ImageVerifierCode 换一换
格式:PDF , 页数:20 ,大小:932.10KB ,
资源ID:802345      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-802345.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ITU-T Q 815-2000 Specification of a Security Module for Whole Message Protection Series Q Switching and Signalling Specifications of Signalling System No 7 - Q3 Interface《对于全部消息保护的.pdf)为本站会员(boatfragile160)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ITU-T Q 815-2000 Specification of a Security Module for Whole Message Protection Series Q Switching and Signalling Specifications of Signalling System No 7 - Q3 Interface《对于全部消息保护的.pdf

1、 STD-ITU-T RECMN Q.8LS-ENGL 2000 = 4862573 Ob85707793 INTERNATIONAL TELECOMMUNICATION UNION ITU-T TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU Q.815 (02/2000) SERIES Q: SWITCHING AND SIGNALLING Specifications of Signalling System No. 7 - Q3 interface Specification of a security module for whole m

2、essage protection ITU-T Recommendation Q.815 (Formerly CCITT Recommendation) STDmITU-T RECMN Q-815-ENGL 2000 48b2591 Ob85908 b28 ITU-T Q-SERIES RECOMMENDATIONS SWITCHING AND SIGNALLING SIGNALLING IN THE INTERNATIONAL MANUAL SERVICE FUNCTIONS AND INFORMATION FLOWS FOR SERVICES IN THE ISDN SPECIFICATI

3、ONS OF SIGNALLING SYSTEMS No. 4 AND No. 5 SPECIFICATIONS OF SIGNALLING SYSTEM No. 6 SPECIFICATIONS OF SIGNALLING SYSTEM Ri SPECIFICATIONS OF SIGNALLING SYSTEM R2 DIGITAL EXCHANGES INTERWORKING OF SIGNALLING SYSTEMS SPECIFICATIONS OF SIGNALLING SYSTEM No. 7 INTERNATIONAL AUTOMATIC AND SEMI-AUTOMATIC

4、WORKING CLAUSES APPLICABLE TO ITU-T STANDARD SYSTEMS General Message transfer part (MTP) Signailing connection control part (SCCP) Telephone user part (TUP) ISDN supplementary services Data user part Signalling System No. 7 management ISDN user part Transaction capabilities application part Test spe

5、cification 43 interface DIGITAL SUBSCRIBER SIGNALLING SYSTEM No. 1 PUBLIC LAND MOBILE NETWORK INTERWORKING WITH SATELLITE MOBILE SYSTEMS INTELLIGENT NETWORK BROADBAND ISDN SIGNALLING REQUIREMENTS AND PROTOCOLS FOR IMT-2000 Q. 1-4.3 Q.4-Q.59 Q.60-Q.99 Q.1OO-Q.I 19 Q. 120-4.249 Q.250-Q.309 4.3 i 04.39

6、9 Q.40O-Q.499 Q.500-Q.599 Q.600-Q.699 Q.70O-Q.849 Q.700 Q.701-Q.709 4.711-4.719 Q.72O-Q.729 4.730-4.739 4.7404.749 Q.7504.759 Q.76O-Q.769 Q .7 7 0-Q ,7 7 9 Q.780-Q.799 Q.80D-Q.849 Q.SSO-Q.999 Q. 1 OOO-Q. 1099 Q.1100-Q.1199 Q. 12004.1699 Q. 1700-Q. 1 799 Q.200w.2999 For further detaiis, please refer

7、to the list of ITU-T Recommendations. STDmITU-T RECMN Q*BLS-ENGL 2000 4862573 Ob85909 5b4 ITU-T Recommendation Q.815 Specification of a security module for whole message protection Summary This ITU-T Recommendation specifies an optional security module to be used with ITU-T Recommendation Q.8 14, Sp

8、ecification of an Electronic Data Interchange Interactive Agent, that provides security services for whole Protocol Data Units (PDUs). In particular, the security module supports non-repudiation of origin and of receipt, as well as whole message integrity. Source ITU-T Recommendation Q.8 15 was prep

