CEN TS 16439-2013 Electronic fee collection - Security framework《电子收费 安全框架》.pdf
《CEN TS 16439-2013 Electronic fee collection - Security framework《电子收费 安全框架》.pdf》由会员分享,可在线阅读,更多相关《CEN TS 16439-2013 Electronic fee collection - Security framework《电子收费 安全框架》.pdf(146页珍藏版)》请在麦多课文档分享上搜索。
1、raising standards worldwideNO COPYING WITHOUT BSI PERMISSION EXCEPT AS PERMITTED BY COPYRIGHT LAWBSI Standards PublicationPD CEN/TS 16439:2013Electronic fee collection Security frameworkCopyright European Committee for Standardization Provided by IHS under license with CENNot for ResaleNo reproducti
2、on or networking permitted without license from IHS-,-,-PD CEN/TS 16439:2013 PUBLISHED DOCUMENTNational forewordThis Published Document is the UK implementation ofCEN/TS 16439:2013.The UK participation in its preparation was entrusted to TechnicalCommittee EPL/278, Road transport informatics.A list
3、of organizations represented on this committee can beobtained on request to its secretary.This publication does not purport to include all the necessaryprovisions of a contract. Users are responsible for its correctapplication. The British Standards Institution 2013.Published by BSI Standards Limite
4、d 2013 ISBN 978 0 580 78694 5 ICS 35.240.60 Compliance with a British Standard cannot confer immunity fromlegal obligations.This Published Document was published under the authority of theStandards Policy and Strategy Committee on 28 February 2013. Amendments issued since publicationDate T e x t a f
5、 f e c t e dCopyright European Committee for Standardization Provided by IHS under license with CENNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-PD CEN/TS 16439:2013TECHNICAL SPECIFICATION SPCIFICATION TECHNIQUE TECHNISCHE SPEZIFIKATION CEN/TS 16439 January 2013
6、ICS 35.240.60 English Version Electronic fee collection - Security framework Perception de tlpage - Cadre de scurit Elektronische Gebhrenerhebung - Sicherheitsgrundstruktur This Technical Specification (CEN/TS) was approved by CEN on 27 August 2012 for provisional application. The period of validity
7、 of this CEN/TS is limited initially to three years. After two years the members of CEN will be requested to submit their comments, particularly on the question whether the CEN/TS can be converted into a European Standard. CEN members are required to announce the existence of this CEN/TS in the same
8、 way as for an EN and to make the CEN/TS available promptly at national level in an appropriate form. It is permissible to keep conflicting national standards in force (in parallel to the CEN/TS) until the final decision about the possible conversion of the CEN/TS into an EN is reached. CEN members
9、are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal,
10、Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom. EUROPEAN COMMITTEE FOR STANDARDIZATION COMIT EUROPEN DE NORMALISATION EUROPISCHES KOMITEE FR NORMUNG Management Centre: Avenue Marnix 17, B-1000 Brussels 2013 CEN All rights of exploitation in any form and by any mea
11、ns reserved worldwide for CEN national Members. Ref. No. CEN/TS 16439:2013: ECopyright European Committee for Standardization Provided by IHS under license with CENNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-PD CEN/TS 16439:2013CEN/TS 16439:2013 (E) 2 Contents
12、Page Foreword . 6 0 Introduction 7 0.1 Readers guide . 7 0.2 EFC role model . 8 0.3 Relation to other security standards . 9 1 Scope 11 1.1 EFC specific scope 11 1.2 Scope in relation to other security frameworks 14 2 Normative references . 15 3 Terms and definitions 16 4 Symbols and abbreviations .
