ImageVerifierCode 换一换
格式:PDF , 页数:70 ,大小:4.52MB ,
资源ID:802339      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-802339.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ITU-T Q 813-1998 Security Transformations Application Service Element for Remote Operations Service Element (STASE-ROSE) - Series Q Switching and Signalling - Specifications of Sigup .pdf)为本站会员(livefirmly316)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ITU-T Q 813-1998 Security Transformations Application Service Element for Remote Operations Service Element (STASE-ROSE) - Series Q Switching and Signalling - Specifications of Sigup .pdf

1、STD-ITU-T RECMN Q.BL3-ENGL L998 W 48b259L Ob55382 282 INTERNATIONAL TELECOMMUNICATION UNION ITU-T TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU Q.813 (06198) SERIES Q: SWITCHING AND SIGNALLING Specifications of Signalling System No. 7 - Q3 interface Security Transformations Application Service Ele

2、ment for Remote Operations Service Element (STASE-ROSE) ITU-T Recommendation Q.813 (Previously CCITT Recommendation) STDeITU-T RECMN Q.813-ENGL 1998 4862593 Ob55383 119 ITU-T Q-SERIES RECOMMENDATIONS SWITCHING AND SIGNALLING SIGNALLING IN THE INTERNATIONAL MANUAL SERVICE FUNCTIONS AND INFORMATION FL

3、OWS FOR SERVICES IN THE ISDN SPECIFICATIONS OF SIGNALLING SYSTEMS No. 4 AND No. 5 SPECIFICATIONS OF SIGNALLING SYSTEM No. 6 SPECIFICATIONS OF SIGNALLING SYSTEM Ri SPECIFICATIONS OF SIGNALLING SYSTEM R2 INTERNATIONAL AUTOMATIC AND SEMI-AUTOMATIC WORKING CLAUSES APPLICABLE TO ITU-T STANDARD SYSTEMS DI

4、GITAL EXCHANGES INTERWORKING OF SIGNALLING SYSTEMS SPECIFICATIONS OF SIGNALLING SYSTEM No. 7 General Message transfer part (MTP) Signalling connection control part (SCCP) Telephone user part (TUP) ISDN supplementary services Data user part Signalling System No. 7 management ISDN user part Transactio

5、n capabilities application part Test specification Q.1-Q.3 Q .4-Q. 59 Q .60-Q. 99 Q. 1 OO-Q. 1 I 9 Q.120-Q.249 Q.250-Q.309 Q.310-Q.399 Q.400-Q.499 Q.500-Q.599 Q.600-Q.699 Q. 700-Q. 849 Q.700 Q.701-Q.709 Q.711-Q.719 Q.720-Q. 729 Q.730-Q.739 Q.740-Q. 749 Q.750-Q.759 Q.760-Q. 769 Q.770-Q.779 Q. 780-Q .

6、 799 Q3 interface Q.800-Q .849 DIGITAL SUBSCRIBER SIGNALLING SYSTEM No. 1 Q. 850-Q. 999 General Data link layer Network layer User-network management Stage 3 description for supplementary services using DSS 1 PUBLIC LAND MOBILE NETWORK INTERWORKING WITH SATELLITE MOBILE SYSTEMS INTELLIGENT NETWORK B

7、ROADBAND ISDN Q.850-Q.919 Q .920-Q. 929 Q.930-Q.939 Q. 940-Q. 949 Q.950-Q.999 Q. 1000-Q. 1 O99 Q. 1 1 OO-Q. 1 199 Q. 1200-Q. 1999 Q.2000-Q.2999 For further details, please refer to ITU-T List of Recommendations. STDaITU-T RECMN Q.BIi3-ENGL 3998 - 4862593 Oh55384 055 ITU-T RECOMMENDATION Q.813 SECURI

8、TY TRANSFORMATIONS APPLICATION SERVICE ELEMENT FOR REMOTE OPERATIONS SERVICE ELEMENT (STASE-ROSE) Summary This Recommendation provides specifications to support security transformations, such as encryption, hashing, sealing and signing, focusing on whole Remote Operations Service Element (ROSE) Prot

