ImageVerifierCode 换一换
格式:PDF , 页数:36 ,大小:632.32KB ,
资源ID:437219      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-437219.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ANSI ISO IEC 18014-2-2002(R2008) Information technology — Security techniques — Time-stamping services — Part 2 Mechanisms producing independent tokens《信息技术.安全技术.计时打印机服务.第2部分 产生独立标.pdf)为本站会员(赵齐羽)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ANSI ISO IEC 18014-2-2002(R2008) Information technology — Security techniques — Time-stamping services — Part 2 Mechanisms producing independent tokens《信息技术.安全技术.计时打印机服务.第2部分 产生独立标.pdf

1、 Reference numberISO/IEC 18014-2:2002(E)ISO/IEC 2002INTERNATIONAL STANDARD ISO/IEC18014-2First edition2002-12-15Information technology Security techniques Time-stamping services Part 2: Mechanisms producing independent tokens Technologies de linformation Techniques de scurit Services dhorodatage Par

2、tie 2: Mcanismes produisant des jetons indpendants Adopted by INCITS (InterNational Committee for Information Technology Standards) as an American National Standard.Date of ANSI Approval: 7/7/2003Published by American National Standards Institute,25 West 43rd Street, New York, New York 10036Copyrigh

3、t 2003 by Information Technology Industry Council (ITI).All rights reserved.These materials are subject to copyright claims of International Standardization Organization (ISO), InternationalElectrotechnical Commission (IEC), American National Standards Institute (ANSI), and Information Technology In

4、dustry Council(ITI). Not for resale. No part of this publication may be reproduced in any form, including an electronic retrieval system, withoutthe prior written permission of ITI. All requests pertaining to this standard should be submitted to ITI, 1250 Eye Street NW,Washington, DC 20005.Printed i

5、n the United States of AmericaCopyright American National Standards Institute Provided by IHS under license with ANSINot for ResaleNo reproduction or networking permitted without license from IHS-,-,-ISO/IEC 18014-2:2002(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance w

6、ith Adobes licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobes licensing

7、 policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Ev

8、ery care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below. ISO/IEC 2002 All rights reserved. Unless otherwise specified, no part of this publ

9、ication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Gene

10、va 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org Published in Switzerland ii ISO/IEC 2002 All rights reservedCopyright American National Standards Institute Provided by IHS under license with ANSINot for ResaleNo reproduction or networking permitted without

11、license from IHS-,-,-ISO/IEC 18014-2:2002(E) ISO/IEC 2002 All rights reserved iiiContentsForeword.ivIntroduction .v1 Scope.12 Normative References .13 Terms and Definitions .24 General Discussion35 Entities of the Time-Stamping Process .46 Message Formats.46.1 Object Identifiers66.2 Extension fields

12、66.2.1 ExtHash extension.66.2.2 ExtMethod extension.66.2.3 ExtRenewal extension .77 Time-stamps using digital signatures .77.1 TSA response .87.2 Token verification 98 Time-stamps using message authentication codes.108.1 TSA response .108.2 MAC generation128.3 MAC verification.128.4 Token verificati

13、on 129 Time-stamps using archiving .139.1 TSA response .139.2 Token verification 13Annex A (normative) ASN.1 Module for time-stamping.15Annex B (informative) Data Structures25Bibliography 28Copyright American National Standards Institute Provided by IHS under license with ANSINot for ResaleNo reprod

14、uction or networking permitted without license from IHS-,-,-ISO/IEC 18014-2:2002(E) iv ISO/IEC 2002 All rights reservedForewordISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission)form the specialized system for worldwide standardization. Na

15、tional bodies that are members of ISO or IECparticipate in the development of International Standards through technical committees established by therespective organization to deal with particular fields of technical activity. ISO and IEC technical committeescollaborate in fields of mutual interest.

