Standard

This International Standard specifies a conceptual model for a random bit generator for cryptographic purposes, together with the elements of this model.
This International Standard
• specifies the characteristics of the main elements required for a non-deterministic random bit generator,
• specifies the characteristics of the main elements required for a deterministic random bit generator,
• establishes the security requirements for both the non-deterministic and the deterministic random bit generator.

This part of ISO/IEC 18014
— defines the functionality of the time assessment authority (TAA),
— describes an overall architecture for providing the time to the time-stamping authority (TSA) and to guarantee the correctness of it through the use of the TAA, and
— gives technical guidelines for the TAA to provide, and to provide assurance in, a trusted time source to the TSA.
 

The present document includes a collection of use cases from a variety of M2M industry segments. Each use case may include a description, source, actors, pre-conditions, triggers, normal and alternative flow of sequence of interactions among actors and system, post-conditions, illustrations and potential requirements. The potential requirements provide an initial view of what oneM2M requirements could arise from the Use Case as seen by the contributor. These are intended to help the reader understand the use case's needs. These potential requirements may have been subsequently submitted by the contributor for consideration as candidate oneM2M requirements, which may or may not have been agreed as a oneM2M requirement (often after much editing). As such, there may not be a direct mapping from the potential requirements to agreed oneM2M requirements.

The present document specifies communication between the M2M Authentication Function (MAF) and MAF clients on the reference point Mmaf and between the M2M Enrolment Function (MEF) and MEF clients on the reference point Mmef.

The present document specifies the interworking technologies for oneM2M and OIC interworking using the architecture identified in annex F of ETSI TS 118 101 [2] for the following scenario:

• Interworking using oneM2M Resource Types for transparent transport of encoded OIC Resources and commands in oneM2M Resource Types between OIC Devices and M2M Applications.

This part of ISO/IEC TR 15443 defines terms and establishes an extensive and organised set of concepts and their relationships for understanding IT security assurance, thereby establishing a basis for shared understanding of the concepts and principles central to ISO/IEC TR 15443 across its user communities. It provides information fundamental to users of ISO/IEC TR 15443-2.

This document:
- Describes a framework for the structured expression of data-related policies and practices in the cloud computing environment, based on the data taxonomy in ISO/IEC 19944:2017;
- provides guidelines on application of the taxonomy for handling of data based on data subcategory and classification;
- covers expression of data-related policies and practices including, but not limited to data geolocation, cross border flow of data, data access and data portability, data use, data management, and data governance;
- describes how the framework can be used in codes of conduct for practices regarding data at rest and in transit, including cross border transfer of data, as well as remote access to data;
- provides use cases for data handling challenges, i.e. control, access and location of data according to ISO/IEC 19944:2017 data categories.
This document is applicable primarily to cloud service providers, cloud service customers and cloud service users, but also to any person or organization involved in legal, policy, technical or other implications of taxonomy based data management in cloud services.
 
Under development

This document provides guidance relating to the construction of Protection Profiles (PPs) and Security Targets (STs) that are intended to be compliant with the third edition of ISO/IEC 15408 (all parts). It is also applicable to PPs and STs compliant with Common Criteria Version 3.1 Revision 4[6], a technically identical standard published by the Common Criteria Management Board, a consortium of governmental organizations involved in IT security evaluation and certification.

The scope of this Recommendation | International Standard is:
a) the definition of guidelines for specifying the abstract syntax of generic and specific Security Information Objects (SIOs) for Access Control;
b) the specification of generic SIOs for Access Control;
c) the specification of specific SIOs for Access Control.

This Recommendation | International Standard will define those TTP services needed to support the application of digital signatures for the purpose of non-repudiation of creation of documents.
This Recommendation | International Standard will also define interfaces and protocols to enable interoperability between entities associated with these TTP services.

This part of ISO/IEC 18014 presents a general framework for the provision of time-stamping services.
Time-stamping services may generate, renew and verify time-stamp tokens.
Time-stamp tokens are associations between data and points in time, and are created in a way that aims to provide evidence that the data existed at the associated date and time. In addition, the evidence may be used by non-repudiation services.

"This part of ISO/IEC 18014: — identifies the objective of a time-stamping authority; — describes a general model on which time-stamping services are based; — defines time-stamping services; — defines the basic protocols between the involved entities. "