1 / 16

ISO/IEC JTC 1/SC 27 IT Security Techniques

SC 27. Dr. Walter Fumy Vice-President Trusted Networks & Applications D-81730 München email: Walter.Fumy@icn.siemens.de. ISO/IEC JTC 1/SC 27 IT Security Techniques. SC 27. SC 27 - Scope. Standardization of generic IT security services and techniques. This includes

derek-burris
Download Presentation

ISO/IEC JTC 1/SC 27 IT Security Techniques

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SC 27 Dr. Walter Fumy Vice-President Trusted Networks & Applications D-81730 München email: Walter.Fumy@icn.siemens.de ISO/IEC JTC 1/SC 27 IT Security Techniques

  2. SC 27 SC 27 - Scope • Standardization of generic IT security services and techniques. This includes • identification of generic requirements for IT system security services, • development of security techniques and mechanisms (cryptographic and non-cryptographic), • development of security guidelines, • development of management support documentation and standards, • development of criteria for IT security evaluation and certification of IT systems, components, and products. • Excluded is the embedding of security mechanisms in applications. • Note that the SC 27 Scope and Area of Work includes the standardization of cryptographic algorithms for integrity, authentication and non-repudiation services. Furthermore it includes the standardization of cryptographic algorithms for confidentiality services for use in accordance with internationally accepted policies.

  3. SC 27 Working Group 1 Requirements, security services, guidelines Convener Mr. T. Humphreys Working Group 2 Security techniques and mechanisms Convener Ms. M. De Soete Working Group 3 Security evaluation criteria Convener Mr. M. Ohlin SC 27 - Organization ISO/IEC JTC 1/SC 27 Information technology - Security techniques Chairman Mr. W. Fumy SC 27 home page:http://www.din.de/ni/sc27/ SC 27 Secretariat DIN Ms. K. Passia email: Krystyna.Passia@DIN.DE

  4. Participating Membership (P-members) Obligation to take an active part in the work (e.g., to attend meetings, to vote) One Member Body per country(e.g., ANSI, AFNOR, BSI, DIN) Power of vote; one vote per Member Body P-members of SC 27 (total 24) Brazil, Canada, USA Australia, China, Korea, Japan Belgium, Czech Republic, Denmark, Finland, France, Germany, Hungary, Italy, Netherlands, Norway, Poland, Russian Federation, Spain, Sweden, Switzerland, UK, Ukraine Observing Membership (O-members) Option to take an active part in the work (e.g., to attend meetings, to make contributions, to receive documents) No power of vote O-members of SC 27 (total 12) Indonesia, Malaysia, New Zealand, Singapore, Thailand Austria, Estonia, Ireland, Israel, Portugal, Romania, Slovakia Membership of SC 27 *) new SC 27 members

  5. IS 15408-3 IS 15408-2 IS 15408-1 IS 14888-3 IS 14888-2 IS 14888-1 IS 11770-3 IS 9798-5 IS 13888-3 IS9798-4.2 IS 13888-1 IS 13888-2 IS 9798-2.2 IS 10116 IS 10118-2 IS 10116.2 IS 10118-4 IS 9797-1.3 IS 9798-1 IS 10118-1 IS 11770-2 IS 9798-1.2 IS 10118-3 IS 9979.2 1999 IS 9796 IS 9798-2 TR 13335-1 IS 9796-2 IS 9798-3.2 IS 9979 IS 9798-3 IS 9797.2 IS 9798-4 IS 11770-1 TR 13335-2 TR 13335-3 1991 1993 1994 1995 1996 1997 1998 Productivity • SC 27 is responsible for • 49 projects, including 29 active projects. • Between 1990 and today, SC 27 has published • 26 ISO/IEC International Standards (IS) • 9 revised editions of International Standards • 4 ISO/IEC Technical Reports (TR) 1992

  6. IS 15408-3 IS 15408-2 IS 15408-1 IS 14888-3 IS 14888-2 IS 14888-1 IS 11770-3 IS 13888-3 IS 9798-5 IS 13888-1 IS 13888-2 IS 10116 IS 10118-2 IS 10116.2 IS 10118-4 IS9798-4.2 IS 9798-2.2 IS 9798-1 IS 10118-1 IS 11770-2 IS 9798-1.2 IS 10118-3 IS 9797-1.3 IS 9796 IS 9798-2 TR 13335-1 IS 9796-2 IS 9798-3.2 IS 9979 IS 9798-3 IS 9797.2 IS 9798-4 IS 11770-1 TR 13335-2 TR 13335-3 IS 9979.2 1999 1991 1992 1993 1994 1995 1996 1997 1998 SC 27 projects relevant for Electronic Signatures • Techniques & Mechanisms • Hash-functions (10118-x) • Signature schemes (9796-x, 14888-x, 15946-2, 15946-4) • Authentication, Non-Repudiation & Key Establishment (9798-x, 13888-x, 11770-x) • Services, Evaluation Criteria, Guidelines, ... • Evaluation criteria for IT Security (15408-x) • Use & management of TTP services (14516)

