ITU-T M 3016 2-2005 Security for the management plane security services (Study Group 4)《管理飞机安全措施 保安要求更正1研究组4》.pdf

1、 International Telecommunication Union ITU-T M.3016.2TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (04/2005) SERIES M: TELECOMMUNICATION MANAGEMENT, INCLUDING TMN AND NETWORK MAINTENANCE Telecommunications management network Security for the management plane: Security services ITU-T Recommendation

2、 M.3016.2 ITU-T M-SERIES RECOMMENDATIONS TELECOMMUNICATION MANAGEMENT, INCLUDING TMN AND NETWORK MAINTENANCE Introduction and general principles of maintenance and maintenance organization M.10M.299 International transmission systems M.300M.559 International telephone circuits M.560M.759 Common chan

3、nel signalling systems M.760M.799 International telegraph systems and phototelegraph transmission M.800M.899 International leased group and supergroup links M.900M.999 International leased circuits M.1000M.1099 Mobile telecommunication systems and services M.1100M.1199 International public telephone

4、 network M.1200M.1299 International data transmission systems M.1300M.1399 Designations and information exchange M.1400M.1999 International transport network M.2000M.2999 Telecommunications management network M.3000M.3599 Integrated services digital networks M.3600M.3999 Common channel signalling sy

5、stems M.4000M.4999 For further details, please refer to the list of ITU-T Recommendations. ITU-T Rec. M.3016.2 (04/2005) i ITU-T Recommendation M.3016.2 Security for the management plane: Security services Summary This Recommendation identifies the security services for the management plane in Telec

6、ommunication management. It focuses specifically on the security aspect of the management plane for network elements (NE) and management systems (MS), which are part of the Telecommunication infrastructure. Source ITU-T Recommendation M.3016.2 was approved on 13 April 2005 by ITU-T Study Group 4 (20

7、05-2008) under the ITU-T Recommendation A.8 procedure. ii ITU-T Rec. M.3016.2 (04/2005) FOREWORD The International Telecommunication Union (ITU) is the United Nations specialized agency in the field of telecommunications. The ITU Telecommunication Standardization Sector (ITU-T) is a permanent organ

8、of ITU. ITU-T is responsible for studying technical, operating and tariff questions and issuing Recommendations on them with a view to standardizing telecommunications on a worldwide basis. The World Telecommunication Standardization Assembly (WTSA), which meets every four years, establishes the top

9、ics for study by the ITU-T study groups which, in turn, produce Recommendations on these topics. The approval of ITU-T Recommendations is covered by the procedure laid down in WTSA Resolution 1. In some areas of information technology which fall within ITU-Ts purview, the necessary standards are pre

10、pared on a collaborative basis with ISO and IEC. NOTE In this Recommendation, the expression “Administration“ is used for conciseness to indicate both a telecommunication administration and a recognized operating agency. Compliance with this Recommendation is voluntary. However, the Recommendation m

11、ay contain certain mandatory provisions (to ensure e.g. interoperability or applicability) and compliance with the Recommendation is achieved when all of these mandatory provisions are met. The words “shall“ or some other obligatory language such as “must“ and the negative equivalents are used to ex

12、press requirements. The use of such words does not suggest that compliance with the Recommendation is required of any party. INTELLECTUAL PROPERTY RIGHTS ITU draws attention to the possibility that the practice or implementation of this Recommendation may involve the use of a claimed Intellectual Pr

13、operty Right. ITU takes no position concerning the evidence, validity or applicability of claimed Intellectual Property Rights, whether asserted by ITU members or others outside of the Recommendation development process. As of the date of approval of this Recommendation, ITU had not received notice

14、of intellectual property, protected by patents, which may be required to implement this Recommendation. However, implementors are cautioned that this may not represent the latest information and are therefore strongly urged to consult the TSB patent database. ITU 2005 All rights reserved. No part of

15、 this publication may be reproduced, by any means whatsoever, without the prior written permission of ITU. ITU-T Rec. M.3016.2 (04/2005) iii CONTENTS Page 1 Scope 1 2 References. 1 3 Definitions 2 4 Abbreviations 2 5 Conventions 2 6 Security services . 2 6.1 Authentication 3 6.2 Access control 5 6.3