9、ocol Data Units (PDUs). Security transformations are used to provide various security services such as authentication, confidentiality, integrity and non-repudiation. This Recommendation describes an approach to the provisioning of security transformations that is implemented in the application laye

10、r and requires no security-specific functionality in any of the underlying OS1 stack layers. Source ITU-T Recommendation 4.813 was prepared by ITU-T Study Group 4 (1997-2000) and was approved under the WTSC Resolution No. 1 procedure on the 26th of June 1998. Recommendation Q.813 (0698) 1 STD.ITU-T

11、RECMN Q-833-ENGL 1998 4862593 Ob55385 T93 m FOREWORD IT (International Telecommunication Union) is the United Nations Specialized Agency in the field of telecommunications. The ITU Telecommunication Standardization Sector (ITU-T) is a permanent organ of the ITU. The ITU-T is responsible for studying

12、 technical, operating and tariff questions and issuing Recommendations on them with a view to standardizing telecommunications on a worldwide basis. The World Telecommunication Standardization Conference (WTSC), which meets every four years, establishes the topics for study by the ITU-T Study Groups

13、 which, in their turn, produce Recommendations on these topics. The approval of Recommendations by the Members of the ITU-T is covered by the procedure laid down in WTSC Resolution No. 1. In some areas of information technology which fall within ITU-Ts purview, the necessary standards are prepared o

14、n a collaborative basis with IS0 and IEC. NOTE In this Recommendation, the expression “Administration“ is used for conciseness to indicate both a telecommunication administration and a recognized operating agency. INTELLECTUAL PROPERTY RIGHTS The ITU draws attention to the possibility that the pract

15、ice or implementation of this Recommendation may involve the use of a claimed Intellectual Property Right. The ITU takes no position concerning the evidence, validity or applicability of claimed Intellectual Property Rights, whether asserted by ITU members or others outside of the Recommendation dev

16、elopment process. As of the date of approval of this Recommendation, the ITU had not received notice of intellectual property, protected by patents, which may be required to implement this Recommendation. However, implementors are cautioned that this may not represent the latest information and are

17、therefore strongly urged to consult the TSB patent database. O ITU 1999 All rights reserved. No part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from the ITU. Recommendati

18、on Q.813 (06/98) 11 1 1.1 1.2 1.3 2 2.1 2.2 3 4 5 5.1 5.2 5.3 6 7 7.1 7.2 7.3 7.4 8 8.1 8.2 STDnITU-T RECMN Q.BL3-ENGL 3998 4862591 Ob55386 928 CONTENTS Scope. Purpose and Application . Purpose . Application . Scope References Normative references Informative references Definitions Abbreviations . O

19、verview Security transformations . Security information exchange . 5.2.1 5.2.2 Security information default values Negotiation of security algorithms Abstract syntax for negotiation of security parameters 5.3.1 Abstract syntax name Model Service overview Association services . STASE-ROSE services Re

20、lationship to presentation services . Service definition 7.4.1 Conventions . ,7.4.2 Association services 7.4.3 SR-TRANSFER service 7.4.4 SR-TRANSFER parameters Interaction between application service elements Association establishment 8.1.1 Association initiator 8.1.2 Association responder . Associa

21、tion release . 8.2.1 Sender 8.2.2 Receiver . Recommendation Q.813 (06/98) 2 2 2 3 4 5 6 6 7 7 10 13 14 14 16 16 16 16 17 17 17 20 21 22 22 22 23 24 24 25 . 111 8.3 8.4 9 9.1 9.2 9.3 9.4 9.5 9.6 10 11 12 12.1 12.2 13 STD-ITU-T RECMN Q.BL3-ENGL 1998 48b2591 Ob55387 ab4 m Association abort 8.3.1 Sender

22、 8.3.2 Receiver . Data transfer . 8.4.1 Sender 8.4.2 Receiver . STASE-ROSE protocol Abstract syntax definition of APDUs . Abstract syntax name . Algorithms identifiers . Application contexts names 9.4.1 Secure TMN context . 9.4.2 Secure Directory Application Context STASE-ROSE procedures 9.5.1 Trans

23、fer . Mapping of STASE-ROSE services to presentation service Mapping of ROSE services to STASE-ROSE services . Conformance SRPM state tables . Conventions Actions to be taken by SRPM 12.2.1 Invalid intersections 12.2.2 . Valid intersections . Remote-Operations-Protocol-Machine state tables Annex A .

