GSO ISO/IEC 20248:2022

ISO/IEC 20248:2018
Gulf Standard   Current Edition · Approved on 12 May 2022

Information technology — Automatic identification and data capture techniques — Data structures — Digital signature meta structure

GSO ISO/IEC 20248:2022 Files

GSO ISO/IEC 20248:2022 Scope

ISO/IEC 20248:2018 is an ISO/IEC 9594‑8 (Public Key Infrastructure: digital signatures and certificates) application specification for automated identification services. It specifies a method whereby data stored within a barcode and/or RFID tag are structured, encoded and digitally signed. ISO/IEC 9594‑8 is used to provide a standard method for key and data description management and distribution. It is worth noting that the data capacity and/or data transfer capacity of Automated Identification Data Carriers are restricted. This restricts the normal use of a Digital Signature as specified in ISO/IEC 9594‑8 within automated identification services.

The purpose of this document is to provide an open and interoperable method, between automated identification services and data carriers, to read data, verify data originality and data integrity in an offline use case.

ISO/IEC 20248:2018 specifies

- the meta data structure, the DigSig, which contains the Digital Signature and encoded structured data,

- the public key certificate parameter and extension use, the DigSig Certificate, which contains the certified associated public key, the structured data description, the read methods and private containers,

- the method to specify, read, describe, sign, verify, encode and decode the structured data, the DigSig Data Description,

- the DigSig EncoderGenerator which generates the relevant asymmetric key pairs, keeps the Private Key secret and generates the DigSigs, and

- the DigSig DecoderVerifier which, by using to the DigSig Certificate, reads the DigSig from the set of Data Carriers, verifies the DigSig and extracts the structured data from the DigSig.

A successful verification of the DigSig signifies the following:

- the data was not tampered with;

- the source of the data is as indicated on the DigSig Certificate used to verify the DigSig with;

- if a secured identifier of the data carrier is included in the DigSig it contains, then the data stored on the data carrier can be considered as the original issued copy of the data; the secure identifier will be able to guarantee that the data carrier is authentic.

ISO/IEC 20248:2018 does not specify

- cryptographic methods, nor

- key management methods.

ISO/IEC 20248:2018 is used in conjunction with standard risk assessments of the use environment.

Best Sellers From Information Sector

GSO ISO/TR 18492:2017
ISO/TR 18492:2005 
Gulf Standard
Long-term preservation of electronic document-based information
GSO ISO/IEC 15773:2013
ISO/IEC 15773:1998 
Gulf Standard
Information technology -- Telecommunications and information exchange between systems -- Broadband Private Integrated Services Network -- Inter-exchange signalling protocol -- Transit counter additional network feature
GSO ISO/TR 13028:2013
ISO/TR 13028:2010 
Gulf Standard
Information and documentation - Implementation guidelines for digitization of records
GSO ISO 16175-2:2013
ISO 16175-2:2011 
Gulf Standard
Information and documentation -- Principles and functional requirements for records in electronic office environments -- Part 2: Guidelines and functional requirements for digital records management systems

Recently Published from Information Sector

GSO ISO/IEC 22123-1:2024
ISO/IEC 22123-1:2023 
Gulf Standard
Information technology — Cloud computing — Part 1: Vocabulary
GSO ISO/IEC 23859:2024
ISO/IEC 23859:2023 
Gulf Standard
Information technology — User interfaces — Requirements and recommendations on making written text easy to read and understand
GSO ISO 29585:2024
ISO 29585:2023 
Gulf Standard
Health informatics — Framework for healthcare and related data reporting
GSO ISO 16245:2024
ISO 16245:2023 
Gulf Standard
Information and documentation — Boxes, file covers and other enclosures, made from cellulosic materials, for storage of paper and parchment documents