1、 INTERNATIONAL TELECOMMUNICATION UNION ITU-T X.805TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (10/2003) SERIES X: DATA NETWORKS AND OPEN SYSTEM COMMUNICATIONS Security Security architecture for systems providing end-to-end communications ITU-T Recommendation X.805 ITU-T X-SERIES RECOMMENDATIONS
2、DATA NETWORKS AND OPEN SYSTEM COMMUNICATIONS PUBLIC DATA NETWORKS Services and facilities X.1X.19 Interfaces X.20X.49 Transmission, signalling and switching X.50X.89 Network aspects X.90X.149 Maintenance X.150X.179 Administrative arrangements X.180X.199 OPEN SYSTEMS INTERCONNECTION Model and notatio
3、n X.200X.209 Service definitions X.210X.219 Connection-mode protocol specifications X.220X.229 Connectionless-mode protocol specifications X.230X.239 PICS proformas X.240X.259 Protocol Identification X.260X.269 Security Protocols X.270X.279 Layer Managed Objects X.280X.289 Conformance testing X.290X
4、.299 INTERWORKING BETWEEN NETWORKS General X.300X.349 Satellite data transmission systems X.350X.369 IP-based networks X.370X.399 MESSAGE HANDLING SYSTEMS X.400X.499 DIRECTORY X.500X.599 OSI NETWORKING AND SYSTEM ASPECTS Networking X.600X.629 Efficiency X.630X.639 Quality of service X.640X.649 Namin
5、g, Addressing and Registration X.650X.679 Abstract Syntax Notation One (ASN.1) X.680X.699 OSI MANAGEMENT Systems Management framework and architecture X.700X.709 Management Communication Service and Protocol X.710X.719 Structure of Management Information X.720X.729 Management functions and ODMA func
6、tions X.730X.799 SECURITY X.800X.849 OSI APPLICATIONS Commitment, Concurrency and Recovery X.850X.859 Transaction processing X.860X.879 Remote operations X.880X.899 OPEN DISTRIBUTED PROCESSING X.900X.999 For further details, please refer to the list of ITU-T Recommendations. ITU-T Rec. X.805 (10/200
7、3) i ITU-T Recommendation X.805 Security architecture for systems providing end-to-end communications Summary This Recommendation defines the general security-related architectural elements that, when appropriately applied, can provide end-to-end network security. Source ITU-T Recommendation X.805 w
8、as approved by ITU-T Study Group 17 (2001-2004) under the ITU-T Recommendation A.8 procedure on 29 October 2003. ii ITU-T Rec. X.805 (10/2003) FOREWORD The International Telecommunication Union (ITU) is the United Nations specialized agency in the field of telecommunications. The ITU Telecommunicati
9、on Standardization Sector (ITU-T) is a permanent organ of ITU. ITU-T is responsible for studying technical, operating and tariff questions and issuing Recommendations on them with a view to standardizing telecommunications on a worldwide basis. The World Telecommunication Standardization Assembly (W
10、TSA), which meets every four years, establishes the topics for study by the ITU-T study groups which, in turn, produce Recommendations on these topics. The approval of ITU-T Recommendations is covered by the procedure laid down in WTSA Resolution 1. In some areas of information technology which fall
11、 within ITU-Ts purview, the necessary standards are prepared on a collaborative basis with ISO and IEC. NOTE In this Recommendation, the expression “Administration“ is used for conciseness to indicate both a telecommunication administration and a recognized operating agency. Compliance with this Rec
12、ommendation is voluntary. However, the Recommendation may contain certain mandatory provisions (to ensure e.g. interoperability or applicability) and compliance with the Recommendation is achieved when all of these mandatory provisions are met. The words “shall“ or some other obligatory language suc
13、h as “must“ and the negative equivalents are used to express requirements. The use of such words does not suggest that compliance with the Recommendation is required of any party. INTELLECTUAL PROPERTY RIGHTS ITU draws attention to the possibility that the practice or implementation of this Recommen
14、dation may involve the use of a claimed Intellectual Property Right. ITU takes no position concerning the evidence, validity or applicability of claimed Intellectual Property Rights, whether asserted by ITU members or others outside of the Recommendation development process. As of the date of approv
15、al of this Recommendation, ITU had not received notice of intellectual property, protected by patents, which may be required to implement this Recommendation. However, implementors are cautioned that this may not represent the latest information and are therefore strongly urged to consult the TSB pa
16、tent database. ITU 2004 All rights reserved. No part of this publication may be reproduced, by any means whatsoever, without the prior written permission of ITU. ITU-T Rec. X.805 (10/2003) iii CONTENTS Page 1 Scope 1 2 References. 1 3 Terms and definitions . 1 4 Abbreviations and acronyms 1 5 Securi
17、ty architecture . 2 6 Security dimensions 3 6.1 Access control security dimension . 3 6.2 Authentication security dimension. 3 6.3 Non-repudiation security dimension 3 6.4 Data confidentiality security dimension. 3 6.5 Communication security dimension. 3 6.6 Data integrity security dimension. 4 6.7
