This document defines a comprehensive set of evaluation indicators specially related to information and communication technologies (ICT) adoption and usage in smart cities. Firstly, this document establishes an overall framework for all the indicators. Then, this document specifies the name, description, classification and measure method for each indicator.
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:30146:dis:ed-2:v1:en
This part of ISO/IEC 9798 specifies entity authentication mechanisms using a cryptographic check function. Two mechanisms are concerned with the authentication of a single entity (unilateral authentication), while the remaining are mechanisms for mutual authentication of two entities.
The mechanisms specified in this part of ISO/IEC 9798 use time variant parameters such as time stamps, sequence numbers, or random numbers, to prevent valid authentication information from being accepted at a later time or more than once.
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:9798:-4:ed-2:v1:en
This part of ISO/IEC 9798 specifies entity authentication mechanisms using zero-knowledge techniques:
— mechanisms based on identities and providing unilateral authentication;
— mechanisms based on integer factorization and providing unilateral authentication;
— mechanisms based on discrete logarithms with respect to numbers that are either prime or composite, and providing unilateral authentication;
— mechanisms based on asymmetric encryption systems and providing either unilateral authentication, or mutual authentication;
— mechanisms based on discrete logarithms on elliptic curves and providing unilateral authentication.
These mechanisms are constructed using the principles of zero-knowledge techniques, but they are not necessarily zero-knowledge according to the strict definition for every choice of parameters.
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:9798:-5:ed-3:v1:en
This part of ISO/IEC 9798 specifies eight entity authentication mechanisms based on manual data transfer between authenticating devices. It indicates how these mechanisms can be used to support key management functions, and provides guidance on secure choices of parameters for the mechanisms.
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:9798:-6:ed-2:v1:en
This International Standard specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. This International Standard also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization.
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:27001:ed-2:v1:en
This International Standard gives guidelines for organizational information security standards and information security management practices including the selection, implementation and management of controls taking into consideration the organization’s information security risk environment(s).
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:27002:ed-2:v1:en
This International Standard provides guidelines for specific activities in handling digital evidence, which are identification, collection, acquisition and preservation of digital evidence that may be of evidential value.
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:27037:ed-1:v1:en
Some documents can contain information that must not be disclosed to some communities. Modified documents can be released to these communities after an appropriate processing of the original document. This process is called the “redaction” of the document.
This International Standard specifies characteristics of techniques for performing digital redaction on digital documents. This International Standard also specifies requirements for software redaction tools and methods of testing that digital redaction has been securely completed.
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:27038:ed-1:v1:en
This International Standard provides guidance on mechanisms for ensuring that methods and processes used in the investigation of information security incidents are “fit for purpose”. It encapsulates best practice on defining requirements, describing methods, and providing evidence that implementations of methods can be shown to satisfy requirements.
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:27041:ed-1:v1:en
This International Standard provides guidance on the conduct of the analysis and interpretation of potential digital evidence in order to identify and evaluate digital evidence which can be used to aid understanding of an incident. The exact nature of the data and information making up the potential digital evidence will depend on the nature of the incident and the digital evidence sources involved in that incident.
This International Standard provides guidance on the analysis and interpretation of digital evidence in a manner which addresses issues of continuity, validity, reproducibility, and repeatability.
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:27042:ed-1:v1:en
This International Standard provides guidelines based on idealized models for common incident investigation processes across various incident investigation scenarios involving digital evidence. This includes processes from pre-incident preparation through investigation closure, as well as any general advice and caveats on such processes.
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:27043:ed-1:v1:en
This standard specifies cryptographic and data authentication procedures for storage devices that support length-expansion, such as tape drives. Such procedures include the following cryptographic modes of operation for the AES block cipher: CCM, GCM, CBC-HMAC, and XTS-HMAC.
