ImageVerifierCode 换一换
格式:PDF , 页数:52 ,大小:1.53MB ,
资源ID:592686      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-592686.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(CEN TS 16702-2-2015 Electronic fee collection - Secure monitoring for autonomous toll systems - Part 2 Trusted recorder《电子收费 自动收费系统的安全监控 第2部分 可信记录器》.pdf)为本站会员(proposalcash356)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

CEN TS 16702-2-2015 Electronic fee collection - Secure monitoring for autonomous toll systems - Part 2 Trusted recorder《电子收费 自动收费系统的安全监控 第2部分 可信记录器》.pdf

1、BSI Standards PublicationElectronic fee collection Secure monitoring forautonomous toll systemsPart 2: Trusted recorderPD CEN/TS 16702-2:2015National forewordThis Published Document is the UK implementation of CEN/TS 16702-2:2015.The UK participation in its preparation was entrusted to TechnicalComm

2、ittee EPL/278, Intelligent transport systems.A list of organizations represented on this committee can be obtained onrequest to its secretary.This publication does not purport to include all the necessary provisions of a contract. Users are responsible for its correct application. The British Standa

3、rds Institution 2015.Published by BSI Standards Limited 2015ISBN 978 0 580 87284 6ICS 03.220.20; 35.240.60Compliance with a British Standard cannot confer immunity fromlegal obligations.This Published Document was published under the authority of theStandards Policy and Strategy Committee on 30 Apri

4、l 2015.Amendments/corrigenda issued since publicationDate Text affectedPUBLISHED DOCUMENTPD CEN/TS 16702-2:2015TECHNICAL SPECIFICATION SPCIFICATION TECHNIQUE TECHNISCHE SPEZIFIKATION CEN/TS 16702-2 March 2015 ICS 03.220.20; 35.240.60 English Version Electronic fee collection - Secure monitoring for

5、autonomous toll systems - Part 2: Trusted recorder Perception du tlpage - Surveillance scurise pour systmes autonomes de page - Partie 2: Enregistreur fiabilis Elektronische Gebhrenerhebung - Sichere berwachung von autonomen Mautsystemen - Teil 2: Zuverlssige Datenaufzeichnung This Technical Specifi

6、cation (CEN/TS) was approved by CEN on 19 January 2015 for provisional application. The period of validity of this CEN/TS is limited initially to three years. After two years the members of CEN will be requested to submit their comments, particularly on the question whether the CEN/TS can be convert

7、ed into a European Standard. CEN members are required to announce the existence of this CEN/TS in the same way as for an EN and to make the CEN/TS available promptly at national level in an appropriate form. It is permissible to keep conflicting national standards in force (in parallel to the CEN/TS

8、) until the final decision about the possible conversion of the CEN/TS into an EN is reached. CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hunga

9、ry, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom. EUROPEAN COMMITTEE FOR STANDARDIZATION COMIT EUROPEN DE NORMALISATION EUROPISCHES KOMITEE FR NORMUNG CEN-CENEL

10、EC Management Centre: Avenue Marnix 17, B-1000 Brussels 2015 CEN All rights of exploitation in any form and by any means reserved worldwide for CEN national Members. Ref. No. CEN/TS 16702-2:2015 EPD CEN/TS 16702-2:2015CEN/TS 16702-2:2015 (E) 2 Contents Page Foreword 4 Introduction .5 1 Scope 7 2 Nor

11、mative references 7 3 Terms and definitions .8 4 Symbols and abbreviations . 11 5 SAM concept and scenarios 12 5.1 General . 12 5.2 The concepts of TR and Verification SAM . 13 5.3 Scenarios for a Trusted Recorder . 14 5.3.1 General . 14 5.3.2 Real-Time Freezing without using a Trusted Time Source 1

12、4 5.3.3 Real-Time Freezing using a Trusted Time Source 15 5.4 Scenarios for a Verification SAM 15 5.4.1 General . 15 5.4.2 MAC verification 16 5.5 General Scenarios 16 5.5.1 General . 16 5.5.2 Assigning a Toll Domain Counter . 17 5.5.3 Obtaining SAM Information . 17 6 Functional requirements 18 6.1

13、General . 18 6.1.1 SAM options 18 6.1.2 Presentation of requirements 19 6.2 Basic requirements. 19 6.3 Key management 20 6.4 Cryptographic functions 20 6.5 Real-time freezing . 21 6.6 Verification SAM . 21 6.7 Toll Domain Counter 22 6.8 Trusted time source . 23 6.9 Security protection level 24 7 Int

14、erface requirements . 24 7.1 General . 24 7.2 Calculate MAC for real-time freezing 24 7.2.1 General . 24 7.2.2 Calculation of MAC . 25 7.2.3 Coding of request . 25 7.2.4 Coding of response 26 7.3 Calculate digital signature for real-time freezing 26 7.3.1 General . 26 7.3.2 Calculation of digital si

