标准摘要
[中文适用范围]: 本部分 IEC 62351 规定了加密密钥管理,即如何生成、分发、撤销和处理公钥证书及加密密钥以保护数字数据及其通信。范围包括非对称密钥(如私钥和公钥证书)的处理,以及用于组(GDOI)的对称密钥。 本部分 IEC 62351 假设其他标准已经选择了将要使用的密钥和加密类型,因为加密算法和密钥材料的选择通常由组织自身的本地安全策略以及需要符合其他国际标准的要求。因此,本文件仅规定了这些选定密钥和加密基础设施的管理技术。目的是定义要求和实现密钥管理互操作性的技术。 本部分 IEC 62351 的目的是通过指定或限制使用的密钥管理选项来保证不同供应商之间的互操作性。本文件假设读者了解加密和 PKI 原则。 [外文原描述]: IEC 62351-9:2017 specifies cryptographic key management, namely how to generate, distribute, revoke, and handle public-key certificates and cryptographic keys to protect digital data and its communication. Included in the scope is the handling of asymmetric keys (e.g. private keys and public-key certificates), as well as symmetric keys for groups (GDOI). This document assumes that other standards have already chosen the type of keys and cryptography that will be utilized, since the cryptography algorithms and key materials chosen will be typically mandated by an organization’s own local security policies and by the need to be compliant with other international standards. This document therefore specifies only the management techniques for these selected key and cryptography infrastructures. The objective is to define requirements and technologies to achieve interoperability of key management. The purpose of this document is to guarantee interoperability among different vendors by specifying or limiting key management options to be used. This document assumes that the reader understands cryptography and PKI principles.
英文名称Power systems management and associated information exchange - Data and communications security - Part 9: Cyber security key management for power system equipment