ImageVerifierCode 换一换
格式:PDF , 页数:65 ,大小:647.75KB ,
资源ID:738815      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-738815.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ETSI TS 102 204-2003 Mobile Commerce (M-COMM) Mobile Signature Service Web Service Interface (V1 1 4)《移动商务(M-COMM) 移动签名业务 网页业务接口(版本1 1 4)》.pdf)为本站会员(lawfemale396)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ETSI TS 102 204-2003 Mobile Commerce (M-COMM) Mobile Signature Service Web Service Interface (V1 1 4)《移动商务(M-COMM) 移动签名业务 网页业务接口(版本1 1 4)》.pdf

1、 ETSI TS 102 204 V1.1.4 (2003-08)Technical Specification Mobile Commerce (M-COMM);Mobile Signature Service;Web Service InterfaceETSI ETSI TS 102 204 V1.1.4 (2003-08) 2 Reference DTS/M-COMM-004 Keywords commerce, electronic signature, interface, internet, m-commerce, mobile, service ETSI 650 Route de

2、s Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice Individual copies of the present document can be downloaded from

3、: http:/www.etsi.org The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case of dispute, the reference shall be

4、the printing on ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available a

5、t http:/portal.etsi.org/tb/status/status.asp If you find errors in the present document, send your comment to: editoretsi.org Copyright Notification No part may be reproduced except as authorized by written permission. The copyright and the foregoing restriction extend to reproduction in all media.

6、European Telecommunications Standards Institute 2003. All rights reserved. DECTTM, PLUGTESTSTM and UMTSTM are Trade Marks of ETSI registered for the benefit of its Members. TIPHONTMand the TIPHON logo are Trade Marks currently being registered by ETSI for the benefit of its Members. 3GPPTM is a Trad

7、e Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. ETSI ETSI TS 102 204 V1.1.4 (2003-08) 3 Contents Intellectual Property Rights5 Foreword.5 Introduction 5 1 Scope 7 2 References 8 3 Definitions and abbreviations.9 3.1 Definitions9 3.2 Abbreviations .10

8、 4 Void11 5 Introduction to mobile signature 11 5.1 Overview 11 5.1.1 Mobile Signature 11 5.1.2 Using mobile signature .12 5.1.3 Mobile Signature Service (MSS)12 5.2 Notation13 5.3 XML schema declaration .13 6 Mobile Signature Service (MSS) functions14 6.1 Mobile Signature 14 6.1.1 Mobile Signature

9、profile.14 6.1.2 Mobile Signature messaging modes .15 6.1.2.1 Synchronous mode15 6.1.2.2 Asynchronous - ClientServer mode 16 6.1.2.3 Asynchronous - ServerServer mode17 6.2 Mobile Signature status query18 6.3 Mobile Signature profile query 18 6.4 Mobile Signature registration.19 6.5 Mobile Signature

10、receipt 19 6.6 Mobile Signature handshake 20 7 Mobile Signature web service 21 7.1 Mobile Signature method .21 7.2 Mobile Signature status query method .22 7.3 Mobile Signature Receipt Method23 7.4 Mobile Signature Registration Method 24 7.5 Mobile Signature Profile Query Method 24 7.6 Mobile Signat

11、ure notification method25 7.7 Mobile Signature handshake method .26 8 Message formats.26 8.1 Message abstract type.26 8.2 MSS Signature Request SigREQ - STD 28 8.3 MSS Signature response SigRESP STD.29 8.4 MSS Status Request StatREQ STD 30 8.5 MSS status response StatRESP - STD.30 8.6 MSS registrati

12、on request RegREQ STD.31 8.7 MSS registration response RegRESP STD.31 8.8 MSS profile request ProfREQ STD32 8.9 MSS profile response ProfRESP STD32 8.10 MSS receipt request RecREQ STD 33 8.11 MSS receipt response RecRESP - STD.33 8.12 MSS Handshake request HShakeREQ STD .34 8.13 MSS handshake respon

13、se HShakeRESP STD35 ETSI ETSI TS 102 204 V1.1.4 (2003-08) 4 9 Auxiliary types .36 9.1 URI identifier .36 9.2 General auxiliary types.37 9.2.1 MeshMember37 9.2.2 Digest alg and value37 9.2.3 mssURI .37 9.2.4 Mobile user .38 9.3 AP auxiliary types 38 9.3.1 Messaging mode .38 9.3.2 Data.39 9.3.3 Key re

