More Related Content
Similar to SC27 Privacy related projects update (20)
SC27 Privacy related projects update
- 1. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
プライバシー関連の
ISO/IEC 国際規格動向
ISO/IEC JTC 1/SC 27 WG5の動向について
(プライバシー関連の規格のみを抜粋)
2021年10月30日
- 2. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
2
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で発行された規格
ISO/IEC IS 29100:2011 Privacy framework →無料
→JIS X 9250:2017 プライバシーフレームワーク(プライバシー保護の枠組み及び原則)」 2017/6/20発行
ISO/IEC IS 29191:2012 Requirements for partially anonymous, partially unlinkable authentication
ISO/IEC IS 29101:2018 Privacy architecture framework
ISO/IEC IS 29115:2013 Entity authentication assurance framework (ITU-T X.1254)
ISO/IEC IS 27018:2019 Code of practice for PII protection in public clouds acting as PII processors
ISO/IEC IS 29190:2015 Privacy capability assessment model
ISO/IEC TR 19608 Guidance for developing security and privacy functional requirements
based on ISO/IEC 15408 (WG3 project: formerly Privacy seal programs)
ISO/IEC IS 29134:2017 Guidelines for privacy impact assessment
→JIS X 9251:2021 プライバシー影響評価のためのガイドライン 2021/1/20発行
ISO/IEC IS 29151:2017 Code of practice for personally identifiable information protection ← Wait for systematic
review
ISO/IEC TS 29003:2018 Identity proofing
ISO/IEC IS 20889:2018 Privacy enhancing data de-identification techniques
ISO/IEC IS 27701:2019 Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management
ISO/IEC TR 27550:2019 Privacy engineering for system life cycle processes
ISO/IEC IS 29184:2020 Online privacy notices and consent
2021年10月時点
Free Download
- 3. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
3
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で発行された規格
ISO/IEC TS 27006-2 Requirements for bodies providing audit and certification of ISMS – Part 2: PIMS (対訳書発行)
ISO/IEC IS 20547 Big data reference architecture – Part 4: Security and privacy fabric (WG4 project)
ISO/IEC TS 27570 Privacy guidelines for smart cities
ISO/IEC IS 27551 Requirements for attribute-based unlinkable entity authentication
ISO/IEC 27555 Guidelines on PII deletion
2021年10月時点
- 4. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
4
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連の随時更新文書(SD: Standing Document)
SC27 WG5 SD1 Roadmap →無料
SC27 WG5 SD2 Privacy references list →無料
SC27 WG5 SD4 Standards privacy assessment(SPA) →無料
SC27 WG5 SD5 Guidelines on the application of ISMS in the area of privacy
プライバシー関連で発行される規格
DIS ISO/IEC 27556 User-centric privacy preferences management framework
(a.k.a. User-centric framework for the handling of PII based on privacy preferences)
DIS ISO/IEC 27557 Organizational privacy risk management
DIS ISO/IEC 27559 Privacy enhancing data de-identification framework
DIS ISO/IEC 27553-1 Security and privacy requirements for authentication using biometrics on mobile devices
– Part 1: Local modes
DTR ISO/IEC 27563 Impact of security and privacy in artificial intelligence use cases
(a.k.a. Impact of artificial intelligence on security and privacy)
2021年10月時点
Free Download
- 5. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
5
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で作成中の規格
4th WD ISO/IEC TS 27560 Consent record information structure
2nd WD ISO/IEC IS 27006-2 Requirements for bodies providing audit and certification of ISMS – Part 2: PIMS
2nd WD Privacy operationalization model and method for engineering (POMME)
2nd WD Privacy guidelines for fintech services
CfC ISO/IEC 27553-2 Security and privacy requirements for authentication using biometrics on mobile devices
– Part 1: Remote modes
Amendment of ISO/IEC IS 29134:2017 Guidelines for privacy impact assessment
プライバシー関連で規格を作成するか審議中の案件
NWIP ISO/IEC 27565 Guidance on privacy preservation based on zero knowledge proofs
PWI Guidance on illustrative processes for a privacy information management system ← monitoring継続
PWI Age assurance systems (a.k.a. Age verification)
Part 1: Framework, levels of assurance and
Part 2: Conformity Assessment
Part 3: Interoperability
PWI ISO/IEC 27564 Privacy models
AHD Guidance on addressing privacy protection for artificial intelligence systems
※更新部分を赤色下線で示しています。
2021年10月時点
- 6. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
6
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で規格を作成するかの審議が規格作成に進まずに終了した案件
SP Privacy consideration in practical workflows
SP Guidelines for privacy in Internet of Things (IoT)
NWIP Requirements for privacy notices for WG convenor to fictional character transformations
SP PII protection considerations for smartphone app providers
SP Interface for personal data interchange
※更新部分を赤色下線で示しています。
2021年10月時点
- 7. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
7
規格審議の協力者 絶賛 募集中です
ISO/IEC JTC 1国際規格の審議は、研究者以外でも会
費
(年間1口70万円~)を払って規格賛助員になることで
基本的にどなたでも参加できます。
情報処理学会情報規格調査会ホームページ
http://www.itscj.ipsj.or.jp/
- 8. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
8
これまでの規格作成作業の経過
- 9. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
9
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で発行されている規格
ISO/IEC IS 29100:2011 Privacy framework →無料
→JIS X 9250:2017 プライバシーフレームワーク(プライバシー保護の枠組み及び原則)」 2017/6/20発行
ISO/IEC IS 29191:2012 Requirements for partially anonymous, partially unlinkable authentication
ISO/IEC IS 29101:2018 Privacy architecture framework
ISO/IEC IS 29115:2013 Entity authentication assurance framework (ITU-T X.1254)
