中文 English
GB/T 27913-2011 Replaced National standards

GB/T 27913-2011 Public key infrastructure for financial services—Practices and policy framework

GB/T 27913-2011 Public key infrastructure for financial services—Practices and policy framework

Publish Date: 2011-12-30 Implement Date: 2012-02-01 For services related to genuine standard inquiry, procurement, translation, and other related services in China, please Contact Us

Basic Information

Standard Code: GB/T 27913-2011
Standard Type: National standards
Standard Status: Replaced
is_force_gb: no
CCS Name: Finance, insurance
ICS Name: The application of information technology in banks
Publish Date: 2011-12-30
Implement Date: 2012-02-01
Pages: 90 pages

Scope

This standard specifies the management of PKI through certificate policies and certification practice statements, as well as the requirements framework for the use of public key certificates in the financial services industry. It also defines the control objectives and control procedures for risk management.
This standard applies to PKI systems in open, closed, and contractual environments, and further defines the operations of the business based on the control objectives of the information systems in the financial services industry. The purpose of this standard is to assist implementers in defining PKI operations that support multiple certificate policies, including the use of digital signatures, remote authentication, and digital encryption.
This standard makes it easier to implement PKI-controlled operations in contractual environments that meet the requirements of the financial services industry. Although this standard is primarily aimed at contractual environments, it does not exclude the application of the document to other environments. In the document, the term "certificate" refers to public key certificates. Attribute certificates are not within the scope of this standard.
The target of this standard is to address the diverse needs of multiple users, so each type of user will focus on different content.
Business managers and analysts are those who need to use PKI technology in their business operations, and they should pay attention to Chapters 1 to 6.
Technical designers and implementers are those who write their certificate policies and certification practice statements, and they should pay attention to Chapters 6 to 8, as well as Appendices A to F.
Operation managers and auditors are those who are responsible for the daily operation of PKI systems and conduct consistency checks according to this standard, and they should pay attention to Chapters 6 to 8.

Development Information

Word Count: 171 Thousand words Pages: 90 pages

Superseded by the following standards

GB/T 27913-2022 Public key infrastructure for financial services—Practices and policy framework

