ECMA 235-1996 The ECMA GSS-API Mechanism《ECMA GSS-API机制》.pdf

1、Standard ECMA-235March 1996Standardizing Information and Communication SystemsPhone: +41 22 849.60.00 - Fax: +41 22 849.60.01 - URL: http:/www.ecma.ch - Internet: helpdeskecma.chThe ECMA GSS-APIMechanismStandard ECMA-235March 1996Standardizing Information and Communication SystemsPhone: +41 22 849.6

2、0.00 - Fax: +41 22 849.60.01 - URL: http:/www.ecma.ch - Internet: helpdeskecma.chGino Lauri - ECMA-235.DOC - 20/03/96 11:50The ECMA GSS-APIMechanismBrief HistoryECMA, ISO and ITU-T are working on standards for distributed applications in an open system environment. Security ingeneral and authenticat

3、ion and distributed access control in particular are major concerns in information processing.In July 1988, ECMA TR/46, “Security in Open Systems - A Security Framework“, was published. In December 1989, based onthe concepts of this framework, ECMA-138, “Security in Open Systems - Data Elements and

4、Service Definitions“, wasproduced. It defines a set of Security Services for use in the Application Layer of the ISO OSI Reference Model.In December 1994, the first edition of Standard ECMA-219 was published. Based on this earlier work, it describes a model fordistributed authentication and access c

5、ontrol in which a trusted third party, the Authentication and Privilege AttributeApplication (APA-Application) and related key distribution functions are used to authenticate human and software entities,provide them with the privileges they need for access control purposes and provide the means of p

6、rotection of these privilegesin interchange.Over this period also, the Internet Engineering Task Force (IETF) and other de facto and de jure standards organisations havebeen developing a standard general interface through which a security infrastructure such as that described in ECMA-219 canbe exerc

7、ised by application clients and servers. It has been designed so that callers do not need to know the details of theunderlying infrastructure, or even whether it is provided by ECMA-219 services or other infrastructure designs. This interfaceis the Generic Security Services Application Programming I

8、nterface, or GSS-API (GSS-API).This ECMA standard follows on from ECMA-219, showing how the security services described there can be used underneaththe GSS-API by application clients and servers. It describes the interface calls supported, the success and error responses thatcan be returned, and the

9、 format and content of the data tokens exchanged between the client and the server.In order to implement Privilege Attribute based access control features for distributed open applications using the GSS-API,this Standard also defines support functions that have to be used in addition to the standard

10、 GSS-API function set.KRB5GSS and SPKM also define ways of supporting the GSS-API, and some of the data constructs defined there are alsoused here.The Standard is based on the practical experience of ECMA member Companies. It is oriented towards urgent and wellunderstood needs.This ECMA Standard has

11、 been adopted by the ECMA General Assembly in March 1996.- i -Table of contents1 Introduction 11.1 Scope 11.2 Field of application 11.3 Requirements to be satisfied 11.4 Conformance 11.5 Overview and document structure 22 References 22.1 Normative references 22.2 Informative references 33 Definition

12、s 33.1 Imported definitions 33.2 New Definitions 33.2.1 Security Context 33.2.2 Generic Security Mechanism 33.2.3 Security Mechanism Options 43.2.4 Primary Principal Identifier (PPID) 43.3 Acronyms 44 Token formats 44.1 Token framings 44.2 InitialContextToken format 54.3 TargetResultToken 84.4 Error

13、Token 84.5 Per Message Tokens 94.5.1 MICToken 104.5.2 WrapToken 114.6 ContextDeleteToken 115 Key distribution and PAC protection options 125.1 PAC protection options 125.2 Key Distribution schemes 125.2.1 Basic symmetric key distribution scheme 125.2.2 Symmetric key distribution scheme with symmetri

14、c KD-Servers 125.2.3 Symmetric key distribution scheme with asymmetric KD-Servers 125.2.4 Asymmetric initiator / symmetric target key distribution scheme 135.2.5 Symmetric initiator / asymmetric target key distribution scheme 135.2.6 Full public key distribution scheme 135.3 Key distribution data el

15、ements 135.3.1 KD-Scheme independent data elements 135.3.2 Key distribution scheme OBJECT IDENTIFIERs 145.3.3 Hybrid inter-domain key distribution scheme data elements 15- ii -5.3.4 Key establishment data elements 165.3.5 Kerberos Data elements 175.3.6 Profiling of KD-schemes 175.3.6.1 Profile of Ti

16、cket (symmIntradomain and symmInterdomain) 185.3.6.2 Profile of PublicTicket (hybridInterdomain) 195.3.6.3 Profile of SPKM_REQ (asymmInitToSymmTarget, symmInitToAsymmTarget, asymmetric) 205.4 Returned Key Scheme Information 206 Algorithm use within ECMA mechanism 217 Identifiers for ECMA mechanism c

