ISO 21188-2006 金融业务的公开密钥基础结构.实施规程和政策框架

sigh007

                   【英文标准名称】:     Public key infrastructure for financial services - Practices and policy framework            【原文标准名称】:     金融业务的公开密钥基础结构.实施规程和政策框架            【标准号】:     ISO 21188-2006            【标准状态】:     现行            【国别】:     国际            【发布日期】:     2006-05    【实施或试行日期】: 【发布单位】: 国际标准化组织(IX-ISO)【起草单位】: ISO/TC 68【标准类型】: ()【标准水平】: ()【中文主题词】: 校验;银行业务;银行文件;银行;合格证书;检验;代码;编码;数据元;数据交换;数据处理;数据保护;数据安全;定义;数字信号;电子信号;金融业务;财务交易;执行;信息交换;基础结构;公共的;监督(认可)【英文主题词】: Authentication;Bank operations;Banking documents;Banks;Certificates;Checks;Codes;Coding;Data elements;Data exchange;Data processing;Data protection;Data security;Definitions;Digital signature;Electronic signatures;Financial services;Financial transactions;Implementation;Information interchange;Infrastructureublic;Surveillance (approval)【摘要】: This International Standard sets out a framework of requirements to manage a PKI through certificate policies and certification practice statements and to enable the use of public key certificates in the financial services industry. It also defines control objectives and supporting procedures to manage risks.This International Standard draws a distinction between PKI systems used in open, closed and contractual environments. It further defines the operational practices relative to financial services industry accepted information systems control objectives. This International Standard is intended to help implementers to define PKI practices that can support multiple certificate policies that include the use of digital signature, remote authentication and data encryption.This International Standard facilitates the implementation of operational, baseline PKI control practices that satisfy the requirements for the financial services industry in a contractual environment. While the focus of this International Standard is on the contractual environment, application of this document to other environments is not specifically precluded. For the purposes of this document, the term “certificate” refers to public key certificates. Attribute certificates are outside the scope of this International Standard.This International Standard is targeted for several audiences having dissimilar needs and therefore the use of this document will have a different focus for each.Business Managers and Analysts are those who require information regarding using PKI technology in their evolving businesses (e.g., electronic commerce) and should focus on Clauses 1 to 6.Technical Designers and Implementers are those who are writing their certificate policy(ies) and certification practice statement(s) and should focus on Clauses 6 to 8 and Annexes A to F.Operational Management and Auditors are those who are responsible for day-to-day operations of the PKI and validating compliance to this document and should focus on Clauses 6 to 8.【中国标准分类号】: A11【国际标准分类号】: 35_240_40【页数】: 107P;A4【正文语种】: 英语