Internet Content and communications filtering software and services

The objective of this Technical Specification is to define a set of criteria on how Web filters shall perform and that shall give Internet users more confidence in choosing a suitable product or service in order to help protecting children online.
NOTE   A product is a software system that is installed by its administrator or its provider. A service is provided without specific installation by the administrator, but by direct provision of the customer by the provider. An example of a product is a software system installed on a personal computer, and an example of a service is an Internet connection filter provided by an Internet Service Provider and added on the Internet access service.
By using a Web filter that complies with the requirements set out in this Technical Specification, a user can be confident that the product or service:
a)   has been specifically designed to meet the needs of parents and carers (administrators of the filter) to protect children from potentially harmful URLs on the Internet;
b)   has been specifically targeted to minors, and is also suited for individuals looking to protect themselves from potentially harmful URLs on the Internet;
c)   delivers a minimum set of features and efficacy that are sufficient to provide the required level of protection;
d)   comes with clear and comprehensive documentation, installation and implementation instructions and available support;
e)   is reasonably secure, i.e. adopts proven measures to prevent bypassing or removal of the filter itself.
This Technical Specification does not cover the following technologies:
f)   any kind of email filtering, including: antispam filtering, antivirus analysis of emails and attachments, anthiphishing filtering;
g)   other Web filtering for the purpose of enterprise or adult Web usage, including: antivirus analysis of Web content, antiphishing filtering;
h)   the analysis and/or filtering of any other application traffic delivered over HTTP/HTTPS/FTP including for instance: instant messaging, peer to peer file (P2P) sharing, VoIP;
i)   the analysis and/or filtering of any other application traffic delivered over non HTTP/HTTPS/FTP protocols including for instance: newsgroups, instant messaging, peer to peer file (P2P) sharing, VoIP and social networking applications.

Software und Dienste für Filterung von Internetkommunikation und Internetinhalt

Ziel dieser Technischen Spezifikation ist die Festlegung einer Reihe von Kriterien für die geforderte Leistung von Webfiltern, die Internetnutzern ein größeres Selbstvertrauen bei der Wahl eines geeigneten Produktes oder Dienstes zum Schutz von Kindern im Internet ermöglichen sollen.
ANMERKUNG   Ein Produkt ist ein Softwaresystem, das von seinem Administrator oder seinem Anbieter installiert wird. Ein Dienst wird ohne spezifische Installation durch den Administrator, jedoch durch direkte Bedienung des Kunden durch den Anbieter zur Verfügung gestellt. Ein Beispiel für ein solches Produkt ist ein auf einem PC installiertes Softwaresystem, und ein Beispiel für einen Dienst ist ein von einem Internetdienstanbieter bereitgestellter und einem Internetzugangsdienst hinzugefügter Internetverbindungsfilter.
Durch die Verwendung eines Webfilters, der die in dieser Technischen Spezifikation festgelegten Anforde-rungen erfüllt, kann sich ein Anwender darauf verlassen, dass das Produkt oder der Dienst:
a)   speziell für die Bedürfnisse von Eltern und Verantwortlichen (Administratoren des Filters) entwickelt wurde, um Kinder vor potentiell schädlichen URLs im Internet zu schützen;
b)   speziell auf die Zielgruppe von Minderjährigen ausgerichtet und auch für Personen geeignet ist, die sich vor potentiell schädlichen URLs im Internet schützen möchten;
c)   eine Mindestanzahl von Funktionen und eine Mindestwirksamkeit aufweist, die ausreichen, um den gefor-derten Schutz zu bieten;
d)   mit einer deutlichen und verständlichen Dokumentation sowie Installations- und Implementierungsanwei-sungen bereitgestellt wird;
e)   angemessen sicher ist, d. h. die erprobten Maßnahmen gegen eine mögliche Umgehung oder die Löschung des Filters selbst einleitet.
Die folgenden Technologien werden von der vorliegenden Technischen Spezifikation nicht abgedeckt:
f)   alle Arten von E Mail-Filtern, einschließlich: SPAM-Filter, Überwachung von E-Mails und Anhängen durch Virenscanner, Antiphishing-Filter;
g)   sonstige Webfilter für die Zwecke der Internet-Nutzung durch Unternehmen oder Erwachsene ein-schließlich: Überwachung von Webinhalten durch Virenscanner, Antiphishing-Filter;
h)   die Analyse und/oder Filterung des gesamten sonstigen über HTTP/HTTPS/FTP erfolgenden Anwen-dungsverkehrs einschließlich z. B.: Sofort-Nachrichten, Peer-to-Peer-Filesharing (gemeinsamer P2P-Dateizugriff), VoIP;
i)   die Analyse und/oder Filterung des gesamten sonstigen nicht über HTTP/HTTPS/FTP erfolgenden An-wendungsverkehrs einschließlich z. B.: Newsgruppen, Sofort-Nachrichten, Peer-to-Peer-Filesharing (gemeinsamer P2P-Dateizugriff), VoIP und Anwendungen sozialer Netzwerke.

