ISO 21188:2018
ISO 21188:2018 Public key infrastructure for financial services – Practices and policy framework
CDN $390.00
Description
ISO 21188:2018 sets out a framework of requirements to manage a PKI through certificate policies and certification practice statements and to enable the use of public key certificates in the financial services industry. It also defines control objectives and supporting procedures to manage risks. While this document addresses the generation of public key certificates that might be used for digital signatures or key establishment, it does not address authentication methods, non-repudiation requirements or key management protocols.
ISO 21188:2018 draws a distinction between PKI systems used in closed, open and contractual environments. It further defines the operational practices relative to financial-services-industry-accepted information systems control objectives. This document is intended to help implementers to define PKI practices that can support multiple certificate policies that include the use of digital signature, remote authentication, key exchange and data encryption.
ISO 21188:2018 facilitates the implementation of operational, baseline PKI control practices that satisfy the requirements for the financial services industry in a contractual environment. While the focus of this document is on the contractual environment, application of this document to other environments is not specifically precluded. For the purposes of this document, the term “certificate” refers to public key certificates. Attribute certificates are outside the scope of this document
ISO 21188:2018 is targeted for several audiences with different needs and therefore the use of this document will have a different focus for each.
Business managers and analysts are those who require information regarding using PKI technology in their evolving businesses (e.g. electronic commerce); see Clauses 1 to 6.
Technical designers and implementers are those who are writing their certificate policies and certification practice statement(s); see Clauses 6 to 7 and Annexes A to G.
Operational management and auditors are those who are responsible for day-to-day operations of the PKI and validating compliance to this document; see Clauses 6 to 7.
Edition
2
Published Date
2018-04-09
Status
PUBLISHED
Pages
108
Language
English
Format
Secure PDF
Secure – PDF details
- Save your file locally or view it via a web viewer
- Viewing permissions are restricted exclusively to the purchaser
- Device limits - 3
- Printing – Enabled only to print (1) copy
See more about our Environmental Commitment
Abstract
ISO 21188:2018 sets out a framework of requirements to manage a PKI through certificate policies and certification practice statements and to enable the use of public key certificates in the financial services industry. It also defines control objectives and supporting procedures to manage risks. While this document addresses the generation of public key certificates that might be used for digital signatures or key establishment, it does not address authentication methods, non-repudiation requirements or key management protocols.
ISO 21188:2018 draws a distinction between PKI systems used in closed, open and contractual environments. It further defines the operational practices relative to financial-services-industry-accepted information systems control objectives. This document is intended to help implementers to define PKI practices that can support multiple certificate policies that include the use of digital signature, remote authentication, key exchange and data encryption.
ISO 21188:2018 facilitates the implementation of operational, baseline PKI control practices that satisfy the requirements for the financial services industry in a contractual environment. While the focus of this document is on the contractual environment, application of this document to other environments is not specifically precluded. For the purposes of this document, the term "certificate" refers to public key certificates. Attribute certificates are outside the scope of this document
ISO 21188:2018 is targeted for several audiences with different needs and therefore the use of this document will have a different focus for each.
Business managers and analysts are those who require information regarding using PKI technology in their evolving businesses (e.g. electronic commerce); see Clauses 1 to 6.
Technical designers and implementers are those who are writing their certificate policies and certification practice statement(s); see Clauses 6 to 7 and Annexes A to G.
Operational management and auditors are those who are responsible for day-to-day operations of the PKI and validating compliance to this document; see Clauses 6 to 7.
Previous Editions
Can’t find what you are looking for?
Please contact us at:
Related Documents
-
ISO 9546:2024 Guidelines for security framework of information systems of third-party payment services
CDN $233.00 Add to cart -
ISO 22126:2022 Financial services – Semantic technology – Part 5: Mapping from FIX Orchestra to the common model
CDN $76.00 Add to cart -
ISO 3242:2022 Blockchain and distributed ledger technologies – Use cases
CDN $390.00 Add to cart -
ISO 6277:2024 Blockchain and distributed ledger technologies – Data flow models for blockchain and DLT use cases
CDN $312.00 Add to cart
