1、 ETSI TR 102 206 V1.1.3 (2003-08)Technical Report Mobile Commerce (M-COMM);Mobile Signature Service;Security FrameworkETSI ETSI TR 102 206 V1.1.3 (2003-08) 2 Reference DTR/M-COMM-005 Keywords commerce, electronic signature, M-commerce, mobile, security, service ETSI 650 Route des Lucioles F-06921 So
2、phia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice Individual copies of the present document can be downloaded from: http:/www.etsi.org
3、The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case of dispute, the reference shall be the printing on ETSI
4、printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http:/portal.etsi.o
5、rg/tb/status/status.asp If you find errors in the present document, send your comment to: editoretsi.org Copyright Notification No part may be reproduced except as authorized by written permission. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunic
6、ations Standards Institute 2003. All rights reserved. DECTTM, PLUGTESTSTM and UMTSTM are Trade Marks of ETSI registered for the benefit of its Members. TIPHONTMand the TIPHON logo are Trade Marks currently being registered by ETSI for the benefit of its Members. 3GPPTM is a Trade Mark of ETSI regist
7、ered for the benefit of its Members and of the 3GPP Organizational Partners. ETSI ETSI TR 102 206 V1.1.3 (2003-08) 3 Contents Intellectual Property Rights5 Foreword.5 Introduction 5 1 Scope 7 2 References 7 3 Definitions and abbreviations.8 3.1 Definitions8 3.2 Abbreviations .10 4 Introduction to mo
8、bile signature 11 4.1 Overview 11 4.1.1 Mobile signature .11 4.1.2 Using mobile signature .12 4.1.3 Mobile signature service.12 4.2 Notation13 4.3 XML Schema declaration.13 5 General security analysis14 5.1 Architecture14 5.3 European Directive for electronic signatures .14 5.3 Identification of a M
9、obile Signature Environment (MSE) .17 5.4 Operation of the MSA 18 6 Security requirements for a Mobile Signature Creation System (MSCS)21 6.1 Overall security requirements of the MSCS.22 6.1.1 Requirements of the DTBS.22 6.1.2 Trusted channel requirements .22 6.1.3 Requirements resulting from un-tru
10、sted processes and communication ports23 6.1.4 Input control23 6.2 Mobile Signature Creation Application (MSCA).23 6.2.1 Signers Document Presentation component (SDP)23 6.2.2 Signature Attribute Viewer (SAV) .24 6.2.3 Signer Interaction Component (SIC) 24 6.2.4 Signers Authentication Component (SAC)
11、 24 6.2.5 MSCD/MSCA Communicator (DAC)25 6.2.6 MSSP/MSCA Communicator (PAC) .25 6.3 Mobile Signature Service Provider (MSSP).25 6.3.1 Data To Be Signed Verifier (DTBSV)26 6.3.2 Data To Be Signed Formatter (DTBSF) .26 6.3.3 Data Hashing Component (DHC).27 6.3.4 Signed Data Object Composer (SDOC)27 6.
12、3.5 CSP Interaction Component (CSPC) 27 6.3.6 Signature Logging Component (SLC) 27 6.3.7 MSSP/MSCA Communicator (PAC) .27 6.3.8 MSSP/AP Communicator (MAC) 28 6.4 Mobile Signature Creation Device (MSCD) 28 6.4.1 Overall security requirements for the MSCD .28 6.4.2 User Authentication Component (UAC).
