DANSK DSF/ISO/IEC FDIS 19286 PDF

This International Standard aims at normalizing <br />— how the mechanisms for interchange provisioned by parts of ISO/IEC 7816 and parts of ISO/IEC 18328 can contribute to security and privacy, <br />— means for interoperability of privacy-enabling attribute discoverability by the external world, <br />— requirements for attribute-based credential handling. This standard identifies data objects and commands for ICCs to be applied in the interchange specification of privacy-enhancing protocols and services. Existing privacy-enhancing protocols which are provided in a generic context are adopted for distributed systems including ICCs. Additionally, existing authentication protocols between an ICC and an external device used for establishing a secure channel are enhanced in regard to privacy protection. Secure communication between an ICC and an on-card device is also considered. All the protocols and services described in this International Standard contribute to privacy. Annex B describes an example of privacy impact assessments of respective systems.