会员注册 | 登录 | 微信快捷登录 支付宝快捷登录 QQ登录 微博登录 | 帮助中心 人人文库renrendoc.com美如初恋!
站内搜索 百度文库

热门搜索: 直缝焊接机 矿井提升机 循环球式转向器图纸 机器人手爪发展史 管道机器人dwg 动平衡试验台设计

电子认证服务系统对外运营管理策略和规范.pdf电子认证服务系统对外运营管理策略和规范.pdf -- 6 元

宽屏显示 收藏 分享

资源预览需要最新版本的Flash Player支持。
您尚未安装或版本过低,建议您

中国移动CMCA电子认证业务规则生生效效日日期期2010年年9月月10日日卓卓望望数数码码技技术术((深深圳圳))有有限限公公司司中国移动CMCA电子认证业务规则_______________________________________________________________________________地址深圳市高新区南区深港产学研基地大楼西座六楼邮编518057电话075526718666网址www.cmca.net第1页文档版本控制表名称及版本主要修改说明完成时间修改人V0.1正式发布2010.7.1委员会工作组V0.1A根据CMCTN证书策略修订本CPS,主要修订章节为1.4.2证书类型和应用范围,对移动特色证书类型及其相应的安全策略、应用场景进行补充说明2010.9.10委员会工作组中国移动CMCA电子认证业务规则_______________________________________________________________________________地址深圳市高新区南区深港产学研基地大楼西座六楼邮编518057电话075526718666网址www.cmca.net第2页目录1.概括性描述...............................................................................................................................11.1概述...................................................................................................................................11.2文档名称与标识...............................................................................................................21.2.1名称...........................................................................................................................21.2.2版本...........................................................................................................................21.3电子认证活动参与者.......................................................................................................21.3.1电子认证服务机构...................................................................................................21.3.2注册机构(RA)......................................................................................................31.3.3受理点(LRA)........................................................................................................31.3.4订户...........................................................................................................................41.3.5依赖方.......................................................................................................................41.3.6其他参与者...............................................................................................................41.4证书应用...........................................................................................................................41.4.1适合性.......................................................................................................................41.4.2证书类型和应用范围...............................................................................................51.4.3限制的证书应用.......................................................................................................81.4.4受禁的证书应用.......................................................................................................81.5策略管理...........................................................................................................................91.5.1策略文档管理机构...................................................................................................91.5.2联系人.......................................................................................................................91.5.3决定CPS符合策略的机构......................................................................................91.5.4CPS批准程序...........................................................................................................91.6定义和缩写.....................................................................................................................102.信息发布与信息管理.............................................................................................................112.1信息库.............................................................................................................................112.2信息发布.........................................................................................................................112.2.1CPS的发布.............................................................................................................112.2.2公众信息的发布.....................................................................................................112.2.3认证信息的发布.....................................................................................................112.3发布的时间或频率.........................................................................................................122.4信息库访问控制.............................................................................................................123.身份标识与鉴别.....................................................................................................................133.1命名.................................................................................................................................133.1.1名称类型.................................................................................................................133.1.2对名称有意义的要求.............................................................................................133.1.3订户的匿名或伪名.................................................................................................143.2初始身份确认.................................................................................................................143.2.1证明拥有私钥的方法.............................................................................................143.2.2组织机构身份的鉴别.............................................................................................14中国移动CMCA电子认证业务规则_______________________________________________________________________________地址深圳市高新区南区深港产学研基地大楼西座六楼邮编518057电话075526718666网址www.cmca.net第3页3.2.3个人身份的鉴证.....................................................................................................153.2.4设备身份的鉴证.....................................................................................................163.2.5代码签名身份的鉴证.............................................................................................173.2.6非实名制证书的身份鉴证.....................................................................................173.2.7手机号码的鉴别.....................................................................................................183.3更新请求的标识与鉴别.................................................................................................183.3.1常规更新的标识与鉴别.........................................................................................183.3.2吊销后更新的标识与鉴别.....................................................................................193.4吊销请求的标识与鉴别.................................................................................................193.4.1证书吊销情况.........................................................................................................193.4.2吊销操作.................................................................................................................193.4.3吊销申请的确认.....................................................................................................204.证书生命周期操作要求.........................................................................................................214.1证书申请.........................................................................................................................214.1.1证书申请实体.........................................................................................................214.1.2注册过程与责任.....................................................................................................214.1.3证书申请流程.........................................................................................................224.2证书审核.........................................................................................................................244.2.1执行识别与鉴别功能.............................................................................................244.2.2证书申请批准和拒绝.............................................................................................244.2.3处理证书申请的时间.............................................................................................244.3证书签发.........................................................................................................................244.3.1签发证书.................................................................................................................244.3.2拒绝签发证书.........................................................................................................254.4证书接受.........................................................................................................................254.4.1证书接受.................................................................................................................254.4.2证书申请者的承诺.................................................................................................254.4.3证书申请者的责任.................................................................................................