ISO/IEC IS 27018:2019 Code of practice for PII protection in public clouds acting as PII processors
ISO/IEC IS 29190:2015 Privacy capability assessment model
ISO/IEC TR 19608 Guidance for developing security and privacy functional requirements
based on ISO/IEC 15408 (WG3 project: formerly Privacy seal programs)
ISO/IEC IS 29134:2017 Guidelines for privacy impact assessment
→JIS X 9251:2021 プライバシー影響評価のためのガイドライン 2021/1/20発行
ISO/IEC IS 29151:2017 Code of practice for personally identifiable information protection ← Wait for systematic
review
ISO/IEC TS 29003:2018 Identity proofing
ISO/IEC IS 20889:2018 Privacy enhancing data de-identification techniques
ISO/IEC IS 27701:2019 Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management
ISO/IEC TR 27550:2019 Privacy engineering for system life cycle processes
ISO/IEC IS 29184:2020 Online privacy notices and consent
2021年4月時点
Free Download
- 10. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
10
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で発行されている規格
ISO/IEC TS 27006-2 Requirements for bodies providing audit and certification of ISMS – Part 2: PIMS (対訳書発行
予定あり)
ISO/IEC IS 20547 Big data reference architecture – Part 4: Security and privacy fabric (WG4 project)
ISO/IEC TS 27570 Privacy guidelines for smart cities
ISO/IEC IS 27551 Requirements for attribute-based unlinkable entity authentication
2021年4月時点
- 11. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
11
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連の随時更新文書(SD: Standing Document)
SC27 WG5 SD1 Roadmap →無料
SC27 WG5 SD2 Privacy references list →無料
SC27 WG5 SD4 Standards privacy assessment(SPA) →無料
SC27 WG5 SD5 Guidelines on the application of ISMS in the area of privacy
プライバシー関連で発行される規格
FDIS ISO/IEC 27555 Guidelines for PII deletion
2021年4月時点
Free Download
- 12. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
12
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で作成中の規格
3rd CD ISO/IEC 27556 User-centric framework for the handling of PII based on privacy preferences
1st CD ISO/IEC 27557 Organizational privacy risk management
1st CD ISO/IEC 27559 Privacy enhancing data de-identification framework
3rd WD ISO/IEC 27560 Consent record information structure
1st WD ISO/IEC IS 27006-2 Requirements for bodies providing audit and certification of PIMS according to ISO/IEC
27701 in combination with ISO/IEC 27001
1st WD Privacy operationalization model and method for engineering (POMME)
1st WD Privacy guidelines for fintech services
プライバシー関連で規格を作成するか審議中の案件
PWI Guidance on illustrative processes for a privacy information management system ← monitoring
PWI Impact of AI on security and privacy
PWI Age verification
PWI Guidance and practice for privacy preservation based on zero-knowledge proofs
※更新部分を赤色下線で示しています。
2021年4月時点
- 13. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
13
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で規格を作成するかの審議が規格作成に進まずに終了した案件
SP Privacy consideration in practical workflows
SP Guidelines for privacy in Internet of Things (IoT)
NWIP Requirements for privacy notices for WG convenor to fictional character transformations
SP PII protection considerations for smartphone app providers
SP Interface for personal data interchange
※更新部分を赤色下線で示しています。
2021年4月時点
- 14. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
14
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で発行されている規格
ISO/IEC IS 29100:2011 Privacy framework →無料
→JIS X 9250:2017 プライバシーフレームワーク(プライバシー保護の枠組み及び原則)」 2017/6/20発行
ISO/IEC IS 29191:2012 Requirements for partially anonymous, partially unlinkable authentication
ISO/IEC IS 29101:2018 Privacy architecture framework
ISO/IEC IS 29115:2013 Entity authentication assurance framework (ITU-T X.1254)
ISO/IEC IS 27018:2019 Code of practice for PII protection in public clouds acting as PII processors
ISO/IEC IS 29190:2015 Privacy capability assessment model
ISO/IEC TR 19608 Guidance for developing security and privacy functional requirements
based on ISO/IEC 15408 (WG3 project: formerly Privacy seal programs)
ISO/IEC IS 29134:2017 Guidelines for privacy impact assessment
→JIS X 9251:2021 プライバシー影響評価のためのガイドライン 2021/1/20発行
ISO/IEC IS 29151:2017 Code of practice for personally identifiable information protection
ISO/IEC TS 29003:2018 Identity proofing
ISO/IEC IS 20889:2018 Privacy enhancing data de-identification techniques
ISO/IEC IS 27701:2019 Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management
ISO/IEC TR 27550:2019 Privacy engineering for system life cycle processes
ISO/IEC IS 29184:2020 Online privacy notices and consent
2021年1月時点
Free Download
- 15. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
15
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で発行されている規格
ISO/IEC TS 27006-2 Requirements for bodies providing audit and certification of ISMS – Part 2: PIMS
(対訳書発行予定あり)
2021年3月追加
- 16. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
16
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連の随時更新文書(SD: Standing Document)
SC27 WG5 SD1 Roadmap →無料
SC27 WG5 SD2 Privacy references list →無料
SC27 WG5 SD4 Standards privacy assessment(SPA) →無料
SC27 WG5 SD5 Guidelines on the application of ISMS in the area of privacy
プライバシー関連で発行される規格
ISO/IEC IS 20547 Big data reference architecture – Part 4: Security and privacy fabric (WG4 project)
ISO/IEC TS 27570 Privacy guidelines for smart cities
FDIS ISO/IEC 27551 Requirements for attribute-based unlinkable entity authentication
