Guidelines for trust service providers - Part 3: Mitigating the impact of security incidents

This document recommends measures to mitigate the impact of security incidents on trust service providers (TSP) by proposing suitable technical and organisational means to handle the security risks posed to the TSP. This is done using a certification service provider (CSP) as representative example. The document focuses on the concepts and entities of hierarchical public key infrastructures (PKI), leaving other concepts, such as web of trust, out of scope.

Iñigo Barreira, Izenpe, Tomas Gustavsson, Primekey, Alexander Wiesmaier, AGT International, Clara Galan Manso, Ministry of Defense, Spain (Seconded National Expert at ENISA during the time of the study), Sławomir Górniak, ENISA

This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies