Security requirements for trustworthy systems managing certificates and time-stamps

1.1   General
This Technical Specification establishes security requirements for TWSs that can be used by a TSP in order to issue QCs and Non-Qualified Certificates (NQCs) as well as electronic time-stamps in accordance with Dir.1999/93/EC and with [Reg.910/2014/EU].
Security requirements for the Subject Device Provision Service, which includes SCDev/QSCD provision to subjects, are defined in this TS. However, requirements specific to SCDev/QSCD devices, as used by subjects of the TSP, are outside the scope of this TS. These requirements are defined as Common Criteria [CC] Protection Profiles (PP) in the EN 419211 series.
Recommendations for the cryptographic algorithms to be supported by TWSs are provided in ETSI/TS 119 312.
Although this TS is based on the use of public key cryptography, it does not require or define any particular communication protocol or format for electronic signatures, certificates, certificate revocation lists, certificate status information and time-stamp tokens. It only assumes certain types of information to be present in the certificates in accordance with Annex I of Dir.1999/93/EC and of [Reg.910/2014/EU]. Interoperability between TSP systems and subject systems is outside the scope of this document.
The use of TWSs that are already compliant to relevant security requirements of this TS should support TSPs in reducing their burden to establish conformance of their policy to ETSI TS 119 411-1, 119 411-2, and 119 421 (or equivalent ENs to be subsequently published) and in meeting the Annex I and Annex II requirements of Dir.1999/93/EC as well as the requirements from Annex I and Article 24.2 (e) of [Reg.910/2014/EU].
1.2   European Regulation-specific
The main focus of this document is on the requirements in Article 24.2 (e) of [Reg.910/2014/EU] whilst still facilitating the meeting of requirements in Dir.1999/93/EC, Annex II (f). In considering [Reg.910/2014/EU] it is important to take into account the following requirements of particular relevance to TSP trustworthy systems:
a)   Article 24.2 (f) – “use trustworthy systems to store data provided to it, in a verifiable form so that:
(i)   they are publicly available for retrieval only where the consent of the person to whom the data relates has been obtained,
(ii)   only authorised persons can make entries and changes to the stored data,
(iii)   the data can be checked for authenticity”;
b)   Article 24.2 (g) – “take appropriate measures against forgery and theft of data”;
c)   Article 24.2 (h) – “record and keep accessible for an appropriate period of time, including after the activities of the qualified trust service provider have ceased, all relevant information concerning data issued and received by the qualified trust service provider, in particular, for the purpose of providing evidence in legal proceedings and for the purpose of ensuring continuity of the service. Such recording may be done electronically”;
d)   Article 24.2 (j) – “ensure lawful processing of personal data in accordance with Directive 95/46/EC”;
e)   Article 24.2 (k) – “in case of qualified trust service providers issuing qualified certificates, establish and keep updated a certificate database”;
f)   Article 24.3 – “If a qualified trust service provider issuing qualified certificates decides to revoke a certificate, it shall register such revocation in its certificate database and publish the revocation status of the certificate in a timely manner, and in any event within 24 hours after the receipt of the request. The revocation shall become effective immediately upon its publication”;
g)   Article 24.4 – "With regard to paragraph 3, qualified trust service providers issuing qualified certificates shall provide to any relying party information on the validity or revocation status of qualified certificates issued by them.

Sicherheitsanforderungen für vertrauenswürdige Systeme zur Verwaltung von Zertifikaten für elektronische Signaturen und Zeitstempel

