ETSI TS 101 533-1-2012 Electronic Signatures and Infrastructures (ESI) Data Preservation Systems Security Part 1 Requirements for Implementation and Management (V1 3 1)《电子签名和基础结构(E.pdf

1、 ETSI TS 101 533-1 V1.3.1 (2012-04) Electronic Signatures and Infrastructures (ESI); Data Preservation Systems Security; Part 1: Requirements for Implementation and Management Technical Specification ETSI ETSI TS 101 533-1 V1.3.1 (2012-04)2Reference RTS/ESI-00123-1 Keywords e-commerce, electronic si

2、gnature, data preservation, security, trust services ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important n

3、otice Individual copies of the present document can be downloaded from: http:/www.etsi.org The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Porta

4、ble Document Format (PDF). In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information

5、 on the current status of this and other ETSI documents is available at http:/portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may

6、 be reproduced except as authorized by written permission. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2012. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for t

7、he benefit of its Members. 3GPPTM and LTE are Trade Marks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TS 101 533-1 V1.3.1 (2012-04)3Content Intellectual Property

8、 Rights 8g3Foreword . 8g3Acknowledgment 8g3Introduction 8g31 Scope 10g32 References 10g32.1 Normative references . 10g32.2 Informative references 10g33 Definitions and abbreviations . 12g33.1 Definitions 12g33.2 Abbreviations . 16g34 Overview 17g34.1 Preservation Service types 18g34.2 User Community

9、 and Applicability 19g34.3 Conformance requirements 19g35 Provisions based on TS 102 573 19g35.1 Compliance with the present document provisions 19g35.2 DPSP Obligations specified in TS 102 573, clause 6 . 20g35.2.1 Arrangements to cover liabilities and financial stability . 20g35.2.2 Conformance by

10、 sub-contractors 20g35.2.3 DPSP service provisions in abidance by the applicable legislation 21g35.2.4 Contractual aspects . 21g35.2.5 Resolution of complaints and disputes 22g35.2.6 Organisation independence . 23g35.2.7 DPSP Subscriber Obligations . 23g35.2.8 Information for trading partners 23g35.

11、2.9 Information for auditor/regulatory/tax authorities 24g36 Objectives and controls in TS 102 573, annex A . 24g36.1 SS.1. Signature . 24g36.1.1 SS.1.1. Class of Electronic Signature . 24g36.1.2 SS.1.2. Certification 24g36.1.3 SS.1.3. Signature Creation Data . 25g36.1.4 SS.1.4. Certificate subjects

12、 Registration 25g36.1.5 SS.1.5. Certificate Revocation 25g36.2 SS.2. Maintenance of Signature over storage period 25g36.3 SS.3. Storage 26g36.3.1 SS.3.1. Authorized Access 26g36.3.2 SS.3.2. Authenticity and Integrity . 26g36.3.3 SS.3.3. Data Object Readability . 27g36.3.4 SS.3.4. Storage media type

13、. 28g36.3.5 SS.3.5. Data Objects Format . 28g36.3.6 SS.3.6. Requirements on Separation and Confidentiality . 29g36.4 SS.4. Reporting to and Exchanges with Authorities . 29g36.5 SS.5. Conversion of Analog Originals to Digital Formats . 30g3Annex A (normative): ISO/IEC 27001 related Long Term Preserva

14、tion-specific ISMS control objectives, controls and implementation guidance 31g3A.1 Reference to ISO/IEC 27001 31g3A.2 Basic ISO/IEC 27002 provision . 31g3A.3 Enhanced ISO/IEC 27002 provisions . 31g3ETSI ETSI TS 101 533-1 V1.3.1 (2012-04)4A.4 New specific controls . 31g3A.5 Security Policy . 31g3A.5

15、.1 Information security policy 31g3A.5.1.1 Information security policy document 31g3A.5.1.2 Review of the information security policy 32g3A.6 Organization of information security . 32g3A.6.1 Internal organization. 32g3A.6.1.1 Management commitment to information security . 32g3A.6.1.2 Information se

16、curity co-ordination . 32g3A.6.1.3 Allocation of information security responsibilities . 33g3A.6.1.4 Authorization process for information processing facilities . 33g3A.6.1.5 Confidentiality agreements . 33g3A.6.1.6 Contact with authorities 34g3A.6.1.7 Contact with special interest groups . 34g3A.6.

