|
第5章 セキュリティ関連の各種規格と標準化動向
米国同時多発テロ事件以降、米国での国土安全保障省が設置される等を鑑み、ISO理事会は、セキュリティが各国政府にとって高い優先順位の政策課題であり、一般市民の関心事項であることを認識しています。
ANSI(米国標準協会)は、国土安全保障省の施策に対応した活動を開始し、セキュリティ関連の標準化のためのパネル(ANSI-HSSP)を設置しており、その成果をふまえ、ISO/TMBにセキュリティAGの設置を提案していました。
この提案をふまえ、国際標準化機関(ISO)は、2004年1月27-28日に開催した技術管理評議会(TMB)において、セキュリティに関する高級諮問グループ(以下、セキュリティAG)の設置を決定しました。
セキュリティAGの概要は以下のとおりです。
(1)議長
Dr G. Arnold(ANSI理事会議長。ルーセントテクノロジー社ベル研究所の標準・知財担当副社長)
(2)メンバ
TMBメンバが1ヶ月以内に推薦
(3)所掌事項
・セキュリティ分野[初動者用の教育訓練プログラム及び機器、民間部門の危機対応性及び企業活動の継続性、識別技術(バイオメトリックスを含む)、緊急通信、複合サプライチェーンのセキュリティ、リスク評価、生物化学脅威物質、情報セキュリティ、防災等]の既存のISO規格等の見直し
・セキュリティに関する国際規格ニーズ評価
・他機関の規格の評価
・ISO理事会・TMBが取るべき行動の勧告
(4)報告
2004年9月TMB会合に暫定報告。最終報告は2004年12月末までとする。
(5)会合
必要に応じて開催するが、出来るだけ電子的に作業を行う。
セキュリティ関連規格の整理をふまえてその全体像や関連性を整理すると以下のようになっています。
(1)メッセージ規格
(1)国連規格(ISO/TC154)
行政、金融、電子商取引、運輸(UN/EDIFACT)
(2)関連規格
・WCO(関税)
・IMO(海運)
・ILO(船員手帳等)等
(2)情報セキュリティ(ISO/IEC/JTC1/SC27)
(3)支援要素技術
(1)自動識別技術(ISO/IEC/JTC1/SC31)
(2)バイオメトリックス(ISO/IEC/JTC1/SC37)
(3)識別カード(ISO/IEC/JTC1/SC17)
(4)緊急通信
(5)リスク評価
(4)運輸交通関係(インターモーダルサプライチェーンのセキュリティ)
(1)ITS(ISO/TC204)
(2)輸送機関識別
(3)貨物識別(ISO/TC104)
(5)防災
(6)アプリケーション分野
(1)民間部門の危機対応性
(2)企業活動の継続性
(3)生物化学脅威物質
なお、このほか、ISO/TMBセキュリティAGの検討内容に例示されている規格としては、人材育成、初動者用の教育訓練プログラム及び機器があります。
また全体のセキュリティや安全確保のために、既存のマネジメント規格、リスク管理システムを活用することがANSIで検討されています。
貨物輸送のセキュリティシステムに関連する基本的な情報の流れは下図のようになっています。
ここでUN/EDIFACTは、行政申請認可システムと国際的な行政間の情報交換の基本的仕様を担っています。また、自動識別技術(AIDC)は、モノと情報をヒモつけるインタフェースの役割を果たしています。
情報通信全体については情報セキュリティシステムによる暗号化仕様が用いられています。
このほか、セキュリティ・セーフティに関連する規格群としては防災関係があります。
図5.1.1 国際輸送におけるセキュリティ管理システムの関連構造
米国連邦運輸省(US-DOT)が貨物輸送関連(爆発物、バイオテロ対策)のテロ対策関連国際規格団体として整理したリストは以下のとおりです。
国際団体、国内規格及び欧州等の域内規格を含みます。
(資料):US DOT, Freight Standards Related Organizations, Version 1.3, 2002年11月21日
1) AAPA/TOPAS - American Association of Port Authorities' Terminal Operators & Port Authority Subcommittee for EDI Standards Development.
2) ANSI- American National Standards Institute.
ANSI is a private, non-profit organization (501(c) 3) that administers and coordinates the U.S. voluntary standardization and conformity assessment system. The Institute's mission is to enhance both the global competitiveness of U.S. business and the U.S. quality of life by promoting and facilitating voluntary consensus standards and conformity assessment systems, and safeguarding their integrity.
