ImageVerifierCode 换一换
格式:PDF , 页数:34 ,大小:1.80MB ,
资源ID:588398      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-588398.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(BS ISO IEC 24727-6-2011 Identification cards Integrated circuit card programming interfaces Registration authority procedures for the authentication protocols for interoperability《.pdf)为本站会员(roleaisle130)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

BS ISO IEC 24727-6-2011 Identification cards Integrated circuit card programming interfaces Registration authority procedures for the authentication protocols for interoperability《.pdf

1、raising standards worldwideNO COPYING WITHOUT BSI PERMISSION EXCEPT AS PERMITTED BY COPYRIGHT LAWBSI Standards PublicationBS ISO/IEC 24727-6:2010Identification cards Integrated circuit cardprogramming interfacesPart 6: Registration authority proceduresfor the authentication protocols forinteroperabi

2、lityBS ISO/IEC 24727-6:2010 BRITISH STANDARDNational forewordThis British Standard is the UK implementation of ISO/IEC24727-6:2010.The UK participation in its preparation was entrusted to TechnicalCommittee IST/17, Cards and personal identification.A list of organizations represented on this committ

3、ee can beobtained on request to its secretary.This publication does not purport to include all the necessaryprovisions of a contract. Users are responsible for its correctapplication. BSI 2011ISBN 978 0 580 62871 9ICS 35.240.15Compliance with a British Standard cannot confer immunity fromlegal oblig

4、ations.This British Standard was published under the authority of theStandards Policy and Strategy Committee on 28 February 2011.Amendments issued since publicationDate Text affectedBS ISO/IEC 24727-6:2010Reference numberISO/IEC 24727-6:2010(E)ISO/IEC 2010INTERNATIONAL STANDARD ISO/IEC24727-6First e

5、dition2010-12-15Identification cards Integrated circuit card programming interfaces Part 6: Registration authority procedures for the authentication protocols for interoperability Cartes didentification Interfaces programmables de cartes puce Partie 6: Procdures de lautorit denregistrement des proto

6、coles dauthentification pour linteroprabilit BS ISO/IEC 24727-6:2010ISO/IEC 24727-6:2010(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are

7、licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details

8、of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relat

9、ing to it is found, please inform the Central Secretariat at the address given below. COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2010 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including

10、photocopying and microfilm, without permission in writing from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org Published in

11、 Switzerland ii ISO/IEC 2010 All rights reservedBS ISO/IEC 24727-6:2010ISO/IEC 24727-6:2010(E) ISO/IEC 2010 All rights reserved iiiContents Page Foreword iv Introduction.v 1 Scope1 2 Normative references1 3 Terms and definitions .1 4 Symbols (and abbreviated terms)2 5 General .2 5.1 Purpose 2 5.2 De

12、pendencies 2 5.3 Authentication protocol OID arcs 3 5.4 Authentication protocol registration.3 5.5 Authentication protocol adoption registration.4 6 Appointment of the registration authority 4 7 Review of applications5 7.1 Procedure.5 7.2 Response time .5 7.3 Confirmation process .5 8 Content of app

13、lications.5 8.1 General .5 8.2 Applications .5 8.3 Maintenance of a web-based register .6 Annex A (normative) Application for registration of an ISO 24727 registered authentication protocol 7 Annex B (normative) Authentication protocol template .11 Annex C (normative) Authentication protocol certifi

14、cation form 15 Annex D (normative) Registration of authentication protocol adoption application.18 Annex E (informative) Registration Authority22 BS ISO/IEC 24727-6:2010ISO/IEC 24727-6:2010(E) iv ISO/IEC 2010 All rights reservedForeword ISO (the International Organization for Standardization) and IE

15、C (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with p

16、articular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have e

17、stablished a joint technical committee, ISO/IEC JTC 1. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the joint te

18、chnical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO

19、 and IEC shall not be held responsible for identifying any or all such patent rights. ISO/IEC 24727-6 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 17, Cards and personal identification. ISO/IEC 24727 consists of the following parts, under the gener

