收藏
下载资源 加入VIP,免费下载

DIN CEN TS 15480-4-2012 Identification card systems - European Citizen Card - Part 4 Recommendations for European Citizen Card issuance operation and use English version CEN TS 154.pdf

上传人:fuellot230 文档编号:663390 上传时间:2018-12-25 格式:PDF 页数:47 大小:900.44KB
下载 相关 举报
DIN CEN TS 15480-4-2012 Identification card systems - European Citizen Card - Part 4 Recommendations for European Citizen Card issuance operation and use English version CEN TS 154.pdf_第1页
第1页 / 共47页
DIN CEN TS 15480-4-2012 Identification card systems - European Citizen Card - Part 4 Recommendations for European Citizen Card issuance operation and use English version CEN TS 154.pdf_第2页
第2页 / 共47页
DIN CEN TS 15480-4-2012 Identification card systems - European Citizen Card - Part 4 Recommendations for European Citizen Card issuance operation and use English version CEN TS 154.pdf_第3页
第3页 / 共47页
DIN CEN TS 15480-4-2012 Identification card systems - European Citizen Card - Part 4 Recommendations for European Citizen Card issuance operation and use English version CEN TS 154.pdf_第4页
第4页 / 共47页
DIN CEN TS 15480-4-2012 Identification card systems - European Citizen Card - Part 4 Recommendations for European Citizen Card issuance operation and use English version CEN TS 154.pdf_第5页
第5页 / 共47页
点击查看更多>>
资源描述

1、Juni 2012 Normenausschuss Informationstechnik und Anwendungen (NIA) im DINPreisgruppe 18DIN Deutsches Institut fr Normung e. V. Jede Art der Vervielfltigung, auch auszugsweise, nur mit Genehmigung des DIN Deutsches Institut fr Normung e. V., Berlin, gestattet.ICS 35.240.15Zur Erstellung einer DIN SP

2、EC knnen verschiedene Verfahrensweisen herangezogen werden: Das vorliegende Dokument wurde nach den Verfahrensregeln einer Vornorm erstellt.!$snY“1807554www.din.deDDIN CEN/TS 15480-4Identifikationskartensysteme Europische Brgerkarte Teil 4: Empfehlungen fr Ausgabe, Arbeitsweise und Benutzung derEuro

3、pischen Brgerkarte;Englische Fassung CEN/TS 15480-4:2012Identification card systems European Citizen Card Part 4: Recommendations for European Citizen Card issuance, operation and use;English version CEN/TS 15480-4:2012Systmes de cartes didentification Carte Europenne du Citoyen Partie 4: Recommenda

4、tions pour lmission, lexploitation et lutilisation de la CarteEuropenne du Citoyen;Version anglaise CEN/TS 15480-4:2012Alleinverkauf der Spezifikationen durch Beuth Verlag GmbH, 10772 Berlin www.beuth.deGesamtumfang 47 SeitenDIN SPEC 91130-4DIN CEN/TS 15480-4 (DIN SPEC 91130-4):2012-06 2 Nationales

5、Vorwort Dieses Dokument (CEN/TS 15480-4:2012) wurde vom CEN/TC 224 Persnliche Identifikation, elektronische Signatur und Karten sowie zugehrige Systeme und Operationen“ erarbeitet, dessen Sekretariat von AFNOR (Frankreich) gehalten wird. Eine DIN SPEC nach dem Vornorm-Verfahren ist das Ergebnis eine

6、r Normungsarbeit, das wegen bestimmter Vorbehalte zum Inhalt oder wegen des gegenber einer Norm abweichenden Aufstellungsverfahrens vom DIN noch nicht als Norm herausgegeben wird. Zur vorliegenden DIN SPEC wurde kein Entwurf verffentlicht. Erfahrungen mit dieser DIN SPEC sind erbeten vorzugsweise al

7、s Datei per E-Mail an niadin.de in Form einer Tabelle. Die Vorlage dieser Tabelle kann im Internet unter http:/www.din.de/stellungnahme abgerufen werden; oder in Papierform an den Normenausschuss Informationstechnik und Anwendungen (NIA) im DIN. Das Prsidium des DIN hat mit seinem Beschluss 1/2004 f

