Security work in SC27

next up previous contents
Next: TC68 - Banking Up: ISO Existing and Previous: Other SC21 projects

Security work in SC27

SC27 is the successor of SC20. While, initially, there were doubts about SC27's ability to shake its past, SC27 has initialized promising work and appears to have strong support. SC27 consists of the following three groups:

on Generic Security Requirements; its scope covers Security Requirements and Services as well as Guidelines.
on Security Mechanisms.
on Security Techniques.

WG1's work is of particular importance because the charter of this group includes a key management framework, security information objects, risk analysis, and audit/access control. The key management framework is pursued as a three part standards:

The last two parts of this standard are developed in WG2 whose program of work includes the following projects :

  1. Modes of Operation for n-Bit Block Cipher Algorithms, which is a generalization of ISO 8372, Modes of Operation for 64-Bit Block Cipher Algorithm.
  2. Entity Authentication Mechanism using an n-bit Secret Key Algorithm,
  3. Cryptographic Mechanisms for Key Management using Secret Key Techniques,
  4. Entity Authentication using a Public Key with Two-way and Three-way Handshake,
  5. Authentication with a Three-way Handshake using Zero-knowledge Techniques,
  6. Digital Signature Scheme with Message Recovery,
  7. Hash Functions for Digital Signatures,
  8. Zero Knowledge Techniques.

WG3's program of work includes the following:

John Barkley
Fri Oct 7 16:17:21 EDT 1994