13、29 6.4.3 Signature Creation Component (SCC)29 7 Mobile signature profile .30 7.1 Rationales.30 7.2 Framework .30 7.3 XML Schema .32 7.3.1 URIs34 ETSI ETSI TR 102 206 V1.1.3 (2003-08) 4 7.3.1.1 MSCS34 7.3.1.2 MSCA .34 7.3.1.3 MSSP 34 7.3.1.4 MSCD .34 7.3.2 Example 1 .34 7.3.3 Example 2 .35 Annex A: B
14、ibliography36 History 37 ETSI ETSI TR 102 206 V1.1.3 (2003-08) 5 Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-mem
15、bers, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (http:/webapp.etsi.org/IPR/home
16、.asp). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the
17、present document. Foreword This Technical Report (TR) has been produced by ETSI Project M-Commerce (M-COMM). Introduction Citizens around the world are making use increasingly of electronic communications facilities in their daily lives. This often involves interactions between parties who have neve
18、r previously met - or may never meet - and for whom no pre-established relationship exists. Consequently, communications networks of all kinds are being exploited in new ways to conduct business, to facilitate remote working and to create other virtual shared environments. Consumers, businesses and
19、government departments alike benefit in various ways. For the European Union (EU), electronic commerce presents an excellent opportunity to advance its programmes for economic integration. But, such an approach requires an appropriate security mechanism to allow completion of remote interactions bet
20、ween parties with confidence. To this end, the European Parliament and Council Directive on Electronic Signatures (1999/93/EC 12) was published on December 13th, 1999. The definition of electronic signature contained in article 2 of the directive facilitated the recognition of data in electronic for
21、m in the same manner as a hand-written signature satisfies those requirements for paper-based data. Since electronic signatures can only be as good as the technology and processes used to create them, “standardization“ activities such as those in Europe by ETSI and CEN within the EESSI framework aim
22、 to ensure that a common level of confidence and acceptance can be recognized. The result will be a powerful enabling facility for electronic commerce and, more generally, for completion of transactions of any kind. In the context of the EU Directive, the present document focuses on electronic signa
23、tures created by cryptographic means in a “secure signature creation device“. As at June 2003, security provisions for signature creation and verification systems are such that parties wishing to provide a signature require special equipment. Typically, this involves a smartcard and a card reader wi
24、th sufficient processing power and display capabilities to present full details of the transaction to be “signed“. For consumer markets, however, it is doubtful whether individual citizens will want to invest in such equipment, which for the most part may remain connected to (or inserted into) perso
25、nal computer equipment located in the home. An alternative approach is to capitalize on the fact that many citizens already possess a device which contains a smartcard and which itself is effectively a personal card reader- their mobile phone. In some European countries, mobile penetration rates are
26、 approaching 80 % of the population. As one of the most widely-owned electronic devices, the mobile phone represents the natural choice for implementation of a socially-inclusive, electronic signature solution for the majority of citizens. Electronic signatures created in this way have become known
27、as “Mobile Signatures“ and a number of initiatives are already underway to evaluate the feasibility of such an approach. Only a small number of these have so far been implemented commercially and none have yet been extended to a mass-market scale. Many of those engaged in such activity cite interope
28、rability issues as a restraining factor, requiring standardization to avoid market fragmentation. ETSI ETSI TR 102 206 V1.1.3 (2003-08) 6 The concept of a “Mobile Signature“ is attractive because it leverages existing commercial models, network infrastructure, mobile device technology (including the
29、 SIM-infrastructure) and customer relationships managed by GSM mobile network operators. This offers the prospect that the concept could be adopted by around one billion mobile phone users in 179 countries, world-wide. Extension of the concept to other mobile network technologies is also possible. A
30、doption of mobile signature might also assist in the fight against international crimes, such as money laundering. In this case, the opportunity provided by mobile signature to identify the citizens who are party to a transaction is attractive, subject to provisions concerning Data Protection, Priva
31、cy and Legal Interception (as applied to data services). Acceptance of the concept universally now requires “standardization“ of a common service methodology, where signature requests/responses can be issued/received in a standard format - irrespective of mobile device characteristics. To this end,
32、the European Commission allocated funds to ETSI to establish a Specialist Task Force (STF-221) to produce a set of deliverables on mobile signature service. It is envisaged that mobile signature services will play a pivotal role in reaching an appropriate level of confidence, acceptance and interope
