1、ITU-T RECIN*X.BlZ 95 4862591 Ob13308 T50 a INTERNATIONAL TELECOMMUNICATION UNION ITU-T TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU DATA NETWORKS AND OPEN SYSTEM COMMUNICATIONS SECURITY X.812 (1 1/95) INFORMATION TECHNOLOGY - OPEN SYSTEMS INTERCONNECTION - SECURITY FRAMEWORKS FOR OPEN SYSTEMS: AC
2、CESS CONTROL FRAMEWORK ITU-T Recommendation X.812 (Previously “CCITT Recommendation”) COPYRIGHT International Telecommunications Union/ITU TelecommunicationsLicensed by Information Handling ServicesITU-T RECNN*X*832 95 W 4862593 Ob33309 997 FOREWORD ITU (International Telecommunication Union) is the
3、 United Nations Specialized Agency in the field of telecommunications. The ITU Telecommunication Standardization Sector (ITU-T) is a permanent organ of the ITU. Some 179 member countries, 84 telecom operating entities, 145 scientific and industrial organizations and 38 international organizations pa
4、rticipate in ITU-T which is the body which sets world telecommunications standards (Recommendations). The approval of Recommendations by the Members of ITU-T is covered by the procedure laid down in WTSC Resolution No. 1 (Helsinki, 1993). In addition, the World Telecommunication Standardization Conf
5、erence (WTSC), which meets every four years, approves Recommendations submitted to it and establishes the study programme for the following period. In some areas of information technology which fall within ITU-Ts purview, the necessary standards are prepared on a collaborative basis with IS0 and IEC
6、. The text of ITU-T Recommendation X.812 was approved on 21st of November 1995. The identical text is also published as ISO/IEC International Standard 10181-3. NOTE In this Recommendation, the expression “Administration” is used for conciseness to indicate both a telecommunication administration and
7、 a recognized private operating agency. O ITU 1996 All rights reserved. No part of this publication may be reproduaced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from the ITU. COPYRIGHT International Telecomm
8、unications Union/ITU TelecommunicationsLicensed by Information Handling ServicesITU-T X-SERIES RECOMMENDATIONS DATA NETWORKS AND OPEN SYSTEM COMMUNICATIONS (February 1994) ORGANIZATION OF X-SERIES RECOMMENDATIONS Subject area PUBLIC DATA NETWORKS Recommendation Series I Services and Facilities I X.1
9、-X. 19 I Interfaces Transmission, Signalling and Switching X.20-X.49 X.50-X.89 - Network Aspects Maintenance X.90-X. 149 X.150-X.179 I Model and Notation I x.200-x.209 I Administrative Arrangements OPEN SYSTEMS INTERCONNECTION I Service Definitions X.180-X.199 1 Connectionless-mode Protocol Specific
10、ations PICS Proformas - X.210-X.2 19 X.230-X.239- X.240-X.259 I Connection-mode Protocol Specifications I 1 Protocol Identification Security Protocols X.260-X.269 X.270-X.279 - - Conformance Testing INTERWORKING BETWEEN NETWORKS I Layer Managed Objects I X.280-X.289 I X.290-X.299 General Mobile Data
11、 Transmission Systems X.300-X.349 X.350-X.369 Management MESSAGE HANDLING SYSTEMS X.370-X.399 x.400-x.499 Networking I X.600-X. 649 I DIRECTORY OS1 NETWORKING AND SYSTEM ASPECTS x.500-x.599 Naming, Addressing and Registration Abstract Syntax Notation One (ASN. 1) X.650-X.679 X.680-X.699 OS1 MANAGEME
12、NT SECURITY OS1 APPLICATIONS X.700-X.799 X.800-X.849 Commitment, Concurrency and Recovery - - X.850-X.859 Remote Operations OPEN DISTRIBUTED PROCESSING X.880-X. 899 X.900-X.999 COPYRIGHT International Telecommunications Union/ITU TelecommunicationsLicensed by Information Handling Services ITU-T RECM
13、N*X.812 95 4862593 Ob13311 545 = 1 2 3 4 5 6 7 CONTENTS Scope Normative references . 2.1 Identical Recommendations I International Standards 2.2 Paired Recommendations I International Standards equivalent in technical content Definitions Abbreviations . General discussion of access control 5.1 Goal
14、of access control . 5.2 5.2.1 Performing access control functions . 5.2.2 Other access control activities . 5.2.3 AC1 forwarding . Basic aspects of access control . 5.3 Distribution of access control components . 5.3.1 Incoming access control 5.3.2 Outgoing access control 5.3.3 Interposed access con
15、trol Distribution of access control components across multiple security domains Threats to access control . Access control policies . Access control policy categories . 6.1.2 Groups and roles . 5.4 5.5 6.1 Access control policy expression 6.1.1 6.1.3 Security labels . 6.1.4 Multiple initiator access
16、 control policies 6.2.1 Fixed policies 6.2.2 Administratively-imposed policies . 6.2.3 User-selected policies . 6.4 Inheritance rules 6.5 Precedence among access control policy rules . 6.6 Default access control policy rules . 6.7 Policy mapping through cooperating security domains Access control in
17、formation and facilities . 6.2 Policy management . 6.3 Granularity and containment . 7.1 7.2 7.3 AC1 . 7.1.1 Initiator AC1 7.1.3 Access request AC1 . 7.1.4 Operand AC1 . 7.1.5 Contextual information . 7.1.6 Initiator-bound AC1 7.1.7 Target-bound AC1 . 7.1.8 Access request-bound AC1 . Protection of A
18、C1 7.2.1 Access control certificates 7.2.2 Access control tokens . Access control facilities 7.3.1 Management related facilities . 7.3.2 Operation related facilities 7.1.2 Target AC1 IW-T Rec . X.812 (1995 E) Page 1 2 2 2 2 4 4 4 5 5 7 8 9 10 10 10 10 10 11 11 11 11 11 12 12 12 12 12 12 12 13 13 13
19、13 13 14 14 14 14 14 15 15 15 15 15 16 16 16 17 1 COPYRIGHT International Telecommunications Union/ITU TelecommunicationsLicensed by Information Handling Services. ITU-T RECMN*X.812 75 = 48b2591 Ob13312 481 8 Classification of access control mechanisms . 8.1 8.2 8.3 8.4 8.5 Introduction . ACL scheme
20、 8.2.1 Basic features 8.2.2 AC1 8.2.3 Supporting mechanisms 8.2.4 Variations of this scheme Capability scheme . 8.3.1 Basic features 8.3.2 AC1 8.3.3 Supporting mechanisms 8.3.4 Variation of this scheme - Capabilities without specific operations Label based scheme 8.4.1 Basic features 8.4.2 AC1 8.4.3
21、 Supporting mechanisms 8.4.4 Labeled channels as targets . Context based scheme . 8.5.1 Basic features 8.5.2 ACX 8.5.3 Supporting mechanisms 8.5.4 Variations of this scheme 9 Interaction with other security services and mechanisms 9.1 Authentication . 9.2 Data integrity 9.3 Data confidentiality . 9.
