ITU-T X 1581-2012 Transport of real-time inter-network defence messages (Study Group 17)《实时网络间防御信息传输 17号研究组》.pdf

1、 International Telecommunication Union ITU-T X.1581TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (09/2012) SERIES X: DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY Cybersecurity information exchange Assured exchange Transport of real-time inter-network defence messages Recommendation ITU-T

2、 X.1581 ITU-T X-SERIES RECOMMENDATIONS DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY PUBLIC DATA NETWORKS X.1X.199 OPEN SYSTEMS INTERCONNECTION X.200X.299 INTERWORKING BETWEEN NETWORKS X.300X.399 MESSAGE HANDLING SYSTEMS X.400X.499 DIRECTORY X.500X.599 OSI NETWORKING AND SYSTEM ASPECTS X.60

3、0X.699 OSI MANAGEMENT X.700X.799 SECURITY X.800X.849 OSI APPLICATIONS X.850X.899 OPEN DISTRIBUTED PROCESSING X.900X.999 INFORMATION AND NETWORK SECURITY General security aspects X.1000X.1029 Network security X.1030X.1049 Security management X.1050X.1069 Telebiometrics X.1080X.1099 SECURE APPLICATION

4、S AND SERVICES Multicast security X.1100X.1109 Home network security X.1110X.1119 Mobile security X.1120X.1139 Web security X.1140X.1149 Security protocols X.1150X.1159 Peer-to-peer security X.1160X.1169 Networked ID security X.1170X.1179 IPTV security X.1180X.1199 CYBERSPACE SECURITY Cybersecurity

5、X.1200X.1229 Countering spam X.1230X.1249 Identity management X.1250X.1279 SECURE APPLICATIONS AND SERVICES Emergency communications X.1300X.1309 Ubiquitous sensor network security X.1310X.1339 CYBERSECURITY INFORMATION EXCHANGE Overview of cybersecurity X.1500X.1519 Vulnerability/state exchange X.1

6、520X.1539 Event/incident/heuristics exchange X.1540X.1549 Exchange of policies X.1550X.1559 Heuristics and information request X.1560X.1569 Identification and discovery X.1570X.1579 Assured exchange X.1580X.1589For further details, please refer to the list of ITU-T Recommendations. Rec. ITU-T X.1581

7、 (09/2012) i Recommendation ITU-T X.1581 Transport of real-time inter-network defence messages Summary Recommendation ITU-T X.1581 specifies a transport protocol for real-time inter-network defence (RID) based upon the passing of RID messages over hypertext transfer protocol/transport layer security

8、 (HTTP/TLS). This is achieved by listing the relevant clauses of IETF RFC 6546 and showing whether they are normative or informative. History Edition Recommendation Approval Study Group 1.0 ITU-T X.1581 2012-09-07 17 ii Rec. ITU-T X.1581 (09/2012) FOREWORD The International Telecommunication Union (

9、ITU) is the United Nations specialized agency in the field of telecommunications, information and communication technologies (ICTs). The ITU Telecommunication Standardization Sector (ITU-T) is a permanent organ of ITU. ITU-T is responsible for studying technical, operating and tariff questions and i

10、ssuing Recommendations on them with a view to standardizing telecommunications on a worldwide basis. The World Telecommunication Standardization Assembly (WTSA), which meets every four years, establishes the topics for study by the ITU-T study groups which, in turn, produce Recommendations on these

11、topics. The approval of ITU-T Recommendations is covered by the procedure laid down in WTSA Resolution 1. In some areas of information technology which fall within ITU-Ts purview, the necessary standards are prepared on a collaborative basis with ISO and IEC. NOTE In this Recommendation, the express

12、ion “Administration“ is used for conciseness to indicate both a telecommunication administration and a recognized operating agency. Compliance with this Recommendation is voluntary. However, the Recommendation may contain certain mandatory provisions (to ensure, e.g., interoperability or applicabili

13、ty) and compliance with the Recommendation is achieved when all of these mandatory provisions are met. The words “shall“ or some other obligatory language such as “must“ and the negative equivalents are used to express requirements. The use of such words does not suggest that compliance with the Rec

14、ommendation is required of any party. INTELLECTUAL PROPERTY RIGHTS ITU draws attention to the possibility that the practice or implementation of this Recommendation may involve the use of a claimed Intellectual Property Right. ITU takes no position concerning the evidence, validity or applicability

15、of claimed Intellectual Property Rights, whether asserted by ITU members or others outside of the Recommendation development process. As of the date of approval of this Recommendation, ITU had not received notice of intellectual property, protected by patents, which may be required to implement this

16、 Recommendation. However, implementers are cautioned that this may not represent the latest information and are therefore strongly urged to consult the TSB patent database at http:/www.itu.int/ITU-T/ipr/. ITU 2012 All rights reserved. No part of this publication may be reproduced, by any means whats

17、oever, without the prior written permission of ITU. Rec. ITU-T X.1581 (09/2012) iii Table of Contents Page 1 Scope 1 2 References. 1 3 Definitions 1 3.1 Terms defined elsewhere 1 3.2 Terms defined in this Recommendation . 1 4 Abbreviations and acronyms 1 5 Conventions 2 6 Transport of real-time inte

18、r-network defence . 2 6.1 Introduction 2 6.2 Terminology . 2 6.3 Transmission of RID messages over HTTP/TLS . 2 6.4 Security considerations . 2 6.5 IANA considerations 2 6.6 Acknowledgements 2 6.7 References 2 Bibliography. 3 iv Rec. ITU-T X.1581 (09/2012) Introduction Recommendation ITU-T X.1500, O

