Document from CIS Legislation database © 2003-2024 SojuzPravoInform LLC

It is registered

in the Ministry of Justice of Ukraine

September 17, 2012.

No. 1594/21906

RESOLUTION OF BOARD OF THE NATIONAL BANK OF UKRAINE

of July 11, 2012 No. 290

About approval of Rules of electronic interaction between respondents and the National Bank of Ukraine

According to article 7 of the Law of Ukraine "About the National Bank of Ukraine", for the purpose of increase in level of information security and establishment of single rules of exchange of the protected electronic documents between the National Bank of Ukraine and its respondents the Board of the National Bank of Ukraine DECIDES:

1. Approve Rules of electronic interaction between respondents and the National Bank of Ukraine which are attached.

2. To impose control over the implementation of this resolution on the vice-chairman of the National Bank of Ukraine Prokhorenko V. P.

3. This resolution becomes effective from the date of its official publication.

 

Chairman

S.G. Arbuzov

IT IS APPROVED:

Public service

special communication and

information security of Ukraine

 

Approved by the Resolution of Board of the National Bank of Ukraine of July 11, 2012 No. 290

Rules of electronic interaction between respondents and National Bank of Ukraine

І. General provisions

1.1. These rules regulate exchange of the protected electronic documents between respondents and the National Bank of Ukraine (further National Bank) through the Internet and developed according to the Laws of Ukraine "About the National Bank of Ukraine", "About banks and banking activity", "About the digital signature" and "About electronic documents and electronic document management".

1.2. In these rules terms are used in such value:

electronic seal - the digital signature (further - ETsP) which on legal status is equated for printing taking into account requirements of article 3 of the Law of Ukraine "About the digital signature";

the protected electronic document - the electronic document ciphered by cryptographic information security (further - KZI) which has the certificate of conformity or positive the expert opinion by results of state examination in the sphere of cryptographic information security;

the portal of electronic interaction of National Bank (further - the portal of National Bank) - the program technical tool developed taking into account these rules for exchange of the protected electronic documents between respondents and National Bank by means of e-mail (e-mail);

the respondent of National Bank (further - the respondent) - person - the sender of the protected electronic document in National Bank;

the status of the certificate - condition of the strengthened certificate of key (acting, blocked, cancelled) for the specific moment.

In these rules other terms are used in the values determined in the Laws of Ukraine "About the digital signature", "About electronic documents and electronic document management", the Procedure for assurance of availability of the electronic document (electronic data) on certain timepoint approved by the resolution of the Cabinet of Ministers of Ukraine of 26.05.2004 No. 680, the Procedure for accreditation of the center of certification of keys, approved by the resolution of the Cabinet of Ministers of Ukraine of 13.07.2004 No. 903.

ІІ. General requirements to data exchange

2.1. The National Bank determines the e-mail address (e-mail) of the portal of National Bank, phones of technical support and distributes this information through pages of Official Internet representative office of the National Bank of Ukraine (www.bank.gov.ua) in the Section "Portal of Electronic Interaction".

2.2. The cycle of exchange of the protected electronic documents (further - the file of exchange) consists of the file which goes the initiator of exchange to the addressee (further - the file of the message), messages on delivery and two receipts which confirm result of receipt of the file of the message.

The message on delivery confirms date and time of receipt of the file of the message by the addressee.

The first receipt (further - the receipt No. 1) confirms result of check of passing of automatic incoming inspection of the file of the message.

The second receipt (further - the receipt No. 2) confirms result of information processing from the file of the message.

2.3. The respondent for data exchange with National Bank needs to have:

Internet access and possibility of departure and adoption of files of exchange in format of transport connection (further - TS) according to the Section V of these rules;

the software intended for creation and processing of files of exchange of the respondent according to the Section ІІІ these rules;

means of KZI which has the certificate of conformity or the positive expert opinion by results of state examination in the sphere of cryptographic information security.

ІІІ. Format of the file of exchange

3.1. All files of exchange shall be created as XML documents according to the open W3C (http://www.w3.org/TR/REC-xm1) standard and are coded in the Windows 1251 format.

3.2. For control of integrity of structure and correctness of filling of Xmldokumenta the file (further - the XML scheme) which meets the W3C "XML Schema" standard (http://www.w3.org/2001/XMLSchema-instance) is used and has the XSD expansion (XML Schema definition).

