ImageVerifierCode 换一换
格式:PDF , 页数:40 ,大小:596.21KB ,
资源ID:734994      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-734994.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ETSI SR 019 020-2016 The framework for standardization of signatures Standards for AdES digital signatures in mobile and distributed environments (V1 1 2)《签名标准化框架 移动和分布式环境中的AdEs数字签.pdf)为本站会员(Iclinic170)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ETSI SR 019 020-2016 The framework for standardization of signatures Standards for AdES digital signatures in mobile and distributed environments (V1 1 2)《签名标准化框架 移动和分布式环境中的AdEs数字签.pdf

1、 ETSI SR 019 020 V1.1.1 (2016-02) The framework for standardization of signatures; Standards for AdES digital signatures in mobile and distributed environment SPECIAL REPORT ETSI ETSI SR 019 020 V1.1.1 (2016-02) 2 Reference DSR/ESI-0019020 Keywords e-commerce, electronic signature, mobile, security

2、ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present document can be downloaded from: ht

3、tp:/www.etsi.org/standards-search The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived

4、 difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision

5、or change of status. Information on the current status of this and other ETSI documents is available at http:/portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: https:/portal.etsi.org/People/CommiteeSupportStaff

6、.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified without the written authorization of

7、 ETSI. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2016. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM and LTE are Trade

8、Marks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI SR 019 020 V1.1.1 (2016-02) 3 Contents Intellectual Property Rights 5g3Foreword . 5g3Modal verbs terminology 5g

9、3Introduction 5g31 Scope 7g32 References 8g32.1 Normative references . 8g32.2 Informative references 8g33 Definitions and abbreviations . 10g33.1 Definitions 10g33.2 Abbreviations . 11g34 Usage scenarios for signing 12g34.1 Introduction 12g34.2 Actors . 13g34.3 Features 13g34.4 Local signing scenari

10、os 14g34.4.1 Local signing scenarios - general introduction . 14g34.4.2 L1: Digital signature value generation in personal device 14g34.4.3 L2: Digital signature value generation in personal device with application provider / MSSP Interaction . 16g34.4.4 L3: AdES completely generated in a personal d

11、evice. 17g34.5 Server signing scenarios . 19g34.5.1 Server signing scenarios - general introduction 19g34.5.2 S1: Generation of AdES in a server 20g34.5.3 S2: Generation of AdES in a server with multi-channel . 21g35 VS: validation service scenario 23g36 Further standardization requirements . 24g36.

12、1 Requirements on protocols for signing and validation . 24g36.2 Requirements related to service life cycle management . 25g36.2.1 Use cases for life cycle of user subscription to MSSP/SSP 25g34.6 LS: Split local and server signing scenario (threshold cryptography) 26g36.2.2 Use cases for events rel

13、ated to mobile device and MNO 27g36.3 Standardization requirements and rationalized framework 27g36.4 Scope of new standards identified 28g36.4.1 Overview 28g36.4.2 ETSI TS 119 152: Architecture for digital signatures in distributed environments 29g36.4.3 CEN EN 419 241: Trustworthy Systems Supporti

14、ng Server Signing . 29g36.4.4 ETSI TS 119 431: Policy and security requirements for trust service providers providing AdES digital signature generation services . 29g36.4.5 ETSI TS 119 441: Policy and security requirements for trust service providers providing AdES digital signature validation servi

15、ces 30g36.4.6 ETSI TS 119 432: Protocol profiles for TSPs providing AdES digital signature generation services 30g36.4.7 ETSI TS 119 442: Protocol profiles for trust service providers providing AdES digital signature validation services 31g3Annex A: Most relevant standards . 32g3A.1 Introduction 32g

16、3A.2 OASIS DSS and DSS-X specifications 32g3A.2.1 Introduction 32g3A.2.2 OASIS DSS Core specification 32g3A.2.2.1 SignRequest/SignResponse protocol 32g3A.2.2.2 VerifyRequest/VerifyResponse protocol 33g3ETSI ETSI SR 019 020 V1.1.1 (2016-02) 4 A.2.3 AdES profile . 33g3A.2.3.1 Introduction. 33g3A.2.3.2

17、 SignRequest/SignResponse protocol 33g3A.2.3.3 VerifyRequest/VerifyResponse protocol 34g3A.2.4 Asynchronous profile . 34g3A.2.5 Visible signature profile . 34g3A.2.6 Local signature computation profile . 35g3A.2.7 Profile for comprehensive multi-signature verification reports 35g3A.2.8 Usability of

18、DSS profiles within the analysed scenarios 35g3A.3 ETSI M-COMM specifications 36g3A.3.1 Introduction 36g3A.3.2 Mobile signature service 36g3A.3.3 Mobile signature service - web service 37g3A.3.3.1 Introduction. 37g3A.3.3.2 MSS_Signature . 37g3A.3.3.3 MSS_Status. 37g3A.3.3.4 MSS_Receipt 37g3A.3.3.5 M

19、SS_Registration . 38g3A.3.3.6 MSS_Handshake . 38g3A.3.4 Mobile signature roaming service 38g3History 40g3ETSI ETSI SR 019 020 V1.1.1 (2016-02) 5 Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to

20、these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Lat

21、est updates are available on the ETSI Web server (https:/ipr.etsi.org/). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI

22、Web server) which are, or may be, or may become, essential to the present document. Foreword This Special Report (SR) has been produced by ETSI Technical Committee Electronic Signatures and Infrastructures (ESI). Modal verbs terminology In the present document “shall“, “shall not“, “should“, “should

23、 not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“ and “must not“ are NOT allowed in ETSI deliverables except when used in direct citation. Introduction E

