ImageVerifierCode 换一换
格式:PDF , 页数:20 ,大小:731.42KB ,
资源ID:798582      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-798582.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ITU-T J 1004-2015 Specifications of authorization centre interfaces for renewable conditional access system (Study Group 9)《为再生条件访问系统的授权中心接口规范(研究组9)》.pdf)为本站会员(孙刚)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ITU-T J 1004-2015 Specifications of authorization centre interfaces for renewable conditional access system (Study Group 9)《为再生条件访问系统的授权中心接口规范(研究组9)》.pdf

1、 I n t e r n a t i o n a l T e l e c o m m u n i c a t i o n U n i o n ITU-T J.1004 TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (08/2015) SERIES J: CABLE NETWORKS AND TRANSMISSION OF TELEVISION, SOUND PROGRAMME AND OTHER MULTIMEDIA SIGNALS Conditional access and protection Renewable conditional

2、access system Specifications of authorization centre interfaces for renewable conditional access system Recommendation ITU-T J.1004 Rec. ITU-T J.1004 (08/2015) i Recommendation ITU-T J.1004 Specifications of authorization centre interfaces for renewable conditional access system Summary Recommendati

3、on ITU-T J.1004 specifies the authorization centre (AC) interfaces for a renewable conditional access system (RCAS) within the scope of ITU-T J.1001 that specifies the requirements of an RCAS. AC interfaces are the interfaces between a central authorization centre (CAC) and a conditional access modu

4、le authentication subsystem (CASS) and between a distributed authorization centre (DAC) and a CASS. History Edition Recommendation Approval Study Group Unique ID* 1.0 ITU-T J.1004 2015-08-13 9 11.1002/1000/12569 _ * To access the Recommendation, type the URL http:/handle.itu.int/ in the address fiel

5、d of your web browser, followed by the Recommendations unique ID. For example, http:/handle.itu.int/11.1002/1000/11830-en. ii Rec. ITU-T J.1004 (08/2015) FOREWORD The International Telecommunication Union (ITU) is the United Nations specialized agency in the field of telecommunications, information

6、and communication technologies (ICTs). The ITU Telecommunication Standardization Sector (ITU-T) is a permanent organ of ITU. ITU-T is responsible for studying technical, operating and tariff questions and issuing Recommendations on them with a view to standardizing telecommunications on a worldwide

7、basis. The World Telecommunication Standardization Assembly (WTSA), which meets every four years, establishes the topics for study by the ITU-T study groups which, in turn, produce Recommendations on these topics. The approval of ITU-T Recommendations is covered by the procedure laid down in WTSA Re

8、solution 1. In some areas of information technology which fall within ITU-Ts purview, the necessary standards are prepared on a collaborative basis with ISO and IEC. NOTE In this Recommendation, the expression “Administration“ is used for conciseness to indicate both a telecommunication administrati

9、on and a recognized operating agency. Compliance with this Recommendation is voluntary. However, the Recommendation may contain certain mandatory provisions (to ensure, e.g., interoperability or applicability) and compliance with the Recommendation is achieved when all of these mandatory provisions

10、are met. The words “shall“ or some other obligatory language such as “must“ and the negative equivalents are used to express requirements. The use of such words does not suggest that compliance with the Recommendation is required of any party. INTELLECTUAL PROPERTY RIGHTSITU draws attention to the p

11、ossibility that the practice or implementation of this Recommendation may involve the use of a claimed Intellectual Property Right. ITU takes no position concerning the evidence, validity or applicability of claimed Intellectual Property Rights, whether asserted by ITU members or others outside of t

12、he Recommendation development process. As of the date of approval of this Recommendation, ITU had received notice of intellectual property, protected by patents, which may be required to implement this Recommendation. However, implementers are cautioned that this may not represent the latest informa

13、tion and are therefore strongly urged to consult the TSB patent database at http:/www.itu.int/ITU-T/ipr/. ITU 2015 All rights reserved. No part of this publication may be reproduced, by any means whatsoever, without the prior written permission of ITU. Rec. ITU-T J.1004 (08/2015) iii Table of Conten

14、ts Page 1 Scope . 1 2 References . 1 3 Definitions 1 3.1 Terms defined elsewhere 1 3.2 Terms defined in this Recommendation . 2 4 Abbreviations and acronyms 2 5 Conventions 2 6 Overview of RCAS authorization centre interfaces . 3 7 Specifications DAC-CASS interface 4 7.1 AMFB_TRANS_INFO 4 7.2 AMFB_A

15、UTH_INFO_RECV 5 8 Specifications for a CAC-DAC interface . 6 8.1 JOIN_INFO_REPORT . 6 8.2 ACK_JOIN_INFO_REPORT 7 8.3 LEAVE_INFO_REPORT 7 8.4 ACK_LEAVE_INFO_REPORT 8 8.5 CERTIFICATE_STATE_UPDATE 8 8.6 ACK_CERTIFICATE_STATE_UPDATE 9 8.7 CERTIFICATE_ISSUE_TRANSFER . 9 8.8 ACK_CERTIFICATE_ISSUE_TRANSFER