The coding of details in the XML scheme is determined by template of display of each type of the file of the message. All templates are provided by National Bank in the Adobe Portable Document Format (PDF) format and have file name, similar to the XML scheme, with the PDF expansion.

The procedure for elements in the XML document shall answer the procedure described by the XML scheme precisely.

3.3. The description of formats of files of exchange is given in appendix 1 to these rules.

The detailed description and contents of files of exchange, the XML scheme and templates of display are established by National Bank and extend through pages of Official Internet representative office of the National Bank of Ukraine in the Section "Portal of Electronic Interaction".

IV. Requirements to cryptographic information security

4.1. Creation of the file of exchange comes to the end with imposing of the digital signature with use of well-tried remedy of the digital signature (further - ETsP).

4.2. For check of ETsP the strengthened certificate of open key (daleesertifikat key) created by the accredited center of certification of keys is used.

The status of the certificate of key is checked for the moment determined by time mark which is imposed on the electronic document, and in case of lack of mark of time - at the time of receipt of the electronic document.

4.3. All cryptographic transformations are carried out by means of cryptographic information security which shall meet such requirements:

realize procedures of forming and check of ETsP according to the national standard of Ukraine of DSTU 4145-2002 "Information technologies. Cryptographic information security. The digital signature which is based on elliptic curves. Forming and check", the State committee of Ukraine approved by the order concerning technical regulation and consumer policy of 28.12.2002 No. 31;

realize procedures of open distribution of keys according to the national standard of Ukraine of DSTU ISO IEC 15946-3:2006 "Information technologies. Protection methods. Cryptographic methods which are based on elliptic curves", the State committee of Ukraine approved by the order concerning technical regulation and consumer policy of 03.10.2006 No. 294;

realize procedures of symmetric encryption according to the DSTU state standard specification 28147:2009 interstate standard "Systems of information processing. Protection cryptographic. Algorithms of cryptographic transformation", the State committee of Ukraine approved by the order concerning technical regulation and consumer policy of 22.12.2008 No. 495;

realize the procedure of imposing of mark of time according to the national standard of Ukraine of DSTU ISO/IEC 18014-1:2006 "Information technologies. Protection methods. Services of stamping of time. Part 1. Basic provisions" (IDT ISO/IEC 180141:2002,), the approved order of the State committee of Ukraine concerning technical regulation and consumer policy of 27.12.2006 No. 375;

have the certificate of conformity or the positive expert opinion by results of state examination in the sphere of cryptographic information security.

Functions of libraries of cryptographic transformations for compatibility with the portal of National Bank shall answer the specifications of cryptographic functions specified in appendix 2 to these rules.

V. Format of TS

5.1. The TS answers format of e-mail (MIME) according to the international standard RFC-1521. Titles of TS are coded in the Windows 1251 format.

The TS consists of details of TS and the shipping container (further - shopping mall).

The shopping mall is included into TS as the file of the conclusion.

The shopping mall consists of the title and the block of the ciphered data (details of encryption of data and the ciphered data).

The ciphered data contain the ciphered XML file with imposed by ETsP, and also set of the additional data necessary for check of ETsP and recognition of its reality.

Before encoding data are packed by the ZIP archiver who contains one signed XML file in the root catalog. The name of the file of archive matches XML file name.

The name of the file of shopping mall matches name of the XML file and it is specified in the field of FILENAME of the title.

5.2. The TS can have only one receiver.

One TS shall contain only one prisoner of shopping mall in it. In case of acceptance of TS to processing of shopping mall with the same name it cannot be transferred for the second time.

The description of TS is given in appendix 3 to these rules.

VI. Name of files of exchange

6.1. The name of the file of exchange consists of the name of the file and its expansion. Total length of name of the file cannot exceed 128 symbols.

6.2. The name of the file of exchange has such structure: <task code (3 symbols)> <subtask code (5 symbols)> <unique identifier of the respondent>, where:

the task code, subtask code, the unique identifier of the respondent determines National Bank;

ggmmdd - date of forming of the file of messages (gg - two last figures of year and mmdd - month, day in 10-unit system of calculation);

NNN - sequence number of the file of the message during the day (3 symbols).

Codes of task and subtask are supplemented to the necessary length with symbol "0".

