1、 ETSI TR 187 010 V2.1.1 (2008-07)Technical Report Telecommunications and Internet converged Services andProtocols for Advanced Networking (TISPAN);NGN Security;Report on issues related to security in identity managementand their resolution in the NGNETSI ETSI TR 187 010 V2.1.1 (2008-07) 2 Reference
2、DTR/TISPAN-07027-NGN-R2 Keywords management, ID, security ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Import
3、ant notice Individual copies of the present document can be downloaded from: http:/www.etsi.org The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the
4、Portable Document Format (PDF). In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Inform
5、ation on the current status of this and other ETSI documents is available at http:/portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No par
6、t may be reproduced except as authorized by written permission. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2008. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTM, TIPHONTM, the TIPHON logo and the ETSI logo are Tra
7、de Marks of ETSI registered for the benefit of its Members. 3GPPTM is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. ETSI ETSI TR 187 010 V2.1.1 (2008-07) 3 Contents Intellectual Property Rights5 Foreword.5 1 Scope 6 2 References 6 2.1 Normati
8、ve references .6 2.2 Informative references6 3 Definitions, and abbreviations8 3.1 Definitions8 3.2 Abbreviations .9 4 Review of IdM .10 4.1 Overview 10 4.2 Characterization of theft potential of identity.11 4.3 Regulatory protection of Identity .11 4.4 Purpose of Identity and Identity Management in
9、 the NGN 12 4.5 Identity portability12 4.6 Identity versus identifier.12 4.7 Principles for handling personal data in ICT networks 14 5 IdM themes in other standardization bodies.16 5.1 Overview 16 5.2 Common thematic model .16 5.3 Common functional themes17 5.3.1 Authorization 17 5.3.2 Authenticati
10、on.18 5.3.3 Contextual uniqueness 18 6 Identity in the NGN18 6.1 Overview of the NGN 18 6.2 IdM models relevant to the NGN .19 6.2.1 The Subscriber Management model .19 6.2.2 The ECN Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the
11、 ETSI Secretariat. Latest updates are available on the ETSI Web server (http:/webapp.etsi.org/IPR/home.asp). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR
12、000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Technical Report (TR) has been produced by ETSI Technical Committee Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN).
13、 ETSI ETSI TR 187 010 V2.1.1 (2008-07) 6 1 Scope The present document summarizes the work that is ongoing in relation to management of trusted identifiers (often referred to as the generic term Identity Management (IdM) within a number of international standardization bodies and industry fora. From
14、this summary, it identifies common themes which are relevant to IdM within ETSIs NGN activities and then presents the results of an IdM Threat Vulnerability and Risk Analysis (TVRA) based upon the method described in TS 102 165-1 i.1. The present document derives and presents a set of objectives and
15、 requirements for providing security of Identity and IdM in the NGN. NOTE: The issues raised in the present document have been analysed with respect to the NGN but apply equally to existing and alternative telecommunications networks. 2 References References are either specific (identified by date o
16、f publication and/or edition number or version number) or non-specific. For a specific reference, subsequent revisions do not apply. Non-specific reference may be made only to a complete document or a part thereof and only in the following cases: - if it is accepted that it will be possible to use a
17、ll future changes of the referenced document for the purposes of the referring document; - for informative references. Referenced documents which are not found to be publicly available in the expected location might be found at http:/docbox.etsi.org/Reference. For online referenced documents, inform
18、ation sufficient to identify and locate the source shall be provided. Preferably, the primary source of the referenced document should be cited, in order to ensure traceability. Furthermore, the reference should, as far as possible, remain valid for the expected life of the document. The reference s
19、hall include the method of access to the referenced document and the full network address, with the same punctuation and use of upper case and lower case letters. NOTE: While any hyperlinks included in this clause were valid at the time of publication ETSI cannot guarantee their long term validity.