264.4.4证书的发布.............................................................................................................274.5密钥和证书的使用.........................................................................................................274.5.1订户私钥和证书的使用.........................................................................................274.5.2依赖方公钥和证书的使用.....................................................................................284.5.3密钥和证书使用的相关责任.................................................................................284.6证书更新.........................................................................................................................284.6.1证书更新的原因.....................................................................................................294.6.2请求证书更新的实体.............................................................................................294.6.3证书更新流程.........................................................................................................294.6.4对更新证书的发布.................................................................................................304.7证书密钥更新.................................................................................................................304.7.1密钥更新的原因.....................................................................................................304.7.2请求密钥更新的实体.............................................................................................314.7.3密钥更新的流程.....................................................................................................314.7.4对更新证书的发布.................................................................................................31中国移动CMCA电子认证业务规则_______________________________________________________________________________地址深圳市高新区南区深港产学研基地大楼西座六楼邮编518057电话075526718666网址www.cmca.net第4页4.8证书变更.........................................................................................................................314.8.1证书变更的原因.....................................................................................................314.8.2请求证书变更的实体.............................................................................................314.8.3证书变更的流程.....................................................................................................314.8.4对变更后新证书的发布.........................................................................................324.9证书吊销.........................................................................................................................324.9.1证书吊销的原因.....................................................................................................324.9.2请求证书吊销的实体.............................................................................................324.9.3吊销请求的流程.....................................................................................................334.9.4吊销请求宽限期.....................................................................................................334.9.5电子认证服务机构处理吊销请求的时限.............................................................334.9.6依赖方检查证书吊销的要求.................................................................................344.9.7CRL发布频率........................................................................................................344.9.8在线状态查询要求.................................................................................................344.9.9证书吊销的注意事项.............................................................................................344.10证书挂起.....................................................................................................................354.10.1证书挂起的原因.....................................................................................................354.10.2请求证书挂起的实体.............................................................................................354.10.3挂起请求的流程.....................................................................................................354.10.4挂起的期限限制.....................................................................................................364.11证书解挂.....................................................................................................................364.11.1证书解挂的原因.....................................................................................................364.11.2请求证书解挂的实体.............................................................................................364.11.3证书解挂的流程.....................................................................................................364.12密钥恢复.....................................................................................................................374.12.1密钥恢复的原因.....................................................................................................374.12.2请求密钥恢复的实体.............................................................................................374.12.3密钥恢复的流程.....................................................................................................374.12.4密钥恢复的注意事项.............................................................................................384.13证书状态服务.............................................................................................................384.13.1CRL.........................................................................................................................384.13.2OCSP.......................................................................................................................384.14CA服务终止..................................................................................................................384.15密钥生成、备份与恢复.............................................................................................394.15.1加密密钥生成、备份与恢复.................................................................................394.15.2注意事项.................................................................................................................395.认证机构设施、管理和操作安全控制.................................................................................405.1物理安全控制.................................................................................................................405.1.1物理场地安全.........................................................................................................405.1.2物理访问.................................................................................................................415.1.3电力与空调.............................................................................................................415.1.4水患防治.................................................................................................................425.1.5火灾防护.................................................................................................................42中国移动CMCA电子认证业务规则_______________________________________________________________________________地址深圳市高新区南区深港产学研基地大楼西座六楼邮编518057电话075526718666网址www.cmca.net第5页5.1.6介质存储.................................................................................................................425.1.7废物处理.................................................................................................................425.1.8异地备份.................................................................................................................425.2流程安全控制.................................................................................................................435.2.1可信角色.................................................................................................................435.2.2每项任务需要的人数.............................................................................................455.2.3安全令牌控制.........................................................................................................455.2.4职责分割原则.........................................................................................................455.3人员控制.........................................................................................................................465.3.1资格、经历和无过失要求.....................................................................................465.3.2背景审查程序.........................................................................................................465.3.3培训要求.................................................................................................................475.3.4再培训周期和要求.................................................................................................475.3.5岗位分离和轮换.....................................................................................................475.3.6未授权行为的处罚.................................................................................................475.3.7提供给员工的文档.................................................................................................