🔥🔥 Don’t Miss Out on Our End of Autumn Sale. If you have any questions, feel free to click the bottom right corner to contact our customer service..

Concat us[email protected]
Shopping Cart

No products in the cart.

🔍
BS EN 14615:2017

BS EN 14615:2017

$215.11

Postal services. Digital postage marks. Applications, security and design

Published By Publication Date Number of Pages
BSI 2017 136
PDF Format Searchable Printable Preview Now
Guaranteed Safe Checkout
Category:

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

This European Standard specifies a recommended procedure for the development of specifications for applications of digital postage marks (DPMs) – i.e. applications linked to the use of digital printing and image data capture technologies in the postal industry, most particularly for the evidencing of postage accounting and/or payment. It is not intended to prescribe or to recommend any particular architecture or design for such applications, only to specify the process through which such an architecture or design should be developed. The document covers only requirements and considerations relating to applications that use digital postage marks, on individual postal items, as a means of communicating data (messages). The clause on design covers only the design of the digital postage marks themselves. It does not cover other aspects of design, including the possible use of other messages, transported by other means (e.g. statements of mailing), to provide for the communication of additional data, even though these might be just as important.

PDF Catalog

PDF Pages PDF Title
2 National foreword
10 1 Scope
2 Normative references
3 Terms and definitions
13 4 Symbols and abbreviations
14 5 DPM applications and design process
5.1 Introduction
15 5.2 DPM business planning
16 5.3 DPM systems analysis
17 5.4 DPM security analysis
18 5.5 DPM design
19 Annex A (normative)Specification checklists
A.1 Applications specifications
A.2 System specification
20 A.3 Security specification
A.4 DPM specification
21 Annex B (informative)Business planning considerations
B.1 Possible applications
22 B.2 Market segmentation
B.2.1 Approach
B.2.2 Mailer segmentation
23 B.2.3 Postal access and induction
24 B.2.4 Payment
25 B.3 Applications selection
B.3.1 Approach
B.3.2 Infrastructure requirements and constraints
26 B.3.3 Other factors
28 Annex C (informative)Security analysis considerations
C.1 Context
29 C.2 Security objectives, policy and economics
30 C.3 Threats and vulnerabilities
C.3.1 Introduction
31 C.3.2 Environmental context
C.3.3 General threats to DPM systems
34 C.4 Applications and message level security
36 C.5 Security services and message level countermeasures
38 C.6 Applications level countermeasures
C.6.1 Introduction
C.6.2 Access and usage controls
42 C.6.3 Duplicate detection
44 C.6.4 Induction control
45 C.6.5 Inspection and forensic analysis
46 C.6.6 Investigation
C.6.7 Postal item verification
48 C.6.8 Obliteration countermeasures
C.6.9 Security service management
C.6.10 Volume and revenue controls
49 C.7 Countermeasure selection
51 C.8 Application of countermeasures
C.9 Message security implementation options
C.9.1 Introduction
52 C.9.2 Digital signatures
53 C.9.3 Message authentication codes
54 C.9.4 Exchange validation codes
56 C.9.5 Selection of message security techniques
57 C.9.6 Application of verification techniques
58 Annex D (informative)Systems analysis considerations
D.1 Requirements analysis
59 D.2 Functional description
D.2.1 Approach
D.2.2 Postal item production
60 D.2.3 Rating
D.2.4 Accounting
D.2.5 DPM generation
D.2.6 DPM printing
D.2.7 Payment
D.2.8 Induction
61 D.2.9 Mail processing: sorting, transportation and delivery
D.2.10 Component management
D.2.11 Security management
D.2.12 Audit
62 D.2.13 Application services
D.3 Function allocation and architecture design
D.4 Other detailed design aspects
D.4.1 Introduction
D.4.2 Data requirements and sourcing
63 D.4.3 DPM printing
65 D.4.4 DPM data capture
