BS EN 419241-1:2018

$189.07

Trustworthy Systems Supporting Server Signing – General System Security Requirements

Published By	Publication Date	Number of Pages
BSI	2018	46

Guaranteed Safe Checkout

Category: BSI

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

Description

1.1 General

This document specifies security requirements and recommendations for Trustworthy Systems Supporting Server Signing (TW4S) that generate digital signatures.

The TW4S is composed at least of one Server Signing Application (SSA) and one Signature Creation Device (SCDev) or one remote Signature Creation Device.

A remote SCDev is a SCDev extended with remote control provided by a Signature Activation Module (SAM) executed in a tamper protected environment. This module uses the Signature Activation Data (SAD), collected through a Signature Activation Protocol (SAP), in order to guarantee with a high level of confidence that the signing keys are used under sole control of the signer.

The SSA uses a SCDev or a remote SCDev in order to generate, maintain and use the signing keys under the sole control of their authorized signer. Signing key import from CAs is out of scope.

So when the SSA uses a remote SCDev, the authorized signer remotely controls the signing key with a high level of confidence.

A TW4S is intended to deliver to the signer or to some other application, a digital signature created based on the data to be signed.

This standard:

provides commonly recognized functional models of TW4S;
specifies overall requirements that apply across all of the services identified in the functional model;
specifies security requirements for each of the services identified in the TW4S;
specifies security requirements for sensitive system components which may be used by the TW4S.

This standard is technology and protocol neutral and focuses on security requirements.

1.2 Outside of the scope

The following aspects are considered outside of the scope of this document:

other trusted services that may be used alongside this service such as certificate issuance, signature validation service, time-stamping service and information preservation service;
any application or system outside of the TW4S (in particular the signature creation application including the creation of advanced signature formats);
signing key and signing certificate import from CAs;
the legal interpretation of the form of signature (e.g. electronic signature, electronic seal, qualified or otherwise).

1.3 Audience

This standard specifies security requirements that are intended to be followed by:

providers of TW4S systems;
Trust Service Providers (TSP) offering a signature creation service.