485.4安全审计.........................................................................................................................485.4.1记录事件的类型.....................................................................................................485.4.2处理日志的周期.....................................................................................................495.4.3审计日志的保存期限.............................................................................................495.4.4审计日志的保护.....................................................................................................505.4.5审计日志备份程序.................................................................................................505.4.6审计收集系统.........................................................................................................505.4.7对导致事件实体的处理.........................................................................................505.4.8脆弱性评估.............................................................................................................515.5记录归档.........................................................................................................................515.5.1归档记录的类型.....................................................................................................515.5.2归档记录的保存期限.............................................................................................515.5.3归档文件的保护.....................................................................................................515.5.4归档文件的备份.....................................................................................................525.5.5记录时间戳要求.....................................................................................................525.5.6归档收集系统.........................................................................................................525.6密钥更替.........................................................................................................................525.6.1密钥更替定义.........................................................................................................525.6.2根证书有效期.........................................................................................................535.6.3CRL.........................................................................................................................535.7损害与灾难恢复.............................................................................................................535.7.1事故和损害处理程序.............................................................................................545.7.2计算资源、软件和/或数据的损坏........................................................................545.7.3实体私钥损害处理程序.........................................................................................555.7.4灾难后的业务连续性能力.....................................................................................555.8电子认证服务机构或注册机构的业务终止.................................................................555.8.1CA终止原因...........................................................................................................55中国移动CMCA电子认证业务规则_______________________________________________________________________________地址深圳市高新区南区深港产学研基地大楼西座六楼邮编518057电话075526718666网址www.cmca.net第6页5.8.2终止通知.................................................................................................................555.8.3终止归档.................................................................................................................565.8.4终止措施.................................................................................................................565.8.5RA的终止...............................................................................................................566.认证系统技术安全控制.........................................................................................................576.1密钥对的生成和安装.....................................................................................................576.1.1CA密钥对的产生...................................................................................................576.1.2订户密钥对的生成.................................................................................................576.1.3私钥传送.................................................................................................................586.1.4公钥传送.................................................................................................................586.1.5电子认证服务机构公钥传送.................................................................................586.1.6密钥的长度.............................................................................................................596.1.7公钥参数的生成.....................................................................................................596.1.8密钥用途.................................................................................................................596.2私钥保护和密码模块工程控制.....................................................................................606.2.1密码模块的标准和控制.........................................................................................606.2.2私钥多人控制.........................................................................................................606.2.3私钥托管.................................................................................................................616.2.4私钥备份.................................................................................................................616.2.5私钥归档.................................................................................................................616.2.6私钥导入、导出密码模块.....................................................................................616.2.7私钥在密码模块的存储.........................................................................................616.2.8激活私钥.................................................................................................................616.2.9解除私钥激活状态.................................................................................................626.2.10销毁私钥.................................................................................................................626.3密钥对管理的其他方面.................................................................................................636.3.1公钥归档.................................................................................................................636.3.2证书操作期和密钥对使用期.................................................................................636.4敏感数据.........................................................................................................................636.4.1敏感数据的产生.....................................................................................................636.4.2敏感数据的保护.....................................................................................................636.5计算机安全控制.............................................................................................................646.5.1计算机安全技术要求.............................................................................................646.5.2计算机安全评估.....................................................................................................646.6网络的安全控制.............................................................................................................646.7时间戳.............................................................................................................................657.证书、证书吊销列表和在线证书状态协议.........................................................................667.1证书.................................................................................................................................667.1.1版本号.....................................................................................................................667.1.2证书标准项.............................................................................................................667.1.3证书扩展项.............................................................................................................677.1.4密钥算法对象标识符.............................................................................................70
编号:201311211728380786    大小:1.02MB    格式:PDF    上传时间:2013-11-21
  【编辑】
6
关 键 词:
管理 组织 经营
温馨提示:
1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
2: 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
3.本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 人人文库网仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。
  人人文库网所有资源均是用户自行上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作他用。
0条评论

还可以输入200字符

暂无评论,赶快抢占沙发吧。

当前资源信息

4.0
 
(2人评价)
浏览:22次
abingge上传于2013-11-21

官方联系方式

客服手机:13961746681   
2:不支持迅雷下载,请使用浏览器下载   
3:不支持QQ浏览器下载,请用其他浏览器   
4:下载后的文档和图纸-无水印   
5:文档经过压缩,下载后原文更清晰   

相关资源

相关资源

相关搜索

管理   组织   经营  
关于我们 - 网站声明 - 网站地图 - 友情链接 - 网站客服客服 - 联系我们
copyright@ 2015-2017 人人文库网网站版权所有
苏ICP备12009002号-5