ImageVerifierCode 换一换
格式:PDF , 页数:56 ,大小:1.27MB ,
资源ID:586083      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-586083.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(BS ISO 20214-2015 Space data and information transfer systems Security architecture for space data systems《空间数据和信息传输系统 空间数据系统的安全架构》.pdf)为本站会员(arrownail386)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

BS ISO 20214-2015 Space data and information transfer systems Security architecture for space data systems《空间数据和信息传输系统 空间数据系统的安全架构》.pdf

1、BSI Standards PublicationBS ISO 20214:2015Space data and informationtransfer systems Securityarchitecture for space datasystemsBS ISO 20214:2015 BRITISH STANDARDNational forewordThis British Standard is the UK implementation of ISO 20214:2015. The UK participation in its preparation was entrusted to

2、 Technical Committee ACE/68, Space systems and operations.A list of organizations represented on this committee can be obtained on request to its secretary.This publication does not purport to include all the necessary provisions of a contract. Users are responsible for its correct application. The

3、British Standards Institution 2015.Published by BSI Standards Limited 2015ISBN 978 0 580 87913 5 ICS 49.140 Compliance with a British Standard cannot confer immunity from legal obligations.This British Standard was published under the authority of the Standards Policy and Strategy Committee on 31 De

4、cember 2015.Amendments/corrigenda issued since publicationDate T e x t a f f e c t e dBS ISO 20214:2015 ISO 2015Space data and information transfer systems Security architecture for space data systemsSystmes de transfert des informations et donnes spatiales Architecture de scurit pour les systmes de

5、 donnes spatialesINTERNATIONAL STANDARDISO20214First edition2015-08-15Reference numberISO 20214:2015(E)BS ISO 20214:2015ISO 20214:2015(E)ii ISO 2015 All rights reservedCOPYRIGHT PROTECTED DOCUMENT ISO 2015, Published in SwitzerlandAll rights reserved. Unless otherwise specified, no part of this publ

6、ication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below or ISOs member body in the coun

7、try of the requester.ISO copyright officeCh. de Blandonnet 8 CP 401CH-1214 Vernier, Geneva, SwitzerlandTel. +41 22 749 01 11Fax +41 22 749 09 47copyrightiso.orgwww.iso.orgBS ISO 20214:2015ISO 20214:2015(E) ISO 2015 All rights reserved iiiForeword ISO (the International Organization for Standardizati

8、on) is a worldwide federation of national standards bodies (ISO member bodies). The work of preparing International Standards is normally carried out through ISO technical committees. Each member body interested in a subject for which a technical committee has been established has the right to be re

9、presented on that committee. International organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization. International Standards

10、are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of technical committees is to prepare International Standards. Draft International Standards adopted by the technical committees are circulated to the member bodies for voting. Publication as an Internati

11、onal Standard requires approval by at least 75 % of the member bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO shall not be held responsible for identifying any or all such patent rights. ISO 20214 was p

12、repared by the Consultative Committee for Space Data Systems (CCSDS) (as CCSDS 351.0-M-1, November 2012) and was adopted (without modifications except those stated in clause 2 of this International Standard) by Technical Committee ISO/TC 20, Aircraft and space vehicles, Subcommittee SC 13, Space dat

13、a and information transfer systems. BS ISO 20214:2015BS ISO 20214:2015Recommendation for Space Data System Practices SECURITY ARCHITECTURE FOR SPACE DATA SYSTEMS RECOMMENDED PRACTICE CCSDS 351.0-M-1 MAGENTA BOOK November 2012 BS ISO 20214:2015SECURITY ARCHITECTURE FOR SPACE DATA SYSTEMS CCSDS 351.0-

14、M-1 Page i November 2012 AUTHORITY Issue: Recommended Practice, Issue 1 Date: November 2012 Location: Washington, DC, USA This document has been approved for publication by the Management Council of the Consultative Committee for Space Data Systems (CCSDS) and represents the consensus technical agre

