《BS-ISO-20828-2006.pdf》由会员分享,可在线阅读,更多相关《BS-ISO-20828-2006.pdf(50页珍藏版)》请在三一文库上搜索。
1、BRITISH STANDARD BS ISO 20828:2006 Road vehicles Security certificate management ICS 43.020 ? Licensed Copy: sheffieldun sheffieldun, na, Sun Nov 26 14:25:08 GMT+00:00 2006, Uncontrolled Copy, (c) BSI BS ISO 20828:2006 This British Standard was published under the authority of the Standards Policy a
2、nd Strategy Committee on 31 July 2006 BSI 2006 ISBN 0 580 48910 8 National foreword This British Standard reproduces verbatim ISO 20828:2006 and implements it as the UK national standard. The UK participation in its preparation was entrusted to Technical Committee AUE/16, Electrical and electronic e
3、quipment, which has the responsibility to: A list of organizations represented on this committee can be obtained on request to its secretary. Cross-references The British Standards which implement international publications referred to in this document may be found in the BSI Catalogue under the sec
4、tion entitled “International Standards Correspondence Index”, or by using the “Search” facility of the BSI Electronic Catalogue or of British Standards Online. This publication does not purport to include all the necessary provisions of a contract. Users are responsible for its correct application.
5、Compliance with a British Standard does not of itself confer immunity from legal obligations. aid enquirers to understand the text; present to the responsible international/European committee any enquiries on the interpretation, or proposals for change, and keep UK interests informed; monitor relate
6、d international and European developments and promulgate them in the UK. Summary of pages This document comprises a front cover, an inside front cover, the ISO title page, pages ii to vii, pages 1 to 38, an inside back cover and a back cover. The BSI copyright notice displayed in this document indic
7、ates when the document was last issued. Amendments issued since publication Amd. No. DateComments Licensed Copy: sheffieldun sheffieldun, na, Sun Nov 26 14:25:08 GMT+00:00 2006, Uncontrolled Copy, (c) BSI Reference number ISO 20828:2006(E) INTERNATIONAL STANDARD ISO 20828 First edition 2006-07-01 Ro
8、ad vehicles Security certificate management Vhicules routiers Gestion des certificats de scurit BS ISO 20828:2006 Licensed Copy: sheffieldun sheffieldun, na, Sun Nov 26 14:25:08 GMT+00:00 2006, Uncontrolled Copy, (c) BSI ii Licensed Copy: sheffieldun sheffieldun, na, Sun Nov 26 14:25:08 GMT+00:00 20
9、06, Uncontrolled Copy, (c) BSI iii Contents Page Foreword iv Introduction v 1 Scope . 1 2 Normative references. 1 3 Terms and definitions. 2 4 Symbols and abbreviated terms . 3 5 Certificate Management Principles. 4 5.1 Establishment of trust 4 5.2 Certificates 7 5.3 Certification authorities 8 5.4
10、Certificate validity. 10 5.5 Certificate policies 12 5.6 Certificate Paths 17 6 Certificate structure 21 7 Certificate components and extensions. 22 7.1 General. 22 7.2 Certificate version. 22 7.3 Certificate serial number 22 7.4 Certificate signature algorithm identifier . 22 7.5 Certificate issuer
11、. 22 7.6 Certificate validity. 23 7.7 Certificate subject. 23 7.8 Certificate subject public key 23 7.9 Certificate issuer unique identifier 23 7.10 Certificate subject unique identifier 24 7.11 CA key identifier extension 24 7.12 Certificate subject key identifier extension . 24 7.13 Extended key u
12、sage extension . 24 7.14 Certificate policies extension 24 7.15 Vehicle identification number extension 26 7.16 Path information extension . 26 Annex A (normative) Security Certificate Management ASN.1 module definition 28 Annex B (informative) Certificate examples 31 BS ISO 20828:2006 Licensed Copy
13、: sheffieldun sheffieldun, na, Sun Nov 26 14:25:08 GMT+00:00 2006, Uncontrolled Copy, (c) BSI iv Foreword ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO member bodies). The work of preparing International Standards is normally car
14、ried out through ISO technical committees. Each member body interested in a subject for which a technical committee has been established has the right to be represented on that committee. International organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
15、 ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of technical committees is to prepare Interna
16、tional Standards. Draft International Standards adopted by the technical committees are circulated to the member bodies for voting. Publication as an International Standard requires approval by at least 75 % of the member bodies casting a vote. Attention is drawn to the possibility that some of the
17、elements of this document may be the subject of patent rights. ISO shall not be held responsible for identifying any or all such patent rights. ISO 20828 was prepared by Technical Committee ISO/TC 22, Road vehicles, Subcommittee SC 3, Electrical and electronic equipment. BS ISO 20828:2006 Licensed C
