BS ISO IEC 10181-4-1997 Information technology - Open systems interconnection - Security frameworks for open systems - Non-repudiation framework《信息技术 开放系统互连 开放系统用安全帧 非废弃帧》.pdf

1、BRITISH STANDARD BS ISO/IEC 10181-4:1997 Information technology Open Systems Interconnection Security frameworks for open systems: Non-repudiation framework (ITU-T Rec. X.813 (1996)| ISO/IEC10181-4:1997) ICS35.100.01BSISO/IEC10181-4:1997 This British Standard, having been prepared under the directio

2、nof the DISC Board, waspublished under the authorityof the Standards Boardand comes into effect on 15 September1997 BSI09-1999 ISBN 0 580 27864 6 National foreword This British Standard reproduces verbatim ISO/IEC10181-4:1997 and implements it as the UK national standard. The UK participation in its

3、 preparation was entrusted to Technical Committee IST/21, Open Systems Interconnection, Data Management and Open Distributed Processing, which has the responsibility to: aid enquirers to understand the text; present to the responsible international/European committee any enquiries on the interpretat

4、ion, or proposals for change, and keep the UKinterests informed; monitor related international and European developments and promulgate them in the UK. A list of organizations represented on this committee can be obtained on request to its secretary. From1 January1997, all IEC publications have the

5、number60000 added to the old number. For instance, IEC27-1 has been renumbered as IEC60027-1. For a period of time during the change over from one numbering system to the other, publications may contain identifiers from both systems. Cross-references The British Standards which implement internation

6、al or European publications referred to in this document may be found in the BSI Standards Catalogue under the section entitled “International Standards Correspondence Index”, or using the “Find” facility of the BSI Standards Electronic Catalogue. A British Standard does not purport to include all t

7、he necessary provisions of a contract. Users of British Standards are responsible for their correct application. Compliance with a British Standard does not of itself confer immunity from legal obligations. Summary of pages This document comprises a front cover, an inside front cover, pages i and ii

8、, theISO/IEC title page, pagesii toiv, pages1 to22 and a back cover. This standard has been updated (see copyright date) and may have had amendments incorporated. This will be indicated in the amendment table on the inside front cover. Amendments issued since publication Amd. No. Date CommentsBSISO/

9、IEC10181-4:1997 BSI 09-1999 i Contents Page National foreword Inside front cover Foreword iii Text of ISO/IEC10181-4 1ii blankBSISO/IEC10181-4:1997 ii BSI 09-1999 Contents Page Foreword iii Introduction 1 1 Scope 1 2 Normative references 2 2.1 Identical Recommendations | International Standards 2 2.

10、2 Paired Recommendations|International Standards equivalent in technical content 2 3 Definitions 3 3.1 Basic Reference Model definitions 3 3.2 Security Architecture definitions 3 3.3 Security Frameworks Overview definitions 3 3.4 Additional definitions 4 4 Abbreviations 5 5 General discussion of Non

11、-repudiation 5 5.1 Basic concepts of Non-repudiation 5 5.2 Roles of a Trusted Third Party 5 5.3 Phases of Non-repudiation 6 5.4 Some forms of Non-repudiation services 8 5.5 Examples of OSI Non-repudiation evidence 9 6 Non-repudiation policies 9 7 Information and facilities 10 7.1 Information 10 7.2

12、Non-repudiation facilities 10 8 Non-repudiation mechanisms 13 8.1 Non-repudiation using a TTP security token (secure envelope) 13 8.2 Non-repudiation using security tokens and tamper-resistant modules 13 8.3 Non-repudiation using a digital signature 13 8.4 Non-repudiation using Time Stamping 14 8.5

13、Non-repudiation using an in-line Trusted Third Party 14 8.6 Non-repudiation using a Notary 15 8.7 Threats to Non-repudiation 15 9 Interactions with other security services and mechanisms 17 9.1 Authentication 17 9.2 Access Control 17 9.3 Confidentiality 17 9.4 Integrity 17 9.5 Audit 17 Annex A Non-r

14、epudiation in OSI Basic Reference Model 18 Annex B Non-repudiation Facilities Outline 19 Annex C Non-repudiation in store and forward systems 19 Annex D Recovery in a Non-repudiation service 20 Annex E Interaction with the Directory 21 Annex F Bibliography 22 Figure 1 Entities involved in the genera

