ImageVerifierCode 换一换
格式:PDF , 页数:66 ,大小:2.50MB ,
资源ID:716641      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-716641.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(EN 50090-3-4-2017 en Home and Building Electronic Systems (HBES) - Part 3-4 Secure Application Layer Secure Service Secure configuration and security Resources.pdf)为本站会员(priceawful190)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

EN 50090-3-4-2017 en Home and Building Electronic Systems (HBES) - Part 3-4 Secure Application Layer Secure Service Secure configuration and security Resources.pdf

1、Home and Building Electronic Systems (HBES)Part 3-4: Secure Application Layer, Secure Service, Secure configuration and security ResourcesBS EN 50090-3-4:2017BSI Standards PublicationWB11885_BSI_StandardCovs_2013_AW.indd 1 15/05/2013 15:06EUROPEAN STANDARD NORME EUROPENNE EUROPISCHE NORM EN 50090-3-

2、4 August 2017 ICS 97.120 English Version Home and Building Electronic Systems (HBES) - Part 3-4: Secure Application Layer, Secure Service, Secure configuration and security Resources Systmes lectroniques pour les foyers domestiques et les btiments (HBES) - Partie 3-4 : Spcification des KNX S AL, Ser

3、vice scuris, configuration scurise et Resources en matire de scurit Elektrische Systemtechnik fr Heim und Gebude (ESHG) - Teil 3-4: Informationssicherheit auf Anwendungsschicht, Dienste, Konfiguration und Ressourcen This European Standard was approved by CENELEC on 2017-06-12. CENELEC members are bo

4、und to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the

5、CEN-CENELEC Management Centre or to any CENELEC member. This European Standard exists in three official versions (English, French, German). A version in any other language made by translation under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Managemen

6、t Centre has the same status as the official versions. CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland

7、, Italy, Latvia, Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom. European Committee for Electrotechnical Standardization Comit Europen de Normalisation Electrotechnique Europische

8、s Komitee fr Elektrotechnische Normung CEN-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels 2017 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members. Ref. No. EN 50090-3-4:2017 E National forewordThis British Standard is the UK implement

9、ation of EN 5009034:2017.The UK participation in its preparation was entrusted to Technical Committee IST/6/12, Home Electronic Systems.A list of organizations represented on this committee can be obtained on request to its secretary.This publication does not purport to include all the necessary pro

10、visions of a contract. Users are responsible for its correct application. The British Standards Institution 2017 Published by BSI Standards Limited 2017ISBN 978 0 580 95602 7ICS 97.120Compliance with a British Standard cannot confer immunity from legal obligations.This British Standard was published

11、 under the authority of the Standards Policy and Strategy Committee on 30 September 2017.Amendments/corrigenda issued since publicationDate Text affectedBRITISH STANDARDBS EN 5009034:2017EUROPEAN STANDARD NORME EUROPENNE EUROPISCHE NORM EN 50090-3-4 August 2017 ICS 97.120 English Version Home and Bu

12、ilding Electronic Systems (HBES) - Part 3-4: Secure Application Layer, Secure Service, Secure configuration and security Resources Systmes lectroniques pour les foyers domestiques et les btiments (HBES) - Partie 3-4 : Spcification des KNX S AL, Service scuris, configuration scurise et Resources en m

13、atire de scurit Elektrische Systemtechnik fr Heim und Gebude (ESHG) - Teil 3-4: Informationssicherheit auf Anwendungsschicht, Dienste, Konfiguration und Ressourcen This European Standard was approved by CENELEC on 2017-06-12. CENELEC members are bound to comply with the CEN/CENELEC Internal Regulati

14、ons which stipulate the conditions for giving this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to any CENELEC memb

15、er. This European Standard exists in three official versions (English, French, German). A version in any other language made by translation under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the same status as the official version

16、s. CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the N

17、etherlands, Norway, Poland, Portugal, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom. European Committee for Electrotechnical Standardization Comit Europen de Normalisation Electrotechnique Europisches Komitee fr Elektrotechnische Normung CEN-CENELEC M

18、anagement Centre: Avenue Marnix 17, B-1000 Brussels 2017 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members. Ref. No. EN 50090-3-4:2017 E BS EN 5009034:2017EN 50090-3-4:2017 (E) 2 Contents Page European foreword . 3 Introduction . 4 1 Scope . 5 2 N

