Personal identification - Secure and interoperable European Breeder Documents - Part 1: Framework overview

This document provides an overview of a framework on breeder documents. It introduces the document structure of FprCEN/TS 17489 (all parts) that specifies how citizens retain the control of breeder document data and how they can use them to support identity proofing and verification. Moreover, the framework provides methodologies to assess and increase the level of trust in breeder documents.
This framework specifies methods for:
-   defining physical and logical/digital representations of a secure breeder document (hardware based, paper-based, server-based),
-   securing breeder document processes,
-   linking the document to its legitimate holder.
The following types of breeder documents are in the scope of the framework:
-   birth certificates,
-   marriage and partnership certificates,
-   death certificates.
The following breeder documents management processes including first-time application, later-in-life registration of an identity, and content update (e.g. name-changing) are in the scope of this framework:
-   registration,
-   issuance,
-   renewal,
-   inspection/verification,
-   revocation.
The specification of policies is out of scope.

Personenidentifikation - Sichere und interoperable europäische Ausgangsdokumente - Teil 1: Grundstruktur

Dieses Dokument enthält einen Überblick über ein Rahmenwerk für Ausgangsdokumente. Es stellt die Dokumentenstruktur von FprCEN/TS 17489 (alle Teile) vor, worin festgelegt wird, wie Bürger die Kontrolle über Ausgangsdokumentdaten erhalten und wie sie diese zur Unterstützung des Identitätsnachweises und zur Verifizierung verwenden können. Darüber hinaus stellt das Rahmenwerk Methoden bereit, um die Vertrauensstufe von Ausgangsdokumenten zu bewerten und zu verbessern.
Dieses Rahmenwerk legt Methoden fest für:
-   die Definition von physischen und logischen/digitalen Darstellungen eines sicheren Ausgangsdokuments (Hardware-basiert, papierbasiert, Server-basiert),
-   die Absicherung von Ausgangsdokumentverfahren,
-   die Verknüpfung des Dokuments mit seinem rechtmäßigen Inhaber.
Zum Anwendungsbereich des Rahmenwerks gehören die folgenden Arten von Ausgangsdokumenten:
-   Geburtsurkunden,
-   Heirats  und Lebenspartnerschaftsurkunden,
-   Sterbeurkunden.
Zum Anwendungsbereich dieses Rahmenwerks gehören die folgenden Managementverfahren für Ausgangs¬dokumente, einschließlich erstmaliger Beantragung, Registrierung einer Identität zu einem späteren Lebenszeitpunkt und Aktualisierung des Inhalts (beispielsweise Änderung des Namens):
-   Registrierung,
-   Ausstellung,
-   Erneuerung,
-   Prüfung/Verifizierung,
-   Widerruf.
Die Festlegung von Leitlinien liegt außerhalb des Anwendungsbereichs.

Identification personnelle - Documents sources Européens sécurisés et interopérables - Partie 1 : Structure générale

Osebna identifikacija - Varni in interoperabilni evropski izvorni dokumenti - 1. del: Splošna struktura

General Information

Status
Published
Publication Date
17-Sep-2020
Technical Committee
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
09-Sep-2020
Due Date
14-Nov-2020
Completion Date
18-Sep-2020

Buy Standard

Technical specification
SIST-TS CEN/TS 17489-1:2020
English language
14 pages
sale 10% off
Preview
sale 10% off
Preview

e-Library read for
1 day

Standards Content (sample)

SLOVENSKI STANDARD
SIST-TS CEN/TS 17489-1:2020
01-november-2020

Osebna identifikacija - Varni in interoperabilni evropski izvorni dokumenti - 1. del:

Splošna struktura

Personal identification - Secure and interoperable European Breeder Documents - Part

1: Framework overview

Personenidentifikation - Sichere und interoperable europäische Ausgangsdokumente -

Teil 1: Grundstruktur

Identification personnelle - Documents sources Européens sécurisés et interopérables -

Partie 1 : Structure générale
Ta slovenski standard je istoveten z: CEN/TS 17489-1:2020
ICS:
35.240.15 Identifikacijske kartice. Čipne Identification cards. Chip
kartice. Biometrija cards. Biometrics
SIST-TS CEN/TS 17489-1:2020 en,fr,de

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
SIST-TS CEN/TS 17489-1:2020
---------------------- Page: 2 ----------------------
SIST-TS CEN/TS 17489-1:2020
CEN/TS 17489-1
TECHNICAL SPECIFICATION
SPÉCIFICATION TECHNIQUE
August 2020
TECHNISCHE SPEZIFIKATION
ICS 35.240.15
English Version
Personal identification - Secure and interoperable
European Breeder Documents - Part 1: Framework
overview

Identification personnelle - Documents sources Personenidentifikation - Sichere und interoperable

Européens sécurisés et interopérables - Partie 1 : europäische Ausgangsdokumente - Teil 1:

Structure générale Grundstruktur

This Technical Specification (CEN/TS) was approved by CEN on 12 July 2020 for provisional application.

