BS ISO 13491-1-2016 Financial services Secure cryptographic devices (retail) Concepts requirements and evaluation methods《金融服务 安全加密设备(零售) 概念、要求和评估方法》.pdf

1、BSI Standards PublicationBS ISO 13491-1:2016Financial services Securecryptographic devices (retail)Part 1: Concepts, requirements andevaluation methodsBS ISO 13491-1:2016 BRITISH STANDARDNational forewordThis British Standard is the UK implementation of ISO 13491-1:2016.It supersedes BS ISO 13491-1:

2、2007 which is withdrawn.The UK participation in its preparation was entrusted to TechnicalCommittee IST/12, Financial services.A list of organizations represented on this committee can beobtained on request to its secretary.This publication does not purport to include all the necessaryprovisions of

3、a contract. Users are responsible for its correctapplication. The British Standards Institution 2016. Published by BSI StandardsLimited 2016ISBN 978 0 580 79378 3ICS 35.240.40Compliance with a British Standard cannot confer immunity fromlegal obligations.This British Standard was published under the

4、 authority of theStandards Policy and Strategy Committee on 31 March 2016.Amendments issued since publicationDate Text affectedBS ISO 13491-1:2016 ISO 2016Financial services Secure cryptographic devices (retail) Part 1: Concepts, requirements and evaluation methodsServices financiers Dispositifs cry

5、ptographiques de scurit (services aux particuliers) Partie 1: Concepts, exigences et mthodes dvaluationINTERNATIONAL STANDARDISO13491-1Third edition2016-03-15Reference numberISO 13491-1:2016(E)BS ISO 13491-1:2016ISO 13491-1:2016(E)ii ISO 2016 All rights reservedCOPYRIGHT PROTECTED DOCUMENT ISO 2016,

6、 Published in SwitzerlandAll rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written permission. Pe

7、rmission can be requested from either ISO at the address below or ISOs member body in the country of the requester.ISO copyright officeCh. de Blandonnet 8 CP 401CH-1214 Vernier, Geneva, SwitzerlandTel. +41 22 749 01 11Fax +41 22 749 09 47copyrightiso.orgwww.iso.orgBS ISO 13491-1:2016ISO 13491-1:2016

8、(E)Foreword vIntroduction vi1 Scope . 12 Normative references 13 Terms and definitions . 14 Abbreviated terms 55 Secure cryptographic device concepts . 55.1 General . 55.2 Attack scenarios . 65.2.1 General 65.2.2 Penetration . 65.2.3 Monitoring . 65.2.4 Manipulation . 65.2.5 Modification . 65.2.6 Su

9、bstitution 65.3 Defence measures . 75.3.1 General 75.3.2 Device characteristics 75.3.3 Device management 85.3.4 Environment 86 Requirements for device security characteristics . 86.1 General . 86.2 Physical security requirements for SCDs . 96.2.1 General 96.3 Tamper evident requirements . 96.3.1 Gen

10、eral 96.4 Tamper resistant requirements . 106.4.1 General. 106.5 Tamper responsive requirements . 106.5.1 General. 106.6 Logical security requirements for SCDs . 116.6.1 Dual control .116.6.2 Unique key per device 116.6.3 Assurance of genuine device 116.6.4 Design of functions .116.6.5 Use of crypto

11、graphic keys . 126.6.6 Sensitive device states126.6.7 Multiple cryptographic relationships .126.6.8 SCD software authentication 127 Requirements for device management 127.1 General 127.2 Life cycle phases . 137.3 Life cycle protection requirements. 147.3.1 General. 147.3.2 Manufacturing phase.147.3.

12、3 Post-manufacturing phase . 157.3.4 Commissioning (initial financial key loading) phase 157.3.5 Inactive operational phase . 157.3.6 Active operational phase (use) . 167.3.7 Decommissioning (post-use) phase . 167.3.8 Repair phase . 167.3.9 Destruction phase 17 ISO 2016 All rights reserved iiiConten

13、ts PageBS ISO 13491-1:2016ISO 13491-1:2016(E)7.4 Life cycle protection methods . 177.4.1 Manufacturing .177.4.2 Post manufacturing phase 177.4.3 Commissioning (initial financial key loading) phase 177.4.4 Inactive Operational Phase 187.4.5 Active operational (use) phase . 187.4.6 Decommissioning pha

