ImageVerifierCode 换一换
格式:PDF , 页数:50 ,大小:1.24MB ,
资源ID:592540      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-592540.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(CEN TS 15480-4-2012 Identification card systems - European Citizen Card - Part 4 Recommendations for European Citizen Card issuance operation and use《身份证系统 欧洲公民卡-第4部分 建议欧洲公民卡发行 操作和.pdf)为本站会员(amazingpat195)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

CEN TS 15480-4-2012 Identification card systems - European Citizen Card - Part 4 Recommendations for European Citizen Card issuance operation and use《身份证系统 欧洲公民卡-第4部分 建议欧洲公民卡发行 操作和.pdf

1、raising standards worldwideNO COPYING WITHOUT BSI PERMISSION EXCEPT AS PERMITTED BY COPYRIGHT LAWBSI Standards PublicationIdentification card systems European Citizen CardPart 4: Recommendations for European Citizen Card issuance, operation and usePD CEN/TS 15480-4:2012National forewordThis Publishe

2、d Document is the UK implementation of CEN/TS 15480-4:2012.The UK participation in its preparation was entrusted to Technical CommitteeIST/17, Cards and personal identification.A list of organizations represented on this committee can be obtained onrequest to its secretary.This publication does not

3、purport to include all the necessary provisions of acontract. Users are responsible for its correct application. The British Standards Institution 2012Published by BSI Standards Limited 2012ISBN 978 0 580 75909 3ICS 35.240.15Compliance with a British Standard cannot confer immunity fromlegal obligat

4、ions.This Published Document was published under the authority of theStandards Policy and Strategy Committee on 30 April 2012Amendments issued since publicationAmd. No. Date Text affectedPUBLISHED DOCUMENTPD CEN/TS 15480-4:2012TECHNICAL SPECIFICATION SPCIFICATION TECHNIQUE TECHNISCHE SPEZIFIKATION C

5、EN/TS 15480-4 March 2012 ICS 35.240.15 English Version Identification card systems - European Citizen Card - Part 4: Recommendations for European Citizen Card issuance, operation and use Systmes de cartes didentification - Carte Europenne du Citoyen - Partie 4: Recommandations pour lmission, lexploi

6、tation et lutilisation de la Carte Europenne du Citoyen Identifikationskartensysteme - Europische Brgerkarte - Teil 4: Empfehlungen fr Ausgabe, Arbeitsweise und Benutzung der Europischen Brgerkarte This Technical Specification (CEN/TS) was approved by CEN on 23 January 2012 for provisional applicati

7、on. The period of validity of this CEN/TS is limited initially to three years. After two years the members of CEN will be requested to submit their comments, particularly on the question whether the CEN/TS can be converted into a European Standard. CEN members are required to announce the existence

8、of this CEN/TS in the same way as for an EN and to make the CEN/TS available promptly at national level in an appropriate form. It is permissible to keep conflicting national standards in force (in parallel to the CEN/TS) until the final decision about the possible conversion of the CEN/TS into an E

9、N is reached. CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slov

10、akia, Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom. EUROPEAN COMMITTEE FOR STANDARDIZATION COMIT EUROPEN DE NORMALISATION EUROPISCHES KOMITEE FR NORMUNG Management Centre: Avenue Marnix 17, B-1000 Brussels 2012 CEN All rights of exploitation in any form and by any means reserved w

11、orldwide for CEN national Members. Ref. No. CEN/TS 15480-4:2012: EPD CEN/TS 15480-4:2012CEN/TS 15480-4:2012 (E) 2 Contents Page Foreword 51 Scope 62 Normative references 63 Abbreviations .64 General recommendations on card issuance and operational procedures 74.1 Initial considerations for an ECC pr

12、oject 74.2 ECC Management System and ECC lifecycle description 94.3 ECC Management System functional organization . 114.4 ECC Management System Architecture . 124.4.1 General principles. 124.4.2 ARIS: Application Registration and Issuance Subsystem . 134.4.3 IVAS: Identity Authentication and Verific

13、ation Subsystem 144.5 ECC Management System Security Policy 144.5.1 Common principles 144.5.2 Establishing Detailed Security Requirements for specific ECC profiles Data Access 154.5.3 Basic set of requirements for ECC Digital Signature 165 Recommendations with regard to the end user 175.1 Privacy pr

14、inciples for card issuance and operation . 175.1.1 General . 175.1.2 Protection of the data . 185.1.3 Transparency 185.1.4 Consent in data collection . 185.1.5 Preference for opt-in 185.1.6 Limitation of purpose . 185.1.7 Limitation of period of retention . 185.1.8 Adherence to performance criteria

15、. 185.1.9 Access rights of the data subject . 185.1.10 Secure audit 185.1.11 Data transfer between jurisdictions 185.2 Accessibility 195.3 Usability . 205.3.1 Introduction . 205.3.2 Usability and the physical environment . 205.3.3 Location . 205.3.4 Ease of use 215.3.5 Help 215.3.6 Further issues .

