ImageVerifierCode 换一换
格式:PDF , 页数:16 ,大小:106.26KB ,
资源ID:739340      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-739340.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ETSI TS 102 640-4-2011 Electronic Signatures and Infrastructures (ESI) Registered Electronic Mail (REM) Part 4 REM-MD Conformance Profiles (V2 1 2)《电子签名和基础结构(ESI) 注册电子邮件(REM) 第4部分 _1.pdf)为本站会员(吴艺期)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ETSI TS 102 640-4-2011 Electronic Signatures and Infrastructures (ESI) Registered Electronic Mail (REM) Part 4 REM-MD Conformance Profiles (V2 1 2)《电子签名和基础结构(ESI) 注册电子邮件(REM) 第4部分 _1.pdf

1、 ETSI TS 102 640-4 V2.1.2 (2011-09) Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM); Part 4: REM-MD Conformance Profiles Technical Specification ETSI ETSI TS 102 640-4 V2.1.2 (2011-09)2Reference RTS/ESI-000071-4 Keywords e-commerce, electronic signature, email, secu

2、rity, trust services ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice Individual copies of the p

3、resent document can be downloaded from: http:/www.etsi.org The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In ca

4、se of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this a

5、nd other ETSI documents is available at http:/portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be reproduced except as authori

6、zed by written permission. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2011. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPT

7、M and LTE are Trade Marks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TS 102 640-4 V2.1.2 (2011-09)3Contents Intellectual Property Rights 4g3Foreword . 4g3Introd

8、uction 4g31 Scope 5g32 References 5g32.1 Normative references . 5g32.2 Informative references 5g33 Definitions, abbreviations and notations 6g33.1 Definitions 6g33.2 Abbreviations . 6g33.3 Notations 6g34 Basic Profile Requirements 7g34.1 Basic Elements . 7g34.2 REM-MD Management 7g34.3 Roles . 8g34.

9、4 Authentication 8g34.5 Interfaces and protocols 9g34.6 Evidence . 9g34.7 Information Security. 10g35 Advanced Profile Requirements . 11g35.1 General . 11g35.2 Interfaces and protocols 12g35.3 REM-PD related elements 12g35.4 Roles . 13g35.5 Evidence . 13g35.6 Information security management system 1

10、4g3History 16g3ETSI ETSI TS 102 640-4 V2.1.2 (2011-09)4Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and

11、can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (http:/ipr.etsi.org). Pursuant to the ETS

12、I IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword

13、 This Technical Specification (TS) has been produced by ETSI Technical Committee Electronic Signatures and Infrastructures (ESI). The present document is part 4 of a multi-part deliverable. Full details of the entire series can be found in part 1 1. Introduction Business and administrative relations

14、hips among companies, public administrations and private citizens, are the more and more implemented electronically. Trust is becoming essential for their success and continued development of electronic services. It is therefore important that any entity using electronic services have suitable secur

15、ity controls and mechanisms in place to protect their transactions and to ensure trust and confidence with their partners. Electronic mail is a major tool for electronic business and administration. Additional security services are necessary for e-mail to be trusted. At the time of writing the prese

16、nt document, in some European Union Member States (Italy, Belgium, etc.) regulation(s) and application(s) are being developed, if not already in place on mails transmitted by electronic means providing origin authentication and proof of delivery. A range of Registered E-Mail (“REM“) services is alre

17、ady established and their number is set to grow significantly over the next few years. Without the definition of common standards there will be no consistency in the services provided, making it difficult for users to compare them. Under these circumstances, users might be prevented from easily chan

18、ging to alternative providers, damaging free competition. Lack of standardization might also affect interoperability between REM based systems implemented based on different models. The present document is to ensure a consistent form of service across Europe, especially with regard to the form of ev

19、idence provided, in order to maximize interoperability even between e-mail domains governed by different policy rules. In order to move towards the general recognition and readability of evidence provided by registered e-mail services, it is necessary to specify technical formats, as well as procedu