15、tion, transfer, storage/retrieval and verification phases 7 Figure 2 Dispute Resolution phase of a Non-repudiation process 7 Descriptors: Data processing, information interchange, network interconnection, open systems interconnection, communication procedure, protection of information, security tech

16、niques.BSISO/IEC10181-4:1997 BSI 09-1999 iii Foreword ISO (the International Organization for Standardization) and IEC (theInternational Electrotechnical Commission) form the specialized system forworldwide standardization. National bodies that are members of ISO or IEC participate in the developmen

17、t of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental,

18、in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC1. Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as

19、 an International Standard requires approval by at least75% of the national bodies casting a vote. International Standard ISO/IEC10181-4 was prepared by Joint Technical Committee ISO/IEC JTC1, Information technology, Subcommittee SC21, Open systems interconnection, data management and open distribut

20、ed processing, in collaboration with ITU-T. The identical text is published as ITU-T Recommendation X.813. ISO/IEC10181 consists of the following parts, under the general title Information technology Open Systems Interconnection Security frameworks for open systems: Part1: Overwiew; Part2: Authentic

21、ation framework; Part3: Access control framework; Part4: Non-repudiation framework; Part5: Confidentiality framework; Part6: Integrity framework; Part7: Security audit and alarms framework. Annex A to Annex F of this part of ISO/IEC10181 are for information only.iv blankBSISO/IEC10181-4:1997 BSI 09-

22、1999 1 Introduction The goal of the Non-repudiation service is to collect, maintain, make available and validate irrefutable evidence concerning a claimed event or action in order to resolve disputes about the occurrence or non-occurrence of the event or action. The Non-repudiation service can be ap

23、plied in a number of different contexts and situations. The service can apply to the generation of data, the storage of data, or the transmission of data. Non-repudiation involves the generation of evidence that can be used to prove that some kind of event or action has taken place, so that this eve

24、nt or action cannot be repudiated later. In an OSI environment (see CCITT Rec. X.800 and ISO7498-2) the Non-repudiation service has two forms: Non-repudiation with proof of origin which is used to counter false denial by a sender that the data or its contents has been sent. Non-repudiation with proo

25、f of delivery which is used to counter false denial by a recipient that the data or its contents (i.e.the information that the data represents) has been received. Applications which make use of OSI protocols mayrequire other forms of the Non-repudiation service which are specific to particular class

26、es ofapplications. For example, MHS (ITU-TRec.X.402|ISO10021-2) defines the Non-repudiation of submission service, while the EDI Messaging System (see Recommendation X.435) defines the Non-repudiation of retrieval and Non-repudiation of transfer services. The concepts in this framework are not limit

27、ed to OSI communications but may be interpreted more broadly to include such uses as creation and storage of data for later use. This Recommendation|International Standard defines a general framework for the provision of a Non-repudiation service. This framework: expands upon the concepts of Non-rep

28、udiation services described in CCITT Rec. X.800 and ISO7498-2 and describes how they may be applied to Open Systems; describes alternatives for the provision of these services; and explains the relationship of these services to other security services. Non-repudiation services may require: adjudicat

29、ors who will arbitrate disputes that may arise as a result of repudiated events or actions; and Trusted Third Parties who will assure the authenticity and integrity of the data to be used for the verification of evidence. 1 Scope This Recommendation|International Standard addresses the application o

30、f security services in an Open Systems environment, where the term “OpenSystems” is taken to include areas such asDatabase, Distributed Applications, Open Distributed Processing and OSI. The Security Frameworks are concerned with defining the means of providing protection for systems and objects wit

31、hin systems, and with the interactions between systems. The Security Frameworks are not concerned with the methodology for constructing systems or mechanisms. The Security Frameworks address both data elements and sequences of operations (but not protocol elements) which are used to obtain specific

32、security services. These security services may apply to the communicating entities of systems as well as to data exchanged between systems, and to data managed by systems. This Recommendation|International Standard: defines the basic concepts of Non-repudiation; defines general Non-repudiation servi

33、ces; identifies possible mechanisms to provide the Non-repudiation services; identifies general management requirements for Non-repudiation services and mechanisms. As with other security services, Non-repudiation can only be provided within the context of a defined security policy for a particular

