1 Scope
2 References
2.1 Identical Recommendations | International Standards
2.2 Paired Recommendations | International Standards equivalent in
technical content
2.3 Additional References
3 Definitions
4 General Aspects
4.1 Basis of Security Assurance and Trust
4.2 Interaction between a TTP and Entities Using its Services
4.2.1 In-line TTP
Services
4.2.2 On-line TTP
Services
4.2.3 Off-line TTP
Services
4.3 Interworking of TTP Services
5 Management and Operational Aspects of a TTP
5.1 Legal Issues
5.2 Contractual Obligations
5.3 Responsibilities
5.4 Security Policy
5.4.1 Security Policy
Elements
5.4.2 Standards
5.4.3 Directives and
Procedures
5.4.4 Risk Management
5.4.5 Selection
of Safeguards
5.4.5.1 Physical and Environmental Measures
5.4.5.2 Organisational and Personnel Measures
5.4.5.3 IT Specific Measures
5.4.6 Implementation
Aspects of IT Security
5.4.6.1 Awareness and Training
5.4.6.2 Trustworthiness and Assurance
5.4.6.3 Accreditation of TTP Certification Bodies
5.4.7 Operational
Aspects of IT Security
5.4.7.1 Audit/Assessment
5.4.7.2 Incident Handling
5.4.7.3 Contingency Planning
5.5 Quality of Service
5.6 Ethics
5.7 Fees
6 Interworking
6.1 TTP-Users
6.2 User-User
6.3 TTP-TTP
6.4 TTP-Law Enforcement Agency
7 Major Categories of TTP Services
7.1 Time Stamping Service
7.1.1 Time Stamping
Authority
7.2 Non-repudiation Services
7.3 Key Management Services
7.3.1 Key Generation
Service
7.3.2 Key Registration Service
7.3.3 Key Certification
Service
7.3.4 Key Distribution
Service
7.3.5 Key Installation
Service
7.3.6 Key Storage Service
7.3.7 Key Derivation
Service
7.3.8 Key Archiving
Service
7.3.9 Key Revocation
Service
7.3.10 Key Destruction
Service
7.4 Certificate Management Services
7.4.1 Public Key
Certificate Service
7.4.2 Privilege
Attribute Service
7.4.3 On-line
Authentication Service Based on Certificates
7.4.4 Revocation of
Certificates Service
7.5 Electronic Notary Public Services
7.5.1 Evidence
Generation Service
7.5.2 Evidence Storage
Service
7.5.3 Arbitration
Service
7.5.4 Notary Authority
7.6 Electronic Digital Archiving Service
7.7 Other Services
7.7.1 Directory Service
7.7.2 Identification
and Authentication Service
7.7.2.1 On-line Authentication Service
7.7.2.2 Off-line Authentication Service
7.7.2.3 In-line Authentication Service
7.7.3 In-line
Translation Service
7.7.4 Recovery Services
7.7.4.1 Key Recovery Services
7.7.4.2 Data Recovery Services
7.7.5 Personalisation
Service
7.7.6 Access Control
Service
7.7.7 Incident Reporting and Alert Management Service
Annex A – Security Requirements for Management of TTPs
Annex B – Aspects of CA management
B.1 Example of Registration Process Procedures
B.2 An example of requirements for Certification Authorities
B.3 Certification Policy and Certification Practice Statement (CPS)
Annex C – Bibliography