17、hoices 237.1 Architectural mechanism identifiers 238 Errors 248.1 Minor Status Codes 248.1.1 Non ECMA-specific codes 248.1.2 ECMA-specific codes 258.2 Quality of protection 279 Support functions 279.1 Attribute handling support functions 279.1.1 GSS_Set_cred_attributes 289.1.2 GSS_Get_sec_attributes

18、 299.1.3 GSS_Get_received_creds 309.2 Control and support functions for context acceptors 309.2.1 GSS_Set_cred_controls call 329.2.2 GSS_Get_sec_controls 329.2.3 GSS_Compound_creds call 339.3 Attribute specifications 349.3.1 Privilege attributes 349.3.1.1 Access Identity 349.3.1.2 Group 349.3.1.3 Pr

19、imary group 349.3.1.4 Role attribute 349.3.2 Attribute set reference 359.3.2.1 Role name 359.3.3 Miscellaneous attributes 359.3.3.1 Audit Identity 359.3.3.2 Issuer domain name 359.3.3.3 Validity periods 359.3.3.4 Optional restrictions 359.3.3.5 Mandatory restrictions 359.3.4 Qualifier attributes 369

20、.3.4.1 Acceptor name 369.3.4.2 Application trust group 36- iii -9.4 C Bindings 369.4.1 Data types and calling conventions 369.4.1.1 Identifier 369.4.1.2 Identifier set 379.4.1.3 Time periods 379.4.1.4 time period list 379.4.1.5 Security attributes 389.4.1.6 Security Attribute Sets 389.4.1.7 Credenti

21、als List 389.4.1.8 Acceptor Control 389.4.1.9 Acceptor Control Set 399.4.2 gss_set_cred_attributes 399.4.3 gss_get_sec_attributes 399.4.4 gss_get_received_creds 399.4.5 gss_set_cred_controls 399.4.6 gss_get_sec_controls 409.4.7 gss_compound_cred 4010 Relationship to other standards 40Annex A - Forma

22、l ASN.1 definitions of data types defined in this standard 43Annex B - Definitions of Kerberos data types 51Annex C - Definitions of SPKM data types 55Annex D - Mappings of Minor Status Returns onto ECMA-219 error values 61Annex E - Imported Types 631 Introduction1.1 ScopeStandard ECMA-219 defines s

23、ervices, data elements and operations for authentication, Privilege Attribute and keydistribution applications (the APA-Application).Following on from ECMA-219, this Standard ECMA-235defines the syntax of the tokens that enable distributedapplications implementing the APA-Application and related dat

24、a elements specified in Standard ECMA-219 tointerwork. The tokens defined in this Standard are : Tokens for Security Association establishment An error token for communicating a failure to establish a Security Association Tokens for message protection A token for Security Association deletionIn orde

25、r to provide a basic set of implementation options, this Standard also defines some key distribution schemesbased on symmetric and asymmetric cryptographic technologies. These include specification of the encryptionalgorithms and methods to be used.The tokens are intended for use through the Generic

26、 Security Service API (GSS-API) as defined in GSS-API. ThisStandard defines minor status returns that are returned by the GSS-API when a GSS-API conformantimplementation is used to generate and validate the tokens.In order to implement Privilege Attribute based access control features for distribute

27、d open applications using theGSS-API, this Standard also defines support functions that have to be used in addition to the standard GSS-APIfunction set.1.2 Field of applicationThe field of application of this ECMA Standard is the design, implementation and interworking of security modulesthat make u

28、se of the APA-Application as defined in ECMA-219. They define an implementation of the “ECMAGSS-API mechanism“.1.3 Requirements to be satisfiedRequirements for secure distributed environments have led to specifications of security services such as ECMA-219, Kerberos and SPKM. Each of these defines w

29、hat is known in GSS-API as a “security mechanism“.The ECMA-219 mechanism defines security services and data elements required to secure distributedapplications. However, in order to achieve interworking between normal application servers using these securityservices , the syntax of the security toke

30、ns to be exchanged between the application servers themselves needs to bedefined.GSS-API specifies an interface that is independent of the underlying supporting security mechanism, but throughwhich mechanism-specific security tokens can be exchanged. The GSS-API is intended to be used by implementor

31、sof distributed secured applications.The GSS-API provides functions to implement identity based access control policies, but it does not providesupport functions to handle in a generic way Privilege Attributes for access control purposes. Neither does itprovide for the control of delegation. This st

32、andard therefore specifies such support functions.1.4 ConformanceThere are a number of types of conformance to this Standard as follows :Type 1 Support functions conformanceThe implementation shall be conformant to GSS-API, with the addition of the ECMA mechanism supportfunctions defined in clause 9

33、. Any minor status returns must be from the set defined in clause 8. This type ofconformance is in support of application portability, and does not demand that the underlying GSS-API mechanismis the ECMA one.Type 2 Security Association level context token conformance- 2 -The implementation shall sup