  7. IS 15946-2 IS 15946-1 IS 10118-2.2 IS 10118-1.2 IS 9797-2 IS 9796-3 IS 7064.2 IS 15945 TR 14516 TR 13335-4 2000? Standards in Preparation • IS 9796: Digital signature schemes giving message recovery - • Part 1: Mechanisms using redundancy, 2nd ed. [to be withdrawn] • Part 3: Discrete logarithm based mechanisms. • IS 9797: Message authentication codes (MACs) - • Part 2: Mechanisms using a hash-function. • TR 13335: Guidelines for the management of IT Security - • Part 4: Selection of safeguards. • TR 14516: Guidelines on the use and management of Trusted Third Party services • IS 15945: Specification of TTP services to support the application of digital signatures • IS 15946: Cryptographic techniques based on elliptic curves - • Part 1: General • Part 2: Digital Signatures • 2nd editions of IS 7064, IS 10118-1, and IS 10118-2   

  8. TR 15446 IS 15292 IS 18014-1 IS 15946-3 IS 15947 IS 15816 IS 13335-5 2001? Standards in Preparation (II) • TR 13335: Guidelines for the management of IT Security - • Part 5: Management guidance on network security. • IS 15292: Protection Profile registration procedures • TR 15446: Guide for the production of Protection Profiles and Security Targets • IS 15816: Security information objects • IS 15946: Cryptographic techniques based on elliptic curves - • Part 3: Key Establishment • IS 15947: IT intrusion detection framework • IS 18014: Time stamping services - • Part 1: Framework

  9. New Projects • WD 18014: Time stamping services - • Part 1: Framework • Part 2: Mechanisms producing independent tokens • Part 3: Mechanisms producing linked tokens • NP 18028: IT network security • NP 18029: Specification for the management and interoperation of public key infrastructure components • NP 18031: Random number generation • NP 18032: Prime number generation • NP 18033: Encryption algorithms • Part 1: General • Part 2: Asymmetric Ciphers • Part 3: Block Ciphers • Part 4: Stream Ciphers • NP 18030: Use of suppliers‘ declaration of conformity for IT security products

  10. SC 27 • More Information • SC 27 scope, organization & work items:http://www.din.de/ni/sc27/ • SC 27 document server:http://www.din.de/ • Contact • SC 27 Secretariat Krystyna.Passia@din.de • SC 27 Chairman Walter.Fumy@icn.siemens.de • Your national shadow committee for SC 27

  11. Annex SC 27 Standards

  12. SC 27 Standards (I) • IS 9796: Digital signature scheme giving message recovery, 1991. • IS 9796: Digital signature schemes giving message recovery - • Part 2: Mechanisms using a hash function, 1997. • IS 9797: Message authentication codes (MACs) - • Part 1: Mechanisms using a block cipher, 3rd edition, 1999. • IS 9798: Entity authentication - • Part 1: General model, 2nd edition 1997. • Part 2: Mechanisms using symmetric encipherment algorithms, 2nd edition 1999. • Part 3: Entity authentication using asymmetric signature techniques, 2nd edition 1998. • Part 4: Mechanisms using cryptographic check functions, 1995. • Part 5: Mechanisms using zero knowledge techniques, 1999. • IS 9979: Procedures for the registration of cryptographic algorithms, 2nd edition, 1999. • IS 10116: Modes of operation for an n-bit block cipher algorithm, 2nd edition 1997.

  13. SC 27 Standards (II) • IS 9979: Procedures for the registration of cryptographic algorithms, 2nd edition, 1999. • Modes of operation • IS 8372: Modes of operation for an 64-bit block cipher algorithm, 1987. • IS 10116: Modes of operation for an n-bit block cipher algorithm, 2nd edition 1997.

  14. SC 27 Standards (III) • IS 10118-1: Hash-functions - • Part 1: General, 1994. • Part 2: Hash-functions using an n-bit block cipher algorithm, 1994. • Part 3: Dedicated hash-functions, 1998. • Part 4: Hash functions using modular arithmetic, 1998. • IS 11770-1: Key management - • Part 1: Key management framework, 1996. • Part 2: Mechanisms using symmetric techniques, 1996. • Part 3: Mechanisms using asymmetric techniques, 1999.

  15. SC 27 Standards (IV) • IS 13888: Non-repudiation - • Part 1: General, 1997. • Part 2: Using symmetric techniques, 1998. • Part 3: Using asymmetric techniques, 1997. • IS 14888-1: Digital signatures with appendix - • Part 1: General, 1999. • Part 2: Identity-based mechanisms, 1999. • Part 3: Certificate-based mechanisms, 1999.

  16. SC 27 Standards (V) • TR 13335: Guidelines for the management of IT Security - • Part 1: Concepts and models for IT Security, 1996. • Part 2: Managing and planning IT Security, 1997. • Part 3: Techniques for the Management of IT Security, 1998. • Part 4: Selection of safeguards, tbp. • IS 15408: Evaluation criteria for IT Security - • Part 1: Introduction and general model, 1999. • Part 2: Security functional requirements, 1999. • Part 3: Security assurance requirements, 1999.

More Related