1、Information technology Multimedia framework (MPEG-21) Part 15: Event Reporting AMENDMENT 1: Security in Event ReportingAmendment 1:2009 (IDT) toNational Standard of CanadaCAN/CSA-ISO/IEC 21000-15-07(ISO/IEC 21000-15:2006, IDT)NOT FOR RESALE.PUBLICATION NON DESTINE LA REVENTE.CSA Standards Update Ser
2、viceAmendment 1:2009 toCAN/CSA-ISO/IEC 21000-15-07October 2009Title: Information technology Multimedia framework (MPEG-21) Part 15: Event Reporting AMENDMENT 1: Security in Event ReportingPagination: 20 pages (iii preliminary and 17 text)To register for e-mail notification about any updates to this
3、publicationgo to www.ShopCSA.caclick on E-mail Services under MY ACCOUNTclick on CSA Standards Update ServiceThe List ID that you will need to register for updates to this publication is 2418701.If you require assistance, please e-mail techsupportcsa.ca or call 416-747-2233.Visit CSAs policy on priv
4、acy at www.csagroup.org/legal to find out how we protect your personal information.Reference numberISO/IEC 21000-15:2006/Amd.1:2008(E)ISO/IEC 2008INTERNATIONAL STANDARD ISO/IEC21000-15First edition2006-07-15AMENDMENT 12008-10-01Information technology Multimedia framework (MPEG-21) Part 15: Event Rep
5、orting AMENDMENT 1: Security in Event ReportingTechnologies de linformation Cadre multimdia (MPEG-21) Partie 15: Rapport dvnement AMENDEMENT 1: Scurit lors du rapport dvnement ISO/IEC 21000-15:2006/Amd.1:2008(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobes l
6、icensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobes licensing policy. The
7、 ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has
8、 been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below. COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2008 All rights reserved. Unless otherwise specified, no
9、part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case postal
10、e 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org ii ISO/IEC 2008 All rights reservedAmendment 1:2009 toCAN/CSA-ISO/IEC 21000-15-07ISO/IEC 21000-15:2006/Amd.1:2008(E) ISO/IEC 2008 All rights reserved iiiForeword ISO (the International Organiz
11、ation for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respe
12、ctive organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of informati
13、on technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft International
14、Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be
15、the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. Amendment 1 to ISO/IEC 21000-15:2006 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 29, Coding of audio, picture, multimedia and hy
16、permedia information. Amendment 1:2009 toCAN/CSA-ISO/IEC 21000-15-07ISO/IEC 21000-15:2006/Amd.1:2008(E) ISO/IEC 2008 All rights reserved 1Information technology Multimedia framework (MPEG-21) Part 15: Event Reporting AMENDMENT 1: Security in Event Reporting Add the following new clause, after Clause
17、 9: 10. Protection 10.1 General This subclause specifies how to protect Event Report Requests and Event Reports at different levels of granularity, from a complete ER or ERR to specific elements within them. First, it is defined how to ensure integrity and authenticity to the requested and reported
18、data by means of digital signatures. Then, a mechanism for protecting ERs and ERRs is specified. Finally, Annex A presents the XML schema defined, Annex B presents an example of a digitally signed Event Report Request and Annex C presents an example of a partially protected Event Report. 10.2 Data i
