ImageVerifierCode 换一换
格式:PDF , 页数:30 ,大小:581.59KB ,
资源ID:736459      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-736459.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ETSI TR 103 421-2017 CYBER Network Gateway Cyber Defence (V1 1 1)《网络 网关网络防御(V1 1 1)》.pdf)为本站会员(sumcourage256)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ETSI TR 103 421-2017 CYBER Network Gateway Cyber Defence (V1 1 1)《网络 网关网络防御(V1 1 1)》.pdf

1、 ETSI TR 103 421 V1.1.1 (2017-04) CYBER; Network Gateway Cyber Defence TECHNICAL REPORT ETSI ETSI TR 103 421 V1.1.1 (2017-04) 2 Reference DTR/CYBER-0015 Keywords cyber security, information assurance, privacy ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00

2、 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present document can be downloaded from: http:/www.etsi.org/standards-search The present document may be made available in electronic

3、versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document

4、 is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is

5、available at https:/portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the following services: https:/portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or

6、 by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified without the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all

7、media. European Telecommunications Standards Institute 2017. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM and LTE are Trade Marks of ETSI registered for the benefit of its Members and of the 3GPP Organizat

8、ional Partners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TR 103 421 V1.1.1 (2017-04) 3 Contents Intellectual Property Rights 5g3Foreword . 5g3Modal verbs terminology 5g3Executive summary 5g3Introduction 6g31 Scope 7g32 References 7g32.1 Normative re

9、ferences . 7g32.2 Informative references 7g33 Definitions and abbreviations . 9g33.1 Definitions 9g33.2 Abbreviations . 9g34 Network gateway cyber defence ecosystem: activities and use cases 11g34.1 Introduction - the gateway as a protection element 11g34.2 Network gateway cyber defence related stan

10、dards activities . 12g34.3 Network gateway cyber defence business and compliance obligation use cases . 12g34.3.1 Cyber security use cases . 12g34.3.2 Network management use cases . 13g34.3.3 Device and application management - discovery and health attestation use cases . 13g34.3.4 Industry specific

11、ations and agreement use cases 14g34.3.5 Lawful interception and retained data use cases . 14g34.3.6 Intellectual property protection use cases . 14g34.3.7 End user privacy and protection of minors . 14g34.3.8 Resilience and security of communication infrastructure, networks and services 15g35 Netwo

12、rk gateway cyber defence technical requirements . 15g35.1 Introduction 15g35.2 Secure and controlled exposure of traffic observables . 15g35.3 Sufficient observable information for acquisition and analysis for defence measures . 16g35.4 Ability to institute defence measures as part of gateway manage

13、ment 17g36 New challenges and mechanisms for gateway cyber defence 17g36.1 Introduction 17g36.2 Challenges 17g36.2.1 Virtualization implementations . 17g36.2.2 5G mobile systems 18g36.2.3 Autonomous Internet of Things (IoT) deployments . 18g36.2.4 Over The Top (OTT) services. 19g36.2.5 Widespread us

14、e of TLS as part of “Encrypt Everything“ initiatives . 19g36.3 New and modified middlebox security protocol techniques 20g36.3.1 Introduction. 20g36.3.2 Multi-Context Transport Layer Security (mcTLS) . 20g36.3.3 Other new protocol and structured expression platforms for middlebox security 22g37 Reco

15、mmendations 25g37.1 Introduction 25g37.2 Control at the gateway 25g37.3 Observable availability at the gateway . 26g37.4 Adoption of a common Middlebox Security Protocol, profiles and guidelines 27g37.5 Specification of a new out-of-band secure channel between endpoint and gateway, and protocols for

16、 a set of observables . 27g37.6 Encouraging use of gateway cyber defence capabilities 28g3ETSI ETSI TR 103 421 V1.1.1 (2017-04) 4 Annex A: Bibliography 29g3History 30g3ETSI ETSI TR 103 421 V1.1.1 (2017-04) 5 Intellectual Property Rights Essential patents IPRs essential or potentially essential to th