DIS ISO/IEC 27555 Guidelines for PII deletion
2021年1月時点
Free Download
- 17. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
17
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で作成中の規格
2nd CD ISO/IEC 27556 User-centric framework for the handling of PII based on privacy preferences
2nd WD ISO/IEC 27557 Organizational privacy risk management
2nd WD ISO/IEC 27559 Privacy enhancing data de-identification framework
2nd WD ISO/IEC 27560 Consent record information structure
プライバシー関連で規格を作成するか審議中の案件
NWIP Privacy operationalization model and method for engineering (POMME)
NWIP Privacy guidelines for fintech services
PWI Guidance on illustrative processes for a privacy information management system
PWI Impact of AI on security and privacy
※更新部分を赤色下線で示しています。
2021年1月時点
- 18. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
18
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で規格を作成するかの審議が規格作成に進まずに終了した案件
SP Privacy consideration in practical workflows
SP Guidelines for privacy in Internet of Things (IoT)
NWIP Requirements for privacy notices for WG convenor to fictional character transformations
SP PII protection considerations for smartphone app providers
SP Interface for personal data interchange
※更新部分を赤色下線で示しています。
2021年1月時点
- 19. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
19
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で発行されている規格
ISO/IEC IS 29100:2011 Privacy framework →無料
→JIS X 9250:2017 プライバシーフレームワーク(プライバシー保護の枠組み及び原則)」 2017/6/20発行
ISO/IEC IS 29191:2012 Requirements for partially anonymous, partially unlinkable authentication
ISO/IEC IS 29101:2018 Privacy architecture framework
ISO/IEC IS 29115:2013 Entity authentication assurance framework (ITU-T X.1254)
ISO/IEC IS 27018:2019 Code of practice for PII protection in public clouds acting as PII processors
ISO/IEC IS 29190:2015 Privacy capability assessment model
ISO/IEC TR 19608 Guidance for developing security and privacy functional requirements
based on ISO/IEC 15408 (WG3 project: formerly Privacy seal programs)
ISO/IEC IS 29134:2017 Guidelines for privacy impact assessment – 正誤表の作成に2020年4月から着手
ISO/IEC IS 29151:2017 Code of practice for personally identifiable information protection
ISO/IEC TS 29003:2018 Identity proofing
ISO/IEC IS 20889:2018 Privacy enhancing data de-identification techniques
ISO/IEC IS 27701:2019 Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management
ISO/IEC TR 27550:2019 Privacy engineering for system life cycle processes
ISO/IEC IS 29184 Guidelines for online privacy notice and consent
2020年10月時点
Free Download
- 20. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
20
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連の随時更新文書(SD: Standing Document)
SC27 WG5 SD1 Roadmap →無料
SC27 WG5 SD2 Privacy references list →無料
SC27 WG5 SD4 Standards privacy assessment(SPA) →無料
SC27 WG5 SD5 Guidelines on the application of ISMS in the area of privacy
プライバシー関連で発行される規格
ISO/IEC IS 20547 Big data reference architecture – Part 4: Security and privacy fabric (WG4 project)
ISO/IEC TS 27570 Privacy guidelines for smart cities
ISO/IEC TS 27006-2 Requirements for bodies providing audit and certification of ISMS – Part 2: PIMS
FDIS ISO/IEC 27551 Requirements for attribute-based unlinkable entity authentication
DIS ISO/IEC 27555 Guidelines for PII deletion
2020年10月時点
Free Download
- 21. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
21
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で作成中の規格
2nd CD ISO/IEC 27556 User-centric framework for the handling of PII based on privacy preferences
2nd WD ISO/IEC 27557 Organizational privacy risk management
2nd WD ISO/IEC 27559 Privacy enhancing data de-identification framework
2nd WD ISO/IEC 27560 Consent record information structure
プライバシー関連で規格を作成するか審議中の案件
NWIP Privacy operationalization model and method for engineering (POMME)
NWIP Privacy guidelines for fintech services
PWI Guidance on illustrative processes for a privacy information management system
PWI Impact of AI on security and privacy
※更新部分を赤色下線で示しています。
2020年10月時点
- 22. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
22
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で規格を作成するかの審議が規格作成に進まずに終了した案件
SP Privacy consideration in practical workflows
SP Guidelines for privacy in Internet of Things (IoT)
NWIP Requirements for privacy notices for WG convenor to fictional character transformations
SP PII protection considerations for smartphone app providers
SP Interface for personal data interchange
※更新部分を赤色下線で示しています。
2020年10月時点
- 23. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
23
規格審議の協力者 絶賛 募集中です
ISO/IEC JTC 1国際規格の審議は、研究者以外でも会
費
(年間1口70万円~)を払って規格賛助員になることで
基本的にどなたでも参加できます。
情報処理学会情報規格調査会ホームページ
http://www.itscj.ipsj.or.jp/
- 24. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
24
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で発行されている規格
ISO/IEC IS 29100:2011 Privacy framework →無料
→JIS X 9250:2017 プライバシーフレームワーク(プライバシー保護の枠組み及び原則)」 2017/6/20発行
ISO/IEC IS 29191:2012 Requirements for partially anonymous, partially unlinkable authentication
ISO/IEC IS 29101:2018 Privacy architecture framework
ISO/IEC IS 29115:2013 Entity authentication assurance framework (ITU-T X.1254)
ISO/IEC IS 27018:2019 Code of practice for PII protection in public clouds acting as PII processors
ISO/IEC IS 29190:2015 Privacy capability assessment model
ISO/IEC TR 19608 Guidance for developing security and privacy functional requirements