14、se 187.4.7 Repair . 197.4.8 Destruction 197.5 Accountability . 197.6 Device management principles of audit and control 20Annex A (informative) Evaluation methods .23Bibliography .33iv ISO 2016 All rights reservedBS ISO 13491-1:2016ISO 13491-1:2016(E)ForewordISO (the International Organization for St

15、andardization) is a worldwide federation of national standards bodies (ISO member bodies). The work of preparing International Standards is normally carried out through ISO technical committees. Each member body interested in a subject for which a technical committee has been established has the rig

16、ht to be represented on that committee. International organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.The procedures

17、 used to develop this document and those intended for its further maintenance are described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the different types of ISO documents should be noted. This document was drafted in accordance with the editorial rul

18、es of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of any patent rights identi

19、fied during the development of the document will be in the Introduction and/or on the ISO list of patent declarations received (see www.iso.org/patents).Any trade name used in this document is information given for the convenience of users and does not constitute an endorsement.For an explanation on

20、 the meaning of ISO specific terms and expressions related to conformity assessment, as well as information about ISOs adherence to the WTO principles in the Technical Barriers to Trade (TBT) see the following URL: Foreword - Supplementary informationThe committee responsible for this document is IS

21、O/TC 68, Financial services, Subcommittee SC 2, Security.This third edition cancels and replaces the second edition (ISO 13491-1:2007), which has been technically revised.ISO 13491 consists of the following parts, under the general title Financial services Secure cryptographic devices (retail): Part

22、 1: Concepts, requirements and evaluation methods Part 2: Security compliance checklists for devices used in financial transactions ISO 2016 All rights reserved vBS ISO 13491-1:2016ISO 13491-1:2016(E)IntroductionISO 13491 describes both the physical and logical characteristics and the management of

23、the secure cryptographic devices (SCDs) used to protect messages, cryptographic keys, and other sensitive information used in a retail financial services environment.This part of ISO 13491 contains the security requirements for SCDs. ISO 13491-2 is a tool for measuring compliance against these requi

24、rements. It provides a checklist of characteristics that a device has to possess, how devices have to be managed, and characteristics of the operational environments.The security of retail electronic payment systems is largely dependent upon the security of these cryptographic devices. This security

25、 is based upon the premise that computer files can be accessed and manipulated, communications lines can be “tapped”, and authorized data or control inputs into system equipment can be replaced with unauthorized inputs. When personal identification numbers (PINs), message authentication codes (MACs)

26、, cryptographic keys, and other sensitive data are processed, there is a risk of tampering or other compromise to disclose or modify such data. The risk of financial loss is reduced through the appropriate use of cryptographic devices that have proper characteristics and are properly managed.Appropr

27、iate device characteristics are necessary to ensure that the device has the proper operational capabilities and provides adequate protection for the data it contains. Appropriate device management is necessary to ensure that the device is legitimate, that it has not been modified in an unauthorized

28、manner (e.g. by “bugging”), and that any sensitive data placed within the device (e.g. cryptographic keys) has not been subject to disclosure or change.Absolute security is not achievable in practical terms. Cryptographic security depends upon each life cycle phase of the SCD and the complementary c

29、ombination of appropriate management procedures and secure cryptographic characteristics. These management procedures implement preventive measures to reduce the opportunity for a breach of SCD security. This aims for a high probability of detection of any unauthorized access to sensitive or confide

30、ntial data should device characteristics fail to prevent or detect the security compromise.vi ISO 2016 All rights reservedBS ISO 13491-1:2016Financial services Secure cryptographic devices (retail) Part 1: Concepts, requirements and evaluation methods1 ScopeThis part of ISO 13491 specifies the secur

31、ity characteristics for secure cryptographic devices (SCDs) based on the cryptographic processes defined in ISO 9564, ISO 16609, and ISO 11568.This part of ISO 13491 has two primary purposes: to state the security characteristics concerning both the operational characteristics of SCDs and the manage

32、ment of such devices throughout all stages of their life cycle; to provide guidance for methodologies to verify compliance with those requirements. This information is contained in Annex A.ISO 13491-2 specifies checklists to be used to evaluate secure cryptographic devices (SCDs) incorporating crypt

33、ographic processes as specified in ISO 9564-1, ISO 9564-2, ISO 16609, ISO 11568-1, ISO 11568-2, ISO 11568-3, ISO 11568-4, ISO 11568-5, and ISO 11568-6 in the financial services environment.Annex A provides an informative illustration of the concepts of security levels described in this part of ISO 1

