Authorization Write us Site map

 

 

  2007

 

 

PDF
(17,1 )

     

 

 

  2008

 

 

PDF
(6,1 )

     

 

 

  2009

 

 

PDF
(2,5 )

 

 

  2010

 

 

PDF
(806 )

     

 

 

  2011

 

 

PDF
(172 )

     

 

 

  2012

 

 

PDF
(806 )

     
Adobe Flash Player 9 .
Flash Player
 /  Projects /  tech-reglament

Preliminary structure and content of Requirements to the infrastructure of public keys technical regulation


 

«Requirements to the infrastructure of public keys» technical regulation consists of the following structural elements:

Introduction
Field of application
Definitions
Saving clause
Access rules to the market
Technical requirements
Conformity assessment
Mutual recognition of operating results on conformity estimation
Transition period
Procedure of state supervision
Appendix

1.  Introduction

Requirements cited in the technical regulation will be harmonized:

With ITU recommendations;
RFC 2459 - Internet X.509 Public Key Infrastructure Certificate;
RFC 2510. - Internet X.509 Public Key Infrastructure Certificate Management Protocols;
RFC 2511 - Internet X.509 Certificate Request Message Format.

2. Field of application
 
The present special technical regulation sets: obligatory requirements to a national infrastructure of public keys; main tasks of information security, which are completed by the national infrastructure of public keys’ management:

Information confidentiality provision;
Information integrity provision;
Provision of the authentification of users and resources, which are addressed by users;
Provision of confirmation of acts on information performed by users.

Requirements of the present special technical regulation spread to:

1) Electronic digital signature (EDS);
2) Message encryption;
3) Authorization.

3. Definitions
  
The terms with corresponding definitions, taken from international, regional and state standards will be cited.

4.  Saving clause

In this section requirements to the prevention of EDS keys’ certificates’ use, which don’t correspond with the present special technical regulation, in state information system.

5. Access rules to the market

In this section the requirements will be set, according to which in information systems of bodies and departments EDS keys should be used to provide relevant in law electronic document management for legal relations performance between users of information systems.

6. Technical requirements

In the section will be set:

Requirements to the registration authority, registration centers, users, their interconnection and mutual recognition of RC;
Requirements to the development and maintenance of electronic notariat;
Requirements to the duration of EDS key (its prolongation);
Requirements to various types of certificate architectures;
Requirements of Registration centers’ cooperation with registration authority;
Requirements to keys’ publication in state bodies;
Requirements to publication procedures;
Requirements to EDS keys’ protection of comprometation;
Order of certificates’ storage;
Requirements to a single base of RC certificates;
Requirements to information confidentiality provision;
Requirements to information integrity control;
Requirements to user and resources, which are addressed by users, authentification;
Requirements to the opportunity provision of confirmation of acts on information performed by users (unabandonment);
Requirements to EDS keys’ development;
Requirements to cancellation;
Certificate copies’ provision;
EDS confirmation in electronic documents;
Engineering and technical, hardware and software organizational protection measures of Registration centers and Registration authority.

8. Conformity assessment
 
In this section verification of conformity of set information security requirements to the public keys’ infrastructure will be cited, as well as forms and schemes of conformity assessment determined with account of risk level, which are considered as those, providing needed evidence level.

9. Mutual recognition of operating results on conformity estimation

In this section conditions of the order of application and validity recognition of electronic digital signature public keys’ certificates in information systems will be cited.

10. Transition period

In this section the time period, during which the general technical regulations should be brought into action, will be set.

11. Procedure of state supervision

In this section the organizations, on which control, periodicity of control realization in accordance with the legislation of the Republic of Uzbekistan will be marked.

Load Preliminary content of «Requirements to the infrastructure of public keys» technical regulation

For additional information refer to:
Chief of KRC EDS under SUE «UNICON.UZ» - Erkin Isakov 
Phone: +99871 235-93-49
e-mail: isakov@unicon.uz