《ISO-20828-2006.pdf》由会员分享,可在线阅读,更多相关《ISO-20828-2006.pdf(48页珍藏版)》请在三一文库上搜索。
1、 Reference number ISO 20828:2006(E) ISO 2006 INTERNATIONAL STANDARD ISO 20828 First edition 2006-07-01 Road vehicles Security certificate management Vhicules routiers Gestion des certificats de scurit Copyright International Organization for Standardization Provided by IHS under license with ISO Lic
2、ensee=NASA Technical Standards 1/9972545001 Not for Resale, 04/07/2007 22:22:24 MDTNo reproduction or networking permitted without license from IHS -,-,- ISO 20828:2006(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printe
3、d or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liab
4、ility in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is s
5、uitable for use by ISO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below. ISO 2006 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by
6、any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mai
7、l copyrightiso.org Web www.iso.org Published in Switzerland ii ISO 2006 All rights reserved Copyright International Organization for Standardization Provided by IHS under license with ISO Licensee=NASA Technical Standards 1/9972545001 Not for Resale, 04/07/2007 22:22:24 MDTNo reproduction or network
8、ing permitted without license from IHS -,-,- ISO 20828:2006(E) ISO 2006 All rights reserved iii Contents Page Foreword iv Introduction v 1 Scope . 1 2 Normative references. 1 3 Terms and definitions. 2 4 Symbols and abbreviated terms . 3 5 Certificate Management Principles. 4 5.1 Establishment of tr
9、ust 4 5.2 Certificates 7 5.3 Certification authorities 8 5.4 Certificate validity. 10 5.5 Certificate policies 12 5.6 Certificate Paths 17 6 Certificate structure 21 7 Certificate components and extensions. 22 7.1 General. 22 7.2 Certificate version. 22 7.3 Certificate serial number 22 7.4 Certifica
10、te signature algorithm identifier . 22 7.5 Certificate issuer. 22 7.6 Certificate validity. 23 7.7 Certificate subject. 23 7.8 Certificate subject public key 23 7.9 Certificate issuer unique identifier 23 7.10 Certificate subject unique identifier 24 7.11 CA key identifier extension 24 7.12 Certific
11、ate subject key identifier extension . 24 7.13 Extended key usage extension . 24 7.14 Certificate policies extension 24 7.15 Vehicle identification number extension 26 7.16 Path information extension . 26 Annex A (normative) Security Certificate Management ASN.1 module definition 28 Annex B (informa
12、tive) Certificate examples 31 Copyright International Organization for Standardization Provided by IHS under license with ISO Licensee=NASA Technical Standards 1/9972545001 Not for Resale, 04/07/2007 22:22:24 MDTNo reproduction or networking permitted without license from IHS -,-,- ISO 20828:2006(E)
13、 iv ISO 2006 All rights reserved Foreword ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO member bodies). The work of preparing International Standards is normally carried out through ISO technical committees. Each member body inte
14、rested in a subject for which a technical committee has been established has the right to be represented on that committee. International organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnica
15、l Commission (IEC) on all matters of electrotechnical standardization. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of technical committees is to prepare International Standards. Draft International Standards adopted by the t
16、echnical committees are circulated to the member bodies for voting. Publication as an International Standard requires approval by at least 75 % of the member bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. I
17、SO shall not be held responsible for identifying any or all such patent rights. ISO 20828 was prepared by Technical Committee ISO/TC 22, Road vehicles, Subcommittee SC 3, Electrical and electronic equipment. Copyright International Organization for Standardization Provided by IHS under license with
18、ISO Licensee=NASA Technical Standards 1/9972545001 Not for Resale, 04/07/2007 22:22:24 MDTNo reproduction or networking permitted without license from IHS -,-,- ISO 20828:2006(E) ISO 2006 All rights reserved v Introduction Often data transmitted within road vehicles, between road vehicles or from an
19、d to road vehicles have to be protected to guarantee their confidentiality and integrity. Cryptography provides excellent means for this kind of protection. Depending on the protection requirements, different schemes may be used. In some situations it is sufficient to lock a data link involving a sp
20、ecific device, and to unlock it only if a second device has sent the correct key in response to an arbitrary seed. The corresponding security access service is specified in various International Standards and is widely used today. ISO 15764 defines an extended security scheme. It does not just restr
21、ict the access to data, but protects the data when transmitted over the data link. Protection is provided against masquerade, replay, eavesdropping, manipulation and repudiation. Before starting the secured data transmission, the data link must be established as a secured link. ISO 15764 provides tw
22、o methods for this: a) Both devices participating in the data transmission have a pre-established secret cryptographic key. This key is used to establish the secured link and excludes all third parties not having access to it from participating in the secured link. This method is based on symmetric
23、keys and is applicable to devices with a limited processing power and memory. b) The secured link may be established between arbitrary devices, if these devices have a private key and a security certificate for the corresponding public key. This method involves asymmetric cryptography requiring a hi
24、gher amount of processing power and memory at the devices. Public keys are cryptographic keys that are publicly available and are linked to a private key, which is kept secret by the device owning it. There are two ways of using a public/private key pair: a) The device owning the private key may add
25、 an electronic signature to data it sends out. This signature is specific for the data sent out and may only be generated with the private key. Both a different data string to be signed and a different private key would lead to a different signature. Any other device possessing the corresponding pub
26、lic key is able to verify the signature and therefore to confirm that the data string originates from the device owning the private key and has not been altered after being sent out. b) Any device possessing the public key may use it to encrypt data before sending it to the device owning the private