20、2.1 Normative references The following referenced documents are indispensable for the application of the present document. For dated references, only the edition cited applies. For non-specific references, the latest edition of the referenced document (including any amendments) applies. Not applicab
21、le. 2.2 Informative references The following referenced documents are not essential to the use of the present document but they assist the user with regard to a particular subject area. For non-specific references, the latest version of the referenced document (including any amendments) applies. i.1
22、 ETSI TS 102 165-1: “Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); Methods and protocols; Part 1: Method and proforma for Threat, Risk, Vulnerability Analysis“. ETSI ETSI TR 187 010 V2.1.1 (2008-07) 7 i.2 ETSI EG 202 387: “Telecommunications and I
23、nternet converged Services and Protocols for Advanced Networking (TISPAN); Security Design Guide; Method for application of Common Criteria to ETSI deliverables“. i.3 ETSI ES 282 001: “Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); NGN Functional A
24、rchitecture“. i.4 ETSI TS 184 002: “Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); Identifiers (IDs) for NGN“. i.5 ETSI TS 188 002-2: “Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); Network and Se
25、rvice Management; Subscription Management; Part 2: Information Model“. i.6 ETSI TS 102 165-2 (V4.1.1): “Telecommunications and Internet Protocol Harmonization Over Networks (TIPHON) Release 4; Protocol Framework Definition; Methods and Protocols for Security; Part 2: Counter Measures“. i.7 ETSI TS 1
26、33 203: “Digital cellular telecommunications system (Phase 2+); Universal Mobile Telecommunications System (UMTS); 3G security; Access security for IP-based services (3GPP TS 33.203)“. i.8 ETSI TR 184 003: “Telecommunications and Internet converged Services and Protocols for Advanced Networking (TIS
27、PAN); Number Portability scenarios in Next Generation Networks (NGNs)“. i.9 ETSI EG 284 004: “Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); Incorporating Universal Communications Identifier (UCI) support into the specification of Next Generation N
28、etworks (NGN)“. i.10 ETSI EG 201 940: “Human Factors (HF); User Identification solutions in converging networks“. i.11 ETSI EG 202 067: “Universal Communications Identifier (UCI); System framework“. i.12 ETSI ES 282 004: “Telecommunications and Internet converged Services and Protocols for Advanced
29、Networking (TISPAN); NGN Functional Architecture; Network Attachment Sub-System (NASS)“. i.13 Directive 2002/58/EC of the European Parliament and of the council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive
30、 on privacy and electronic communications). i.14 UK Home Office; R.V.Clark; “Hot Products: understanding, anticipating and reducing demand for stolen goods“, ISBN 1-84082-278-3. i.15 Recommendation of the OECD Council in 1980 concerning guidelines governing the protection of privacy and transborder
31、flows of personal data (the OECD guidelines for personal data protection. i.16 ITU-T Recommendation E.164 (02/2005): “The international public telecommunication numbering plan“. i.17 ISO/IEC 17799 2005: “Information technology - Security techniques - Code of practice for information security managem
32、ent“. i.18 ISO/IEC 13335: “Information technology - Security techniques - Guidelines for the management of IT security“. NOTE: ISO/IEC 13335 is a multipart publication and the reference above is used to refer to the series. i.19 ISO/IEC 15408-1: “Information technology - Security techniques - Evalua
33、tion criteria for IT security - Part 1: Introduction and general model“. i.20 ISO/IEC 15408-2: “Information technology - Security techniques - Evaluation criteria for IT security - Part 2: Security functional requirements“. i.21 AS/NZS 4360: “Risk Management“. ETSI ETSI TR 187 010 V2.1.1 (2008-07) 8
34、 i.22 Directive 2002/21/EC of the European Parliament and of the council of 7 March 2002 on a common regulatory framework for electronic communications networks and services (Framework Directive). i.23 Directive 2002/22/EC of the European Parliament and of the Council of 7 March 2002 on Universal se
35、rvice and users rights relating to electronic communications networks and services (Universal Service Directive - OJ L 108, 24.04.2002). i.24 Directive 1999/5/EC of the European Parliament and of the Council of 9 March 1999 on radio equipment and telecommunications terminal equipment and the mutual
