관심표준 등록 : 표준업데이트 시 알림을 받을 수 있습니다.
PDF : 직접 파일 다운로드 및 인쇄 (마이페이지 확인)
PRINT : 인쇄본 우편발송, 2~3일 소요(PDF파일 미제공)
표준
판매
Information technology - Security techniques - Testing cryptographic modules in their operational environment
| 분야 | ISO/IEC JTC 1/SC 27 : Information security, cybersecurity and privacy protection |
|---|---|
| 적용범위 | This document provides recommendations and checklists which can be used to support the specification and operational testing of cryptographic modules in their operational environment within an organization's security system. The cryptographic modules have four security levels which ISO/IEC 19790 defines to provide for a wide spectrum of data sensitivity (e.g. low-value administrative data, million-dollar funds transfers, life-protecting data, personal identity information, and sensitive information used by government) and a diversity of application environments (e.g. a guarded facility, an office, removable media, and a completely unprotected location). This document includes: a) recommendations to perform secure assessing for cryptographic module installation, configuration and operation; b) recommendations to inspecting the key management system, protection of authentication credentials, and public and critical security parameters in the operational environment; c) recommendations for identifying cryptographic module vulnerabilities; d) checklists for the cryptographic algorithm policy, security guidance and regulation, security manage requirements, security level for each of the 11 requirement areas, the strength of the security function, etc.; and e) recommendations to determine that the cryptographic module's deployment satisfies the security requirements of the organization. This document assumes that the cryptographic module has been validated as conformant with ISO/IEC 19790. It can be used by an operational tester along with other recommendations if needed. This document is limited to the security related to the cryptographic module. It does not include assessing the security of the operational or application environment. It does not define techniques for the identification, assessment and acceptance of the organization's operational risk. The organization's accreditation, deployment and operation processes, shown in Figure 1, is not included to the scope of this document. This document addresses operational testers who perform the operational testing for the cryptographic modules in their operational environment authorizing officials of cryptographic modules. |
| 국제분류(ICS)코드 | 35.030 : IT 보안 |
| 페이지수 | 39 |
| Edition | 1.0 |
| No. | 표준번호 | 표준명 | 발행일 | 상태 |
|---|---|---|---|---|
| 1 | ISO/IEC TS 20540:2018 | Information technology - Security techniques - Testing cryptographic modules in their operational environment | 2018-05-18 | 표준 |
| 2 | ISO/IEC TS 20540:2018 | Information technology — Security techniques — Testing cryptographic modules in their operational environment | 2018-05-18 | 표준 |
관련상품이 존재하지 않습니다.
함께 구입한 상품이 존재하지 않습니다.
IEC TS 63134:2020 - Active assisted living (AAL) use cases 상세보기
IEC 60034-5:2020 RLV - Rotating electrical machines - Part 5: Degrees of protection provided by the integral design of rotating electrical machines (IP code) - Classification 상세보기
KS B ISO TS 25740-1 - 에스컬레이터 및 무빙워크에 대한 안전요건 — 제1부: 세계공통 필수 안전요건(GESRs) 상세보기
KS B ISO TS 8100-21 - 승객 및 화물 운송용 엘리베이터 —제21부: 세계공통 필수안전요건(GESRs)을 충족하는 세계공통 안전 파라미터(GSPs) 상세보기
KS C IEC TS 62872 - 산업 시설과 스마트 그리드 사이의 산업 공정 측정, 제어 및 자동화 시스템 인터페이스 상세보기
KS표준
핸드북