1.1   Allgemeines
Diese Technische Spezifikation legt Sicherheitsanforderungen an TWS fest, die durch einen TSP genutzt werden können, um QC und nicht qualifizierte Zertifikate (NQC, en: non-qualified certificates) wie auch elektronische Zeitstempel nach der Richtlinie 1999/93/EG  und [Verordnung 910/2014/EU] auszugeben.
Die Sicherheitsanforderungen an den Bereitstellungsdienst für Signaturerstellungseinheiten für Zertifikat-inhaber, der die Bereitstellung von SCDev/QSCD an Zertifikatinhaber umfasst, sind in dieser TS definiert. Die für SCDev/QSCD spezifischen Anforderungen, wie sie von den Zertifikatinhabern der TSP angewendet werden, liegen jedoch außerhalb des Anwendungsbereichs dieser TS. Die entsprechenden Anforderungen sind in der Reihe EN 419211 als Schutzprofile (PP, en: Protection Profiles) nach den Common Criteria (CC) definiert.
Empfehlungen hinsichtlich der durch TWS zu unterstützenden kryptographischen Algorithmen sind in ETSI/TS 119 312 angegeben.
Obwohl diese TS auf der Public-Key-Kryptografie  beruht, verlangt oder definiert sie kein bestimmtes Kommunikationsprotokoll oder -format für elektronische Signaturen, Zertifikate, Zertifikatsperrslisten, Zertifikatstatusinformationen und Zeitstempel-Token. Ihr liegt ausschließlich die Annahme zugrunde, dass die Zertifikate bestimmte Arten von Informationen nach Richtlinie 1999/93/EG, Anhang I und nach [Verordnung 910/2014/EU], enthalten. Die Interoperabilität zwischen TSP-Systemen und Zertifikatinhaber-Systemen liegt außerhalb des Anwendungsbereichs dieses Dokuments.
Die Nutzung von TWS, die bereits die relevanten Sicherheitsanforderungen dieser TS erfüllen, sollte den TSPs das Erreichen der Übereinstimmung ihrer Grundsätze mit ETSI/TS 119 411-1, 119 411-2 und 119 421 (oder entsprechender Europäischer Normen die zu einem späteren Zeitpunkt veröffentlicht werden) (sowie die Erfüllung der Anforderungen nach Richtlinie 1999/93/EG, Anhang I und Anhang II, als auch der Anforderungen nach  [Verordnung 910/2014/EU], Anhang I und Artikel 24.2 (e), erleichtern.
1.2   Spezifisch für die Europäische Verordnung
Der Hauptfokus dieses Dokuments liegt auf den Anforderungen nach [Verordnung 910/2014/EU], Artikel 24.2 (e) während weiterhin die Erfüllung der Anforderungen nach Richtlinie 1999/93/EG, Anhang II (f) unterstützt wird. Unter Beachtung der [Verordnung 910/2014/EU] ist jedoch die Berücksichtigung der folgenden  Anforderungen, die teilweise für vertrauenswürdige Systeme von TSP Relevanz haben, erforderlich:
a)   Artikel 24.2 (f) — „vertrauenswürdige Systeme für die Speicherung der ihnen übermittelten Daten in einer überprüfbaren Form, so dass
i)   diese nur mit Zustimmung der Person, auf die sich die Daten beziehen, öffentlich abrufbar sind;
ii)   nur befugte Personen Daten eingeben und gespeicherte Daten ändern können;
iii)   die Daten auf Ihre Echtheit hin überprüft werden können;
b)   Artikel 24.2 (g) — „geeignete Maßnahmen gegen Fälschung und Diebstahl von Daten ergreifen“;
c)   Artikel 24.2 (h) — „alle einschlägigen Informationen über die von dem qualifizierten Vertrauens-dienstanbieter ausgegebenen und empfangenen Daten aufzeichnen und sie so aufbewahren, dass sie über einen angemessenen Zeitraum, auch über den Zeitpunkt der Einstellung der Tätigkeit des qualifizierten Vertrauensdienstanbieters hinaus, verfügbar sind, um insbesondere bei Gerichtsverfahren entsprechende Beweise liefern zu können und die Kontinuität des Dienstes sicherzustellen. Die Aufzeichnung kann in elektronischer Form erfolgen;
d)   Artikel 24.2 (j) — „eine rechtmäßige Verarbeitung personenbezogener Daten gemäß Richtlinie 95/46/EG sicherstellen;
e)   Artikel 24.2 (k) — „im Falle qualifizierter Vertrauensdiensteanbieter, die qualifizierte Zertifikate ausstellen, eine Zertifikatsdatenbank erstellen und auf dem neuesten Stand halten“.

