ANSI

From The Secure Arc Wiki

Jump to: navigation, search

Information in italics is referenced from wikipedia., reproduced in accordance with the GNU Free Documentation License.

American National Standards Institute ANSI, is a private non-profit organization that oversees the development of voluntary consensus standards for products, services, processes, systems, and personnel in the United States. The organization also coordinates U.S. standards with international standards so that American products can be used worldwide.

The following high-level outline some of the main ANSI standards relating to Information Security. Each standard can be broken down further into more specific sub-requirements that can be mapped back to both the Security Principles that drive them and the Design Patterns that satisfy them.


Contents

Standards

ANSI X9.31:1998 Digital Signatures Using Reversible Public Key Cryptography for the Financial Services Industry

BSR X9.41-199x Security Services Management for the Financial Services Industry (DRAFT STANDARD)

ANSI X9.42:2003 Revises ANSI X9.42-2001 Public Key Cryptography for the Financial Services Industry: Agreement of Symmetric Keys Using Discrete Logarithm Cryptography

ANSI X9.44-2007 Key Establishment Using Integer Factorization Cryptography

ANSI X9.55:1997 Public Key Cryptography for the Financial Services Industry: Extensions to Public Key Certificates and Certificate Revocation Lists

ANSI X9.57:1997 Public Key Cryptography for the Financial Services Industry: Certificate Management

ANSI X9.63:2001 Public Key Cryptography for the Financial Services Industry, Key Agreement and Key Transport Using Elliptic Curve Cryptography

BSR X9.74-199x Conformance Testing for Certification Path Processing (DRAFT STANDARD)

ANSI X9.79:2001 Financial Services Public Key Infrastructure (PKI) Policy and Practices Framework

BSR X9.79 Part 2 Protection Profiles for Certificates Issuing and Management Systems (Part 2) (DRAFT STANDARD)

ANSI X9.84:2003 Biometric Information Management and Security for the Financial Services Industry

ANSI X9.95:2005 Trusted Time Stamp Management and Security

ANSI X9.96:2004 XML Cryptographic Message Syntax (XCMS)

INCITS 358:2002 AM 1:2007 Information technology - BioAPI Specification (version 1.1) - Amendment 1: Support for Biometric Fusion (INCITS 358:2002 AMENDMENT 1) [M1.2 ]

INCITS 359:2004 Information technology - Role Based Access Control (RBAC) [CS1 ]

INCITS 377:2004 Information technology - FInger Pattern Based Interchange Format [M1.3 ]

INCITS 378:2004 Information technology - Finger Minutiae Format for Data Interchange [M1.3 ]

INCITS 379:2004 Information technology - Iris Image Interchange Format [M1.3 ]

INCITS 381:2004 Information technology - Finger Image Based Interchange Format [M1.3 ]

INCITS 383:2004 Information technology - Application Profile - Interoperability and Data Interchange - Biometric Based Verification and Identification of Transportation Workers [M1.4 ]

INCITS 385:2004 Information technology - Face Recognition Format for Data Interchange [M1.3 ]

INCITS 394:2004 Information technology - Application Profile for Interoperability - Data Interchange and Data Integrity of Biometric Based Personal Identification for Border Management [M1.4 ]

INCITS 395:2005 Information technology - Biometric Data Interchange Formats - Signature/Sign Data [M1.3 ]

INCITS 396:2005 Information technology - Hand Geometry Format for Data Interchange [M1.3 ]

INCITS 398:2005 Information technology - Common Biometric Exchange Formats Framework (CBEFF) [M1.2 ]

INCITS 409.3:2005 Information technology - Biometric Performance Testing and Reporting - Part 3: Scenario Testing and Reporting [M1.5 ]

INCITS 409.4:2006 Information technology - Biometric Performance Testing and Reporting - Part 4: Operational Testing Methodologies [M1.5 ]

INCITS 410:2006 Information technology - Identification cards - Limited Use (LU), Proximity Integrated Circuit Card (PICC) [B10 ]

INCITS 421:2006 Information technology - Biometric Profile - Interoperability and Data Interchange - DoD Implementations [M1.4 ]

INCITS 422:2007 Information technology - Application Profile for Commercial Biometric Physical Access Control [M1.4 ]

INCITS 434:2007 Information technology - Tenprint capture using BioAPI [M1.2 ]

Standards Practice

The ANSI standards suggest an approach to applying and handling cryptography, biometrics and other specific areas of security. ANSI work closely with other standards bodies, including ISO.

Licensing and Documentation

The license associated with most ANSI standards does not permit public distribution or reproduction, however it can be purchased for personal or business use directly from their website.

A high-level outline for licensing reasons has been taken from here.

Navigation

Personal tools