16、 . 10 Bibliography. 11 Rec. ITU-T J.1004 (08/2015) 1 Recommendation ITU-T J.1004 Specifications of authorization centre interfaces for renewable conditional access system 1 Scope This Recommendation specifies authorization centre (AC) interfaces for a renewable conditional access system (RCAS). AC i

17、nterfaces are the interfaces between a central authorization centre (CAC) and a conditional access module authentication subsystem (CASS) and between a distributed authorization centre (DAC) and a CASS. 2 References The following ITU-T Recommendations and other references contain provisions which, t

18、hrough reference in this text, constitute provisions of this Recommendation. At the time of publication, the editions indicated were valid. All Recommendations and other references are subject to revision; users of this Recommendation are therefore encouraged to investigate the possibility of applyi

19、ng the most recent edition of the Recommendations and other references listed below. A list of the currently valid ITU-T Recommendations is regularly published. The reference to a document within this Recommendation does not give it, as a stand-alone document, the status of a Recommendation. ITU-T J

20、.1001 Recommendation ITU-T J.1001 (2012), Requirements for renewable conditional access system. ITU-T J.1002 Recommendation ITU-T J.1002 (2013), Pairing protocol specification for renewable conditional access system. ITU-T J.1003 Recommendation ITU-T J.1003 (2014), Specification of network protocol

21、for renewable conditional access system. ITU-T X.509 Recommendation ITU-T X.509 (2008) | ISO/IEC 9594-8:2008, Information technology Open Systems Interconnection The Directory: Public-key and attribute certificate frameworks. ITU-T X.690 Recommendation ITU-T X.690 (2008) | ISO/IEC 8825-1:2008, Infor

22、mation technology ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER). 3 Definitions 3.1 Terms defined elsewhere This Recommendation uses the following terms defined elsewhere: 3.1.1 conditional access (CA) b-ITU-T

23、J.193: The conditional granting of access to cable services and content based upon what service suite has been purchased by the customer. 3.1.2 descrambling b-ITU-T J.93: The process of reversing the scrambling function (see “scrambling“) to yield usable pictures, sound, and data services. 3.1.3 ent

24、itlement control messages (ECMs) b-ITU-T J.290: An ECM is an encrypted message that contains access criteria to various service tiers and a control word (CW). 3.1.4 entitlement management messages (EMMs) b-ITU-T J.290: The EMM contains the actual authorization data and shall be sent in a secure meth

25、od to each CPE device. 2 Rec. ITU-T J.1004 (08/2015) 3.1.5 scrambling b-ITU-T J.93: The process of using an encryption function to render television and data signals unusable to unauthorized parties. 3.2 Terms defined in this Recommendation This Recommendation defines the following terms: 3.2.1 DSC_

26、ID: The identification value of the descrambler (DSC) having a size of 40 bytes. 3.2.2 CAM_ID: The identification value of the conditional access module (CAM) having a size of 8 bytes. 3.2.3 KeyPairingID: The value of the concatenation of CAM_ID and DSC_ID, i.e., CAM_ID|DSC_ID. 3.2.4 KPK: Key pairin

27、g key (KPK). The authorization centre (AC) generates the KPK if the KeyPairingID is valid. 3.2.5 RAND: A random number with 320 bits. 3.2.6 Ki: The pre-shared key having a size of 128 bits. The AC uniquely assigns three Ki to each CAM. Ki should be a generated random generation function. 4 Abbreviat

28、ions and acronyms This Recommendation uses the following abbreviations and acronyms: AC Authorization Centre ASN Abstract Syntax Notation BER Basic Encoding Rules CACS Conditional Access Client Software CAM Conditional Access Module CASS CAM Authentication Subsystem CPE Customer Premise Equipment DA

29、C Distributed Authorization Centre DOCSIS Data Over Cable Service Interface Specification DSC Descrambler HMAC Hash-based Message Authentication Code KPK Key Pairing Key MSB Most Significant Bit PRF Pseudo Random number generation Function PRNG Pseudo Random Number Generator RCAS Renewable Condition

30、al Access System STB Set Top Box 5 Conventions In this Recommendation: The keywords “is required to“ indicate a requirement which must be strictly followed and from which no deviation is permitted if conformance to this document is to be claimed. Rec. ITU-T J.1004 (08/2015) 3 The keywords “is recomm

31、ended“ indicate a requirement which is recommended but which is not absolutely required. Thus this requirement need not be present to claim conformance. The keywords “is prohibited from“ indicate a requirement which must be strictly followed and from which no deviation is permitted if conformance to

32、 this document is to be claimed. The keywords “can optionally“ indicate an optional requirement which is permissible, without implying any sense of being recommended. This term is not intended to imply that the vendors implementation must provide the option and the feature can be optionally enabled

33、by the network operator/service provider. Rather, it means the vendor may optionally provide the feature and still claim conformance with the specification. In the body of this Recommendation and its annexes, the words shall, shall not, should, and may sometimes appear, in which case they are to be