The period of validity of this CEN/TS is limited initially to three years. After two years the members of CEN will be requested to

submit their comments, particularly on the question whether the CEN/TS can be converted into a European Standard.

CEN members are required to announce the existence of this CEN/TS in the same way as for an EN and to make the CEN/TS

available promptly at national level in an appropriate form. It is permissible to keep conflicting national standards in force (in

parallel to the CEN/TS) until the final decision about the possible conversion of the CEN/TS into an EN is reached.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,

Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway,

Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and

United Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION
EUROPÄISCHES KOMITEE FÜR NORMUNG
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels

© 2020 CEN All rights of exploitation in any form and by any means reserved Ref. No. CEN/TS 17489-1:2020 E

worldwide for CEN national Members.
---------------------- Page: 3 ----------------------
SIST-TS CEN/TS 17489-1:2020
CEN/TS 17489-1:2020 (E)
Contents Page

European foreword ....................................................................................................................................................... 3

Introduction .................................................................................................................................................................... 4

1 Scope .................................................................................................................................................................... 6

2 Normative references .................................................................................................................................... 6

3 Terms and definitions ................................................................................................................................... 6

4 Symbols and abbreviations ......................................................................................................................... 9

5 Design principles .......................................................................................................................................... 10

6 Framework overview.................................................................................................................................. 11

6.1 Part 1: Framework overview ................................................................................................................... 11

6.2 Part 2: Data model ....................................................................................................................................... 11

6.3 Part 3: Basic technologies ......................................................................................................................... 11

6.4 Part 4: Profiles for birth, marriage / partnership and death certificates................................ 13

6.5 Part 5: Trust establishment and management processes ............................................................. 13

Bibliography ................................................................................................................................................................. 14

---------------------- Page: 4 ----------------------
SIST-TS CEN/TS 17489-1:2020
CEN/TS 17489-1:2020 (E)
European foreword

This document (CEN/TS 17489-1:2020) has been prepared by Technical Committee CEN/TC 224

“Personal identification and related personal devices with secure element, systems, operations and

privacy in a multi sectorial environment”, the secretariat of which is held by AFNOR.

Attention is drawn to the possibility that some of the elements of this document may be the subject of

patent rights. CEN shall not be held responsible for identifying any or all such patent rights.

According to the CEN/CENELEC Internal Regulations, the national standards organisations of the

following countries are bound to announce this Technical Specification: Austria, Belgium, Bulgaria,

Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland,

Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Republic of

North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United

Kingdom.
---------------------- Page: 5 ----------------------
SIST-TS CEN/TS 17489-1:2020
CEN/TS 17489-1:2020 (E)
Introduction

A legally recognized identity enables citizens to exercise their rights and access state and other services.

This includes the right to travel and access to travel documents such as passports, as well as access to

education, healthcare, social services, and bank accounts. In order to establish legally recognized

identities of citizens, states implement identity management (IdM) systems.

Breeder documents are legal documents which certify a vital event of a person and are essential

components of these IdM systems. According to the United Nations terminology [10] vital events include

live birth, death, foetal death, marriage (which includes partnership), divorce, adoption, legitimation,

recognition of parenthood, annulment of marriage, or legal separation. These vital events of a person are

recorded in the civil register (if used) of the state, during a process which is called registration, and a

corresponding breeder document is issued to the citizen.

The Organization for Security and Co-operation in Europe (OSCE) points out the importance of a breeder

document (denoted as primary documents) framework [8]:

“While there are several layers of identity management that produce different types of identity documents,

frameworks for issuing primary identity documents are the critical components of the entire identity

management system. They provide a framework for the legal establishment of one’s identity and identity

documents on the basis of which other types of identity documents may be issued.”

While there are standardized frameworks for identity documents such as travel documents including

passports, a standardized framework for secure and interoperable breeder documents is missing.

For machine readable travel documents (MRTDs) including passports, the International Civil Aviation

Organization (ICAO) has published the Doc 9303 standard [4] which has been prepared in collaboration

with the standardization group ISO/IEC JTC 1/SC 17/WG3. The international adoption and

implementation of this document establishes a certain security level for travel documents and enables

interoperability, e.g. by means of the standardized layout and character set used for travel documents.

The lack of breeder document standardization leads to interoperability as well as security issues. The

layout of breeder documents differs between states and often even between the municipalities of a state.

Breeder documents typically do not support machine readable technologies, and therefore their data

must be manually entered for subsequent processing which is error prone and time consuming. The non-

standardized layout can hinder a verifier to identify the required breeder document data and a

translation of the breeder document is potentially required. This translation potentially uses a

transliteration of names, i.e. a conversion of the names from one alphabet to another, and this can lead to

different spellings of the name of the same person, e.g. if diacritical marks are used in the original breeder

document, but not used in the translated document.

