CAN CSA-ISO IEC 11586-4-2000 Information technology - Open Systems Interconnection - Generic upper layers security Protecting transfer syntax specification.pdf

1、National Standard of Canada CAN/CSA-ISOBEC 11 586-4-00 (ISO/IEC 11586-4:1996) CSA I NT E RN AT1 0 NAL / 1 ISO/IEC 1158641996 (first edition, 1996-06-01) has been adopted without modification as CSA Standard CAN/CSA-ISO/IEC 115864-00, which has been approved as a National Standard of Canada by the St

2、andards Council of Canada. ISBN 1-55324-048-0 March 2000 information technology - Open Systems Interconnection - Generic upper layers security: Protecting transfer syntax specification Technologies de Iinformation - lnterconnexion de systemes ouverts (OS/) - Securite des couches superieures generiqu

3、es: Sp6cification.s pour la syntaxe de transfeert de protection Reference number ISO/IEC 11 586-4:1996(E) The Canadian Standards Association, which operates under the name CSA International (CSA), under whose auspices this National Standard has been produced, was chartered in 191 4 and accredited by

4、 the Standards Council of Canada to the National Standards system in 1973. It is a not-for-profit, nonstatutory, voluntary membership association engaged in standards development and certification activities. and users - including manufacturers, consumers, retailers, unions and professional organiza

5、tions, and governmental agencies. The standards are used widely by industry and commerce and often adopted by municipal, provincial, and federal governments in their regulations, particularly in the fields of health, safety, building and construction, and the environment. indicate their support for

6、CSAs standards development by volunteering their time and skills to CSA Committee work and supporting the Associations objectives through sustaining memberships. The more than 7000 committee volunteers and the 2000 sustaining memberships together form CSAs total membership from which its Directors a

7、re chosen. Sustaining memberships represent a major source of income for CSAs standards development activities. in support of and as an extension to its standards development activities. To ensure the integrity of its certification process, the Association regularly and continually audits and inspec

8、ts products that bear the CSA Mark. Toronto, CSA has regional branch offices in major centres across Canada and inspection and testing agencies in eight countries. Since 191 9, the Association has developed the necessary expertise to meet its corporate mission: CSA is an independent service organiza

9、tion whose mission is to provide an open and effective forum for activities facilitating the exchange of goods and services through the use of standards, certification and related services to meet national and international needs. For futher information on CSA services, write to CSA International 17

10、8 Rexdale Boulevard Toronto, Ontario, M9W 1 R3 Canada CSA standards reflect a national consensus of producers Individuals, companies, and associations across Canada The Association offers certification and testing services In addition to its head office and laboratory complex in The Standards Counci

11、l of Canada is the coordinating body of the National Standards system, a federation of independent, autonomous organizations working towards the further development and improvement of voluntary standardization in the national interest. The principal objects of the Council are to foster and promote v

12、oluntary standardization as a means of advancing the national economy, benefiting the health, safety, and welfare of the public, assisting and protecting the consumer, facilitating domestic and international trade, and furthering international cooperation in the field of standards. has been approved

13、 by the Standards Council of Canada and one which reflects a reasonable agreement among the views of a number of capable individuals whose collective interests provide to the greatest practicable extent a balance of representation of producers, users, consumers, and others with relevant interests, a

14、s may be appropriate to the subject in hand. It normally is a standard which is capable of making a significant and timely contribution to the national interest. Approval of a standard as a National Standard of Canada indicates that a standard conforms to the criteria and procedures established by t

15、he Standards Council of Canada. Approval does not refer to the technical content of the standard; this remains the continuing responsibility of the accredited standards-development organization. Those who have a need to apply standards are encouraged to use National Standards of Canada whenever prac

16、ticable. These standards are subject to periodic review; therefore, users are cautioned to obtain the latest edition from the organization preparing the standard. The responsibility for approving National Standards of Canada rests with the Standards Council of Canada 45 OConnor Street, Suite 1200 Ot

17、tawa, Ontario, K1 P 6N7 Canada A National Standard of Canada is a standard which CSA INTERNATIONAL c . Les normes nationales du Canada sont publi6es en versions frangaise et anglaise. Although the intended primary application of this Standard is stated in its Scope, it is important to note that it r

18、emains the responsibility of the users to judge its suitability for their particular purpose. CAN/CSA-ISO/lEC 1 7 586-4-00 Information technology - Open Systems Interconnection - Generic upper layers security: Protecting transfer syntax specification CAN/CSA-ISO/IEC 1 1586-4-00 Information technoZog