16、216 Privacy features of the ECC . 217 ECC security evaluation . 227.1 General . 227.2 Digital signature services 227.3 Other services provided by an ECC 237.3.1 General . 237.3.2 Security evaluation recommendations . 237.3.3 Security criteria for interoperability 238 Card profiles for the ECC . 258.

17、1 General . 258.2 User accessibility profile . 268.3 Card profile template 26PD CEN/TS 15480-4:2012CEN/TS 15480-4:2012 (E) 3 8.3.1 General . 268.3.2 User accessibility profile 268.3.3 Card durability requirements . 278.3.4 Card layout requirements . 278.3.5 Applications . 278.3.6 Selected card servi

18、ces 278.3.7 Card Info . 278.3.8 Cross application services . 278.3.9 References . 288.4 Identification scheme for ECC profiles . 288.4.1 Card profile 288.4.2 User accessibility profile 28Annex A (informative) Card profiles 29A.1 General . 29A.2 Card Profile 1: eID Application with mandatory ICAO fun

19、ctionality and conditional digital signature functionality 29A.2.1 OID 29A.2.2 General . 29A.2.3 Applications . 29A.2.4 Selected card services 30A.2.5 Card Info . 30A.2.6 Cross application services . 31A.2.7 References . 31A.3 Card Profile 2: Dual-chip card with respective eID and ICAO Application 3

20、2A.3.1 OID 32A.3.2 General . 32A.3.3 Applications . 32A.3.4 Selected card services for ICAO application 32A.3.5 References . 33A.4 Card Profile 3: eServices using a trusted Third Party . 34A.4.1 OID 34A.4.2 General . 34A.4.3 Applications . 34A.4.4 Selected card services 34A.4.5 References . 34A.5 Ca

21、rd Profile 4: Health Insurance Card . 35A.5.1 OID 35A.5.2 General . 35A.5.3 Applications . 35A.5.4 Selected card services 35A.5.5 References . 35A.6 Card Profile 5: Mono-application / Multi-service 36A.6.1 OID 36A.6.2 General . 36A.6.3 Card durability requirements . 36A.6.4 Applications . 36A.6.5 Se

22、lected card services 36A.6.6 References . 39Annex B (informative) User accessibility profile . 40B.1 General . 40B.2 User accessibility profile according to ISO/IEC 12905:2011 . 40B.2.1 OID 40B.2.2 General . 40B.2.3 Interfaces / transport protocols . 40B.2.4 Data elements and data structures 41B.2.5

23、 Card services . 42B.2.6 Command set . 42B.2.7 Data structure of Global UCI 43PD CEN/TS 15480-4:2012CEN/TS 15480-4:2012 (E) 4 B.2.8 Data structure of Local UCI . 43B.2.9 References . 43Annex C (informative) Reference documents . 44C.1 EU legal acts 44C.2 Security documents . 44C.3 Technical standard

24、s (non-normative references) . 44C.4 Other relevant documents . 45PD CEN/TS 15480-4:2012CEN/TS 15480-4:2012 (E) 5 Foreword This document (CEN/TS 15480-4:2012) has been prepared by Technical Committee CEN/TC 224 “Personal identification, electronic signature and cards and their related systems and op

25、erations”, the secretariat of which is held by AFNOR. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. CEN and/or CENELEC shall not be held responsible for identifying any or all such patent rights. CEN/TS 15480 “Identification car

26、d systems European Citizen Card“ consists of the four following parts: Part 1: Physical, electrical and transport protocol characteristics; Part 2: Logical data structures and card services; Part 3: European Citizen Card Interoperability using an application interface; Part 4: Recommendations for Eu

27、ropean Citizen Card issuance, operation and use. According to the CEN/CENELEC Internal Regulations, the national standards organizations of the following countries are bound to announce this Technical Specification: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finla

28、nd, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom. PD CEN/TS 15480-4:2012CEN/TS 15480-4:2012 (E) 6 1 Scope CEN/TS 15480-4 r

29、ecommends card issuance and operational procedures including citizens registration. CEN/TS 15480-4 gives recommendations with regard to the end-user e.g. with respect to privacy and accessibility aspects. CEN/TS 15480-4 also identifies a set of standard ECC card profiles (e.g. National ID Card, Heal