based on ISO/IEC 15408 (WG3 project: formerly Privacy seal programs)
ISO/IEC IS 29134:2017 Guidelines for privacy impact assessment – 正誤表の作成に2020年4月から着手
ISO/IEC IS 29151:2017 Code of practice for personally identifiable information protection
ISO/IEC TS 29003:2018 Identity proofing
ISO/IEC IS 20889:2018 Privacy enhancing data de-identification techniques
ISO/IEC IS 27701:2019 Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management
ISO/IEC TR 27550:2019 Privacy engineering for system life cycle processes
2020年4月時点
Free Download
- 25. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
25
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連の随時更新文書(SD: Standing Document)
SC27 WG5 SD1 Roadmap →無料
SC27 WG5 SD2 Privacy references list →無料
SC27 WG5 SD4 Standards privacy assessment(SPA) →無料
SC27 WG5 SD5 Guidelines on the application of ISMS in the area of privacy
プライバシー関連で発行される規格
FDIS ISO/IEC 29184 Guidelines for online privacy notice and consent
1st DIS ISO/IEC 20547 Big data reference architecture – Part 4: Security and privacy fabric (WG4 project)
1st DIS ISO/IEC 27551 Requirements for attribute-based unlinkable entity authentication
2020年4月時点
Free Download
- 26. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
26
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で作成中の規格
3rd DTS ISO/IEC TS 27570 Privacy guidelines in smart cities
1st DTS ISO/IEC 27006-2 Requirements for bodies providing audit and certification of PIMS according to USI/UEC
27701 in combination with ISO/IEC 27001
2nd CD ISO/IEC 27555 PII deletion concept in organizations
1st CD ISO/IEC 27556 User-centric framework for the handling of PII based on privacy preferences
1st WD ISO/IEC 27557 Organizational privacy risk management
1st WD ISO/IEC 27559 Privacy enhancing data de-identification framework
1st WD O/IEC 27560 Consent record information structure
プライバシー関連で規格を作成するか審議中の案件
NWIP Guidance on processes of a privacy information management system
SP Impact of Artificial Intelligence on Privacy
SP Privacy engineering model
SP Privacy for fintech services
※更新部分を赤色下線で示しています。
2020年4月時点
- 27. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
27
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で規格を作成するかの審議が規格作成に進まずに終了した案件
SP Privacy consideration in practical workflows
SP Guidelines for privacy in Internet of Things (IoT)
NWIP Requirements for privacy notices for WG convenor to fictional character transformations
SP PII protection considerations for smartphone app providers
SP Interface for personal data interchange
※更新部分を赤色下線で示しています。
2020年4月時点
- 28. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
28
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で発行されている規格
ISO/IEC 29100:2011 Privacy framework →無料
→JIS X 9250:2017 プライバシーフレームワーク(プライバシー保護の枠組み及び原則)」 2017/6/20発行
ISO/IEC 29191:2012 Requirements for partially anonymous, partially unlinkable authentication
ISO/IEC 29101:2018 Privacy architecture framework
ISO/IEC 29115:2013 Entity authentication assurance framework (ITU-T X.1254)
ISO/IEC 27018:2019 Code of practice for PII protection in public clouds acting as PII processors
ISO/IEC 29190:2015 Privacy capability assessment model
ISO/IEC TR 19608 Guidance for developing security and privacy functional requirements
based on ISO/IEC 15408 (WG3 project: formerly Privacy seal programs)
ISO/IEC 29134:2017 Privacy impact assessment
ISO/IEC 29151:2017 Code of practice for personally identifiable information protection
ISO/IEC TS 29003:2018 Identity proofing
ISO/IEC 20889:2018 Privacy enhancing data de-identification techniques
ISO/IEC 27701:2019 Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management
※27552から27701に規格番号が変更された
ISO/IEC TR 27550:2019 Privacy engineering for system life cycle processes
プライバシー関連で発行される規格
なし
2019年10月時点
Downloa
d
- 29. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
29
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連の随時更新文書(SD: Standing Document)
SC27 WG5 SD2 Privacy references list
SC27 WG5 SD4 Standards privacy assessment(SPA)
SC27 WG5 SD5 Guidelines on the application of ISMS in the area of privacy
プライバシー関連で作成中の規格
FDIS ISO/IEC 29184 Guidelines for online privacy notice and consent
1st DIS ISO/IEC 20547 Big data reference architecture – Part 4: Security and privacy fabric (WG4 project)
1st DIS ISO/IEC 27551 Requirements for attribute-based unlinkable entity authentication
2nd PDTS ISO/IEC TS 27570 Privacy guidelines in smart cities
1st CD ISO/IEC 27555 PII deletion concept in organizations
2nd WD ISO/IEC 27556 User-centric framework for PII handling based on privacy preferences
2019年10月時点
- 30. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
30
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で規格を作成するか審議中の案件
SP Privacy consideration in practical workflows
NWIP Privacy enhancing data de-identification framework (a.k.a. Additional privacy-enhancing data de-identification
standards
SP Impact of Artificial Intelligence on Privacy
SP Consent receipts and records
SP Privacy engineering model
SP Review of requirements for accredited certification for sector specific ISMS standards (WG5-WG1 joint)
NWIP Privacy technologies - Consent record information structure (assumed as TS)
NWIP Organizational privacy risk management (assumed as IS)
SP Guidance on processes of a privacy information management system
SP Privacy for fintech services
CfC Comments on ISO/IEC 31700 Privacy by design for consumer goods and services