24、lectronic commerce has emerged as a common way of doing business. Trust in this way of doing business is essential for the success and continued development of electronic commerce. It is, therefore, important that companies using electronic means of doing business have suitable security controls and

25、 mechanisms in place to protect their transactions and to ensure trust and confidence with their business partners. In this respect the digital signature is an important security component that can be used to protect information and provide trust in electronic business. ETSI EN 319 102-1 i.19 define

26、s processes for creation and validation of AdES digital signatures such as specified in ETSI EN 319 122 i.2, ETSI EN 319 132 i.3, ETSI EN 319 142 i.4 or ETSI EN 319 162 i.6. Most standards for such digital signatures implicitly assume that all steps of these processes are carried out in one IT-syste

27、m, e.g. by use of a signing device interfaced to a personal computer system local to the user. However, market solutions exist for digital signature creation and validation supported by remote systems accessed through a mobile or conventional network; the process steps devised by ETSI EN 319 102-1 i

28、.19 are partly carried out locally to the user and partly by these remote systems. In particular, such server-assisted signing/validation is used with mobile, and other personal devices that increasingly contribute to many aspects of the users everyday life. ETSI has previously published a set of st

29、andards for mobile commerce (M-COMM i.9, i.10, i.11 and i.12) supporting digital signatures created on a personal device supported by remote networked services and communicating over mobile networks. Moreover, OASIS has developed the standard DSS (Digital Signature Standard i.8, i.30, i.33 and i.34)

30、 for use of remote digital signature services, and this is applicable for use from mobile or other personal computing devices. The present document considers scenarios for server-assisted signing/validation, in mobile and other distributed computing environments, based on a number of solutions avail

31、able in the market. The report identifies requirements for further standardization, building on the existing M-COMM and OASIS DSS standards, considering both requirements for security assurance as well as interoperability. For security assurance, standards such as CEN TS 419 241 i.15 is also conside

32、red. The present document particularly considers standardization requirements for scenarios involving assistance of remote services supporting: a) Local signing use cases where the signing key is held with the signers personal device; ETSI ETSI SR 019 020 V1.1.1 (2016-02) 6 b) Server signing use cas

33、es where the signing key is held in a shared server; c) Validation of signatures where the digital signature is verified supported by a remote server. Where all the signing / signature functionality is carried out within a personal device and does not require any assistance of remote servers then ex

34、isting standards for signing are considered appropriate and hence such cases are not considered in the present document. As it is considered that many of the cases described in the present document are similar to use of other personal devices such as laptop and personal computers the analysis takes

35、into account the possibility of applying the same standard to any personal device not just mobile devices. ETSI ETSI SR 019 020 V1.1.1 (2016-02) 7 1 Scope The present document provides a framework for further standardization for the creation and validation of AdES digital signatures, such as specifi

36、ed in ETSI EN 319 122 i.2, ETSI EN 319 132 i.3, ETSI EN 319 142 i.4 or ETSI EN 319 162 i.6, in mobile and distributed environments assisted by remote servers. The present document takes into account that the capabilities of personal devices will continue to evolve and is likely to increasingly overl

37、ap with the capabilities of other computing devices. The present document identifies the recommended scope of such standards and any suggested provision thought appropriate to these standards. The standards framework in the present document is based on an analysis of scenarios commonly known to be i

38、n use or of potential interest. A classification scheme based on that used in ETSI TR 119 000 i.1 is used to classify the standardization requirements based on the analysis of common scenarios. The present document does not address standardization for mobile environments where the whole signature cr

39、eation and/or validation process is carried out within the personal device. Whilst considered important to the market, this generally does not involve external interfaces which require further standardization beyond that already supported using existing standards within ETSI TR 119 000 i.1. The pres

40、ent document does not directly address specific requirements for mobile access to other supporting trust services such as time-stamping, revocation status or directory services as it is considered that these would either be addressed by signature creation or validation services, or that a personal d

41、evice has the capabilities to address these services directly by use of existing standards within ETSI TR 119 000 i.1. The present document particularly considers standardization requirements for scenarios involving assistance of remote services supporting: a) Local signing use cases where the signi

42、ng key is held with the signers personal device. b) Server signing use cases where the signing key is held in a shared server. c) Validation of signatures where the digital signature is verified supported by a remote server. The present document does not include an analysis of the security risks nor

43、 identification of specific security requirements for AdES digital signatures in mobile and distributed environments; security requirements are addressed in CEN TS 419 241 i.15. It rather addresses the requirements for standards supporting the distribution of the functionality related to creation an

44、d validation of AdES digital signature between distributed system elements. The present document is limited to AdES digital signatures supported by PKI and public key certificates, including use of secure signing devices such as qualified electronic signature (and seal) creation devices as defined i

45、n Regulation (EU) No 910/2014 i.5, and aims to meet the general requirements of the international community to provide trust and confidence in electronic transactions, including, amongst other, applicable requirements from Regulation (EU) No 910/2014 i.5.Whilst scenarios may be applicable to electro

46、nic seals, the present document concentrates on the use of services in support of digital signatures for natural persons or natural persons associated with legal persons. The present document takes into account existing standards and publicly available specifications in the current framework for dig

47、ital signature standardization ETSI TR 119 000 i.1. ETSI ETSI SR 019 020 V1.1.1 (2016-02) 8 2 References 2.1 Normative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited versio

48、n applies. For non-specific references, the latest version of the referenced document (including any amendments) applies. Referenced documents which are not found to be publicly available in the expected location might be found at http:/docbox.etsi.org/Reference. NOTE: While any hyperlinks included

49、in this clause were valid at the time of publication ETSI cannot guarantee their long term validity. The following referenced documents are necessary for the application of the present document. Not applicable. 2.2 Informative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the referenced document (including any amendments) applie

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1