15、ement of the participating CCSDS Member Agencies. The procedure for review and authorization of CCSDS documents is detailed in Organization and Processes for the Consultative Committee for Space Data Systems (CCSDS A02.1-Y-3), and the record of Agency participation in the authorization of this docum

16、ent can be obtained from the CCSDS Secretariat at the address below. This document is published and maintained by: CCSDS Secretariat Space Communications and Navigation Office, 7L70 Space Operations Mission Directorate NASA Headquarters Washington, DC 20546-0001, USA ISO 20214:2015(E) ISO 2015 All r

17、ights reservedBS ISO 20214:2015SECURITY ARCHITECTURE FOR SPACE DATA SYSTEMS CCSDS 351.0-M-1 Page ii November 2012 STATEMENT OF INTENT The Consultative Committee for Space Data Systems (CCSDS) is an organization officially established by the management of its members. The Committee meets periodically

18、 to address data systems problems that are common to all participants, and to formulate sound technical solutions to these problems. Inasmuch as participation in the CCSDS is completely voluntary, the results of Committee actions are termed Recommendations and are not in themselves considered bindin

19、g on any Agency. CCSDS Recommendations take two forms: Recommended Standards that are prescriptive and are the formal vehicles by which CCSDS Agencies create the standards that specify how elements of their space mission support infrastructure shall operate and interoperate with others; and Recommen

20、ded Practices that are more descriptive in nature and are intended to provide general guidance about how to approach a particular problem associated with space mission support. This Recommended Practice is issued by, and represents the consensus of, the CCSDS members. Endorsement of this Recommended

21、 Practice is entirely voluntary and does not imply a commitment by any Agency or organization to implement its recommendations in a prescriptive sense. No later than five years from its date of issuance, this Recommended Practice will be reviewed by the CCSDS to determine whether it should: (1) rema

22、in in effect without change; (2) be changed to reflect the impact of new technologies, new requirements, or new directions; or (3) be retired or canceled. In those instances when a new version of a Recommended Practice is issued, existing CCSDS-related member Practices and implementations are not ne

23、gated or deemed to be non-CCSDS compatible. It is the responsibility of each member to determine when such Practices or implementations are to be modified. Each member is, however, strongly encouraged to direct planning for its new Practices and implementations towards the later version of the Recom

24、mended Practice. ISO 20214:2015(E) ISO 2015 All rights reservedBS ISO 20214:2015SECURITY ARCHITECTURE FOR SPACE DATA SYSTEMS CCSDS 351.0-M-1 Page iii November 2012 FOREWORD Through the process of normal evolution, it is expected that expansion, deletion, or modification of this document may occur. T

25、his Recommended Practice is therefore subject to CCSDS document management and change control procedures, which are defined in the Organization and Processes for the Consultative Committee for Space Data Systems (CCSDS A02.1-Y-3). Current versions of CCSDS documents are maintained at the CCSDS Web s

26、ite: http:/www.ccsds.org/ Questions relating to the contents or status of this document should be addressed to the CCSDS Secretariat at the address indicated on page i. ISO 20214:2015(E) ISO 2015 All rights reservedBS ISO 20214:2015SECURITY ARCHITECTURE FOR SPACE DATA SYSTEMS CCSDS 351.0-M-1 Page iv

27、 November 2012 DOCUMENT CONTROL Document Title Date Status CCSDS 351.0-M-1 Security Architecture for Space Data Systems, Recommended Practice, Issue 1 November 2012 Original issue ISO 20214:2015(E) ISO 2015 All rights reservedBS ISO 20214:2015SECURITY ARCHITECTURE FOR SPACE DATA SYSTEMS CCSDS 351.0-

28、M-1 Page v November 2012 CONTENTS Section Page 1 INTRODUCTION 1-1 1.1 PURPOSE AND SCOPE 1-1 1.2 DOCUMENT STRUCTURE . 1-2 1.3 GLOSSARY OF TERMS . 1-3 1.4 NOMENCLATURE . 1-3 2 THE CCSDS REFERENCE ARCHITECTURE 2-1 2.1 INTRODUCTION 2-1 2.2 BACKGROUND 2-1 2.3 CCSDS REFERENCE ARCHITECTURE . 2-1 3 GENERAL