17、1.8 Independent review of information security . 34g3A.6.2 External Parties 34g3A.6.2.1 Identification of risks related to external parties . 34g3A.6.2.2 Addressing security when dealing with customers . 34g3A.6.2.3 Addressing security in third party agreements 34g3A.7 Asset Management . 35g3A.7.1 R

18、esponsibility for assets . 35g3A.7.1.1 Inventory of assets 35g3A.7.1.2 Ownership of assets 36g3A.7.1.3 Acceptable use of assets . 36g3A.7.2 Information classification . 36g3A.7.2.1 Classification guidelines . 36g3A.7.2.2 Information labelling and handling . 37g3A.8 Human resources security 37g3A.8.1

19、 Prior to Employment 37g3A.8.1.1 Roles and responsibilities . 37g3A.8.1.2 Screening 38g3A.8.1.3 Terms and conditions of employment . 38g3A.8.2 During Employment . 38g3A.8.2.1 Management responsibilities 38g3A.8.2.2 Information security awareness, education, and training 38g3A.8.2.3 Disciplinary proc

20、ess 39g3A.8.3 Termination or Change of Employment . 39g3A.8.3.1 Termination responsibilities 39g3A.8.3.2 Return of assets . 39g3A.8.3.3 Removal of access rights 39g3A.9 Physical and environmental security 39g3A.9.1 Secure Areas . 39g3A.9.1.1 Physical security perimeter . 39g3A.9.1.2 Physical entry c

21、ontrols 40g3A.9.1.3 Securing offices, rooms, and facilities 40g3A.9.1.4 Protecting against external and environmental threats 40g3A.9.1.5 Working in secure areas 40g3A.9.1.6 Public access, delivery, and loading areas 40g3A.9.2 Equipment Security 41g3A.9.2.1 Equipment siting and protection . 41g3A.9.

22、2.2 Supporting utilities 41g3A.9.2.3 Cabling security 41g3A.9.2.4 Equipment maintenance 41g3A.9.2.5 Security of equipment off-premises 41g3A.9.2.6 Secure disposal or re-use of equipment 41g3A.9.2.7 Removal of property . 41g3A.10 Communications and operations management . 42g3A.10.1 Operational proce

23、dures and responsibilities . 42g3ETSI ETSI TS 101 533-1 V1.3.1 (2012-04)5A.10.1.1 Documented operating procedures . 42g3A.10.1.2 Change management . 42g3A.10.1.3 Segregation of duties 43g3A.10.1.4 Separation of development, test, and operational facilities . 43g3A.10.2 Third party service delivery m

24、anagement 43g3A.10.2.1 Service delivery 43g3A.10.2.2 Monitoring and review of third party services 43g3A.10.2.3 Managing changes to third party services . 44g3A.10.3 System planning and acceptance 44g3A.10.3.1 Capacity management . 44g3A.10.3.2 System acceptance 44g3A.10.4 Protection against malicio

25、us and mobile code 45g3A.10.4.1 Controls against malicious code . 45g3A.10.4.2 Controls against mobile code 45g3A.10.5 Back-up 45g3A.10.5.1 Information back-up . 45g3A.10.6 Network security management . 46g3A.10.6.1 Network controls 46g3A.10.6.2 Security of network services . 46g3A.10.7 Media handli

26、ng . 46g3A.10.7.1 Management of removable media . 46g3A.10.7.2 Disposal of media . 47g3A.10.7.3 Information handling procedures 47g3A.10.7.4 Security of system documentation 47g3A.10.8 Exchange of information 48g3A.10.8.1 Information exchange policies and procedures . 48g3A.10.8.2 Exchange agreement

27、s . 48g3A.10.8.3 Physical media in transit . 48g3A.10.8.4 Electronic messaging 48g3A.10.8.5 Business information systems . 48g3A.10.9 Electronic commerce services 48g3A.10.10 Monitoring 48g3A.10.10.1 Audit logging 48g3A.10.10.2 Monitoring system use 49g3A.10.10.3 Protection of log information 49g3A.

28、10.10.4 Administrator and operator logs . 49g3A.10.10.5 Fault logging . 49g3A.10.10.6 Clock synchronization 49g3A.11 Access control 50g3A.11.1 Business requirement for access control 50g3A.11.1.1 Access control policy 50g3A.11.2 User access management 51g3A.11.2.1 User registration 51g3A.11.2.2 Priv

29、ilege management . 51g3A.11.2.3 User password management . 51g3A.11.2.4 Review of user access rights . 52g3A.11.3 User responsibilities . 52g3A.11.3.1 Password use . 52g3A.11.3.2 Unattended user equipment. 52g3A.11.3.3 Clear desk and clear screen policy 52g3A.11.4 Network access control 53g3A.11.4.1

30、 Policy on use of network services . 53g3A.11.4.2 User authentication for external connections 53g3A.11.4.3 Equipment identification in networks . 53g3A.11.4.4 Remote diagnostic and configuration port protection . 53g3A.11.4.5 Segregation in networks 53g3A.11.4.6 Network connection control 53g3A.11.

31、4.7 Network routing control 53g3A.11.5 Operating system access control 54g3A.11.5.1 Secure log-on procedures 54g3A.11.5.2 User identification and authentication 54g3ETSI ETSI TS 101 533-1 V1.3.1 (2012-04)6A.11.5.3 Password management system 54g3A.11.5.4 Use of system utilities . 54g3A.11.5.5 Session

32、 time-out 54g3A.11.5.6 Limitation of connection time . 54g3A.11.6 Application and information access control . 54g3A.11.6.1 Information access restriction . 54g3A.11.6.2 Sensitive system isolation . 55g3A.11.7 Mobile computing and teleworking 55g3A.11.7.1 Mobile computing and communications . 55g3A.

