(778) 804-346624/7 Emergency Phone
🔍
AS ISO 13491.1:2025

Purchase the full subscription package now and enjoy a 40% discount, along with free updates for future editions.

AS ISO 13491.1:2025

$149.01

Financial services – Secure cryptographic devices (retail), Part 1: Concepts and requirements

PDF Format Searchable Printable Preview Now

AS ISO 13491.1:2025 identically adopts ISO 13491 1:2024 which specifies the security characteristics for secure cryptographic devices (SCDs) based on the cryptographic processes defined in the ISO 9564 series, AS ISO 16609 and AS ISO 11568

Table of contents
Header
About this publication
Preface
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviated terms
5 Secure cryptographic device concepts
5.1 General
5.2 Hardware management devices
5.3 Secure cryptographic device types
5.3.1 General types
5.3.2 Secure cryptographic device components
5.3.3 Hardware security module
5.3.3.1 Overview
5.3.3.2 Security requirements
5.3.3.3 Hardware security module usage
5.3.4 Key loading devices
5.4 Attack scenarios
5.4.1 General
5.4.2 Penetration
5.4.3 Monitoring
5.4.4 Manipulation
5.4.4.1 Physical manipulation
5.4.4.2 Logical (API) manipulation
5.4.5 Modification
5.4.6 Substitution
5.5 Defence measures
5.5.1 General
5.5.2 Device characteristics
5.5.3 Device management
5.5.4 Environment
6 Requirements for device security characteristics
6.1 General
6.2 Physical security requirements for secure cryptographic devices
6.3 Tamper-evident requirements
6.3.1 General
6.3.2 Substitution
6.3.3 Penetration
6.3.4 Modification
6.3.5 Monitoring
6.4 Tamper-resistant requirements
6.4.1 General
6.4.2 Penetration
6.4.3 Modification
6.4.4 Monitoring
6.4.5 Substitution or removal
6.5 Tamper-responsive requirements
6.5.1 General
6.5.2 Penetration
6.5.3 Modification
6.6 Logical security requirements for SCDs and HMDs
6.6.1 General
6.6.2 Dual control
6.6.3 Unique key per device
6.6.4 Assurance of genuine device
6.6.5 Design of functions
6.6.6 Use of cryptographic keys
6.6.7 Sensitive device states
6.6.8 Multiple cryptographic relationships
6.6.9 Secure device software authentication
7 Requirements for device management
7.1 General
7.2 Life cycle phases
7.3 Life cycle protection requirements
7.3.1 General
7.3.2 Manufacturing phase
7.3.3 Post-manufacturing phase
7.3.4 Commissioning (initial financial key loading) phase
7.3.5 Inactive operational phase
7.3.6 Active operational phase (use)
7.3.7 Decommissioning (post-use) phase
7.3.8 Repair phase
7.3.9 Destruction phase
7.4 Life cycle protection methods
7.4.1 Manufacturing
7.4.2 Post-manufacturing phase
7.4.3 Commissioning (initial financial key loading) phase
7.4.4 Inactive operational phase
7.4.5 Active operational (use) phase
7.4.6 Decommissioning phase
7.4.7 Repair
7.4.8 Destruction
7.5 Accountability
7.6 Device management principles of audit and control
Bibliography

Cited references in this standard
Content history
DR AS ISO 13491.1:2025

Please select a variation to view its description.

Published

24/04/2025
Pages

28

Please select a variation to view its pdf.

Related products

AS ISO 13491.1:2025
$149.01