Saltar navegación principal
Normas DIN – AENOR
DIN EN 419241-2:2019-05

DIN EN 419241-2:2019-05

Trustworthy Systems Supporting Server Signing - Part 2: Protection profile for QSCD for Server Signing; German version EN 419241-2:2019

Systèmes fiables de serveur de signature électronique - Partie 2: Profil de protection de QSCD pour la signature par serveur; Version allemande EN 419241-2:2019

Vertrauenswürdige Systeme, die Serversignaturen unterstützen - Teil 2: Schutzprofil für qualifizierte Signaturerstellungseinheiten zur Serversignierung; Deutsche Fassung EN 419241-2:2019

2019-05 /Active
Equivalencias internacionales:

EN 419241-2 (2019-02)

Relación con otras normas DIN:
The scope of EN 419241 part 2 (PP TSCM) covers security requirements to reach compliance with Annex II of Regulation No 910/2014 of the remote (qualified TSP operated) parts of the system, other than those relating to Signature Activation Data (SAD) management and the operation of the Signature Activation Protocol (SAP), assuming use of a cryptographic module conforming to EN 419 221-5. EN 419241 part 2 will be balloted simultaneously with EN 419241 Part 3 Protection profile for Signature Activation Data management and Signature Activation Protocol(PP-SAD+SAP). These two new parts of EN 419241, used in conjunction with the protection for PP for Cryptographic Module for Trust Services (EN 419 221-5), will contain security requirements for level 2 (sole control) as specified in TS 419241 in a formal manner aligned with common criteria. These two new parts of EN 419241, with EN 419 221-5, will support the certification of a system for remote qualified electronic signature or seal creation devices (remote QSCD) which meet the requirements of EU Regulation No 910/2014: The electronic signature creation data can be reliably protected by the legitimate signatory (sole control) against use by others, where the generation and management of the signature creation data is carried out by a qualified trust service provider on behalf of a signatory. The scope of proposed 419241 part 3 (PP-SAD+SAP) covers security requirements to reach compliance with Annex II of Regulation No 910/2014 on the management of the SAD and the operation of the SAP used to provide sole control of the signatory or seal creator for the remote QSCD signing or sealing functions. The proposed parts 2 and 3 are to be independent of specific authentication mechanism and signature activation protocol to allow maximum flexibility with respect to future solutions and to allow supporting several authentication mechanisms. The proposed part 3 is to take into account: a) potential implementations that require dedicated functional components, owned by the signatory or seal creator, which are for the purposes of ensuring sole control, and b) potential implementations that do not require such dedicated functional components but still ensuring sole control of the signatory or seal creator. The proposed part 3 covers requirements up to the interface to the signatory or seal creator needed for authentication and the interface to the signature creation application for selection, checking and display of data to be signed (e. g. a signature creation application as defined in EN 419111) while requirements on the signature creation application itself are out of scope. It is proposed that part 3 (PP-SAD+SAP) forms the prime reference for server signing that may be certified according to Regulation No 910/2014 including Annex II, and that this part requires components certified according to part 2 (PP TSCM) and EN 419221-5.
Algorithms, Data exchange, Data processing, Data protection, Data security, Data storage protection, Definitions, Documentation, Electronic signatures, Electronic systems, Environment, Evaluations, Information technology, IT security, Profile, Reliability, Safety requirements, Security class, Server, Signatures, Trusted
Idioma Formato

Formato digital

Nota: Precios sin IVA ni gastos de envío

Añadir a la cesta