66 D.4.5 Applications processing
67 D.4.6 Security analysis
D.4.7 Exception handling
69 Annex E (informative)DPM design considerations
E.1 Data content
70 E.2 Data entry
71 E.3 Data construct mapping
72 E.4 Symbology
73 E.5 Human readable information
74 E.6 Layout, facing and aesthetics
75 E.7 Performance and test criteria
76 Annex F (informative)Statistical analysis of DPM verification
F.1 Introduction
F.2 Purpose and scope of postal item verification
77 F.3 Detection of DPMs with invalid validation code
F.3.1 Introduction
F.3.2 Parameters
78 F.3.3 Possible Outcomes
F.3.4 Analysis of Outcomes
79 F.3.5 Calculation of Fraud Incidence
82 F.4 Influence of CVC length on fraud detection
83 F.5 Detection of duplicate DPMs
84 Annex G (informative)Message security algorithms
G.1 Introduction
G.2 Hash functions used in message security services
85 G.3 Asymmetric (public key) cryptographic algorithms
G.3.1 DSA
G.3.2 RSA
86 G.3.3 ECDSA
87 G.3.4 Hybrid digital signatures with partial message recovery
88 G.3.5 Other digital signature methods
G.4 Message authentication code (MAC) algorithms
G.4.1 General
G.4.2 CBC DES
89 G.4.3 Advanced Encryption Standard (AES)
G.4.4 HMAC
90 G.4.5 MAC truncation and CVC size
92 G.5 Exchange validation code generation
G.6 Selection of algorithms for CVC implementation
G.6.1 Introduction
93 G.6.2 Cryptographic strength of commonly used algorithms
G.6.2.1 Introduction
94 G.6.2.2 Digital signature algorithms
G.6.2.3 CBC DES-based MAC algorithms
95 G.6.2.4 CBC AES-based MAC algorithms
G.6.3 Validation code size and size inflation
96 G.6.4 Generation and verification complexity
G.6.5 Key generation complexity
G.6.6 Key management infrastructure
97 G.6.7 Intellectual property rights
G.6.8 Legality of use; export and import approval
98 Annex H (informative)CVC generation and verification data
H.1 Introduction
H.2 Sources of data for verification
H.2.1 Introduction
99 H.2.2 Data encoded on the item
H.2.3 Data accessed by database look up
H.3 Selection of data used in the verification process
H.3.1 Introduction
101 H.3.2 Acceptance control code
H.3.3 Batch identifier and item number; licence plate
102 H.3.4 CVC
H.3.5 Date / time
H.3.6 Delivery security code
103 H.3.7 Device identifier, customer identifier or licence number
H.3.8 Postage value
H.3.9 Public key certificate identifier
104 H.3.10 Rating parameter(s), including service indicator
105 Annex I (informative)Architecture examples
I.1 Introduction
I.2 The REMPI architecture
I.2.1 Introduction
I.2.2 Mailer systems
I.2.3 Mail finishing system
I.2.4 Mail finishing print subsystem
106 I.2.5 Secure accounting system
107 I.2.6 Announcement system
I.2.7 Acceptance system
I.2.8 Postal item verification system
108 I.2.9 Reconciliation and support systems
I.2.10 Bank
I.2.11 Post systems
I.2.12 Mail handling infrastructure
I.2.13 Customer information system
I.2.14 Enquiry and data system
109 I.3 USPS IBIP configurations
I.3.1 Introduction
I.3.2 System components
I.3.2.1 Management Subsystem
110 I.3.2.2 Security/Revenue-Sensitive Subsystem
I.3.2.3 Printing Subsystem
I.3.2.4 Postal Item Audit Subsystem
I.3.2.5 Product Audit Subsystem
I.3.2.6 Finance Subsystem
I.3.3 Configuration A
113 I.3.4 Configuration B
114 Annex J (informative)Examples of digital postage marks (not to scale)
J.1 Australia Post
J.2 Canada Post
J.3 Deutsche Post
116 J.4 Die Post, Switzerland
117 J.5 Royal Mail
118 J.6 United States Postal Service (USPS)
120 Annex K (informative)Relevant intellectual property rights (IPR)
K.1 Introduction
K.2 Massachusetts Institute of Technology
K.3 Neopost
121 K.4 Pitney Bowes Inc
K.5 Pitney Bowes Inc, together with Certicom Corp
122 K.6 United States Department of Commerce
K.7 United States Postal Service
123 Annex L (informative)DPM design charts
L.1 Applicability of countermeasures against identified threats
127 L.2 Data elements used by typical applications and countermeasures
131 L.3 Mapping data elements onto data source and DPM data constructs

Related products

BS EN 14615:2017
$215.11