The name of the file of the message on delivery and the name of files of the receipt match the name of the file of the message which is acknowledged.

6.3. Expansion for the corresponding file of exchange matters:

XML - for the file of the message;

RPL - for the message on delivery;

RP1 - for the receipt No. 1;

RP2 - for the receipt No. 2.

VII. Procedure for submission of the file of the message means of telecommunication communication

7.1. The file of exchange at the beginning of acceptance is checked for the admissible name and expansion (XML, RPL, RP 1, RP2) of the file and on correctness of filling of the title of shopping mall. If the file of exchange does not undergo testing, then it deviates, and on the file of the message the addressee of any answer does not send.

7.2. The file of exchange is deciphered, unpacked from archive, time mark by the addressee whose status of the certificate of key at the time of imposing of mark of time shall be effective then he moves on storage in archive is imposed on it. The structure of the file which is stored in archive is specified in Item 2.2 of Chapter 2 of appendix 3 to these rules. On the file of the message in reply the addressee sends the message on delivery.

7.3. The service of automatic incoming inspection checks ETsP of the electronic document, including by check of action of the appropriate strengthened certificates of open keys, and compliance of the electronic document to the XML scheme. The addressee sends to the file of the message to the sender of the file of the message the receipt No. 1.

7.4. The functional subsystem of National Bank of the corresponding task checks contents of the electronic document. By results of check to the sender of the file of the message the receipt No. 2 is created.

7.5. In National Bank ETsP of two responsible persons and electronic seal of the respondent is imposed on the file of the message of the respondent. The file is ciphered with use of open key of the portal of National Bank.

ETsP of the portal of National Bank is imposed on the message on delivery and the receipt from National Bank. The file is ciphered with use of open key of electronic seal of the respondent.

The open key of electronic seal of the respondent is provided in the certificate of key of the corresponding file of messages sent to National Bank.

7.6. ETsP of the responsible person and the portal of National Bank is imposed on the file of the message from National Bank. The file is ciphered with use of open key of electronic seal of the respondent.

The electronic seal of the respondent is imposed on the message on delivery and the receipt from the respondent. The file is ciphered with use of open key of the portal of National Bank.

The certificate of key of the portal of National Bank extends National Bank through pages of Official Internet representative office of National Bank in the Section "Portal of Electronic Interaction".

7.7. The National Bank provides the message on delivery and the receipt to the respondent on the e-mail postal address from which the file of the message arrived.

7.8. Data are accepted to processing if receipts do not contain codes of mistakes. Date and time of provision of the file of the message are certified by the message on delivery received by the respondent if all receipts on the corresponding file of the message do not contain mistake.

7.9. Files of exchange are stored by National Bank and the respondent in the deciphered type with imposed on them ETsP within five years.

 

Deputy head of department of information security S. P. Gavrish

Appendix 1

to Rules electronic interactions between respondents and National Bank of Ukraine

1. General description of format of files of exchange

The structure of files is unified and consists of the DECLARHEAD and DECLARBODY elements.

Root element is the element with the name "DECLAR" in which the reference to the scheme of control of data is specified (XML scheme). In the DECLARHEAD element information identifying the respondent who provides the report to National Bank is placed. Content of the DECLARBODY element is determined by separate requirements concerning provision of information by respondents to National Bank.

General view of the scheme of the XML file:

2. General description of the file of the message

2.1. The DECLARHEAD element contains set of elements, identical for all files of messages. The description of the DECLARHEAD element is provided in table 1:

Table 1                 

 

Name of element

Content

Warning!!!

This is not a full text of document! Document shown in Demo mode!

If you have active License, please Login, or get License for Full Access.

With Full access you can get: full text of document, original text of document in Russian, attachments (if exist) and see History and Statistics of your work.

Get License for Full Access Now

Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info

Effectively work with search system

Database include more 50000 documents. You can find needed documents using search system. For effective work you can mix any on documents parameters: country, documents type, date range, teams or tags.
More about search system

Get help

If you cannot find the required document, or you do not know where to begin, go to Help section.

In this section, we’ve tried to describe in detail the features and capabilities of the system, as well as the most effective techniques for working with the database.

You also may open the section Frequently asked questions. This section provides answers to questions set by users.

Search engine created by SoyuzPravoInform LLC.