Rechercher

This document introduces security properties and provides best practices on the test and evaluation of white box cryptography (WBC). WBC is a cryptographic algorithm specialized for a key or secret, but where the said key cannot be extracted. The WBC implementation can consist of plain source code for the cryptographic algorithm and/or of a device implementing the algorithm. In both cases,…

This document introduces security properties and provides best practices on the test and evaluation of white box cryptography (WBC). WBC is a cryptographic algorithm specialized for a key or secret, but where the said key cannot be extracted. The WBC implementation can consist of plain source code for the cryptographic algorithm and/or of a device implementing the algorithm. In both cases,…

This document specifies a data interchange format for the exchange of deoxyribonucleic acid (DNA) data for person identification or verification technologies that utilize human DNA. Consideration of laboratory procedures is out of scope of this document. This document provides the ability for DNA profile data to be exchanged and used for comparison (subject to privacy regulations) with DNA…

This document specifies a data interchange format for the exchange of deoxyribonucleic acid (DNA) data for person identification or verification technologies that utilize human DNA. Consideration of laboratory procedures is out of scope of this document. This document provides the ability for DNA profile data to be exchanged and used for comparison (subject to privacy regulations) with DNA…

This document provides a user-centric framework for handling personally identifiable information (PII), based on privacy preferences.

This document provides a user-centric framework for handling personally identifiable information (PII), based on privacy preferences.

1 Scope This document gives guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 for organizations intending to: a) implement ISO/IEC 27001 when ISO/IEC 20000-1 is already implemented, or vice versa; b) implement both ISO/IEC 27001 and ISO/IEC 20000-1 together; or c) integrate existing management systems based on ISO/IEC 27001 and ISO/IEC 20000-1. This document…

This Standard specifies minimum requirements for qualification and proficiency of privacy and access control professionals. This Standard defines a framework for individuals seeking to demonstrate their competencies and qualifications as access-to-information, privacy, and data protection professionals, as well as organizations seeking to offer training and certification programs. This…

This document provides packages of security assurance and security functional requirements that have been identified as useful in support of common usage by stakeholders. EXAMPLE        Examples of provided packages include the evaluation assurance levels (EAL) and the composed assurance packages (CAPs). This document presents: —    evaluation assurance level (EAL) family of packages that specify…

This document provides a standardized framework for specifying objective, repeatable and reproducible evaluation methods and evaluation activities. This document does not specify how to evaluate, adopt, or maintain evaluation methods and evaluation activities. These aspects are a matter for those originating the evaluation methods and evaluation activities in their particular area of interest.