15、gnature . 26 7.3.3 Coding of request . 27 7.3.4 Coding of response 27 PD CEN/TS 16702-2:2015CEN/TS 16702-2:2015 (E) 3 7.4 Get device information 28 7.4.1 General . 28 7.4.2 Coding of request 28 7.4.3 Coding of response . 28 7.5 Get toll domain counter information . 28 7.5.1 General . 28 7.5.2 Coding

16、 of request 29 7.5.3 Coding of response . 29 7.6 Get key information . 29 7.6.1 General . 29 7.6.2 Coding of request 30 7.6.3 Coding of response . 30 7.7 Error handling 31 Annex A (normative) Data type specification 32 A.1 General . 32 A.2 Data specifications 32 Annex B (normative) Implementation Co

17、nformance Statement (ICS) proforma 33 B.1 Guidance for completing the ICS proforma 33 B.1.1 Purposes and structure 33 B.1.2 Abbreviations and conventions . 33 B.1.3 Instructions for completing the ICS proforma 34 B.2 ICS proforma for Trusted Recorder . 35 B.2.1 Identification implementation 35 B.2.2

18、 Identification of the standard . 35 B.2.3 Global statement of conformance . 35 B.2.4 ICS proforma tables for TR . 36 B.3 ICS proforma for Verification SAM 39 B.3.1 Identification implementation 39 B.3.2 Identification of the standard . 39 B.3.3 Global statement of conformance . 39 B.3.4 ICS proform

19、a tables for Verification SAM . 40 Annex C (informative) Trusted time source implementation issues . 43 C.1 General . 43 C.2 Possible implementations of a TTS . 43 C.2.1 TTS based on a real time clock 43 C.2.2 TTS with the need for external calibration 43 C.3 TTS power supply 44 Annex D (informative

20、) Use of this Technical Specification for the EETS . 45 D.1 General . 45 D.2 Overall relationship between European standardization and the EETS 45 D.3 European standardization work supporting the EETS 45 D.4 Correspondence between this Technical Specification and the EETS . 46 Bibliography 47 PD CEN

21、/TS 16702-2:2015CEN/TS 16702-2:2015 (E) 4 Foreword This document (CEN/TS 16702-2:2015) has been prepared by Technical Committee CEN/TC 278 “Intelligent transport systems”, the secretariat of which is held by NEN. This part 2, the trusted recorder is the second part of the standard suite of the secur

22、e monitoring for autonomous toll systems. The overall concept of secure monitoring is defined in part one, CEN/TS 16702-1:2014. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. CEN and/or CENELEC shall not be held responsible for i

23、dentifying any or all such patent rights. This document has been prepared under a mandate given to CEN by the European Commission and the European Free Trade Association. According to the CEN-CENELEC Internal Regulations, the national standards organizations of the following countries are bound to a

24、nnounce this Technical Specification: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal,

25、 Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom. PD CEN/TS 16702-2:2015CEN/TS 16702-2:2015 (E) 5 Introduction The widespread use of tolling requires provisions for users of vehicles that are roaming through many different toll domains. Users should be offered

26、a single contract for driving a vehicle through multiple toll domains and those vehicles require onboard equipment (OBE) that is interoperable with the toll systems in these toll domains. Thus, there is a commercial and economic justification both in respect of the OBE and the toll systems for enabl

27、ing interoperability. In Europe, for example, this need has been officially recognized and legislation on interoperability has been adopted (see directive 2004/52/EC) and the associated commission decision. The Technical Specification “Electronic fee collection Security framework” (CEN/TS 16439) pro

28、vides an overview of general security requirements of the stakeholders and provides a comprehensive threat analysis for the assets in an interoperable EFC scheme. A number of identified threats may result into less revenue of the Toll Charger, undercharging and/or not meeting required service levels

29、 between the Toll Service Provider and the Toll Charger. Some of these threats can be eliminated by implementing the security measures specified in CEN/TS 16439. However, most of the security measures necessary to combat the identified threats are to be addressed and specified in other standards. On

30、e example of threats that cannot be mitigated by security measures specified in CEN/TS 16439 concerns the trustworthiness of Toll Declarations in autonomous toll systems. Toll declarations are statements that a vehicle has been circulating in a particular toll domain within a particular time period.