20、al title Identification cards Integrated circuit card programming interfaces: Part 1: Architecture Part 2: Generic card interface Part 3: Application interface Part 4: Application programming interface (API) administration Part 5: Testing procedures Part 6: Registration authority procedures for the

21、authentication protocols for interoperability BS ISO/IEC 24727-6:2010ISO/IEC 24727-6:2010(E) ISO/IEC 2010 All rights reserved vIntroduction ISO/IEC 24727 is a set of programming interfaces for interactions between integrated circuit cards and external applications to include generic services for mul

22、ti-sector use. The organization and the operation of the ICC conform to ISO/IEC 7816-4. ISO/IEC 24727 is relevant to ICC applications desiring interoperability among diverse application domains. This document specifies a language independent and implementation independent application level interface

23、 that allows information and transaction interchange with a card. The Open Systems Interconnect Reference Model ISO/IEC 7498-1:1994 is used as the layered architecture of the Application Interface. That is, the Application Interface assumes that there is a protocol stack through which it will exchan

24、ge information and transactions among cards using commands conveyed through the message structures defined in ISO 7816. The semantics of commands accessed by the Application Interface refers to application protocol data units (APDUs) as characterized in ISO/IEC 24727-2, and in the following Internat

25、ional Standards: ISO/IEC 7816-4:2005, Identification cards Integrated circuit cards Part 4: Organization, security and commands for interchange. ISO/IEC 7816-8:2004, Identification cards Integrated circuit cards Part 8: Commands for security operations. ISO/IEC 7816-9:2004, Identification cards Inte

26、grated circui t cards Part 9: Commands for card management. The purpose of this part of ISO/IEC 24727 is to maximize the applicability and solution space of software tools that provide Application Interface support to card-aware applications. This effort includes supporting the evolution of card sys

27、tems as the cards become more powerful peer-level partners with existing and future applications while minimizing the impact to existing solutions conforming to this part of ISO/IEC 24727. This part of ISO/IEC 24727 extends the function of ISO/IEC 24727-3, Annex A authentication protocols (APs), by

28、providing a means for publication and management of an interoperable framework for new or modified APs using a standardized ISO/IEC registration authority (RA). APs submitted carry no warranty or guarantee in regard to their fitness for any purpose including security. It is incumbent on the end user

29、 to ascertain the APs suitability for the purpose proposed, including the validity of any claims made by the applicant. BS ISO/IEC 24727-6:2010BS ISO/IEC 24727-6:2010INTERNATIONAL STANDARD ISO/IEC 24727-6:2010(E) ISO/IEC 2010 All rights reserved 1Identification cards Integrated circuit card programm

30、ing interfaces Part 6: Registration authority procedures for the authentication protocols for interoperability 1 Scope This part of ISO/IEC 24727 defines the procedures for registration of APs, including related cryptographic algorithms, test methods and conformance assessment criteria, and registra

31、tion of the adoption of ISO/IEC 24727 APs by parties desiring to advertise AP interoperability. 2 Normative references The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest e

32、dition of the referenced document (including any amendments) applies. ISO/IEC 24727-3, Identification cards Integrated circuit card programming interfaces Part 3: Application interface ISO/IEC 9834-2, Information technology Open Systems Interconnection Procedures for the operation of OSI Registratio

33、n Authorities Part 2: R egistration procedures for OSI document types 3 Terms and definitions For the purposes of this document, the terms and definitions given in ISO/IEC 24727-3, and the following, apply. 3.1 applicant organization or person requesting registration 3.2 authentication-protocol-adop

34、tion use of ISO/IEC 24727-3 or ISO/IEC 24727-6 APs (either in operations or referenced in dependent specifications or standards or recommendations) 3.3 registration authority organization nominated and appointed by the ISO/IEC Technical Management Board to prepare and maintain ISO/IEC 24727-6 regist