8、estgelegt, dass von dem in den Regeln der europischen Normungsarbeit von CEN/CENELEC verankerten Grundsatz, wonach Europische Normen in den drei offiziellen Sprachen Deutsch, Englisch, Franzsisch verffentlicht werden, in begrndeten Aus-nahmefllen abgewichen und auf die deutsche Sprachfassung verzich

9、tet werden kann. DIN CEN/TS 15480-4 ist Teil einer Reihe von Technischen Spezifikationen mit Anforderungen an eine Europische Brgerkarte (en: European Citizen Card, ECC). Identittsprfung; Einsatz als Reisedokument innerhalb der Europischen Union; Erleichterung des logischen Zugangs zu E-Government-D

10、iensten oder Diensten lokaler Verwaltungs-einrichtungen. DIN CEN/TS 15480-1 spezifiziert die physikalischen, elektrischen und transportprotokoll-bezogenen Merk-male fr die Europische Brgerkarte, whrend DIN CEN/TS 15480-2 die zu verwendenden Datenelement und Datenstrukturen, die von der ECC untersttz

11、ten Dienste und den dazugehrigen Befehlssatz festlegt. DIN CEN/TS 15480-3 legt ein Interoperabilittsmodell fest, welches einem elektronischen Service ermglicht, mit verschiedenen Anwendungen der Europischen Brgerkarte zu interagieren. DIN CEN/TS 15480-4 erweitert die Reihe der Technischen Spezifikat

12、ionen um Empfehlungen zum operativen Ablauf der Kartenausgabe, welcher die Registrierung von Brgern beinhaltet. Empfehlungen fr den Benutzer im Hinblick auf Datenschutz und Barrierefreiheit werden ebenso festgelegt, wie eine Menge von ECC-Kartenprofilen, welche als Grundlage fr die Spezifikation von

13、 neuen ECC-Projekten dienen knnen. Fr jedes Kartenprofil verwendet diese Spezifikation eine spezifische Vorlage, die: eine Untermenge von technischen Anforderungen aus den Teilen 1, 2 und 3 der ECC-Reihe auswhlt; die Verwendung der ECC in ihrer jeweiligen Umgebung bercksichtigt. TECHNICAL SPECIFICAT

14、ION SPCIFICATION TECHNIQUE TECHNISCHE SPEZIFIKATION CEN/TS 15480-4 March 2012 ICS 35.240.15 English Version Identification card systems - European Citizen Card - Part 4: Recommendations for European Citizen Card issuance, operation and use Systmes de cartes didentification - Carte Europenne du Citoy

15、en - Partie 4: Recommandations pour lmission, lexploitation et lutilisation de la Carte Europenne du Citoyen Identifikationskartensysteme - Europische Brgerkarte - Teil 4: Empfehlungen fr Ausgabe, Arbeitsweise und Benutzung der Europischen Brgerkarte This Technical Specification (CEN/TS) was approve

16、d by CEN on 23 January 2012 for provisional application. The period of validity of this CEN/TS is limited initially to three years. After two years the members of CEN will be requested to submit their comments, particularly on the question whether the CEN/TS can be converted into a European Standard

17、. CEN members are required to announce the existence of this CEN/TS in the same way as for an EN and to make the CEN/TS available promptly at national level in an appropriate form. It is permissible to keep conflicting national standards in force (in parallel to the CEN/TS) until the final decision

18、about the possible conversion of the CEN/TS into an EN is reached. CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta,

19、 Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom. Management Centre: Avenue Marnix 17, B-1000 Brussels 2012 CEN All rights of exploitation in any form and by any means reserved worldwide for CEN national Members. Ref. No. CEN/

20、TS 15480-4:2012: EEUROPEAN COMMITTEE FOR STANDARDIZATION COMIT EUROPEN DE NORMALISATION EUROPISCHES KOMITEE FR NORMUNG CEN/TS 15480-4:2012 (E) 2 Contents Page Foreword 51 Scope 62 Normative references 63 Abbreviations .64 General recommendations on card issuance and operational procedures 74.1 Initi