34、port at least one mechanism option of the ECMA mechanism Security Associationestablishment, deletion, and error tokens defined in clause 4.1 to 4.4 and 4.6 Any minor status returns must be fromthe set defined in clause 8. This type of conformance is in support of interoperability, and does not requi

35、re supportfor the GSS-API.Type 3 Message level token conformanceThe implementation shall be Type 2 conformant, and also provide an implementation of the ECMA mechanismmessage protection tokens defined in clause 4.5 Any minor status returns must be from the set defined in clause 8.Type 4 Full ECMA GS

36、S-API mechanism conformanceThis is achieved if both Type 1 and Type 3 conformance are achieved1.5 Overview and document structureThe standard described in ECMA-219 defines specific service interfaces to security services supporting theprovision of authentication, key establishment, data integrity, d

37、ata confidentiality and access control information.Although the scope of that standard does not encompass the specification of how to establish Security Associationswith productive application servers, it does assume and describe a model for these exchanges. The combined modeland standard is defined

38、 as the ECMA mechanism. This document describes how the generic ECMA mechanism is tobe exercised through the GSS-API to form the ECMA GSS-API Mechanism. Contents of specific clauses are:Clauses 2 and 3: These contain the usual references and definitions respectively.Clause 4: Describes the token for

39、mats exchanged between GSS-API peers using the ECMA GSS-APImechanism.Clause 5: Defines specific key distribution schemes within the framework laid down in ECMA-219.It gives detailed syntax and semantics for these schemes.Clause 6: Describes the use of cryptographic algorithms in the ECMA GSS-API mec

40、hanism.Clause 7: Describes the ways in which OBJECT IDENTIFIERS are used to nominate particularspecific ECMA GSS-API mechanism types, including the choice of cryptographicalgorithms themselves.Clause 8: Describes the GSS-API minor status codes that can be returned by the ECMA GSS-APImechanism. See a

41、lso annex E.Clause 9: Defines additional GSS-API support functions needed to enable PAC attribute and controlinformation to be set and exploited by GSS-API callers. It also defines some specificattribute types.Clause 10: Explains the relationship between this standard and other standards.Annex A: Co

42、ntains normative formal ASN.1 definitions of ASN.1 defined in this standard.Annex B: Contains normative formal ASN.1 definitions of ASN.1 also used in SPKM.Annex C: Contains normative formal ASN.1 definitions of ASN.1 also used in Kerberos.Annex D: Maps the minor status codes given in clause 8 onto

43、the relevant error values defined inECMA-219.Annex E: Expands the imported ASN.1 constructs (for information purposes).2 References2.1 Normative referencesECMA-219 ECMA-219, Authentication and Privilege Attribute Application with related keydistribution functionsGSS-API 1. Internet RFC 1508 Generic

44、Security Service API (J. Linn, September 1993)2. X/Open P308 Generic Security Service API (GSS-API) Base3. Internet RFC 1509 “Generic Security Service API: C-Bindings“- 3 -Kerberos Internet RFC 1510 The Kerberos Network Authentication Service (V5) (J. Kohl and C.Neumann, September 1993)ISO 10745 ISO

45、 10745, Upper Layers Security ModelISO/IEC 9594-2 ISO/IEC 9594-2, Information Processing Systems - Open Systems Interconnection - TheDirectory - Part 2: Information Framework (X.501)ISO/IEC 9594-8 ISO/IEC 9594-8, Information Processing Systems - Open Systems Interconnection - TheDirectory - Part 8:

46、Authentication Framework (X.509)2.2 Informative referencesKERB5GSS draft-ietf-cat-kerb5gss-03 The Kerberos Version 5 GSS-API Mechanism (J. Linn,September 1995)SPKM draft-ietf-cat-spkmgss-04: The Simple Public-Key GSS-API Mechanism (C. Adams, May1995)SNEGO draft-ietf-cat-snego-00 Simple GSS-API Negot

47、iation Mechanism (Eric Baize and DenisPinkas, July 1995)3 Definitions3.1 Imported definitionsThe following terms are used with the meaning defined in ECMA-219 :access identityattribute set referenceAudit Identitybasic keydelegatedialogue keyExternal Control ValuePrivilege Attribute Certificatetarget

48、Target AEFtarget key blockThe following terms are used with the meaning defined in GSS-APIacceptorinitiatorchannel bindingscontext acceptorcontext InitiatorcredentialsGSS-API tokenmechanism typequality of protectionThe following terms are used with the meaning defined in ISO 10745:Security Associati

49、on3.2 New Definitions3.2.1 Security ContextSecurity information that represents, or will represent a Security Association to an initiator or acceptor that hasformed, or is attempting to form such an association.3.2.2 Generic Security MechanismA generic security mechanism identifies a class of support functions, data structures and protocols from whichspecific security mechanism options can be derived.- 4 -3.2.3 Security Mechanism OptionsA security mechanism option identifies for a generic security mechanism, a specific choice of sup