ISO 26430-5-2009 Digital cinema (D-cinema) operations - Part 5 Security log event class and constraints《数字影院(D-影院)运营 第5部分 安全日志事件类和约束》.pdf

1、 Reference number ISO 26430-5:2009(E) ISO 2009INTERNATIONAL STANDARD ISO 26430-5 First edition 2009-12-15 Digital cinema (D-cinema) operations Part 5: Security log event class and constraints Oprations du cinma numrique (cinma D) Partie 5: Classe et contraintes dvnement du journal de scurit ISO 2643

2、0-5:2009(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading

3、 this file, parties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the Genera

4、l Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given b

5、elow. COPYRIGHT PROTECTED DOCUMENT ISO 2009 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the add

6、ress below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org Published in Switzerland ii ISO 2009 All rights reservedISO 26430-5:2009(E) ISO 2009 All rights

7、reserved iii Foreword ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO member bodies). The work of preparing International Standards is normally carried out through ISO technical committees. Each member body interested in a subject

8、for which a technical committee has been established has the right to be represented on that committee. International organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical Commission (IEC) o

9、n all matters of electrotechnical standardization. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of technical committees is to prepare International Standards. Draft International Standards adopted by the technical committees

10、are circulated to the member bodies for voting. Publication as an International Standard requires approval by at least 75 % of the member bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO shall not be held

11、 responsible for identifying any or all such patent rights. ISO 26430-5 was prepared by the Society of Motion Picture and Television Engineers (as SMPTE 430-5-2008) and was adopted, under a special “fast-track procedure”, by Technical Committee ISO/TC 36, Cinematography, in parallel with its approva

12、l by the ISO member bodies. ISO 26430 consists of the following parts, under the general title Digital cinema (D-cinema) operations: Part 1: Key delivery message equivalent to SMPTE 430-1 Part 2: Digital certificate equivalent to SMPTE 430-2 Part 3: Generic extra-theater message format equivalent to

13、 SMPTE 430-3 Part 4: Log record format specification equivalent to SMPTE 430-4 Part 5: Security log event class and constraints equivalent to SMPTE 430-5 Part 6: Auditorium security messages for intra-theater communications equivalent to SMPTE 430-6 Part 9: Key delivery bundle equivalent to SMPTE 43

14、0-9 Copyright 2008 by THE SOCIETY OF MOTION PICTURE AND TELEVISION ENGINEERS 595 W. Hartsdale Ave., White Plains, NY 10607 (914) 761-1100 Approved March 3, 2008 Table of Contents Page Foreword . 2 Introduction . 2 1 Scope 3 2 Conformance Notation 3 3 Normative References 3 4 Overview (Informative).

15、4 5 Definitions . 5 5.1 Definition of Terms. 5 5.2 Definition of Processes and Validation 6 5.2.1 Composition Playlist Validity 6 5.2.2 Frame Playback Process. 6 5.2.3 Complete CPL Playback 6 5.3 Security Event Class 6 5.4 Security Class Namespace 6 5.5 Namespace Prefixes 6 5.6 Reference Architectur

16、es 7 6 Security Application Requirements. 7 6.1 Security Constraints. 8 6.1.1 Log Record Header 8 6.1.2 Log Record Body . 8 6.1.3 Log Record Signature 9 6.2 Security Log Record Authentication and Chaining 10 7 Security Event Definitions . 10 7.1 ReferenceID Scope 10 7.2 Event Types . 11 7.3 Event Su

17、b Types 12 7.3.1 Playout Event Sub Types. 12 7.3.2 Validation Event Sub Types. 14 7.3.3 Key Event Sub Types 15 7.3.4 ASM Event Sub Types. 16 7.3.5 Operations Event Sub Types. 18 7.4 Exception Tokens and Definitions 22 8 Examples (Informative) 23 8.1 Example 1 . 23 9 Glossary of Acronyms 23 Annex A P

