ImageVerifierCode 换一换
格式:PDF , 页数:68 ,大小:1.68MB ,
资源ID:806463      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-806463.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ITU-T Y 2771-2014 Framework for deep packet inspection (Study Group 13)《深度数据包检查框架》.pdf)为本站会员(towelfact221)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ITU-T Y 2771-2014 Framework for deep packet inspection (Study Group 13)《深度数据包检查框架》.pdf

1、 International Telecommunication Union ITU-T Y.2771TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (07/2014) SERIES Y: GLOBAL INFORMATION INFRASTRUCTURE, INTERNET PROTOCOL ASPECTS AND NEXT-GENERATION NETWORKS Next Generation Networks Security Framework for deep packet inspection Recommendation ITU-T

2、 Y.2771 ITU-T Y-SERIES RECOMMENDATIONS GLOBAL INFORMATION INFRASTRUCTURE, INTERNET PROTOCOL ASPECTS AND NEXT-GENERATION NETWORKS GLOBAL INFORMATION INFRASTRUCTURE General Y.100Y.199 Services, applications and middleware Y.200Y.299 Network aspects Y.300Y.399 Interfaces and protocols Y.400Y.499 Number

3、ing, addressing and naming Y.500Y.599 Operation, administration and maintenance Y.600Y.699 Security Y.700Y.799 Performances Y.800Y.899 INTERNET PROTOCOL ASPECTS General Y.1000Y.1099 Services and applications Y.1100Y.1199 Architecture, access, network capabilities and resource management Y.1200Y.1299

4、 Transport Y.1300Y.1399 Interworking Y.1400Y.1499 Quality of service and network performance Y.1500Y.1599 Signalling Y.1600Y.1699 Operation, administration and maintenance Y.1700Y.1799 Charging Y.1800Y.1899 IPTV over NGN Y.1900Y.1999 NEXT GENERATION NETWORKS Frameworks and functional architecture mo

5、dels Y.2000Y.2099 Quality of Service and performance Y.2100Y.2199 Service aspects: Service capabilities and service architecture Y.2200Y.2249 Service aspects: Interoperability of services and networks in NGN Y.2250Y.2299 Enhancements to NGN Y.2300Y.2399 Network management Y.2400Y.2499 Network contro

6、l architectures and protocols Y.2500Y.2599 Packet-based Networks Y.2600Y.2699 Security Y.2700Y.2799Generalized mobility Y.2800Y.2899 Carrier grade open environment Y.2900Y.2999 FUTURE NETWORKS Y.3000Y.3499 CLOUD COMPUTING Y.3500Y.3999 For further details, please refer to the list of ITU-T Recommenda

7、tions. Rec. ITU-T Y.2771 (07/2014) i Recommendation ITU-T Y.2771 Framework for deep packet inspection Summary Recommendation ITU-T Y.2771 provides a framework for deep packet inspection (DPI). The primary purpose of this framework is to describe a structured approach for designing, defining and impl

8、ementing DPI solutions in support of service/application awareness for facilitating interoperability in the evolving networks. It serves to identify and assist in understanding the network issues, from primarily an architectural viewpoint. This Recommendation also provides DPI framework aspects from

9、 modelling and performance. The purpose of such frameworks is especially to outline possible relationships between a DPI function and other network functions, to assist in identifying requirements for DPI functions (which would be the subject of other ITU-T Recommendations like, e.g., Recommendation

10、 ITU-T Y.2770) and to help for terminology work (e.g., when a definition would be related to a functional model). History Edition Recommendation Approval Study Group Unique ID*1.0 ITU-T Y.2771 2014-07-18 13 11.1002/1000/12178 _ *To access the Recommendation, type the URL http:/handle.itu.int/ in the

11、 address field of your web browser, followed by the Recommendations unique ID. For example, http:/handle.itu.int/11.1002/1000/11830-en. ii Rec. ITU-T Y.2771 (07/2014) FOREWORD The International Telecommunication Union (ITU) is the United Nations specialized agency in the field of telecommunications,

12、 information and communication technologies (ICTs). The ITU Telecommunication Standardization Sector (ITU-T) is a permanent organ of ITU. ITU-T is responsible for studying technical, operating and tariff questions and issuing Recommendations on them with a view to standardizing telecommunications on

13、 a worldwide basis. The World Telecommunication Standardization Assembly (WTSA), which meets every four years, establishes the topics for study by the ITU-T study groups which, in turn, produce Recommendations on these topics. The approval of ITU-T Recommendations is covered by the procedure laid do

14、wn in WTSA Resolution 1. In some areas of information technology which fall within ITU-Ts purview, the necessary standards are prepared on a collaborative basis with ISO and IEC. NOTE In this Recommendation, the expression “Administration“ is used for conciseness to indicate both a telecommunication

