Nr. | Referenz ERCA policy | Anforderung | Referenz D-MSA-Policy |
1. | § 5.3.1 | The MSA Policy shall identify the entities in charge of operations. | § 1.1 Zuständige Organisationen |
2. | § 5.3.2 | The MSCA key pairs for equipment key certification and for motion sensor key distribution shall be generated and stored within a device which either: - is certified to meet the requirements identified in FIPS 140-2 (or FIPS 140-1) level 3 or higher [10]; - is certified to be compliant with the requirements identified in the CEN Workshop Agreement 14167- 2 [11]; - is a trustworthy system which is assured to EAL4 or higher in accordance with ISO 15408 [12]; to level E3 or higher in ITSEC [13]; or equivalent se- curity criteria. These evaluations shall be to a pro- tection profile or security target, - is demonstrated to provide an equivalent level of security. | § 6 Schlüsselmanagement in der D-CA (Absatz 2) |
3. | § 5.3.3 | Member State Key Pair generation shall take place in a physically secured environment by personnel in trusted roles under, at least dual control. | § 6 Schlüsselmanagement in der D-CA (Absatz 3) § 6 Schlüsselmanagement in der D-CA [r6.5] § 6.2 Schlüsselpaar der D-CA (MS.SK, MS.PK) [r6.10] § 7.3 Schlüsselverwendung [r7.9] § 9.2 Besondere Anforderungen an das Sicherheitskonzept [r9.7] |
4. | § 5.3.4 | The Member State Key Pairs shall be used for a period of at most two years starting from certification by the ERCA. | § 6.2 Schlüsselpaar der D-CA (MS.SK, MS.PK) [r6.7] |
5. | § 5.3.5 | The generation of new Member State Key Pairs shall take into account the one month turnaround time required for certification by the ERCA | § 6.2 Schlüsselpaar der D-CA (MS.SK, MS.PK) [r6.13] |
6. | § 5.3.6 | The MSA shall submit MSCA public keys for certifi- cation by the ERCA using the key certification request (KCR) protocol described in Annex A. | § 6.2 Schlüsselpaar der D-CA (MS.SK, MS.PK) [r6.14] |
7. | § 5.3.7 | The MSA shall request motion sensor master keys from the ERCA using the key distribution request (KDR) protocol described in Annex D. | § 6.3 Symmetrische Schlüssel für Werkstattkarten und Weg-/ Geschwindigkeitsgeber (Km, KmWC, KmVU) [r6.20] |
8. | § 5.3.8 | The MSA shall recognise the ERCA public key in the distribution format described in Annex B. | § 6.2 Schlüsselpaar der D-CA (MS.SK, MS.PK) [r6.15] |
9. | § 5.3.9 | The MSA shall use the physical media for key and certificate transport described in Annex C. | § 6.2 Schlüsselpaar der D-CA (MS.SK, MS.PK) [r 6.16] |
10. | § 5.3.10 | The MSA shall ensure that the Key Identifier (KID) and modulus (n) of keys submitted to the ERCA for certification are unique within the domain of the MSCA. | § 8.4 Zertifikatinhalte und -formate [r8.9] |
11. | § 5.3.11 | The MSA shall ensure that expired keys are not used for any purpose. The Member State private key shall be either: destroyed so that the private key cannot be recovered or retained in a manner preventing its use. | § 6.2 Schlüsselpaar der D-CA (MS.SK, MS.PK) [r6.7] |
12. | § 5.3.12 | The MSA shall ensure that an equipment RSA key is generated, transported, and inserted into the equip- ment, in such a way as to preserve its confidentiality and integrity. For this purpose, the MSA shall - ensure that any relevant prescription mandated by security certification of the equipment is met; - ensure that both generation and insertion (if not onboard) takes place in a physically secured envi- ronment; - unless key generation was covered by the security certification of the equipment, ensure that speci- fied and appropriate cryptographic key generation algorithms are used. The last two of these requirements on generation shall be met by generating equipment keys within a device which either: a) is certified to meet the requirements identified in FIPS 140-2 (or FIPS 140-1) level 3 or higher [9]; b) is certified to be compliant with the requirements identified in the CEN Workshop Agreement 14167- 2 [10]; c) is a trustworthy system which is assured to EAL4 or higher in accordance with ISO 15408 [11]; to level E3 or higher in ITSEC [12]; or equivalent se- curity criteria. These evaluations shall be to a pro- tection profile or security target; d) is demonstrated to provide an equivalent level of security. | § 7.1 Allgemeine Anforderungen, Protokollierung [r7.1] § 7.2 Schlüsselerzeugung [r7.5] |
