1、I National Standard of Canada CAN/CSA-ISO/IEC 11 577-97 International Standard ISO/IEC 11577:1995 (first edition, 1995-05-15) has been adopted without modification as CSA Standard CAN/CSA-ISO/IEC 11577-97, which has been approved as a National Standard of Canada by the Standards Council of Canada. I
2、SSN 03 2 7-5669 May 1997 Information technology - Open Systems Interconnection - Network layer security protocol Technologies de I information - lnterconnexion de systemes ouverls (OSl) - Protocole de securite de la couche de reseau Ref eien ce number ISO/IEC 1 1 577: 1995(E) LAssoclatlon canadienne
3、 de normalisation (CSA), sous les auspices de laquelle cette Norrne nationale a 6tB prdparde, a re$u ses lettres patentes en 1919 et son accreditation au sein du Systbme de norrnes nationales par le Conseil canadien des normes en 1973. Association daffiliation libre, sans but lucratif ni pouvoir de
4、reglementation, elle se consacre B Idlaboration de normes et h la certification. Les normes CSA reflbtent le consensus de producteurs et dusagers de partout au pays, au nornbre desquek se trouvent des fabricants, des consomrnateurs, des ddtaillants et des representants de syndicats, de corps profess
5、ionnels et dagences gouvernementales. Lutilisation des normes CSA est trbs repandue dans Iindustrie et le commerce, et leur adoption h divers ordres de Idgislation, tant municipal et provincial que fdddral, est chose courante, particulibrement dans les domaines de la sant6, de la sdcurite, du bltime
6、nt, de la construction et de Ienvironnement. Les Canadiens dun bout A Iautre du pays thmoignent de leur appui au travail de normatisation mend par la CSA en participant bhdvolement aux travaux des comites de la CSA et en appuyant ses objectifs par leurs cotisations de mernbres de soutien. Les quelqu
7、e 7000 volontaires faisanl partie des comites et les 2000 mernbres de soutien constituent Iensemble des membres de la CSA parmi lesquels ses administrateurs sont choisis. Les cotisations des membres de soutien representent une source importante de revenu pour les services de soutien 3. la normalisat
8、ion volontaire. LAssociation offre des services de certification et de mise A Iessai qui appuient et compihtent ses activites dans le domaine de Idlaboration de normes. De maniere A assurer Iintegritb de son processus de certification, IAssociation procbde de fa$on rdgulibre et continue A Iexamen et
9、 li Iinspection des produits portant la marque CSA. Outre son siege social et ses aboratoires A Etobicoke, la CSA possbde des bureaux rdgionaux dans des centres vitaux partout au Canada, de m6me que des agences dinspection et dessai dans huit pays. Depuis 1919, IAssociation a parfait les connaissanc
10、es techniques qui Iui permettent de remplir sa mission dentreprise, A savoir la CSA est un organisme de services independant dont la mission est doffrir une tribune libre et efficace pour la realisation dactivitbs facilitant Ibchange de biens et de services par lintermbdiaire de services de normalis
11、ation de certification et autres, pour rdpondre aux besoins de nos clients, tant h ldchelle nationale quinternationale. The Canadian Standards Assocfation (CSA), under whose auspices this National Standard has been produced, was chartered in 1919 and accredited by the Standards Council of Canada to
12、the National Standards system in 1973. It is a not-for-profit, nonstatutory, voluntary membership association engaged in standards development and certification activities. CSA standards reflect a national consensus of producers and users - including manufacturers, consumers, retailers, unions and p
13、rofessional organizations, and governmental agencies. The standards are used widely by industry and commerce and often adopted by municipal, provincial, and federal governments in their regulations, particularly in the fields of health, safety, building and construction, and the environment. Individ
14、uals, companies, and associations across Canada indicate their support for CSAs standards development by volunteering their time and skills to CSA Committee work and supporting the Associations objectives through sustaining memberships. The more than 7000 committee volunteers and the 2000 sustaining
15、 memberships together form CSAs total membership from which its Directors are chosen. Sustaining memberships represent a major source of income for CSAs standards development activities. The Association offers certification and testing services in support of and as an extension to its standards deve
16、lopment activities. To ensure the integrity of its certification process, the Association regularly and continually audits and inspects products that bear the CSA Mark. In addition to its head office and laboratory complex in Etobicoke, CSA has regional branch offices in major centres across Canada
17、and inspection and testing agencies in eight countries. Since 1919, the Association has developed the necessary expertise to meet its corporate mission: CSA is an independent service organization whose mission is to provide an open and effective forum for activities facilitating the exchange of good
18、s and services through the use of standards, certification and related services to meet national and international needs. Pour plus amples renseignements sur les services de la CSA, sadresser h 0 Far further information on CSA services, write to 178, boulevard Rexdale 0 178 Rexdale Boulevard Etobico
19、ke, Ontario, M9W 1R3 Canada Association canadienne de normalisation 0 Canadian Standards Association Le Consell canadlen des normes est Iorganisme de coordination du Systbme de normes nationales, une federation dorganismes independants et autonomes qui travaillent au dheloppemenl et ii Iarndlioratio
20、n de la normalisation volontaire dans Iinter8t national. Les principaux buts du Conseil sont dencourager et de promouvoir la normalisation volontaire comme moyen damdliorer 16conomie nationale, damdliorer la santk, la sbcurith et le bien- cet aspect demeure la responsabilitb de Iorganisme rhdacteur
