ENISA
https://www.enisa.europa.eu
Guidelines on Supervision of Qualified Trust Services - Technical guidelines on trust services
https://www.enisa.europa.eu/publications/tsp-supervision
This document is one deliverable out of a series whose objective is to propose guidelines aimed at facilitating the implementation of the provisions related to trust services of the eIDAS Regulation in the area of qualified trust services. It document proposes guidelines on supervision of qualified trust service providers pursuant to Art.20 of the eIDAS Regulation.No publisherTrust ServicesTrust service providerseID2017/12/19 18:50:00 GMT+2Report/StudyGuidelines on Initiation of Qualified Trust Services - Technical guidelines on trust services
https://www.enisa.europa.eu/publications/tsp-initiation
This document is one deliverable out of a series whose objective is to propose guidelines aimed at facilitating the implementation of the provisions related to trust services of the eIDAS Regulation in the area of qualified trust services. It proposes guidelines on initiation of qualified trust services pursuant to Art.21.1 of the eIDAS Regulation and should be read together with the one that proposes guidelines on supervision of qualified trust service providers.No publisherTrust ServicesTrust service providerseID2017/12/19 18:50:00 GMT+2Report/StudyGuidelines for trust service providers - Part 2: Risk assessment
https://www.enisa.europa.eu/publications/tsp2-risk
This document covers the following aspects of Trust Service Providers operations: • Assets: identification, classification and evaluation • Threats to assets: classification and evaluation • Vulnerabilities present in the environment • Probability or frequency of the threat • The impact that the exposure can have on the organization • Countermeasures that can reduce the impact • The residual risk, risk acceptance, risk treatment plan, etc.No publisherTrust service providers2014/01/28 00:10:00 GMT+2Report/StudyGuidelines for trust service providers - Part 3: Mitigating the impact of security incidents
https://www.enisa.europa.eu/publications/tsp3-incidents
This document recommends measures to mitigate the impact of security incidents on trust service providers (TSP) by proposing suitable technical and organisational means to handle the security risks posed to the TSP. This is done using a certification service provider (CSP) as representative example. The document focuses on the concepts and entities of hierarchical public key infrastructures (PKI), leaving other concepts, such as web of trust, out of scope.No publisherTrust service providers2014/01/28 00:10:00 GMT+2Report/StudyGuidelines for trust service providers - Part 1: Security framework
https://www.enisa.europa.eu/publications/tsp1-framework
This document describes the framework surrounding trust service providers (TPSs) – the concepts and standards related to operations of a TSP. It focuses on EU standards, but also takes into account others where relevant. The document specifically outlines security requirements for qualified and non-qualified trust service providers. It references the most important standards and standardization bodies involved in technical specification, as well as certification, auditing and supervision schemes that can be used in order to qualify as a notified trust service provider. The document also presents result of a survey conducted by ENISA amongst European trust service providers related to the different aspects. Finally, the document gives some summary recommendations for TSPs considering standards and auditing schemes.No publisherTrust service providers2014/01/28 00:10:00 GMT+2Report/StudyENISA recommendations for qualified website authentication certificates
https://www.enisa.europa.eu/news/enisa-news/enisa-recommendations-for-qualified-website-authentication-certificates
ENISA's new report provides a collection of strategies and actions aimed to promote transparency of the European website authentication market by introducing qualified website authentication certificates in Europe. No publishercybersecurityTrust service providersIdentity & Trust2016/05/16 16:25:00 GMT+2News ItemENISA publishes annual report on trust services security incidents 2017
https://www.enisa.europa.eu/news/enisa-news/enisa-publishes-annual-report-on-trust-services-security-incidents-2017
ENISA publishes the first full-year annual report on security incidents with electronic trust services, covering 2017.No publisherTrust ServicesTrust service providers2018/10/08 15:35:00 GMT+2Press ReleaseENISA and national supervisory bodies agree reporting scheme on security incidents for European TSPs
https://www.enisa.europa.eu/news/enisa-news/enisa-and-national-supervisory-bodies-agree-reporting-scheme-on-security-incidents-for-european-tsps
No publishercybersecurityIncident ReportingTrust service providers2017/03/01 12:55:00 GMT+2News ItemENISA activities in support of Trust Services
https://www.enisa.europa.eu/news/enisa-news/enisa-activities-in-support-of-trust-services
Today, on July 1st 2016 eIDAS* rules for trust services, enter into force. No publishercybersecurityTrust service providersIdentity & Trust2016/07/01 13:30:00 GMT+2News ItemeIDAS: Overview on the implementation and uptake of Trust Services
https://www.enisa.europa.eu/publications/eidas-overview-on-the-implementation-and-uptake-of-trust-services
In the context of the eIDAS Regulation, ENISA conducted a study to present an overview of the implementation and uptake of Trust Services defined in the eIDAS Regulation one year after adoption to the new regime, and analyse the new opportunities and incentives introduced in the European Trust Services market.No publisherTrust ServicesTrust service providerseIDAS2018/01/24 13:25:00 GMT+2Report/StudyeID Authentication methods in e-Finance and e-Payment services - Current practices and Recommendations
https://www.enisa.europa.eu/publications/eIDA-in-e-finance-and-e-payment-services
This report collects the results of a survey launched by ENISA (European Network and Information Security Agency). The main purpose of the survey has been to collect information about the electronic IDentity and Authentication Systems (eIDAS) used in e-Finance and e-Payment systems, to analyse the risks associated to each eIDAS mechanism, and produce a Guidelines report with the best practices recommended to the main actors of this sector: Financial institutions, Merchants and Payment Service providers.No publisherTrust service providers2014/01/21 00:05:00 GMT+2Report/StudyConformity assessment of Trust Service Providers - Technical guidelines on trust services
https://www.enisa.europa.eu/publications/tsp-conformity-assessment
Through this document, ENISA is supporting both Trust Service Providers and Conformity Assessment Bodies in the audit activities by presenting the auditing framework. It aims at helping Trust Service Providers fulfil the requirements defined by the eIDAS Regulation (Articles 20 and 21) as requested by Supervisory Bodies in order to grant the qualified status to a Trust Service Provider and its provided trust service(s).No publisherTrust ServicesTrust service providerseID2017/12/19 18:50:00 GMT+2Report/StudyBuilding Trust in the Digital Era: ENISA boosts the uptake of the eIDAS regulation
https://www.enisa.europa.eu/news/enisa-news/building-trust-in-the-digital-era-enisa-boosts-the-uptake-of-the-eidas-regulation
The European Union Agency for Cybersecurity issues technical guidance and recommendations on Electronic Identification and Trust Services helping Member States to implement the eIDAS regulation.No publisherTrust service providerseIDAS2021/03/11 13:00:00 GMT+2Press ReleaseAnnual report Trust Services Security Incidents 2018
https://www.enisa.europa.eu/news/enisa-news/annual-report-trust-services-security-incidents-2018
ENISA releases its annual report on trust services security incidents. No publisherIncident ReportingTrust service providers2019/07/15 12:25:22 GMT+2News ItemAcceptance of eIDAS audits: Global or local?
https://www.enisa.europa.eu/news/enisa-news/acceptance-of-eidas-audits-global-or-local
ENISA has published a new report to explore the paths to global acceptance of the eIDAS auditing framework for trust service providers (TSPs) issuing qualified website authentication certificates (QWACs).No publisherTrust ServicesTrust service providerseIDAS2019/01/15 16:01:10 GMT+2News Item