ISO 13491-1:2007-06

Banking - Secure cryptographic devices (retail) - Part 1: Concepts, requirements and evaluation methods

German title: Bankwesen - Sichere Verschlüsselungsgeräte (Einzelhandel) - Teil 1: Konzepte, Anforderungen und Zertifizierungsmethoden
Publication date: 2007-06
Original language: English
Pages: 30

from 74.40 EUR VAT included

from 69.53 EUR VAT excluded

Format and language options

PDF download ¹

Language: English
74.40 EUR

Shipment (3-5 working days) ¹

Language: English
84.10 EUR

Monitor with the Standards Ticker

Attention: Document withdrawn!

Publication date: 2007-06
Original language: English
Pages: 30

Product information on this site:

Content
ICS
Replacement amendments
Cooperation at DIN

Quick delivery via download or delivery service

Buy securely with a credit card or pay upon receipt of invoice

All transactions are encrypted

Content

Content (en)

Foreword
Introduction
Scope
Normative references
Terms and definitions
Abbreviated terms
Secure cryptographic device concepts
- General
- Attack scenarios
  - General
  - Penetration
  - Monitoring
  - Manipulation
  - Modification
  - Substitution
- Defence measures
  - General
  - Device characteristics
  - Device management
  - Environment
Requirements for device security characteristics
- Introduction
- Physical security requirements for SCDs
  - General
  - Tamper evidence requirements
  - Tamper resistance requirements
  - Tamper response requirements
  - Physically secure devices
  - Devices using exclusively unique key per transaction key management
- Logical security requirements for SCDs
  - Dual control
  - Unique key per device
  - Assurance of genuine device
  - Design of functions
  - Use of cryptographic keys
  - Sensitive device states
  - Multiple cryptographic relationships
  - SCD software authentication
  - Logical design features
Requirements for device management
- General
- Life cycle phases
- Life cycle protection requirements
  - General
  - Manufacturing and post-manufacturing
  - Pre-use
  - Use
  - Post-use
- Life cycle protection methods
  - Manufacturing
  - Post-manufacturing
  - Pre-use
  - Use
  - Post-use
- Accountability
- Device management principles of audit and control
Evaluation methods
- General
  - Choice of evaluation method
  - Informal method
  - Semi-formal method
  - Formal method
- Risk assessment
- Informal evaluation method
  - General
  - Manufacturer/sponsor
  - Assessor
  - Assessment review body
  - Assessment checklist
  - Assessment results
  - Assessment Report
- Semi-formal evaluation method
  - General
  - Manufacturer/sponsor
  - Evaluation agency
  - Evaluation review body
  - Evaluation results
  - Evaluation report
- Formal evaluation method
Concepts of security levels for system security (informative)
Bibliography

ICS

35.240.40

Replacement amendments

This document replaces ISO 13491-1:1998-06 .

This document has been replaced by: ISO 13491-1:2016-03 .

Cooperation at DIN

Loading recommended items...