21、al considerations for an ECC project 74.2 ECC Management System and ECC lifecycle description 94.3 ECC Management System functional organization . 114.4 ECC Management System Architecture . 124.4.1 General principles. 124.4.2 ARIS: Application Registration and Issuance Subsystem . 134.4.3 IVAS: Iden

22、tity Authentication and Verification Subsystem 144.5 ECC Management System Security Policy 144.5.1 Common principles 144.5.2 Establishing Detailed Security Requirements for specific ECC profiles Data Access 154.5.3 Basic set of requirements for ECC Digital Signature 165 Recommendations with regard t

23、o the end user 175.1 Privacy principles for card issuance and operation . 175.1.1 General . 175.1.2 Protection of the data . 185.1.3 Transparency 185.1.4 Consent in data collection . 185.1.5 Preference for opt-in 185.1.6 Limitation of purpose . 185.1.7 Limitation of period of retention . 185.1.8 Adh

24、erence to performance criteria . 185.1.9 Access rights of the data subject . 185.1.10 Secure audit 185.1.11 Data transfer between jurisdictions 185.2 Accessibility 195.3 Usability . 205.3.1 Introduction . 205.3.2 Usability and the physical environment . 205.3.3 Location . 205.3.4 Ease of use 215.3.5

25、 Help 215.3.6 Further issues . 216 Privacy features of the ECC . 217 ECC security evaluation . 227.1 General . 227.2 Digital signature services 227.3 Other services provided by an ECC 237.3.1 General . 237.3.2 Security evaluation recommendations . 237.3.3 Security criteria for interoperability 238 C

26、ard profiles for the ECC . 258.1 General . 258.2 User accessibility profile . 268.3 Card profile template 26DIN CEN/TS 15480-4 (DIN SPEC 91130-4):2012-06 CEN/TS 15480-4:2012 (E) 3 8.3.1 General . 268.3.2 User accessibility profile 268.3.3 Card durability requirements . 278.3.4 Card layout requiremen

27、ts . 278.3.5 Applications . 278.3.6 Selected card services 278.3.7 Card Info . 278.3.8 Cross application services . 278.3.9 References . 288.4 Identification scheme for ECC profiles . 288.4.1 Card profile 288.4.2 User accessibility profile 28Annex A (informative) Card profiles 29A.1 General . 29A.2

28、Card Profile 1: eID Application with mandatory ICAO functionality and conditional digital signature functionality 29A.2.1 OID 29A.2.2 General . 29A.2.3 Applications . 29A.2.4 Selected card services 30A.2.5 Card Info . 30A.2.6 Cross application services . 31A.2.7 References . 31A.3 Card Profile 2: Du

29、al-chip card with respective eID and ICAO Application 32A.3.1 OID 32A.3.2 General . 32A.3.3 Applications . 32A.3.4 Selected card services for ICAO application 32A.3.5 References . 33A.4 Card Profile 3: eServices using a trusted Third Party . 34A.4.1 OID 34A.4.2 General . 34A.4.3 Applications . 34A.4

30、.4 Selected card services 34A.4.5 References . 34A.5 Card Profile 4: Health Insurance Card . 35A.5.1 OID 35A.5.2 General . 35A.5.3 Applications . 35A.5.4 Selected card services 35A.5.5 References . 35A.6 Card Profile 5: Mono-application / Multi-service 36A.6.1 OID 36A.6.2 General . 36A.6.3 Card dura

31、bility requirements . 36A.6.4 Applications . 36A.6.5 Selected card services 36A.6.6 References . 39Annex B (informative) User accessibility profile . 40B.1 General . 40B.2 User accessibility profile according to ISO/IEC 12905:2011 . 40B.2.1 OID 40B.2.2 General . 40B.2.3 Interfaces / transport protoc

32、ols . 40B.2.4 Data elements and data structures 41B.2.5 Card services . 42B.2.6 Command set . 42B.2.7 Data structure of Global UCI 43DIN CEN/TS 15480-4 (DIN SPEC 91130-4):2012-06 CEN/TS 15480-4:2012 (E) 4 B.2.8 Data structure of Local UCI . 43B.2.9 References . 43Annex C (informative) Reference docu