NWIP Requirements for bodies providing audit and certification of privacy information management systems according
to ISO/IEC 27701 in combination with ISO/IEC 27001
※更新部分を赤色下線で示しています。
2019年10月時点
- 31. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
31
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で規格を作成するかの審議が規格作成に進まずに終了した案件
SP on Guidelines for privacy in Internet of Things (IoT)
NWIP Requirements for privacy notices for WG convenor to fictional character transformations
SP PII protection considerations for smartphone app providers
SP Interface for personal data interchange
※更新部分を赤色下線で示しています。
2019年10月時点
- 32. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
32
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で発行されている規格
ISO/IEC 29100:2011 Privacy framework →無料
→JIS X 9250:2017 プライバシーフレームワーク(プライバシー保護の枠組み及び原則)」 2017/6/20発行
ISO/IEC 29191:2012 Requirements for partially anonymous, partially unlinkable authentication
ISO/IEC 29101:2018 Privacy architecture framework
ISO/IEC 29115:2013 Entity authentication assurance framework (ITU-T X.1254)
ISO/IEC 27018:2019 Code of practice for PII protection in public clouds acting as PII processors
ISO/IEC 29190:2015 Privacy capability assessment model
ISO/IEC TR 19608 Guidance for developing security and privacy functional requirements
based on ISO/IEC 15408 (WG3 project: formerly Privacy seal programs)
ISO/IEC 29134:2017 Privacy impact assessment
ISO/IEC 29151:2017 Code of practice for personally identifiable information protection
ISO/IEC TS 29003:2018 Identity proofing
ISO/IEC 20889:2018 Privacy enhancing data de-identification techniques
プライバシー関連で発行される規格
ISO/IEC 27552:2019 Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management
ISO/IEC TR 27550:2019 Privacy engineering for system life cycle processes
※27552は27701に変更される予定
2019年4月時点
- 33. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
33
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連の随時更新文書(SD: Standing Document)
SC27 WG5 SD2 Privacy references list
SC27 WG5 SD4 Standards privacy assessment(SPA)
SC27 WG5 SD5 Guidelines on the application of ISMS in the area of privacy
プライバシー関連で作成中の規格
DIS ISO/IEC 29184 Guidelines for online privacy notice and consent
2nd CD ISO/IEC 20547 Big data reference architecture – Part 4: Security and privacy fabric (WG4 project)
1st CD ISO/IEC 27551 Requirements for attribute-based unlinkable entity authentication
1st PDTS ISO/IEC TS 27570 Privacy guidelines in smart cities
2nd WD ISO/IEC 27555 PII deletion concept in organizations
1st WD ISO/IEC 27556 User-centric framework for PII handling based on privacy preferences
2019年4月時点
- 34. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
34
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で規格を作成するか審議中の案件
NWIP Requirements for privacy notices for WG convenor to fictional character transformations
Study period on PII protection considerations for smartphone app providers
Study period on Guidelines for privacy in Internet of Things (IoT)
Study period on Privacy consideration in practical workflows
Study period on Additional privacy-enhancing data de-identification standards
NWIP Impact of Artificial Intelligence on Privacy
Study period on Interface for personal data interchange
Study period on Consent receipts and records
Study period on Privacy engineering model
Study period on Review of requirements for accredited certification for sector specific ISMS standards (WG5-WG1
joint)
※更新部分を赤色下線で示しています。
2019年4月時点
- 35. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
35
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で発行されている規格
ISO/IEC 29100:2011 Privacy framework →無料
→JIS X 9250:2017 プライバシーフレームワーク(プライバシー保護の枠組み及び原則)」 2017/6/20発行
ISO/IEC 29191:2012 Requirements for partially anonymous, partially unlinkable authentication
ISO/IEC 29101:2013 Privacy architecture framework (Revision FDIS)
ISO/IEC 29115:2013 Entity authentication assurance framework (ITU-T X.1254)
ISO/IEC 27018:2014 Code of practice for PII protection in public clouds acting as PII processors (Revision FDIS)
ISO/IEC 29190:2015 Privacy capability assessment model
ISO/IEC TR 19608 Guidance for developing security and privacy functional requirements
based on ISO/IEC 15408 (WG3 project: formerly Privacy seal programs)
ISO/IEC 29134:2017 Privacy impact assessment
ISO/IEC 29151:2017 Code of practice for personally identifiable information protection
ISO/IEC TS 29003:2018 Identity proofing
プライバシー関連の随時更新文書(SD: Standing Document)
SC27 WG5 SD2 Privacy references list
SC27 WG5 SD4 Standards privacy assessment(SPA)
SC27 WG5 SD5 Guidelines on the application of ISMS in the area of privacy
2018年10月時点
- 36. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
36
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で作成中の規格
FDIS ISO/IEC 20889 Privacy enhancing data de-identification techniques
DIS ISO/IEC 27552 Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management
3rd PDTR ISO/IEC TR 27550 Privacy engineering for system life cycle processes
3rd CD ISO/IEC 29184 Guidelines for online privacy notice and consent
CD ISO/IEC 20547 Big data reference architecture – Part 4: Security and privacy fabric (WG4 project)
4th WD ISO/IEC 27551 Requirements for attribute-based unlinkable entity authentication
2nd WD ISO/IEC TS 27570 Privacy guidelines in smart cities
WD ISO/IEC 27555 PII deletion concept in organizations
2018年10月時点
