09/30204756 DC : 0

Superseded

View Superseded by

BS ISO/IEC 11770-1 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - KEY MANAGEMENT - PART 1: FRAMEWORK

Available format(s)

Hardcopy , PDF

Superseded date

12-31-2010

Language(s)

English

Publisher

British Standards Institution

Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Symbols and abbreviated terms
5 General discussion of key management
  5.1 General
  5.2 Protection of keys
      5.2.1 General aspects of key management
      5.2.2 Protection by cryptographic techniques
      5.2.3 Protection by non-cryptographic techniques
      5.2.4 Protection by physical means
      5.2.5 Protection by organisational means
  5.3 Generic key life cycle model
      5.3.1 Key life cycle definitions
      5.3.2 Transitions between key states
      5.3.3 Transitions, services and keys
6 Concepts of key management
  6.1 Key management services
      6.1.1 Summary of key management services
      6.1.2 Generate-Key
      6.1.3 Register-Key
      6.1.4 Create-Key-Certificate
      6.1.5 Distribute-Key
      6.1.6 Install-Key
      6.1.7 Store key
      6.1.8 Derive-Key
      6.1.9 Archive-Key
      6.1.10 Revoke-Key
      6.1.11 Deregister-Key
      6.1.12 Destroy-Key
  6.2 Support services
      6.2.1 Key management facility services
      6.2.2 User-oriented services
7 Conceptual models for key distribution for two entities
  7.1 Introduction to key distribution
  7.2 Key distribution between two communicating entities
  7.3 Key distribution within one domain
  7.4 Key distribution between two domains
8 Specific service providers
Annex A (informative) - Threats to key management
Annex B (informative) - Key management information objects
Annex C (informative) - Classes of cryptographic applications
  C.1 Common classification of cryptographic systems
  C.2 Authentication services and keys
  C.3 Encryption services and keys
Annex D (informative) - Certificate lifecycle management
  D.1 General
  D.2 Certification Authority (CA)
      D.2.1 CA's responsibilities
      D.2.2 CA's asymmetric key pair
  D.3 Certification process
      D.3.1 Model for public key certification
      D.3.2 Registration
      D.3.3 Relationships between legal entities
      D.3.4 Certificate generation
      D.3.5 Renewal/Lifetime
  D.4 Distribution and use of public key certificate
      D.4.1 Requirements and procedures
      D.4.2 Distribution and storage of public key
             certificates
      D.4.3 Verification of public key certificates
  D.5 Certification paths
  D.6 Certificate revocation
      D.6.1 Revocation requirements
      D.6.2 Revocation lists
Bibliography

Committee	IST/33 IT
DocumentType	Draft
Pages	38
PublisherName	British Standards Institution
Status	Superseded
SupersededBy	BS ISO/IEC 11770-1:2010

ISO/IEC 18031:2011	Information technology Security techniques Random bit generation
ISO/IEC 19772:2009	Information technology Security techniques Authenticated encryption
ISO/IEC 11770-2:2008	Information technology Security techniques Key management Part 2: Mechanisms using symmetric techniques
ISO/IEC 11770-4:2006	Information technology Security techniques Key management Part 4: Mechanisms based on weak secrets
ISO/IEC 19790:2012	Information technology — Security techniques — Security requirements for cryptographic modules
ISO/IEC 10181-1:1996	Information technology Open Systems Interconnection Security frameworks for open systems: Overview
ISO/IEC 9594-8:2017	Information technology Open Systems Interconnection The Directory Part 8: Public-key and attribute certificate frameworks
ISO 7498-2:1989	Information processing systems Open Systems Interconnection Basic Reference Model Part 2: Security Architecture
ISO/IEC 29150:2011	Information technology — Security techniques — Signcryption
ISO/IEC 11770-3:2015	Information technology Security techniques Key management Part 3: Mechanisms using asymmetric techniques
ISO/IEC 9798-1:2010	Information technology Security techniques Entity authentication Part 1: General