-
-
Available Formats
- Options
- Availability
- Priced From ( in USD )
-
Available Formats
-
- Immediate download
- $78.00
- Add to Cart
-
- Printed Edition
- Ships in 1-2 business days
- $78.00
- Add to Cart
-
- Printed Edition + PDF
- Immediate download
- $128.40
- Add to Cart
Customers Who Bought This Also Bought
-
ISO/IEC 19794-5:2011
Priced From $333.60 -
ISO/IEC 9797-1:2011
Priced From $267.60 -
ISO/IEC 10918-6:2013
Priced From $64.80 -
ISO/IEC 24769-2:2013
Priced From $232.80
About This Item
Full Description
The goal of the non-repudiation service is to generate, collect, maintain, make available and validate evidence concerning a claimed event or action in order to resolve disputes about the occurrence or non occurrence of the event or action. This part of ISO/IEC 13888 provides descriptions of generic structures that can be used for non-repudiation services, and of some specific, communication related mechanisms which can be used to provide non-repudiation of origin (NRO), non-repudiation of delivery (NRD), non-repudiation of submission (NRS), and non-repudiation of transport (NRT) services. Other non-repudiation services can be built using the generic structures described in Clause 8 in order to meet the requirements defined by the security policy.
This part of ISO/IEC 13888 relies on the existence of a trusted third party (TTP) to prevent fraudulent repudiation. Usually an on-line trusted third party is needed.
Non-repudiation mechanisms provide protocols for the exchange of non-repudiation tokens specific to each non-repudiation service. Non-repudiation tokens used in this part consist of Secure Envelopes and additional data. Non-repudiation tokens shall be stored as non-repudiation information that may be used subsequently in case of disputes.
Depending on the non-repudiation policy in effect for a specific application, and the legal environment within which the application operates, additional information may be required to complete the non-repudiation information, e.g.,
- evidence including a trusted time stamp provided by a Time Stamping Authority,
- evidence provided by a notary which provides assurance about the action or event performed by one or more entities.
Non-repudiation can only be provided within the context of a clearly defined security policy for a particular application and its legal environment. Non-repudiation policies are described in ISO/IEC 10181-4.
Document History
-
ISO/IEC 13888-2:2010/Cor1:2012
Corrigendum- Most Recent
-
ISO/IEC 13888-2:2010
Information technology - Security techniques - Non-repudiation - Part 2: Mechanisms using symmetric techniques- Historical Version
-
ISO/IEC 13888-2:1998
viewing
Information technology - Security techniques - Non-repudiation - Part 2: Mechanisms using symmetric techniques (publiÇ en anglais seulement)- Historical Version