34、application. The definitions of security policies are outside the scope of this Recommendation|International Standard.BSISO/IEC10181-4:1997 2 BSI 09-1999 The scope of this Recommendation|International Standard does not include specification of details of the protocol exchanges which need to be perfo

35、rmed in order to achieve Non-repudiation. This Recommendation| International Standard does not describe in detail the particular mechanisms that can be used to support the Non-repudiation services nor does it give details of the supporting security management services and protocols. Some of the proc

36、edures described in this framework achieve security by the application of cryptographic techniques. This framework is not dependent on the use of a particular cryptographic or other algorithm or on particular cryptographic techniques (i.e.symmetric or asymmetric) although certain classes of Non-repu

37、diation mechanisms may depend on particular algorithm properties. Indeed it is likely, in practice, that a number of different algorithms will be used. Two entities wishing to use cryptographically-protected data must support the same cryptographic algorithm. |NOTEAlthough ISO does not standardize c

38、ryptographic algorithms, it does standardize the procedures used to register them in ISO/IEC9979. A number of different types of standard can use this framework including: 1) standards that incorporate the concept of Non-repudiation; 2) standards that specify abstract services that include Non-repud

39、iation; 3) standards that specify uses of a Non-repudiation service; 4) standards that specify the means of providing Non-repudiation within an open system architecture; and 5) standards that specify Non-repudiation mechanisms. Such standards can use this framework as follows: standards of type1),2)

40、,3),4) or5) can use the terminology of this framework; standards of type2),3),4) or5) can use the facilities defined in clause7; and standards of type5) can be based upon the classes of mechanism defined in clause8. 2 Normative references The following Recommendations and International Standards con

41、tain provisions, which through reference in this text, constitute provisions of this Recommendation|International Standard. At the time of publication, the editions indicated were valid. All Recommendations and Standards are subject to revision, and parties to agreements based on this Recommendation

42、|International Standard are encouraged to investigate the possibility of applying the most recent edition of the Recommendations and Standards listed below. Members of IEC and ISO maintain registers of currently valid International Standards. The Telecommunication Standardization Bureau of the ITU m

43、aintains a list of currently valid ITU-T Recommendations. 2.1 Identical Recommendations|International Standards ITU-T Recommendation X.200 (1994)|ISO/IEC7498-1:1994, Information technology Open Systems Interconnection Basic Reference Model: The Basic Model. ITU-T Recommendation X.509 (1993)|ISO/IEC9

44、594-8:1995, Information technology Open Systems Interconnection The Directory: Authentication framework. ITU-T Recommendation X.810 (1995)|ISO/IEC10181-1:1996, Information technology Open Systems Interconnection Security frameworks for open systems: Overview. 2.2 Paired Recommendations|International

45、 Standards equivalent in technical content CCITT Recommendation X.800 (1991), Security architecture for Open Systems Interconnection for CCITT applications. ISO7498-2:1989, Information processing systems Open Systems Interconnection Basic Reference Model Part2: Security Architecture. BSISO/IEC10181-

46、4:1997 BSI 09-1999 3 1 3 Definitions 3.1 basic reference model definitions this Recommendation|International Standard builds on concepts developed in ITU-T Rec. X.200|ISO/IEC7498-1 and makes use of the following term defined in it (N)-entity 3.2 security architecture definitions this Recommendation|

47、International Standard builds on the concepts developed in CCITT Rec. X.800 and ISO7498-2 and makes use of the following terms defined in it access control; audit (also security audit); authentication; channel; cryptographic checkvalue; cryptography; data integrity (also integrity); data origin auth

48、entication; decipherment; digital signature (also signature); encipherment; key; key management; notarization; repudiation; security audit trail (also audit trail, log); threat. 3.3 security frameworks overview definitions this Recommendation | International Standard builds on the concepts developed

49、 in ITU-T Rec. X.810|ISO/IEC10181-1 and makes use of the following terms defined in it certification authority; digital fingerprint; hash function; one-way function; private key; public key; revocation list certificate; seal; sealed; secret key; security certificate; security domain; security token; trusted third party.BSISO/IEC10181-4:1997 4 BSI 09-1999 3.4 Additional definitions For the purposes of this Recommendation|Internati