|
URL: http://www.iso.ch
URL: http://www.csa-intl.org/onlinestore/GetCatalogDrillDown.asp?Parent=2628
From
http://www.csa-intl.org:
Non-repudiation
mechanisms provide protocols for the exchange of non-repudiation tokens
specific to each non-repudiation service. Non-repudiation tokens consist of
Secure Envelopes and/or digital signatures and, optionally, of additional data.
Non-repudiation tokens may be stored as non-repudiation information that may be
used subsequently by disputing parties or by an adjudicator to arbitrate in
disputes.
Depending
on the non-repudiation policy in effect for a specific application, and the
legal environment within which the application operates, additional information
may be required to complete the non-repudiation information, e.g.,
-
evidence including a trusted time stamp provided by a Time Stamping Authority,
- evidence provided by a notary which provides assurance about data created or
the action or
event performed by one or more entities.
Non-repudiation
can only be provided within the context of a clearly defined security policy
for a particular application and its legal environment. Non-repudiation
policies are described in ISO/IEC 10181-4.
This
part of ISO/IEC 13888 serves as a general model for subsequent parts specifying
non-repudiation mechanisms using cryptographic techniques. ISO/IEC 13888
provides non-repudiation mechanisms for the following phases of
non-repudiation:
-
evidence generation,
- evidence transfer, storage and retrieval, and
- evidence verification.
Dispute
arbitration is outside the scope of ISO/IEC 13888.
Keywords:
|