16、 Data confidentiality 6 6.4 Data integrity 6 6.5 Non-repudiation 6 6.6 Audit trail 7 6.7 Alarm reporting 7 6.8 Packet inspection 8 iv ITU-T Rec. M.3016.2 (04/2005) Introduction Telecommunications is a critical infrastructure for global communication and economy. Appropriate security for the manageme

17、nt functions controlling this infrastructure is essential. Many standards for Telecommunications network management security exist. However, compliance is low and implementations are inconsistent across the various telecommunications equipment and software components. This Recommendation identifies

18、the security services to allow vendors, agencies, and service providers to implement a secure Telecommunications management infrastructure. Although the present set of security services and mechanisms represent the current understanding of the state of the art, technologies will advance and conditio

19、ns will change. To be successful, this Recommendation must evolve as conditions warrant. This Recommendation is intended as a foundation. Service providers may include additional security services and mechanisms to meet their specific needs over and above those in this Recommendation. This Recommend

20、ation is part of the M.3016.x series of ITU-T Recommendations intended to provide guidance and recommendations for securing the management plane of evolving networks: ITU-T-T Rec. M.3016.0 Security for the management plane: Overview. ITU-T-T Rec. M.3016.1 Security for the management plane: Security

21、requirements. ITU-T-T Rec. M.3016.2 Security for the management plane: Security services. ITU-T-T Rec. M.3016.3 Security for the management plane: Security mechanism. ITU-T-T Rec. M.3016.4 Security for the management plane: Profile proforma. ITU-T Rec. M.3016.2 (04/2005) 1 ITU-T Recommendation M.301

22、6.2 Security for the management plane: Security services 1 Scope ITU-T Recs M.3016.1, M.3016.2 and M.3016.3 specify a set of requirements, services and mechanisms for the appropriate security of the management functions necessary to support the telecommunications infrastructure. Because different ad

23、ministrations and organizations require varying levels of security support, ITU-T Recs M.3016.1-M.3016.3 do not specify whether a requirement/service/mechanism is mandatory or optional. This Recommendation identifies the security services requirements for the management plane in Telecommunication ma

24、nagement. It focuses specifically on the security aspect of the management plane for network elements (NE) and management systems (MS), which are part of the Telecommunication infrastructure. This Recommendation is generic in nature and does not identify or address the requirements for a specific Te

25、lecommunications Management Network (TMN) interface. This Recommendation does not define the security requirements or the security mechanisms for supporting the security services requirements. This Recommendation is part of the M.3016.x series of Recommendations. Security requirements, mechanisms, a

26、nd profile proformas are specified in other parts of the M.3016.x series. The Proforma defined in ITU-T Rec. M.3016.4 is provided to assist the organizations, administrations and other national/international organizations, specify the mandatory and optional support of the requirements as well as val

27、ue ranges, values, etc. to help implement their security policies. 2 References The following ITU-T Recommendations and other references contain provisions which, through reference in this text, constitute provisions of this Recommendation. At the time of publication, the editions indicated were val

28、id. All Recommendations and other references are subject to revision; users of this Recommendation are therefore encouraged to investigate the possibility of applying the most recent edition of the Recommendations and other references listed below. A list of the currently valid ITU-T Recommendations

29、 is regularly published. The reference to a document within this Recommendation does not give it, as a stand-alone document, the status of a Recommendation. ITU-T Recommendation E.408 (2004), Telecommunication networks security requirements. ITU-T Recommendation X.800 (1991), Security architecture f

30、or Open Systems Interconnection for CCITT applications. ITU-T Recommendation X.805 (2003), Security architecture for systems providing end-to-end communications. 2 ITU-T Rec. M.3016.2 (04/2005) 3 Definitions This Recommendation uses the following terms from ITU-T Rec. X.800: access control; authenti

31、cation; confidentiality; data integrity; non-repudiation. 4 Abbreviations This Recommendation uses the following abbreviations: MS Management System NE Network Element OAM SER for service; MEC for mechanism. 6 Security services Figure 1 describes the relationships between Security objectives, Threat

32、s, Risks, Security requirements, and Services. It describes the process how to derive “Security requirements“ from “Threats“ and “Security objectives“ which in turn will be realized by a set of security services. These “Services“, which counteract threats, will make use of “Mechanisms“ which themsel