18、opy: sheffieldun sheffieldun, na, Sun Nov 26 14:25:08 GMT+00:00 2006, Uncontrolled Copy, (c) BSI v Introduction Often data transmitted within road vehicles, between road vehicles or from and to road vehicles have to be protected to guarantee their confidentiality and integrity. Cryptography provides
19、 excellent means for this kind of protection. Depending on the protection requirements, different schemes may be used. In some situations it is sufficient to lock a data link involving a specific device, and to unlock it only if a second device has sent the correct key in response to an arbitrary se
20、ed. The corresponding security access service is specified in various International Standards and is widely used today. ISO 15764 defines an extended security scheme. It does not just restrict the access to data, but protects the data when transmitted over the data link. Protection is provided again
21、st masquerade, replay, eavesdropping, manipulation and repudiation. Before starting the secured data transmission, the data link must be established as a secured link. ISO 15764 provides two methods for this: a) Both devices participating in the data transmission have a pre-established secret crypto
22、graphic key. This key is used to establish the secured link and excludes all third parties not having access to it from participating in the secured link. This method is based on symmetric keys and is applicable to devices with a limited processing power and memory. b) The secured link may be establ
23、ished between arbitrary devices, if these devices have a private key and a security certificate for the corresponding public key. This method involves asymmetric cryptography requiring a higher amount of processing power and memory at the devices. Public keys are cryptographic keys that are publicly
24、 available and are linked to a private key, which is kept secret by the device owning it. There are two ways of using a public/private key pair: a) The device owning the private key may add an electronic signature to data it sends out. This signature is specific for the data sent out and may only be
25、 generated with the private key. Both a different data string to be signed and a different private key would lead to a different signature. Any other device possessing the corresponding public key is able to verify the signature and therefore to confirm that the data string originates from the devic
26、e owning the private key and has not been altered after being sent out. b) Any device possessing the public key may use it to encrypt data before sending it to the device owning the private key. As the data can only be decrypted with the aid of the private key, no other device is able to correctly i
27、nterpret the data sent out. But how does the user of the public key know that it uses the correct one? A malicious third party could send its own public key, pretending it is from a trusted device, and could hope to get access to the secured data transmissions. For each domain of secured data transm
28、issions, there must be an authority (or several of them) deciding which devices can be trusted. This is called Certification Authority. For the trusted devices, it issues security certificates, confirming that the public key is from that device (meaning that the device owns the corresponding private
29、 key). The electronic signature of the Certification Authority is attached to the certificate, rendering it unforgeable. As part of the procedure to set up a secured link, the devices involved verify the certificates of each other. With the second method specified in ISO 15764, a secured link can be
30、 established between devices using the public key of the Certification Authority of each other. But in many cases there are different security domains with different authorities responsible to establish trusted devices, and secured links must be established between devices of different domains, not
31、knowing the public keys of the Certification Authorities of the other domain. This International Standard specifies how trust between devices from different security domains is established based on security certificates. In this sense it extends the application range of ISO 15764. BS ISO 20828:2006
32、Licensed Copy: sheffieldun sheffieldun, na, Sun Nov 26 14:25:08 GMT+00:00 2006, Uncontrolled Copy, (c) BSI vi Key 1 security domain 1 2 security domain 2 3 security domain 3 internal secured links covered by ISO 15764 external secured links covered by ISO 20828 Figure 1 How ISO 20828 extends the app
33、lication range of ISO 15764 The focus of this International Standard is on the management of certificates. Various security domains based on certificates have already been defined in various contexts. The task of a security certificate management for road vehicles is to give a framework in which suc
