Identification cards -- Integrated circuit cards -- Privacy-enhancing protocols and services

Abstract

ISO/IEC 19286:2018 aims to normalize privacy-enhancing protocols and services by

- using the mechanisms from parts of ISO/IEC 7816 and parts of ISO/IEC 18328 that contribute to security and privacy,
- providing discoverability means of privacy-enabling attributes,
- defining requirements for attribute-based credential handling, and
- identifying data objects and commands for ICCs.

Existing privacy-enhancing protocols available in a generic context are adopted for distributed systems including ICCs. Additionally, existing authentication protocols between an ICC and an external device used for establishing a secure channel are enhanced with privacy protection. Secure communication between an ICC and an on-card device is also considered.

All the protocols and services described in this document contribute to privacy. Annex B describes an example of privacy impact assessments of respective systems.

General Information

Publication date: 02 January 2018

ICT rolling plan topic: Data storage services

SDO: IEC

Latest publishied version: https://www.iso.org/standard/64268.html

None
3GPP
A3 Robotics
A4BLUE
Allotrope Foundation
ANSI
ANSI/RIA
ASD-STAN
ASME
ASTM
ATIS
BBF
BIMERR
BSI
CEN
CEN/CENELEC
CENELEC
CIGI
CLC
COVR
CSA
DGUV
DIF
DIN
DIN/DKE
DKE
DMTF
ECMA
Enterprise Ethereum
ERCIM
Ethereum Community
ETSI
European Commission
European Union’s Horizon 2020
GICTF
GreenBlue
GS1
GSMA
HL7
Hyperledger Foundation
IEA-EBC
IEC
IEEE
IETF
iiRDS
INRAE
IOF
ISA
ISO
ISO/IEC
ISO/IEC/IEEE
ISO/TR
ITU
ITU-T
Massrobotics
Metaverse
Microsoft
MPAI
NEN
NGMN
NIST
None
NSAI
OASIS
OGC
OMA
OMG
OMG Robotics
oneM2M
OPC
OpenForum Europe
OpenID Foundation
OpenPEPPOL
RDA
RIA
SAE
SEAS
SMPTE
SNIA
STANDARDS AUSTRALIA
TIA
TM Forum
UL
UN/CEFACT
UNE
UNECE
VDA
W3C