Exigences de sécurité pour systèmes de confiance gérant des certificats et des horodatages

Varnostne zahteve za zaupanja vredne sisteme, ki upravljajo potrdila za elektronsko podpisovanje

General Information

Status
Published
Publication Date
24-Mar-2015
Current Stage
9093 - Decision to confirm - Review Enquiry
Completion Date
28-Nov-2023

Buy Standard

Technical specification
TS CEN/TS 419261:2015 - BARVE
English language
56 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)


SLOVENSKI STANDARD
01-julij-2015
Varnostne zahteve za zaupanja vredne sisteme, ki upravljajo potrdila za
elektronsko podpisovanje
Security requirements for trustworthy systems managing certificates for electronic
signatures
Sicherheitsanforderungen für vertrauenswürdige Systeme zur Verwaltung von
Zertifikaten für elektronische Signaturen
Exigences de sécurité pour systèmes de confiance gérant des certificats pour signature
électronique
Ta slovenski standard je istoveten z: CEN/TS 419261:2015
ICS:
35.040 Nabori znakov in kodiranje Character sets and
informacij information coding
35.240.30 Uporabniške rešitve IT v IT applications in information,
informatiki, dokumentiranju in documentation and
založništvu publishing
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

TECHNICAL SPECIFICATION
CEN/TS 419261
SPÉCIFICATION TECHNIQUE
TECHNISCHE SPEZIFIKATION
March 2015
ICS 03.120.20; 35.040; 35.240.30
English Version
Security requirements for trustworthy systems managing
certificates and time-stamps
Exigences de sécurité pour systèmes de confiance gérant Sicherheitsanforderungen für vertrauenswürdige Systeme
des certificats et des horodatages zur Verwaltung von Zertifikaten für elektronische Signaturen
und Zeitstempel
This Technical Specification (CEN/TS) was approved by CEN on 18 November 2014 for provisional application.

The period of validity of this CEN/TS is limited initially to three years. After two years the members of CEN will be requested to submit their
comments, particularly on the question whether the CEN/TS can be converted into a European Standard.

CEN members are required to announce the existence of this CEN/TS in the same way as for an EN and to make the CEN/TS available
promptly at national level in an appropriate form. It is permissible to keep conflicting national standards in force (in parallel to the CEN/TS)
until the final decision about the possible conversion of the CEN/TS into an EN is reached.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania,
Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United
Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels
© 2015 CEN All rights of exploitation in any form and by any means reserved Ref. No. CEN/TS 419261:2015 E
worldwide for CEN national Members.

Contents Page
Foreword .4
Introduction .7
1 Scope .8
1.1 General .8
1.2 European Regulation-specific .8
2 Normative references .9
3 Terms, definitions, symbols and abbreviations .9
3.1 Terms and definitions .9
3.2 Symbols and abbreviations . 14
4 Description of a Trust Service Provider System . 15
4.1 General . 15
4.2 TSP Core Services for certificate management . 15
4.3 TSP Supplementary Services for certificate management . 16
4.4 TSP Core Services for electronic time-stamp management . 17
4.5 Overall Architecture . 17
5 Security Requirements . 18
5.1 Relationship between Security Requirements and Recommendations. 18
5.2 General Security Requirements . 19
5.2.1 Management . 19
5.2.2 Systems and Operations . 20
5.2.3 Identification and Authentication . 22
5.2.4 System Access Control . 23
5.2.5 Key Management . 24
5.2.6 Accounting and Auditing . 29
5.2.7 Archiving . 31
5.2.8 Backup and Recovery . 31
5.2.9 Network Security Requirements for the Operational Environment . 32
5.2.10 Physical Security Requirements for the Operational Environment . 32
5.3 Core Services Security Requirements for TWS managing certificates . 33
5.3.1 General . 33
5.3.2 Registration Service . 33
5.3.3 Certificate Generation Service . 35
5.3.4 Dissemination Service . 37
5.3.5 Certificate Revocation Management Service . 38
5.3.6 Certificate Revocation Status Service . 40
5.4 Supplementary Services Security Requirements . 42
5.4.1 Subject Device Provision Service . 42
5.5 Core Services Security Requirements for TWS managing electronic time-stamps . 44
5.5.1 Time-Stamping Service . 44
Annex A (informative) Physical security requirements for the operational environment . 47
A.1 General . 47
A.2 P1 Intrusion Resistant Security Perimeter . 47
A.3 P2 Access Control System . 48
A.4 P3 Intrusion Alarm System . 49
A.5 P4 Fire Protection and Prevention . 49
A.6 P5 Power Supply . 50
A.7 P6 Air Conditioning and Ventilation . 50
Annex B (informative) Network Security Requirements for the Operational Environment . 52
B.1 General . 52
B.2 NET1 Protected TWS Architecture . 52
B.3 NET2 Logging . 53
B.4 NET3 Monitoring and Alerting . 53
Bibliography . 55