17、e present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI

18、 in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (https:/ipr.etsi.org/). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the exist

19、ence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Trademarks The present document may include trademarks and/or tradenames which are asserted and/or registered by their owners. ETSI cla

20、ims no ownership of these except for any which are indicated as being the property of ETSI, and conveys no right to use or reproduce any trademark and/or tradename. Mention of those trademarks in the present document does not constitute an endorsement by ETSI of products, services or organizations a

21、ssociated with those trademarks. Foreword This Technical Report (TR) has been produced by ETSI Technical Committee Cyber Security (CYBER). Modal verbs terminology In the present document “should“, “should not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be interpreted as descri

22、bed in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“ and “must not“ are NOT allowed in ETSI deliverables except when used in direct citation. Executive summary The present document provides an overview and recommendations concerning cyber defence capab

23、ilities at network gateways. The capabilities are implemented using what are usually referred to as “middleboxes“ that may be integrated into traffic routers that typically exist at boundaries between networks. Network gateways are critically important points for implementing cyber defence in conjun

24、ction with other essential functions. The present document notes that network gateway cyber defence related standards activities have increased significantly because of an array of use cases combined with the rapidly increasing encryption of traffic occurring between end points where network applica

25、tion servers are interacting directly with software clients on end user devices. The use cases consist of an array of business and compliance obligations. The present document then continues to derive a set of related cyber defence technical requirements that include: 1) secure and controlled exposu

26、re of traffic observables; 2) sufficient observable information for acquisition and analysis for defence measures; and 3) the ability to institute defence measures as part of gateway management. The present document then examines the emerging new challenges and mechanisms for gateway cyber defence.

27、The challenges include virtualization implementations, 5G mobile systems, Internet of Things deployments, Over The Top services, and “encrypt everything“ initiatives. On the positive side, the considerable industry and academic research and development efforts have produced a combination of existing

28、 protocol adaptations and effective new protocols and platforms that have considerable promise - especially one known as mcTLS. ETSI ETSI TR 103 421 V1.1.1 (2017-04) 6 The present document concludes with several recommendations that include a consensus view on what information and secure access capa

29、bilities are required to support gateway cyber defence, what steps the ETSI Cybersecurity Technical Committee should take for a new Technical Specification to support the requirements, and how collaboration with external bodies might encourage use of gateway cyber defence capabilities. Introduction

30、A network gateway is a device that enables or facilitates the interconnecting of networks or applications via those networks. They have existed since the origins of electronic communication. With the emergence of packet data networks, they have assumed many different roles, including cyber defence.

31、Those additional roles are commonly denominated as “middlebox“ functions i.3. An especially common network gateway used for cyber defence purposes is referred to as a firewall - defined by 3GPP as a functional entity which blocks or permits the flow of various traffic types based on a set of policy

32、rules and definitions. All signalling to internal network resources can be directed via a network gateway dedicated to that purpose. Network gateways serve many critical needs that include management of network traffic and meeting service level agreement or regulatory requirements. One of those crit

33、ical needs is that of cyber defence - which can be met through the detection and prevention of threats at the external border point of all kinds of networks ranging from a national infrastructure to an organization or home network. Deep Packet Inspection capabilities are widely deployed to facilitat

34、e these capabilities. However, the appearance of ever more sophisticated threats and adaptive malware is proving challenging to detection and blocking efforts. A significant cyber security challenge emerging today is the combination of Over the Top services combined with “encrypt everything“ initiat

35、ives that generated potentially huge amounts of traffic between some arbitrary service portal somewhere in the world, and an end users terminal - even an application on a device. Some Internet of Things implementations also fall into this category. While these steps meet significant needs today, the

36、se practices may have adverse effects such as impeding detection of malware and other cyber security threats, as well as managing network traffic and meeting a broad array of business, organizational, and regulatory requirements. A balanced approach is needed that provides support to all the require

37、ments that exist today. The emergence of NFV-SDN implementations is engendering considerable new efforts to virtualize network gateway capabilities. These efforts include the use of on-demand Big Data Analysis to more rapidly detect and mitigate threats. Many different industry forums today are exam

