ENISA
https://www.enisa.europa.eu
Workshop on security aspects of TSPs 2013
https://www.enisa.europa.eu/events/workshop
No publisherTrust service providers2013/06/07 14:15:00 GMT+2EventTrusted e-ID Infrastructures and services in the EU - Recommendations for Trusted Provision of e-Government services
https://www.enisa.europa.eu/publications/trusted-egov
Under the scope of the the proposed new Regulation on electronic identification and trust services for electronic transactions in the internal market, which will supersede the current Directive 1999/93/EC on a Community framework for electronic signatures, ENISA has conducted a study about the security mechanisms and interoperability issues specific to the new regulated trust services. The aim of this report is to complement the report that summarises the results of the survey, also published by ENISA: “TSP services, standards and risk analysis report”, making more specific recommendations to e-Government service providers, encouraging them to use Trusted Third Party service providers to implement the trust services required to give citizens the expected level of confidence and trustwotthines on the services. This document collects the experience of some of the Large Scale Pilots (LSP) funded by the European Commission, that implement trust services defined in the proposed new Regulation (in particular epSOS, e-CODEX and PEPPOL), as cases studies to analyse the current practices and identify gaps and improvement opportunities. Then, the recommendations collected in the Trust Service Providers (TSP) overview report published by ENISA have been adapted for the provision of e-Government Services, which include issues for security practices and risk management.No publisherTrust service providers2014/01/28 00:15:00 GMT+2Report/StudyTrusted e-ID infrastructures and services in EU
https://www.enisa.europa.eu/publications/trusted-eid
ENISA has conducted a survey about the security mechanisms used by TSPs (Trust Service Providers) in Europe, and their interoperability, under the scope of the proposed new Regulation on electronic identification and trust services for electronic transactions in the internal market, which will supersede the current Directive 1999/93/EC on a Community framework for electronic signatures. The survey has addressed several issues of the services that are been offered: security practices, imlemented standards and risk analysis. The document is divided in three different sections: Services, Standards, and Risks. Each section is structured in two parts: The first one shows the general results for all the services, and the second one the specific results for each of the offered services.No publisherTrust service providers2014/01/28 00:15:00 GMT+2Report/StudyTrust Services Security Incidents 2018 - Annual report
https://www.enisa.europa.eu/publications/trust-services-security-incidents-2018
The annual report on Trust Services Security Incidents 2018 gives an aggregated overview of security breaches, showing root causes, statistics and trends. It marks the third round of security incident reporting for the EU’s trust services sector. The annual summary reporting for 2018 totalled 18 incident reports, i.e. incidents with significant impact on the trust services.No publisherIncident ReportingTrust service providers2019/07/15 12:20:00 GMT+2Report/StudyTrust Service Forum 2022: Deepdive into Digital Identity Wallets and Web Certificates
https://www.enisa.europa.eu/news/trust-service-forum-2022-deepdive-into-policy-developments-digital-identity-wallets-and-web-certificates
The European Union Agency for Cybersecurity (ENISA) gathered experts from trust services providers, standardisation bodies and national authorities around the discussion tables of the Trust Services Forum organised on 27 and 28 October in Berlin.No publisherTrust ServicesTrust service providersIdentity & TrusteIDAS Incident Reporting2022/11/09 17:15:00 GMT+2News ItemStandardisation in the field of Electronic Identities and Trust Service Providers
https://www.enisa.europa.eu/publications/standards-eidas
This paper explains why standards are important for cyber security, specifically in the area of electronic identification and trust services providers. A number of challenges associated with the definition and deployment of standards in the area of cyber security are discussed. This is followed by a brief overview of several key EU initiatives in this area and a number of ENISA recommendations. The paper also discusses concrete standardisation activities associated with electronic IDs and trust service providers, providing an overview of standards developed under the mandate m460 from the European Commission and others, related to eIDAS Regulation. It concludes with a proposal of a standard on cryptographic suites for electronic signatures and infrastructures, put forward by ENISA and related to the ETSI TS 119 312.No publisherTrust service providersStandards2015/03/24 13:30:00 GMT+2Report/StudySecurity Measures for Digital Service Providers
https://www.enisa.europa.eu/news/enisa-news/security-measures-for-digital-service-providers
ENISA publishes its study on technical guidelines for the implementation of minimum security measures for Digital Service Providers (DSPs).No publisherCloud Computing SecurityTrust service providersStandardscybersecurity2017/02/16 15:55:00 GMT+2News ItemSecurity guidelines on the appropriate use of qualified electronic registered delivery services
https://www.enisa.europa.eu/publications/security-guidelines-on-the-appropriate-use-of-qualified-electronic-registered-delivery-services