33、ments . 44C.1 EU legal acts 44C.2 Security documents . 44C.3 Technical standards (non-normative references) . 44C.4 Other relevant documents . 45DIN CEN/TS 15480-4 (DIN SPEC 91130-4):2012-06 CEN/TS 15480-4:2012 (E) 5 Foreword This document (CEN/TS 15480-4:2012) has been prepared by Technical Committ

34、ee CEN/TC 224 “Personal identification, electronic signature and cards and their related systems and operations”, the secretariat of which is held by AFNOR. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. CEN and/or CENELEC shall

35、not be held responsible for identifying any or all such patent rights. CEN/TS 15480 “Identification card systems European Citizen Card“ consists of the four following parts: Part 1: Physical, electrical and transport protocol characteristics; Part 2: Logical data structures and card services; Part 3

36、: European Citizen Card Interoperability using an application interface; Part 4: Recommendations for European Citizen Card issuance, operation and use. According to the CEN/CENELEC Internal Regulations, the national standards organizations of the following countries are bound to announce this Techni

37、cal Specification: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland,

38、Turkey and the United Kingdom. DIN CEN/TS 15480-4 (DIN SPEC 91130-4):2012-06 CEN/TS 15480-4:2012 (E) 6 1 Scope CEN/TS 15480-4 recommends card issuance and operational procedures including citizens registration. CEN/TS 15480-4 gives recommendations with regard to the end-user e.g. with respect to pri

39、vacy and accessibility aspects. CEN/TS 15480-4 also identifies a set of standard ECC card profiles (e.g. National ID Card, Health Card, Card issued by a Municipality), that can be used as basis for the specification of new ECC projects. For each profile, this Technical Specification uses a specified

40、 template which selects a subset of technical requirements from CEN/TS 15480-1, CEN/TS 15480-2:2011 and CEN/TS 15480-3:2010. considers the operation of the ECC in its particular environment. The target audience of CEN/TS 15480-4 is the card issuer. 2 Normative references The following documents, in

41、whole or in part, are normatively referenced in this document and are indispensable for its application. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. CEN/TS 15480-1, Identification card

42、 systems European Citizen Card Part 1: Physical, electrical and transport protocol characteristics CEN/TS 15480-2:2011, Identification card systems European Citizen Card Part 2: Logical data structures and card services CEN/TS 15480-3:2010, Identification card systems European Citizen Card Part 3: E

43、uropean Citizen Card Interoperability using an application interface ISO/IEC 12905:2011, Integrated circuit cards Enhanced Terminal Accessibility using cardholder preference interface 3 Abbreviations For the purposes of this document, the following abbreviations apply. ARIS Applicant Registration an

44、d Issuance System ECC European Citizen Card EMS ECC management system ID card Identification Card IVAS Identity Authentication and Verification System MRTD Machine Readable Travelling Document PKI Public Key Infrastructure DIN CEN/TS 15480-4 (DIN SPEC 91130-4):2012-06 CEN/TS 15480-4:2012 (E) 7 4 Gen

45、eral recommendations on card issuance and operational procedures 4.1 Initial considerations for an ECC project CEN/TS 15480-4 does not aim at providing an overall solution on how to design and run a complete EMS. It provides some guidance to overcome common challenges that the organisations responsi

46、ble for the conception and management of the system are likely to face, including the following issues. Clear identification of the main purposes of the system and of the nature of the assets to be protected shall lead to the early definition of the security policy to run the system The ECC may be i

47、ssued for different purposes: it can act for example as a national ID card, travelling card, e-government or health insurance card. Following its intended purpose, the EMS main purpose can diverge: to enhance security, to increase efficiency in the provision of services, to reduce identity fraud or

48、to cut expenses by establishing a system of privileges upon card and users authentication. It is assumed that privacy protection is a common objective. The use cases will define the applications to be selected by the card. In this Technical Specification, use cases translate into ECC profiles (see Annex A), that precisely describe card security mechanisms. The practical work of the project can be summarized in the next four points: the analysis of risks based on the ECC use case; the definition of security policies to minimize the impact o