19、ormative references . 5 3 Terms, definitions and abbreviations . 5 3.1 Terms and definitions . 5 3.2 Abbreviations . 7 4 General Introduction (informative) 7 4.1 General 7 4.2 General Overview. 11 5 Specification 12 5.1 Stack and communication 12 5.2 Resource definition or used Resources 50 Annex A

20、(informative) Use of CCM . 52 A.1 Goal 52 A.2 Definitions . 52 A.3 CCM operation 52 Annex B (informative) Examples Full encoding of a HBES Secure APDU 57 B.1 General 57 B.2 S-A_Data-PDU . 57 B.3 S-A_Data-PDU . 58 B.4 S-A_Sync.req . 59 B.5 S-A_Sync.res . 60 Bibliography 62 BS EN 5009034:2017EN 50090-

21、3-4:2017 (E) 2 Contents Page European foreword . 3 Introduction . 4 1 Scope . 5 2 Normative references . 5 3 Terms, definitions and abbreviations . 5 3.1 Terms and definitions . 5 3.2 Abbreviations . 7 4 General Introduction (informative) 7 4.1 General 7 4.2 General Overview. 11 5 Specification 12 5

22、.1 Stack and communication 12 5.2 Resource definition or used Resources 50 Annex A (informative) Use of CCM . 52 A.1 Goal 52 A.2 Definitions . 52 A.3 CCM operation 52 Annex B (informative) Examples Full encoding of a HBES Secure APDU 57 B.1 General 57 B.2 S-A_Data-PDU . 57 B.3 S-A_Data-PDU . 58 B.4

23、S-A_Sync.req . 59 B.5 S-A_Sync.res . 60 Bibliography 62 EN 50090-3-4:2017 (E) 3 European foreword This document (EN 50090-3-4:2017) has been prepared by CLC/TC 205 “Home and Building Electronic Systems (HBES)“. The following dates are fixed: latest date by which this document has to be implemented a

24、t national level by publication of an identical national standard or by endorsement (dop) 2018-06-12 latest date by which the national standards conflicting with this document have to be withdrawn (dow) 2020-06-12 EN 50090-3 is composed with the following parts: EN 50090-3-1, Home and Building Elect

25、ronic Systems (HBES) Part 3-1: Aspects of application - Introduction to the application structure; EN 50090-3-2, Home and Building Electronic Systems (HBES) Part 3-2: Aspects of application User process for HBES Class 1; EN 50090-3-3, Home and Building Electronic Systems (HBES) Part 3-3: Aspects of

26、application HBES Interworking model and common HBES data types; EN 50090-3-4, Home and Building Electronic Systems (HBES) Part 3-4: Secure Application Layer, Secure Service, Secure configuration and security Resources. BS EN 5009034:2017EN 50090-3-4:2017 (E) 4 Introduction KNX Association as Coopera

27、ting Partner to CENELEC confirms that to the extent that the standard contains patents and like rights, the KNX Associations members are willing to negotiate licenses thereof with applicants throughout the world on fair, reasonable and non-discriminatory terms and conditions. Attention is drawn to t

28、he possibility that some of the elements of this document may be the subject of patent rights other than those identified above. CENELEC shall not be held responsible for identifying any or all such patent rights. CEN and CENELEC maintain online lists of patents relevant to their standards. Users ar

29、e encouraged to consult the lists for the most up to date information concerning patents (ftp:/ftp.cencenelec.eu/EN/IPR/Patents/IPRdeclaration.pdf). BS EN 5009034:2017EN 50090-3-4:2017 (E) 4 Introduction KNX Association as Cooperating Partner to CENELEC confirms that to the extent that the standard

30、contains patents and like rights, the KNX Associations members are willing to negotiate licenses thereof with applicants throughout the world on fair, reasonable and non-discriminatory terms and conditions. Attention is drawn to the possibility that some of the elements of this document may be the s

31、ubject of patent rights other than those identified above. CENELEC shall not be held responsible for identifying any or all such patent rights. CEN and CENELEC maintain online lists of patents relevant to their standards. Users are encouraged to consult the lists for the most up to date information

32、concerning patents (ftp:/ftp.cencenelec.eu/EN/IPR/Patents/IPRdeclaration.pdf). EN 50090-3-4:2017 (E) 5 1 Scope This European Standard defines security for Home and Building HBES Open Communication System. It is based on ISO/IEC 24767-2, Home network security / Secure Communication Protocol Middlewar

33、e (SCPM). Having a secure HBES solution has several advantages. It makes the HBES RF Communication Medium more secure: HBES RF Radio Frames in plain communication can easily be traced (by sniffer for example). It allows for secure applications. Secure communication is interesting in shutter and door