13、 22 5 Trust model 24 5.1 Introduction 24 5.2 Stakeholders trust relations 24 5.3 Technical trust model 25 5.3.1 General . 25 5.3.2 Trust model for TC and TSP relations . 25 5.3.3 Trust model for TSP and User relations 27 5.3.4 Trust model for Interoperability Management relations . 27 5.4 Implementa
14、tion . 27 5.4.1 Setup of trust relations 27 5.4.2 Trust relation renewing and revocation 27 5.4.3 Issuing and revocation of sub CA and entity certificates 28 5.4.4 Certificate and Certificate Revocation List profile and format . 28 5.4.5 Certificate extensions 28 6 Security requirements 29 6.1 Intro
15、duction 29 6.2 Information Security Management System . 29 6.3 Communication interfaces . 30 6.3.1 General . 30 6.3.2 Generic interface requirements . 31 6.3.3 DSRC profile . 31 6.3.4 TC to TSP profile 32 6.3.5 Communication provider profile 32 6.4 Data storages . 33 6.4.1 General . 33 6.4.2 OBE dat
16、a storages . 33 6.4.3 RSE data storages 33 6.4.4 Back End data storage . 34 6.5 Toll Charger 34 6.6 Toll Service Provider 35 6.7 User. 37 6.8 Interoperability Management . 38 6.9 Limitation of requirements 38 7 Security measures - countermeasures . 38 7.1 Introduction 38 7.2 General security measure
17、s 39 7.3 Communication interfaces security measures . 39 Copyright European Committee for Standardization Provided by IHS under license with CENNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-PD CEN/TS 16439:2013CEN/TS 16439:2013 (E) 3 7.3.1 General . 39 7.3.2 DSRC
18、-EFC interface . 39 7.3.3 CCC interface . 40 7.3.4 LAC interface 40 7.3.5 Front End to TSP Back End interface 41 7.3.6 TC to TSP interface 41 7.4 End-to-end security measures . 41 7.5 Toll Service Provider security measures 43 7.5.1 Front End security measures. 43 7.5.2 Back End security measures .
19、43 7.6 Toll Charger security measures. 44 7.6.1 RSE security measures 44 7.6.2 Back End security measures . 44 7.6.3 Other TC security measures 44 8 Security specifications for interoperable interface implementation 45 8.1 General . 45 8.1.1 Subject 45 8.1.2 Signature and hash algorithms . 45 8.1.3
20、MAC algorithm 45 8.1.4 MAC key derivation 46 8.1.5 Key encryption algorithm. 46 8.1.6 Padding algorithm 46 8.2 Security specifications for DSRC-EFC 46 8.2.1 Subject 46 8.2.2 OBE . 46 8.2.3 RSE . 47 8.3 Security specifications for CCC. 47 8.3.1 Subject 47 8.3.2 OBE . 47 8.3.3 RSE . 47 8.4 Security sp
21、ecifications for LAC . 47 8.4.1 Subject 47 8.4.2 OBE . 47 8.4.3 RSE . 47 8.5 Security specifications for Front End to TSP interface 48 8.5.1 General . 48 8.5.2 ChargeReport message authentication . 48 8.6 Security specifications for TC to TSP interface 49 8.6.1 General . 49 8.6.2 Secure communicatio
22、n channel 49 8.6.3 Message authentication . 49 8.6.4 Proof of message delivery . 51 8.6.5 TSP ChargeReport authentication . 51 9 Key management 52 9.1 Introduction 52 9.2 Asymmetric keys 52 9.2.1 Key exchange between stakeholders 52 9.2.2 Key generation and certification 52 9.2.3 Protection of Keys
23、53 9.2.4 Application 53 9.3 Symmetric keys 53 9.3.1 Introduction 53 9.3.2 Key exchange between stakeholders 53 9.3.3 Key lifecycle . 54 9.3.4 Key storage and protection . 56 9.3.5 Session keys 57 Annex A (normative) Data type specification. 58 Annex B (normative) Implementation Conformance Statement
24、 (ICS) proforma 62 Copyright European Committee for Standardization Provided by IHS under license with CENNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-PD CEN/TS 16439:2013CEN/TS 16439:2013 (E) 4 B.1 Guidance for completing the ICS proforma 62 B.1.1 Purposes and
- 1.请仔细阅读文档,确保文档完整性,对于不预览、不比对内容而直接下载带来的问题本站不予受理。
- 2.下载的文档,不会出现我们的网址水印。
- 3、该文档所得收入(下载+内容+预览)归上传者、原创作者;如果您是本文档原作者,请点此认领!既往收益都归您。
下载文档到电脑,查找使用更方便
10000 积分 0人已下载
下载 | 加入VIP,交流精品资源 |
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- CENTS164392013ELECTRONICFEECOLLECTIONSECURITYFRAMEWORK 电子 收费 安全 框架 PDF

链接地址:http://www.mydoc123.com/p-592645.html