16、 Other international organizations, governmental and non-governmental, inliaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC haveestablished a joint technical committee, ISO/IEC JTC 1.International Standards are drafted in accordance with the rul

17、es given in the ISO/IEC Directives, Part 2.The main task of the joint technical committee is to prepare International Standards. Draft International Standardsadopted by the joint technical committee are circulated to national bodies for voting. Publication as an InternationalStandard requires approv

18、al by at least 75 % of the national bodies casting a vote.ISO/IEC 18014-2 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,Subcommittee SC 27, IT Security techniques.ISO/IEC 18014 consists of the following parts, under the general title Information technology Security

19、techniques Time-stamping services: Part 1: Framework Part 2: Mechanisms producing independent tokens Part 3: Mechanisms producing linked tokensFurther parts may follow.Copyright American National Standards Institute Provided by IHS under license with ANSINot for ResaleNo reproduction or networking p

20、ermitted without license from IHS-,-,-ISO/IEC 18014-2:2002(E) ISO/IEC 2002 All rights reserved vIntroductionThe International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) drawattention to the fact that it is claimed that compliance with this Internationa

21、l Standard may involve the use ofpatents.The ISO and IEC take no position concerning the evidence, validity and scope of this patent right.The holder of this patent right has assured the ISO and IEC that he is willing to negotiate licences underreasonable and non-discriminatory terms and conditions

22、with applicants throughout the world. In this respect, thestatement of the holder of this patent right is registered with the ISO and IEC. Information may be obtained from:ISO/IEC JTC 1/SC 27 Standing Document 8 (SD 8) “Patent Information“SD 8 is publicly available at: http:/www.din.de/ni/sc27Attent

23、ion is drawn to the possibility that some of the elements of this International Standard may be the subject ofpatent rights other than those identified above. ISO and IEC shall not be held responsible for identifying any or allsuch patent rights.Copyright American National Standards Institute Provid

24、ed by IHS under license with ANSINot for ResaleNo reproduction or networking permitted without license from IHS-,-,-Copyright American National Standards Institute Provided by IHS under license with ANSINot for ResaleNo reproduction or networking permitted without license from IHS-,-,-Information te

25、chnology Security techniques Time-stampingservices Part 2: Mechanisms producing independent tokens1 ScopeA time-stamping service provides evidence that a data item existed before a certain point in time. Time-stampservices produce time-stamp tokens, which are data structures containing a verifiable

26、cryptographic bindingbetween a data items representation and a time-value. This part of ISO/IEC 18014 defines time-stampingmechanisms that produce independent tokens, which can be verified one by one.2 Normative ReferencesISO 7498-2: 1989, Information processing systems Open Systems Interconnection

27、Basic Reference Model Part 2: Security ArchitectureISO/IEC 8824-1: 1998 | ITU-T Recommendation X.680 (1997), Information technology Abstract SyntaxNotation One (ASN.1): Specification of basic notationISO/IEC 8824-2: 1998 | ITU-T Recommendation X.681 (1997), Information technology Abstract SyntaxNota

28、tion One (ASN.1): Information object specificationISO/IEC 8824-3: 1998 | ITU-T Recommendation X.682 (1997), Information technology Abstract SyntaxNotation One (ASN.1): Constraint specificationISO/IEC 8824-4: 1998 | ITU-T Recommendation X.683 (1997), Information technology Abstract SyntaxNotation One

29、 (ASN.1): Parameterisation of ASN.1 specificationsISO/IEC 8825-1: 1998 | ITU-T Recommendation X.690 (1997), Information technology ASN.1 EncodingRules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished EncodingRules (DER)ISO/IEC 9594-8: 2001 | ITU-T Recomm

30、endation X.509 (2000), Information technology Open SystemsInterconnection The Directory: Public key and attribute certificate frameworksISO/IEC TR 14516: 2002 | ITU-T Recommendation X.842 (2000), Information technology Guidelines forthe use and management of Trusted Third Party servicesISO/IEC 9798-

31、1: 1997, Information technology Security techniques Entity authentication Part 1: GeneralISO/IEC 10181-2: 1996, Information technology Open Systems Interconnection Security frameworks for opensystems: Authentication frameworkISO/IEC 11770-1: 1996, Information technology Security techniques Key manag

32、ement Part 1: FrameworkISO/IEC 11770-3: 1999, Information technology Security techniques Key management Part 3: Mechanismsusing asymmetric techniquesISO/IEC 13888-1: 1997, Information technology Security techniques Non-repudiation Part 1: GeneralISO/IEC 14888 (all parts), Information technology Secu