15、 administration and a recognized operating agency. Compliance with this Recommendation is voluntary. However, the Recommendation may contain certain mandatory provisions (to ensure, e.g., interoperability or applicability) and compliance with the Recommendation is achieved when all of these mandator

16、y provisions are met. The words “shall“ or some other obligatory language such as “must“ and the negative equivalents are used to express requirements. The use of such words does not suggest that compliance with the Recommendation is required of any party. INTELLECTUAL PROPERTY RIGHTS ITU draws atte

17、ntion to the possibility that the practice or implementation of this Recommendation may involve the use of a claimed Intellectual Property Right. ITU takes no position concerning the evidence, validity or applicability of claimed Intellectual Property Rights, whether asserted by ITU members or other

18、s outside of the Recommendation development process. As of the date of approval of this Recommendation, ITU had not received notice of intellectual property, protected by patents, which may be required to implement this Recommendation. However, implementers are cautioned that this may not represent

19、the latest information and are therefore strongly urged to consult the TSB patent database at http:/www.itu.int/ITU-T/ipr/. ITU 2014 All rights reserved. No part of this publication may be reproduced, by any means whatsoever, without the prior written permission of ITU. Rec. ITU-T Y.2771 (07/2014) i

20、ii Table of Contents Page 1 Scope 1 2 References. 1 3 Definitions 2 3.1 Terms defined elsewhere 2 3.2 Terms defined in this Recommendation . 3 4 Abbreviations and acronyms 4 4.1 General abbreviations and acronyms 4 4.2 Mathematical symbols 6 5 Conventions 6 6 Architectural framework . 7 6.1 Network

21、architecture framework High-level network scenarios . 7 6.2 Protocol architectural framework Packet inspection level for some example network applications 8 7 Modelling framework . 16 7.1 Functional models 16 7.2 Information and data models 30 7.3 Traffic models 31 7.4 Identification of possible DPI

22、-FE subcomponents . 37 7.5 Fault tolerance models 38 8 Performance framework . 43 8.1 Purpose and scope of performance considerations . 43 8.2 Performance metrics . 44 8.3 Performance of policy enforcement points, estimation of qualitative performance behaviour . 52 9 Categorization of DPI functiona

23、l entities . 55 9.1 Categorization principles 55 9.2 Capabilities in terms of conditions processing . 55 9.3 Capabilities in terms of actions processing 55 9.4 DPI-FE types 55 10 Security considerations . 56 Appendix I Example functional architecture of probabilistic DPI based on the bloom filter 57

24、 I.1 Introduction 57 I.2 Functional model of bloom filter based probabilistic DPI . 58 Bibliography. 59 Rec. ITU-T Y.2771 (07/2014) 1 Recommendation ITU-T Y.2771 Framework for deep packet inspection 1 Scope This Recommendation provides a framework for deep packet inspection (DPI) in packet-based net

25、works. The primary purpose of this Recommendation is to describe the fundamental concepts, functional components and capabilities of DPI that can be used to identify information flows in packet-based networks by DPI entities, to support the specification of DPI requirements and to guide structured s

26、olutions for packet-based networks (such as NGNs). This Recommendation provides high-level system information with regard to some fundamental concepts as typically relevant when realizing DPI entities. However, it is not expected to present all-inclusive detailed specifications for the DPI. Rather,

27、this Recommendation provides an high-level information (i.e., a framework) and is intended to be used as background material for use by ITU Study Groups and other expert groups outside the ITU, e.g., as input for their development of detailed standards for DPI functionalities. The scope of this Reco

28、mmendation includes: a) basic architectural principles that will be encountered in combining DPI in various network architectures; b) protocol architectural aspects from the perspective of DPI; c) example functional models and their application to DPI use case scenarios; and d) performance framework

29、s in order to assist in DPI performance discussions like the identification of key performance indicators related to DPI. Implementers and users of this ITU-T Recommendation shall comply with all applicable national and regional laws, regulations and policies. The mechanism described in this Recomme

30、ndation may not be applicable to international correspondence in order to ensure the secrecy and sovereign national legal requirements placed upon telecommunications providers, as well as the ITU Constitution and Convention. 2 References The following ITU-T Recommendations and other references conta

31、in provisions which, through reference in this text, constitute provisions of this Recommendation. At the time of publication, the editions indicated were valid. All Recommendations and other references are subject to revision; users of this Recommendation are therefore encouraged to investigate the

32、 possibility of applying the most recent edition of the Recommendations and other references listed below. A list of the currently valid ITU-T Recommendations is regularly published. The reference to a document within this Recommendation does not give it, as a stand-alone document, the status of a R

33、ecommendation. ITU-T E.800 Recommendation ITU-T E.800 (2008), Definitions of terms related to quality of service. ITU-T G.602 Recommendation ITU-T G.602 (1988), Reliability and availability of analogue cable transmission systems and associated equipments. ITU-T H.248.86 Recommendation ITU-T H.248.86