3) ASC X12 - Accredited Standards Committee X12
The scope of X12 is to develop uniform standards for inter-industry electronic exchange of business transactions electronic data interchange (EDI).
4) ASC X12I Transportation Subcommittee
The scope of X12I is the development and maintenance of ASC X12 and UN/EDIFACT Electronic Data Interchange (EDI) standards associated with United States Transportation.
5) BEST - Business Group for Electronic Commerce Standards in Transport.
BEST was established in 1994 by a group of companies and organisations in the transport sector primarily to support the work of the European EDIFACT Transport Group (MD2 now named EEG2). BEST supplies the Chair and the secretariat for the worldwide EDIFACT transport group UN/CEFACT/D4.
6) CEN - Comite Europeen de Normalisation.
CEN's mission is to promote voluntary technical harmonization in Europe in conjunction with worldwide bodies and its partners in Europe.
7) CEN/BT/WG141 Intermodal and Interoperable Transport V Telematics.
CEN/BT WG 141 has been set up by the CEN Bureau Technique during its meeting held in Brussels on 6-7 May 2002 with the purpose of creating a Business Plan and defining the main standards requirements related to "Intermodal and interoperable transport 。V telematics", on the basis of on-going work in different TCs and in the co-operation with the TCs.CEN/TC278,
8) Technical Committee 278.
Standardization in the field of telematics to be applied to road traffic and transport, including those elements that need technical harmonization for intermodal operation in the case of other means of transport. It shall support a.o. :- vehicle, container, swap body and goods wagon identification; -communication between vehicles and road infrastructure; - communication between vehicles; -vehicle man machine interfacing as far as telematics is concerned; - traffic and parking management; - user fee collection; - public transport management; - user information.
9) DISA Data Interchange Standards Association.
Established as a not-for-profit, the Data Interchange Standards Association (DISA) is home for the development of cross-industry electronic business interchange standards.
DISA serves as the Secretariat for ASC X12 and their X12 EDI and XML standards development process.
10) eBusiness MOUV eBusiness Memorandum of understanding.
In each standardization organization (IEC, ISO, ITU, UN/ECE) there is a decision making process. The work of the MOU Management Group will be to review and prepare recommendations for these organizations. In the area of Electronic Business the MOU Management Group shall promote synergy in standardization through encouraging cooperation and by the timely identification of, and recommendation to resolve, divergences and overlaps.
11) IEC - International Electrotechnical Commission.
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes international standards for all electrical, electronic and related technologies. These serve as a basis for national standardization and as references when drafting international tenders and contracts.
12) IEC/TC9 Technical Committee 9, Electrical Railway Equipment.
Prepares international standards for the railway field which includes rolling stock, fixed installations, management systems for rail vehicle operation, their interfaces, within their ecological environment. IEC/TC 9/WG 40 addresses Railway applications-Urban Guided Transport Management and Command/Control Systems
13) IEEE Institute of Electrical and Electronics Engineers.
The IEEE (Eye-triple-E) is a non-profit, technical professional association of more than 377,000 individual members in 150 countries. The full name is the Institute of Electrical and Electronics Engineers, Inc., although the organization is most popularly known and referred to by the letters IEEE. Through its members, the IEEE is a leading authority in technical areas ranging from computer engineering, biomedical technology and telecommunications, to electric power, aerospace and consumer electronics, among others.
14) IEEE/SCC 32, Standards Coordinating Committee 32, Intelligent Transportation Systems.
SCC32 is responsible for coordinating, developing, and maintaining standards, recommended practices, and guidelines related to Intelligent Transportation Systems (ITS) within the scope of 2002 IEEE interests. SCC32 works with other national and international standards writing bodies to coordinate area of involvement.
15) IEEE/SCC32/IMWG, Incident Management Working Group of IEEE SCC32.
The activity of the IMWG is to research, compile, analyze, and consolidate information leading to the publication of a standard message set for Incident management; this scope initially will be limited to address message sets from Emergency Management Center (EMC) to the Traffic Management Center (TMC) and Emergency Telephone System (ETS).
16) IMO - International Maritime Organization.
The purposes of the Organization, as summarized by Article 1(a) of the Convention, are "to provide machinery for cooperation among Governments in the field of governmental regulation and practices relating to technical matters of all kinds affecting shipping engaged in international trade; to encourage and facilitate the general adoption of the highest practicable standards in matters concerning maritime safety, efficiency of navigation and prevention and control of marine pollution from ships". The Organization is also empowered to deal with administrative and legal matters related to these purposes.
|