18、Availability security dimension 4 6.8 Privacy security dimension. 4 7 Security layers 4 7.1 The infrastructure security layer. 5 7.2 The services security layer . 5 7.3 The applications security layer. 5 8 Security planes 5 8.1 The management security plane . 6 8.2 The control security plane 6 8.3 T
19、he end-user security plane 7 9 Security threats . 7 10 Description of the objectives achieved by application of security dimensions to security layers . 9 10.1 Securing the infrastructure layer 11 10.2 Securing the services layer . 14 10.3 Securing the applications layer. 17 iv ITU-T Rec. X.805 (10/
20、2003) Introduction The telecommunications and information technology industries are seeking cost-effective comprehensive security solutions. A secure network should be protected against malicious and inadvertent attacks and should have high availability, appropriate response time, reliability, integ
21、rity, scalability, and provide accurate billing information. Security capabilities in products are crucial to the overall network security (including applications and services). However, as more products are combined to provide total solutions, the interoperability, or the lack thereof, will define
22、the success of the solution. Security must not only be a thread of concern for each product or service, but must be developed in a manner that promotes the interweaving of security capabilities in the overall end-to-end security solution. To achieve such a solution in a multi-vendor environment, net
23、work security should be designed around a standard security architecture. ITU-T Rec. X.805 (10/2003) 1 ITU-T Recommendation X.805 Security architecture for systems providing end-to-end communications 1 Scope This Recommendation defines a network security architecture for providing end-to-end network
24、 security. The architecture can be applied to various kinds of networks where the end-to-end security is a concern and independently of the networks underlying technology. This Recommendation defines the general security-related architectural elements that are necessary for providing end-to-end secu
25、rity. The objective of this Recommendation is to serve as a foundation for developing the detailed recommendations for the end-to-end network security. 2 References The following ITU-T Recommendations and other references contain provisions which, through reference in this text, constitute provision
26、s of this Recommendation. At the time of publication, the editions indicated were valid. All Recommendations and other references are subject to revision; users of this Recommendation are therefore encouraged to investigate the possibility of applying the most recent edition of the Recommendations a
27、nd other references listed below. A list of the currently valid ITU-T Recommendations is regularly published. The reference to a document within this Recommendation does not give it, as a stand-alone ducument, the status of a Recommendation. ITU-T Recommendation X.800 (1991), Security architecture f
28、or Open Systems Interconnection for CCITT applications. 3 Terms and definitions This Recommendation uses the following terms from ITU-T Rec. X.800: access control; availability; authentication; confidentiality; data integrity; non-repudiation; privacy. 4 Abbreviations and acronyms This Recommendatio
29、n uses the following abbreviations: AAA Authentication, Authorization and Accounting ASP Application Service Provider ATM Asynchronous Transfer Mode DHCP Dynamic Host Configuration Protocol DNS Domain Name Service DoS Denial of Service DS-3 Digital Signal level 3 FTP File Transfer Protocol 2 ITU-T R
30、ec. X.805 (10/2003) IP Internet Protocol IPSec IP Security Protocol OAM 2) Authentication; 3) Non-repudiation; 4) Data confidentiality; 5) Communication security; 6) Data integrity; 7) Availability; and 8) Privacy. Properly designed and implemented security dimensions support security policy that is
31、 defined for a particular network and facilitate the rules set by the security management. 6.1 Access control security dimension The access control security dimension protects against unauthorized use of network resources. Access control ensures that only authorized personnel or devices are allowed
32、access to network elements, stored information, information flows, services and applications. In addition, Role-Based Access Control (RBAC) provides different access levels to guarantee that individuals and devices can only gain access to, and perform operations on, network elements, stored informat
33、ion, and information flows that they are authorized for. 6.2 Authentication security dimension The authentication security dimension serves to confirm the identities of communicating entities. Authentication ensures the validity of the claimed identities of the entities participating in communicatio
