CEN ISO/TS 17574:2017
Current
The latest, up-to-date edition.
Electronic fee collection - Guidelines for security protection profiles (ISO/TS 17574:2017)
29-03-2017
European foreword
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviated terms
5 EFC security architecture and protection profile processes
6 Outlines of Protection Profile
Annex A (informative) - Procedures for preparing
documents
Annex B (informative) - Example of threat
analysis evaluation method
Annex C (informative) - Relevant security standards
in the context of the EFC
Annex D (informative) - Common Criteria Recognition
Arrangement (CCRA)
Bibliography
ISO/TS 17574:2017 provides guidelines for preparation and evaluation of security requirements specifications, referred to as Protection Profiles (PP) in ISO/IEC 15408 (all parts) and in ISO/IEC TR 15446.By Protection Profile (PP), it means a set of security requirements for a category of products or systems that meet specific needs. A typical example would be a PP for On-Board Equipment (OBE) to be used in an EFC system. However, the guidelines in this document are superseded if a Protection Profile already exists for the subsystem in consideration.
| Committee |
CEN/TC 278
|
| DevelopmentNote |
Supersedes EN ISO/TS 17574. (10/2009)
|
| DocumentType |
Technical Specification
|
| PublisherName |
Comite Europeen de Normalisation
|
| Status |
Current
|
| Supersedes |
| Standards | Relationship |
| PD CEN ISO/TS 17574:2017 | Identical |
| S.R. CEN ISO/TS 17574:2017 | Identical |
| DIN CEN ISO/TS 17574;DIN SPEC 91117:2017-06 | Identical |
| ISO/TS 17574:2017 | Identical |
| NEN NPR EN ISO/TS 17574 : 2009 | Identical |
| UNE-CEN ISO/TS 17574:2017 | Identical |
| PD CEN/TR 16968:2016 | Electronic Fee Collection. Assessment of security measures for applications using Dedicated Short-Range Communication |
| CEN/TR 16968:2016 | Electronic Fee Collection - Assessment of security measures for applications using Dedicated Short-Range Communication |
| PD CEN/TS 16439:2013 | Electronic fee collection. Security framework |
| S.R. CEN/TR 16968:2016 | ELECTRONIC FEE COLLECTION - ASSESSMENT OF SECURITY MEASURES FOR APPLICATIONS USING DEDICATED SHORT-RANGE COMMUNICATION |
| S.R. CEN/TS 16439:2013 | ELECTRONIC FEE COLLECTION - SECURITY FRAMEWORK |
| CEN/TS 16439:2013 | Electronic fee collection - Security framework |
| ISO/IEC 15408-2:2008 | Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional components |
| ISO 17575-3:2016 | Electronic fee collection — Application interface definition for autonomous systems — Part 3: Context data |
| ISO 17575-1:2016 | Electronic fee collection — Application interface definition for autonomous systems — Part 1: Charging |
| ISO 17573:2010 | Electronic fee collection — Systems architecture for vehicle-related tolling |
| ISO/IEC 15408-3:2008 | Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance components |
| CEN/TS 16702-1:2014 | Electronic fee collection - Secure monitoring for autonomous toll systems - Part 1: Compliance checking |
| ISO/IEC 9798-4:1999 | Information technology — Security techniques — Entity authentication — Part 4: Mechanisms using a cryptographic check function |
| ISO 16609:2012 | Financial services — Requirements for message authentication using symmetric techniques |
| ISO 14906:2011 | Electronic fee collection — Application interface definition for dedicated short-range communication |
| ISO/IEC TR 15446:2017 | Information technology — Security techniques — Guidance for the production of protection profiles and security targets |
| ISO/IEC 9797-1:2011 | Information technology — Security techniques — Message Authentication Codes (MACs) — Part 1: Mechanisms using a block cipher |
| ISO/IEC 15408-1:2009 | Information technology — Security techniques — Evaluation criteria for IT security — Part 1: Introduction and general model |
| CEN/TS 16702-2:2015 | Electronic fee collection - Secure monitoring for autonomous toll systems - Part 2: Trusted recorder |
| ISO/TS 19299:2015 | Electronic fee collection — Security framework |
| ISO 17575-2:2016 | Electronic fee collection — Application interface definition for autonomous systems — Part 2: Communication and connection to the lower layers |