34、3491 as being applicable to SCDs.This part of ISO 13491 does not address issues arising from the denial of service of an SCD.Specific requirements for the security characteristics and management of specific types of SCD functionality used in the retail financial services environment are contained in

35、 ISO 13491-2.2 Normative referencesThe following documents, in whole or in part, are normatively referenced in this document and are indispensable for its application. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (includi

36、ng any amendments) applies.ISO 11568-1, Banking Key management (retail) Part 1: PrinciplesISO 11568-2, Financial services Key management (retail) Part 2: Symmetric ciphers, their key management and life cycleISO 11568-4, Banking Key management (retail) Part 4: Asymmetric cryptosystems Key management

37、 and life cycle3 Terms and definitionsFor the purposes of this document, the following terms and definitions apply.3.1accreditation authorityauthority responsible for the accreditation of evaluation agencies and supervision of their work in order to guarantee the reproducibility of the evaluation re

38、sultsINTERNATIONAL STANDARD ISO 13491-1:2016(E) ISO 2016 All rights reserved 1BS ISO 13491-1:2016ISO 13491-1:2016(E)3.2accredited evaluation agencybody accredited in accordance with a set of rules and accepted by the approval authority for the purpose of evaluationNote 1 to entry: An example of a se

39、t of rules is ISO/IEC 17025.3.3approval authorityauthority responsible for the approval of devices and for issuance of the approval letter (3.4)3.4approval letteroutput of the approval authority (3.3) based on the results from an evaluation review body (3.20)3.5assessment checklistlist of claims, or

40、ganized by device type, and contained in ISO 13491-23.6assessment reportoutput of the assessment review body (3.7), based on the results from an assessor (3.8)3.7assessment review bodygroup with responsibility for reviewing and making judgements on the results from the assessor (3.8)3.8assessorperso

41、n who checks, assesses, reviews, and evaluates compliance with an informal evaluation on behalf of the sponsor (3.33) or assessment review body (3.7)3.9attackattempt by an adversary on the device to obtain or modify sensitive information (3.30) or a service they are not authorized to obtain or modif

42、y3.10evaluation certificateoutput of the accreditation authority based on the results from an accredited evaluation agency (3.2)3.11controllerentity responsible for the secure management of an SCD (3.28)3.12deliverablesdocuments, equipment, and any other items or information needed by the evaluators

43、 to perform an evaluation of the SCD (3.28)3.13device compromisesuccessful defeat of the physical or logical protections provided by the SCD (3.28), resulting in the potential disclosure of sensitive information (3.30) or unauthorized use of the SCD3.14device securitysecurity of the SCD (3.28) relat

44、ed to its characteristics only, without reference to a specific operational environment (3.26)2 ISO 2016 All rights reservedBS ISO 13491-1:2016ISO 13491-1:2016(E)3.15device managementprocesses, including procedures, controlling the access to and use of the device which may vary depending on the depl

45、oyed environment3.16dual controlprocess of utilizing two or more separate entities (usually persons) operating in concert to protect sensitive functions (3.31) or information whereby no single entity is able to access or utilize the materialsEXAMPLE A cryptographic key is an example of the type of m

46、aterial protected by dual control.3.17environment-dependent securitysecurity of an SCD (3.28) as part of an operational environment (3.26)3.18evaluation agencyorganization trusted by the design, manufacturing, and sponsoring entities which evaluates the SCD (3.28) (using specialist skills and tools)

47、 in accordance with ISO 134913.19evaluation reportoutput of the evaluation review body (3.20), based on the results from an evaluation agency (3.18) or auditor3.20evaluation review bodygroup with responsibility for reviewing, and making judgements on, the results of the evaluation agency (3.18)3.21f

48、inancial keycryptographic key used to protect financial transaction data between the PED and the entity processing the transaction, e.g. the entitys public key used for mutual authentication with the PED, the initial DUKPT keys, Terminal Master Keys, and PIN encryption keys3.22formal claimstatement

49、about the characteristics and functions of an SCD (3.28)3.23hardware security moduleHSMSCD (3.28) that provides a set of secure cryptographic services, e.g. key generation, cryptogram creation, PIN translation, and certificate signing3.24key loading deviceKLDSCD (3.28) that loads keys into other SCDs3.25logical securityability of a device to withstand attacks (3.9) through its functional interface3.26operational environmentenvironment in which the SCD (3.28) is operated, i.e. the system of which it is part, the location w