9、ared by ITU-T Study Group 4 (1 997-2000) and approved under the WTSC Resolution 1 procedure on 4 February 2000. STD-ITU-T RECMN Q.815-ENGL ZOO0 4862593 Ob85930 286 FOREWORD The international Telecommunication Union (IT) is the United Nations specialized agency in the field of telecommunications. The

10、 ITU Telecommunication Standardization Sector (ITU-T) is a permanent organ of ITU. ITU-T is responsible for studying technical, operating and tariff questions and issuing Recommendations on them with a view to standardizing telecommunications on a worldwide basis. The World Telecommunication Standar

11、dization Conference (WTSC), which meets every four years, establishes the topics for study by the ITU-T study groups which, in turn, produce Recommendations on these topics. The approval of ITU-T Recommendations is covered by the procedure laid down in WTSC Resolution I. In some areas of information

12、 technology which fall within ITU-Ts purview, the necessary standards are prepared on a collaborative basis with IS0 and IEC. NOTE In this Recommendation, the expression “Administration“ is used for conciseness to indicate both a telecommunication administration and a recognized operating agency. IN

13、TELLECTUAL PROPERTY RIGHTS ITU draws attention to the possibility that the practice or implementation of this Recommendation may involve the use of a claimed Intellectual Property Right. ITU takes no position concerning the evidence, validity or applicability of claimed Intellectual Property Rights,

14、 whether asserted by 1TU members or others outside of the Recommendation development process. As of the date of approval of this Recommendation, ITU had not received notice of intellectual property, protected by patents, which may be required to implement this Recommendation. However, implementors a

15、re cautioned that this may not represent the latest information and are therefore strongly urged to consult the TSB patent database. o ITU 2001 All rights reserved. No part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying

16、 and microfilm, without permission in writing from the ITU. 1 2 2.1 2.2 3 4 5 6 6.1 6.2 7 7.1 7.2 7.3 7.4 Page Scope References Normative references Informative references Definitions Abbreviations . Conventions Q.8 15 details . Security Module Message Types 6.1 . 1 6.1.2 Non-Repudiation of Origin S

17、ervice 6.1.3 Non-Repudiation of Receipt Service . General Charactenstics . General Syntax . Hashed Messages Object Identifiers Referenced by Hashed Messages . Signed Messages Object Identifiers Referenced by Signed Messages Message Integrity Service . 7.1.1 7.1.2 Value Information for Hashed Message

18、s 7.2.1 7.2.2 Value Information for Signed Messages . IA Receipt Message 7.3.1 Object Identifiers Referenced by IA Receipt Messages 7.3.2 Stase-Rose PDU . Value Information for IA Receipt Messages . Annex A . ASN . 1 Production Module Appendix I . Non-normative references . Appendix II . The SHA-1 M

19、essage Digest Algorithm . II . 1 Introduction 11.2 Bit strings and integers . 11.3 Operations on words . 11.4 Message padding 11.5 Functions used 11.6 Constants used 11.7 Computing the message digest . 1 2 2 3 3 4 4 5 5 6 6 6 6 7 7 7 8 8 8 10 10 10 11 11 12 13 13 13 11.8 II .9 STDnITU-T RECMN Q*BLS-

20、ENGL 2000 W 48b2591 Ob85912 O59 H Page 14 14 Alternate method of computation. . . . . . ._ . Comparison of methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . STD-ITU-T RECMN Q*BLS-ENGL 2000 M 4862593 Ob85933 T95 M ITU-T Recommendation Q.815 Specification of a security module for whole m

21、essage protection 1 Scope The security module provides security services for whole Protocol Data Units (PDUs). In particular, it supports non-repudiation of origin and of receipt, as well as whole message integrity. In the context of EDI-based TMN transactions, on the senders side, it accepts as inp

22、ut the output of the ED1 translator, performs the requested security transformations, and provides the resulting octet string to the Interactive Agent (IA). On the receiving side it receives from the IA an octet string that it interprets as security module PDU. It then proceeds to veri the validity