34、n (e.g., person, device, service or application) and provides assurance that an entity is not attempting a masquerade or unauthorized replay of a previous communication. 6.3 Non-repudiation security dimension The non-repudiation security dimension provides means for preventing an individual or entit
35、y from denying having performed a particular action related to data by making available proof of various network-related actions (such as proof of obligation, intent, or commitment; proof of data origin, proof of ownership, proof of resource use). It ensures the availability of evidence that can be
36、presented to a third party and used to prove that some kind of event or action has taken place. 6.4 Data confidentiality security dimension The data confidentiality security dimension protects data from unauthorized disclosure. Data confidentiality ensures that the data content cannot be understood
37、by unauthorized entities. Encryption, access control lists and file permissions are methods often used to provide data confidentiality. 6.5 Communication security dimension The communication security dimension ensures that information flows only between the authorized end points (the information is
38、not diverted or intercepted as it flows between these end points). 4 ITU-T Rec. X.805 (10/2003) 6.6 Data integrity security dimension The data integrity security dimension ensures the correctness or accuracy of data. The data is protected against unauthorized modification, deletion, creation, and re
39、plication and provides an indication of these unauthorized activities. 6.7 Availability security dimension The availability security dimension ensures that there is no denial of authorized access to network elements, stored information, information flows, services and applications due to events impa
40、cting the network. Disaster recovery solutions are included in this category. 6.8 Privacy security dimension The privacy security dimension provides for the protection of information that might be derived from the observation of network activities. Examples of this information include web-sites that
41、 a user has visited, a users geographic location, and the IP addresses and DNS names of devices in a service provider network. 7 Security layers In order to provide an end-to-end security solution, the security dimensions described in clause 6 must be applied to a hierarchy of network equipment and
42、facility groupings, which are referred to as security layers. This Recommendation defines three security layers: the Infrastructure Security Layer; the Services Security Layer and; the Applications Security Layer which build on one another to provide network-based solutions. The security layers are
43、a series of enablers for secure network solutions: the infrastructure layer enables the services layer and the services layer enables the applications layer. The security architecture addresses the fact that each layer has different security vulnerabilities and offers the flexibility of countering t
44、he potential threats in a way most suited for a particular security layer. It should be noted that security layers (as defined above) represent a separate category and all three security layers can be applied to each layer of the OSI reference model. The security layers identify where security must
45、be addressed in products and solutions by providing a sequential perspective of network security. For example, first security vulnerabilities are addressed for the infrastructure layer, then for the services layer and, finally, security vulnerabilities are addressed for the applications layer. Figur
46、e 1 depicts how the security dimensions are applied to security layers in order to diminish vulnerabilities that exist at each layer and thus mitigate security attacks. ITU-T Rec. X.805 (10/2003) 5 X.805_F1AccesscontrolInfrastructure securityServices securityTHREATSVULNERABILITIESATTACKSDataconfiden
47、tialityCommunicationsecurityDataintegrityAvailabilityPrivacyAuthenticationNon-repudiationSecurity layersApplications security8 Security dimensionsFigure 1/X.805 Applying security dimensions to security layers 7.1 The infrastructure security layer The infrastructure security layer consists of the net
48、work transmission facilities as well as individual network elements protected by the security dimensions. The infrastructure layer represents the fundamental building blocks of networks, their services and applications. Examples of components that belong to the infrastructure layer are individual ro
49、uters, switches and servers as well as the communication links between individual routers, switches and servers. 7.2 The services security layer The services security layer addresses security of services that service providers provide to their customers. These services range from basic transport and connectivity to service enablers like those that are necessary for providing Internet access (e.g., AAA services, dynamic host configuration services, domain name services, etc.) to value-added services such as freephone service, QoS, V