14、ference39 9.3.4 Additional service.39 9.3.5 Signature profile comparison40 9.4 MSSP auxiliary types .40 9.4.1 Signature.40 9.4.2 Status 41 9.4.3 Status code41 9.4.4 Status Detail41 10 Communication Protocol Binding41 10.1 Encoding rules41 10.2 SOAP header42 10.3 SOAP body.42 10.4 SOAP over the HTTP

15、protocol.42 10.5 WSDL Description.42 10.6 Error handling 43 11 Web Service: Security and Privacy Considerations .45 11.1 Handshake 45 11.2 Security and privacy.45 11.2.1 Purposes45 11.2.2 Simplified threat model for Mobile Signature Web Service.46 11.2.3 Security framework.46 11.3 XML Signatures .47

16、 11.4 Mobile signatures .48 11.5 Security protocols.48 Annex A (normative): XML Schema49 Annex B (normative): SOAP FAULT Subcodes .55 Annex C (normative): MSS Status Codes 56 Annex D (informative): Examples.57 D.1 Mobile Signature request - Response in synchronous mode without XML Signatures.57 D.2

17、Mobile Signature Request - Response with an error59 D.3 Mobile Signature Request - Response in Asynchronous Client-Server mode with XML Signatures .60 Annex E (informative): Bibliography.64 History 65 ETSI ETSI TS 102 204 V1.1.4 (2003-08) 5 Intellectual Property Rights IPRs essential or potentially

18、essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs n

19、otified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (http:/webapp.etsi.org/IPR/home.asp). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee

20、 can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword The present document (TS) has been produced by ETSI Project M-Commerce (M-COMM). Introduction Cit

21、izens around the world are making use increasingly of electronic communications facilities in their daily lives. This often involves interactions between parties who have never previously met - or may never meet - and for whom no pre-established relationship exists. Consequently, communications netw

22、orks of all kinds are being exploited in new ways to conduct business, to facilitate remote working and to create other “virtual“ shared environments. Consumers, businesses and government departments alike benefit in various ways. For the European Union (“EU“), electronic commerce presents an excell

23、ent opportunity to advance its programmes for economic integration. But, such an approach requires an appropriate security mechanism to allow completion of “remote“ interactions between parties with confidence. To this end, the European Parliament and Council Directive on Electronic Signatures (1999

24、/93/EC 22) was published on December-13th, 1999. The definition of “electronic signature“ contained in Article 2 of the Directive facilitated the recognition of data in electronic form in the same manner as a hand-written signature satisfies those requirements for paper-based data. Since electronic

25、signatures can only be as “good“ as the technology and processes used to create them, “standardization“ activities such as those in Europe by ETSI and CEN within the EESSI framework aim to ensure that a common level of confidence and acceptance can be recognized. The result will be a powerful enabli

26、ng facility for electronic commerce and, more generally, for completion of transactions of any kind. In the context of the EU Directive, the present document focuses on electronic signatures created by cryptographic means in a “secure signature creation device“. To date (June 2003), security provisi

27、ons for signature creation and verification systems are such that parties wishing to provide a signature require “special“ equipment. Typically, this involves a smartcard and a card reader with sufficient processing power and display capabilities to present full details of the transaction to be “sig

28、ned“. For consumer markets, however, it is doubtful whether individual citizens will want to invest in such equipment, which for the most part may remain connected to (or inserted into) personal computer equipment located in the home. An alternative approach is to capitalize on the fact that many ci

29、tizens already possess a device which contains a smartcard and which itself is effectively a personal card reader - their mobile phone. In some European countries, mobile penetration rates are approaching 80 % of the population. As one of the most widely-owned electronic devices, the mobile phone re

30、presents the natural choice for implementation of a socially-inclusive, electronic signature solution for the majority of citizens. Electronic signatures created in this way have become known as “Mobile Signatures“ and a number of initiatives are already underway to evaluate the feasibility of such

31、an approach. Only a small number of these have so far been implemented commercially and none have yet been extended to a mass-market scale. Many of those engaged in such activity cite “interoperability“ issues as a restraining factor, requiring standardization to avoid market fragmentation. ETSI ETS

32、I TS 102 204 V1.1.4 (2003-08) 6 The concept of a “Mobile Signature“ is attractive because it leverages existing commercial models, network infrastructure, mobile device technology (including the SIM-infrastructure) and customer relationships managed by GSM mobile network operators. This offers the p