29、SECURITY PRINCIPLES . 3-1 3.1 GENERAL 3-1 3.2 PHYSICAL SECURITY 3-1 3.3 INFORMATION SECURITY 3-1 3.4 TRANSMISSION SECURITY 3-2 3.5 PROCEDURES 3-2 3.6 MISSION SECURITY DOCUMENTATION . 3-2 4 SECURITY AND THE CCSDS REFERENCE ARCHITECTURE . 4-1 4.1 OVERVIEW . 4-1 4.2 SECURITY AND THE ENTERPRISE VIEW 4-1

30、 4.3 SECURITY AND THE CONNECTIVITY VIEW 4-3 4.4 SECURITY AND THE FUNCTIONAL VIEW . 4-5 4.5 SECURITY AND THE INFORMATION VIEW 4-7 4.6 SECURITY AND THE COMMUNICATIONS VIEW . 4-9 5 SECURITY ARCHITECTURE PRINCIPLES 5-1 5.1 OVERVIEW . 5-1 5.2 OPEN STANDARDS . 5-1 5.3 PROTECTION THROUGH LAYERED SECURITY M

31、ECHANISMS . 5-1 5.4 EXPANDABILITY 5-1 5.5 FLEXIBILITY 5-1 5.6 INTEROPERABILITY 5-1 5.7 KEY MANAGEMENT 5-2 5.8 ENCRYPTION ALGORITHM SELECTION . 5-2 ISO 20214:2015(E) ISO 2015 All rights reservedBS ISO 20214:2015SECURITY ARCHITECTURE FOR SPACE DATA SYSTEMS CCSDS 351.0-M-1 Page vi November 2012 CONTENT

32、S (continued) Section Page 5.9 KERCKHOFFS PRINCIPLE 5-2 5.10 FAULT TOLERANCE . 5-2 6 MISSION PROFILES . 6-1 6.1 OVERVIEW . 6-1 6.2 GENERAL 6-1 6.3 HUMAN SPACEFLIGHT 6-1 6.4 EARTH OBSERVATION 6-2 6.5 COMMUNICATIONS . 6-2 6.6 SCIENTIFIC . 6-2 6.7 NAVIGATION . 6-3 6.8 MULTI-ORGANIZATIONAL SPACECRAFT 6-

33、4 7 PROPOSED ARCHITECTURE 7-1 7.1 REQUIREMENTS 7-1 7.2 SERVICES 7-1 7.3 PROPOSED SECURITY ARCHITECTURE 7-2 7.4 CCSDS SECURITY CORE SUITE . 7-3 7.5 SECURITY CORE SUITE CONFIGURATION . 7-6 7.6 EXPANDABILITY 7-8 7.7 EMERGENCY OPERATIONS 7-10 ANNEX A SECURITY CONSIDERATIONS (INFORMATIVE) . A-1 ANNEX B I

34、NFORMATIVE REFERENCES (INFORMATIVE) .B-1 ANNEX C ABBREVIATIONS AND ACRONYMS (INFORMATIVE) C-1 Figure 1-1 Relationship between This and Other CCSDS Documentation . 1-2 4-1 Enterprise View 4-2 4-2 Connectivity View and Example Security Application Points . 4-4 4-3 Example Analysis of the Functional Vi

35、ew (Functions with Specific Security Requirements Shown in Red) . 4-6 4-4 Information View and Security Implications . 4-7 4-5 Communications View and Security Layer Choices 4-9 7-1 CCSDS Space Mission Protocols and Security Options 7-4 7-2 CCSDS Security Core Suite . 7-6 ISO 20214:2015(E) ISO 2015

