This document aims to normalize privacy-enhancing protocols and services by:
- using the mechanisms from parts of ISO/IEC 7816 and parts of ISO/IEC 18328 that contribute to security and privacy
- providing discoverability means of privacy-enabling attributes
- defining requirements for attribute-based credential handling, and
- identifying data objects and commands for ICCs.
Existing privacy-enhancing protocols available in a generic context are adopted for distributed systems including ICCs. Additionally, existing authentication protocols between an ICC and an external device used for establishing a secure channel are enhanced with privacy protection.
Secure communication between an ICC and an on-card device is also considered. All the protocols and services described in this document contribute to privacy. Annex B describes an example of privacy impact assessments of respective systems.
| Edition : | 1st |
| File Size : | 1
file
, 6.3 MB |
| ISBN(s) : | 9781488321955 |
| Number of Pages : | 94 |
| Product Code(s) : | 2427221, 2427221 |
| Published : | 06/01/2019 |