21、de normes accr6dit6. periodiques ; cest pourquoi il est recommandd aux utilisateurs de se procurer 18dition la plus rdcente de la norme auprbs de lorganisme qui Ia prbparde. tlne Norme nationale du Canada est une norme, approuvee par le Conseil canadien des normes, qui reflbte une entente raisonnabl
22、e parmi les points de vue dun certain Lapprobation dune norme en tant que Norme nationale du Canada indique quelle est conlorme aux rn4thodes et crithres Btabtis par le Conseil canadien des norrnes. 11 est recommand6 aux personnes qui ont besoin de normes de se servir des Normes nationales du Canada
23、 lorsque la chose est possible. Ces normes font Iobjet dexamens The Standards Councll of Canada is the coordinating body of the National Standards system, a federation of independent, autonomous organizations working towards the further development and improvement of voluntary standardization in the
24、 national interest. The principal objects of the Council are to foster and promote voluntary standardization as a means of advancing the national economy, benefiting the health, safety, and welfare of the public, assisting and protecting the consumer, facilitating domestic and international trade, a
25、nd furthering international cooperation in the field of standards. A National Standard of Canada is a standard which has been approved by the Standards Council of Canada and one which reflects a reasonable agreement among the views of a number of capable individuals whose collective interests provid
26、e to the greatest practicable extent a balance of representation of producers, users, consumers, and others with relevant interests, as may be appropriate io the subject in hand. It normally is a standard which is capable of making a significant and timely contribution to the national interest. Appr
27、oval of a standard as a National Standard of Canada indicates that a standard conforms to the criteria and procedures established by the Standards Council of Canada. Approval does not refer to the technical content of the standard; this remains the continuing responsibility 01 the accredited standar
28、ds-development organization. Those who have a need to apply standards are encouraged to use National Standards of Canada whenever practicable. These standards are subject to periodic review; therefore, users are cautioned to obtain the latest edition from the organization preparing the standard. La
29、responsabititk dapprouver les Normes nationales du Canada incombe au The responsibilityfor approving National Standards of Canada rests with the Conseil canadien des normes Standards Council of Canada 45, rue OConnor, Bureau 1200 45 OConnor Street, Suite 1200 Ottawa, Ontario, K1P 6N7 Canada Les norm
30、es nationales du Canada sont publiees en versions fraryaisa et angiaise. National Standards of Canada are published in English and French. . .- Bien que le but premier vis6 par cette norm soit dnoncd sous sa rubrique Domaine dapplication, il est important de retenir quil incombe A Iutilrsateur de ju
31、ger si la norme convient B s8s besoins parficuhers. Although the intended primary application of this Standard is stated in its Scope, it is important to note that it remains the responsibility of the user to judge its suitability for their particular purpose. CAN/CSA-ISO/IC 7 1577- 97 lnformation t
32、echnology - Open Systems Interconnection - Network layer security protocol CAN/CSA-ISO/IEC 11577-97 Information technology - Open Systems Interconnection - Network layer securify protocol CSA Preface Standards development within the Information Technology sector is harmonized with international stan
33、dards development. Through the CSA Technical Committee on Information Technology (TCIT), Canadians serve as the Canadian Advisory Committee (CAC) on ISO/IEC Joint Technical Committee 1 on information Technology (ISO/IEC JTC1) for the Standards Council of Canada (SCC), the IS0 member body for Canada
34、and sponsor of the Canadian National Committee of the IEC. Also, as a mem ber of the International Telecommunication Union (ITU), Canada participates in the International Telegraph and Telephone Consultative committee (ITU-T). This International Standard was reviewed by the CSA TClT under the jurisd
35、iction of the Strategic Steering Committee on Information Technology and deemed acceptable for use in Canada. (A committee membership list is available on request from the CSA Committee Administrator.) From time to time, ISO/IEC may publish addenda, corrigenda, etc. The CSA TClT will review these do
36、cuments for approval and publication. For a listing, refer to the CSA Information Products Catalogue or CSA Info Update or contact a CSA Sales representative. This Standard has been formally approved, without modification, by these Committees and has been approved as a National Standard of Canada by
37、 the Standards Council of Canada. May 9997 0 Canadian Standards Association - 7 997. All rights reserved. No part of this publication may be reproduced in any form, in an electronic retrieval system or otherwise, without the prior permission of the publisher. ISO/IEC material is reprinted with the p
38、ermission of the publisher. Inquiries regarding this National Standard of Canada should be addressed to Canadian Standards Association, 178 Rexdale Boulevard, Etobicoke, Ontario, Canada, M9 W 7 R3. May 7997 CSA/7 I NTERNATI 0 NAL STANDARD ISO/IEC 11577 First edition 1 99 5-05-1 5 Information technol
39、ogy - Open Systems Interconnection - Network layer security protocol Technologies de Iinformation - interconnexion de systemes ouverts (OS!) - Protocole de skcurite de la couche de reseau Reference number lSO/lEC 1 1577:1995E ISOAEC 11577: 1495(E) CONTENTS 1 2 3 4 5 6 Scope Normative references . 2.
