Customer Support: 131 242

i2i Intertek.com
  • Shopping Cart
    There are no items in your cart
We noticed you’re not on the correct regional site. Switch to our AMERICAS site for the best experience.
Go to AMERICAS site
Dismiss alert
Please enter a keyword to search
Advanced search
Home
Publishers
BSI
BS ISO/IEC 19286:2018

BS ISO/IEC 19286:2018

Current

Current

The latest, up-to-date edition.

Identification cards. Integrated circuit cards. Privacy-enhancing protocols and services

Available format(s)

Hardcopy , PDF

Language(s)

English

Published date

29-01-2018

Publisher

British Standards Institution

$669.38
Including GST where applicable
AUD
CAD
CHF
CNY
DKK
EUR
GBP
HKD
IDR
INR
JPY
KRW
MXN
NOK
NZD
SEK
SGD
USD
ZAR
Hardcopy - English
PDF - English
01
02
03
04
05
06
07
08
09
10

Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviated terms and notations
5 General privacy principles
6 Privacy architecture
7 Privacy-enhancing protocols
Annex A (informative) - Use cases
Annex B (informative) - Privacy Impact Assessment (PIA)
        guidance for electronic identification,
        authentication and trust services
Bibliography

Pertains to normalize privacy-enhancing protocols and services by - using the mechanisms from parts of ISO/IEC 7816 and parts of ISO/IEC 18328 that contribute to security and privacy, - providing discoverability means of privacy-enabling attributes, - defining requirements for attribute-based credential handling, and - identifying data objects and commands for ICCs.

Committee
IST/17
DevelopmentNote
Supersedes 17/30318701 DC. (02/2018)
DocumentType
Standard
Pages
86
PublisherName
British Standards Institution
Status
Current

This document aims to normalize privacy-enhancing protocols and services by

  • using the mechanisms from parts of ISO/IEC 7816 and parts of ISO/IEC 18328 that contribute to security and privacy,

  • providing discoverability means of privacy-enabling attributes,

  • defining requirements for attribute-based credential handling, and

  • identifying data objects and commands for ICCs.

Existing privacy-enhancing protocols available in a generic context are adopted for distributed systems including ICCs. Additionally, existing authentication protocols between an ICC and an external device used for establishing a secure channel are enhanced with privacy protection. Secure communication between an ICC and an on-card device is also considered.

All the protocols and services described in this document contribute to privacy. Annex B describes an example of privacy impact assessments of respective systems.

Standards Relationship
ISO/IEC 19286:2018 Identical

ISO/IEC 20008-2:2013 Information technology — Security techniques — Anonymous digital signatures — Part 2: Mechanisms using a group public key
ISO/IEC 18013-3:2017 Information technology — Personal identification — ISO-compliant driving licence — Part 3: Access control, authentication and integrity validation
ISO/IEC 7816-8:2016 Identification cards Integrated circuit cards Part 8: Commands and mechanisms for security operations
ISO/IEC 7816-9:2004 Identification cards Integrated circuit cards Part 9: Commands for card management
ISO/IEC 24760-1:2011 Information technology Security techniques A framework for identity management Part 1: Terminology and concepts
ISO/IEC 29191:2012 Information technology — Security techniques — Requirements for partially anonymous, partially unlinkable authentication.
ISO/IEC 29115:2013 Information technology — Security techniques — Entity authentication assurance framework
ISO/IEC 29134:2017 Information technology — Security techniques — Guidelines for privacy impact assessment
ISO/IEC 7816-4:2013 Identification cards Integrated circuit cards Part 4: Organization, security and commands for interchange
ISO/IEC 18328-1:2015 Identification cards ICC-managed devices Part 1: General framework
ISO/IEC 7501-1:2008 Identification cards — Machine readable travel documents — Part 1: Machine readable passport
ISO/IEC 29101:2013 Information technology Security techniques Privacy architecture framework
ISO/IEC 18370-2:2016 Information technology Security techniques Blind digital signatures Part 2: Discrete logarithm based mechanisms
ISO/IEC 18328-3:2016 Identification cards — ICC-managed devices — Part 3: Organization, security and commands for interchange
EN 419212-1:2017 Application Interface for Secure Elements for Electronic Identification, Authentication and Trusted Services - Part 1: Introduction and common definitions
EN 14890-2:2008 Application Interface for smart cards used as Secure Signature Creation Devices - Part 2: Additional Services
EN 14890-1:2008 Application Interface for smart cards used as Secure Signature Creation Devices - Part 1: Basic services
ISO/IEC 7816-11:2004 Identification cards Integrated circuit cards Part 11: Personal verification through biometric methods
ISO/IEC 11770-3:2015 Information technology Security techniques Key management Part 3: Mechanisms using asymmetric techniques
ISO/IEC 29100:2011 Information technology — Security techniques — Privacy framework

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.

Learn more on subscription solutions

or

Get in touch with us