标准编号:ISO 21188:2018
中文名称:金融服务用公用密钥的基础 规范和政策构架
英文名称:Public key infrastructure for financial services — Practices and policy framework
发布日期:2018-04
标准范围
This document sets out a framework of requirements to manage a PKI through certificate policies and certification practice statements and to enable the use of public key certificates in the financial services industry. It also defines control objectives and supporting procedures to manage risks. While this document addresses the generation of public key certificates that might be used for digital signatures or key establishment, it does not address authentication methods, non-repudiation requirements or key management protocols.
This document draws a distinction between PKI systems used in closed, open and contractual
environments. It further defines the operational practices relative to financial-services-industry-
accepted information systems control objectives. This document is intended to help implementers
to define PKI practices that can support multiple certificate policies that include the use of digital
signature, remote authentication, key exchange and data encryption.
This document facilitates the implementation of operational, baseline PKI control practices that satisfy the requirements for the financial services industry in a contractual environment. While the focus of this document is on the contractual environment, application of this document to other environments is not specifically precluded. For the purposes of this document, the term “certificate” refers to public key certificates. Attribute certificates are outside the scope of this document.
This document is targeted for several audiences with different needs and therefore the use of this document will have a different focus for each.
立即下载标准文件