34、 control and anti-intrusion security, in order to prevent intrusive commands (burglars). It is also interesting in metering to protect for example electrical consumption data. This document does not define any type of application. 2 Normative references The following documents, in whole or in part,

35、are normatively referenced in this document and are indispensable for its application. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. EN 50090-1:2011, Home and Building Electronic Systems

36、 (HBES) - Part 1: Standardization structure EN 50090-3-2, Home and Building Electronic Systems (HBES) - Part 3-2: Aspects of application - User process for HBES Class 1 EN 50090-4-1, Home and Building Electronic Systems (HBES) - Part 4-1: Media independent layers - Application layer for HBES Class 1

37、 EN 50090-4-2, Home and Building Electronic Systems (HBES) - Part 4-2: Media independent layers - Transport layer, network layer and general parts of data link layer for HBES Class 1 3 Terms, definitions and abbreviations 3.1 Terms and definitions For the purposes of this document, the terms and def

38、initions given in EN 50090-1:2011 and the following apply. 3.1.1 Access Control definition and evaluation of which communication partner has the right to access which data or call which services, which is solved by collecting communication partners with the same rights for all data and services in R

39、oles and defining for each Role and for each piece of data or service the Permissions that this Role has 3.1.2 Security Black List standard list of services or DPs that shall exclusively be accepted using HBES Secure communication using confidentiality BS EN 5009034:2017EN 50090-3-4:2017 (E) 6 3.1.3

40、 cipher text generic term that denotes the encrypted data Note 1 to entry: Cipher text is opposed to plain data. 3.1.4 permission definition and conditions (plain, authentication, confidentiality) of the functionality that will be accepted from a Role, in accessing a DP in a device or in accepting s

41、ervices from a communication partner 3.1.5 plain data generic term that denotes unencrypted data, the content of which depends on the service and the user and not of confidentiality and authentication Note 1 to entry: Plain data is opposed to cipher text. 3.1.6 secure DP datapoint that requires eith

42、er authentication and/or confidentiality 3.1.7 role identification of a group of links to a device (multicast, unicast and other) that have the same Permissions throughout the AIL 3.1.8 secure link link to a secure DP 3.1.9 Security Link Resources whole collection of the following Resources: the Poi

43、nt-to-point Keys Table; the Group Keys Table; the Security Individual Address Table; the Tool Key 3.1.10 Group Address Security Flags indication in a configuration tool whether for a Group Address, no secure communication will be used, or secure communication with authentication and/or confidentiali

44、ty 3.1.11 Security White List standard list of services or DPs that are always accepted using plain communication BS EN 5009034:2017EN 50090-3-4:2017 (E) 6 3.1.3 cipher text generic term that denotes the encrypted data Note 1 to entry: Cipher text is opposed to plain data. 3.1.4 permission definitio

45、n and conditions (plain, authentication, confidentiality) of the functionality that will be accepted from a Role, in accessing a DP in a device or in accepting services from a communication partner 3.1.5 plain data generic term that denotes unencrypted data, the content of which depends on the servi

46、ce and the user and not of confidentiality and authentication Note 1 to entry: Plain data is opposed to cipher text. 3.1.6 secure DP datapoint that requires either authentication and/or confidentiality 3.1.7 role identification of a group of links to a device (multicast, unicast and other) that have

47、 the same Permissions throughout the AIL 3.1.8 secure link link to a secure DP 3.1.9 Security Link Resources whole collection of the following Resources: the Point-to-point Keys Table; the Group Keys Table; the Security Individual Address Table; the Tool Key 3.1.10 Group Address Security Flags indic

48、ation in a configuration tool whether for a Group Address, no secure communication will be used, or secure communication with authentication and/or confidentiality 3.1.11 Security White List standard list of services or DPs that are always accepted using plain communication EN 50090-3-4:2017 (E) 7 3

49、.2 Abbreviations CFB Cipher feedback FDSK Factory Default Setup Key IV Initialization Vector MaC Management Client MaS Management Server MAC Message Authentication Code MiM Man-in-the-Middle P-AL Plain Application Layer SAI Security Algorithm Identifier S-AL Secure Application Layer SCF Security Control Field SeqNr Sequence Number SFCC Security Failure Common Counter SFL Security Failure Links SHD Secure Header SKI Security Key Info 4 General Introduction (informative) 4.1

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1