18、roxy Logging (Informative) 24 Annex B Security Log Report Filtering (Informative) . 25 Page 1 of 25 pages SMPTE 430-5-2008SMPTE STANDARD D-Cinema Packaging Security Log Event Class and Constraints ISO 26430-5:2009(E) ISO 2009 All rights reserved 1SMPTE 430-5-2008 Page 2 of 25 pages Foreword SMPTE (t

19、he Society of Motion Picture and Television Engineers) is an internationally-recognized standards developing organization. Headquartered and incorporated in the United States of America, SMPTE has members in over 80 countries on six continents. SMPTEs Engineering Documents, including Standards, Reco

20、mmended Practices and Engineering Guidelines, are prepared by SMPTEs Technology Committees. Participation in these Committees is open to all with a bona fide interest in their work. SMPTE cooperates closely with other standards-developing organizations, including ISO, IEC and ITU. SMPTE Engineering

21、Documents are drafted in accordance with the rules given in Part XIII of its Administrative Practices. SMPTE Standard 430-5 was prepared by Technology Committee DC28. Introduction A general specification for D-Cinema Log Records and Log Reports is specified in LogRecord. This Security Class standard

22、 defines a class, and an associated namespace, for Log Records for security logging. Additionally, this standard constrains the use and application of that format to Security Log Records and Reports. More specifically, this document specifies the format of Log Records produced by security devices wi

23、thin D-Cinema systems. Typically these records are produced by the Security Manager component of the system, which produces records of security events for consumption by systems external to the security system. When the Security Manager produces these records, they are constructed to support authent

24、ication and non-repudiation by and for the device that produces them. Support is included for authenticating chains of records in a manner that reduces the overhead that would otherwise result if each record were to be authenticated individually. ISO 26430-5:2009(E) 2 ISO 2009 All rights reservedSMP

25、TE 430-5-2008 Page 3 of 25 pages 1 Scope The purpose of this document is to specify a Security Event Class and namespace for Security Log Records; and to constrain individual Log Records and sequences of such records (Log Reports) as they are used for security event logging purposes in D-Cinema appl

26、ications. The items covered contain descriptions of events logged by the security system, which are intended to provide forensic information regarding security critical events. This document does not specify the means of communication or the format of messaging between security devices in a system.

27、Neither does this document define the format for storage of Log Events within the protected storage of a security device. The Security Log Records and Security Log Record Sequences (Log Reports) described herein are intended for reporting of Security Events previously recorded by the security system

28、 to consumers of that information which are external to the security system. 2 Conformance Notation Normative text is text that describes elements of the design that are indispensable or contains the conformance language keywords: “shall“, “should“, or “may“. Informative text is text that is potenti

29、ally helpful to the user, but not indispensable, and can be removed, changed, or added editorially without affecting interoperability. Informative text does not contain any conformance keywords. All text in this document is, by default, normative, except: the Introduction, any section explicitly lab

30、eled as “Informative“ or individual paragraphs that start with “Note:” The keywords “shall“ and “shall not“ indicate requirements strictly to be followed in order to conform to the document and from which no deviation is permitted. The keywords, “should“ and “should not“ indicate that, among several

31、 possibilities, one is recommended as particularly suitable, without mentioning or excluding others; or that a certain course of action is preferred but not necessarily required; or that (in the negative form) a certain possibility or course of action is deprecated but not prohibited. The keywords “

32、may“ and “need not“ indicate courses of action permissible within the limits of the document. The keyword “reserved” indicates a provision that is not defined at this time, shall not be used, and may be defined in the future. The keyword “forbidden” indicates “reserved” and in addition indicates tha

33、t the provision will never be defined in the future. A conformant implementation according to this document is one that includes all mandatory provisions (“shall“) and, if implemented, all recommended provisions (“should“) as described. A conformant implementation need not implement optional provisi

34、ons (“may“) and need not implement them as described. 3 Normative References The following standards contain provisions which, through reference in this text, constitute provisions of this standard. At the time of publication, the editions indicated were valid. All standards are subject to revision,