36、recognition of their conformity. i.25 Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. . i.26 ETSI TS 133 220: “Digital cellular telecommunication
37、s system (Phase 2+); Universal Mobile Telecommunications System (UMTS); Generic Authentication Architecture (GAA); Generic bootstrapping architecture (3GPP TS 33.220 version 7.11.0 Release 7)“. i.27 IETF RFC 2104: “HMAC: Keyed-Hashing for Message Authentication“. i.28 IETF RFC 2821: “Simple Mail Tra
38、nsfer Protocol (SMTP)“. i.29 NIST, FIBS-PUB 180-2: “Secure Hash Standard“. 3 Definitions, and abbreviations 3.1 Definitions For the purposes of the present document, the terms and definitions given in EG 202 387 i.2, ISO/IEC 17799 i.i.17, ISO/IEC 13335-1 i.18 and the following apply: asset: anything
39、 that has value to the organization, its business operations and its continuity authentication: ensuring that the identity of a subject or resource is the one claimed availability: property of being accessible and usable on demand by an authorized entity ISO/IEC 13335-1 i.18 confidentiality: ensurin
40、g that information is accessible only to those authorized to have access Concealable, Removable, Available, Valuable, Enjoyable, and Disposable (CRAVED): acronym for a classification scheme to determine the likelihood that a particular type of item will be the subject of theft i.14 Identifier: serie
41、s of digits, characters and symbols used to identify uniquely subscriber, user, network element, function or network entity providing services/applications Identity: identifier allocated to a particular entity, e.g. a particular end-user, provides an Identity for that entity (TS 184 002 i.i.4) ident
42、ity crime: generic term for identity theft, creating a false identity or committing identity fraud identity fraud (1): use of a false identity or legitimate identity to support unlawful activity identity fraud (2): falsely claiming to be a victim of identity theft to avoid obligation or liability id
43、entity theft: event that occurs when sufficient information about an identity is obtained to facilitate identity fraud impact: result of an information security incident, caused by a threat, which affects assets integrity: safeguarding the accuracy and completeness of information and processing meth
44、ods mitigation: limitation of the negative consequences of a particular event ETSI ETSI TR 187 010 V2.1.1 (2008-07) 9 nonce: arbitrary number that is generated for security purposes (such as an initialization vector) that is used only one time in any security session non-repudiation: ability to prov
45、e an action or event has taken place, so that this event or action cannot be repudiated later spam: bulk unsolicited communication where the benefit favours the sender residual risk: risk remaining after risk treatment risk: potential that a given threat will exploit vulnerabilities of an asset or g
46、roup of assets and thereby cause harm to the organization threat: potential cause of an incident that may result in harm to a system or organization NOTE 1: A threat consists of an asset, a threat agent and an adverse action of that threat agent on that asset (reference i.19). NOTE 2: A Threat is en
47、acted by a Threat Agent, and may lead to an Unwanted Incident breaking certain pre-defined security objectives. threat agent: an entity that can adversely act on an asset unwanted incident: incident such as loss of confidentiality, integrity and/or availability (reference i.21) user: person or proce
48、ss using the system in order to gain access to some system resident or system accessible service vulnerability: weakness of an asset or group of assets that can be exploited by one or more threats NOTE: A Vulnerability, consistent with the definition given in ISO/IEC 13335 i.18, is modelled as the c
49、ombination of a Weakness that can be exploited by one or more Threats. 3.2 Abbreviations For the purposes of the present document, the following abbreviations apply: AKA Authentication and Key Agreement BSF Bootstrap Server Function CLIP Calling Line Identity Presentation COLP Called Line Identification Presentation CPE Customer Premises Equipment CRAVED Concealable, Removable, Available, Valuable, Enjoyable, and Disposable CSP Communications Service Provider ECN Electronic Communications Netwo