- 37. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
37
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で規格を作成するか審議中の案件
NWIP User-centric framework for PII handling based on privacy preferences
NWIP Requirements for privacy notices for WG convenor to fictional character transformations
Study period on PII protection considerations for smartphone app providers
Study period on Guidelines for privacy in Internet of Things (IoT)
Study period on Privacy consideration in practical workflows
Study period on Additional privacy-enhancing data de-identification standards
Study period on Impact of Artificial Intelligence on Privacy
Study period on Interface for personal data interchange
※更新部分を赤色下線で示しています。
2018年10月時点
- 38. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
38
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で発行されている規格
ISO/IEC 29100:2011 Privacy framework →無料
→JIS X 9250:2017 プライバシーフレームワーク(プライバシー保護の枠組み及び原則)」 2017/6/20発行
ISO/IEC 29191:2012 Requirements for partially anonymous, partially unlinkable authentication
ISO/IEC 29101:2013 Privacy architecture framework
ISO/IEC 29115:2013 Entity authentication assurance framework (ITU-T X.1254)
ISO/IEC 27018:2014 Code of practice for PII protection in public clouds acting as PII processors
ISO/IEC 29190:2015 Privacy capability assessment model
ISO/IEC TR 19608 Guidance for developing security and privacy functional requirements
based on ISO/IEC 15408 (WG3 project: formerly Privacy seal programs)
ISO/IEC 29134:2017 Privacy impact assessment
ISO/IEC 29151:???? Code of practice for personally identifiable information protection
プライバシー関連の随時更新文書(SD: Standing Document)
SC27 WG5 SD2 Privacy references list
SC27 WG5 SD4 Standards privacy assessment(SPA)
SC27 WG5 SD5 Guidelines on the application of ISMS in the area of privacy
2017年6月時点
- 39. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
39
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で作成中の規格
1st PDTS ISO/IEC 29003 Identity proofing
DIS ISO/IEC 29115 Entity authentication assurance framework – Amendment 1 ***
2nd CD ISO/IEC 20889 Privacy enhancing data de-identification techniques
3rd WD on ISO/IEC 29184 Guidelines for online privacy notice and consent
2nd WD on ISO/IEC 20547 Big data reference architecture – Part 4: Security and privacy fabric (WG4 project)
2nd WD NWIP 27550 Privacy engineering
2nd WD NWIP 27551 Requirements for attribute-based unlinkable entity authentication
2nd WD NWIP 27552 Enhancement to ISO/IEC 27001 for privacy management – Requirements
1st DAM 29100 Privacy framework
2nd DAM 29115 Entity authentication assurance framework
***: 最新状況確認中
2017年6月時点
- 40. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
40
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で規格を作成するか審議中の案件
NWIP Requirements for privacy notices for WG convenor to fictional character transformations
Study period on PII protection considerations for smartphone app providers
Study period on Privacy in smart cities
Study period on Guidelines for privacy in Internet of Things (IoT)
Study period on Code of Practices solution for different types of PII processors CANCELED
Study period on Framework for user-centric PII handling based on privacy preference management by users
Study period on PII protection considerations for Smartphone App providers
※前回国際会議からの更新部分を赤色下線で示しています。
2017年6月時点
- 41. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
41
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で発行されている規格
ISO/IEC 29100:2011 Privacy framework →無料
→JIS X 9250 プライバシーフレームワーク(プライバシー保護の枠組み及び原則)」
ISO/IEC 29191:2012 Requirements for partially anonymous, partially unlinkable authentication
ISO/IEC 29101:2013 Privacy architecture framework
ISO/IEC 29115:2013 Entity authentication assurance framework (ITU-T X.1254)
ISO/IEC 27018:2014 Code of practice for PII protection in public clouds acting as PII processors
ISO/IEC 29190:2015 Privacy capability assessment model
ISO/IEC TR 19608 Guidance for developing security and privacy functional requirements
based on ISO/IEC 15408 (WG3 project: formerly Privacy seal programs)
プライバシー関連の随時更新文書(SD: Standing Document)
SC27 WG5 SD2 Privacy references list
SC27 WG5 SD4 Standards privacy assessment(SPA)
SC27 WG5 SD5 Guidelines on the application of ISMS in the area of privacy
プライバシー関連で作成中の規格
FDIS ISO/IEC 29134 Privacy impact assessment
FDIS ISO/IEC 29151 Code of practice for personally identifiable information protection
(次スライドに、つづく)
2016年12月時点
- 42. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
42
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で作成中の規格(前スライドからの、つづき)
DIS ISO/IEC 29003 Identity proofing
DIS ISO/IEC 29115 Entity authentication assurance framework – Amendment 1
1st CD ISO/IEC 20889 Privacy enhancing data de-identification techniques
2nd WD on ISO/IEC 29184 Guidelines for online privacy notice and consent
NWI on ISO/IEC 20547 Big data reference architecture – Part 4: Security and privacy fabric (WG4 project)
1st WD NWIP 27550 Privacy engineering
1st WD NWIP 27551 Requirements for attribute-based unlinkable entity authentication
1st WD NWIP 27552 Enhancement to ISO/IEC 27001 for privacy management – Requirements
プライバシー関連で規格を作成するか審議中の案件
Study period on PII protection considerations for smartphone app providers
Study period on Guidelines for privacy in Internet of Things (IoT)
Study period on Code of Practices solution for different types of PII processors
