GB/T 27909.1-2011 English PDFUS$439.00 · In stock
Delivery: <= 4 days. True-PDF full-copy in English will be manually translated and delivered via email. GB/T 27909.1-2011: Banking -- Key management (retail) -- Part 1: Principles Status: Valid
Basic dataStandard ID: GB/T 27909.1-2011 (GB/T27909.1-2011)Description (Translated English): Banking -- Key management (retail) -- Part 1: Principles Sector / Industry: National Standard (Recommended) Classification of Chinese Standard: A11 Classification of International Standard: 35.240.40 Word Count Estimation: 19,179 Date of Issue: 2011-12-30 Date of Implementation: 2012-02-01 Quoted Standard: GB/T 20547.2-2006; GB/T 27909.2; GB/T 27909.4 Adopted Standard: ISO 11568-1-2005, MOD Regulation (derived from): Announcement of Newly Approved National Standards No. 23 of 2011 Issuing agency(ies): General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China Summary: This standard provides retail financial services environment in the implementation of the cryptographic system should follow the key management principles. This part of the retail financial services environment refers to the interface between the following entities: card acceptance device and acquirers, acquirers and card issuer, integrated circuit card (ICC) and card acceptance devices. Appendix A describes an example of the environment, Appendix B describes the implementation of this part of the time by the related threats. This section can be applied to both symmetric key cryptography and asymmetric crypto system private key and public key. In symmetric cryptography, the sender and recipient use the same key. Cryptographic algorithms for key management password management department should be consistent with the relevant national regulations. Involving the use of passwords in addition to the key, but usually also involves control information, for example, initializing the A, key identifier. This information is referred to as: " the key elements. " Although this section is devoted to describe the key management, but its principles, services and technologies are also applicable to the key elements. This section applies to financial institutions and other retail financial services organizations. In these areas the city, information exchange requires confidentiality, integrity or authenticity. Retail financial services include, but are not limited to, such as POS lending mandate in mind, vending machines and automatic teller machines (ATM) transactions and other services. In the ISO 9564 and ISO 16609 standards, respectively, describe the retail financial transactions Personal Identification Number (PIN) encryption and message authentication in use when cryptographic operations. GB/T 27909 also apply to the introduction of these standards and key management. Moreover, the key management process itself also requires the introduction of a key deeper level, for example, the key GB/T 27909.1-2011: Banking -- Key management (retail) -- Part 1: Principles---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.. Banking Key management (retail) Part 1. Principles ICS 35.240.40 A11 National Standards of People's Republic of China Banking - Key management (retail) Part 1. General principles Banking-Keymanagement (retail) - Part 1. Principles (ISO 11568-1.2005, MOD) Issued on. 2011-12-30 2012-02-01 implementation Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China Standardization Administration of China released Table of ContentsIntroduction Ⅲ Introduction Ⅳ 1 Scope 1 2 Normative references 1 3 Terms and definitions 4 Key Management 3 4.1 Safety Goal 3 4.2 Security Level 3 4.3 Key Management Goal 3 5 Key Management Principles 3 Cryptography 4 6 6.1 Summary 4 6.2 Cryptography 4 6.3 asymmetric cryptosystem 4 6.4 asymmetric cryptosystem 4 6.5 Other cryptosystem 5 Physical security environment 5 7 password 7.1 Physical Security Considerations 5 7.2 security cryptographic device 5 7.3 Physical security environment 5 8 Security Considerations 6 8.1 secret key/private key password environment 6 8.2 public-key cryptographic environment 6 8.3 to prevent counterfeiting device 6 9 cryptography key management services 6 9.1 Overview 6 9.2 key separation 6 9.3 prevents the replacement of 6 9.4 Recognition 6 9.5 Synchronization (availability) 6 Integrity 9.6 6 7 9.7 Confidentiality 9.8 Leak Detection 7 10 key lifetime 7 10.1 Summary 7 10.2 General requirements for key lifecycle of 7 10.3 Additional requirements asymmetric cryptosystem 8 Examples Appendix A (informative) retail financial services environment 9 Annex B (informative) retail financial services environment threats Example 10 Reference 12ForewordGB/T 27909 "Banking - Key management (retail)" is divided into the following sections. --- Part 1. General principles; --- Part 2. Symmetric ciphers and key management and life cycle; --- Part 3. asymmetric cryptography and key management and life cycle. This part of GB/T 27909 Part 1. This section drafted in accordance with GB/T 1.1-2009 given rules. The partial modification of international standard ISO 11568-1.2005 "Banking - Key management (retail) - Part 1. General principles" (In English). When adopting ISO 11568-1 made the following changes. Remove the "ISO 11568-1 Annex A cryptographic algorithm approval process" described in Chapter 1, the key management for cryptographic algorithms should Comply with the relevant provisions of the state password administration. This section also made the following editorial changes. a) Normative references to international standards documents referenced, corresponding to the national standard references to the national standards; b) Delete ISO