34、h security domains can interact in the sense that secured links can be established from one domain to the other. For instance, there may be specific security domains for different car manufacturers, for public authorities in charge of tachographs or other legislated vehicle components, for telematic
35、s service providers, authorized dealers and workshops, emergency task forces and fleet operators. The framework should cover all of them. When defining this security framework, the following specific requirements of the road vehicle environment have been considered: There should be no need for an ov
36、erall infrastructure to be shared by all security systems. For instance, it cant be expected that shared databases are installed to which the devices involved have access. It should be possible to easily integrate existing security systems in the various domains without major modifications. The addi
37、tional security framework should not affect the security of each domain. Devices with different security levels are considered. Breaking the security of a device with little protection should not affect the security of other devices. BS ISO 20828:2006 Licensed Copy: sheffieldun sheffieldun, na, Sun
38、Nov 26 14:25:08 GMT+00:00 2006, Uncontrolled Copy, (c) BSI vii It should be possible to use the framework even for devices with limited resources. This means that the provisions requested from the framework should be easy to handle. The special situation of mobile devices with limited and non-perman
39、ent access to communication facilities are considered. BS ISO 20828:2006 Licensed Copy: sheffieldun sheffieldun, na, Sun Nov 26 14:25:08 GMT+00:00 2006, Uncontrolled Copy, (c) BSI blank Licensed Copy: sheffieldun sheffieldun, na, Sun Nov 26 14:25:08 GMT+00:00 2006, Uncontrolled Copy, (c) BSI 1 Road
40、vehicles Security certificate management 1 Scope This International Standard establishes a uniform practice for the issuing and management of security certificates for use in Public Key Infrastructure applications. Assuming that all entities, intending to set up a secure data exchange to other entit
41、ies based on private and public keys, are able to provide their own certificate, the certificate management scheme guarantees that the entities will get all additional information needed to establish trust to other entities, from a single source in a simple and unified format. The certificate manage
42、ment is flexible with respect to the relations between Certification Authorities, not requesting any hierarchical structure. It does not prescribe centralized directories or the like, being accessible by all entities involved. With these properties, the management scheme is optimized for application
43、s in the automotive domain. This International Standard details the role and responsibilities of the Certification Authority relating to certificate issuing and distribution. It specifies how to handle certificate validity and certificate policies. This is the prerequisite for each entity to make su
44、re it can actually trust another entity when intending to exchange data of a specific kind with it. This International Standard prescribes a Certificate format, which is a special implementation of the well-known X.509 certificate according to ISO/IEC 9594-8. It specifies the structure and use of ev
45、ery certificate component such that it complies with the certificate management established. 2 Normative references The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edit
46、ion of the referenced document (including any amendments) applies. ISO 3779, Road vehicles Vehicle identification number (VIN) Content and structure ISO 3780, Road vehicles World manufacturer identifier (WMI) code ISO/IEC 8824-1, Information technology Abstract Syntax Notation One (ASN.1) Part 1: Sp
47、ecification of basic notation ISO/IEC 8824-2, Information technology Abstract Syntax Notation One (ASN.1) Part 2: Information object specification ISO/IEC 8824-3, Information technology Abstract Syntax Notation One (ASN.1) Part 3: Constraint specification ISO/IEC 9594-2, Information technology Open
48、Systems Interconnection Part 2:The Directory: Models ISO/IEC 9594-8, Information technology Open Systems Interconnection Part 8: The Directory: Public- key and attribute certificate frameworks ISO/IEC 15408-3, Information technology Security techniques Evaluation criteria for IT security Part 3: Sec
49、urity assurance requirements BS ISO 20828:2006 Licensed Copy: sheffieldun sheffieldun, na, Sun Nov 26 14:25:08 GMT+00:00 2006, Uncontrolled Copy, (c) BSI 2 ISO 15764, Road vehicles Extended data link security IETF RFC 3279, Algorithms and Identifiers for the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, R. Housley, W. Polk, W. Ford, D. Solo, April 2002 IETF RFC 3280, Internet X.509 Public Key Infrastructur