ImageVerifierCode 换一换
格式:PDF , 页数:28 ,大小:286.44KB ,
资源ID:804505      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-804505.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ITU-T X 1121-2004 Framework of security technologies for mobile end-to-end data communications SERIES X DATA NETWORKS AND OPEN SYSTEM COMMUNICATIONS Telecommunication security (Stu.pdf)为本站会员(medalangle361)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ITU-T X 1121-2004 Framework of security technologies for mobile end-to-end data communications SERIES X DATA NETWORKS AND OPEN SYSTEM COMMUNICATIONS Telecommunication security (Stu.pdf

1、 INTERNATIONAL TELECOMMUNICATION UNION ITU-T X.1121TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (04/2004) SERIES X: DATA NETWORKS AND OPEN SYSTEM COMMUNICATIONS Telecommunication security Framework of security technologies for mobile end-to-end data communications ITU-T Recommendation X.1121 ITU-

2、T X-SERIES RECOMMENDATIONS DATA NETWORKS AND OPEN SYSTEM COMMUNICATIONS PUBLIC DATA NETWORKS Services and facilities X.1X.19 Interfaces X.20X.49 Transmission, signalling and switching X.50X.89 Network aspects X.90X.149 Maintenance X.150X.179 Administrative arrangements X.180X.199 OPEN SYSTEMS INTERC

3、ONNECTION Model and notation X.200X.209 Service definitions X.210X.219 Connection-mode protocol specifications X.220X.229 Connectionless-mode protocol specifications X.230X.239 PICS proformas X.240X.259 Protocol Identification X.260X.269 Security Protocols X.270X.279 Layer Managed Objects X.280X.289

4、 Conformance testing X.290X.299 INTERWORKING BETWEEN NETWORKS General X.300X.349 Satellite data transmission systems X.350X.369 IP-based networks X.370X.399 MESSAGE HANDLING SYSTEMS X.400X.499 DIRECTORY X.500X.599 OSI NETWORKING AND SYSTEM ASPECTS Networking X.600X.629 Efficiency X.630X.639 Quality

5、of service X.640X.649 Naming, Addressing and Registration X.650X.679 Abstract Syntax Notation One (ASN.1) X.680X.699 OSI MANAGEMENT Systems Management framework and architecture X.700X.709 Management Communication Service and Protocol X.710X.719 Structure of Management Information X.720X.729 Managem

6、ent functions and ODMA functions X.730X.799 SECURITY X.800X.849 OSI APPLICATIONS Commitment, Concurrency and Recovery X.850X.859 Transaction processing X.860X.879 Remote operations X.880X.899 OPEN DISTRIBUTED PROCESSING X.900X.999 TELECOMMUNICATION SECURITY X.1000 For further details, please refer t

7、o the list of ITU-T Recommendations. ITU-T Rec. X.1121 (04/2004) i ITU-T Recommendation X.1121 Framework of security technologies for mobile end-to-end data communications Summary This Recommendation describes the security threats to mobile end-to-end data communications and the security requirement

8、s from the point of view of the mobile users and application service providers (ASP). In addition, this Recommendation shows where the security technologies which realize certain security function appear in the models of mobile end-to-end data communications. Source ITU-T Recommendation X.1121 was a

9、pproved on 29 April 2004 by ITU-T Study Group 17 (2001-2004) under the ITU-T Recommendation A.8 procedure. ii ITU-T Rec. X.1121 (04/2004) FOREWORD The International Telecommunication Union (ITU) is the United Nations specialized agency in the field of telecommunications. The ITU Telecommunication St

10、andardization Sector (ITU-T) is a permanent organ of ITU. ITU-T is responsible for studying technical, operating and tariff questions and issuing Recommendations on them with a view to standardizing telecommunications on a worldwide basis. The World Telecommunication Standardization Assembly (WTSA),

11、 which meets every four years, establishes the topics for study by the ITU-T study groups which, in turn, produce Recommendations on these topics. The approval of ITU-T Recommendations is covered by the procedure laid down in WTSA Resolution 1. In some areas of information technology which fall with

12、in ITU-Ts purview, the necessary standards are prepared on a collaborative basis with ISO and IEC. NOTE In this Recommendation, the expression “Administration“ is used for conciseness to indicate both a telecommunication administration and a recognized operating agency. Compliance with this Recommen

13、dation is voluntary. However, the Recommendation may contain certain mandatory provisions (to ensure e.g., interoperability or applicability) and compliance with the Recommendation is achieved when all of these mandatory provisions are met. The words “shall“ or some other obligatory language such as

