Introduction into the Technical Specification FprCEN/TS 16439 Electronic Fee Collection - Security Framework

摘要

The CEN Technical Specification (TS) "Electronic Fee Collection – Security Framework"contains more than 140 pages of rules, definitions and potential threats which could beapplicable for an EFC system. The EFC Security Framework covers all kinds of EFC systems,from small monolithic systems (e.g. ?resund Bridge) up to large interoperable EFC schemeslike the European Electronic Toll System (EETS). The aim of the paper is to provide alayman's guide to the Security Framework. The paper gives a short overview on the content ofthe technical specifications. It also explains the main targets and definitions of the Framework.In addition, it describes the limitations of the security requirements and security measuresdefined in such a multi-applicable framework. It outlines the basic procedures to eliminate thelimitation which is only possible when designing the security concept for a real existing EFCsystem. In advance, the paper provides basic advice on how to use the Security Frameworktogether with other well established IT-related security standards. And finally a summary ofthe benefits using the security framework compared with the risks and disadvantages notdoing so give reasons why the framework shall be applied.