35、 and parties to agreements based on this standard are encouraged to investigate the possibility of applying the most recent edition of the standards indicated below. RFC 3280 Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile URL: http:/www.ietf.org/rf

36、c/rfc3280.txt DCMLTypes SMPTE 433-2008, XML Data Types for Digital Cinema) LogRecord SMPTE 430-4-2008, Log Record Format Specification for D-Cinema ISO 26430-5:2009(E) ISO 2009 All rights reserved 3SMPTE 430-5-2008 Page 4 of 25 pages KDM SMPTE 430-1-2006, D-Cinema Operations Key Delivery Message D-C

37、ert SMPTE 430-2-2006 D-Cinema Operations Digital Certificate ETM SMPTE 430-3-2006, D-Cinema Operations Generic Extra-Theater Message Format ASM SMPTE 430-6-2008, D-Cinema Operations Auditorium Security Messages for Intra-Theater Communications TFE SMPTE 429-6-2006, D-Cinema Packaging MXF Track File

38、Essence Encryption CPL SMPTE 429-7-2006, D-Cinema Packaging Composition Playlist PKL SMPTE 429-8-2007, D-Cinema Packaging Packing List TRK SMPTE 429-3-2007, D-Cinema Packaging Sound and Picture Track File RFC 4051 Additional XML Security Uniform Resource Identifiers (URIs) http:/www.ietf.org/rfc/rfc

39、4051.txt RFC 2253 Lightweight Directory Access Protocol (v3): UTF-8 String Representation of Distinguished Names. URL: http:/www.ietf.org/rfc/rfc2253.txt 4 Overview The fundamental purpose of security logging in D-Cinema systems is to assure that access to clear-text content, and the use of decrypti

40、on keys to accomplish this, can be tracked in trusted reports from the security system. An important corollary of this requirement is to record that the security system itself is functioning properly. The Security Manager component of the security system is the trusted device, which collects informa

41、tion as the system operates, then processes that information to compose Security Log Records and potentially Log Reports. While communication of Log Event data between devices in a security system must be performed securely, such communications are outside of the scope of this document. This documen

42、t does not specify any particular security system architecture, and so uses the term “Security Device“ to refer to components of the security system generically. The general requirements for Security Log Records external to the security system are that the records be verifiable as to the integrity o

43、f their content, verifiable as to the completeness of a report, and verifiable as to their source. An additional requirement is that sequences of log records must support filtering of potentially sensitive information, while maintaining sequential integrity, i.e. the filtering of an individual recor

44、d must leave verifiable evidence of the records existence and position in the sequence. Filtering is described in LogRecord. When a system external to the security system, such as a general-purpose log management system, is instructed to retrieve records from the security system, this standard descr

45、ibes how those records should be generated and represented. The LogRecord standard is constructed to support filtering of log records by omitting the body part of a record. The security system may support the generation of pre-filtered log record sequences (with selected record bodies omitted), or f

46、iltering may be performed after the log records are retrieved. The Security Application Requirements section of this document constrains the application of the log format defined in the Log Record Specification for D-Cinema LogRecord. These constraints ensure that this format is applied to the expre

47、ssion of Log Records and Reports in a manner that provides for authentication of the log data. It is important to note that LogRecord does not actually specify the Event Types, Event Subtypes, Parameters, or scopes for the Event Classes that it denotes, but provides a framework for doing so. The Sec

48、urity Event Definitions section of this document defines the “security” Event Class as called for in LogRecord, including all of the detail necessary to create fully defined Log Records for security. ISO 26430-5:2009(E) 4 ISO 2009 All rights reservedSMPTE 430-5-2008 Page 5 of 25 pages 5 Definitions

49、5.1 Definition of Terms Security Log Event Any event that has security implications or forensic value. Such an event results in the recording of log data. Security Log Data Security event information that is recorded and stored within a security device, where such an event took place or was observed. Security Log Record A Log Record, containing Security Log Data, describing a Security Log Event. Security Log Report - A sequence of Log Records as spe