5 Non-repudiation of transport. 16 12 Use of specific non-repudiation tokens in a messaging environment . 17 Bibliography . 19 SANS 13888-1:2010This s tandard may only be used and printed by approved subscription and freemailing clients of the SABS .IS

18、O/IEC 13888-1:2009(E) iv ISO/IEC 2009 All rights reservedForeword ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in

19、the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-

20、governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main t

21、ask of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at least 75 % of the national bodies casting

22、a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. ISO/IEC 13888-1 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information

23、technology, Subcommittee SC 27, IT Security techniques. This third edition cancels and replaces the second edition (ISO/IEC 13888-1:2004), which has been technically revised. ISO/IEC 13888 consists of the following parts, under the general title Information technology Security techniques Non-repudia

24、tion: Part 1: General Part 2: Mechanisms using symmetric techniques Part 3: Mechanisms using asymmetric techniques SANS 13888-1:2010This s tandard may only be used and printed by approved subscription and freemailing clients of the SABS .ISO/IEC 13888-1:2009(E) ISO/IEC 2009 All rights reserved vIntr

25、oduction The goal of a non-repudiation service is to generate, collect, maintain, make available and verify evidence concerning a claimed event or action in order to resolve disputes about the occurrence or non occurrence of the event or action. This part of ISO/IEC 13888 defines a model for non-rep

26、udiation mechanisms providing evidence based on cryptographic check values generated using symmetric or asymmetric cryptographic techniques. Non-repudiation services establish evidence; evidence establishes accountability regarding a particular event or action. The entity responsible for the action,

27、 or associated with the event, with regard to which evidence is generated, is known as the evidence subject. Non-repudiation mechanisms provide protocols for the exchange of non-repudiation tokens specific to each non-repudiation service. Non-repudiation tokens consist of secure envelopes and/or dig

28、ital signatures and, optionally, additional data: Secure envelopes are generated by an evidence generating authority using symmetric cryptographic techniques. Digital signatures are generated by an evidence generator or an evidence generating authority using asymmetric techniques. Non-repudiation to

29、kens can be stored as non-repudiation information that can be used subsequently by disputing parties or by an adjudicator to arbitrate in disputes. Depending on the non-repudiation policy in effect for a specific application, and the legal environment within which the application operates, additiona

30、l information may be required to complete the non-repudiation information, for example: evidence including a trusted time-stamp provided by a time-stamping authority, evidence provided by a notary which provides assurance about data created or the action or event performed by one or more entities. N

31、on-repudiation can only be provided within the context of a clearly defined security policy for a particular application and its legal environment. Non-repudiation policies are described in ISO/IEC 10181-4. Specific non-repudiation mechanisms generic to the various non-repudiation services are first

32、 described and then applied to a selection of specific non-repudiation services such as: non-repudiation of origin, non-repudiation of delivery, non-repudiation of submission, non-repudiation of transport. Additional non-repudiation services mentioned in this part of ISO/IEC 13888 are: non-repudiati

33、on of creation, non-repudiation of receipt, non-repudiation of knowledge, non-repudiation of sending. SANS 13888-1:2010This s tandard may only be used and printed by approved subscription and freemailing clients of the SABS .SANS 13888-1:2010This s tandard may only be used and printed by approved su

34、bscription and freemailing clients of the SABS .INTERNATIONAL STANDARD ISO/IEC 13888-1:2009(E) ISO/IEC 2009 All rights reserved 1Information technology Security techniques Non-repudiation Part 1: General 1 Scope This part of ISO/IEC 13888 serves as a general model for subsequent parts specifying non

35、-repudiation mechanisms using cryptographic techniques. ISO/IEC 13888 provides non-repudiation mechanisms for the following phases of non-repudiation: evidence generation; evidence transfer, storage and retrieval; and evidence verification. Dispute arbitration is outside the scope of ISO/IEC 13888.

36、2 Normative references The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. ISO/IEC 10181-4:1997, Info

37、rmation technology Open Systems Interconnection Security frameworks for open systems: Non-repudiation framework ISO/IEC 18014 (all parts), Information technology Security techniques Time-stamping services 3 Terms and definitions For the purposes of this document, the following terms and definitions

38、apply. 3.1 accountability property that ensures that the actions of an entity may be traced uniquely to the entity ISO 7498-2 3.2 certificate entitys data rendered unforgeable with the private or secret key of a certification authority SANS 13888-1:2010This s tandard may only be used and printed by

39、approved subscription and freemailing clients of the SABS .ISO/IEC 13888-1:2009(E) 2 ISO/IEC 2009 All rights reserved3.3 certification authority authority trusted by one or more users to create and assign certificates NOTE 1 Adapted from ISO/IEC 9594-8:2001, 3.3.17. NOTE 2 Optionally the certificati

40、on authority can create the users keys. 3.4 cryptographic check function cryptographic transformation which takes as input a secret key and an arbitrary string, and which gives a cryptographic check value as output 3.5 data integrity property that data has not been altered or destroyed in an unautho

41、rized manner ISO 7498-2 3.6 data origin authentication corroboration that the source of data received is as claimed ISO 7498-2 3.7 data storage means for storing information from which data is submitted for delivery, or into which data is put by the delivery authority 3.8 delivery authority authorit

42、y trusted by the sender to deliver the data from the sender to the receiver, and to provide the sender with evidence on the submission and transport of data upon request 3.9 digital signature data appended to, or a cryptographic transformation of, a data unit that allows the recipient of the data un

43、it to prove the source and integrity of the data unit and protect against forgery e.g. by the recipient ISO 7498-2 3.10 distinguishing identifier information which unambiguously distinguishes an entity in the non-repudiation process 3.11 evidence information which is used, either by itself or in con

44、junction with other information, to establish proof about an event or action NOTE Evidence does not necessarily prove the truth or existence of something (see proof) but can contribute to the establishment of such a proof. 3.12 evidence generator entity that produces non-repudiation evidence ISO/IEC

45、 10181-4 SANS 13888-1:2010This s tandard may only be used and printed by approved subscription and freemailing clients of the SABS .ISO/IEC 13888-1:2009(E) ISO/IEC 2009 All rights reserved 33.13 evidence user entity that uses non-repudiation evidence ISO/IEC 10181-4 3.14 evidence verifier entity tha

46、t verifies non-repudiation evidence ISO/IEC 10181-4 3.15 evidence requester entity requesting evidence to be generated either by another entity or by a trusted third party 3.16 evidence subject entity responsible for the action, or associated with the event, with regard to which evidence is generate

47、d 3.17 hash-code string of bits that is the output of a hash-function ISO/IEC 10118-1 3.18 hash-function function which maps strings of bits to fixed-length strings of bits, satisfying the following two properties: it is computationally infeasible to find for a given output an input which maps to th

48、is output; it is computationally infeasible to find for a given input a second input which maps to the same output ISO/IEC 10118-1 3.19 imprint string of bits, either the hash-code of a data string or the data string itself 3.20 key sequence of symbols that controls the operations of a cryptographic

49、 transformation (e.g. encipherment, decipherment, cryptographic check-function computation, signature calculation, or signature verification) ISO/IEC 11770-3 3.21 monitoring authority monitor trusted third party monitoring actions and events, and that is trusted to provide evidence about what has been monitored 3.22 Message Authentication Code MAC string of bits which is the output of a MAC algorithm ISO/IEC 9797-1 NOTE A MAC is sometimes called a c

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1