Foreword
This document (CEN/TS 419261:2015) has been prepared by Technical Committee CEN/TC 224 “Personal
identification, electronic signature and cards and their related systems and operations”, the secretariat of
which is held by AFNOR.
This document has been prepared under a mandate given to CEN by the European Commission and the
European Free Trade Association.
Successful implementation of European Directive 1999/93/EC on a Community framework for electronic
signatures [Dir.1999/93/EC] and of REGULATION (EU) No 910/2014 OF THE EUROPEAN PARLIAMENT
AND OF THE COUNCIL of 23 July 2014 on electronic identification and trust services for electronic
transactions in the internal market and repealing Directive 1999/93/EC [Reg.910/2014/EU] requires standards
for services, processes, systems and products related to electronic signatures as well as guidance for
conformity assessment of such services, processes, systems and products.
NOTE According to Article 50 of Reg.910/2014/EU Directive 1999/93/EC is repealed with effect from 1 July 2016 and
references to the repealed Directive shall be construed as references to the Regulation.
In 1999 the European Information and Communications Technologies Standards Board, with the support of
the European Commission, undertook an initiative bringing together industry and public authorities, experts
and other market players, to create the European Electronic Signature Standardization Initiative (EESSI).
Within this framework the Comité Européen de Normalization / Information Society Standardization System
(CEN/ISSS) and the European Telecommunications Standards Institute / Electronic Signatures and
Infrastructures (ETSI/ESI) were entrusted with the execution of a work programme to develop generally
recognized standards to support the implementation of [Dir.1999/93/EC] and development of a European
electronic signature infrastructure.
The CEN/ISSS Workshop on electronic signatures (WS/E-SIGN) resulted in a set of deliverables, CEN
Workshop Agreements (CWA), which contributed towards those generally recognized standards.
In 2011 the European Commission (EC) with the support of the European Free Trade Association has signed
a specific grant agreement with the European Committee for Standardization (CEN) regarding the update of
the existing European e-Signature CEN Workshop Agreements (CWAs) in the framework of Phase 1 of the
mandate M/460. The present document is such a CEN Workshop Agreement that was first created as a CWA
and then updated into a Technical Specification (TS).
The purpose of this TS is to describe the security requirements for trustworthy systems managing certificates
for electronic signatures and to define overall system security requirements, whereas EN 419221 specifies
security requirements for cryptographic devices. The requirements were partly inspired by Common Criteria
[CC] Part 2, but the TS is not compliant to [CC], as e.g. EN 419221. In consequence, this TS cannot be used
to perform Common Criteria certifications of products.
The TS is intended for use by designers and developers of systems managing certificates and time-stamps,
as well as customers of such systems.
Executive Summary
This Technical Specification specifies security requirements on products and technology components, used by
Trust Service Providers (TSPs) for issuing and managing certificates as well as electronic time-stamps in the
sense of the REGULATION (EU) No 910/2014 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL
of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market
and repealing Directive 1999/93/EC [Reg.910/2014/EU].
The term TSP includes certification service providers (CSPs) issuing qualified certificates as defined in the
Directive “Directive 1999/93/EC o
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.