19、y - Open Systems Interconnection - Generic upper layers security: Protecting transfer syntax specification CSA Preface Standards development within the Information Technology sector is harmonized with international standards development. Through the CSA Technical Committee on Information Technology

20、(TCIT), Canadians serve as the Canadian Advisory Committee (CAC) on ISO/IEC Joint Technical Committee 1 on Information Technology (ISO/IEC JTCI ) for the Standards Council of Canada (SCC), the IS0 member body for Canada and sponsor of the Canadian National Committee of the IEC. Also, as a member of

21、the International Telecommunication Union (ITU), Canada participates in the International Telegraph and Telephone Consu I tative Co m mi ttee (ITU-T). This International Standard was reviewed by the CSA TClT under the jurisdiction of the Strategic Steering Committee on Information Technology and dee

22、med acceptable for use in Canada. (A committee membership fist is available on request from the CSA Project Manager.) From time to time, ISO/IEC may publish addenda, corrigenda, etc. The CSA TClT will review these documents for approval and publication. For a listing, refer to the CSA Information Pr

23、oducts catalogue or CSA Info Update or contact a CSA Sales representative. This Standard has been formally approved, without modification, by these Committees and has been approved as a National Standard of Canada by the Standards Council of Canada. March 2000 0 CSA International - 2000 All rights r

24、eserved. No part of this publication may be reproduced in any form whatsoever without the prior permission of the publisher. ISO/IEC material is reprinted with permission. Inquiries regarding this National Standard of Canada should be addressed to CSA International, 178 Rexdale Boulevard, Toronto, O

25、ntario, M9 W 7 R3. March 2000 CSA/I . I NT E R N AT I 0 N A L STANDARD ISO/IEC I 1586-4 First edition 1996-06-01 Information technology - Open Systems Interconnection - Generic upper layers security: Protecting transfer syntax specification Technologies de lhformation - lnterconnexion de systemes ou

26、verts (OSI) - Securite des couches superieures generiques: Specifications pour /a syntaxe de transfert de protection Reference number ISO/IEC 1 1586-411 996iEf ISO/IEC 11586-4: 1996(E) Contents 1 2 3 4 5 6 7 8 9 10 Scope Normative references . 2 . I Identical Recommendations I International Standard

27、s Definitions Abbreviations . General overview . 5.1 Model of a protecting transfer syntax . 5.2 Initial encoding rules . 5.3 Security transformation . 5.4 Syntax structure Data structures for a protecting transfer syntax Incorporation into underlying protocol Synchronization procedures . Object ide

28、ntifier assignment . Conformance Page 1 1 1 2 2 2 3 3 4 4 4 5 6 6 6 0 ISO/IEC 1996 All rights reserved . Unless otherwise specified. no part of this publication may be reproduced or utilized in any form or by any means. electronic or mechanical. including photocopying and microfilm. without permissi

29、on in writing from the publisher . ISO/IEC Copyright Office Case postale 56 CH- 121 1 Genkve 20 Switzerland 11 0 ISO/IEC ISO/IEC 11586-4: 1996( E) Foreword IS0 (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for

30、 worldwide standardization. National bodies that are members of IS0 or IEC participate in the development of InternationaI Standards through technical committees established by the respective organization to deal with particular fields of technical activity. IS0 and IEC technical committees collabor

31、ate in fields of mutua1 interest. Other international organizations, governmental and non- governmental, in liaison with IS0 and IEC, also take part in the work. In the field of information technology, IS0 and IEC have established a joint technical committee, ISOffEC JTC 1. Draft International Stand

32、ards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote. International Standard ISO/IEC 1 1586-4 was prepared by Joint Technical Committee ISO/IEC JTC

33、 1, Information technology, Subcommittee SC 21, Open systems interconnection, data management and open distributed processing, in collaboration with ITU-T. The identical text is pubIished as ITU-T Recommendation X.833. ISO/IEC 11586 consists of the following parts, under the general title Informatio

34、n technology - Open Systems interconnection - Generic upper layers securit).: - Part I: Overview, models and notation - Part 2: Securib Exchange Service Element (SESE) service definition - Part 3: Securiry Exchange Service Element (SESE) protocol specification - Part 4: Protecting transfer syntax sp

35、ecification I Part 5: SecuriQ Exchange Service Element Protocol Implementation Conformance Statement (PICS) proforma Part 6: Protecting transfer syntax Protocol Implementation Conformance Statement (PICS) proforma - . 111 ISO/IEC 11586-4: 1996(E) 0 ISO/IEC Introduction This Recommendation I Internat

