standards

standarde

The term “standard” does indeed have many definitions, one of which can be: “A formal document published consensually by an institution to establish uniform criteria, methods, processes and practices in a specific technical field”. World-wide known standards are accepted by default by most organizations and tend to create a simpler, long-termed reference base to achieve maximal outputs.

 

In the electronic signature area the standards recognized in the European Union are specified by ETSI and CEN. According to their specific purposes they are divided as follows:
- The organizational and administrative principles of a Certification Service Provider should be in conformity with ETSI TS 101 456;

- Usage of time-stamps should be in accordance with ETSI TS 102 023;

- Internal Audits should be performed in accordance with standard ISO/IEC 27001;

- Key management should be in conformity as specified in ETSI TS 101 456;

- Key generation from the Certification Service Provider should follow specifications of
FIPS 140-1 or FIPS 140-2 documents and requirements of CWA 14167-3 and fulfill at least security level EAL 3 as of standard ISO/ IEC 15408 or level E 2 ITSEC. The Certification Service Provider shall ensure the certificate holder that the secure signature creation devices are in accordance with requirements specified in CWA 14169 or FIPS 140-1;

 - The secure signature creation device’s operation should be managed according to the
specifications of ISO/ IEC 27001, Annex A:
- The time stamps issued should be in accordance with ETSI 101 861.
- The format and contents of the certificate should comply with RFC 3280 document;
- The time-stamp system should comply with ETSI TS 102 023;

For any of the requirements mentioned above, the Certification Service Provider should
ensure that, the secure signature creation device achieves at least the security level
EAL3 of ISO/IEC 15408, and/or E2 of ITSEC, or achieves level 3+ according to 3+. For a broader view and detailed specifications please read Directive no. 3, "On Electronic certification Services" found in the Information. section.

ETSI Standards

CEN Workshop Agreements (CWAs)

Eu eSignature Standardisation Work Overview

 
Home
Supervision
Legislation
Standards
Registry
Information
FAQ
Cryptography
PKI
Archives
About us
News

Address:
Rr. "Asim Vokshi" nr. 19/1
Tiranë

Tel: 04-22-21039
Fax: 04-22-27040

Keshilli i Ministrave Ministri për Inovacionin dhe Teknologjine e Informacionit e të Komunikimit E Albania Europian Telecomunication Standard Institute National Institute of Standards and Technology International Organization for Standardization