24、 Secure CMISE . A . 1 Application context A.2 Association establishment rules . A.3 Conformance A.3.1 Static requirements A.3.2 Dynamic requirements Annex B - ASN . 1 Syntax defined in this Recommendation . Abstract syntax for negotiation of security parameters Abstract syntax definition of APDUs .

25、B . 1 B.2 B.3 Abstract syntax for public key authenticator Page 25 25 26 26 26 27 27 27 32 32 32 32 32 33 33 40 41 41 42 43 44 44 44 44 45 45 46 46 46 46 46 46 47 49 iv Recommendation Q.813 (06/98) B.4 Abstract syntax object identifier . B.5 Application contexts names Appendix I - Monotonically incr

26、easing time for security . Appendix II . Negotiation of security algorithms example Association Establishment phase . Appendix III . GSS-API use with STASE-ROSE III . 1 111.2 Data transfer phase . Recommendation 4.813 (06/98) Page 53 53 54 55 56 56 58 V Recommendation 4.813 SECURITY TRANSFORMATIONS

27、APPLICATION SERVICE ELEMENT FOR REMOTE OPERATIONS SERVICE ELEMENT (STASE-ROSE) (Geneva, 1998) 1 Scope, Purpose and Application 1.1 Scope Security Transformations (ST) are used to provide various security services such as peer entity authentication, data origin authentication, confidentiality, integr

28、ity and non-repudiation. Security transformations include encryption, hashing, digital seals and digital signatures. This Recommendation supports security services for ROSE PDUs within the application layer. It is independent of the underlying communications protocol stack. This Recommendation defin

29、es a new Application Service Element (ASE) called Security Transformations Application Service Element for ROSE (STASE-ROSE), which resides between the ROSE and the Presentation Layer in the OS1 Protocol Stack. This Recommendation provides an approach for performing Security Transformations (ST) tha

30、t imposes no requirements on any of the 6-lower layers of the communications stack. This is in contrast to methods e.g. Generic Upper Layers Security (GULS) that support security transformations through embedded functionality in the communications stack at the presentation layer. This Recommendation

31、 further provides for peer entity authentication at association Set-up time; for the negotiation of security parameters (such as security algorithms) that will be used in the course of the association; and for dynamic update, in the course of the association, of security parameters that are used for

32、 individual protocol data units. The method presented in this Recommendation could be adapted for ASES other than ROSE that interact directly with the presentation layer. However, this Recommendation focuses on ROSE and does not cover any possible extensions or generalizations. How the actual securi

33、ty transformations are performed (e.g. producing and verifiing digital signatures) is a local matter outside the scope of this Recommendation. In particular, the use of a generic security module, such as the Generic Security Service - Application Programming Interface (GSS-API) for performing securi

34、ty transfomations is a local matter. Nevertheless, while this Recommendation does not mandate the use of GSS-API, it provides the necessary framework for using GSS-API together with STASE-ROSE (see Appendix III). Key management is an important component of a security infrastructure. This Recommendat

35、ion supports the exchange of information related to cryptographic keys. However, a general framework for key management is outside the scope of this Recommendation. Recommendation Q.813 (06/98) 1 1.2 Purpose The purpose of this Recommendation is to protect whole ROSE PDUs. Recommendation Q.8 12 spec

36、ifies File Transfer Administration and Management (FTAM), Common Information Management Application Service Element (CMISE) and X.500 Directory in the application layer for the Q3 and X interfaces of the Telecommunications Management Network (TMN). X.500 and CMISE use the services of the Remote Oper