34、 (2014), Gateway control protocol: H.248 Support for deep packet inspection. ITU-T X.200 Recommendation ITU-T X.200 (1994), Information technology Open Systems Interconnection Basic Reference Model: The basic model. 2 Rec. ITU-T Y.2771 (07/2014) ITU-T X.731 Recommendation ITU-T X.731 (1992), Informa

35、tion technology Open Systems Interconnection Systems management: State management function. ITU-T Y.2704 Recommendation ITU-T Y.2704 (2010), Security mechanisms and procedures for NGN. ITU-T Y.2770 Recommendation ITU-T Y.2770 (2012), Requirements for deep packet inspection in next generation network

36、s. ETSI TS 132 410 ETSI TS 132 410 (2012), Digital cellular telecommunications system (Phase 2+); Universal Mobile Telecommunications System (UMTS); LTE; Telecommunication management; Key Performance Indicators (KPI) for UMTS and GSM (3GPP TS 32.410 version 11.0.0 Release 11. IETF RFC 791 IETF RFC 7

37、91 (1981), Internet Protocol DARPA Internet Program Protocol Specification. IETF RFC 2460 IETF RFC 2460 (1998), Internet Protocol, Version 6 (IPv6) Specification. IETF RFC 5101 IETF RFC 5101 (2008), Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow

38、Information. 3 Definitions 3.1 Terms defined elsewhere This Recommendation uses the following terms defined elsewhere: 3.1.1 application ITU-T Y.2770: A designation of one of the following: An application protocol type (e.g., IP application protocols ITU-T H.264 video, or session initiation protocol

39、 (SIP); A served user instance (e.g., VoIP, VoLTE, VoIMS, VoNGN, and VoP2P) of an application type, e.g., “voice-over-Packet application“; A “provider specific application“ for voice-over-Packet, (e.g., 3GPP provider VoIP, Skype VoIP); and an application embedded in another application (e.g., applic

40、ation content in a body element of a SIP or an HTTP message). An application is identifiable by a particular identifier (e.g., via a bit field, pattern, signature, or regular expression as “application level conditions“, see also clause 3.2.2 of ITU-T Y.2770), as a common characteristic of all the a

41、bove listed levels of applications. 3.1.2 availability ITU-T E.800: Availability of an item to be in a state to perform a required function at a given instant of time or at any instant of time within a given time interval, assuming that the external resources, if required, are provided. 3.1.3 applic

42、ation-descriptor (also known as application-level conditions) ITU-T Y.2770: A set of rule conditions that identify the application (according to clause 3.2.1 of ITU-T Y.2770). This Recommendation addresses the application descriptor as an object in general, which is synonymous with application-level

43、 conditions. It does not deal with its detailed structure, e.g., syntax, encoding and data type. 3.1.4 deep packet inspection (DPI) ITU-T Y.2770: Analysis, according to the layered protocol architecture OSI-BRM ITU-T X.200, of: payload and/or packet properties (see list of potential properties in cl

44、ause 3.2.11 of ITU-T Y.2770) deeper than protocol layer 2, 3 or 4 (L2/L3/L4) header information, and other packet properties Rec. ITU-T Y.2771 (07/2014) 3 in order to identify the application unambiguously. NOTE The output of the DPI function, along with some extra information such as the flow infor

45、mation is typically used in subsequent functions such as reporting or actions on the packet. 3.1.5 DPI engine ITU-T Y.2770: A subcomponent and central part of the DPI functional entity which performs all packet path processing functions (e.g., packet identification and other packet processing functi

46、ons in Figure 6-1 of ITU-T Y.2770). 3.1.6 DPI policy condition (also known as DPI signature) ITU-T Y.2770: A representation of the necessary state and/or prerequisites that identify an application and define whether a policy rules actions should be performed. The set of DPI policy conditions associa

47、ted with a policy rule specifies when the policy rule is applicable (see also b-IETF RFC 3198). A DPI policy condition must contain application level conditions and may contain other options such as state conditions and/or flow level conditions: 1) State condition (optional): a) network grade of ser

48、vice conditions (e.g., experienced congestion in packet paths); or b) network element status (e.g., local overload condition of the DPI-FE). 2) Flow descriptor/Flow level conditions (optional): a) packet content (header fields); b) characteristics of a packet (e.g., number# of MPLS labels); c) packe

49、t treatment (e.g., output interface of the DPI-FE). 3) Application descriptor/application level conditions: a) Packet content (application header fields and application payload). NOTE The condition relates to the “simple condition“ in the formal descriptions of flow level conditions and application level conditions. 3.1.7 DPI policy decision functional entity (DPI-PDFE) ITU-T Y.2770: The function remote to the DPI-FE that decides the signat

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1