(1) Criteria on the Facilities Used for the Business
- Management of the entries into and exits from the certification business facility room.
- Prevention of unauthorized access to the facilities.
- Prevention of the use of the facilities by unauthorized personnel.
- Encryption devices
- Prevention of natural disasters
(2) User Identification Procedures
- User applications, etc.
- Methods for verifying authenticity of users, etc.
(3) Other Operational Procedures
- Explanations to the applicants
- Information that is required to be included in an application, etc.
- Generation of the user signature codes and user identification codes
- Matters related to electronic certificates
- Prevention of confusion with other business
- Records of the attribute information
- Provision of information to the relying parties
- Matters related to the revocation of electronic certificates.
- Rules on the implementation of certification business.
- Abandonment of certification business.
- Information disclosure.
- Organizational structure and systems for service implementation.
- Approval system for controlling the operation of facilities.
- Prevention of the leakage of issuer signature codes.
(4) Records and Documents
- Records and documents related to user applications.
- Records and documents related to revoked electronic certificates.
- Records and documents related to the organizational management of the Certification Business Operator*.
- Records and documents related to the facilities and safety measures.
Note/ * Certification Business Operator: Certification Service Provider; CSP