Referenced Standards

GB 13000.1-1993 Information technology—Universal Multiple-Octet Coded Character Set(UCS)—Part 1:Architecture and Basic Multilingual Plane GB/T 14916-1994 Identification cards—Physical characteristics GB/T 14916-2006 Identification cards—Physical characteristics GB/T 14916-2022 Identification cards—Physical characteristics GB/T 15120.1-1994 Identification cards—Recording technique—Part 1:Embossing GB/T 15120.1-2013 Identification cards—Recording technique—Part 1:Embossing GB/T 15120.2-1994 Identification cards—Recording technique—Part 2:Magnetic stripe GB/T 15120.2-2012 Identification cards—Recording technique—Part 2:Magnetic stripe—Low coercivity GB/T 15120.3-1994 Identification cards—Recording technique—Part 3:Location of embossed characters on ID-1 cards GB/T 15120.4-1994 Identification cards—Recording technique—Part 4:Location of read-only magnetic tracks—Tracks 1 and 2 GB/T 15120.5-1994 Identification cards—Recording technique—Part 5:Location of read-write magnetic track—Track 3 GB/T 15120.6-2012 Identification cards—Recording technique—Part 6:Magnetic stripe—High coercivity GB/T 15120.9-2019 Identification cards—Recording technique—Part 9:Tactile identifier mark GB/T 16264.8-2005 Information technology—Open Systems Interconnection—The Directory—Part 8:Public-key and attribute certificate frameworks GB/T 16649.1-1996 Identification cards—Integrated circuit(s) cards with contacts—Part 1:Physical characteristics GB/T 16649.1-2006 Identification cards—Integrated circuit(s) cards with contacts—Part 1:Physical characteristics GB/T 16649.2-1996 Identification cards—Integrated circuit(s) cards with contacts—Part 2:Dimensions and Location of the contacts GB/T 16649.2-2006 Identification cards—Integrated circuit(s) cards with contacts—Part 2:Dimensions and location of the contacts GB/T 16649.2-2024 Identification cards—Integrated circuit cards—Part 2:Cards with contacts—Dimensions and location of the contacts GB/T 16649.3-1996 Identification cards—Integrated circuit(s) cards with contacts—Part 3:Electronic signals and transmission protocols GB/T 16649.3-2006 Identification cards—Integrated circuit(s) cards with contacts—Part 3:Electronic signals and transmission protocols GB/T 16649.3-2024 Identification cards—Integrated circuit cards—Part 3:Cards with contacts—Electrical interface and transmission protocols GB/T 16649.5-2002 Identification cards-integrated circuit(s) cards with contacts—Part 5:National numbering system and registration procedure for application identifiers GB/T 16649.6-2001 Identification cards—Integrated circuit(s) cards with contacts—Part 6:Interindustrv data elements GB/T 16649.7-2000 Identification cards—Integrated circuit(s) cards with contacts—Part 7:Interindustry commands for structured Card query language(SCQL) GB/T 16649.8-2002 Identification cards—Intergrated circuit(s) cards with contacts—Part 8:Security related interindustry commands GB/T 16649.10-2002 Identification cards—Intergrated circuit(s) cards with contacts—Part 10:Electronic signals and answer to reset for synchronous cards GB/T 16790.1-1997 Financial transaction cards—Security architecture of financial transaction systems using integrated circuit cards—Part 1:Card life cycle GB/T 16790.5-2006 Financial transaction cards—Security architecture of financial transaction systems using integrated circuit cards—Part 5:Use of algorithms GB/T 16790.6-2006 Financial transaction cards—Security architecture of financial transaction systems using integrated circuit cards—Part 6:Cardholder verification GB/T 16790.7-2006 Financial transaction cards—Security architecture of financial transaction systems using integrated circuit cards—Part 7:Key management GB/T 17552-1998 Identification cards—Financial transaction cards GB/T 17552-2008 Information technology—Identification cards—Financial transaction cards GB/T 17969.1-2000 Information technology—Open Systems Interconnection—Procedures for the operation of OSI Registration Authorities—Part 1:General procedures GB/T 18336.1-2001 Information technology—Security techniques—Evaluation criteria for IT security—Part 1:Introduction and general model GB/T 18336.1-2008 Information technology—Security techniques—Evaluation criteria for IT security—Part 1:Introduction and general model GB/T 18336.1-2015 Information technology—Security techniques—Evaluation criteria for IT security—Part 1:Introduction and general model GB/T 18336.1-2024 Cybersecurity technology—Evaluation criteria for IT security—Part 1:Introduction and general model GB/T 18336.2-2001 Information technology—Security techniques—Evaluation criteria for IT security—Part 2:Security functional requirements GB/T 18336.2-2008 Information technology—Security techniques—Evaluation criteria for IT security—Part 2:Security functional requirements GB/T 18336.2-2015 Information technology—Security techniques—Evaluation criteria for IT security—Part 2:Security functional components GB/T 18336.2-2024 Cybersecurity technology—Evaluation criteria for IT security—Part 2:Security functional components GB/T 18336.3-2001 Information technology—Security techniques—Evaluation criteria for IT security—Part 3:Security assurance requirements GB/T 18336.3-2008 Information technology—Security techniques—Evaluation criteria for IT security—Part 3:Security assurance requirements GB/T 18336.3-2015 Information technology—Security techniques—Evaluation criteria for IT security—Part 3:Security assurance components GB/T 18336.3-2024 Cybersecurity technology—Evaluation criteria for IT security—Part 3:Security assurance components GB/T 18336.4-2024 Cybersecurity technology—Evaluation criteria for IT security—Part 4:Framework for specification of evaluation methods and activities GB/T 18336.5-2024 Cybersecurity technology—Evaluation criteria for IT security—Part 5:Pre-defined packages of security requirements GB/T 19716-2005 Information technology—Code of practice for information security management GB/T 21077.2-2007 Banking—Certificate management—Part 2:Certificate extensions ISO/IEC 7816-4 ISO/IEC 7816-9 ISO/IEC 7816-11 ISO/IEC 7816-12 ISO/IEC 7816-15 ISO 10202-2 ISO 10202-3 ISO 10202-4 ISO 10202-8 ISO 15782-1:2003 ISO 18014-2 ISO 18014-3 ISO/IEC 18032 ISO/IEC 18033.1 ISO/IEC 18033.2 ISO/IEC 18033.3 ISO/IEC 18033.4

Adopt standards

ISO 21188:2006

Related Standards

GB/T 14504-1993 Abolished

GB/T 14504-1993 Bank cards

Publish Date: 1993-07-05
GB/T 15733-1995 Active

GB/T 15733-1995 The basic terminology of financial computerization

Publish Date: 1995-11-03
GB/T 15935-1995 Replaced

GB/T 15935-1995 Magnetic stripes on savingsbooks

Publish Date: 1995-12-21
GB/T 15948.1-1995 Replaced

GB/T 15948.1-1995 Bank telecommunication—Funds transfer message—Part 1:Vocabulary and data elements

Publish Date: 1995-12-21
GB/T 18789-2002 Replaced

GB/T 18789-2002 General specification for automated teller machine (ATM)

Publish Date: 2002-07-18
GB/T 18240.1-2003 Active

GB/T 18240.1-2003 Fiscal cash register Part 1:Specification of device

Publish Date: 2003-06-25
Contact Us