Publication
Aperçu partiel gratuit
Prix
Langue
CEN/TS 419241:2014
Edition
03/2014
Exigences de sécurité pour des systèmes fiables de serveur de signature électronique
A l'heure actuelle pas de version électronique de cette norme en ligne pour l'édition linguistique: DE, FR.
N'hésitez pas à contacter normalisation@ilnas.etat.lu
Exigences de sécurité pour des systèmes fiables de serveur de signature électronique
A l'heure actuelle pas de version électronique de cette norme en ligne pour l'édition linguistique: DE, FR.
N'hésitez pas à contacter normalisation@ilnas.etat.lu
- € 33.4 / exemplaire
Résumé
1.1 General
This document specifies security requirements and recommendations for Trustworthy System Supporting Server Signing (TW4S) that generate advanced electronic signatures as defined in Directive 1999/93/EC. This document may also be applied to electronic signatures complying to Article 5(1) of Directive 1999/93/EC employing a Secure Signature Creation Device (SSCD) compliant with Annex III and supported by a qualified electronic signature.
The Server Signing Application (SSA) runs on a networked server supporting one or more signatories to remotely sign electronic documents using centralized signature keys held on the signing server under sole control of the signatory.
An SSA is intended to deliver to the user or to some other application process in a form specified by the user, an Advanced- or where applicable a Qualified - Electronic Signature associated with a Signer's Document as a Signed Data Object.
This document:
- provides commonly recognized functional models of TW4S;
- specifies overall requirements that apply across all of the services identified in the functional model;
- specifies security requirements for each of the services identified in the SSA.
- specifies security requirements for sensitive system components which may be used by the SSA (e.g. Signature Creation Device (SCDev)).
This document does not specify technologies and protocols, but rather identifies requirements on the security on technologies to be employed.
1.2 Out of scope
The following aspects are considered to be out of scope:
- other trusted services that may be used alongside this service such as signature validation service, time-stamping service and information preservation service,
- any application or system outside of the SSA,
- the legal interpretation of any form of signature (e.g. the implications of countersignatures, of multiple signatures and of signatures covering complex information structures containing other signatures).
1.3 Audience
This document specifies security requirements that are intended to be followed by:
- providers of SSA systems.
- Trust Service Providers (TSP) offering signature generation service.
Statut
| Standard - Remplacé |
Origine
| Comité technique : |
| CEN/TC 224 : Identification personnelle, signature électronique, cartes et leurs systèmes et fonctionnements associés |
Mise en application
| début du vote sur le projet | date de ratification (dor) | 14/10/2013 | ||||
| fin du vote sur le projet | date d'annonce (doa) | 30/06/2014 | ||||
| début du vote sur le projet final | 13/06/2013 | date de publication (dop) | ||||
| fin du vote sur le projet final | 13/09/2013 | date de retrait (dow) |
|
Publication au Journal officiel
du Grand-Duché de Luxembourg |
06/05/2014 |
| Référence |
Relations
| Evolutions |
| ILNAS-EN 419241-1:2018 |
Classification internationale pour les normes (codes ICS) :
| 35.240.99 : IT applications in other fields |
