Standards Watch

  • Home
  • Standards Watch

Click on the interactive map below or utilise the filtering interface on the side to browse the items that are currently in our Standards Watch*.

IT_general it_security software networking cloud computing other iot big data ai cybersecurity data tecnologies iso iec 27005 5g communications iso iec etsi osi it terminal application information computer grafics information coding office machine interface interconnection equipment languages used in it microprocessor system data storage services

The Standards Watch of StandICT.eu monitors the status of ICT standards at international level, starting from the five priority areas of the Digital Single Market:

  • 5G communications,
  • cloud computing,
  • cybersecurity,
  • data technology, and
  • IoT – Internet of Things.

In particular, special attention is given to the rapidly evolving ICT topics of:

  • Artificial Intelligence,
  • Big Data,
  • IoT.
Gradually, the Standards Watch will be expanded to other ICT domains and topics, with the aim of better identifying gaps, needs & opportunities and consequently stimulating European Experts to pursue the openings granted by the StandICT.eu initiative.

ISO/IEC JTC 1/SC 27 9798-5:2009 - Entity authentication - Part 5: Mechanisms using zero-knowledge techniques

This part of ISO/IEC 9798 specifies entity authentication mechanisms using zero-knowledge techniques:

— mechanisms based on identities and providing unilateral authentication;

— mechanisms based on integer factorization and providing unilateral authentication;

— mechanisms based on discrete logarithms with respect to numbers that are either prime or composite, and providing unilateral authentication;

— mechanisms based on asymmetric encryption systems and providing either unilateral authentication, or mutual authentication;


Available in the insights page:

Go to the insights page

ISO/IEC JTC 1/SC 27 9798-4:1999 Entity authentication - Part 4: Mechanisms using a cryptographic check function

This part of ISO/IEC 9798 specifies entity authentication mechanisms using a cryptographic check function. Two mechanisms are concerned with the authentication of a single entity (unilateral authentication), while the remaining are mechanisms for mutual authentication of two entities.

The mechanisms specified in this part of ISO/IEC 9798 use time variant parameters such as time stamps, sequence numbers, or random numbers, to prevent valid authentication information from being accepted at a later time or more than once.


Available in the insights page:

Go to the insights page

ISO/IEC JTC 1/SC27 9798-3:2019 Entity authentication Part 3: Mechanisms using digital signature techniques

This document specifies entity authentication mechanisms using digital signatures based on asymmetric techniques. A digital signature is used to verify the identity of an entity.
Ten mechanisms are specified in this document. The first five mechanisms do not involve an on-line trusted third party and the last five make use of on-line trusted third parties. In both of these two categories, two mechanisms achieve unilateral authentication and the remaining three achieve mutual authentication.


Available in the insights page:

Go to the insights page

ISO/IEC JTC 1/SC 27 9798-2:2008 Entity authentication - Part 2: Mechanisms using symmetric encipherment algorithms

This part of ISO/IEC 9798 specifies entity authentication mechanisms using symmetric encipherment algorithms. Four of the mechanisms provide entity authentication between two entities where no trusted third party is involved; two of these are mechanisms to unilaterally authenticate one entity to another, while the other two are mechanisms for mutual authentication of two entities. The remaining mechanisms require a trusted third party for the establishment of a common secret key, and realize mutual or unilateral entity authentication.


Available in the insights page:

Go to the insights page

ISO/IEC JTC 1/SC 27 9798-1:2010 Entity authentication - Part 1: General

This part of ISO/IEC 9798 specifies an authentication model and general requirements and constraints for entity authentication mechanisms which use security techniques. These mechanisms are used to corroborate that an entity is the one that is claimed. An entity to be authenticated proves its identity by showing its knowledge of a secret. The mechanisms are defined as exchanges of information between entities and, where required, exchanges with a trusted third party.


Available in the insights page:

Go to the insights page

ISO/IEC 9797-3:2011 Message Authentication Codes (MACs) - Part 3: Mechanisms using a universal hash-function

This part of ISO/IEC 9797 specifies the following MAC algorithms that use a secret key and a universal hash-function with an n-bit result to calculate an m-bit MAC based on the block ciphers specified in ISO/IEC 18033-3 and the stream ciphers specified in ISO/IEC 18033-4:

a) UMAC;

b) Badger;

c) Poly1305-AES;

d) GMAC.


Available in the insights page:

Go to the insights page

ISO/IEC JTC 1/SC 27 9797-2:2011 Message Authentication Codes (MACs) - Part 2: Mechanisms using a dedicated hash-function

This part of ISO/IEC 9797 specifies three MAC algorithms that use a secret key and a hash-function (or its round-function) with an n-bit result to calculate an m-bit MAC. These mechanisms can be used as data integrity mechanisms to verify that data has not been altered in an unauthorized manner. They can also be used as message authentication mechanisms to provide assurance that a message has been originated by an entity in possession of the secret key.


Available in the insights page:

Go to the insights page

ISO/IEC JTC 1/SC 27 19896-3:2018 Competence requirements for information security testers and evaluators — Part 3: Knowledge, skills and effectiveness requirements for ISO/IEC 15408 evaluators.

This document provides the specialized requirements to demonstrate competence of individuals in performing IT product security evaluations in accordance with ISO/IEC 15408 (all parts) and 
ISO/IEC 18045.
This document includes knowledge and skills especially in the following areas.
      — Information security

Knowledge: Information security principles, information security properties, information security threats and vulnerabilities
Skills: Understand information security requirements, understand the context

— Information security evaluation


Available in the insights page:

Go to the insights page

ISO/IEC JTC 1/SC 27 27019:2017 - Information security controls for the energy utility industry

Effective information security in the process control domain of the energy utility sector can be achieved by establishing, implementing, monitoring, reviewing and, if necessary, improving the applicable measures set forth in this document, in order to attain the specific security and business objectives of the organization.
Ultimately, the overall success of the cybersecurity of energy industries is based on collaborative efforts by all stakeholders (vendors, suppliers, customers, etc.).


Available in the insights page:

Go to the insights page

ISO/IEC JTC 1/SC 27 29147:2018 I - Vulnerability disclosure

In the contexts of information technology and cybersecurity, a vulnerability is a behaviour or set of conditions present in a system, product, component, or service that violates an implicit or explicit security policy
Attackers exploit vulnerabilities to compromise confidentiality, integrity, availability, operation, or some other security property.


Available in the insights page:

Go to the insights page

Pages