23、of the underlying message. In the case of integrity protection, if the message is valid, then it passes that message (without the message integrity code) to the ED1 translator. The security module keeps a log of all the messages it receives from the IA. It provides those messages, along with an indi

24、cation, for each message, representing the result of the verification procedure. This log is available to the local ED1 user. The specifics of the log, as well as the interface to the log are a local matter outside the scope of this ITU-T Recommendation. The behaviour of the security module when ver

25、ification fails is also a local matter outside the scope of this ITU-T Recommendation. Figure 1 below, duplicated from Figure 2/Q.8 14, is used herein as a reference. STDmITU-T RECMN Q.8LS-ENGL 2000 - 4862593 Ob85914 921 H Management Management Application Service _._._ Security Interface Security S

26、ecure Message Interactive - Origin Integrity Agent Service interface - Receipt Interactive IA Message interactive _-_ lATP cQ,sr4)- - - - - - - - - - - Figure UQ.815 - Message Flow Relationship With Message Security Services 2 References 2.1 Normative references The following ITU-T Recommendations a

27、nd other references contain provisions which, through reference in this text, constitute provisions of this Recommendation. At the time of publication, the editions indicated were valid. All Recommendations and other references are subject to revision; all users of this Recommendation are therefore

28、encouraged to investigate the possibility of applying the most recent edition of the Recommendations and other references listed below. A list of the currently valid ITU-T Recommendations is regularly published. - ITU-T Recommendation Q.8 12 (1 997)/Amd.3 (2000), Upper layer protocol proJiles for th

29、e Q.3 and X interfaces - Amendment 3: Protocol proJile for electronic communications interactive agent. ITU-T Recommendation Q.8 14 (2000), SpeciJication of an electronic data interchange interactive agent. ITU-T Recommendation X.509 (1 997) I ISODEC 9495-8: 1998, Information technology - Open Syste

30、ms Interconnection - The Directory: Authentication fiamework. ITU-T Recommendation X.680 (1 997) I ISODEC 8824-1 : 1998, Information technology - Abstract Syntax Notation One (ASN. I): Specification of basic notation. - - - sD.1Tu-l RECMN P=BlS-ENGL 2000 Li862593 Ob85935 8b8 - ITU-T Recommendation X

31、.68 1 (1 997) I ISO/IEC 8824-2: 1998, Information technology - Abstract Syntax Notation One (ASN. I): Information object specification. ITU-T Recommendation X.682 (1 997) I ISO/IEC 8824-3 : 1998, Injormation technology Abstract Syntax Notation One (ASN. I): Constraint specification. ITU-T Recommenda

32、tion X.683 (1 997) I ISOAEC 8824-4: 1998, Information technology - Abstract Syntax Notation One (ASN I): Parameterization of ASN. I speciJications. ITU-T Recommendation X.690 (1 997) I ISOAEC 8825- 1 : 1998, Information technology - ASN. I encoding rules: Specrfication of Basic Encoding Rules (BER),

33、 Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER). - - - IS0 - International Organization for Standardization: - IS0 3166:(All parts), Codes for the representation of names of countries and their subdivisions. 2.2 Informative references - Directory Implementors Guide (Version 1

34、I) (I 998). 3 Definitions This ITU-T Recommendation defines the following terms: 3.1 application protocol data unit: A packet of data exchanged between two application programs across a network. This is the highest level view of communication in the OS1 seven layer model and a single packet exchange

35、d at this level may actually be transmitted as several packets at a lower layer as well as having extra information (headers) added for routing, etc. 3.2 distinguished encoding rules: A restricted form of Basic Encoding Rules defined in (ITU-T X.690) to eliminate the options in BER. 3.3 electronic d

36、ata interchange: The exchange of documents in standardized electronic form, between organizations, in an automated manner, directly from a computer application in one organization to an application in another. 3.4 electronic data interchange for administration, commerce and transport: The syntax is

