EN 14615:2017
(Main)Postal services - Digital postage marks - Applications, security and design
Postal services - Digital postage marks - Applications, security and design
This European Standard specifies a recommended procedure for the development of specifications for applications of digital postage marks (DPMs) – i.e. applications linked to the use of digital printing and image data capture technologies in the postal industry, most particularly for the evidencing of postage accounting and/or payment. It is not intended to prescribe or to recommend any particular architecture or design for such applications, only to specify the process through which such an architecture or design should be developed.
The document covers only requirements and considerations relating to applications that use digital postage marks, on individual postal items, as a means of communicating data (messages). The clause on design covers only the design of the digital postage marks themselves. It does not cover other aspects of design, including the possible use of other messages, transported by other means (e.g. statements of mailing), to provide for the communication of additional data, even though these might be just as important.
Postalische Deinstleistungen - Digitale Freimachungsvermerke - Inhalte, Sicherheit und Gestaltung
Dieses Dokument legt ein empfohlenes Verfahren für die Entwicklung der Spezifikation digitaler Freimachungsvermerke (DPMs, en: digital postage marks) fest— d. h. Anwendungen, die mit den digitalen Druck- und Bilddatenerfassungs¬technologien in der Postindustrie verknüpft sind, größtenteils für den Nachweis der Portoabrechnung und/oder bezahlung. Es ist nicht beabsichtigt, bestimmte Architektur oder einen bestimmten Entwurf für solche Anwendungen vorzuschreiben oder zu empfehlen, sondern nur den Prozess anzugeben, durch den solch eine Architektur oder ein Entwurf entwickelt werden sollte.
ANMERKUNG Aus diesem Grund beinhaltet die Norm sowohl einen normativen als auch einen informativen Inhalt. Die Abschnitte 1 bis 5 sowie Anhang A sind normativ, während die übrigen Anhänge informativ sind. Alle nicht-normativen (informativen) Abschnitte sind als solche in der Überschrift gekennzeichnet.
Services postaux - Marques d'affranchissement digitales - Applications, sécurité et conception
Le présent document précise une procédure recommandée pour l’élaboration des spécifications relatives aux applications de marques d’affranchissement numériques (DPM), c’est-à-dire des applications liées à l’utilisation de technologies d’impression numérique et de capture de données d’image dans l’industrie postale, et plus particulièrement pour apporter des éléments de preuve de la comptabilité et/ou du paiement de l’affranchissement (frais de port). Il n’est pas destiné à préconiser ou recommander une architecture ou une conception particulière mais uniquement à préciser le processus par lequel il est recommandé de les développer pour lesdites applications.
NOTE C’est la raison pour laquelle la présente norme englobe à la fois un contenu normatif et informatif. Les Articles 1 à 5 et l’Annexe A sont normatifs. Les annexes qui suivent sont quant à elles informatives. Les articles non normatifs (informatifs) sont indiqués en tant que tels dans l’en-tête.
Poštne storitve - Digitalne poštne označbe - Uporaba, varnost in oblikovanje
Ta evropski standard določa priporočeni postopek za razvoj specifikacij za načine uporabe digitalnih poštnih oznak (DPM), tj. načine, povezane z uporabo tehnologij digitalnega tiskanja in zajema slikovnih podatkov v poštni industriji, predvsem za namene evidentiranja poštnih poslovnih knjig in/ali plačil. Standard ne predpisuje ali priporoča posebne arhitekture ali načrtovanja za take načine uporabe, temveč zgolj določa postopek, v okviru katerega je treba razviti arhitekturo oziroma načrt. Dokument zajema samo zahteve in napotke za načine uporabe, ki vključujejo uporabo digitalne poštne oznake za posamezne poštne elemente za namene pošiljanja podatkov (sporočil). Točka o načrtovanju zajema samo načrtovanje samih digitalnih poštnih oznak. Ne zajema drugih vidikov načrtovanja, vključno z možno uporabo drugih vrst sporočil, ki se prenašajo na drugačne načine (npr. izjave o dostavi), s čimer bi uredila prenašanje dodatnih vrst podatkov, kljub temu, da so ti vidiki lahko ravno tako pomembni.