33、rability to support implementation of the European Directive on Electronic Signature - particularly for consumer (mass) markets. The present document focuses on those technologies able to realize a mobile signature the equivalent of an “enhanced electronic signature“ as defined by the European Direc
34、tive. The mobile signature service is considered suitable for the administration and management of all aspects relating to: Advising and guiding citizens about the use of mobile signature. Acquiring mobile signature capability. Managing citizen identity (including data protection and individual priv
35、acy). Processing of signature requests from application providers (and providing responses). Maintaining signature transaction records for the citizen. Managing all aspects of signature lifecycle (e.g. validity, expiry). Supporting service administration and maintenance activities. The definition of
36、 the Mobile Signature Service comprises the following report and specifications: TR 102 203 18: “Mobile Commerce (M-COMM); Mobile Signatures; Business and Functional Requirements“. TS 102 204 26: “Mobile Signature Service; Web Service Interface“. TR 102 206 (the present document): “Mobile Signature
37、Service; Security Framework“. TS 102 207 27: “Mobile Signature Service; Specifications for Roaming in Mobile Signature Services“. Together, the TR and the TSs allow the design and implementation of interoperable mobile signature solutions. ETSI ETSI TR 102 206 V1.1.3 (2003-08) 7 1 Scope The Mobile S
38、ignature Service is a service provided by a Mobile Signature Service Provider (MSSP) to a Signer and an Application Provider (AP). Because a Mobile Signature is a “universal method for using a mobile device to confirm the intention of a citizen to proceed with a transaction“ (see TR 102 203 18), the
39、 Mobile Signature Service becomes a crucial security element within the architecture of the Application Provider itself. In the case of transactions (e.g. financial) that rely on a Mobile Signature, the issue of liability may be raised. Both parties, i.e. the enduser and the Application Provider are
40、 willing to protect themselves from fraudulent behaviours between each other, or even from hackers, thanks to the Mobile Signature. Without a wide and common understanding of the security considerations for Mobile Signatures by all parties (e.g. the Signer, the Application Provider etc.), it will be
41、 quite difficult for MSSPs to build commercial agreements with those parties. In this respect, it is essential for all the stakeholders to identify the level of security, a MSSP may, should, or must provide. This is the purpose of the present document. The concept of Mobile Signatures has also to be
42、 linked with the current work of EESSI on electronic signatures taking into account the specificities of the mobile environment. TR 102 203 18 explain that a Mobile Signature is an electronic signature that goes mobile. The present document clarifies the meaning of this sentence in the context of th
43、e security requirements of the European Directive. 2 References For the purposes of this Technical Report (TR) the following references apply: 1 CWA 14167-1 (2001): “Security Requirements for Trustworthy Systems Managing Certificates for Electronic Signatures - Part 1: System Security Requirements“.
44、 2 CWA 14167-2 (2002): “Security Requirements for Trustworthy Systems Managing Certificates for Electronic Signatures - Part 2 Cryptographic Module for CSP Signing Operations - Protection Profile (MCSO-PP)“. 3 CWA 14169 (2002): “Secure Signature-Creation Devices, version EAL 4+“. 4 CWA 14170 (2001):
45、 “Security Requirements for Signature Creation Systems“. 5 CWA 14171 (2001): “Procedures for Electronic Signature Verification“. 6 CWA 14172-1 (2001): “EESSI Conformity Assessment Guidance - Part:1: General“. 7 CWA 14172-2 (2001): “EESSI Conformity Assessment Guidance - Part 2: Certification Authori
46、ty services and processes“. 8 CWA 14172-3 (2001): “EESSI Conformity Assessment Guidance - Part 3: Trustworthy systems managing certificates for electronic signatures“. 9 CWA 14172-4 (2001): “EESSI Conformity Assessment Guidance - Part 4: Signature Creation Applications and Procedures for Electronic
47、Signature Verification“. 10 CWA 14172-5 (2001): “EESSI Conformity Assessment Guidance - Part 5: Secure signature creation devices“. 11 CWA 14355 (2002): “Guidelines for the implementation of Secure Signature-Creation Devices“. 12 Directive 1999/93/EC of the European Parliament and of the Council of
48、13 December 1999 on a Community framework for electronic signatures 13 RSA PKCS#1 (1999): “RSA Encryption Standard“. 14 RSA PKCS#7 (1993): “Cryptographic Message Syntax Standard“. 15 IETF RFC 2119: “Key words for use in RFCs to Indicate Requirement Levels“. ETSI ETSI TR 102 206 V1.1.3 (2003-08) 8 16
49、 IETF RFC 3275: “(Extensible Markup Language) XML-Signature Syntax and Processing“. 17 ETSI SR 002 176: “Electronic Signatures and Infrastructures (ESI); Algorithms and Parameters for Secure Electronic Signatures“. 18 ETSI TR 102 203: “Mobile Commerce (M-COMM); Mobile Signatures; Business and Functional Requirements“. 19 ETSI TS 101 456: “Policy requirements for certification authorities issuing qualified certificates“. 20 ETSI TS 101 733: “Electronic Signatures and Infrastructures (ESI