19、ntegrity and authenticity This subclause specifies a solution to provide authenticity and integrity to ERRs, ERs and elements within them. It makes use of the dsig:Signature element defined in 1. Figure 3 sketches the dsig:Signature element. The semantics for all elements under Signature should refe
20、r to W3C XML Signature recommendation 1. Figure 3 Signature element Amendment 1:2009 toCAN/CSA-ISO/IEC 21000-15-07ISO/IEC 21000-15:2006/Amd.1:2008(E) 2 ISO/IEC 2008 All rights reservedThe dsig:Signature element is added as an optional child element to the following elements of ISO/IEC 21000-15: Figu
21、re 4 presents the diagram for the resultant ER element. It has the dsig:Signature element as an optional child element. If present, the dsig:Signature element shall contain the digital signature for the erl:ER element. Figure 4 ER element 10.3 Data encryption This subsection specifies how to protect
22、 Event Reports and Event Report Requests and elements within them. It defines the equivalent encrypted elements for ERs and ERRs according to the W3C XML Encryption recommendation. 10.3.1 Encrypted elements The equivalent encrypted elements are defined according to W3C XML Encryption recommendation
23、2 for ERs and ERRs are the following: Amendment 1:2009 toCAN/CSA-ISO/IEC 21000-15-07ISO/IEC 21000-15:2006/Amd.1:2008(E) ISO/IEC 2008 All rights reserved 3Figure 5 presents the erl:EncryptedER element defined. The semantics for all elements under erl:EncryptedER should refer to 2. Figure 5 EncryptedE
24、R element Add the following new annexes, after Annex D: Annex E (informative) XML Schema Definition E.1 General This annex contains the XML schema for the syntax of the types and elements of the Security in Event Reporting Amendment 1. E.2 Schema for Event Reporting This subclause contains the XML S
25、chema for Event Reporting. Using this schema ERs, ERRs and elements within them can be digitally signed using the dsig:Signature element as defined in the W3C XML Signature recommendation and they can be encrypted using the EncryptedER elements. Amendment 1:2009 toCAN/CSA-ISO/IEC 21000-15-07ISO/IEC
26、21000-15:2006/Amd.1:2008(E) ISO/IEC 2008 All rights reserved 5Amendment 1:2009 toCAN/CSA-ISO/IEC 21000-15-07ISO/IEC 21000-15:2006/Amd.1:2008(E) 6 ISO/IEC 2008 All rights reservedAmendment 1:2009 toCAN/CSA-ISO/IEC 21000-15-07ISO/IEC 21000-15:2006/Amd.1:2008(E) ISO/IEC 2008 All rights reserved 7Amendm
27、ent 1:2009 toCAN/CSA-ISO/IEC 21000-15-07ISO/IEC 21000-15:2006/Amd.1:2008(E) 8 ISO/IEC 2008 All rights reservedAmendment 1:2009 toCAN/CSA-ISO/IEC 21000-15-07ISO/IEC 21000-15:2006/Amd.1:2008(E) ISO/IEC 2008 All rights reserved 9Amendment 1:2009 toCAN/CSA-ISO/IEC 21000-15-07ISO/IEC 21000-15:2006/Amd.1:
28、2008(E) 10 ISO/IEC 2008 All rights reservedAmendment 1:2009 toCAN/CSA-ISO/IEC 21000-15-07ISO/IEC 21000-15:2006/Amd.1:2008(E) ISO/IEC 2008 All rights reserved 11Amendment 1:2009 toCAN/CSA-ISO/IEC 21000-15-07ISO/IEC 21000-15:2006/Amd.1:2008(E) 12 ISO/IEC 2008 All rights reservedAmendment 1:2009 toCAN/
29、CSA-ISO/IEC 21000-15-07ISO/IEC 21000-15:2006/Amd.1:2008(E) ISO/IEC 2008 All rights reserved 13Annex F (informative) An example of a Signed Event Report Request This annex provides an illustrative example of an Event Report Request digitally signed. 2004-07-01T00:00:00 2004-07-08T00:00:00 GUID:1AC5-4
30、527-A864-3EA2 CISAC:IPI:P-1435 6382 2004-06-30T18:15:00 Creation of ER-R by Bobacme.org GUID:54A9-32CA-9836-AC30 CISAC:IPI:P-1435 6382 2004-07-05T24:00:00 1 urn:mpegRA:mpeg21:dii:cid:1702 This is a description of the ER urn:isbn:0-395-36341-1 urn:mpegra:mpeg21:dii:isrc:BE-R45-98-03948576 Amendment 1