38、ining network gateway requirements and solutions available - largely as insular work items and projects. The present document assembles an understanding of the related ecosystem, models, protocols, and implementation mechanisms for gateway-based cyber defence. ETSI ETSI TR 103 421 V1.1.1 (2017-04) 7

39、 1 Scope The present document provides an overview and recommendations concerning cyber defence capabilities at network gateways. It analyses the network gateway cyber defence ecosystem, technical requirements, new challenges and techniques and then draws recommendations for new standardization work

40、 in that area. 2 References 2.1 Normative references Normative references are not applicable in the present document. 2.2 Informative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only t

41、he cited version applies. For non-specific references, the latest version of the referenced document (including any amendments) applies. NOTE: While any hyperlinks included in this clause were valid at the time of publication ETSI cannot guarantee their long term validity. The following referenced d

42、ocuments are not necessary for the application of the present document but they assist the user with regard to a particular subject area. i.1 SIGCOMM 15, Naylor et al., Multi-Context TLS (mcTLS): “Enabling Secure In-Network Functionality in TLS“, August 17 - 21, 2015, London, United Kingdom. NOTE: A

43、vailable at http:/conferences.sigcomm.org/sigcomm/2015/pdf/papers/p199.pdf. i.2 ETSI TR 103 456: “CYBER; Implementation of the Network and Information Security (NIS) Directive“. i.3 IETF RFC 3224: “Middleboxes: Taxonomy and Issues“, February 2002. i.4 IETF draft-mm-wg-effect-encrypt-04: “Effect of U

44、biquitous Encryption“, October 2016. i.5 OASIS CybOX Version 2.1.1. Part 01: “Overview“. NOTE: Available at http:/docs.oasis-open.org/cti/cybox/v2.1.1/cybox-v2.1.1-part01-overview.pdf. See also, CybOX Project/specifications, https:/ i.6 NIST SP 800-117: “Guide to Adopting and Using the Security Cont

45、ent Automation Protocol (SCAP)“. i.7 SP 800-126 Revision 2: “The Technical Specification for the Security Content Automation Protocol (SCAP)“. i.8 Recommendation ITU.T X.1500: “Overview of cybersecurity information exchange“. NOTE: See http:/www.itu.int/itu-t/recommendations/rec.aspx?rec=11060. i.9

46、IETF RFC 7632: “Endpoint Security Posture Assessment: Enterprise Use Cases“. i.10 IETF draft-ietf-sacm-requirements-15: “Security Automation and Continuous Monitoring (SACM) Requirements“. NOTE: Available at https:/datatracker.ietf.org/doc/draft-ietf-sacm-requirements/. i.11 ETSI TS 101 331 (V1.4.1)

47、: “Lawful Interception (LI); Requirements of Law Enforcement Agencies“. ETSI ETSI TR 103 421 V1.1.1 (2017-04) 8 i.12 ETSI TS 133 106 (V13.4.0): “Universal Mobile Telecommunications System (UMTS); LTE; 3G security; Lawful interception requirements (3GPP TS 33.106 version 13.4.0 Release 13)“. i.13 ETS

48、I TS 102 656 (V1.2.2): “Lawful Interception (LI); Retained Data; Requirements of Law Enforcement Agencies for handling Retained Data“. i.14 Recommendation ITU-T X.1038: “Security Requirements and reference architecture for Software-Defined Networking“ (10/2016). NOTE: Available at http:/www.itu.int/

49、itu-t/recommendations/rec.aspx?rec=13058. i.15 5G PPP Architecture Working Group, View on 5G Architecture, Version 1.0, July 2016. NOTE: Available at https:/5g-ppp.eu/wp-content/uploads/2014/02/5G-PPP-5G-Architecture-WP-July-2016.pdf. i.16 European Commission, Copyright and Neighbouring Rights. NOTE: Available at , http:/ec.europa.eu/internal_market/copyright/documents/index_en.htm. i.17 Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the pro

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1