1、 ETSI TS 119 101 V1.1.1 (2016-03) Electronic Signatures and Infrastructures (ESI); Policy and security requirements for applications for signature creation and signature validation TECHNICAL SPECIFICATION ETSI ETSI TS 119 101 V1.1.1 (2016-03)2 Reference DTS/ESI-0019101 Keywords e-commerce, electroni
2、c signature, security, trust services ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The prese
3、nt document can be downloaded from: http:/www.etsi.org/standards-search The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI
4、. In case of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that th
5、e document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at https:/portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the following services: ht
6、tps:/portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not
7、be modified without the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2016. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for the b
8、enefit of its Members. 3GPPTM and LTE are Trade Marks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TS 119 101 V1.1.1 (2016-03)3 Contents Intellectual Property Rig
9、hts 5g3Foreword . 5g3Modal verbs terminology 5g3Introduction 5g31 Scope 6g32 References 6g32.1 Normative references . 6g32.2 Informative references 7g33 Definitions and abbreviations . 8g33.1 Definitions 8g33.2 Abbreviations . 10g34 Signature creation/validation/augmentation model 10g35 General requ
10、irements . 13g35.1 User interface . 13g35.2 General security measures 14g35.3 System completeness requirements 15g36 Legal driven policy requirements . 15g36.1 Introduction 15g36.2 Processing of personal data 15g36.3 Accessibility for persons with disabilities 16g37 Information security (management
11、system) requirements . 16g37.1 Introduction 16g37.2 Network protection . 16g37.3 Information systems protection 16g37.4 Software integrity of the application 17g37.5 Data storage security 17g37.6 Event logs . 18g38 Signature creation, validation and augmentation processing requirements 18g38.1 Signa
12、ture creation process and systems 18g38.1.1 General 18g38.1.2 Main functionalities requirements 18g38.1.3 Data content type requirements 19g38.1.4 Signature attribute requirements . 21g38.1.5 Time and sequence 23g38.1.6 Signature invocation requirements . 23g38.1.7 Cryptographic algorithm choice . 2
13、4g38.1.8 Signers authentication requirements 25g38.1.8.1 General requirements 25g38.1.8.2 Requirements for biometric authentication methods . 26g38.1.9 DTBS preparation requirements . 27g38.1.10 DTBSR preparation 27g38.1.11 Signature creation device 27g38.1.12 SCDev/SCA interface (SSI) requirements
14、28g38.1.13 Bulk signing requirements 28g38.2 Signature validation process . 28g38.2.1 Introduction. 28g38.2.2 Main functionalities requirements 29g38.2.3 Validation process rules 29g38.2.4 Validation policy 30g38.2.5 Validation user interface . 30g38.2.6 Validation inputs and outputs . 31g38.3 Signa
15、ture augmentation process . 32g3ETSI ETSI TS 119 101 V1.1.1 (2016-03)4 8.3.1 Introduction. 32g38.3.2 The three use cases . 32g38.3.2.1 Signature augmentation process used by a SCA . 32g38.3.2.2 Signature augmentation process used by a SVA . 32g38.3.2.3 Independent signature augmentation process 32g3
16、8.3.3 Main functionalities requirements 33g38.3.4 Augmentation procedures . 33g38.3.5 Data inclusion . 33g38.3.6 Validation of the input signature to the augmentation process . 33g39 Development and coding policy requirements . 34g39.1 Secure development methods and application security 34g39.2 Test
17、ing conformance requirements 34g310 Signature application practice statement 35g3Annex A (normative): Table of content for signature application practice statement 37g3A.0 The right to copy 37g3A.1 Introduction 37g3A.1.1 Overview 37g3A.1.2 Business or application domain 37g3A.1.2.1 Scope and boundar
18、ies of SAPS . 37g3A.1.2.2 Domain of applications . 37g3A.1.2.3 Transactional context 37g3A.1.3 SAPS distribution points 37g3A.1.4 SAPS issuer 38g3A.1.5 SAPS administration 38g3A.1.5.1 Organization administering the document 38g3A.1.5.2 Contact person 38g3A.1.6 Definitions and acronyms . 38g3A.2 Sign
19、ature creation/augmentation/validation application practice statements . 38g3A.2.1 General requirements . 38g3A.2.2 Legal driven policy requirements . 39g3A.2.3 Information security (management system) requirements 39g3A.2.4 Signature creation, signature validation and signature augmentation process
20、es requirements . 39g3A.2.5 Development and coding policy requirements . 40g3Annex B (informative): Bibliography . 41g3History 42g3ETSI ETSI TS 119 101 V1.1.1 (2016-03)5 Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The i
21、nformation pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from
22、the ETSI Secretariat. Latest updates are available on the ETSI Web server (https:/ipr.etsi.org/). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or
23、 the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Technical Specification (TS) has been produced by ETSI Technical Committee Electronic Signatures and Infrastructures (ESI). Modal verbs terminology In the present document “shal
24、l“, “shall not“, “should“, “should not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“ and “must not“ are NOT allowed in ETSI deliverables except when used
25、in direct citation. Introduction Several aspects are important to ensure trust in digital signatures. Their successful implementation in electronic processes requires standards for related services, processes, systems and products as well as guidance for conformity assessment of such services, proce
26、sses, systems and products. NOTE 1: Regulation (EU) No 910/2014 i.1 defines the terms electronic signature, advanced electronic signature, qualified electronic signature, electronic seal, advanced electronic seal and qualified electronic seal. These electronic signatures and seals can be created usi
27、ng digital signature technology. NOTE 2: When not stated otherwise in the present document, “signature“ denotes “digital signature“. The different players and the environment of the signature creation, validation and augmentation follow rules to allow them to be trusted. The present document concent
28、rates on policy and security requirements to consider when creating, validating and augmenting signature in a trustworthy manner, in particular within the context of applications for signature creation, signature validation and signature augmentation. ETSI ETSI TS 119 101 V1.1.1 (2016-03)6 1 Scope T