14、 “must“ and the negative equivalents are used to express requirements. The use of such words does not suggest that compliance with the Recommendation is required of any party. INTELLECTUAL PROPERTY RIGHTS ITU draws attention to the possibility that the practice or implementation of this Recommendati

15、on may involve the use of a claimed Intellectual Property Right. ITU takes no position concerning the evidence, validity or applicability of claimed Intellectual Property Rights, whether asserted by ITU members or others outside of the Recommendation development process. As of the date of approval o

16、f this Recommendation, ITU had not received notice of intellectual property, protected by patents, which may be required to implement this Recommendation. However, implementors are cautioned that this may not represent the latest information and are therefore strongly urged to consult the TSB patent

17、 database. ITU 2004 All rights reserved. No part of this publication may be reproduced, by any means whatsoever, without the prior written permission of ITU. ITU-T Rec. X.1121 (04/2004) iii CONTENTS Page 1 Scope 1 2 References. 1 3 Definitions 1 3.1 OSI Reference Model security architecture definiti

18、ons . 1 3.2 Additional definitions. 2 4 Abbreviations 3 5 Overview 3 6 Models of mobile end-to-end data communications 3 6.1 General model of mobile end-to-end data communication between the mobile user and the ASP 3 6.2 Gateway model of mobile end-to-end data communication between the mobile user a

19、nd the ASP 4 7 Characteristics of mobile end-to-end data communication 4 8 Security threats to the mobile environment 5 8.1 General security threats 5 8.2 Mobile-oriented security threats. 6 8.3 Relationship of security threats to end-to-end communication models . 7 9 Security requirements for mobil

20、e end-to-end data communications 8 9.1 Security requirements from the mobile users point of view 8 9.2 Security requirements for ASPs point of view 11 9.3 Relationship between security requirements and security threats 14 10 Security functions for satisfying mobile security requirements . 15 11 Secu

21、rity technologies for mobile end-to-end data communication 18 ITU-T Rec. X.1121 (04/2004) 1 ITU-T Recommendation X.1121 Framework of security technologies for mobile end-to-end data communications 1 Scope This Recommendation provides security requirements, from the point of view of the mobile user a

22、nd the application service provider in the upper layer of the OSI Reference Model, for mobile end-to-end data communications between a mobile terminal in a mobile network and an application server in an open network. This Recommendation provides a framework of security technologies for mobile end-to

23、-end data communications. This Recommendation does not provide the details of mobile network components except for wireless network access to a mobile terminal when connected to an open network. 2 References The following ITU-T Recommendations and other references contain provisions which, through r

24、eference in this text, constitute provisions of this Recommendation. At the time of publication, the editions indicated were valid. All Recommendations and other references are subject to revision; users of this Recommendation are therefore encouraged to investigate the possibility of applying the m

25、ost recent edition of the Recommendations and other references listed below. A list of the currently valid ITU-T Recommendations is regularly published. The reference to a document within this Recommendation does not give it, as a stand-alone document, the status of a Recommendation ITU-T Recommenda

26、tion Q.1701 (1999), Framework for IMT-2000 networks. ITU-T Recommendation Q.1711 (1999), Network functional model for IMT-2000. ITU-T Recommendation Q.1761 (2004), Principles and requirements for convergence of fixed and existing IMT-2000 systems. ITU-T Recommendation X.800 (1991), Security Architec

27、ture for Open Systems Interconnection for CCITT applications. ITU-T Recommendation X.803 (1994) | ISO/IEC 10745:1995, Information technology Open Systems Interconnection Upper layers security model. ITU-T Recommendation X.810 (1995) | ISO/IEC 10181-1:1996, Information technology Open Systems Interco

28、nnection Security frameworks for open systems: Overview. 3 Definitions 3.1 OSI Reference Model security architecture definitions The following terms are defined in ITU-T Rec. X.800: a) access control; b) authentication; c) authentication information; d) authentication exchange; e) authorization; f)

29、availability; g) confidentiality; 2 ITU-T Rec. X.1121 (04/2004) h) cryptography; i) data integrity; j) data origin authentication; k) encipherment; l) integrity; m) key; n) key exchange; o) key management; p) non-repudiation; q) notarization; r) password; s) privacy. 3.2 Additional definitions This

30、Recommendation defines the following terms: 3.2.1 anonymity: Ability to allow anonymous access to services, which avoid tracking of users personal information and user behaviour such as user location, frequency of a service usage, and so on. 3.2.2 shoulder surfing: A security threat which collects i