33、ves make use of “Security algorithms“. Figure 1/M.3016.2 Security framework Table 1 below is reproduced from ITU-T Rec. M.3016.0 (Table 4 in ITU-T Rec. M.3016.0). This table gives an overview of the relationship between Requirements and Security services, and is used as the basis for organization of

34、 the other Recommendations in the series. For example, ITU-T ITU-T Rec. M.3016.2 (04/2005) 3 Rec. M.3016.1 discusses the security Functional Requirements, this Recommendation (ITU-T Rec. M.3016.2) discusses the Security Services, and ITU-T Rec. M.3016.3 discusses specific security mechanisms corresp

35、onding to the Security Services. This clause only defines the security services, which are covered by standard solutions; other possible services (e.g., detection of denial of service) are left out. Table 1/M.3016.2 Mapping of security requirements and security services Functional requirement Securi

36、ty service Verification of identities user authentication peer entity authentication data origin authentication Controlled access and authorization access control Protection of confidentiality stored data access control confidentiality Protection of confidentiality transferred data confidentiality P

37、rotection of data integrity stored data access control Protection of data integrity transferred data integrity Accountability non-repudiation Activity logging audit trail Security alarm reporting security alarm Security audit audit trail Protection of the DCN packet inspection Table 2 outlines the o

38、rganization of this clause: Table 2/M.3016.2 Organization of clause 6 Clause Contents 6.1 Discusses authentication services including user authentication, peer entity authentication, and data origin authentication. 6.2 Discusses access control service. 6.3 Discusses data confidentiality service. 6.4

39、 Discusses data integrity service. 6.5 Discusses non-repudiation service. 6.6 Discusses audit trail service. 6.7 Discusses security alarm service. 6.1 Authentication A TMN should provide capabilities to establish and verify the claimed identity of any actor in the TMN. Actors can be human users or e

40、ntities within the TMN. Verified identities provide the basis of accountability and are fundamental in meeting most of the security requirements listed in this clause. 4 ITU-T Rec. M.3016.2 (04/2005) The security service to support the requirement is authentication. The authentication service delive

41、rs proof that the identity of an object or subject has indeed the identity it claims to have. Depending on the type of actor and on the purpose of identification, the following kinds of authentication may be required: user authentication, establishing proof of the identity of the human user or appli

42、cation process; peer entity authentication, establishing the proof of the identity of the peer entity during a communication relationship; data origin authentication, establishing the proof of identity responsible for a specific data unit. Usage of an authentication service establishes the proof for

43、 a particular instance of time. To ensure continued proof, the authentication has to be repeated or linked to an integrity service. Examples of mechanisms used to implement the authentication service are passwords and Personal Identification Numbers (PINs) (simple authentication) and cryptographic-b

44、ased methods (strong authentication). Authentication has two purposes in securing the Management Plane: 1) It ensures the identity of the communicating parties, providing a basis for setting up private communications with full data integrity and confidentiality between two systems; and 2) It provide

45、s a basic mechanism for logging events into a management system and/or auditing the management activities on any system. The following layers can provide this service (according to ITU-T Rec. X.800): Network layer (corroboration of the identity of transport layer peers); Transport layer (corroborati

46、on of the identity of session layer peers); Application layer (corroboration of the identity of application processes); outside OSI: in the application process itself. Considering that the requirement for the TMN will be to identify and authenticate managers and agents and the link of authentication

47、 with access control, recommended positions with respect to the OSI stack are the application layer and the application process. 6.1.1 User authentication User Authentication concerns the Authentication of clients involved in the management of the network. In this case, Authentication proves the ide

48、ntity of the legitimate user and prevents masquerading attacks by illegitimate users. With proper Authentication, it is possible to track activities and restrict users to pre-authorized activities or roles. SER 1: Each NE/MS providing user access should support a strong authentication service for pr

49、oof of identity. It should be noted that this Recommendation does not require a single sign-on service, but one may be provided in a future Recommendation. However, if one is established, the protocol must still challenge the entity(s) for credentials. A user may not have to enter the credentials if they are securely cached in some way (e.g., a Kerberos mechanism). 6.1.2 Peer entity authentication Peer entity authentication concerns the Authentication of the peer entity during communication between entities, such as ap