This document addresses qualified electronic registered delivery services and is one out of a series of five documents which aim to assist parties wishing to use qualified electronic signatures, seals, time stamps, eDelivery or website authentication certificates to understand the subject correctly as-well-as the potential benefits, amongst others, by giving examples of possible applications. This series of documents also aims to give those parties some advice on how to correctly use the related qualified trust services. No publisherTrust service providerseIDIdentity & Trust2017/05/07 23:00:00 GMT+2Report/StudySecurity guidelines on the appropriate use of qualified electronic signatures
https://www.enisa.europa.eu/publications/security-guidelines-on-the-appropriate-use-of-qualified-electronic-signatures
This document addresses qualified electronic signatures and is one out of a series of five documents which target to assist parties aiming to use qualified electronic signatures, seals, time stamps, eDelivery or website authentication certificates to understand the subject correctly as-well-as the potential benefits, amongst others, by giving examples of possible application. This series of documents also targets to give those parties some advice on how to correctly use the related (qualified) trust services. No publisherTrust service providerseIDIdentity & Trust2017/05/07 23:00:00 GMT+2Report/StudySecurity guidelines on the appropriate use of qualified website authentication certificates
https://www.enisa.europa.eu/publications/security-guidelines-on-the-appropriate-use-of-qualified-website-authentication-certificates
This document addresses qualified certificates for website authentication and is one out of a series of five documents which aim to assist parties wishing to use qualified electronic signatures, seals, time stamps, eDelivery or website authentication certificates to understand the subject correctly as-well-as the potential benefits, amongst others, by giving examples of possible application. This series of documents also targets to give those parties some advice on how to correctly use the related qualified trust services.No publisherTrust service providerseIDIdentity & Trust2017/05/07 23:00:00 GMT+2Report/StudySecurity guidelines on the appropriate use of qualified electronic seals
https://www.enisa.europa.eu/publications/security-guidelines-on-the-appropriate-use-of-qualified-electronic-seals
This document addresses qualified electronic seals and is one out of a series of five documents which target to assist parties aiming to use qualified electronic signatures, seals, time stamps, eDelivery and website authentication certificates to understand the subject correctly as-well-as the potential benefits, amongst others, by giving examples of possible application. This series of documents also targets to give those parties some advice on how to correctly use the related qualified trust services.No publisherTrust service providerseIDIdentity & Trust2017/05/07 23:00:00 GMT+2Report/StudySecurity guidelines on the appropriate use of qualified electronic time stamps
https://www.enisa.europa.eu/publications/security-guidelines-on-the-appropriate-use-of-qualified-electronic-time-stamps
This document addresses qualified electronic time stamps and is one out of a series of five documents which target to assist parties aiming to use qualified electronic signatures, seals, time stamps, eDelivery or website authentication certificates to understand the subject correctly as-well-as the potential benefits, amongst others, by giving examples of possible application. This series of documents also targets to give those parties some advice on how to correctly use the related qualified trust services. No publisherTrust service providerseIDIdentity & Trust2017/05/07 23:00:00 GMT+2Report/StudySecurity framework for Trust Service Providers - Technical guidelines on trust services
https://www.enisa.europa.eu/publications/tsp-security
Article 19, which is the main focus of this document, of the eIDAS Regulation, states that Trust Service Providers have to demonstrate due diligence, in relation to the identification of risks and adoption of appropriate security practices, and notify competent bodies of any breach of security or loss of integrity that has a significant impact on the trust service provided or on the personal data maintained therein.No publisherTrust ServicesTrust service providerseID2017/12/19 18:50:00 GMT+2Report/StudyScaling new heights: Implementation and Uptake of Trust Services under the eIDAS Regulation
https://www.enisa.europa.eu/news/enisa-news/scaling-new-heights-implementation-and-uptake-of-trust-services-under-the-eidas-regulation
A survey recently carried out by ENISA marks the positive tendency of Trust services to break through the barriers of large-scale business transformation processes in such applications as finance, healthcare and beyond.No publisherTrust ServicesTrust service providerseIDAS2018/01/24 13:25:00 GMT+2News ItemRecommendations on aligning research programme with policy
https://www.enisa.europa.eu/publications/recommendations-on-aligning-research-programme-with-policy
The scope of this report is to review existing analysis reports on EU funded Trust and Security Projects, summarize achievements that have significantly promoted specific pillars of NIS, identify and summarize specific outcomes that can promote and support emerging policy and legislative initiatives, namely eIDAS, GDPR, support industry policy in cybersecurity, and provide recommendations on the formulation of forthcoming work programmesNo publisherTrust service providersData protection2017/05/07 23:00:00 GMT+2Report/Study