1、INCITS/ISO/IEC 18028-5:20062008(ISO/IEC 18028-5:2006, IDT) Information technology Security techniques IT networksecurity Part 5: Securingcommunications across networks usingvirtual private networksINCITS/ISO/IEC 18028-5:20062008(ISO/IEC 18028-5:2006, IDT)INCITS/ISO/IEC 18028-5:20062008 ii ITIC 2008
2、All rights reserved PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In dow
3、nloading this file, parties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in th
4、e General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address
5、 given below. Adopted by INCITS (InterNational Committee for Information Technology Standards) as an American National Standard. Date of ANSI Approval: 7/1/2008 Published by American National Standards Institute, 25 West 43rd Street, New York, New York 10036 Copyright 2008 by Information Technology
6、Industry Council (ITI). All rights reserved. These materials are subject to copyright claims of International Standardization Organization (ISO), International Electrotechnical Commission (IEC), American National Standards Institute (ANSI), and Information Technology Industry Council (ITI). Not for
7、resale. No part of this publication may be reproduced in any form, including an electronic retrieval system, without the prior written permission of ITI. All requests pertaining to this standard should be submitted to ITI, 1250 Eye Street NW, Washington, DC 20005. Printed in the United States of Ame
8、rica INCITS/ISO/IEC 18028-5:20062008 ITIC 2008 All rights reserved iii Contents Page Foreword iv Introduction .v 1 Scope 1 2 Normative references .1 3 Terms and definitions 2 3.1 Terms defined in other International Standards .2 3.2 Terms defined in this part of ISO/IEC 18028 .2 4 Abbreviated terms
9、3 5 Overview of VPNs .3 5.1 Introduction 3 5.2 Types of VPN 4 5.3 VPN techniques 5 5.4 Security aspects .6 6 VPN security objectives .7 7 VPN security requirements 7 7.1 Confidentiality 8 7.2 Integrity .8 7.3 Authentication 8 7.4 Authorization 8 7.5 Availability 8 7.6 Tunnel Endpoints .8 8 Guideline
10、s for the selection of secure VPNs 9 8.1 Regulatory and legislative aspects9 8.2 VPN management aspects .9 8.3 VPN architectural aspects 9 9 Guidelines for the implementation of secure VPNs 12 9.1 VPN management considerations . 12 9.2 VPN technical considerations 12 Annex A (informative) Technologi
11、es and protocols used to implement VPNs . 15 A.1 Introduction 15 A.2 Layer 2 VPNs 15 A.3 Layer 3 VPNs 17 A.4 Higher Layer VPNs . 17 A.5 Comparison of typical VPN protocol security features 19 Bibliography 20 INCITS/ISO/IEC 18028-5:20062008 iv ITIC 2008 All rights reserved Foreword ISO (the Internati
12、onal Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established
13、by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field
14、of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft In
15、ternational Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote. Attention is drawn to the possibility that some of the elements of this docu
16、ment may be the subject of patent rights. ISO and IEC should not be held responsible for identifying any or all such patent rights. ISO/IEC 18028-5 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 27, IT Security techniques. ISO/IEC 18028 consists of t
17、he following parts, under the general title Information technology Security techniques IT network security: Part 1: Network security management Part 2: Network security architecture Part 3: Securing communications between networks using security gateways Part 4: Securing remote access Part 5: Securi
18、ng communications across networks using virtual private networks INCITS/ISO/IEC 18028-5:20062008 ITIC 2008 All rights reserved v Introduction The telecommunications and information technology industries are seeking cost-effective comprehensive security solutions. A secure network should be protected
19、 against malicious and inadvertent attacks, and should meet the business requirements for confidentiality, integrity, availability, non-repudiation, accountability, authenticity and reliability of information and services. Securing a network is also essential for maintaining the accuracy of billing
20、or usage information as appropriate. Security capabilities in products are crucial to overall network security (including applications and services). However, as more products are combined to provide total solutions, the interoperability, or the lack thereof, will define the success of the solution.
21、 Security must not only be a thread of concern for each product or service, but must be developed in a manner that promotes the interweaving of security capabilities in the overall end-to-end security solution. Thus, the purpose of ISO/IEC 18028 is to provide detailed guidance on the security aspect
22、s of the management, operation and use of information system networks, and their inter-connections. Those individuals within an organization that are responsible for information security in general, and network security in particular, should be able to adapt the material in ISO/IEC 18028 to meet the
23、ir specific requirements. Its main objectives are as follows: in ISO/IEC 18028-1, to define and describe the concepts associated with, and provide management guidance on, network security including on how to identify and analyze the communications related factors to be taken into account to establis
24、h network security requirements, with an introduction to the possible control areas and the specific technical areas (dealt with in subsequent parts of ISO/IEC 18028); in ISO/IEC 18028-2, to define a standard security architecture, which describes a consistent framework to support the planning, desi
25、gn and implementation of network security; in ISO/IEC 18028-3, to define techniques for securing information flows between networks using security gateways; in ISO/IEC 18028-4, to define techniques for securing remote access; in ISO/IEC 18028-5, to define techniques for securing inter-network connec
26、tions that are established using virtual private networks (VPNs). ISO/IEC 18028-1 is relevant to anyone involved in owning, operating or using a network. This includes senior managers and other non-technical managers or users, in addition to managers and administrators who have specific responsibili
27、ties for information security and/or network security, network operation, or who are responsible for an organizations overall security program and security policy development. ISO/IEC 18028-2 is relevant to all personnel who are involved in the planning, design and implementation of the architectura