34、interpreted, respectively, as is required to, is prohibited from, is recommended, and can optionally. The appearance of such phrases or keywords in an appendix or in material explicitly marked as informative are to be interpreted as having no normative intent. 6 Overview of RCAS authorization centre

35、 interfaces Figure 1 CAC-DAC and DAC-CASS interfaces in RCAS Renewable conditional access system (RCAS) is a new paradigm technology for renewing conditional access client software (CACS) by securely downloading a new CACS through the digital cable two-way environment. There are three relevant Recom

36、mendations for RCAS: ITU-T J.1001, ITU-T J.1002 and ITU-T J.1003. ITU-T J.1001 contains architectural, functional and security requirements of RCAS. ITU-T J.1002 and ITU-T J.1003 are Recommendations for the RCAS pairing specification and the RCAS network specification, respectively. One of the impor

37、tant architectural subsystems in RCAS is the authorization centre (AC) as described in ITU-T J.1001. The AC plays a very important role for mutual authentication between the RCAS head end and the conditional access module (CAM) in the RCAS set-top box (STB). Typically a multiple service operator (MS

38、O) has multiple RCAS head ends since one RCAS head end cannot cover all service areas which are distant from each other. Therefore the RCAS AC should be separated with a centralized authorization centre (CAC) and a distributed authorization centre 4 Rec. ITU-T J.1004 (08/2015) (DAC) as shown in Figu

39、re 1 to efficiently manage the authentication process of the RCAS STBs including the CAM. As shown in Figure 1, an MSO has only one CAC and locates one DAC in each of the RCAS head end. Therefore the interface architecture of a CAC and a DAC is 1:N, and that of a DAC and a CASS is 1:1. 7 Specificati

40、ons DAC-CASS interface The basic role of the DAC is issuing ITU-T X.509 certificates of RCAS headend servers but it also includes more specific functions as follows: Generating a unique identification number for each RCAS headend server Validating pairing between the CAM and the descrambler ITU-T J.

41、1002 Managing parameters needed for authentication of RCAS STBs Join/leave processing for retail and leased RCAS STBs. There are two types of messages for the interface between the DAC and the CASS, these are the AMFB_TRANS_INFO and AMFB_AUTH_INFO_RECV messages. The sequence diagram for these two me

42、ssage types is shown in Figure 2. Figure 2 Sequence diagram for DAC-CASS interface messages The message format for the DAC-CASS interface is shown in Figure 3. The messages are encoded as ASN.1 data and the most significant bit (MSB) is transmitted first. Figure 3 AC interface message format 7.1 AMF

43、B_TRANS_INFO The function of AMFB_TRANS_INFO is used for delivering a JOIN request from a CASS to a DAC after the JOIN request is received from the RCAS STB to the CASS as shown in Figure 2. The message type value for AMFB_TRANS_INFO is 0x0401. The ASN.1 syntax notation for AMFB_TRANS_INFO is shown

44、below: Rec. ITU-T J.1004 (08/2015) 5 cASSID : The value of ID for the CASS keyPairingID: This is the key pairing ID which is sent from the CAM and generated by concatenating Descrambler ID and CAM ID. 7.2 AMFB_AUTH_INFO_RECV The function of AMFB_TRANS_INFO_RECV is used for delivering security parame

45、ters from the DAC to the CASS as shown in Figure 2. These security parameters are generated by utilizing Ki and the operator variant algorithm configuration field (OP) values of the RCAS STB, see ITU-T J.1003. The message type value for AMFB_AUTH_INFO_RECV is 0x0400. The ASN.1 syntax notation for AM

46、FB_AUTH_INFO_RECV is shown below: Auth-Rst: The authentication result for RCAS STB. If the authentication process is successful, the value is TRUE. Otherwise the value should be FALSE. 6 Rec. ITU-T J.1004 (08/2015) rAND-DAC: This is the RAND-DAC which is used for one of the input parameters of the s

47、ession key generation function. The DAC randomly generates a RAND-DAC per RCAS STB and the RCAS STB manufacturer inserts the value of the RAND-DAC into the CAM of the RCAS STB. kC: This is the Kc which is used for one of the input parameters of the session key generation function. The Kc is generate

48、d with the random number generation function using the Ki and RAND-DAC as input parameters. The CAC randomly generates a Ki per RCAS STB and the RCAS STB manufacturer inserts a Ki into the CAM of the RCAS STB, see ITU-T J.1003. kPK: This is the key pairing key (KPK). For a definition of the KPK, see

49、 ITU-T J.1003. sign-KPK: This is the value of the digital signature of the KPK ITU-T J.1003. 8 Specifications for a CAC-DAC interface The message types for a CAC-DAC interface are defined as shown the below: Direction Message name Message type DAC CAC JOIN_ INFO_REPORT 0X0501 CAC DAC ACK_JOIN_ INFO_REPORT 0X0502 DAC CAC LEAVE_ INFO_REPORT 0X0504 CAC DAC ACK_LEAVE_ INFO_REPORT 0X0505 DAC CAC CERTIFICATE_STATE_UPDATE 0X0521 CAC DAC ACK_CERTIFICATE_STATE_UPDATE

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1