31、nformation in busy places by watching keystroke, reading mobile terminals screen, or listening to sound from a mobile terminal. 3.2.3 mobile terminal: An entity that has wireless network access function and connects a mobile network for data communication with application servers or other mobile ter

32、minals. 3.2.4 mobile network: A network that provides wireless network access points to mobile terminals. 3.2.5 mobile user: An entity (person) that uses and operates the mobile terminal for receiving various services from application service providers. 3.2.6 application service: A service like mobi

33、le banking, mobile commerce, and so on. 3.2.7 application server: An entity that connects to an open network for data communication with mobile terminals. 3.2.8 Application Service Provider (ASP): An entity (person or group) which provides application service(s) to mobile users through an applicatio

34、n server. 3.2.9 mobile security gateway: An entity which relays data communication between a mobile terminal and an application server, changes security parameters or communication protocol from a mobile network to an open network, or vice versa, and can perform security policy management functions

35、for mobile end-to-end data communication. 3.2.10 security policy management: A function to manage or negotiate a set of rules to provide classified security services which can be implemented on the mobile security gateway or other server. ITU-T Rec. X.1121 (04/2004) 3 4 Abbreviations This Recommenda

36、tion uses the following abbreviations: ASP Application Service Provider DoS Denial of Service IMT-2000 International Mobile Telecommunications-2000 LAN Local Area Network OSI Open Systems Interconnection PC Personal Computer PDA Personal Data Assistant PIN Personal Identification Number 5 Overview M

37、obile terminals with data communication capabilities (like IMT-2000 mobile phone, laptop PC or a PDA with a radio-card) have been widely distributed and various application services (e.g., mobile commerce) for mobile terminals are provided through the mobile network. In the e-commerce application, s

38、ecurity is necessary and indispensable. There are many areas under investigation from a mobile operators point of view (e.g., security architecture on IMT-2000 mobile telephone network). However, it is also important to investigate from the mobile users point of view and the ASPs point of view. When

39、 investigating security in a mobile communication from the mobile users point of view or ASPs point of view, security for mobile end-to-end data communication between a mobile terminal and an application server is one of the most important aspects. In addition, for the mobile system that connects a

40、mobile network to an open network, security investigation in the upper layers (applications, presentation and session layers) of the OSI Reference Model is needed because there are various implementations of mobile network (for example, IMT-2000 mobile phone network, wireless LAN, Bluetooth) or open

41、 network. This Recommendation describes the security threats to mobile end-to-end data communications and the security requirements from the point of view of the mobile user and the ASP. In addition, this Recommendation shows where the security technologies which realize certain security function ap

42、pear in the models of mobile end-to-end data communications. 6 Models of mobile end-to-end data communications Before describing secure mobile technologies, models of mobile end-to-end data communication should be defined. Models of mobile end-to-end data communication clarify the relationship betwe

43、en entities in models and the points to which the secure mobile technologies should be adapted. 6.1 General model of mobile end-to-end data communication between the mobile user and the ASP A general model of mobile end-to-end data communication between a mobile user and an ASP is shown in Figure 1.

44、 4 ITU-T Rec. X.1121 (04/2004) Figure 1/X.1121 General model of mobile end-to-end data communication between a mobile user and an ASP There are six entities in this model: mobile user, mobile terminal, mobile network, open network, application server and ASP. And there are five relationships in this

45、 model, between: mobile user and mobile terminal, mobile terminal and mobile network, mobile network and open network, open network and application server, and mobile terminal and application server. 6.2 Gateway model of mobile end-to-end data communication between the mobile user and the ASP Anothe

46、r model (Gateway model) of mobile end-to-end data communication between a mobile user and an ASP is shown in Figure 2. Figure 2/X.1121 Gateway model of mobile end-to-end data communication between a mobile user and an ASP There are seven entities in this model: mobile user, mobile terminal, mobile n

47、etwork, open network, application server, ASP and mobile security gateway. And there are seven relationships in this model, between: mobile user and mobile terminal, mobile terminal and mobile network, mobile network and mobile security gateway, mobile security gateway and open network, open network

48、 and application server, mobile terminal and mobile security gateway, and mobile security gateway and application server. 7 Characteristics of mobile end-to-end data communication Mobile end-to-end data communication has various characteristics compared to general end-to-end data communication in an

49、 open network. These characteristics are listed below: Mobile communication is based on wireless communication Because mobile end-to-end data communication is based on wireless communication, it is more unstable than a wired end-to-end data communication in an open network. In addition, because a mobile user can move around during mobile end-to-end data communication, it adds further instability. Wireless communication could be based on broadcast communication between a mobile terminal and a mobile network. ITU-T Rec

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1