ISO 11568-1:2005 pdf download

01-15-2021 comment

ISO 11568-1:2005 pdf download.Banking — Key management (retail) — Part 1: Principles.
ISO 11568-1:2005 specifies the principles for the management of keys used in cryptosystems implemented within the retail-banking environment. The retail-banking environment includes the interface between a card accepting device and an acquirer, an acquirer and a card issuer, an ICC and a card-accepting device.
ISO 11568-1:2005 is applicable both to the keys of symmetric cipher systems, where both originator and recipient use the same secret key(s), and to the private and public keys of asymmetric cryptosystems, unless otherwise stated. The procedure for the approval of cryptographic algorithms used for key management is specified.
The ISO 11568 series of International Standards describes procedures for the secure management of the cryptographic keys used to protect the confidentiality, integrity and authenticity of data in a retail banking environment, for instance, messages between an acquirer and a card acceptor, or an acquirer and a card issuer.
Whereas key management in a wholesale banking environment is characterized by the exchange of keys in a relatively high-security environment, this part of ISO 11568 addresses the key management requirements that are applicable in the accessible domain of retail banking services. Typical of such services are point-of- sale/point-of-service (POS) debit and credit authorizations and automated teller machine (ATM) transactions.
Key management is the process whereby cryptographic keys are provided for use between authorized communicating parties and those keys continue to be subject to secure procedures until they have been destroyed. The security of the data is dependent upon the prevention of disclosure and unauthorized modification, substitution, insertion, or termination of keys. Thus, key management is concerned with the generation, storage, distribution, use, and destruction procedures for keys. Also, by the formalization of such procedures, provision is made for audit trails to be established.
This part of ISO 11568 does not provide a means to distinguish between parties who share common keys. The final details of the key management procedures need to be agreed upon between the communicating parties concerned and will thus remain the responsibility of the communicating parties. One aspect of the details to be agreed upon will be the identity and duties of particular individuals. ISO 11568 does not concern itself with allocation of individual responsibilities; this needs to be considered for each key management implementation.
4 Aspects of key management
4.1 Purpose of security
Messages and transactions in a retail banking system contain both cardholder sensitive data and related financial information. The use of cryptography to protect this data reduces the risk of financial loss by fraud, maintains the integrity and confidentiality of the systems, and instils user confidence in business provider/retailer relationships. To this end, system security shall be incorporated into the total system design. The maintenance of security and system procedures over the keys in such systems is called key management.
4.2 Level of security
The level of security to be achieved needs to be related to a number of factors, including the sensitivity of the data concerned and the likelihood that it will be intercepted; the practicality of any envisaged encipherment process; and the cost of providing (and breaking) a particular means of security. It is therefore necessary for communicating parties to agree on the key management procedures and extent and detail of security as specified in ISO 13491 (all parts).ISO 11568-1:2005 pdf download.

Download infomation Go to download
PS: Due to copyright issues, all IEC documents cannot be downloaded.All contents are for personal learning only. Please delete them within 24 hours after downloading
ISO 7194:2008 pdf download ISO Standards

ISO 7194:2008 pdf download

ISO 7194:2008 pdf download.Measurement of fluid flow in closed conduits — Velocity-area methods of flow measurement in swirling or asymmetric flow conditions in circular ducts by means of current-meters or Pitot static tubes. Introduction In order to...
Download Now
ISO/TR 211:1999 pdf download ISO Standards

ISO/TR 211:1999 pdf download

ISO/TR 211:1999 pdf download.Essential oils — General rules for labelling and marking of containers. 1 Scope This Technical Report specifies the general rules for labelling and marking of containers for essential oils to enable identification of the...
Download Now
ISO/TR 8857:1986 pdf download ISO Standards

ISO/TR 8857:1986 pdf download

ISO/TR 8857:1986 pdf download.Road vehicles — Flashers — Functional allocation of terminals. Introduction Subcommittee ISO/TC 22/SC 3, Electrical connections, has studied the functional allocation of flasher terminals since 1971. In spite of efforts, and because of the...
Download Now

LEAVE A REPLY

Anonymous netizen Fill in information