27、 key. As the data can only be decrypted with the aid of the private key, no other device is able to correctly interpret the data sent out. But how does the user of the public key know that it uses the correct one? A malicious third party could send its own public key, pretending it is from a trusted
28、 device, and could hope to get access to the secured data transmissions. For each domain of secured data transmissions, there must be an authority (or several of them) deciding which devices can be trusted. This is called Certification Authority. For the trusted devices, it issues security certifica
29、tes, confirming that the public key is from that device (meaning that the device owns the corresponding private key). The electronic signature of the Certification Authority is attached to the certificate, rendering it unforgeable. As part of the procedure to set up a secured link, the devices invol
30、ved verify the certificates of each other. With the second method specified in ISO 15764, a secured link can be established between devices using the public key of the Certification Authority of each other. But in many cases there are different security domains with different authorities responsible
31、 to establish trusted devices, and secured links must be established between devices of different domains, not knowing the public keys of the Certification Authorities of the other domain. This International Standard specifies how trust between devices from different security domains is established
32、based on security certificates. In this sense it extends the application range of ISO 15764. Copyright International Organization for Standardization Provided by IHS under license with ISO Licensee=NASA Technical Standards 1/9972545001 Not for Resale, 04/07/2007 22:22:24 MDTNo reproduction or networ
33、king permitted without license from IHS -,-,- ISO 20828:2006(E) vi ISO 2006 All rights reserved Key 1 security domain 1 2 security domain 2 3 security domain 3 internal secured links covered by ISO 15764 external secured links covered by ISO 20828 Figure 1 How ISO 20828 extends the application range
34、 of ISO 15764 The focus of this International Standard is on the management of certificates. Various security domains based on certificates have already been defined in various contexts. The task of a security certificate management for road vehicles is to give a framework in which such security dom
35、ains can interact in the sense that secured links can be established from one domain to the other. For instance, there may be specific security domains for different car manufacturers, for public authorities in charge of tachographs or other legislated vehicle components, for telematics service prov
36、iders, authorized dealers and workshops, emergency task forces and fleet operators. The framework should cover all of them. When defining this security framework, the following specific requirements of the road vehicle environment have been considered: There should be no need for an overall infrastr
37、ucture to be shared by all security systems. For instance, it cant be expected that shared databases are installed to which the devices involved have access. It should be possible to easily integrate existing security systems in the various domains without major modifications. The additional securit
38、y framework should not affect the security of each domain. Devices with different security levels are considered. Breaking the security of a device with little protection should not affect the security of other devices. Copyright International Organization for Standardization Provided by IHS under l
39、icense with ISO Licensee=NASA Technical Standards 1/9972545001 Not for Resale, 04/07/2007 22:22:24 MDTNo reproduction or networking permitted without license from IHS -,-,- ISO 20828:2006(E) ISO 2006 All rights reserved vii It should be possible to use the framework even for devices with limited res
40、ources. This means that the provisions requested from the framework should be easy to handle. The special situation of mobile devices with limited and non-permanent access to communication facilities are considered. Copyright International Organization for Standardization Provided by IHS under licen
41、se with ISO Licensee=NASA Technical Standards 1/9972545001 Not for Resale, 04/07/2007 22:22:24 MDTNo reproduction or networking permitted without license from IHS -,-,- Copyright International Organization for Standardization Provided by IHS under license with ISO Licensee=NASA Technical Standards 1
42、/9972545001 Not for Resale, 04/07/2007 22:22:24 MDTNo reproduction or networking permitted without license from IHS -,-,- INTERNATIONAL STANDARD ISO 20828:2006(E) ISO 2006 All rights reserved 1 Road vehicles Security certificate management 1 Scope This International Standard establishes a uniform pr
43、actice for the issuing and management of security certificates for use in Public Key Infrastructure applications. Assuming that all entities, intending to set up a secure data exchange to other entities based on private and public keys, are able to provide their own certificate, the certificate mana
44、gement scheme guarantees that the entities will get all additional information needed to establish trust to other entities, from a single source in a simple and unified format. The certificate management is flexible with respect to the relations between Certification Authorities, not requesting any
45、hierarchical structure. It does not prescribe centralized directories or the like, being accessible by all entities involved. With these properties, the management scheme is optimized for applications in the automotive domain. This International Standard details the role and responsibilities of the
46、Certification Authority relating to certificate issuing and distribution. It specifies how to handle certificate validity and certificate policies. This is the prerequisite for each entity to make sure it can actually trust another entity when intending to exchange data of a specific kind with it. T
47、his International Standard prescribes a Certificate format, which is a special implementation of the well-known X.509 certificate according to ISO/IEC 9594-8. It specifies the structure and use of every certificate component such that it complies with the certificate management established. 2 Normat
48、ive references The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. ISO 3779, Road vehicles Vehicle identification number (VIN) Content and structure ISO 3780, Road vehicles World manufacturer identifier (WMI) code ISO/IEC 8824-1, Information technology Abstract Syntax Notation On