33、11.7.2 Teleworking 55g3A.12 Information systems acquisition, development and maintenance 55g3A.12.1 Security requirements of information systems . 55g3A.12.1.1 Security requirements analysis and specification . 55g3A.12.2 Correct processing in applications 56g3A.12.2.1 Input data validation . 56g3A.

34、12.2.2 Control of internal processing . 56g3A.12.2.3 Message integrity 56g3A.12.2.4 Output data validation . 56g3A.12.3 Cryptographic controls . 56g3A.12.3.1 Policy on the use of cryptographic controls 56g3A.12.3.2 Key management 57g3A.12.4 Security of system files 57g3A.12.4.1 Control of operationa

35、l software 57g3A.12.4.2 Protection of system test data . 58g3A.12.4.3 Access control to program source code 58g3A.12.5 Security in development and support processes . 58g3A.12.5.1 Change control procedures . 58g3A.12.5.2 Technical review of applications after operating system changes 58g3A.12.5.3 Re

36、strictions on changes to software packages 58g3A.12.5.4 Information leakage 58g3A.12.5.5 Outsourced software development 58g3A.12.6 Technical Vulnerability Management 59g3A.12.6.1 Control of technical vulnerabilities . 59g3A.13 Information security incident management 59g3A.13.1 Reporting Informatio

37、n Security Events and Weaknesses . 59g3A.13.1.1 Reporting information security events 59g3A.13.1.2 Reporting security weaknesses . 59g3A.13.2 Management of Information Security Incidents and Improvements 60g3A.13.2.1 Responsibilities and procedures 60g3A.13.2.2 Learning from information security inc

38、idents. 60g3A.13.2.3 Collection of evidence 61g3A.14 Business continuity management . 61g3A.14.1 Information security aspects of business continuity management 61g3A.14.1.1 Including information security in the business continuity management process 61g3A.14.1.2 Business continuity and risk assessme

39、nt . 61g3A.14.1.3 Developing and implementing continuity plans including information security 62g3A.14.1.4 Business continuity planning framework 62g3A.14.1.5 Testing, maintaining and re-assessing business continuity plans . 62g3A.15 Compliance . 63g3A.15.1 Compliance with legal requirements 63g3A.1

40、5.1.1 Identification of applicable legislation 63g3A.15.1.2 Intellectual property rights (IPR) 63g3A.15.1.3 Protection of organizational records . 63g3A.15.1.4 Data protection and privacy of personal information 63g3A.15.1.5 Prevention of misuse of information processing facilities 63g3A.15.1.6 Regu

41、lation of cryptographic controls 63g3A.15.2 Compliance with security policies and standards and technical compliance 64g3A.15.2.1 Compliance with security policies and standards . 64g3A.15.2.2 Technical compliance checking 64g3ETSI ETSI TS 101 533-1 V1.3.1 (2012-04)7A.15.3 Information System Audit C

42、onsideration . 64g3A.15.3.1 Information systems audit controls . 64g3A.15.3.2 Protection of information systems audit tools . 64g3Annex B (informative): Statement of Applicability Framework . 65g3Annex C (informative): Bibliography . 66g3Annex D (informative): Change history . 67g3History 68g3ETSI E

43、TSI TS 101 533-1 V1.3.1 (2012-04)8Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI

44、SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (http:/ipr.etsi.org). Pursuant to the ETSI IPR Policy, no inve

45、stigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Technical Speci

46、fication (TS) has been produced by ETSI Technical Committee Electronic Signatures and Infrastructures (ESI). The present document is part 1 of a multi-part deliverable covering provisions for secure and reliable implementation, management and assessment of long term data preservation systems, as ide

47、ntified below: TS 101 533-1: “Requirements for Implementation and Management“; TR 101 533-2: “Guidelines for Assessors“. The text taken from ISO/IEC 27002:2005: “Information technology - Security techniques - Code of practice for information security management“ and ISO 15489-1:2001: “Information an

48、d documentation - Records management - Part 1: General“, is reproduced with the permission of the international Organization for Standardization, ISO. These can be obtained from any ISO member and from the Website of the ISO Central Secretariat at the following address: www.iso.org. Copyright remain

49、s with ISO. Acknowledgment The building blocks of the present document were submitted by UNINFO, the Italian standardization body for ICT, federated to UNI, Italian member body of CEN and ISO. Introduction In the light of EU-wide implementation of Directive 2006/123/EC i.25, article 26, EUMS are required to “take accompanying measures to encourage providers to take action on a voluntary basis in order to ensure the quality of service provision“. This will be accomplished through certification, assessment or by means of compliance with quality charters. Among the service