foreword. This section proposed by the People's Bank of China. This part of the National Standardization Technical Committee on Finance (SAC/TC180) centralized. This section is responsible for drafting units. China Financial Computerization Corporation. Participated in the drafting of this section. People's Bank of China, Industrial and Commercial Bank of China, Agricultural Bank of China, Bank of China, Bank of Communications, China Everbright Bank of China Unionpay. The main drafters of this section. Wang Ping baby, Lushu Chun, Li Shuguang, Zhao Zhilan, Zhouyi Peng, Zhao Hongxin, Cheng Guan, Liu Yao, Yu Guodong, Yangzeng Yu, Huang Faguo.IntroductionGB/T 27909 describes in retail financial services environment key safety management processes, such as the keys used to protect the acquirer Between the parties and the acceptance packet acquirer and card issuer between. This section describes the retail financial services sector in the applicable key management requirements, a typical type of service have sales/service points (POS) and ATM authorize borrowing record (ATM) transactions. Key management is authorized to provide the key to the communicating parties, and before the key is destroyed, so the key is under continuous process control security process. Data security depends on preventing leakage of keys and unauthorized modifications, substitutions, insertions or termination, therefore, it relates to key management Key generation, storage, distribution, use and destruction of each program. Through standardization of these procedures, but also for the development of audit trail norms laid The foundation. This section does not provide the same key distinction between an entity approach. Final Rule requires key management process by the communication related parties Negotiated decisions and should agree on the identity of the individual and their responsibilities, communication parties to this rule bear the corresponding responsibilities. GB/T 27909 Ben Body does not relate to the allocation of individual responsibility, which is a key management implementations need to be considered. Banking - Key management (retail) Part 1. General principles1 ScopeThis section sets out the key principles of password management system in the retail financial services environment implementation should follow. This part of the retail financial It means a service environment interfaces between entities. --- Card acceptance device and the acquirer; --- Acquirer and card issuer; --- Integrated Circuit Card (ICC) and the card acceptance between devices. Appendix A shows an example of the environment, Appendix B describes the implementation of this part of the subject-related threats. This section can also apply to the symmetric key cryptography and asymmetric cryptographic system of private and public keys. In symmetric cryptosystems , The sender and recipient use the same key. Cryptographic algorithms used for key management should comply with the relevant provisions of the state password administration. In addition to involving the use of a password key, and often it involves control information, e.g., as an initialization vector key identifier. The information referred to The "key element." Although this section specifically describes the key management, but it is the principle of service and technology is also applicable to the key elements. This section applies to financial institutions and other organizations in the field of retail financial services. In these areas, the exchange of information requires confidentiality , Completeness or authenticity. Retail Financial Services, including but not limited to POS lending remember authorization, such as vending machines and automated teller machines (ATM) transactions and other services. In ISO 9564 and ISO 16609 standards, describe the retail financial transactions a personal identification number (PIN) encryption as well as in the newspaper Message authentication password used by the operation. GB/T 27909 also apply to the management of these standards introduced key. In addition, key management Processing procedure itself requires the introduction of a deeper level of key, e.g., key-encrypting key. Key management process is equally applicable to these keys.2 Normative referencesThe following documents for the application of this document is essential. For dated references, only the dated version suitable for use herein Member. For undated references, the latest edition (including any amendments) applies to this document. GB/T 20547.2-2006 Banking Secure cryptographic devices (retail) - Part 2. financial transactions comply with safety equipment Detection list (ISO 13491-2.2005, MOD) GB/T 27909.2 Banking - Key management (retail) - Part 2. Symmetric ciphers and key management and life cycle (ISO 11568-2.2005, MOD) GB/T 27909.4 Banking - Key management (retail) - Part 4. asymmetric cryptography and key management and life cycle Period (ISO 11568-4.2007, MOD)3 Terms and DefinitionsThe following terms and definitions apply to this document. 3.1 Asymmetric key pair asymmetrickeypair Generated and used in a public key cryptosystem public key and its associated private key. ......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 27909.1-2011_English be delivered?Answer: Upon your order, we will start to translate GB/T 27909.1-2011_English as soon as possible, and keep you informed of the progress. The lead time is typically 2 ~ 4 working days. The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of GB/T 27909.1-2011_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 27909.1-2011_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay. |
