Security framework — Guidelines for trust services providers — Part 1

AutorIglesias, Inigo Barreira; Gustavsson, Tomas; Wiesmaier, Alexander; Manso, Clara Galan; Gorniak, Slawomir
AbstraktThis document describes the framework surrounding trust service providers (TPSs) -– the concepts and standards related to operations of a TSP. It focuses on EU standards, but also takes into account others where relevant. The document specifically outlines security requirements for qualified and non-qualified trust service providers. It references the most important standards and standardization bodies involved in technical specification, as well as certification, auditing and supervision schemes that can be used in order to qualify as a notified trust service provider. The document also presents result of a survey conducted by ENISA amongst European trust service providers related to the different aspects. Finally, the document gives some summary recommendations for TSPs considering standards and auditing schemes.