13. | § 5.3.13 | The MSA shall ensure confidentiality, integrity and availability of the private keys generated, stored and used under control of the MSA Policy. | § 5 Karten- und Gerätemanagement [r5.6] § 6 Schlüsselmanagement in der D-CA (Absatz 2) § 7.1 Allgemeine Anforderungen, Protokollierung [r7.2] |
14. | § 5.3.14 | The MSA shall prevent unauthorised use of the private keys generated, stored and used under control of the MSA Policy. | § 7.1 Allgemeine Anforderungen, Protokollierung (Absatz 2) § 6.2 Schlüsselpaar der D-CA (MS.SK, MS.PK) [r6.9] § 7.2 Schlüsselerzeugung [r7.8] |
15. | § 5.3.15 | The Member State private keys may be backed up using a key recovery procedure requiring at least dual control. | § 7.3 Schlüsselerzeugung [r7.11] |
16. | § 5.3.16 | Key certification requests that rely on transportation of private keys are not allowed. | § 8.2 Zertifikatserteilung [r8.7] |
17. | § 5.3.17 | Key escrow is strictly forbidden. | § 6.2 Schlüsselpaar der D-CA (MS.SK, MS.PK) [r6.11] |
18. | § 5.3.18 | The MSA shall prevent unauthorised use of its motion sensor keys. | § 6.3 Symmetrische Schlüssel für Werkstattkarten und Weg-/ Geschwindigkeitsgeber (Km, KmWC, KmVU) [r6.18] |
19. | § 5.3.19 | The MSA shall ensure that the motion sensor master key (Km) is used only to encrypt motion sensor data for the purposes of motion sensor manufacturers. The data to be encrypted is defined in the ISO / IEC 16844-3 standard [7]. | § 6 Schlüsselmanagement in der D-CA (Absatz 2) |
20. | § 5.3.20 | The motion sensor master key (Km) shall never leave the secure and controlled environment of the MSA. | § 6.3 Symmetrische Schlüssel für Werkstattkarten und Weg-/ Geschwindigkeitsgeber (Km, KmWC, KmVU) [r 6.18] |
21. | § 5.3.21 | The MSA shall forward the workshop card motion sensor key (KmWC) to the component personaliser (in this case, the card personalisation service), by appropriately secured means, for the sole purpose of insertion into workshop cards. | § 6.3 Symmetrische Schlüssel für Werkstattkarten und Weg-/ Geschwindigkeitsgeber (Km, KmWC, KmVU) [r6.18] |
22. | § 5.3.22 | The MSA shall forward the vehicle unit motion sensor key (KmVU) to the component personaliser (in this case, a vehicle unit manufacturer), by appropriately secured means, for the sole purpose of insertion into vehicle units. | § 6.3 Symmetrische Schlüssel für Werkstattkarten und Weg-/ Geschwindigkeitsgeber (Km, KmWC, KmVU) [r6.18] |
23. | § 5.3.23 | The MSA shall maintain the confidentiality, integrity and availability of its motion sensor key copies. | § 6 Schlüsselmanagement in der D-CA (Absatz 2) |
24. | § 5.3.24 | The MSA shall ensure that its motion sensor key copies are stored within a device which either: a) is certified to meet the requirements identified in FIPS 140-2 (or FIPS 140-1) level 3 or higher [9]; b) is a trustworthy system which is assured to EAL4 or higher in accordance with ISO 15408 [11]; to level E3 or higher in ITSEC [12]; or equivalent se- curity criteria. These evaluations shall be to a pro- tection profile or security target. | § 6 Schlüsselmanagement in der D-CA (Absatz 2) |
25. | § 5.3.25 | The MSA shall possess different Member State Key Pairs for the production of vehicle unit and tachograph card equipment public key certificates. | § 6.2 Schlüsselpaar der D-CA (MS.SK, MS.PK) [r6.3] § 7.3 Schlüsselverwendung [r7.9] |
26. | § 5.3.26 | The MSA shall ensure availability of its equipment public key certification service. | § 6.2 Schlüsselpaar der D-CA (MS.SK, MS.PK) [r6.6] |
27. | § 5.3.27 | The MSA shall only use the Member State Private Keys for: a) the production of Annex I(B) equipment key certi- ficates using the ISO / IEC 9796-2 digital signature algorithm as described in Annex I(B) Appendix 11 Common Security Mechanisms [6]; b) production of the ERCA key certification request as described in Annex A; c) issuing Certificate Revocation Lists if this method is used for providing certificate status information (see 5.3.30). | § 6.2 Schlüsselpaar der D-CA (MS.SK, MS.PK) [r6.4] |