35、ers BS ISO/IEC 24727-6:2010ISO/IEC 24727-6:2010(E) 2 ISO/IEC 2010 All rights reserved3.4 registrant organization or person that has either registered an authentication protocol or registered the adoption of an authentication protocol 4 Symbols (and abbreviated terms) For the purposes of this documen

36、t, the symbols and abbreviated terms given in ISO/IEC 24727-3, and the following, apply. AP authentication protocol APDU application protocol data unit APT authentication protocol template APTP authentication protocol test plan OID object identifier RA registration authority RAP registered authentic

37、ation protocol URL uniform resource locator 5 General 5.1 Purpose This part of ISO/IEC 24727 defines the ISO procedures for: the registration of new or revised APs in accordance with ISO/IEC 24727-3 and this part. These APs are extensions to the ISO/IEC 24727-3, Annex A suite of APs; registration of

38、 related cryptographic algorithms, APTP and conformance assessment criteria; registration of the adoption of ISO/IEC 24727 APs by parties desiring to advertise AP interoperability. 5.2 Dependencies This part of ISO/IEC 24727 relies on two other parts of the ISO/IEC 24727 standards suite: ISO/IEC 247

39、27-3: a standardized method for the un-ambiguous description of a range of differing APs; a standardized method for the un-ambiguous description of a range of differing cryptographic algorithms used by the APs. ISO/IEC 24727-5: to be published a standardized method for the conformance testing of a r

40、ange of differing APs; the testing requirements for an authentication protocol. BS ISO/IEC 24727-6:2010ISO/IEC 24727-6:2010(E) ISO/IEC 2010 All rights reserved 35.3 Authentication protocol OID arcs The OID method set out in ISO/IEC 24727-3 is limited to the standards arc of ISO/IEC 9834-2 and does n

41、ot support the extension of the arc by registration authority procedures. This part extends these capabilities using a registration authority arc in order to manage the full extensibility and interoperability requirements for new ISO/IEC 24727 APs under the ISO/IEC 9834-2 registration authority arc.

42、 The ISO 24727-6 Registration Authority arc is iso(1) registration-authority (1) iso24727(24727) part6(6) new-protocol-short-name (new-protocol-number) 5.4 Authentication protocol registration In order for implementations of ISO/IEC 24727 using different APs to achieve interoperability, there is a n

43、eed to unambiguously identify the implemented APs. In order to achieve interoperability with a range of APs, implementers require the details of APs to be published in a form which may be referenced. This clause provides a procedure for the registration of APs, and for those registration details to

44、be made publicly available at a URL, in a format managed by an ISO/IEC RA. 5.4.1 Authentication protocol registration procedures The procedure supported by this part is compliant with the ISO/IEC 9834-2 ASN.1 Object Identifier (OID) method. The registration and procedural requirements for registrati

45、on of APs are as follows and occur in sequence: the applicant duly completes all documents which form part of the AP registration; the RA checks the AP registration for completeness and that the documentation provided indicates compliance with this standard. The RA is only responsible for the admini

46、strative operations for the purpose of maintenance of the register which does not include technical content contained in the applicants application; should there be doubt about any data submitted, or the completeness or accuracy or consistency or ownership of the application then the RA shall initia

47、te an investigation where any doubt exists. The RA should initially consult with the applicant; if all requirements are met then the application is accepted and the applicant so advised by the RA; if the RA determines that the AP application is not complete or does not meet the requirements of this

48、standard then the applicant is so advised and given the opportunity to revise and re-apply subject to conditions set out in the conditions for application set by the Registration Authority; when the application is successful the RA allocates an OID using ISO/IEC 9834 procedures and advises the appli

49、cant that they are the formal registrant of the allocated OID from the date of first publication; the RA includes the new AP and registrant details in a publicly available and up-to-date database of registered OIDs and ISO/IEC 24727-6 APs on the Internet in a web based service. Details are provided in Annex E; once the registration has been successful, the registrant may optionally flag the registration as “Draft Only”, for a period determined by

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1