ImageVerifierCode 换一换
格式:PDF , 页数:8 ,大小:120.23KB ,
资源ID:433391      下载积分:5000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-433391.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ANSI ATIS 0300074-2015 Guidelines and Requirements for Security Management Systems.pdf)为本站会员(刘芸)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ANSI ATIS 0300074-2015 Guidelines and Requirements for Security Management Systems.pdf

1、 AMERICAN NATIONAL STANDARD FOR TELECOMMUNICATIONS ATIS-0300074.2015 Guidelines and Requirements for Security Management Systems As a leading technology and solutions development organization, the Alliance for Telecommunications Industry Solutions (ATIS) brings together the top global ICT companies

2、to advance the industrys most pressing business priorities. ATIS nearly 200 member companies are currently working to address the All-IP transition, network functions virtualization, big data analytics, cloud services, device solutions, emergency services, M2M, cyber security, network evolution, qua

3、lity of service, billing support, operations, and much more. These priorities follow a fast-track development lifecycle from design and innovation through standards, specifications, requirements, business use cases, software toolkits, open source solutions, and interoperability testing. ATIS is accr

4、edited by the American National Standards Institute (ANSI). The organization is the North American Organizational Partner for the 3rd Generation Partnership Project (3GPP), a founding Partner of the oneM2M global initiative, a member of and major U.S. contributor to the International Telecommunicati

5、on Union (ITU), as well as a member of the Inter-American Telecommunication Commission (CITEL). For more information, visit www.atis.org. AMERICAN NATIONAL STANDARD Approval of an American National Standard requires review by ANSI that the requirements for due process, consensus, and other criteria

6、for approval have been met by the standards developer. Consensus is established when, in the judgment of the ANSI Board of Standards Review, substantial agreement has been reached by directly and materially affected interests. Substantial agreement means much more than a simple majority, but not nec

7、essarily unanimity. Consensus requires that all views and objections be considered, and that a concerted effort be made towards their resolution. The use of American National Standards is completely voluntary; their existence does not in any respect preclude anyone, whether he has approved the stand

8、ards or not, from manufacturing, marketing, purchasing, or using products, processes, or procedures not conforming to the standards. The American National Standards Institute does not develop standards and will in no circumstances give an interpretation of any American National Standard. Moreover, n

9、o person shall have the right or authority to issue an interpretation of an American National Standard in the name of the American National Standards Institute. Requests for interpretations should be addressed to the secretariat or sponsor whose name appears on the title page of this standard. CAUTI

10、ON NOTICE: This American National Standard may be revised or withdrawn at any time. The procedures of the American National Standards Institute require that action be taken periodically to reaffirm, revise, or withdraw this standard. Purchasers of American National Standards may receive current info

11、rmation on all standards by calling or writing the American National Standards Institute. Notice of Disclaimer & Limitation of Liability The information provided in this document is directed solely to professionals who have the appropriate degree of experience to understand and interpret its content

12、s in accordance with generally accepted engineering or other professional standards and applicable regulations. No recommendation as to products or vendors is made or should be implied. NO REPRESENTATION OR WARRANTY IS MADE THAT THE INFORMATION IS TECHNICALLY ACCURATE OR SUFFICIENT OR CONFORMS TO AN

13、Y STATUTE, GOVERNMENTAL RULE OR REGULATION, AND FURTHER, NO REPRESENTATION OR WARRANTY IS MADE OFMERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR AGAINST INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS. ATIS SHALL NOT BE LIABLE, BEYOND THE AMOUNT OF ANY SUM RECEIVED IN PAYMENT BY ATIS FOR THIS

14、DOCUMENT, AND IN NO EVENT SHALL ATIS BE LIABLE FOR LOST PROFITS OR OTHER INCIDENTAL OR CONSEQUENTIAL DAMAGES. ATIS EXPRESSLY ADVISES THAT ANY AND ALL USE OF OR RELIANCE UPON THE INFORMATION PROVIDED IN THIS DOCUMENT IS AT THE RISK OF THE USER. NOTE - The users attention is called to the possibility

15、that compliance with this standard may require use of an invention covered by patent rights. By publication of this standard, no position is taken with respect to whether use of an invention covered by patent rights will be required, and if any such use is required no position is taken regarding the

16、 validity of this claim or any patent rights in connection therewith. Please refer to http:/www.atis.org/legal/patentinfo.asp to determine if any statement has been filed by a patent holder indicating a willingness to grant a license either without compensation or on reasonable and non-discriminator

17、y terms and conditions to applicants desiring to obtain a license. ATIS-0300074.2015, Guidelines and Requirements for Security Management Systems Is an American National Standard developed by the ATIS Telecom Management and Operations Committee (TMOC). Published by Alliance for Telecommunications In

18、dustry Solutions 1200 G Street, NW, Suite 500 Washington, DC 20005 Copyright 2015 by Alliance for Telecommunications Industry Solutions All rights reserved. No part of this publication may be reproduced in any form, in an electronic retrieval system or otherwise, without the prior written permission

19、 of the publisher. For information contact ATIS at 202.628.6380. ATIS is online at . ATIS-0300074.2015 Revision of ATIS-0300074.2009 American National Standard for Telecommunications Guidelines and Requirements for Security Management Systems Alliance for Telecommunications Industry Solutions Approv