20、res and practices for handling REM, and the ways the electronic signatures are applied to it. In this respect, the electronic signature is an important security component to protect the information and to provide trust in electronic business. It is to be noted that a simple “electronic signature“ wo

21、uld be insufficient to provide the required trust to an information exchange. Therefore the present document assumes the usage of at least an Advanced Electronic Signature, with the meaning of article 2(2) of EU Directive 1999/93/EC i.7 issued with a Secure Signature Creation Device, with the meanin

22、g of article 2(6) of the same Directive. The summarised scope of each part and sub-part can be found in part 1 1 of this multi-part deliverable. ETSI ETSI TS 102 640-4 V2.1.2 (2011-09)51 Scope The present document specifies two levels of conformance requirements: Basic Conformance Profile that indic

23、ates the minimum set of mandatory requirements that are to be met by any REM-MD that claims to be conformant with TS 102 640-1 1, TS 102 640-2 2 and TS 102 640-3 3; and Advanced Conformance Profile that includes a set of voluntary additional requirements to the Basic Conformance Profile for enhanced

24、 security and advanced evidential services. It should be emphasize that an organization claiming compliance with TS 102 640-1 1, TS 102 640-2 2 and TS 102 640-3 3 is only expected to fully comply with the mandatory requirements contained in the Basic Conformance Profile. 2 References References are

25、either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the reference document (including any amendments) applies. Referenced documents whi

26、ch are not found to be publicly available in the expected location might be found at http:/docbox.etsi.org/Reference. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long term validity. 2.1 Normative references The following refer

27、enced documents are necessary for the application of the present document. 1 ETSI TS 102 640-1: “Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM); Part 1: Architecture“. 2 ETSI TS 102 640-2: “Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail

28、 (REM); Part 2: Data requirements, Formats and Signatures for REM“. 3 ETSI TS 102 640-3: “Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM); Part 3: Information Security Policy Requirements for REM Management Domains“. 4 ISO/IEC 27002:2005: “Information technology - S

29、ecurity techniques - Code of practice for information security management“. 5 ETSI TS 101 862: “Qualified Certificate profile“. 2.2 Informative references The following referenced documents are not necessary for the application of the present document but they assist the user with regard to a partic

30、ular subject area. i.1 IETF RFC 1305: “Network Time Protocol (Version 3) Specification, Implementation and Analysis“. i.2 ETSI TS 102 640-5: “Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM); Part 5: REM-MD Interoperability Profiles“. i.3 ETSI TS 102 640-6-1: “Electr

31、onic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM); Part 6: Interoperability Profiles; Sub-part 1: REM-MD UPU PReM Interoperability Profile“. ETSI ETSI TS 102 640-4 V2.1.2 (2011-09)6i.4 ETSI TS 102 640-6-2: “Electronic Signatures and Infrastructures (ESI); Registered Electro

32、nic Mail (REM); Part 6: Interoperability Profiles; Sub-part 2: REM-MD BUSDOX Interoperability Profile“. i.5 ETSI TS 102 640-6-3: “Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM); Part 6: Interoperability Profiles; Sub-part 3: REM-MD SOAP Binding Profile“. i.6 ISO/IE

33、C 27001:2005: “Information technology - Security techniques - Information security management systems - Requirements“. i.7 Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures. 3 Definitions, abbreviations and notat

34、ions 3.1 Definitions For the purposes of the present document, the terms and definitions given in TS 102 640-1 1 apply. Throughout the present document a number of verbal forms are used, whose meaning is defined below: Shall, shall not: indicate requirements strictly to be followed in order to confo

35、rm to the present document and from which no deviation is permitted. Should, should not: indicate that among several possibilities one is recommended as particularly suitable, without mentioning or excluding others, or that a certain course of action is preferred but not necessarily required, or tha

