ДСТУ ISO/IEC TS 30104:2016 Информационные технологии. Методы защиты. Атаки на физическую безопасность, методы противодействия и требования безопасности (ISO/IEC TS 30104:2015, IDT)

ПІДТВЕРДЖУВАЛЬНЕ ПОВІДОМЛЕННЯ

Державне підприємство «Український науково-дослідний і навчальний центр
проблем стандартизації, сертифікації та якості»
(   
(ДП «УкрНДНЦ»))

Наказ від 07.10.2016 № 307

ISO/IEC TS 30104:2015

Information Technology — Security Techniques —
Physical Security Attacks, Mitigation Techniques and Security Requirements

прийнято як національний стандарт
методом «підтвердження» за позначенням
 

ДСТУ ISO/IEC TS 30104:2016
(ISO/IEC TS 30104:2015, IDT)

Інформаційні технології. Методи захисту.
Атаки на фізичну безпеку, методи протидії та вимоги щодо безпеки

З наданням чинності від 2016-10-10

Contents

Foreword

Introduction

1 Scope

2 Normative references

3 Terms and definitions

4 Symbols and abbreviated terms

5 Physical security

6 Physical security invasive mechanisms

6.1 Overview

6.2 Tamper proof

6.3 Tamper resistant 

6.4 Tamper detection

6.5 Tamper evident 

6.6 Additional physical security considerations

6.6.1 Summary

6.6.2 Size and weight 

6.6.3 Mixed and Layered Systems

7 Physical security invasive attacks and defences

7.1 Overview

7.2 Attacks

7.2.1 Attack mechanisms

7.2.2 Machining methods 

7.2.3 Shaped charge technology

7.2.4 Energy attacks

7.2.5 Environmental conditions 

7.3 Defences

7.3.1 Overview

7.3.2 Tamper resistant 

7.3.3 Tamper evident

7.3.4 Tamper detection sensor technology

7.3.5 Tamper responding

8 Physical security non-invasive mechanisms

8.1 Overview

8.2 Mixed and Layered Systems

9 Physical security non-invasive attacks and defences 

9.1 Overview

9.2 Attacks 

9.2.1 Overview

9.2.2 External Probe attacks

9.2.3 External EME attacks

9.2.4 Timing analysis

9.3 Defences

10 Operating Envelope Concept

11 Development, delivery and operation considerations 

11.1 Introduction

11.2 Development 

11.2.1 Functional test and debug

11.2.2 Security testing

11.2.3 Environmental testing

11.2.4 Factory installed keys or security parameters

11.3 Delivery

11.3.1 Documentation

11.3.2 Packaging

11.3.3 Delivery verification

11.4 Operation 

11.4.1 Overview

11.4.2 Implementation feedback

11.4.3 Feedback during attack

12 Physical security evaluation and testing

12.1 Overview

12.2 Standards

12.2.1 FIPS PUB 140-2, Security Requirements for Cryptographic Modules

12.2.2 Derived Test Requirements for FIPS PUB 140-2, Security Requirements for Cryptographic Modules

12.2.3 ISO/IEC 19790:2012, Information technology — Security techniques — Security requirements for cryptographic modules

12.2.4 ISO/IEC 24759:2014 Information technology — Security techniques — Test requirements for cryptographic modules

12.2.5 ISO/IEC 15408-1:2009, Information technology — Security techniques — Evaluation criteria for IT security — Part 1: Introduction and general model

12.2.6 ISO/IEC 15408-2:2008, Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional components

12.2.7 ISO/IEC 15408-3:2008, Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance components 

12.2.8 ISO/IEC 18045:2008, Information technology — Security techniques — Methodology for IT security evaluation 

12.3 Programs and schemes

12.3.1 NIST and CSE Cryptographic Module Validation Program

12.3.2 Japan Cryptographic Module Validation Program 

12.3.3 Korea Cryptographic Module Validation Program

12.3.4 Common Criteria

Annex A (informative) Example of a physical security design

Bibliography