展开阅读全文
相关资源
  • DIN EN 818-7-2008 Short link chain for lifting purposes - Safety - Part 7 Fine tolerance hoist chain Grade T (Types T DAT and DT)(includes Amendment A1 2008) Ge.pdfDIN EN 818-7-2008 Short link chain for lifting purposes - Safety - Part 7 Fine tolerance hoist chain Grade T (Types T DAT and DT)(includes Amendment A1 2008) Ge.pdf
  • DIN EN 1677-3-2008 Components for slings - Safety - Part 3 Forged steel self-locking hooks Grade 8(includes Amendment A1 2008) English version of DIN EN 1677-3 .pdfDIN EN 1677-3-2008 Components for slings - Safety - Part 3 Forged steel self-locking hooks Grade 8(includes Amendment A1 2008) English version of DIN EN 1677-3 .pdf
  • DIN EN 1677-2-2008 Components for slings - Safety - Part 2 Forged steel lifting hooks with latch Grade 8(includes Amendment A1 2008) English version of DIN EN 1.pdfDIN EN 1677-2-2008 Components for slings - Safety - Part 2 Forged steel lifting hooks with latch Grade 8(includes Amendment A1 2008) English version of DIN EN 1.pdf
  • DIN EN 1670-2007 Building hardware - Corrosion resistance - Requirements and test methods English version of DIN EN 1670 2007-06《建筑五金器具 耐腐蚀 要求和试验方法》.pdfDIN EN 1670-2007 Building hardware - Corrosion resistance - Requirements and test methods English version of DIN EN 1670 2007-06《建筑五金器具 耐腐蚀 要求和试验方法》.pdf
  • DIN EN 1656-2010 Chemical disinfectants and antiseptics - Quantitative suspension test for the evaluation of bactericidal activity of chemical disinfectants and.pdfDIN EN 1656-2010 Chemical disinfectants and antiseptics - Quantitative suspension test for the evaluation of bactericidal activity of chemical disinfectants and.pdf
  • DIN EN 1230-2-2018 Paper and board intended to come into contact with foodstuffs - Sensory analysis - Part 2 Off-flavour (taint) German version EN 1230-2 2009《用.pdfDIN EN 1230-2-2018 Paper and board intended to come into contact with foodstuffs - Sensory analysis - Part 2 Off-flavour (taint) German version EN 1230-2 2009《用.pdf
  • DIN EN 1176-7-2008 Playground equipment and surfacing - Part 7 Guidance on installation inspection maintenance and operation English version of DIN EN 1176-7 20.pdfDIN EN 1176-7-2008 Playground equipment and surfacing - Part 7 Guidance on installation inspection maintenance and operation English version of DIN EN 1176-7 20.pdf
  • DIN EN 1176-5-2008 Playground equipment and surfacing - Part 5 Additional specific safety requirements and test methods for carousels English version of DIN EN .pdfDIN EN 1176-5-2008 Playground equipment and surfacing - Part 5 Additional specific safety requirements and test methods for carousels English version of DIN EN .pdf
  • DIN EN 1159-1-2007 Advanced technical ceramics - Ceramic composites - Thermophysical properties - Part 1 Determination of thermal expansion (includes Corrigendu.pdfDIN EN 1159-1-2007 Advanced technical ceramics - Ceramic composites - Thermophysical properties - Part 1 Determination of thermal expansion (includes Corrigendu.pdf
  • DIN EN 1093-4-2008 Safety of machinery - Evaluation of the emission of airborne hazardous substances - Part 4 Capture efficiency of an exhaust system - Tracer m.pdfDIN EN 1093-4-2008 Safety of machinery - Evaluation of the emission of airborne hazardous substances - Part 4 Capture efficiency of an exhaust system - Tracer m.pdf
    • 猜你喜欢
    相关搜索

    当前位置:首页 > 标准规范 > 国际标准 > DIN

    copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
    备案/许可证编号:苏ICP备17064731号-1