20、ed January 7, 2015 American National Standards Institute, Inc. Abstract This standard aligns with the relevant ITU-T Recommendation M.3410, Guidelines and Requirements for Security Management Systems to Support Telecommunications Management. ATIS-0300074.2015 ii Foreword The information contained in

21、 this Foreword is not part of this American National Standard (ANS) and has not been processed in accordance with ANSIs requirements for an ANS. As such, this Foreword may contain material that has not been subjected to public review or a consensus process. In addition, it does not contain requireme

22、nts necessary for conformance to the standard. The Alliance for Telecommunication Industry Solutions (ATIS) serves the public through improved understanding between providers, customers, and manufacturers. The Telecom Management and Operations Committee (TMOC) develops operations, administration, ma

23、intenance and provisioning standards, and other documentation related to Operations Support System (OSS) and Network Element (NE) functions and interfaces for communications networks - with an emphasis on standards development related to U.S.A. communication networks in coordination with the develop

24、ment of international standards. ANSI guidelines specify two categories of requirements: mandatory and recommendation. The mandatory requirements are designated by the word SHALL and recommendations by the word SHOULD. Where both a mandatory requirement and a recommendation are specified for the sam

25、e criterion, the recommendation represents a goal currently identifiable as having distinct compatibility or performance advantages. Suggestions for improvement of this standard are welcome. They should be sent to the Alliance for Telecommunications Industry Solutions, TMOC 1200 G Street NW, Suite 5

26、00, Washington, DC 20005. At the time it approved this standard, TMOC, which is responsible for the development of this standard, had the following members: T. Barrett, TMOC Chair (AT&T) S. Kiewel, TMOC Vice Chair (iconectiv) T. Barrett, Technical Editor (AT&T) AMERICAN NATIONAL STANDARD ATIS-030007

27、4.2015 American National Standard for Telecommunications Guidelines and Requirements for Security Management Systems 1 1 Scope, Purpose, & Application 1.1 Scope It is the intention of this standard to use and align with the relevant ITU-T Recommendation. This alignment effort consists of adopting IT

28、U-T Recommendation M.3410, Guidelines and Requirements for Security Management Systems to Support Telecommunications Management. M.3410 specifies the functional requirements of a security management system (SMS) that offers a centralized view for control and security oversight of a Telecommunication

29、s Service Providers infrastructure. Because different administrations and organizations require varying levels of security support, M.3410 does not specify whether a requirement is mandatory or optional. The proforma found in Annex A of M.3410 is provided to assist administrations and other national

30、/international organizations to specify the mandatory and optional support of the requirements. The proforma is specified using the numbered requirements from M.3410. Table A.1/M.3410 contains the requirements from M.3410. According to M.3410, the user (of M.3410) should complete the other columns a

31、ccording to the guidelines provided. TMOC (as the user of M.3410) has completed this table (proforma) as shown in Annex A of this standard. 2 Normative References The following standards contain provisions which, through reference in this text, constitute provisions of this American National Standar

32、d. At the time of publication, the editions indicated were valid. All standards are subject to revision, and parties to agreements based on this American National Standard are encouraged to investigate the possibility of applying the most recent editions of the standards indicated below. ITU-T Recom

33、mendation M.3410, Guidelines and Requirements for Security Management Systems to Support Telecommunications Management.11This document is available from the International Telecommunications Union. ATIS-0300074.2015 2 Annex A (informative) Table A. 1 - M.3410: Proforma for requirements in ITU-T Recom

34、mendation M.3410 (completed by TMOC) Security Requirement Status Comments SEC-1 m SEC-2 m TLSv1 is preferred over SSLv2, SSLv2c and SSLv3 SEC-3 m SEC-4 m Preference is a) then b) or c): a) Any command line interface application protocol should rely on IPsec based authentication and confidentiality.

35、b) Any command line interface application protocol over TCP should rely on TLSv1 or SSH based authentication and confidentiality. c) Any command line interface application protocol over UDP should rely on DTLSv1 based authentication and confidentiality. SEC-5 m SEC-6 m SEC-7 m SEC-8 m SEC-9 m SEC-10

36、 m SEC-11 m SEC-12 m SEC-13 m SEC-14 m SEC-15 m SEC-16 m SEC-17 m SEC-18 m SEC-19 m SEC-20 m SEC-21 m SEC-22 m SEC-23 m SEC-24 m ATIS-0300074.2015 3 Security Requirement Status Comments SEC-25 m SEC-26 m SEC-27 o SEC-28 m SEC-29 m SEC-30 m SEC-31 m SEC-32 m SEC-33 m SEC-34 o Predefined reports are c

37、onsidered mandatory, whereas definable report capabilities are considered optional. SEC-35 m SEC-36 m SEC-37 m SEC-38 m SEC-39 m SEC-40 m SEC-41 m SEC-42 m SEC-43 m SEC-44 m SEC-45 m SEC-46 m SEC-47 m SEC-48 m SEC-49 m SEC-50 m SEC-51 m SEC-52 m SEC-53 m SEC-54 m SEC-55 m SEC-56 m ATIS-0300074.2015

38、4 Security Requirement Status Comments SEC-57 m SEC-58 m SEC-59 m SEC-60 m SEC-61 m SEC-62 m SEC-63 m SEC-64 m Additional attributes within the security management information based may be included beyond those mandated in this requirement. SEC-65 m SEC-66 m SEC-67 m SEC-68 m SEC-69 m SEC-70 o SEC-71 m SEC-72 m SEC-73 m SEC-74 m SEC-75 m

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1