36、All rights reservedBS ISO 20214:2015SECURITY ARCHITECTURE FOR SPACE DATA SYSTEMS CCSDS 351.0-M-1 Page vii November 2012 CONTENTS (continued) Figure Page 7-3 Example Security Architecture for Mission 1 7-8 7-4 Security Architecture for a Simple Mission, Which Uses Only the Network Layer Security Subs

37、ystem from the Core Suite . 7-9 7-5 A Simple Mission Using Its Own Transport Layer Security 7-10 ISO 20214:2015(E) ISO 2015 All rights reservedBS ISO 20214:2015SECURITY ARCHITECTURE FOR SPACE DATA SYSTEMS CCSDS 351.0-M-1 Page 1-1 November 2012 1 INTRODUCTION 1.1 PURPOSE AND SCOPE 1.1.1 PURPOSE This

38、document is intended as a high-level systems engineering reference to enable engineers to better understand the layered security concepts required to secure a space system. As such, this document is a Security Architecture for Space Data Systems (SASDS). This architecture uses the views described in

39、 the Reference Architecture for Space Data Systems (reference B1) developed by the CCSDS Architecture Working Group. The SASDS will be used: to establish an overall CCSDS conceptual framework for the incorporation of security into the data systems of space missions; to define common language and rep

40、resentation so that risks, requirements, and solutions in the area of security within space data systems can be readily communicated; to provide a source of information for the security architects on a space mission to use to develop the system security design; to facilitate development of standards

41、 in a consistent way so that any standard can be used with other appropriate standards in a system. 1.1.2 SCOPE This document presents a security reference architecture for space data systems and is intended to provide a standardized approach for description of security within data system architectu

42、res and high-level designs, which individual working groups may use within CCSDS. For further information regarding securitys role in space systems, the reader is directed to the supporting CCSDS documentation listed in annex B. ISO 20214:2015(E) ISO 2015 All rights reservedBS ISO 20214:2015SECURITY

43、 ARCHITECTURE FOR SPACE DATA SYSTEMS CCSDS 351.0-M-1 Page 1-2 November 2012 1.1.3 RELATIONSHIP WITH OTHER CCSDS DOCUMENTS The relationship between this and other CCSDS documents is shown in figure 1-1 below: Figure 1-1: Relationship between This and Other CCSDS Documentation 1.2 DOCUMENT STRUCTURE S

44、ection 2 provides an introduction into how the security architecture uses the Reference Architecture for Space Data Systems (RASDS). Section 3 discusses the security concepts that need to be addressed by any security architecture. Section 4 examines the security concepts and shows how the CCSDS arch

45、itecture outlined in sections 2 and 3 relate to each other. Section 5 establishes high-level principles and the scope that the security architecture addresses. Section 6 illustrates a series of mission profiles which help identify where security is required, what the issues are, and what solutions a

46、re applicable. Section 7 specifies the security reference architecture. Annex A addresses security considerations pertaining to use of this Recommended Practice for developing real security architectures for missions. Annex B lists informative references. Annex C is a glossary of abbreviations and a

47、cronyms used in the document. ISO 20214:2015(E) ISO 2015 All rights reservedBS ISO 20214:2015SECURITY ARCHITECTURE FOR SPACE DATA SYSTEMS CCSDS 351.0-M-1 Page 1-3 November 2012 1.3 GLOSSARY OF TERMS A full glossary of security terms used within this document is available in reference B9. 1.4 NOMENCL

48、ATURE 1.4.1 NORMATIVE TEXT The following conventions apply for the normative specifications in this Recommended Standard: a) the words shall and must imply a binding and verifiable specification; b) the word should implies an optional, but desirable, specification; c) the word may implies an optiona

49、l specification; d) the words is, are, and will imply statements of fact. NOTE These conventions do not imply constraints on diction in text that is clearly informative in nature. 1.4.2 INFORMATIVE TEXT In the normative sections of this document, informative text is set off from the normative specifications either in notes or under one of the following subsection headings: Overview; Background; Rationale; Discussion. ISO 20214:2015(E) ISO 2015 All rights reservedBS ISO 20214:2015SECURITY ARCHITECT

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1