BS ISO/IEC 9594-8:2017 addresses some of the security requirements in the areas of authentication and other security services through the provision of a set of frameworks upon which full services can be based. Specifically, this Recommendation | International Standard defines frameworks for:

• public-key certificates; and
• attribute certificates.

The public-key certificate framework defined in this Recommendation | International Standard specifies the information objects and data types for a public-key infrastructure (PKI), including public-key certificates, certificate revocation lists (CRLs), trust broker and authorization and validation lists (AVLs). The attribute certificate framework specifies the information objects and data types for a privilege management infrastructure (PMI), including attribute certificates, and attribute certificate revocation lists (ACRLs). This Recommendation | International Standard also provides the framework for issuing, managing, using and revoking certificates. An extensibility mechanism is included in the defined formats for both certificate types and for all revocation list schemes. This Recommendation | International Standard also includes a set of extensions, which is expected to be generally useful across a number of applications of PKI and PMI. The schema components (including object classes, attribute types and matching rules) for storing PKI and PMI information in a directory, are included in this Recommendation | International Standard.

This Recommendation | International Standard specifies the framework for strong authentication, involving credentials formed using cryptographic techniques. It is not intended to establish this as a general framework for authentication, but it can be of general use for applications which consider these techniques adequate.

Authentication (and other security services) can only be provided within the context of a defined security policy. It is a matter for users of an application to define their own security policy.


Cross References:
ISO/IEC 10021-4:2003 (COVERS)
ISO/IEC 8824-1:2015
ISO/IEC 9594-5:2017
ISO/IEC 10181-3:1996
ISO/IEC 9594-3:2017
ISO/IEC 9834-1:2012
ISO/IEC 15816:2002 Ed 1
ISO/IEC 8824-2:2015
ISO/IEC 9594-2:2017
ISO/IEC 9594-6:2017
ISO/IEC 9594-1:2017
ISO/IEC 10181-4:1997
ISO/IEC 8825-1:2015
ISO/IEC 8824-3:2015
Recommendation ITU-T X.800 (1991)
Recommendation ITU-T X.660 (2011)
Recommendation ITU-T X .681 (2015)
Recommendation ITU-T X.690 (2015)
Recommendation ITU-T X.411 (1999)
Recommendation ITU-T X.812 (1995)
Recommendation ITU-T X.813 (1996)
Recommendation ITU-T X.520 (2016)
Recommendation ITU-T X.500 (2016)
Recommendation ITU-T X.511 (2016)
Recommendation ITU-T X.519 (2016)
Recommendation ITU-T X.501 (2016)
Recommendation ITU-T X.841 (2000) IETF RFC 5280 (2008)
IETF RFC 3492 (2003)
IETF RFC 4511 (2006)
IETF RFC 822 (1982)
IETF RFC 791 (1981)
Recommendation ITU-T X.1252 (2010)
IETF RFC 5890 (2010)
IETF RFC 1630 (1994)
IETF RFC 6960 (2013)
IETF RFC 4523 (2006)
IETF RFC 5914 (2010)
ISO/IEC 8824-4:2015
ISO/IEC 9798-1:2010 Ed 3
ISO 4217:2015
ISO/IEC 9594-4:2017
ISO/IEC 8825-2:2015
ISO/IEC 9594-7:2017
ISO/IEC 9798-3:1998 Ed 2
ISO/IEC 11770-1:2010
ISO/IEC 10646:2012 CD-ROM ED3


All current amendments available at time of purchase are included with the purchase of this document.