1、INTERNATIONAL TELECOMMUNICATION UNION ITU-T TE LEC0 MM UN I CATI0 N STANDARDIZATION SECTOR OF ITU SERIES Q: SWITCHING AND SIGNALLING Intelligent Network Q.1531 (O 6/20 00) UPT security requirements for service set 1 ITU-T Recommendation Q.1531 (Formerly CCITT Recommendation) ITU-T Q-SERIES RECOMMEND
2、ATIONS SWITCHING AND SIGNALLING SIGNALLING IN THE INTERNATIONAL MANUAL SERVICE FUNCTIONS AND INFORMATION FLOWS FOR SERVICES IN THE ISDN SPECIFICATIONS OF SIGNALLING SYSTEMS No. 4 AND No. 5 SPECIFICATIONS OF SIGNALLING SYSTEM No. 6 SPECIFICATIONS OF SIGNALLING SYSTEM R1 SPECIFICATIONS OF SIGNALLING S
3、YSTEM R2 DIGITAL EXCHANGES INTERWORKING OF SIGNALLING SYSTEMS SPECIFICATIONS OF SIGNALLING SYSTEM No. 7 Q3 INTERFACE DIGITAL SUBSCRIBER SIGNALLING SYSTEM No. 1 PUBLIC LAND MOBILE NETWORK INTERNATIONAL AUTOMATIC AND SEMI-AUTOMATIC WORKING CLAUSES APPLICABLE TO ITU-T STANDARD SYSTEMS Q.1-Q.3 Q.4-Q.59
4、Q.60GQ.99 Q. 100-Q. 119 Q. 120-Q.249 Q.250-Q.3 09 Q.310-Q.399 Q.400-Q.499 Q. 500-Q. 5 99 Q.600-Q.699 Q.700-Q.799 Q.800-Q.849 Q. 8 50-Q. 999 Q. 1000-Q. 1099 INTERWORKING WITH SATELLITE MOBILE SYSTEMS Q. 1100-Q. 1199 SIGNALLING REQUIREMENTS AND PROTOCOLS FOR IMT-2000 Q.1700-Q. 1799 BROADBAND ISDN Q.20
5、00-Q.2999 For further details, please refer to the list of ITU-T Recommendations. ITU-T Recommendation Q.1531 UPT security requirements for service set 1 Summary This Recommendation specifies UPT security requirements for both user-to-network and internetwork communication applicable to UPT Service
6、Set 1 as defined within Recommendation F.851 i. This Recommendation covers all aspects of security for UPT using DTMF accesses and out-band DSS1 based user accesses. Source ITU-T Recommendation Q. 153 1 was prepared by ITU-T Study Group 1 1 (1 997-2000) and approved under the WTSC Resolution 1 proce
7、dure on 15 June 2000. Keywords Security, UPT ITU-T 0.1531 (06/2000) i FOREWORD The International Telecommunication Union (ITU) is the United Nations specialized agency in the field of telecommunications. The ITU Telecommunication Standardization Sector (ITU-T) is a permanent organ of ITU. ITU-T is r
8、esponsible for studying technical, operating and tariff questions and issuing Recommendations on them with a view to standardizing telecommunications on a worldwide basis. The World Telecommunication Standardization Conference (WTSC), which meets every four years, establishes the topics for study by
9、 the ITU-T study groups which, in turn, produce Recommendations on these topics. The approval of ITU-T Recommendations is covered by the procedure laid down in WTSC Resolution 1. In some areas of information technology which fall within ITU-Ts purview, the necessary standards are prepared on a colla
10、borative basis with IS0 and IEC. NOTE In this Recommendation, the expression “Administration“ is used for conciseness to indicate both a telecommunication administration and a recognized operating agency. INTELLECTUAL PROPERTY RIGHTS ITU draws attention to the possibility that the practice or implem
11、entation of this Recommendation may involve the use of a claimed Intellectual Property Right. ITU takes no position concerning the evidence, validity or applicability of claimed Intellectual Property Rights, whether asserted by ITU members or others outside of the Recommendation development process.