36、t (in the negative form) a certain possibility or course of action is deprecated but not prohibited. May, need not: indicate a course of action permissible within the limits of the present document. 3.2 Abbreviations For the purposes of the present document, the abbreviations given in TS 102 640-1 1

37、 apply. 3.3 Notations All the requirements will be defined in tabular form. Table 1: Requirements template N Element TS reference Requirement Implementation guidance Notes Column N will identify a unique number for the requirements. This number will start from 1 in each clause. The eventual referenc

38、es to it would also include the clause number to avoid any ambiguity. Column Element will identify the element the requirement applies to. Elements include architectural elements (clauses 4.1 and 4.4), management element (clause 4.2), roles (clauses 4.3 and 5.4), interfaces (clauses 4.5 and 5.2), Ev

39、idence (clauses 4.6 and 5.5), Information Security Management elements (clause 4.7), Security Controls (clause 4.7), REM-PD related elements and Information security management system elements (clause 5.6). Tables in the aforementioned clauses have, in consequence, different headers for this column.

40、 Column TS Reference will reference the relevant clause of the standard where the element is defined. The reference is to TS 102 640-1 1, TS 102 640-2 2 or TS 102 640-3 3 except where explicitly indicated otherwise. ETSI ETSI TS 102 640-4 V2.1.2 (2011-09)7Column Requirement will contain an identifie

41、r, as defined in table 2. Table 2: Optionality Identifier Requirement to implement M REM-MD shall implement the element R REM-MD should implement the element O REM-MD may implement the element Column Implementation guidance will contain guidance explaining how to implement the identified requirement

42、. It is intended either to explain how the requirement is implemented or to. Column Notes will include explanatory and additional information. 4 Basic Profile Requirements 4.1 Basic Elements Table 3 shows the mandatory architectural elements that shall be present in the logical model of a Registered

43、 Electronic Mail service. Table 3 N Architectural Element TS reference Requirement Implementation guidance Notes 1 REM-MD 4.1 M see note 1 2 REM Sender 4.1 M see note 2 3 REM Recipient 4.1 M 4 REM-UA 4.1 M 5 Evidence 4.1 M see note 3 NOTE 1: The REM Sender has access to the REM-MD services through a

44、 User Agent. NOTE 2: The recipient accesses also the REM-MD services through a User Agent. NOTE 3: In addition to transport services as provided by other mailing systems, REM systems provide evidence services related to the submission, transmission (where applicable) and delivery of the REM Object.

45、In particular, evidence services including some or all of evidence types mentioned in clause 6 should be provided to users (be they humans or systems). 4.2 REM-MD Management Table 4 shows the minimum set of requirements for management of a REM-MD and REM-PD. Table 4 N Management elements TS referenc

46、e Requirement Implementation guidance Notes 1 Compliance to rules and procedures 4 M a) 2 Documenting procedures 4 M b) 3 Provision of information by REM-PD 4 M c) see noteNOTE: A REM Policy Domain may have an Authority supervising the application of the policy and, within one REM-PD, there may be o

47、ne or more REM-MD that provide end users with the whole set of REM related services. A REM-MD may belong to more than one REM-PD, provided that it complies with the rules of all of them. For example, a REM-MD set up in one country by a multinational company could be compliant to the sets of rules of

48、 both the relevant country and the multinational organizations. ETSI ETSI TS 102 640-4 V2.1.2 (2011-09)8Implementation guidance: a) The REM-MD shall be managed in compliance of rules and procedures ensuring abidance by the regulations governing the relevant REM Policy Domain (company rules, contract

49、ual obligations, and/or domestic and international law s and regulations applicable) in order to provide, where applicable, legal validity of REM-Dispatches, REM-MD Messages and REM-MD Evidence. b) The REM-procedures shall be documented in compliance of rules and procedures ensuring abidance by the regulations governing the relevant REM Policy Domain (company rules, contractual obligations, and/or domestic and international law s and regulations applicable) in order to provide, where applicable, legal

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1