Logiciel et services de filtrage de contenus et communications d'internet

Programska oprema in storitve za filtriranje internetne vsebine in internetnih komunikacij

General Information

Status
Published
Publication Date
12-Nov-2013
Current Stage
9093 - Decision to confirm - Review Enquiry
Completion Date
04-Jun-2024

Buy Standard

Technical specification
TS CEN/TS 16080:2014
English language
28 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)


SLOVENSKI STANDARD
01-februar-2014
Programska oprema in storitve za filtriranje internetne vsebine in internetnih
komunikacij
Internet Content and communications filtering software and services
Software und Dienste für Filterung von Internetskommunikation und Internestsinhalt
Logiciel et services de filtrage de contenus et communications d'internet
Ta slovenski standard je istoveten z: CEN/TS 16080:2013
ICS:
35.080 Dokumentiranje razvoja Software development and
programske opreme in system documentation
sistemov (sistemska
dokumentacija)
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

TECHNICAL SPECIFICATION
CEN/TS 16080
SPÉCIFICATION TECHNIQUE
TECHNISCHE SPEZIFIKATION
November 2013
ICS 35.080; 35.240.99
English Version
Internet Content and communications filtering software and
services
Logiciel et services de filtrage de contenus et Software und Dienste für Filterung von
communications d'internet Internetskommunikation und Internestsinhalt
This Technical Specification (CEN/TS) was approved by CEN on 7 January 2013 for provisional application.

The period of validity of this CEN/TS is limited initially to three years. After two years the members of CEN will be requested to submit their
comments, particularly on the question whether the CEN/TS can be converted into a European Standard.

CEN members are required to announce the existence of this CEN/TS in the same way as for an EN and to make the CEN/TS available
promptly at national level in an appropriate form. It is permissible to keep conflicting national standards in force (in parallel to the CEN/TS)
until the final decision about the possible conversion of the CEN/TS into an EN is reached.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania,
Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United
Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels
© 2013 CEN All rights of exploitation in any form and by any means reserved Ref. No. CEN/TS 16080:2013: E
worldwide for CEN national Members.