37、an IS0 standard (IS0 9739, and was adopted by the United Nations (UN) as the basis for the international development of business messages for ED1 (UNEDIFACT). EDIFACT grew out of a desire to bring together previous standards and ASC X12. 3.5 interactive agent: The Interactive Agent (IA) supports the

38、 exchange of Electronic Data Interchange (ANSI ASC X12 ED1 or EDIFACT) transactions between peer entities within the telecommunications industry. 3.6 RSA: RSA is a public-key cryptosystem developed by Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman in 1977 in an effort to help ensure Internet s

39、ecurity. A cryptosystem is simply an algorithm that can convert input data into something unrecognizable (encryption), and convert the unrecognizable data back to its original form (decryption). RSA encryption techniques are described in ITU-T Recommendation X.509. 3.7 secure hash algorithm, revisio

40、n 1: A 160-bit hash function, mandated by the National Institute for Standards Technology (NIST), with security mechanisms similar to MD5. SHA-1 is defined by the United States Government in FIPS 180-1. It is a mechanism to reduce a lengthy text message to a short digest of 160 bits that is both one

41、-way (Le. non-reversible) and not susceptible to collisions from multiple different texts. Because SHA generates a 160-bit hash (message digest) it is much safer from brute-force cryptographic attacks than MD5. STDaITU-T RECMN Q-815-ENGL 2000 D 4862571 068571ib 7T4 M Digests are best thought of as t

42、he digital fingerprint of a message. It is a relatively fast, low-overhead and secure algorithm. SHA-1 can be used to support integrity protection (by itself), or for non- repudiation (in conjunction with public key encryption). The SHA- 1 Message Digest Algorithm is described in Appendix II. 4 Abbr

43、eviations This ITU-T Recommendation uses the following abbreviations: APDU ASC DER ED1 EDIF ACT IA IP PDU RSA SHA- 1 SM SR TCP TLS TMN Application Protocol Data Unit Accredited Standards Committee Distinguished Encoding Rules (of ASN. 1) Electronic Data Interchange Electronic Data Interchange for Ad

44、ministration, Commerce and Transport Interactive Agent Internet Protocol Protocol Data Unit Rivest, Shamir, Aldeman Secure Hash Algorithm, Revision 1 Security Module STASE ROSE Transmission Control Protocol Transport Layer Security Telecommunications Management Network 5 Conventions The following co

45、nventions are used: References to clauses, subclauses, annexes and appendices refer to those items within this ITU-T Recommendation unless another specification is explicitly listed. 6 Q.815 details 6.1 Security Module Message Types Q.815 Security Module specifies the following guidelines: Message I

46、ntegrity and/or Non-Repudiation services may be provided by the Security Module (SM). If the SM provides Message Integrity, it uses SHA-1 to produce the Message Digest (MD). If the SM provides Non-Repudiation of Origin, it uses SHA-1 to produce an MD then uses the RSA digital signature mechanism. No

47、n-Repudiation of Receipt is provided by a mechanism described in this ITU-T Recommendation. A fourth set of security enhancements is available through the use of STASE-ROSE (see ITU-T Recommendation Q.8 13). 6.1.1 Message Integrity Service The direct user supplies the SM with an EDIFACT or ASC X12 E

48、D1 message. The SM will compute a message digest utilizing the EDIFACT or ASC X12 ED1 data as input to the digest algorithm. The STD-ITU-T RECMN O-815-ENGL 2000 m Y8b2591 Ob85917 630 m SM DER encodes a Hashed Message in accordance with 7.1. The IA utilizes the DER encoded octet string as the content

49、s of an Enhanced Message, as defined in ITU-T Recommendation Q.8 14. 6.1.2 Non-Repudiation of Origin Service The direct user supplies the SM with an EDIFACT or ASC X12 ED1 message. The SM will compute a message digest utilizing the EDIFACT or ASC X12 ED1 data as input to the digest algorithm. The SM encrypts a DER encoding of the message digest according to the digital signature algorithm utilizing the private key of the sender. The SM DER encodes a Signed Message in accordance with 7.2. The IA utilizes the DER encoded octet string as the contents

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1