For instance, the International Commission on Civil Status (ICCS) [6] has addressed these interoperability

issues in several conventions and recommendations that specify a data set and a character set to be used

as well as identifiers for the different data fields of a breeder document.

Breeder documents are typically used as an identity evidence in identity proofing scenarios for issuing

travel documents. Due to the established security level of travel documents and the typically lower

security level of breeder documents fraudsters aim at obtaining authentic travel documents on the basis

of false identities based e.g. on non-genuine or forged breeder documents instead of forging or

counterfeiting travel documents. Therefore fraudsters use

— counterfeit breeder documents, i.e. unauthorized reproductions of genuine documents;

— forged breeder documents, i.e. genuine breeder document that have been altered;

---------------------- Page: 6 ----------------------
SIST-TS CEN/TS 17489-1:2020
CEN/TS 17489-1:2020 (E)

— genuine breeder documents of another person; i.e. they impersonate the legitimate holder of the

breeder documents. As breeder documents such as birth certificates usually do not include

information that links the breeder document to its legitimate holder, strong organisational methods

are required to establish this link, in particular in the case of first-time registration;

— forged data and identity evidence documents to obtain breeder documents with false data

representations.

Breeder documents are considered the weakest link in the issuance process of travel documents, see the

ICAO guidelines [5] for best practices on how breeder documents are used in this process. For this reason

the European Union (EU) has funded projects to investigate solutions for strengthening the security of

breeder documents: The FIDELITY project [3] suggests among others a standardized birth certificate

design, the support of physical security features and an online verification of the birth certificate. The

ORIGINS project [9] analysed the issuance of breeder documents used for passport delivery, identified

loopholes in this process, and proposed security measures and processes to enhance the security of

breeder documents. These enhancements include the standardization of breeder documents and the

harmonization of the related processes. In addition, the European Commission has issued an action plan

to strengthen the European response to travel document fraud [2] which recommends a minimum

security level for breeder documents to prevent counterfeiting and forging.

The breeder document framework in CEN/TS 17489 (all parts) takes the results of these EU projects [3],

[9] into considerations as well as the ICCS conventions and recommendations [6].
---------------------- Page: 7 ----------------------
SIST-TS CEN/TS 17489-1:2020
CEN/TS 17489-1:2020 (E)
1 Scope

This document provides an overview of a framework on breeder documents. It introduces the document

structure of CEN/TS 17489 (all parts) that specifies how citizens retain the control of breeder document

data and how they can use them to support identity proofing and verification. Moreover, the framework

provides methodologies to assess and increase the level of trust in breeder documents.

This framework specifies methods for:

— defining physical and logical/digital representations of a secure breeder document (hardware based,

paper-based, server-based),
— securing breeder document processes,
— linking the document to its legitimate holder.
The following types of breeder documents are in the scope of the framework:
— birth certificates,
— marriage and partnership certificates,
— death certificates.

The following breeder documents management processes including first-time application, later-in-life

registration of an identity, and content update (e.g. name-changing) are in the scope of this framework:

— registration,
— issuance,
— renewal,
— inspection/verification,
— revocation.
The specification of policies is out of scope.
2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.

ISO and IEC maintain terminological databases for use in standardization at the following addresses:

— IEC Electropedia: available at http://www.electropedia.org/
— ISO Online browsing platform: available at https://www.iso.org/obp/ui
---------------------- Page: 8 ----------------------
SIST-TS CEN/TS 17489-1:2020
CEN/TS 17489-1:2020 (E)
3.1
attribute
characteristic or property of an entity (3.6)
[SOURCE: ISO/IEC 24760-1:2019, 3.1.3]
3.2
breeder document

evidence (3.7) about a vital event (3.19) of an entity (3.6) including attributes (3.1)

3.3
compact electronic seal
CES

data format for an electronic seal (3.5) usable in data size constrained environments

3.4
domain
domain of applicability
context

environment where an entity (3.6) can use a set of attributes (3.1) for identification (3.8) and other

purposes
[SOURCE: ISO/IEC 24760-1:2019, 3.2.3]
3.5
electronic seal

data in electronic form, which is attached to or logically associated with other data in electronic form to

ensure the latter’s origin and integrity
[SOURCE: REGULATION (EU) No 910/2014]
3.6
entity

item relevant for the purpose of operation of a domain (3.4) that has recognizably distinct existence

Note 1 to entry: An entity may have a physical or a logical embodiment, such as a person, an organization, a

device, a service, etc.
[SOURCE: ISO/IEC 24760-1:2019, 3.1.1 – modified Note 1]
3.7
evidence

information which is used, either by itself or in conjunction with other information, to establish proof

about an event or action

Note 1 to entry: Evidence does not necessarily prove the truth or existence of somethi

...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.