33、rospect that the concept could be adopted by around one billion mobile phone users in 179 countries, world-wide. Extension of the concept to other mobile network technologies is also possible. Adoption of mobile signature might also assist in the fight against international crimes, such as money “la

34、undering“. In this case, the opportunity provided by mobile signature to identify the citizens who are party to a transaction is attractive, subject to provisions concerning Data Protection, Privacy and Legal Interception (as applied to data services). Acceptance of the concept universally now requi

35、res “standardization“ of a common service methodology, where signature requests/responses can be issued/received in a “standard“ format - irrespective of mobile device characteristics. To this end, the European Commission allocated funds to ETSI to establish a Specialist Task Force (STF-221) to prod

36、uce a set of deliverables on “Mobile Signature Service“. It is envisaged that mobile signature services will play a pivotal role in reaching an appropriate level of confidence, acceptance and interoperability to support implementation of the European Directive on Electronic Signature - particularly

37、for consumer (mass) markets. This Technical Report focuses on those technologies able to realize a mobile signature the equivalent of an “enhanced electronic signature“ as defined by the European Directive. The mobile signature service is considered suitable for the administration and management of

38、all aspects relating to: Advising and guiding citizens about the use of mobile signature Acquiring mobile signature capability Managing citizen identity (including Data protection and individual privacy) Processing of signature requests from application providers (and providing responses) Maintainin

39、g signature transaction records for the citizen. Managing all aspects of signature lifecycle (e.g. validity, expiry) Supporting service administration and maintenance activities The definition of the Mobile Signature Service comprises the following report and specifications: TR 102 203 12: “Mobile C

40、ommerce (M-COMM); Mobile Signature; Business Mobile Signature;Web Service Interface“. TR 102 206 13: “Mobile Commerce (M-COMM); Mobile Signature Service; Security Framework“. TS 102 207 14: “Mobile Commerce (M-COMM); Mobile Signature Service; Specifications for Roaming in Mobile Signature Services“.

41、 Together, the Technical Reports (TRs) and the Technical Specifications (TSs) allow the design and implementation of interoperable mobile signature solutions. ETSI ETSI TS 102 204 V1.1.4 (2003-08) 7 1 Scope The present document specifies the Mobile Signature Service as a Web Service: MOBILE SIGNATUR

42、E WEB SERVICE. From the business and functional requirements of TR 102 203 12, the present document identifies the methods that must be provided by a Mobile Signature Web Service Provider. The present document specifies the data structures and messaging models related to these methods thanks to XML

43、Schema and WSDL. Documentations about these technologies can be found in clause 2. The complete MSS XML Schema is provided in Annex A. A SOAP 1.2 binding is proposed as the mandatory protocol binding. The corresponding WSDL 1.1 description document of such a web service is specified. In defining the

44、 Web service, the present document makes reference to interactions between different parties and to the end user experience of a mobile signature service at the mobile device. This is done to illustrate concepts and facilitate definition of the Web service - only. Readers are referred to other sourc

45、es of information as indicated in clause 2 regarding definitions and specifications for these topics. Structure of the present document: Scope: a description of the goals and objectives of the present document. Document Administration: an explanation of the structure, definitions, symbols and abbrev

46、iations used in the present document. Introduction to mobile signature: positions the Mobile Signature project and EC funding etc leading to overview of why mobile signature has a way to accelerate deployment of electronic signatures as originally envisaged by the EU Directive. Mobile Signature Serv

47、ice Functions: this section describes the high-level functionalities provided by a Mobile Signature Service Provider. Mobile Signature Web Service: the Mobile Signature Service is specified as a Web Service in this section. Message Formats: the XML messages exchanged between an Application Provider

48、and a Mobile Signature Service Provider are presented. Auxiliary XML Data Types: the messages presented in the previous chapter are based upon the XML data types specified here. Communication Protocol Binding: the protocol binding for the Mobile Signature Service is specified as SOAP 1.2 over HTTP.

49、Web Service - Security and Privacy Considerations: Security and Privacy considerations with respect to the Mobile Signature Service are presented. ETSI ETSI TS 102 204 V1.1.4 (2003-08) 8 2 References The following documents contain provisions which, through reference in this text, constitute provisions of the present document. References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For a specific reference, subsequent r

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1