37、ation Service Element (ROSE). This Recommendation addresses the security of ROSE Protocol Data Units (PDUs). While this Recommendation is motivated by the need to secure TMN interactions or message exchanges, it can be used to provide security for any application that uses ROSE. 1.3 Application This

38、 Recommendation applies to ROSE-based applications such as user applications that use CMISE or X.500 Directory. Providing protection for CMIP PDUs is a major goal of this Recommendation. Since CMIP is based on the 1988 version of ROSE (see Recommendations X.219 and X.229), this Recommendation also f

39、ocuses on that version, rather than the 1994 version (see Recommendations X.880, X.881 and X.882). Therefore this Recommendation may not apply to the current version of Recommendation X.500 which is based on the 1994 version of ROSE. 2 References The following ITU-T Recommendations and other referen

40、ces contain provisions which, through reference in this text, constitute provisions of this Recommendation. At the time of publication, the editions indicated were valid. All Recommendations and other references are subject to revision; all users of this Recommendation are therefore encouraged to in

41、vestigate the possibility of applying the most recent edition of the Recommendations and other references listed below. A list of the currently valid ITU-T Recommendations is regularly published. 2.1 Normative references - ITU-T Recommendation M.30 1 O (1 996), Principles for a telecommunications ma

42、nagement network. ITU-T Recommendation Q.811 (1997), Lower layer protocol proJiles for the Q3 and X interfaces. ITU-T Recommendation Q.812 (1997), Upper layer protocol proJiles for the Q3 and X interfaces. ITU-T Recommendation X.200 (1 994) I ISO/IEC 7498-1 : 1994, Information technology - Open Syst

43、ems Interconnection - Basic reference model: The Basic Model. CCITT Recommendation X.208 (1988), Specijkation of Abstract Syntax Notation One (ASN. I). ITU-T Recommendation X.21 O (1 993) I ISO/IEC 1073 1 : 1994, Information technology - Open Systems Interconnection - Basic reference model: Conventi

44、ons for the definition of OSI services. ITU-T Recommendation X.217 (1 995) I ISO/IEC 8649: 1996, Information technology - Open Systems Interconnection - Service de$nition for the association control service element. CCITT Recommendation X.219 (1 988), Remote Operations: Model, notation and service d

45、ejnition. - - - - - - - 2 Recommendation Q.813 (06/98) - ITU-T Recommendation X.227 (1995) I ISO/IEC 8650-1 : 1996, Information technology - Open Systems Interconnection - Connection-oriented protocol for the association control service element: Protocol speciJication. CCITT Recommendation X.229 (1

46、988), Remote operations: Protocol specification. ITU-T Recommendation X.500 (1 997) I ISODEC 9594- 1 : 1997, Information technology - Open Systems Interconnection - The directory: Overview of concepts, models and services. ITU-T Recommendation X.509 (1997) I ISO/IEC 9594-8: 1997, Information technol

47、ogy - Open Systems Interconnection - The directory: Authentication framework. ITU-T Recommendation X.680 (1 997) I ISO/IEC 8824-1 : 1998, Information technology - Abstract Syntax Notation One (ASN. 1): Specijkation of basic notation. - - - - - ITU-T Recommendation X.681 (1 997) I ISO/IEC 8824-2: 199

48、8, Information technology - Abstract Syntax Notation One (ASN. I): Information object speciJication. ITU-T Recommendation X.682 (1997) I ISO/IEC 8824-3: 1998, Information technology - Abstract Syntax Notation One (ASN. 1): Constraint specijkation. ITU-T Recommendation X.683 (1 997) I ISO/IEC 8824-4:

49、 1998, Information technology - Abstract Syntax Notation One (ASN. 1): Parametrization of ASN. 1 specifications. - - - ITU-T Recommendation X.690 (1 997) I ISO/IEC 8825- 1 : 1998, Information technology - ASN. I encoding rules: SpeciJcation of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER). ITU-T Recommendation X.710 (1997) I ISO/IEC 9595: 1998, Information technology - Open Systems Interconnection - Common management information service. ITU-T Recommendation X.711 (1997) I ISO/IEC 9596-1: 1998, Information technology - Open Systems In

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1