Attention: Your browser doesn't support javascript or you have deactivated Javascript in your browser. Please enable Javascript in your browser in order to be able to use all functions of this website.

NA 043

DIN Standards Committee Information Technology and IT Applications

About NIA Projects Drafts Publications Documents withdrawn without replacement National committees European committees International committees

Project

Cybersecurity essential requirements for products with digital elements used in identity management systems and privileged access management software and hardware, including authentication and access control readers, including biometric readers

Abstract

This project aims at covering the line 16 of the standardisation request and will provide: • General description of the Product with digital elements belonging to that category and the product and/or components such Product with digital elements may integrate, including - amongst other: o detailed description of that product category using in:  Identity management systems hardware and software are products with digital elements that provide mechanisms for identity lifecycle management, such as identity provisioning, maintenance, authentication, authorisation and deprovisioning, and including associated metadata.  Privileged access management hardware and software are products with digital elements that authenticate and authorise users or devices, granting or denying access to digital resources or to physical locations.  This category includes but is not limited to products (hardware, software and communication protocol) with digital elements that have the core functionality of either or both identity management and privileged access management; authentication and access control readers; biometric readers; single sign-on software; federated identity management software, protection and safety management (such as access control, intrusion alarm, CCTV and fire safety systems) and multi-factor authentication software. o Intended product purpose and reasonably foreseeable use in the above categories; o Identification of the various types of Products with digital elements; o Delineation and interplay with the following other categories of Product with digital elements (identified by their line in the standardization request):  line 17  line 18  line 20  line 24  line 28  line 29  line 32  line 35  line 37  line 38  line 39  line 41 • Description of their life cycle; • Relevance of cybersecurity essential requirements including the cybersecurity assessment requirements; • Definition of applicable risk profiles to be considered for these Product with digital elements; • Applicable cybersecurity requirements ensuring fulfillment of the essential requirements for each risk profile; • Applicable cybersecurity assessment requirements for each risk profile. A base document is provided • Defining the risk profiles; • Identifying initial cybersecurity security requirements.

Begin

2025-08-31

WI

00224292

Planned document number

00224292

Responsible national committee

NA 043-04-17 AA - Cards and security devices for personal identification

Responsible european committee

CEN/TC 224/WG 17 - Protection Profiles in the context of SSCD

Contact

Katharina Klug

Am DIN-Platz, Burggrafenstr. 6
10787 Berlin

Tel.: +49 30 2601-2094
Fax: +49 30 2601-42094

Send message to contact

Economic benefits

DIN SPEC

Why do standards cost money?

Get involved in standardization

Terminology