decentralized-id.github.io/unsorted/standards/not-ssi/iso.md
2023-06-19 03:48:08 +05:30

5.9 KiB
Raw Blame History

published
false

ISO

Working Group 3 - Travel Documents

https://www.icao.int/Security/FAL/TRIP/PublishingImages/Pages/Publications/Guiding%20core%20principles%20for%20the%20development%20of%20a%20Digital%20Travel%20Credential%20%20%28DTC%29.PDF

https://www.icao.int/Meetings/TRIP-Symposium-2021/PublishingImages/Pages/Presentations/Digital%20Travel%20Credential%20(DTC)%20Policy%20and%20Guiding%20Principles.pdf ISO SC17/WG3/TF5

Distribution of ISO/IEC JTC1/SC 17 MRTD TEST STANDARDS FREE OF CHARGE https://www.icao.int/Meetings/TAG-MRTD/TagMrtd22/TAG-MRTD-22_WP10.pdf

ISO/IEC 7501-1:2008 Identification cards — Machine readable travel documents — Part 1: Machine readable passport https://standards.iso.org/ittf/PubliclyAvailableStandards/c045562_ISO_IEC_7501-1_2008.zip ISO/IEC JTC 1/SC 17 ISO/IEC 7501-2:1997 2nd Identification cards — Machine readable travel documents — Part 2: Machine readable visa https://standards.iso.org/ittf/PubliclyAvailableStandards/s029074_ISO_IEC_7501-2_1997(E).zip ISO/IEC JTC 1/SC 17 ISO/IEC 7501-3:2005 EN 2nd Identification cards — Machine readable travel documents — Part 3: Machine readable official travel documents https://standards.iso.org/ittf/PubliclyAvailableStandards/c042771_ISO_IEC_7501-3_2005.zip ISO/IEC JTC 1/SC 17

mDL 18013-5

ISO/IEC 18013-5:2021 This document establishes interface specifications for the implementation of a driving licence in association with a mobile device. This document specifies the interface between the mDL and mDL reader and the interface between the mDL reader and the issuing authority infrastructure. This document also enables parties other than the issuing authority (e.g. other issuing authorities, or mDL verifiers in other countries) to:
- use a machine to obtain the mDL data;

- tie the mDL to the mDL holder;

- authenticate the origin of the mDL data;

- verify the integrity of the mDL data.
The following items are out of scope for this document:

- how mDL holder consent to share data is obtained;

- requirements on storage of mDL data and mDL private keys. Personal identification — ISO-compliant driving licence — Part 5: Mobile driving licence (mDL) application https://www.iso.org/standard/69084.html

++++ ISO/IEC 18013-5 vs Self-Sovereign Identity: A proposal for an mDL Verifiable Credential in the context of government identity programs we see it as useful to compare them on the following parameters background, credential data model & trust anchor and transmission protocols. https://www.procivis.ch/post/iso-iec-18013-5-vs-self-sovereign-identity-a-proposal-for-an-mdl-verifiable-credential Procivis

Where can the W3C VCs meet the ISO 180135 mDL? Thanks to the sponsorship of Spruce and the support of many who are working on and/or following the W3C Verifiable Credentials (VCs) and ISO 180135 mDL, we have had the pleasure of conducting a community engagement project (Phase 1) in the past two months to find out where the two standards can meet. By “meet,” we mean finding common ground and alignment so that the two standards can be compatible to the fullest extent for the market to understand their respective unique values, for implementers to build on them with ease, and for users to manage credentials based on them with a good experience. https://medium.com/@identitywoman-in-business/where-can-the-w3c-vcs-meet-the-iso-18013-5-mdl-b2d450bb19f8

ISO 27001

+++> What Is ISO 27001:2013? A Guide for Businesses https://auth0.com/blog/what-is-iso-27001-2013-a-guide-for-businesses/ ISO 27001 is also the cornerstone of a growing international consensus about data security best practices. Australia based its federal Digital Security Policy on ISO 27001. Likewise, ISO 27001 can provide guidance on how to meet the standards of other data privacy laws, such as the GDPR, which often direct companies to it as an example of universal best practices. So if you abide by ISO 27001s recommendations, youre on the right track for legal compliance, not to mention improved data security.

++++ WAYF certificeret efter ISO 27001 WAYF has now been certified according to the standard for information security ISO 27001. This is the result of the audit that DNV conducted at WAYF on 23 September 2021. Language Danish Read more about WAYF certified according to ISO 27001 https://www.wayf.dk/en/node/317

+++> What Is ISO 27018:2019? Everything Executives Need to Know ISO 27018 is part of the ISO 27000 family of standards, which define best practices for information security management. ISO 27018 adds new guidelines, enhancements, and security controls to the ISO/IEC 27001 and ISO/IEC 27002 standards, which help cloud service providers better manage the data security risks unique to PII in cloud computing. https://auth0.com/blog/what-is-iso-27018-2019-everything-executives-need-to-know/

ISO/IEC 29100

++++ ISO/IEC 29100:2011 - Information technology — Security techniques — Privacy framework https://www.iso.org/standard/45123.html

AAMVA Mobile Driver License The mobile driver's license (mDL) is the future of licensing and proof of identity. An mDL is a driver's license that is provisioned to a mobile device with the capability to be updated in real time. It is comprised of the same data elements that are used to produce a physical driver's license, however, the data is transmitted electronically to a relying party's reader device and authenticated. The mDL is a significant improvement over physical credentials which can easily be lost or stolen, become broken or damaged, contain outdated information, offer too much information (including personally identifiable information), and can more easily be replicated by counterfeiters. The mDL offers safe, secure, and trustable technologies that allow for completely touchless transactions, selective information release, data protection, and so much more. https://www.aamva.org/topics/mobile-driver-license