28、l aspects of network security (for example network managers, administrators, engineers, and network security officers). ISO/IEC 18028-3 is relevant to all personnel who are involved in the detailed planning, design and implementation of security gateways (for example network managers, administrators
29、, engineers and network security officers). ISO/IEC 18028-4 is relevant to all personnel who are involved in the detailed planning, design and implementation of remote access security (for example network managers, administrators, engineers, and network security officers). ISO/IEC 18028-5 is relevan
30、t to all personnel who are involved in the detailed planning, design and implementation of VPN security (for example network managers, administrators, engineers, and network security officers). AMERICAN NATIONAL STANDARD INCITS/ISO/IEC 18028-5:20062008 ITIC 2008 All rights reserved 1 Information tec
31、hnology Security techniques IT network security Part 5: Securing communications across networks using virtual private networks 1 Scope This part of ISO/IEC 18028 provides detailed direction with respect to the security aspects of using Virtual Private Network (VPN) connections to inter-connect netwo
32、rks, and also to connect remote users to networks. It builds upon the network management direction provided in ISO/IEC 18028-1. It is aimed at those individuals responsible for the selection and implementation of the technical controls necessary to provide network security when using VPN connections
33、, and for the subsequent network monitoring of VPN security thereafter. This part of ISO/IEC 18028 provides an overview of VPNs, presents VPN security objectives, and summarizes VPN security requirements. It gives guidance on the selection of secure VPNs, on the implementation of secure VPNs, and on
34、 the network monitoring of VPN security. It also provides information on typical technologies and protocols used by VPNs. 2 Normative references The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undate
35、d references, the latest edition of the referenced document (including any amendments) applies. ISO/IEC 7498 (all parts), Information technology Open Systems Interconnection Basic Reference Model ISO/IEC 13335-1:2004, Information technology Security techniques Management of information and communica
36、tions technology security Part 1: Concepts and models for information and communications technology security management ISO/IEC 17799:2005, Information technology Security techniques Code of practice for information security management ISO/IEC 18028-1:2006, Information technology Security techniques
37、 IT network security Part 1: Network security management ISO/IEC 18028-2:2006, Information technology Security techniques IT network security Part 2: Network security architecture ISO/IEC 18028-3:2005, Information technology Security techniques IT network security Part 3: Securing communications bet
38、ween networks using security gateways INCITS/ISO/IEC 18028-5:20062008 2 ITIC 2008 All rights reserved ISO/IEC 18028-4:2005, Information technology Security techniques IT network security Part 4: Securing remote access 3 Terms and definitions 3.1 Terms defined in other International Standards For the
39、 purposes of this document, the terms and definitions given in ISO/IEC 7498 (all parts) and ISO/IEC 18028-1 apply, as do the following terms defined in ISO/IEC 13335-1: accountability, asset, authenticity, availability, baseline controls, confidentiality, data integrity, impact, integrity, security
40、policy, non-repudiation, reliability, risk, risk analysis, risk management, safeguard, threat, and vulnerability. 3.2 Terms defined in this part of ISO/IEC 18028 For the purposes of this document, the following terms and definitions apply. 3.2.1 layer 2 switching technology that uses internal switch
41、ing mechanisms to establish and control connections between devices using layer 2 protocols NOTE It is typically used to simulate a LAN environment to upper layer protocols. 3.2.2 layer 2 VPN virtual private network used to provide a simulated LAN environment over a network infrastructure NOTE Sites
42、 linked by a layer 2 VPN can operate as though they are on the same LAN. 3.2.3 layer 3 switching technology that uses internal switching mechanisms in combination with standard routing mechanisms, or which employs MPLS techniques, in order to establish and control connections between networks 3.2.4
43、layer 3 VPN virtual private network used to provide a simulated WAN environment over a network infrastructure NOTE Sites linked by a layer 3 VPN can operate as though they are on a private WAN. 3.2.5 private restricted to members of an authorized group: in the context of VPNs, it refers to the traff
44、ic flowing in a VPN connection 3.2.6 private network network that is subject to access controls which are intended to restrict use to members of an authorized group 3.2.7 protocol encapsulation enveloping one data flow inside another by transporting protocol data units wrapped inside another protoco
45、l NOTE This is one method which can be used to establish tunnels in VPN technology. INCITS/ISO/IEC 18028-5:20062008 ITIC 2008 All rights reserved 3 3.2.8 virtual circuit data path between network devices established using a packet or cell switching technology such as X.25, ATM or Frame Relay 4 Abbre
46、viated terms For the purposes of this document, the abbreviated terms given in ISO/IEC 18028-1 and the following apply. AH Authentication Header ESP Encapsulating Security Payload IKE Internet Key Exchange IPX Internetwork Packet Exchange ISAKMP Internet Security Association and Key Management Proto
47、col L2F Layer Two Forwarding (Protocol) L2TP Layer 2 Tunneling Protocol LDP Label Distribution Protocol MPPE Microsoft Point-to-Point Encryption NAS Network Area Storage NCP Point-to-Point Protocol PPP Point-to-Point Protocol PPTP Point-to-Point Tunneling Protocol SSL Secure Sockets Layer VPLS Virtu
48、al Private LAN Service VPWS Virtual Private Wire Service 5 Overview of VPNs 5.1 Introduction VPNs have developed rapidly as a means of inter-connecting networks, and as a method of connecting remote users to networks. A VPN is an example of a type of technology that can implement the Communication F
49、low Security Dimension described in ISO/IEC 18028-2, the security for which is considered as part of the Services Security Layer (as defined in ISO/IEC 18028-2). There exists a broad range of definitions for VPNs. In their simplest form, they provide a mechanism for establishing a secure data channel or channels over an existing network or point-to-point connection. They are assigned to the exclusive use of a restricted user group, and can be established and removed dynam
