ISO/IEC JTC 1/SC 27
| Project No. | ISO/IEC TR 14516:2002 |
|---|---|
| Title | <p>Associated with the provision and operation of a Trusted Third Party (TTP) are a number of security-related issues for</p> <p>which general guidance is necessary to assist business entities, developers and providers of systems and services, etc.</p> <p>This includes guidance on issues regarding the roles, positions and relationships of TTPs and the entities using TTP</p> <p>services, the generic security requirements, who should provide what type of security, what the possible security</p> <p>solutions are, and the operational use and management of TTP service security.</p> <p>This Recommendation | Technical Report provides guidance for the use and management of TTPs, a clear definition of</p> <p>the basic duties and services provided, their description and their purpose, and the roles and liabilities of TTPs and</p> <p>entities using their services. It is intended primarily for system managers, developers, TTP operators and enterprise users</p> <p>to select those TTP services needed for particular requirements, their subsequent management, use and operational</p> <p>deployment, and the establishment of a Security Policy within a TTP. It is not intended to be used as a basis for a formal</p> <p>assessment of a TTP or a comparison of TTPs.</p> <p>This Recommendation | Technical Report identifies different major categories of TTP services including: time stamping,</p> <p>non-repudiation, key management, certificate management, and electronic notary public. Each of these major categories</p> <p>consists of several services which logically belong together.</p> |
| Registration number (WIID) | 31482 |
| Scope | <p>Associated with the provision and operation of a Trusted Third Party (TTP) are a number of security-related issues for</p> <p>which general guidance is necessary to assist business entities, developers and providers of systems and services, etc.</p> <p>This includes guidance on issues regarding the roles, positions and relationships of TTPs and the entities using TTP</p> <p>services, the generic security requirements, who should provide what type of security, what the possible security</p> <p>solutions are, and the operational use and management of TTP service security.</p> <p>This Recommendation | Technical Report provides guidance for the use and management of TTPs, a clear definition of</p> <p>the basic duties and services provided, their description and their purpose, and the roles and liabilities of TTPs and</p> <p>entities using their services. It is intended primarily for system managers, developers, TTP operators and enterprise users</p> <p>to select those TTP services needed for particular requirements, their subsequent management, use and operational</p> <p>deployment, and the establishment of a Security Policy within a TTP. It is not intended to be used as a basis for a formal</p> <p>assessment of a TTP or a comparison of TTPs.</p> <p>This Recommendation | Technical Report identifies different major categories of TTP services including: time stamping,</p> <p>non-repudiation, key management, certificate management, and electronic notary public. Each of these major categories</p> <p>consists of several services which logically belong together.</p> |
| Status | Standarts spēkā |
| ICS group | 35.040 35.030 |