ENISA Security measures recommendations for Trust Service Providers 

The European Union Agency for Network and Information Security (ENISA) developed in 2013 the Guidelines for Trust Service Providers, discussing the minimal security levels to be maintained by the trust services providers. The study is split into three parts:

  • Security framework: describing the framework surrounding trust service providers (TPSs), focusing on EU standards, but taking into account others where relevant.
  • Risk assessment: discussing the principles and concepts of managing the risks applicaple to TSPs by defining and controlling threats and vulnerabilities.
  • Mitigating the impact of security incidents: recommending measures to mitigate the impact of security incidents on trust service providers (TSP) by proposing suitable technical and organisational means to handle the security risks posed to the TSP.

All three parts can also be used separately, as they address different issues and target different audience, so the introductory sections overlap.

ENISA has also published three other reports on the subject of TSP security:

We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information