PDF Catalog

PDF Pages	PDF Title
2	undefined
9	1 Scope 1.1 General 1.2 Outside of the scope 1.3 Audience
10	2 Normative references 3 Terms and definitions
12	4 Symbols and abbreviations
13	5 Description of trustworthy systems supporting server signing 5.1 General 5.2 Signature creation and server signing objectives 5.3 Signature bound to a natural person or seal bound to a legal person 5.4 Sole control assurance levels
14	5.5 Batch server signing 5.6 Signing key and cryptographic module 5.7 Signer’s authentication 5.7.1 Electronic identification means 5.7.1.1 SCAL1 5.7.1.2 SCAL2 5.7.2 Authentication Mechanism 5.7.2.1 SCAL1 5.7.2.2 SCAL2
15	5.7.3 Authentication target 5.7.3.1 SCAL1 5.7.3.2 SCAL2 5.7.4 Delegation of authentication to an external party 5.7.4.1 General 5.7.4.2 SCAL1 5.7.4.3 SCAL2
16	5.8 Signature activation data 5.9 Signature activation protocol 5.10 Signer’s interaction component
17	5.11 Signature activation module 5.12 Environments 5.12.1 Tamper protected environment 5.12.2 TSP protected environment
18	5.12.3 Signer’s environment 5.13 Functional model 5.13.1 General 5.13.2 Scope of requirements
19	5.13.3 Signature activation mechanisms 5.13.3.1 General 5.13.3.2 Signature activation for SCAL1
20	5.13.3.3 Signature activation for SCAL2
21	5.13.4 TW4S components
22	6 Security requirements 6.1 General 6.2 General security requirements (SRG) 6.2.1 Management (SRG_M) 6.2.1.1 General 6.2.1.2 Systems and security management (SRG_M.1)
24	6.2.2 Systems and operations (SRG_SO) 6.2.2.1 Operations management (SRG_SO.1) 6.2.2.2 Time synchronization (SRG_SO.2) 6.2.3 Identification and authentication (SRG_IA) 6.2.3.1 General 6.2.3.2 Authentication for privileged and non-privileged roles other than signer (SRG_IA.1)
25	6.2.3.3 Authentication failure (SRG_IA.2) 6.2.4 System access control (SRG_SA) 6.2.4.1 General 6.2.4.2 Right management (SRG_SA.1) 6.2.5 Key management (SRG_KM) 6.2.5.1 General
26	6.2.5.2 Keys generation (SRG_KM.1)
27	6.2.5.3 Keys storage, backup and recovery (SRG_KM.2) 6.2.5.4 Key usage (SRG_KM.3) 6.2.5.5 Key distribution (SRG_KM.4) 6.2.5.6 Key renewal/update/change (SRG_KM.5) 6.2.5.7 Key archiving (SRG_KM.6)
28	6.2.5.8 Key deletion (SRG_KM.7) 6.2.6 Auditing (SRG_AA) 6.2.6.1 Audit data generation (SRG_AA.1) 6.2.6.2 Guarantees of audit data availability (SRG_AA.2)
29	6.2.6.3 Audit data parameters (SRG_AA.3) 6.2.6.4 Selectable audit review (SRG_AA.4) 6.2.6.5 Restricted audit review (SRG_AA.5) 6.2.6.6 Generation of warning (SRG_AA.6) 6.2.6.7 Guarantees of audit data integrity (SRG_AA.7) 6.2.6.8 Guarantees of audit timing (SRG_AA.8)
30	6.2.7 Archiving (SRG_AR) 6.2.7.1 Archive data generation (SRG_AR.1) 6.2.7.2 Integrity of archived data (SRG_AR.2) 6.2.8 Backup and recovery (SRG_BK) 6.2.8.1 General 6.2.8.2 Integrity and confidentiality of backup information (SRG_BK.1) 6.2.8.3 Recovery (SRG_BK.2)
31	6.3 Core components security requirements (SRC) 6.3.1 Signing key setup (SRC_SKS) – Cryptographic key (SRC_ SKS.1) 6.3.2 Signer authentication (SRC_SA) 6.3.2.1 Signer authentication for SCAL1 (SRC_SA.1)
32	6.3.2.2 Authentication failure handling (SRC_SA.2) 6.3.2.3 Signer authentication delegated to external system (SRC_SA.3) 6.3.3 Digital signature creation (SRC_DSC) – Cryptographic operation (SRC_DSC.1) 6.4 Additional security requirements for SCAL2 (SRA) 6.4.1 General 6.4.2 Signature activation protocol and signature activation data (SRA_SAP) 6.4.2.1 Threat resistance (SRA_SAP.1)
33	6.4.2.2 SAD Management (SRA_SAP.2)
34	6.4.3 Signing key management (SRA_SKM) 6.4.3.1 Signing key generation (SRA_SKM.1)
35	6.4.3.2 Signing key activation (SRA_SKM.2)
36	Annex A (normative)Requirements for electronic identification means, characteristics and design A.1 Enrolment A.1.1 Application and registration A.1.2 Identity proofing and verification (natural person)
39	A.1.3 Identity proofing and verification (legal person)
41	A.1.4 Binding between the electronic identification means of natural and legal persons
42	A.2 Electronic identification means and authentication A.2.1 Electronic identification means characteristics and design
43	A.2.2 Authentication mechanism

Additional information

Status	Confirmed
Pages	46
Publication Date	2018-07-16
ISBN	978 0 580 95733 8
Standard Number	BS EN 419241-1:2018
Title	Trustworthy Systems Supporting Server Signing – General System Security Requirements
Identical National Standard Of	EN 419241-1:2018
Replaces	PD CEN/TS 419241:2014
Descriptors	Algorithms, Data security, Cryptography, Data processing, Computer terminals, Data storage protection, Electronic signatures, Information exchange, Certification (approval)
Publisher	BSI
Committee	IST/17
ICS Codes	35.030 - IT Security

Preview PDF


PDF Format	Searchable	Printable	Preview Now

BS EN 419241-1:2018

PDF Catalog

Related products