ISO/IEC 18014

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

ISO/IEC 18014 Information technology — Security techniques — Time-stamping services is an international standard that specifies time-stamping techniques. It comprises four parts:

  • Part 1: Framework[1]
  • Part 2: Mechanisms producing independent tokens[2]
  • Part 3: Mechanisms producing linked tokens[3]
  • Part 4: Traceability of time sources[4]

Part 1: Framework[edit]

In this first part of ISO/IEC 18014, several things are explained and developed:

  • The identification of the objectives of a time authority.
  • The description of a general model on which time stamping services are based.
  • The definition of time stamping services.
  • The definition of the basic protocols of time stamping.
  • The specifications of the protocols between the involved entities.

Key words: audit, non-repudiation, security, time-stamp

Part 2: Mechanisms producing independent tokens[edit]

A time-stamping service provides evidence that a data item existed before a certain point in time. Time-stamp services produce time-stamp tokens, which are data structures containing a verifiable cryptographic binding between a data item's representation and a time-value. This part of ISO/IEC 18014 defines time-stamping mechanisms that produce independent tokens, which can be verified one by one.

Part 3: Mechanisms producing linked tokens[edit]

This part of ISO/IEC 18014:

  • Describes a general model for time-stamping services producing linked tokens.
  • Describes the basic components used to construct a time-stamping service of this type.
  • Defines the data structures used to interact with a time-stamping service of this type.
  • Describes specific instances of such time-stamping services.

ISO/IEC 18014-3:2009 describes time-stamping services producing linked tokens, that is, tokens that are cryptographically bound to other tokens produced by these time-stamping services. It describes a general model for time-stamping services of this type and the basic components used to construct a time-stamping service of this type, it defines the data structures and protocols used to interact with a time-stamping service of this type, and it describes specific instances of such time-stamping services.

References[edit]