ISO 11568-4:2007 pdf download.Banking -Key management (retail)一Part 4: Asymmetric crypto systems -Key management and life cycle.
This part of ISO 11568 specifies techniques for the protection of symmetric and asymmetric cryptographic keys in a retail financial services environment using asymmetric cryptosystenis and the life cycle management of the associated asymmetric keys. The techniques described In this pall of ISO 11568 enable compliance with the principles described in ISO 11568-1. For the purposes of this document, the retail financial services environment Is restricted to the interlace between:
-a card-accepting device and an acquirer;
-an acquirer and a card issuer:
-an ICC and a card.accepling device.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated references, only the edition ced applies. For undated references, the Latest edition of the referenced document (including any amen&nents) applies.
ISO 9564-1, Banking — Personal Identification Number (PIN) management and security— Part 1: Basic principles and reqwremenls for online PIN handling in ATM and POS systems
lSO1EC 9796-2:2002, Information technology — Security techniques — Digital signature schemes giving message recovery — Part 2: Integer factonzatson based mechanisms
ISO1IEC 10116:1997. Information technology — Security techniques — Modes of operation lot an n-bit block
C— ISOI1EC 10118 (all parts). Information technology — Security techniques — Hash functions
ISO 11568-1, Banking — Key management (retail) — Part 1: Principles
ISO 11588-2. Banking — Key management (retail) — Part 2: Symmetric ciphers, their key management and life cycle
ISOIEC 11 7703. Information technology — Security techrt.iques — Key management — Pan 3: Mechanisms using asymmetric techniques
ISO 13491-1, Banking — Secure cryptographic devices (retail) — Part 1: Concepts, requirements and evaluation methods
-a card-accepting device and an acquirer;
-an acquirer and a card issuer:
-an ICC and a card.accepling device.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated references, only the edition ced applies. For undated references, the Latest edition of the referenced document (including any amen&nents) applies.
ISO 9564-1, Banking — Personal Identification Number (PIN) management and security— Part 1: Basic principles and reqwremenls for online PIN handling in ATM and POS systems
lSO1EC 9796-2:2002, Information technology — Security techniques — Digital signature schemes giving message recovery — Part 2: Integer factonzatson based mechanisms
ISO1IEC 10116:1997. Information technology — Security techniques — Modes of operation lot an n-bit block
C— ISOI1EC 10118 (all parts). Information technology — Security techniques — Hash functions
ISO 11568-1, Banking — Key management (retail) — Part 1: Principles
ISO 11588-2. Banking — Key management (retail) — Part 2: Symmetric ciphers, their key management and life cycle
ISOIEC 11 7703. Information technology — Security techrt.iques — Key management — Pan 3: Mechanisms using asymmetric techniques
ISO 13491-1, Banking — Secure cryptographic devices (retail) — Part 1: Concepts, requirements and evaluation methods
ISO 13491-2, Banking — Secure cryptographic devices (retail) — Part 2: Security compliance checklists for devices used in financial transactions.
