ISO 19299:2020 电子收费 保安架构

标准编号：ISO 19299:2020

中文名称：电子收费 保安架构

英文名称：Electronic fee collection — Security framework

发布日期：2020-08

标准范围

本文件基于ISO 17573-1中定义的系统架构，为EFC方案的所有组织和技术实体以及相关接口定义了信息安全框架。安全框架描述了一组安全需求和相关的安全措施。附录D列出了EFC系统的潜在威胁，以及与规定安全要求的可能关系。这些威胁可用于威胁分析，以确定EFC系统的相关安全要求。然后，可以从确定的安全需求中得出保护EFC系统的相关安全措施。

This document defines an information security framework for all organizational and technical entities of an EFC scheme and for the related interfaces, based on the system architecture defined in ISO 17573-1. The security framework describes a set of security requirements and associated security measures.Annex D contains a list of potential threats to EFC systems and a possible relation to the defined security requirements. These threats can be used for a threat analysis to identify the relevant security requirements for an EFC system.The relevant security measures to secure EFC systems can then be derived from the identified security requirements.

标准预览图