28. | § 5.3.28 | The MSA shall sign equipment certificates within the same device used to store the Member State Private Keys (see 5.3.2). | § 6 Schlüsselmanagement in der D-CA (Absatz 2) |
29. | § 5.3.29 | Within its domain, the MSA shall ensure that equipment public keys are identified by a unique key identifier which follows the prescriptions of Annex I(B) [6]. | § 8.4 Zertifikatinhalte und -formate [r8.9] |
30. | § 5.3.30 | Unless key generation and certification is performed in the same physically secured Environment, the key certification request protocol shall provide proof of origin and integrity of certification requests, without revealing the private key. | § 8 Zertifikatsmanagement [r8.3] |
31. | § 5.3.31 | The MSA shall maintain and make certificate status information available. | § 8.5 Informationspflichten der D-CA [r8.13] |
32. | § 5.3.32 | The validity of a tachograph card certificate shall equal the validity of the tachograph card. | § 8.3 Zertifikatgültigkeit [r8.8] |
33. | § 5.3.33 | The MSA shall prevent the insertion of undefined validity certificates into tachograph cards. | § 8.3 Zertifikatgültigkeit [r8.8] |
34. | § 5.3.34 | The MSA may allow the insertion of undefined validity Member State certificates into vehicle units. | § 8.3 Zertifikatgültigkeit [r8.8] |
35. | § 5.3.35 | The MSA shall ensure that users of cards are identified at some stage of the card issuing process. | § 5 Karten- und Gerätemanagement [r5.8] § 7.3 Schlüsselverwendung [r7.10] |
36. | § 5.3.36 | The MSA shall ensure that ERCA is notified without delay of loss, theft, or potential compromise of any MSA keys. | § 6.2 Schlüsselpaar der D-CA (MS.SK, MS.PK) [r6.12] |
37. | § 5.3.37 | The MSA shall implement appropriate disaster recovery mechanisms which do not depend on the ERCA response time. | § 6.2 Schlüsselpaar der D-CA (MS.SK, MS.PK) [r6.6] § 9 Informations-Sicherheit [r9.13] |
38. | § 5.3.38 | The MSA shall establish an information security management system (ISMS) based on a risk assess- ment for all the operations involved. | § 9.1 Informations-Sicherheits- management (ISMS) [r9.1] |
39. | § 5.3.39 | The MSA shall ensure that the policies address personnel training, clearance and roles. | § 9.2 Besondere Anforderungen an das Sicherheitskonzept [r9.5] § 9.3 Rollentrennung [r9.15] |
40. | § 5.3.40 | The MSA shall ensure that appropriate records of certification operations are maintained. | § 9 Informations-Sicherheit [r9.10] [r9.11] [r9.12] |
41. | § 5.3.41 | The MSA shall include provisions for MSCA termination in the MSA Policy. | § 10.1 Verantwortlichkeit |
42. | § 5.3.42 | The MSA Policy shall include change procedures. | § 12 Änderungen und Anpassungen der [r12.1] |
43. | § 5.3.43 | The MSA audit shall establish whether the Require- ments of this Section are being maintained. | § 11.1 D-CA [r11.1] 2. Paragraph |
44. | § 5.3.44 | The MSA shall audit the operations covered by the approved policy at intervals of not more than 12 months. | § 11.1 D-CA [r11.1] 1. Paragraph |
45. | § 5.3.45 | The MSA shall report the results of the audit as mentioned in 5.3.43 and provide the audit report, in English, to the ERCA. | § 11.1 D-CA [r11.3] |
46. | § 5.3.46 | The audit report shall define any corrective actions, including an implementation schedule, required to fulfil the MSA obligations. | § 11.1 D-CA [r11.3] |
vergleichen mit | mWv (verkündet) | neue Fassung durch |
---|---|---|
aktuell vorher | 29.07.2017 | Artikel 11 eIDAS-Durchführungsgesetz vom 18.07.2017 BGBl. I S. 2745 |
aktuell vorher | 08.09.2015 | Artikel 475 Zehnte Zuständigkeitsanpassungsverordnung vom 31.08.2015 BGBl. I S. 1474 |
aktuell vorher | 31.01.2008 | Artikel 1 Zweite Verordnung zur Änderung fahrpersonalrechtlicher Vorschriften vom 22.01.2008 BGBl. I S. 54 |
aktuell | vor 31.01.2008 | früheste archivierte Fassung |