19、verview of cybersecurity information exchange, provides guidance for the exchange of cybersecurity information including that for incidents and indicators as provided through this Recommendation. The incident object description exchange format (IODEF) defines a common extensible markup language (XML

20、) data model representation for computer security incident information exchange, and real-time inter-network defence (RID) provides a secure communication method for IODEF documents intended for the cooperative handling of security incidents between interested parties. This Recommendation specifies

21、a transport protocol for RID based upon the exchange of RID messages over hypertext transfer protocol/transport layer security (HTTP/TLS). Clause 6 specifies a method for the transport of real-time inter-network defence (RID) messages. Rec. ITU-T X.1581 (09/2012) 1 Recommendation ITU-T X.1581 Transp

22、ort of real-time inter-network defence messages 1 Scope This Recommendation specifies a transport protocol for the exchange of real-time inter-network defence (RID) messages over hypertext transfer protocol/transport layer security (HTTP/TLS). Implementations enabling the exchange of incident inform

23、ation must provide the capabilities to comply with all applicable national and regional laws, regulations and policies. Implementers and users of all ITU-T Recommendations, including this Recommendation and the underlying techniques, shall comply with all applicable national and regional laws, regul

24、ations and policies. 2 References The following ITU-T Recommendations and other references contain provisions which, through reference in this text, constitute provisions of this Recommendation. At the time of publication, the editions indicated were valid. All Recommendations and other references a

25、re subject to revision; users of this Recommendation are therefore encouraged to investigate the possibility of applying the most recent edition of the Recommendations and other references listed below. A list of the currently valid ITU-T Recommendations is regularly published. The reference to a do

26、cument within this Recommendation does not give it, as a stand-alone document, the status of a Recommendation. IETF RFC 6546 IETF RFC 6546 (2012), Transport of Real-time Inter-network Defense (RID) Messages over HTTP/TLS. 3 Definitions 3.1 Terms defined elsewhere None. 3.2 Terms defined in this Reco

27、mmendation None. 4 Abbreviations and acronyms This Recommendation uses the following abbreviations and acronyms: HTTP Hypertext Transfer Protocol IANA Internet Assigned Numbers Authority RID Real-time Inter-network Defence TLS Transport Layer Security XML eXtensible Markup Language 2 Rec. ITU-T X.15

28、81 (09/2012) 5 Conventions The following terms are considered equivalent: In ITU use of the word shall and must and their negatives are considered equivalent. In ITU use of the word shall is equivalent to the IETF use of the word MUST. In ITU use of the phrase shall not is equivalent to the IETF use

29、 of the term MUST NOT. NOTE In the IETF use of the words shall and must (in lower case) are used for informative text. 6 Transport of real-time inter-network defence This clause defines transport of real-time inter-network defence (RID) messaging as specified in IETF RFC 6546. This clause provides d

30、irect references to IETF RFC 6546 through alignment of the clauses with the section numbers such that clause 6.x aligns with IETF RFC 6546 section x with matching titles. 6.1 Introduction IETF RFC 6546 section 1 is informative. 6.1.1 Changes from RFC 6046 IETF RFC 6546 section 1 is informative. 6.2

31、Terminology IETF RFC 6546 section 2 is normative. 6.3 Transmission of RID messages over HTTP/TLS IETF RFC 6546 section 3 is normative. 6.4 Security considerations IETF RFC 6546 section 4 is normative. 6.5 IANA considerations IETF RFC 6546 section 5 is normative. 6.6 Acknowledgements IETF RFC 6546 se

32、ction 6 is informative. 6.7 References 6.7.1 Normative references IETF RFC 6546 section 7.1 is informative. This Recommendation has identified IETF RFC 6546 section 7.1 as being informative because the ITU-T did not develop a position on any of these references with respect to this Recommendation. H

33、owever, it is recognized that the IETF has identified a set of normative references for IETF RFC 6546. 6.7.2 Informative references IETF RFC 6546 section 7.2 is informative. Rec. ITU-T X.1581 (09/2012) 3 Bibliography b-ITU-T X.1500 Recommendation ITU-T X.1500 (2011), Overview of cybersecurity inform

34、ation exchange. b-ITU-T X.1541 Recommendation ITU-T X.1541 (2012), Incident object description exchange format. b-ITU-T X.1580 Recommendation ITU-T X.1580 (2012), Real-time inter-network defence. Printed in Switzerland Geneva, 2012 SERIES OF ITU-T RECOMMENDATIONS Series A Organization of the work of

35、 ITU-T Series D General tariff principles Series E Overall network operation, telephone service, service operation and human factors Series F Non-telephone telecommunication services Series G Transmission systems and media, digital systems and networks Series H Audiovisual and multimedia systems Ser

36、ies I Integrated services digital network Series J Cable networks and transmission of television, sound programme and other multimedia signals Series K Protection against interference Series L Construction, installation and protection of cables and other elements of outside plant Series M Telecommun

37、ication management, including TMN and network maintenance Series N Maintenance: international sound programme and television transmission circuits Series O Specifications of measuring equipment Series P Terminals and subjective and objective assessment methods Series Q Switching and signalling Serie

38、s R Telegraph transmission Series S Telegraph services terminal equipment Series T Terminals for telematic services Series U Telegraph switching Series V Data communication over the telephone network Series X Data networks, open system communications and security Series Y Global information infrastructure, Internet protocol aspects and next-generation networks Series Z Languages and general software aspects for telecommunication systems