29、he present document provides general security and policy requirements for applications for signature creation, validation and augmentation. The present document is primarily relevant to the following actors: Implementers and providers of applications for signature creation, signature validation and/
30、or signature augmentation, who need to ensure that relevant requirements are covered. Actors that integrate applications for signature creation, signature validation and/or signature augmentation components with business process software (or use standalone software), who want to ensure proper functi
31、oning of the overall signature creation/validation/augmentation process and that the signature creation/validation is done in a sufficiently secure environment. The present document is applicable to these actors, and their evaluators (for a self-evaluation or an evaluation by a third party) to have
32、a list of criteria against which to check the implementation. The requirements cover applications for signature creation, signature validation and/or signature augmentation, i.e. the implementation and provision of the Signature Creation/Validation/Augmentation Application modules (SCA/SVA/SAA), the
33、 driving application (DA), the communication between the SCA and the signature creation device (SCDev) and the environment in which the SCA/SVA/SAA is used. It also specifies user interface requirements, while the user interface can be part of the SCA/SVA/SAA or of the DA which calls the SCA/SVA/SAA
34、. Any entity using SCA/SVA/SAA components in its business process acts as driving application. The document covers: Legal driven policy requirements. Information security (management system) requirements. Signature creation, signature validation and signature augmentation processes requirements. Dev
35、elopment and coding policy requirements. General requirements. Protection Profiles (PP) for signature creation applications and signature validation applications are out of scope and are defined in the CEN standard “Protection Profiles for Signature Creation The framework for standardization of sign
36、atures; Definitions and abbreviations“. i.8 ETSI TS 119 102 (all parts): “Electronic Signatures and Infrastructures (ESI); Procedures for Creation and Validation of AdES Digital Signatures“. i.9 CEN EN 419 111: “ Protection Profiles for Signature Creation CAdES digital signatures“. i.11 ETSI EN 319
37、132 (all parts): “Electronic Signatures and Infrastructures (ESI); XAdES digital signatures“. i.12 ETSI EN 319 142 (all parts): “Electronic Signatures and Infrastructures (ESI); PAdES digital signatures“. i.13 ETSI EN 319 162 (all parts): “Electronic Signatures and Infrastructures (ESI); Associated
38、Signature Containers (ASiC)“. i.14 ETSI TS 119 172 (all parts): “Electronic Signatures and Infrastructures (ESI); Signature Policies“. i.15 ETSI TS 119 104 (all parts): “Electronic Signatures and Infrastructures (ESI); General requirements on Testing Conformance and Interoperability of Signature Cre
39、ation and Validation“. i.16 ETSI TS 119 124 (all parts): “Electronic Signatures and Infrastructures (ESI); CAdES digital signatures Testing Conformance and Interoperability“. i.17 ETSI TS 119 134 (all parts): “Electronic Signatures and Infrastructures (ESI); XML Advanced Electronic Signature (XAdES)
40、 Testing Compliance PDF Advanced Electronic Signature (PAdES) Testing Compliance Associated Signature Containers (ASiC) Testing Compliance Testing Conformance and Interoperability of Signature Policies“. i.21 CEN EN 419 241: “Security requirements for trustworthy systems supporting server signing“.
41、i.22 ETSI TS 119 431: “Electronic Signatures and Infrastructures (ESI); Policy and security requirements for trust service providers providing AdES digital signature generation services“. NOTE: At the time of publishing of the present document, this document is not yet published. i.23 ETSI TS 119 44
42、1: “Electronic Signatures and Infrastructures (ESI); Policy and security requirements for trust service providers providing AdES digital signature validation services“. NOTE: At the time of publishing of the present document this document is not yet published. i.24 ETSI EN 319 401: “Electronic Signa
43、tures and Infrastructures (ESI); General Policy Requirements for Trust Service Providers“. i.25 ETSI TS 119 312: “Electronic Signatures and Infrastructures (ESI); Cryptographic Suites“. i.26 ETSI EN 319 412-5: “ Electronic Signatures and Infrastructures (ESI); Certificate Profiles; Part 5: QCStateme
44、nts“. i.27 ETSI EN 301 549: “Accessibility requirements suitable for public procurement of ICT products and services in Europe“. 3 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the terms and definitions given in ETSI TR 119 001 i.7 and the following apply: N
45、OTE: For the sake of readability, the following definitions are reproduced here below. advanced electronic seal: As defined in Regulation (EU) No 910/2014 i.1. advanced electronic signature: As defined in Regulation (EU) No 910/2014 i.1. certificate: public key of an entity, together with some other
46、 information, rendered unforgeable by digital signature with the private key of the certification authority which issued it certificate validation: process of verifying and confirming that a certificate is valid data to be signed formatted: data created from the data to be signed objects by formatti
47、ng them and placing them in the correct sequence for the computation of the data to be signed representation data to be signed representation: hash of the data to be signed formatted, which is used to compute the digital signature value digital signature: data appended to, or a cryptographic transfo
48、rmation of a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery e.g. by the recipient. digital signature value: result of the cryptographic transformation of a data unit that allows a recipient of the data unit to prove t
49、he source and integrity of the data unit and protect against forgery e.g. by the recipient driving application: application that uses a signature creation system to create a signature or a signature validation application in order to validate digital signatures or a signature augmentation application to augment digital signatures personal data: any information relating to an identified or identifiable natural person (data subject) ETSI ETSI TS 119 101 V1.1.1 (2016-03)9 signature application practice statement: set of rul