Contents Page
Foreword .4
1 Scope .6
2 Normative references .6
3 Terms, definitions and abbreviations .6
3.1 Terms and definitions .6
3.2 Abbreviations . 10
4 Web filter requirements . 10
4.1 General . 10
4.2 Requirements . 10
4.2.1 Level of protection . 10
4.2.2 Configuration . 11
4.2.3 Request of revision to categorization . 11
4.2.4 Installation and initial setup . 11
4.2.5 Monitoring and logging . 12
4.2.6 Security . 12
4.2.7 Administration . 13
4.2.8 Web filter update . 13
4.2.9 Web filter upgrade . 13
4.2.10 License expiration and renewal . 14
4.2.11 Uninstall/removal . 14
4.2.12 Usability . 14
4.2.13 Support . 14
4.2.14 Product or service description . 14
4.2.15 User documentation . 15
4.3 Recommended Functionalities . 16
Annex A (normative) Potentially harmful URL categories. 18
A.1 General . 18
A.2 Sexually explicit material (pornography) . 18
A.3 Nudity and erotic material . 18
A.4 Violence and weapons . 19
A.5 Self harm . 19
A.6 Racism, discrimination and hate material . 19
A.7 Drug taking or the promotion of drug use . 20
A.8 Promotion of criminal activity . 20
A.9 Gambling . 20
Annex B (normative) Optional URL categories . 21
B.1 General . 21
B.2 Social networking services . 21
Annex C (normative) Web filter testing procedures . 22
C.1 General . 22
C.2 Testing platform . 22
C.3 Reference blocking efficacy URL database and measure . 22
C.4 Reference overblocking rate URL database and measure . 23
C.5 Verification procedure . 24
C.6 Whitelist and blacklist . 24
C.7 Safe search activation . 24
C.8 Keyword filtering verification . 25
C.9 Social networking services filtering verification . 25
C.10 Usability test . 25
C.10.1 General . 25
C.10.2 Administration interaction points . 25
C.10.3 Checklist . 26

Foreword
This document (CEN/TS 16080:2013) has been prepared by Technical Committee CEN/TC 365 “Internet
Filtering”, the secretariat of which is held by AENOR.
In view of the increasing use of Internet communication technologies and the impact that these technologies
necessarily have on the general public, in January 2004, the European Commission adopted a
Communication to combat SPAM which served as a basis for the March 2004 Council Conclusions
highlighting the essential role of technical solutions and consumers empowerment.
In addition, the European Parliament and the Council agreed to a multi-annual programme, proposed by the
Commission, to promote safer use of the Internet and new online technologies.
The 4-year programme, Safer Internet Plus (2005-2008) aims at combating illegal and harmful content online.
The programme has several actions such as awareness campaigns, hot lines, interoperability issues relevant
for Internet filtering and benchmarking (SIP-BENCH project).
In view of the increasing awareness and use of filtering software and services, and worried about the lack of
objective testing and scarcity of comparatives, ANEC, the association representing consumers in
standardization and certification, commissioned a study on “The standards requirements for Internet filtering
tools” at the end of 2005. The purpose of this ANEC project was to investigate to what extent unsolicited
commercial communications (SPAM) and Internet content filters should be testable and comparable in order
to help consumer choice. Performance standards for Internet filtering products and services were identified as
helpful in both ensuring product transparency and aiding choice. The protection of consumers (and especially
children) was intended to be the main aim of the ANEC work.
CEN BT WG 194 on Internet filtering tools was set up in February 2007, upon request by ANEC, to consult
stakeholders on this issue. Participants range from European Commission representatives from DG
Information Society and Justice and Home Affairs (JAI) to national standards bodies (BSI, DIN, AFNOR and
NEN).
The CEN BT WG 194 met on 14 March 2007; no other meeting was planned.
The Report was finalized after this meeting and endorsed electronically in June 2007. As a way forward,
BT/WG 194 proposed the creation of a CEN Task Force (TF) leading to this Technical Specification with the
restricted scope of Web filters.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. CEN [and/or CENELEC] shall not be held responsible for identifying any or all such patent rights.
According to the CEN-CENELEC Internal Regulations, the national standards organizations of the following
countries are bound to announce this Technical Specification: Austria, Belgium, Bulgaria, Croatia, Cyprus,
Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany,
Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland,
Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom.
Introduction
Nearly three quarters of the population of the European Union is now using the Internet. A very large
proportion of them use the Internet for the purpose of education, work, communication and commerce.
However, even though the Internet is becoming part of everyday life, potentially harmful or illegal material
exists on the Internet.
To protect their children and themselves, Internet users are turning towards filtering product and services
besides education. However, there is no easy way for Internet users to discover which of these products and
services is best suited to their needs or, indeed, whether a filter is effective.
A Technical Specification can help Internet users to make informed choic
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.