Study period on Privacy in smart citties
※前回国際会議からの更新部分を赤色下線で示しています。
2016年12月時点
- 43. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
43
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で発行されている規格
ISO/IEC 29100:2011 Privacy framework →無料 →Study period on periodical review
ISO/IEC 29191:2012 Requirements for partially anonymous, partially unlinkable authentication
ISO/IEC 29101:2013 Privacy architecture framework
ISO/IEC 29115:2013 Entity authentication assurance framework (ITU-T X.1254)
ISO/IEC 27018:2014 Code of practice for PII protection in public clouds acting as PII processors
ISO/IEC 29190:2015 Privacy capability assessment model
プライバシー関連の随時更新文書(SD: Standing Document)
SC27 WG5 SD2 Privacy references list
SC27 WG5 SD4 Standards privacy assessment(SPA)
SC27 WG5 SD5 Guidelines on the application of ISMS in the area of privacy
プライバシー関連で作成中の規格
DIS ISO/IEC 29134 Privacy impact assessment
DIS ISO/IEC 29151 Code of practice for personally identifiable information protection
PDTS ISO/IEC TR 19608 Guidance for developing security and privacy functional requirements
based on ISO/IEC 15408 (WG3 project: formerly Privacy seal programs)
(次スライドに、つづく)
2016年5月時点
- 44. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
44
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で作成中の規格(前スライドからの、つづき)
3rd CD ISO/IEC 29003 Identity proofing
2nd WD ISO/IEC 20889 Privacy enhancing data de-identification techniques
1st WD on ISO/IEC 29184 Guidelines for online privacy notice and consent
NWI on ISO/IEC 20547 Big data reference architecture – Part 4: Security and privacy fabric (WG4 project)
プライバシー関連で規格を作成するか審議中の案件
NWIP on Privacy engineering framework
NWIP on Enhancement to ISO/IEC 27001 for privacy management – Requirements
NWIP on Requirements for attribute-based unlinkable entity authentication ***
Study period on Entity authentication assurance framework
Study period on PII protection considerations for smartphone app providers
Study period on Privacy in smart cities
Study period on Guidelines for privacy in Internet of Things (IoT)
Study period on Privacy-preserving anonymous attribute-based entity authentication ***
Study period on Privacy enhancing identity management scheme using attribute based credentials **
Study period on On the adoption and usage of ISO/IEC 29115 and its interaction with ISO/IEC 29003 *
Study period on Anonymous attribute assurance **
2016年5月時点
- 45. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
45
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で発行されている規格
ISO/IEC 29100:2011 Privacy framework →無料
ISO/IEC 29191:2012 Requirements for partially anonymous, partially unlinkable authentication
ISO/IEC 29101:2013 Privacy architecture framework
ISO/IEC 29115:2013 Entity authentication assurance framework (ITU-T X.1254)
ISO/IEC 27018:2014 Code of practice for PII protection in public clouds acting as PII processors
ISO/IEC 29190:2015 Privacy capability assessment model
プライバシー関連の作業用文書
SC27 WG5 SD2 Privacy references list
SC27 WG5 SD4 Standards privacy assessment(SPA)
SC27 WG5 SD5 Guidelines on the application of ISMS in the area of privacy
プライバシー関連で作成中の規格
2nd CD ISO/IEC 29134 Privacy impact assessment
2nd CD ISO/IEC 29151 Code of practice for personally identifiable information protection
2nd CD ISO/IEC 29003 Identity proofing
CD ISO/IEC TR 19608 Guidance for developing security and privacy functional requirements
based on ISO/IEC 15408 (WG3 project: formerly Privacy seal programs)
NWI ISO/IEC 20889 Privacy enhancing data de-identification techniques
(次スライドに、つづく)
2015年11月時点
- 46. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
46
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
(前スライドからの、つづき)
プライバシー関連で規格を作成するか審議中の案件
NWIP on Guidelines for online privacy notice and consent
Study period on Privacy enhancing identity management scheme using attribute based credentials **
Study period on Privacy engineering framework
Study period on On the adoption and usage of ISO/IEC 29115 and its interaction with ISO/IEC 29003 *
Study period on Anonymous attribute assurance **
Study period on Entity authentication assurance framework *
Study period on PII protection considerations for smartphone app providers
Study period on Privacy in smart cities
Study period on Privacy-preserving attribute-based entity authentication
2015年11月時点
- 47. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
47
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で発行されている規格
ISO/IEC 29100:2011 Privacy framework →無料
ISO/IEC 29191:2012 Requirements for partially anonymous, partially unlinkable authentication
ISO/IEC 29101:201x Privacy architecture framework
ISO/IEC 29115:201x Entity authentication assurance framework (ITU-T X.1254)
ISO/IEC 27018:201x Code of practice for PII protection in public clouds acting as PII processors
ISO/IEC 29190:201x Privacy capability assessment model
プライバシー関連の作業用文書
SC27 WG5 SD2 Privacy references list
SC27 WG5 SD4 Standards Privacy Assessment(SPA)
SC27 WG5 SD5 Guidelines for the application of ISMS in the area of privacy
プライバシー関連で作成中の規格
CD ISO/IEC 29134 Privacy impact assessment – Methodology Guideline
CD ISO/IEC 29151 Code of practice for personally identifiable information protection
CD ISO/IEC 29003 Identity proofing
3rd WD TR 19608 Guidance for developing security and privacy functional requirements based on ISO/IEC 15408
(WG3 project: formerly Privacy seal programs , WG3N1114 , WG3N1155)
(次スライドに、つづく)