33、rity techniques Digital signatures with appendix ISO/IEC 2002 All rights reserved 1The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (i

34、ncluding any amendments) applies. INTERNATIONAL STANDARD ISO/IEC 18014-2:2002(E)Copyright American National Standards Institute Provided by IHS under license with ANSINot for ResaleNo reproduction or networking permitted without license from IHS-,-,-ISO/IEC 18014-1: 2002, Information technology Secu

35、rity techniques Time-stamping services Part 1:Framework3 Terms and DefinitionsThe following terms are used as defined in ISO/IEC 7498-2:Cryptography: the discipline that embodies principles, means, and methods for the transformation of data in orderto hide its information content, prevent its undete

36、cted modification and/or prevent its unauthorized use.Data integrity: the property that data has not been altered or destroyed in an unauthorized manner.Data origin authentication: the corroboration that the source of data received is as claimed.Digital signature: data appended to, or a cryptographi

37、c transformation (see cryptography) of, a data unit thatallows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery e.g.by the recipient.The following term is used as defined in ISO/IEC 8825-1:Distinguished Encoding Rules (DER): encoding rules t

38、hat may be applied to values of types defined using theASN.1 notation. Application of these encoding rules produces a transfer syntax for such values. It is implicit that thesame rules are also to be used for decoding. The DER is more suitable if the encoded value is small enough to fitinto the avai

39、lable memory and there is a need to rapidly skip over some nested values.The following term is used as defined in ISO/IEC 9594-8:Certification path: an ordered sequence of certificates of objects in the DIT (directory information tree) which,together with the public key of the initial object in the

40、path, can be processed to obtain that of the final object in thepath.The following terms are used as defined in ISO/IEC 9798-1:Asymmetric key pair: a pair of related keys where the private key defines the private transformation and thepublic key defines the public transformation.Asymmetric signature

41、 system: a system based on asymmetric techniques whose private transformation is usedfor signing and whose public transformation is used for verification.The following term is used as defined in ISO/IEC 10181-2:Authentication: the provision of assurance of the claimed identity of an entity.The follo

42、wing term is used as defined in ISO/IEC 11770-1:Certification authority (CA): a centre trusted to create and assign public key certificates. Optionally, thecertification authority may create and assign keys to the entities.The following terms are used as defined in ISO/IEC 13888-1:Message Authentica

43、tion Code (MAC): a data item derived from a message using symmetric cryptographictechniques and a secret key. It is used to check the integrity and origin of a message by any entity holding thesecret key.Private key: that key of an entitys asymmetric key pair that is usable only by that entity. In t

44、he case of anasymmetric signature system, the private key and the associated algorithms define the signature transformation.ISO/IEC 18014-2:2002(E) 2 ISO/IEC 2002 All rights reservedCopyright American National Standards Institute Provided by IHS under license with ANSINot for ResaleNo reproduction o

45、r networking permitted without license from IHS-,-,-Public key: the key of an entitys asymmetric key pair that can be made public. In the case of an asymmetricsignature system, the public key and the associated algorithms define the verification transformation.Public key certificate: a security cert

46、ificate which binds unforgeably the public key of an entity to the entitysdistinguishing identifier, and which indicates the validity of the corresponding private key.The following term is used as defined in ISO/IEC 14888-2:Trusted third party: a security authority, or its agent, trusted by other en

47、tities with respect to security relatedactivities.The following terms are used as defined in ISO/IEC 18014-1:Time-stamping authority (TSA): a trusted third party trusted to provide a time-stamping service.Time-stamping service (TSS): a service providing evidence that a data item existed before a cer

48、tain point in time.Time-stamp requester: an entity which possesses data it wants to be time-stamped.Time-stamp token: a data structure containing a verifiable cryptographic binding between a data itemsrepresentation and a time-value. A time-stamp token may also include additional data items in the b

49、inding.Time-stamp verifier: an entity which possesses data and wants to verify that it has a valid time-stamp bound to it.The verification process may be performed by the verifier itself or by a Trusted Third Party.4 General DiscussionISO/IEC 18014-1 presents a general framework for the provision of time

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1