ISO IEC 27551-2021.docx

INTERNATIONA1.STANDARDISO/IEC27551editionFirSt202109Informationsecurity,cybersecurityandprivacyprotection一Requirementsforattribute-basedun1.inkab1.eentityauthenticationSecuritydeVinformation,CybersecuriteetprotectiondeIavieprivee-Exigencesre1.ativesaauthentificationdesenti1.esnonrattachab1.espardesattributsReferencenumberISO/IEC275S1:2O21(E)COPYRIGHTPROTECTEDDOCUMENT©ISO/1EC2021M11c<he<ivdi1.itedotherwiseS1.Rnrirftuw!<>rryH可11cho。城et1.u1.IOHai(Xt)Iinra”;ItmI1.GPhrt1.丽IrfVIXxxPxin%PRWIH(InPOStingontheinternetoranInunnu1.withoutpriorwrittenpermission.PermissioncanberequestedfromeitherISOatt1.½addressbe1.oworISO*smemberhodyinthecountryoftherrcucstcr.Vftft0ifBhndonnct8CH124rernier,GeneviiPhone:-41227490111朋袖tc：相湖糊幽so.orgPub1.ishedinSwitzer1.andContentsForeword7.3Specificdefinitions7.3.4 AP-UUnhnkabi1.ity77.3.8 RP+RP'-Uun1.inkabi1.ity88.1.2 Se1.f-c1.aimedattributes.108.1.6Computedattributes.一一“11AnnexB(informative)Examp1.esofattribute-basedentityauthenticationprotoco1.s1934Bib1.iographyiiiIntroductionvScope1Normativereferences1Termsanddefinitions1SymbO1.Sandabbreviatedterms2Genera1.objectivesofattribute-basedentityauthentication2Propertiesofattributebasedentityauthenticationprotoco1.s46.1 Correctness46.2 Unforgeabi1.ity4Genera1.7.17.2Un1.iiikabi1.itypropertiesofattribute-basedentityauthenticationprotoco1.sGenericdefinitionofun1.inkabi1.ity7.3.1 Genera1.O1.un1.inkabi1.ity7.3.2 Passiveoutsiderun1.inkabi1.ity(anti-tiackingfrompassiveoutsiders)77.3.3 Activeoutsiderun1.inkabi1.ity(anti-trackingfromactiveoutsiders)77.3.5 RP-U(*,anonymousvisits*toanRP)7.3.6 RP÷AP-Uun1.inkabi1.ity(anti-RP-AP-co1.1.usion)87.3.7 AP-RPun1.inkabi1.ity(antitackingofRPfromAP)87.3.9 AP-RP+U(anti-trackingofUfromasetofco1.1.udingRPS)7.4Re1.ationshipsbetweennotionsofun1.inkabi1.ity97.5Un1.inkabi1.ity1.eve1.sforattribute-basedentityauthentication9ttr1.bUteS108.1Categoriesofattributes108.1.1 Persona1.attributes108.1.3 Verified8.1.4 Staticattributes118.1.5 Semi-Staticattributes118.1.7 Dynamic8.1.8 IdentifyingOttributcs118.1.9 Supportingattributes11Requirementsfor1.eve1.Nattribute-basedun1.inkab1.eentityauthentication11Annex(informative)Forma1.definitionsforsecurityandun1.inkabi1.itynotions13Annex C (informative)26Annex D (informative)Usecasesforattribute-basedun1.inkab1.eentityauthentication33ForewordISO(theInternationa1.OrganizationforStandardization)andIEC(theInternationa1.E1.ectrotechnica1.(inrt)C55jo6)SrnIHGspartHipidtsye耐IciAwHophAwM1.etHtdndandgionStNndzwdriBudiughtechniMbcommitteesestab1.ishedbytherespectiveorganizationtodea1.withparticu1.arfie1.dsoftechnica1.activity.ISOandIECmitteesco1.1.aborateinfie1.dsOfmutua1.interestOtherinternationa1.ornizations,governmenta1.andnon-governmenta1.rin1.iaisonwithISOandIEC,a1.sotakepartintheTheproceduresusedtodeve1.opthisdocumentandthoseintendedforitsfurthermaintenancearc咽确fetfM8节CS1.gdH照m班的战fA屈.pMh星M皿Z三4rQ帆丽叫H融矩&kd段edkWH1.n1.esWthCISO/IECDirectives.Part2(seewww.iso.org/dircc1.ivesorwww.icc.ch/niembcrs,expertsrefdocs).JfiffiUF>rigWiwn1.g喻愁S融Um®twf!三bk由H¾三朔0VhyMaf1.11Wubjectrights.Detai1.sofanypatentrightsidentifiedduringthedeve1.opmentof4h÷4HHiHUwiU4eintheIntroductionand/orontheISO1.istofpatentdec1.arationsreceived(seewww.iso.org/patents)ortheIEC1.istofpatentdec1.arationsreceived(seepatents.iec.ch).Anytradenameusedinthisdocumentisinformationgivenfortheconvenienceofusersanddoesnotconstituteanendorsement.B即邮SiOnSeXmHnttrtbM岫CMtbwMty第榄碗e11,ofa用HhdardSJhftW2t11Ntfout1.S0tttUmmiwdWw1.4-4t4Ot*ization(WTO)pip1.esthdwB*ies4oTrade(TBT)seewww.iso.org/isoforcword.htm!.IntheIECrseewww.icc.chundcrstandings1.andards.j族。例M腺里SC编妞肿群梆隰CUrj夕或M1.wfm阳(SOI&肪小ec"on./brmaontechno1.ogy,Anyfeedbackorquestionsonthisdocumentshou1.dbedirectedtotheuser'snationa1.standardsbody.A¾1.ftes1.iVtingofthesebodiescanbefoundatvwisfM>FgHeHbeF54HH1.andvwwi4ee<4fwH4eni)IntroductionprocessingstatePU.Theartsecondprincip1.esitesco1.1.ectionIimitation.necessaryrecommendation,theHowever,possib1.ethecasevisitsotherinformationprincipa1.thedifferenersistentidentifiertwosupp1.ied.typeadhereentityidentifierthatdoesco1.1.ectionIimitation1IinktwoornoreabovecaseShou1.dprincipa1.Thisothertypesofun1.inkabi1.itycana1.sobeconsideredanddesiredinapp1.ications.imp1.ementationsfocsBUEonUn1.inkabiIityThisdocumentmeasurescasesStrength1.eastattributeTherequirementsdeve1.opedbythisdocumentapp1.ybetai1.oredapp1.icationapp1.iedcomnunicationprivacyprincip1.es.takcnva1.idconsiderationtoensureprivacyandPropertiescharacteristicsapp1.icationcommunication1.ayers./IEC2021-A1.1.nghtsreservedISO/IEC29100setsforthe1.evenprivacyprincip1.eswhichapp1.ytoa1.1.actorsthatcanheinvo1.vedinthecurrentofofthe