ISO - DIS 13491-1
Financial services — Secure cryptographic devices (retail) — Part 1: Concepts, requirements and evaluation methods
| Organization: | ISO |
| Publication Date: | 3 August 2023 |
| Status: | pending |
| Page Count: | 44 |
| ICS Code (IT applications in banking): | 35.240.40 |
scope:
This document specifies the security characteristics for secure cryptographic devices (SCDs) based on the cryptographic processes defined in ISO 9564, ISO 16609, and ISO 11568.
This document:
- states the security characteristics concerning both the operational characteristics of SCDs and the management of such devices throughout all stages of their life cycle;
- provides guidance for methodologies to verify compliance with those requirements. This information is contained in Annex A.
Annex A provides an informative illustration of the concepts of security levels described in this document as being applicable to SCDs.
This document does not address issues arising from the denial of service of an SCD.
This document does not address software services that use Multi-Party Computation (MPC) to achieve some security objectives and relying on these, offer cryptographic services. These are sometimes called 'soft' or software HSMs in common language, which is misleading and is not correct according to this document, which defines an HSM as a physical device with the properties and security measures noted in this document.
NOTE ISO 13491-2 specifies checklists to be used to evaluate secure cryptographic devices (SCDs) incorporating cryptographic processes as specified in ISO 9564-1, ISO 9564-2, ISO 16609, ISO 11568 in the financial services environment. The checklists in ISO 13491-2 specify requirements for the security characteristics and management of specific types of SCD functionality and the environments into which SCDs may be deployed.
Document History