31、:2009 toCAN/CSA-ISO/IEC 21000-15-07ISO/IEC 21000-15:2006/Amd.1:2008(E) 14 ISO/IEC 2008 All rights reservedhttp:/www.acme.org/schemas/phones.xsd urn:MAC:00-08-E3-AE-1E-62 urn:mpegra:mpeg21:IPI:0012395868374 2005-07-06T00:00:00 2005-09-06T00:00:00 er:SendERService er:SendERPortType mpeg:mpeg21:dii:ERR
32、ID:010 2005-01-01T00:00:00 2005-01-31T00:00:00 2005-07-06T00:00:00 P2M10D P1D 2006-07-06T00:00:00 REL:Play mpeg:mpeg21:dii:ID:ACME-010 au Amendment 1:2009 toCAN/CSA-ISO/IEC 21000-15-07ISO/IEC 21000-15:2006/Amd.1:2008(E) ISO/IEC 2008 All rights reserved 15kr Q6bNcmGachtoi3z65gcfFDsaf6X= pRj0rxmxWQEQh
33、IIAYbtcIcmo8M= 0xQ8lXdARF0ThO4w= AQEBCC= Amendment 1:2009 toCAN/CSA-ISO/IEC 21000-15-07ISO/IEC 21000-15:2006/Amd.1:2008(E) 16 ISO/IEC 2008 All rights reservedAnnex G (informative) An example of a partially encrypted Event Report This annex provides an illustrative example of an Event Report protecte
34、d. In the ER the reported data is encrypted. A Free-text description of the ER urn:MAC:00-08-E3-AE-1E-62 urn:mpegra:mpeg21:IPI:0012395868374 urn:MAC:00-18-53-AE-1C-BB urn:mpegra:mpeg21:IPI:0017785868443 2005-11-03T01:22:30 mpeg:mpeg21:dii:ERRID:342 SymmetricKey Ktd63SDfkDWEjeSdkj39872A5ToQ. Amendmen
35、t 1:2009 toCAN/CSA-ISO/IEC 21000-15-07ISO/IEC 21000-15:2006/Amd.1:2008(E) ISO/IEC 2008 All rights reserved 17Add a bibliography, as follows: Bibliography 1 XMLDSIG, XML-Signature Syntax and Processing, W3C Recommendation, 12 February 2002, available at http:/www.w3.org/TR/xmldsig-core/ 2 XMLENC, XML
36、 Encryption Syntax and Processing, W3C Recommendation 10 December 2002, available at http:/www.w3.org/TR/xmlenc-core/ Amendment 1:2009 toCAN/CSA-ISO/IEC 21000-15-07ISO/IEC 21000-15:2006/Amd.1:2008(E) ICS 35.040 ISO/IEC 2008 All rights reserved Copyright NoticeThis Amendment to the International Stan
37、dard contains information copyright protected by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Except as permitted under the laws of Canada, no extract of this Amendment to the International Standard may be reproduced, stored in any
38、 retrieval system, or transmitted in any form or by any means, electronic, photocopying, recording, or otherwise, without prior permission from the Standards Council of Canada (SCC). Requests for permission to reproduce this Amendment to the International Standard or parts thereof should be addresse
39、d to Manager, Technical Document Centre Standards Council of Canada 270 Albert Street, Suite 200 Ottawa, Ontario K1P 6N7 The Canadian adoption of this Amendment to the International Standard contains information copyright protected by the Canadian Standards Association. All rights reserved. No part
40、of this adopted Amendment may be reproduced in any form whatsoever without the prior permission of the publisher. ISO/IEC material is reprinted with permission. Requests for permission to reproduce this adopted Amendment or parts thereof should be addressed to Manager, Sales Canadian Standards Assoc
41、iation 5060 Spectrum Way, Suite 100 Mississauga, Ontario L4W 5N6Copyright violators will be prosecuted to the full extent of the law.PRINTED IN CANADAIMPRIMEAU CANADA100%The Canadian Standards Association (CSA) prints its publications on Rolland Enviro100, which contains 100% recycled post-consumer fibre, is EcoLogo and Processed Chlorine Free certified, and was manufactured using biogas energy.