2015年5月時点
- 48. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
48
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
(前スライドからの、つづき)
プライバシー関連で規格を作成するか審議中の案件
Study period on Privacy impact assessment (ISO/IEC 27009 Sector specificを参考に検討)
Study period on Age verification
Study period on Privacy enhancing identity management scheme using attribute-based credentials
Study period on User friendly online privacy notice and consent
Study period on Privacy engineering framework
Study period on On the adoption and usage of ISO/IEC 29115 and its interaction with ISO/IEC 29003
NWIP on Privacy enhancing data de-identification techniques
(Study period on Anonymous attribute assurance)
2015年5月時点
- 49. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
49
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で発行されている規格
ISO/IEC 29100:2011 Privacy framework →無料
ISO/IEC 29191:2012 Requirements for partially anonymous, partially unlinkable authentication
ISO/IEC 29101:201x Privacy architecture framework
ISO/IEC 29115:201x Entity authentication assurance framework (ITU-T X.1254)
ISO/IEC 27018:201x Code of practice for PII protection in public clouds acting as PII processors
ISO/IEC 29190:201x Privacy capability assessment model
プライバシー関連で作成中の規格
CD registered ISO/IEC 29134 Privacy impact assessment – Methodology
CD registered ISO/IEC 29151 Code of practice for personally identifiable information protection
5th WD ISO/IEC 29003 Identity proofing
2nd WD Guidance for developing security and privacy functional requirements based on ISO/IEC 15408 (WG3 project:
formerly Privacy seal programs)
SD5 “Guidelines on the application of ISMS in the area of privacy“
プライバシー関連で規格を作成するか審議中の案件
Study period on Privacy impact assessment (ISO/IEC 27009 Sector specificを参考に検討)
Study period on Technical issue of 29115 when applied in national ID infrastructure
Study period on Age verification
Study period on A privacy-respecting identity management scheme using attribute-based credentials
Study period on User friendly online privacy notice and consent
2014年11月時点
- 50. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
50
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で発行されている規格
ISO/IEC 29100:2011 Privacy framework →無料化済み, Periodical pre-reviewed
ISO/IEC 29191:2012 Requirements for partially anonymous, partially unlinkable authentication
ISO/IEC 29101:201x Privacy architecture framework
ISO/IEC 29115:201x Entity authentication assurance framework (ITU-T X.1254)
ISO/IEC 27018:201x Code of practice for PII protection in public clouds acting as PII processors
プライバシー関連で作成中の規格
DIS(FDIS registered) ISO/IEC 29190 Privacy capability assessment model(検証を反映したのでFDIS)
CD registered ISO/IEC 29134 Privacy impact assessment – Methodology
CD registered ISO/IEC 29151 Code of practice for PII protection (ITU-T SG17共通文書にする方向)
4th WD ISO/IEC 29003 Identity proofing (法人を含めるScope変更, マルチパート化の意見あり)
New Work Item on Guidance for developing security and privacy functional requirements based on
ISO/IEC 15408 (WG3 project: formerly Privacy seal programs)
SD5 “Guidelines on the application of ISMS in the area of privacy“
プライバシー関連で規格を作成するか審議中の案件
Study period on Privacy impact assessment (ISO/IEC 27009 Sector specificを参考に今後検討)
Study period on Age verification (Confirmed to submit NWIP)
Study period on A privacy-respecting identity management scheme using attribute-based credentials
2014年5月時点
Downloadable from Free document
page
- 51. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
51
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で発行されている規格
ISO/IEC 29100:2011 Privacy framework →無料化を検討中
ISO/IEC 29191:2012 Requirements for partially anonymous, partially unlinkable authentication
ISO/IEC 29101:201x Privacy architecture framework
ISO/IEC 29115:201x Entity authentication assurance framework (ITU-T X.1254)
プライバシー関連で作成中の規格
DIS ISO/IEC 29190 Privacy capability assessment model
DIS ISO/IEC 27018 Code of practice for PII protection in public clouds acting as PII processors
3rd WD ISO/IEC 29134 Privacy impact assessment – Methodology
3rd WD ISO/IEC 29003 Identity proofing
2nd WD ISO/IEC 29151 Code of practice for PII protection
プライバシー関連で審議中の案件
New Work Item Proposal on Privacy seal programs (is started as WG3 project)
Study period on Privacy impact assessment
Canceled: Study period on Documentation of data deletion principles
Study period on Age verification
参考
2013年11月時点
- 52. © Copyright 2012-2016 Yoshihiro Satoh (http://yosihiro.com/) The latest document is located at http://www.slideshare.net/yoshihirosatoh5/
52
ISO/IEC JTC 1/SC 27 Information technology -- Security techniques
WG5 Privacy, Identity management and Biometrics
国際規格化の動向 http://bit.Ly/jtc1sc27
プライバシー関連で発行されている規格
ISO/IEC 29100:2011 Privacy framework →無料化を検討中
プライバシー関連で作成中の規格
ISO/IEC FDIS 29115 Entity authentication assurance framework (ITU-T X.1254)
ISO/IEC DIS 29191 Requirements for partially anonymous, partially unlinkable authentication
ISO/IEC CD 29101 Privacy architecture framework
ISO/IEC WD 29190 Privacy capability assessment model
ISO/IEC NP 27018 Code of practice for data protection controls for public cloud computing
services
ISO/IEC NP 29134 Privacy impact assessment – Methodology
プライバシー関連で審議中の案件
SP on Privacy / Personal Information Management Systems (PIMS)
SP on Privacy impact assessment
SP on Study period on Privacy seal programs
SP on Documentation of data deletion principles
参考
2012年11月時点