General Information
Relations
Standards Content (Sample)
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.REOLNRYDQMHPostalische Dienstleistungen - Digitale Freimachungsvermerke - Anwendungen, Sicherheit und GestaltungServices postaux - Marques d'affranchissement digitales - Applications, sécurité et designPostal services - Digital postage marks - Applications, security and design03.240Poštne storitvePostal servicesICS:Ta slovenski standard je istoveten z:EN 14615:2017SIST EN 14615:2017en,fr,de01-november-2017SIST EN 14615:2017SLOVENSKI
STANDARDSIST EN 14615:20051DGRPHãþD
EUROPEAN STANDARD NORME EUROPÉENNE EUROPÄISCHE NORM
EN 14615
September
t r s y ICS
r uä t v r Supersedes EN
s v x s wã t r r wEnglish Version
Postal services æ Digital postage marks æ Applicationsá security and design Services postaux æ Marques d 5affranchissement digitales æ Applicationsá sécurité et design
Postalische Dienstleistungen æ Digitale Freimachungsvermerke æ Anwendungená Sicherheit und Gestaltung This European Standard was approved by CEN on
t December
t r s xä
egulations which stipulate the conditions for giving this European Standard the status of a national standard without any alterationä Upætoædate lists and bibliographical references concerning such national standards may be obtained on application to the CENæCENELEC Management Centre or to any CEN memberä
translation under the responsibility of a CEN member into its own language and notified to the CENæCENELEC Management Centre has the same status as the official versionsä
CEN members are the national standards bodies of Austriaá Belgiumá Bulgariaá Croatiaá Cyprusá Czech Republicá Denmarká Estoniaá Finlandá Former Yugoslav Republic of Macedoniaá Franceá Germanyá Greeceá Hungaryá Icelandá Irelandá Italyá Latviaá Lithuaniaá Luxembourgá Maltaá Netherlandsá Norwayá Polandá Portugalá Romaniaá Serbiaá Slovakiaá Sloveniaá Spainá Swedená Switzerlandá Turkey and United Kingdomä
EUROPEAN COMMITTEE FOR STANDARDIZATION COMITÉ EUROPÉEN DE NORMALISATION EUROPÄISCHES KOMITEE FÜR NORMUNG
CEN-CENELEC Management Centre:
Avenue Marnix 17,
B-1000 Brussels
t r s y CEN All rights of exploitation in any form and by any means reserved worldwide for CEN national Membersä Refä Noä EN
s v x s wã t r s y ESIST EN 14615:2017
European foreword . 5 Introduction . 6 1 Scope . 8 2 Normative references . 8 3 Terms and definitions . 8 4 Symbols and abbreviations . 11 5 DPM applications and design process . 12 5.1 Introduction . 12 5.2 DPM business planning . 13 5.3 DPM systems analysis . 14 5.4 DPM security analysis . 15 5.5 DPM design . 16 Annex A (normative)
Specification checklists . 17 A.1 Applications specifications . 17 A.2 System specification . 17 A.3 Security specification . 18 A.4 DPM specification . 18 Annex B (informative)
Business planning considerations . 19 B.1 Possible applications . 19 B.2 Market segmentation . 20 B.3 Applications selection . 23 Annex C (informative)
Security analysis considerations . 26 C.1 Context . 26 C.2 Security objectives, policy and economics . 27 C.3 Threats and vulnerabilities . 28 C.4 Applications and message level security . 32 C.5 Security services and message level countermeasures . 34 C.6 Applications level countermeasures . 36 C.7 Countermeasure selection . 47 C.8 Application of countermeasures . 49 C.9 Message security implementation options . 49 Annex D (informative)
Systems analysis considerations . 56 D.1 Requirements analysis . 56 D.2 Functional description . 57 SIST EN 14615:2017
DPM design considerations . 67 E.1 Data content . 67 E.2 Data entry . 68 E.3 Data construct mapping . 69 E.4 Symbology . 70 E.5 Human readable information . 71 E.6 Layout, facing and aesthetics . 72 E.7 Performance and test criteria . 73 Annex F (informative)
Statistical analysis of DPM verification . 74 F.1 Introduction . 74 F.2 Purpose and scope of postal item verification . 74 F.3 Detection of DPMs with invalid validation code . 75 F.4 Influence of CVC length on fraud detection . 80 F.5 Detection of duplicate DPMs . 81 Annex G (informative)
Message security algorithms . 82 G.1 Introduction . 82 G.2 Hash functions used in message security services . 82 G.3 Asymmetric (public key) cryptographic algorithms . 83 G.4 Message authentication code (MAC) algorithms . 86 G.5 Exchange validation code generation . 90 G.6 Selection of algorithms for CVC implementation . 90 Annex H (informative)
CVC generation and verification data . 96 H.1 Introduction . 96 H.2 Sources of data for verification. 96 H.3 Selection of data used in the verification process . 97 Annex I (informative)
Architecture examples . 103 I.1 Introduction . 103 I.2 The REMPI architecture . 103 I.3 USPS IBIP configurations . 107 Annex J (informative)
Examples of digital postage marks (not to scale) . 112 J.1 Australia Post . 112 J.2 Canada Post . 112 J.3 Deutsche Post . 112 J.4 Die Post, Switzerland . 114 J.5 Royal Mail . 115 J.6 United States Postal Service (USPS) . 116 SIST EN 14615:2017
Relevant intellectual property rights (IPR) . 118 K.1 Introduction . 118 K.2 Massachusetts Institute of Technology . 118 K.3 Neopost . 118 K.4 Pitney Bowes Inc . 119 K.5 Pitney Bowes Inc, together with Certicom Corp . 119 K.6 United States Department of Commerce . 120 K.7 United States Postal Service . 120 Annex L (informative)
DPM design charts . 121 L.1 Applicability of countermeasures against identified threats . 121 L.2 Data elements used by typical applications and countermeasures . 125 L.3 Mapping data elements onto data source and DPM data constructs .
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.