36、ional Standard forms part of a series of Recommendations I International Standards, which provide(s) a set of facilities to aid the construction of Upper Layers protocols which support the provision of security services. The parts are as follows: - Part 1: Overview, Models and Notation; - - - - - Pa

37、rt 2: Security Exchange Service Element Service Definition; Part 3: Security Exchange Service Element Protocol Specification; Part 4: Protecting Transfer Syntax Specification; Part 5: Security Exchange Service Element PICS Proforma; Part 6: Protecting Transfer Syntax PICS Proforma. This Recommendati

38、on I International Standard constitutes Part 3 of this series. iv ISO/IEC 11586-4 : 1996 (E) INTERNATIONAL STANDARD ITU-T RECOMMENDATION 1 INFORMATION TECHNOLOGY - OPEN SYSTEMS INTERCONNECTION - GENERIC UPPER LAYERS SECURITY: PROTECTING TRANSFER SYNTAX SPECIFICATION Scope 1.1 provision of security s

39、ervices in OS1 applications. These include: This series of Recommendations I International Standards defines a set of generic facilities to assist in the a set of notational tools to support the specification of selective field protection requirements in an abstract syntax specification, and to supp

40、ort the specification of security exchanges and security transformations; a service definition, protocol specification and PICS proforma for an application-service-element (ASE) to support the provision of security services within the Application Layer of OSI; a) b) c) a specification and PICS profo

41、rma for a security transfer syntax, associated with Presentation Layer support for security services in the Application Layer. 1.2 This Recommendation I International Standard defines the protecting transfer syntax, associated with Presentation Layer support for security services in the Application

42、Layer. 2 Normative references The following Recommendations and InternationaI Standards contain provisions which, through reference in this text, constitute provisions of this Recommendation I International Standard. At the time of publication, the editions indicated were valid. All Recornmendations

43、 and Standards are subject to revision, and parties to agreements based on this Recommendation I International Standard are encouraged to investigate the possibility of applying the most recent edition of the Recommendations and Standards listed below. Members of IEC and IS0 maintain registers of cu

44、rrently valid International Standards. The Telecommunication Standardization Bureau of the ITU maintains a list of currently valid ITU-T Recommendations. 2.1 Identical Recommendations I International Standards ITU-T Recommendation X.200 ( 1994) I ISO/IEC 7498-1 : 1994, Information technology - Open

45、Systems Interconnection - Basic Reference Model: The Basic Model. ITU-T Recommendation X.216 (1994) I ISOAEC 8822: 1994, Information technology - Open Systems Interconnection - Presentation service definition. ITU-T Recommendation X.226 (1994) I ISO/IEC 8823-1: 1994, Information technology - Open Sy

46、stems Interconnection - Connection-oriented presentation protocol: Protocol specification. ITU-T Recommendation X.680 (1994) I ISO/IEC 8824-1 : 1995, Information technology - Abstract Syntax Notation One ASN. I): Specification of basic notation. ITU-T Recommendation X.681 (1994) I ISO/IEC 8824-2: 19

47、95, Information technology - Abstract Syntax Nutation One (ASN. I): Information object specification. ITU-T Recommendation X.682 (1994) I ISO/IEC 8824-3: 1995, Information technology - Abstract Syntax Notation One (ASN. 1): Constraint specification. ITU-T Recommendation X,683 (1994) I ISO/IEC 8824-4

48、: 1995, Information technology - Abstract Syntax Notation One ASN. I): Parameterization of ASN. 1 specifications. ITU-T Recommendation X.690 (1994) I ISOAEC 8825- I : 1995, Znfumzation technology - ASN. 1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and

49、 Distinguished Encoding Rules (DER). ITU-T Rec. X.833 (1995 E) 1 ISOnEC 11586-4 1996 (E) - ITU-T Recommendation X.803 (1 994) I ISO/IEC 10745: 1995, Infomtion rechnology - Open Systems Interconnection - Upper layers security model. ITU-T Recommendation X.830 (1995) I ISO/IEC 11586-1:1996, lnfonnation rechnology - Open Systems Interconnection - Generic upper layers security: Overview, models and notation. - 3 Definitions 3.1 This Recommendation 1 International Standard makes use of the following terms defined in lTU-T Rec. X.200 I ISO/IEC 7498-1: - transfer syntax. 3.2 This Recommendat