12、 As of the date of approval of this Recommendation, ITU had not received notice of intellectual property, protected by patents, which may be required to implement this Recommendation. However, implementors are cautioned that this may not represent the latest information and are therefore strongly ur
13、ged to consult the TSB patent database. O ITU 2001 All rights reserved. No part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from ITU. ITU-T 0.1531 (06/2000) 11 CONTENTS 1
14、3 3.1 3.2 4 5 5.1 5.2 5.3 5.4 6 6.1 6.2 7 7.1 7.2 7.3 8 8.1 8.2 8.3 8.4 9 9.1 9.2 9.3 9.4 10 Scope of Recommendation . References Definitions of terms Terms defined in Recommendation F.85 1 11 Terms not defined in Recommendation F.85 1 i Abbreviation and acronyms Introduction Fraud . Confidentiality
15、 Service availability . Protection scheme . General description . General objectives for security . General security requirements UPT security threats . Threats associated with UPT features Threats associated with internetwork communications Unintentional situations System requirements on security S
16、ervice related requirements Access related requirements . Network operational requirements . Security management requirements . Security features for UPT . UPT service features providing security Security features for internetwork communications . Security features for user access . 9.3.1 Secure dia
17、logue . 9.3.2 Secure file transfer Security limitation 9.4.1 9.4.2 DTMF based user access . Out-band DSS1 based user access Security mechanisms for UPT ITU-T Q.1531 (06/2000) 1 1 1 1 1 2 7 9 9 11 12 12 12 12 12 13 13 iii 1 O . 1 Access control mechanisms 10.1.1 Access control to services . 1 O . 1.2
18、 Access control to service profile data . 10.1.3 Access control to the data in the UPT device 10.2 User authentication mechanisms 10.2.1 Degrees of authentication 10.2.2 Types of UPT device . 10.2.3 User signalling . 10.3 Security management mechanisms . 10.3.1 Security audit trail . 10.3.2 Event ha
19、ndling actions 10.3.3 Charging control 10.3.4 Information management Page 13 13 14 14 14 14 15 15 18 18 19 19 19 iv ITU-T Q.1531 (06/2000) ITU-T Recommendation Q.1531 UPT security requirements for service set 1 1 Scope of Recommendation This ITU-T Recommendation specifies UPT security requirements f
20、or both user-to-network and internetwork communication applicable to UPT Service Set 1 as defined within Recommendation F.851 i. Generally, there are two user-access methods for UPT. One is in-band DTMF based user access, and the other is out-band user access such as DSS1 based signalling. The requi
21、rements depend on the use of these methods. This Recommendation covers all aspects of security for UPT using DTMF access and out-band DSS 1 based user accesses. 2 References The following ITU-T Recommendation, and other references contain provisions which, through reference in this text, constitute
22、provisions of this Recommendation. At the time of publication, the editions indicated were valid. All Recommendations and other references are subject to revision; all users of this Recommendation are therefore encouraged to investigate the possibility of applying the most recent edition of the Reco
23、mmendations and other references listed below. A list of the currently valid ITU-T Recommendations is regularly published. i ITU-T Recommendation F.851 (1995), Universal Personal Telecommunication (UPT) - Service description (Service Set 1). 3 Definitions of terms 3.1 Terms defined in Recommendation
24、 F.851 i The following terms are defined in Recommendation F.851 i. - authentication; - identification; - personal mobility; - UPT (Universal Personal Telecommunication); - UPT service profile; - UPT service profile management; - UPT service provider; - UPT subscriber; UPT user. - 3.2 This Recommend
25、ation defines the following terms: 3.2.1 enforced. 3.2.2 available or disclosed to unauthorized individuals, entities or processes. Terms not defined in Recommendation F.851 i authorization: A property by which the access rights to resources are established and confidentiality: A property by which i
26、nformation relating to an entity or party is not made ITU-T 0.1531 (06/2000) 1 3.2.3 modified in an unauthorized manner. 3.2.4 integrity: A property by which the information content of an object is prevented from being privacy: The provision of capabilities to prevent users from suffering of freedom
27、 of actions. 4 Abbreviation and acronyms This Recommendation uses the following abbreviations: cs-1 cs-2 DSS1 DTMF IC-card IN ISDN MAC OCPIN os1 PIN PINX PLMN PU1 SAPIN SCP SDP ss7 TMN UPT Capability Set 1 Capability Set 2 Digital Subscriber Signalling System No. 1 Dual Tone Multiple Frequency Integ
28、rated Circuit-card Intelligent Network Integrated Services Digital Network Message Authentication Code Outgoing Call PIN Open Systems Interconnection Personal Identification Number Private Integrated Network exchange Public Land Mobile Network Personal User Identity Secure Answering PIN Service Cont
29、rol Point Service Data Point Signalling System No. 7 Telecommunications Management Network Universal Personal Telecommunication 5 Introduction The freedom given to UPT users to move freely from one terminal to another also implies that attempts to fraudulently use their subscription can be performed
30、 from any terminal. UPT subscribers are thus more exposed to fraudulent attempts to use their subscription than ordinary subscribers. It is necessary that the UPT service provides sufficient security mechanisms, so that the level of risk incurred by UPT subscribers does not appear prohibitive in com
31、parison with ordinary subscribers. The security mechanisms provided by the UPT service, irrespective of their strength of protection, should however, not appear to the UPT user as any extra complication at all, but be part of the general UPT procedures. Security in a UPT context refers to issues of:
32、 4 fraud; b) confidentiality; 2 ITU-T 0.1531 (06/2000) cl service availability; d) protection scheme. 5.1 Fraud Fraud is the abuse of UPT facilities by unauthorized users, in particular to make chargeable use of UPT service, which charge is made against a legitimate UPT users account. Resulting requ
33、irements are for example: a b) call details; cl auditing. authentication of users and subscribers; 5.2 Confidentiality Confidentiality is the concept that information concerning the UPT user and the UPT subscriber are not revealed to anyone who does not have legal authority to examine that informati
34、on. This information includes: a the content of communication; b) account details; cl call details; d) registration details. 5.3 Service availability The ability of UPT users to receive the UPT services at any time that they wish may be limited by: a service reliability; b) service denial. 5.4 Prote
35、ction scheme The UPT specifications must define appropriate security mechanisms to protect from any security threats: a UPT users; b) cl UPT service, because of the circumstances in which UPT is expected to be provided. UPT will be an open system with worldwide access, and the possibility for fraud
36、should be minimized. UPT capable network operators and service providers; 6 General description 6.1 General objectives for security The following general objectives for security in UPT apply: a b) the UPT user may use the UPT service with minimal risk of violated privacy or erroneous charging due to
37、 fraudulent use; the security provided to a UPT user when using UPT services should be comparable to the security provided by the contemporary fixed or mobile networks when using the same services; ITU-T 0.1531 (06/2000) 3 cl the security provided to a UPT service provider or network operator should
38、 be at least comparable to the security provided by the contemporary fixed or mobile networks and should protect the business interests of such providers or operators; the legal, regulatory and commercial aspects of the security provided by UPT should accommodate worldwide availability; the security
39、 to be provided by UPT should be adequately standardized to provide secure international interoperability and roaming. d) e 6.2 General security requirements The introduction of UPT and the powerful communication capabilities enabled by it, necessitate that various security mechanisms be made availa
40、ble to affected users. The security levels afforded by these mechanisms depend on various factors: a b) cl d) It is noted that some security mechanisms appear as integral parts of certain UPT procedures. It is, in general, desirable that all security mechanisms supported by the UPT service be simple
41、 to use and appear as part of the general UPT procedures. It is desirable that a range of security levels be supported by UPT service providers. These would be offered to UPT users to choose from at subscription time. The security level offered to the UPT user depends heavily on the choice of the de
42、gree of authentication. the particular security mechanisms of choice; the choice of UPT terminals and UPT devices; the actual use of the UPT procedures; the choice of access and authentication procedures. 7 UPT security threats Due to the flexible nature of the UPT service, UPT subscribers are very
43、exposed to fraudulent use of their subscriptions. UPT users may, in principle, use any terminal in the world for making or receiving calls that will be charged to their account. Equally, a malicious person might abuse the UPT subscribers account from any terminal in the world. It is prudent for the
44、UPT service specifically to protect: a subscribers accounts; b) users responsibility to their subscribers; cl users personal details; 4 the integrity of the network; e network operators revenue streams; 0 network operators reputations; against fraudulent or malicious attack, by any party. There is a
45、 great variety of relationships between the different UPT parties. All of the relationships have to be controlled by appropriate agreements that take the different legal situations in the various countries into consideration. A diagrammatic representation of the relationships of the parties involved
46、 in UPT is given in Figure 1. The intruder is not specifically placed within the diagram as the relationship depends purely on the type of intrusion perpetrated. 4 ITU-T 0.1531 (06/2000) UPT service provider (Note 3) l intruder UPT service - - provider NOTE 1 For example, access and service profile
47、management. NOTE 2 For example, charging and service profile management. NOTE 3 An intruder might attack any party and any link between them. Figure UQ.1531 - Model of UPT parties and their relations UPT subscriber 7.1 The major threats to the UPT service are listed below. Masquerading as a UPT user
48、 An intruder could use the eavesdropped authentication data to make outgoing calls on a UPT number, so the UPT subscriber of this UPT number would have to pay the charges for the intruders calls. An intruder could use the eavesdropped information to register incoming calls on someone elses UPT numbe
49、r. As a consequence the UPT user will lose his incoming calls, which may be forwarded by the intruder, and the matching UPT subscriber may have to pay the charges for these calls (e.g. split charging). Masquerading as a UPT service provider If a third party is succeeding to masquerade as a UPT service provider, a number of major threats are paused to the UPT user security. Unauthorized reading or modification of subscription data by the user/subscriber A user/subscriber could read or modify subscription data in the service profile without being authorized by the