30、th Card, Card issued by a Municipality), that can be used as basis for the specification of new ECC projects. For each profile, this Technical Specification uses a specified template which selects a subset of technical requirements from CEN/TS 15480-1, CEN/TS 15480-2:2011 and CEN/TS 15480-3:2010. co

31、nsiders the operation of the ECC in its particular environment. The target audience of CEN/TS 15480-4 is the card issuer. 2 Normative references The following documents, in whole or in part, are normatively referenced in this document and are indispensable for its application. For dated references,

32、only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. CEN/TS 15480-1, Identification card systems European Citizen Card Part 1: Physical, electrical and transport protocol characteristics CEN/TS 15480-2:2011, Identif

33、ication card systems European Citizen Card Part 2: Logical data structures and card services CEN/TS 15480-3:2010, Identification card systems European Citizen Card Part 3: European Citizen Card Interoperability using an application interface ISO/IEC 12905:2011, Integrated circuit cards Enhanced Term

34、inal Accessibility using cardholder preference interface 3 Abbreviations For the purposes of this document, the following abbreviations apply. ARIS Applicant Registration and Issuance System ECC European Citizen Card EMS ECC management system ID card Identification Card IVAS Identity Authentication

35、and Verification System MRTD Machine Readable Travelling Document PKI Public Key Infrastructure PD CEN/TS 15480-4:2012CEN/TS 15480-4:2012 (E) 7 4 General recommendations on card issuance and operational procedures 4.1 Initial considerations for an ECC project CEN/TS 15480-4 does not aim at providing

36、 an overall solution on how to design and run a complete EMS. It provides some guidance to overcome common challenges that the organisations responsible for the conception and management of the system are likely to face, including the following issues. Clear identification of the main purposes of th

37、e system and of the nature of the assets to be protected shall lead to the early definition of the security policy to run the system The ECC may be issued for different purposes: it can act for example as a national ID card, travelling card, e-government or health insurance card. Following its inten

38、ded purpose, the EMS main purpose can diverge: to enhance security, to increase efficiency in the provision of services, to reduce identity fraud or to cut expenses by establishing a system of privileges upon card and users authentication. It is assumed that privacy protection is a common objective.

39、 The use cases will define the applications to be selected by the card. In this Technical Specification, use cases translate into ECC profiles (see Annex A), that precisely describe card security mechanisms. The practical work of the project can be summarized in the next four points: the analysis of

40、 risks based on the ECC use case; the definition of security policies to minimize the impact of those risks; the integration of those security policies within a modular architectural framework; the choice of technologies for implementation of the modules and of the communication interfaces between t

41、he system components. A secure, trusted and cost-effective scheme should be carefully studied in order to make the appropriate decisions for the inevitable trade-offs in terms of security / cost and security / privacy. The ECC provisions have been specified having in mind the system integrator once

42、the system objectives have been set. For instance CEN/TS 15480-3:2010 provides guidance in relation with the key choices relative to the physical and logical distributions of functionalities, the security architecture model and the definition of interfaces for interoperability. The architectures pro

43、posed in this Technical Specification, are aimed at avoiding unnecessary system complexity. An early decision is the sharing of the security functions between the components of the EMS and the type of e-government services to be provided and their associated risks. Then there are two key issues: to

44、identify the case for strong authentication requiring access to card services; to grant access or not to these services by cardholders external to the domestic system. Then to set the access conditions. Cross-Border access represents a case for strong authentication. The scheme can be able to trust

45、a non-domestic e-identity with a similar level of confidence to that of an e-identity issued by the system itself. Transparent access to an e-government server, using the ECC as an authenticator, requires some degree of harmonization between the infrastructures. This Technical Specification encourag

46、es deployment of middleware-based access to services according to CEN/TS 15480-3:2010 provisions. This architecture is intended to support the interoperability of electronic identity credentials. Clearing and settlement infrastructures for cross-border e-government services are out of the scope of t

47、his Technical Specification. PD CEN/TS 15480-4:2012CEN/TS 15480-4:2012 (E) 8 Trust on e-identity requires confidence on the enrolment and issuance processes through, for instance, the use of the same or similar practices. A set of recommendations is provided in 4.4.2 ff. The EMS should be constructe

48、d of separate modules. Each module performs its own function. The solution should be device/equipment independent so that personalization equipments from several machinery suppliers may be considered. One way to capitalize past investment is by the introduction of a module in the enrolment subsystem able to authenticate and read an electronic document (as an electronic passport) in order to verify the applicants identity at the beginning of the enrolment process At present, limited harmonization exists at European level and significant differences remain between EU Member States

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1