【英文标准名称】:Banking-Keymanagement(retail)-Part1:Principles
【原文标准名称】:银行业务.密钥管理(零售).第1部分:原则
【标准号】:ISO11568-1-2005
【标准状态】:现行
【国别】:国际
【发布日期】:2005-06
【实施或试行日期】:
【发布单位】:国际标准化组织(IX-ISO)
【起草单位】:ISO/TC68
【标准类型】:()
【标准水平】:()
【中文主题词】:编码;编码;办公室管理;ID卡;校验;识别卡;IC编码;信用卡;密码的;钥匙;数据存储;办公装置;财务管理;零售商业;密码;数据保护;磁记录;机读资料;信息技术;算法;编码号;银行业务;数据安全;管理;银行文件;卡片;数据处理;定义
【英文主题词】:Algorithms;Authentication;Bankoperations;Bankingdocuments;Cards;Ciphers;Codenumbers;Coding;Creditcards;Cryptographic;Dataprocessing;Dataprotection;Datasecurity;Datastorage;Definition;Definitions;Encoding;Financialmanagement;ICCodes;IDcards;Identificationcards;Informationtechnology;Keys;Machine-readablematerials;Magneticrecording;Management;Officemanagement;Officesystem;Retailtrade
【摘要】:ThispartofISO11568specifiestheprinciplesforthemanagementofkeysusedincryptosystemsimplementedwithintheretailbankingenvironment.Theretailbankingenvironmentincludestheinterfacebetween—acardacceptingdeviceandanacquirer,—anacquirerandacardissuer,—anICCandacard-acceptingdevice.AnexampleofthisenvironmentisdescribedinAnnexB,andthreatsassociatedwiththeimplementationofthispartofISO11568intheretailbankingenvironmentareelaboratedinAnnexC.ThispartofISO11568isapplicablebothtothekeysofsymmetricciphersystems,wherebothoriginatorandrecipientusethesamesecretkey(s),andtotheprivateandpublickeysofasymmetriccryptosystems,unlessotherwisestated.TheprocedurefortheapprovalofcryptographicalgorithmsusedforkeymanagementisspecifiedinAnnexA.Theuseofciphersofteninvolvescontrolinformationotherthankeys,e.g.initializationvectorsandkeyidentifiers.Thisotherinformationiscollectivelycalled"keyingmaterial".AlthoughthispartofISO11568specificallyaddressesthemanagementofkeys,theprinciples,services,andtechniquesapplicabletokeysmayalsobeapplicabletokeyingmaterial.ThispartofISO11568isappropriateforusebyfinancialinstitutionsandotherorganizationsengagedintheareaofretailfinancialservices,wheretheinterchangeofinformationrequiresconfidentiality,integrity,orauthentication.RetailfinancialservicesincludebutarenotlimitedtosuchprocessesasPOSdebitandcreditauthorizations,automateddispensingmachineandATMtransactions,etc.ISO9564andISO16609specifytheuseofcryptographicoperationswithinretailfinancialtransactionsforpersonalidentificationnumber(PIN)enciphermentandmessageauthentication,respectively.TheISO11568seriesofstandardsisapplicabletothemanagementofthekeysintroducedbythosestandards.Additionally,thekeymanagementproceduresmaythemselvesrequiretheintroductionoffurtherkeys,e.g.keyenciphermentkeys.Thekeymanagementproceduresareequallyapplicabletothosekeys.
【中国标准分类号】:A11
【国际标准分类号】:35_240_40
【页数】:16P.;A4
【正文语种】:英语