40、1 Identical Recommendations I International Standards 2.2 2.3 Additional References . Paired Recommendations I International Standards equivalent in technical content Definitions 3.1 Reference Model definitions . 3.2 Security Architecture definitions 3.3 Service Convention definitions . 3.4 Network
41、Service definitions 3.5 Internal Organisation of the Network Layer definitions . 3.6 Connectionless Network Protocol definitions . 3.7 Upper Layer Security Model definitions 3.8 Conformance Testing definitions 3.9 Additional definitions . Abbreviations . 4.1 Data Units . 4.2 Protocol Data Unit Field
42、s 4.3 Parameters . 4.4 Miscellaneous . Overview of the Protocol . 5.1 Introduction . 5.2 Overview of Services Provided 5.3 Overview of Services Assumed 5.4 Security Associations and Security Rules . 5.5 Overview of Protocol - Protection Functions . 5.4 Overview of Protocol - NLSP-CL 5.7 Overview of
43、Protocol - NLSP-CO . Protocol Functions Common to NLSP-CL and NLSP-CO 6.1 Introduction . 6.2 Common SA Attributes . 6.3 Common Functions on a Request for an Instance of Communication 6.4 Secure Data Transfer Protocol Functions . 6.5 Use of a Security Association Protocol . 0 ISO/IEC 1995 All rights
44、reserved . Unless otherwise specified. no part of this publication may be reproduced or utilized in any form or by any means. electronic or mechanical. including photocopying and microfilm. without permission in writing from the publisher . ISO/IEC Copyright Office Case postale 56 CH-1211 Genkve 20
45、Switzerland Page i 3 3 3 4 4 4 4 4 4 5 5 5 5 5 5 6 6 7 7 8 8 10 11 13 13 13 14 14 14 ii 0 ISOAEC ISOfiEC 11577:1995(E) 7 8 9 10 11 12 13 Protocol Functions FOR NLSP-CL 7.1 Services Provided by NLSP-CL . 7.2 Services Assumed . 7.3 Security Association Attributes 7.4 Checks . 7.5 In-Band SA Establishm
46、ent 7.6 Processing NLSP-UNITDATA Request . 7.7 Processing UN-UNITDATA Indication . Protocol Functions for NLSP-CO 8.1 8.2 8.3 8.4 8.5 8.6 8.7 8.8 8.9 8.10 8.11 8.12 Services Provided by NLSP-CO . Services Assumed . Security Association Attributes Checks and other Common Functions NLSP-Connect Functi
47、ons . NLSP-DATA Functions NLS P-EXPEDITED-DATA Functions RESET Functions NLSP-DATA ACKNOWLEDGE NLSP-DISCONNECT Other Functions . Peer Entity Authentication Overview of Mechanisms used 9.1 Security Services and Mechanisms . 9.2 Functions Supported . Connection security control (NLSP-CO only) . 10.1 O
48、verview . 10.2 SA-Attributes 10.3 Procedures . 10.4 CSC-PDU Fields used . SDT PDU Based encapsulation Function 11.1 Overview . 1 1.2 SA Attributes : . 1 1.3 Procedures . 1 1.4 PDU Fields used . No-Header Encapsulation Function (NLSP-CO only) . 12.1 Overview . 12.2 SA Attributes 12.3 Procedures . Str
49、ucture and Encoding of PDUS 13.1 Introduction . 13.2 Content Field Format 16 16 17 17 17 17 17 18 19 19 20 21 21 22 33 34 35 36 36 39 40 41 41 42 42 42 43 44 45 45 45 46 47 49 49 49 49 50 50 50 51 . 111 ISOflEC ll577:1995(E) 0 ISO/IEC 14 13.3 Protected Data . 13.4 Security Association PDU 13.5 Connection Security Control PDU Conformance 14.1 Static Conformance Requirements 14.2 Dynamic Conformance Requirements . 14.3 Protocol Implementation Conformance Statement . Annex A . Mapping UN primitives to CCITT Rec . X.213 I IS0 8348 . A
copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1