31、 In autonomous toll systems, the circulation of vehicles is measured by Toll Service Providers, using GNSS-based OBE. Toll service providers then send Toll Declarations to the Toll Charger, based on which the Toll Charger will charge the Toll Service Provider. The correctness and completeness of the

32、se declarations is obviously of paramount interest to Toll Chargers, Toll Service Providers and users alike. The secure monitoring compliance checking concept provides a solution that allows a Toll Charger to check the trustworthiness of the Toll Declarations from a Toll Service Provider, while resp

33、ecting the privacy of the user. This concept is defined in two Technical Specifications. CEN/TS 16702-1:2014 “Secure monitoring for autonomous toll systems Part 1: Compliance checking” gives the full description of the secure monitoring compliance checking concept. The current Technical Specificatio

34、n, CEN/TS 16702-2 “Secure Monitoring for autonomous toll systems Part 2: Trusted recorder” defines the Trusted Recorder, a secure element required for some of the different types of secure monitoring compliance checking defined in CEN/TS 16702-1:2014. PD CEN/TS 16702-2:2015CEN/TS 16702-2:2015 (E) 6

35、Figure 1 Relation between EFC - Security framework and the overall secure monitoring concept Figure 1 shows the relations between the CEN/TS 16439 EFC Security Framework and EFC Secure monitoring for autonomous toll systems, i.e. the two parts Compliance Checking and Trusted Recorder. The threat ana

36、lysis in the Security Framework motivates the security requirements of an EFC system. The requirements are implemented and fulfilled by several security measures. One of these measures is Secure Monitoring, specified in “Secure Monitoring for autonomous toll systems Part 1: Compliance checking”. The

37、 “Secure Monitoring for autonomous toll systems Part 2: Trusted Recorder” specifies the cryptographic services necessary for the secure monitoring compliance checking concept. Figure 1 indicates also that a Trusted Recorder will most likely be implemented on trusted hardware, e.g. on Secure Applicat

38、ion Module (SAM), inside the OBE or on a general trusted platform of a vehicle. Such a trusted device could support more functions, which may be required for EFC or other services. PD CEN/TS 16702-2:2015CEN/TS 16702-2:2015 (E) 7 1 Scope This Technical Specification defines the requirements for the S

39、ecure Application Module (SAM) used in the secure monitoring compliance checking concept. It specifies two different configurations of a SAM: Trusted Recorder, for use inside an OBE; Verification SAM, for use in other EFC system entities. The Technical Specification describes terms and definitions u

40、sed to describe the two Secure Application Module configurations; operation of the two Secure Application Modules in the secure monitoring compliance checking concept; functional requirements for the two Secure Application Modules configurations, including a classification of different security leve

41、ls; the interface, by means of transactions, messages and data elements, between an OBE or Front End and the Trusted Recorder; requirements on basic security primitives and key management procedures to support Secure Monitoring using a Trusted Recorder. This Technical Specification is consistent wit

42、h the EFC architecture as defined in ISO 17573 and the derived suite of standards and Technical Specifications, especially CEN/TS 16702-1:2014 and CEN/TS 16439. The following is outside the scope of this Technical Specification: The life cycle of a Secure Application Module and the way in which this

43、 is managed. The interface commands needed to get a Secure Application Module in an operational state. The interface definition of the Verification SAM. Definition of a hardware platform for the implementation of a Secure Application Module. 2 Normative references The following documents, in whole o

44、r in part, are normatively referenced in this document and are indispensable for its application. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. CEN/TS 16439:20131, Electronic fee collect

45、ion - Security framework CEN/TS 16702-1:2014, Electronic fee collection - Secure monitoring for autonomous toll systems - Part 1: Compliance checking EN ISO 14906:2011, Electronic fee collection - Application interface definition for dedicated short-range communication (ISO 14906:2011) 1)CEN/TS 1643

46、9:2013 is currently under revision and accepted as a CEN/ISO work item. The next edition will be assigned the reference CEN ISO/TS 19299. PD CEN/TS 16702-2:2015CEN/TS 16702-2:2015 (E) 8 ISO/IEC 7816-4:2013, Identification cards Integrated circuit cards Part 4: Organization, security and commands for

47、 interchange ISO/IEC 9797-1:2011, Information technology Security techniques Message Authentication Codes (MACs) Part 1: Mechanisms using a block cipher ISO/IEC 10118-3, Information technology Security techniques Hash-functions Part 3: Dedicated hash-functions ISO/IEC 14888-3:2006, Information techn

48、ology Security techniques Digital signatures with appendix Part 3: Discrete logarithm based mechanisms ISO/IEC 18031, Information technology Security techniques Random bit generation ISO/IEC 18033-3:2010, Information technology Security techniques Encryption algorithms Part 3: Block ciphers ISO/IEC

49、19790:2012, Information technology Security techniques Security requirements for cryptographic modules FIPS PUB 140-2, December 2002, Security requirements for cryptographic modules Common Criteria Protection Profile BSI-PP-0035, 2007, Security IC Platform Protection Profile, Version 1.0 3 Terms and definitions For the purposes of this document, the following terms and definitions apply. 3.1 authentication provision of assurance that a claimed characteristic of an entity is correct SOURCE: I

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1