22、4 Audit . 9.5 Other access-related services Annex A - Exchange of access control certificates among components . A.l Introduction . A.2 Forwarding access control certificates A.3 Forwarding multiple access control certificates A.3.1 Example A.3.2 Generalization . A.3.3 Simplifications Annex B - Acce
23、ss control in the OS1 reference model B.l General B.2 Use of access control within the OS1 layers B.2.1 Use of access control at the network layer B.2.2 Use of access control at the transport layer . B.2.3 Use of access control at the application layer . Annex C - Non-uniqueness of access control id
24、entities Annex D - Distribution of access control components D.l Aspects considered D.2 AEC and ADC locations . D.3 Interactions among access control components Annex E - Rule-based versus identity-based policies Annex F - A mechanism to support AC1 forwarding through an initiator . Annex G - Access
25、 control security service outline 11 ITU-T Rec . X.812 (1995 E) Page 19 19 20 20 20 20 21 22 22 22 22 22 23 23 23 23 24 24 24 25 25 25 25 25 25 26 26 26 27 27 27 27 27 28 28 29 29 29 29 29 29 30 31 31 31 32 34 35 36 COPYRIGHT International Telecommunications Union/ITU TelecommunicationsLicensed by I
26、nformation Handling ServicesITU-T RECMN*X.BLZ 95 = YBb2591 Ob13313 318 Summary This Recommendation I International Standard defines a general framework for the provision of access control. The primary goal of access control is to counter the threat of unauthorized operations involving a computer or
27、communications system; these threats are frequently subdivided into classes known as unauthorized use, disclosure, modification, destruction and denial of service. ITU-T Rec. X.812 (1995 E) iii COPYRIGHT International Telecommunications Union/ITU TelecommunicationsLicensed by Information Handling Se
28、rvicesITU-T RECMNxX.812 95 m 4862591 Ob13314 254 COPYRIGHT International Telecommunications Union/ITU TelecommunicationsLicensed by Information Handling ServicesISO/IEC 10181-3 : 1996 (E) INTERNATIONAL STANDARD ITU-T RECOMMENDATION INFORMATION TECHNOLOGY - OPEN SYSTEMS INTERCONNECTION - SECURITY FRA
29、MEWORKS FOR OPEN SYSTEMS: ACCESS CONTROL FRAMEWORK 1 Scope The Security Frameworks are intended to address the application of security services in an Open Systems environment, where the term Open Systems is taken to include areas such as Database, Distributed Applications, ODP and OSI. The Security
30、Frameworks are concerned with defining the means of providing protection for systems and objects within systems, and with the interactions between systems. The Security Frameworks are not concerned with the methodology for constructing systems or mechanisms. The Security Frameworks address both data
31、 elements and sequences of operations (but not protocol elements) that are used to obtain specific security services. These security services may apply to the communicating entities of systems as well as to data exchanged between systems, and to data managed by systems. In the case of Access Control
32、, accesses may either be lo a system (Le. to an entity that is the communicating part of a system) or within a system. The information items that need to be presented to obtain the access, as well as the sequence of operations to request the access and for notification of the results of the access,
33、are considered to be within the scope of the Security Frameworks. However, any information items and operations that are dependent solely on a particular application and that are strictly concerned with local access within a system are considered to be outside the scope of the Security Frameworks. M
34、any applications have requirements for security to protect against threats to resources, including information, resulting from the interconnection of Open Systems. Some commonly known threats, together with the security services and mechanisms that can be used to protect against them, in an OS1 envi
35、ronment, are described in CCIT Rec. X.800 I The process of determining which uses of resources within an Open System environment are permitted and, where appropriate, preventing unauthorized access is called access control. This Recommendation I International Standard defines a general framework for
36、 the provision of access control services. This Security Framework: IS0 7498-2. a) b) c) d) e) f) defines the basic concepts for access control; demonstrates the manner in which the basic concepts of access control can be specialized to support some commonly recognized access control services and me
37、chanisms; defines these services and corresponding access control mechanisms; identifies functional requirements for protocols to support these access control services and mechanisms; identifies management requirements to support these access control services and mechanisms; addresses the interactio
38、n of access control services and mechanisms with other security services and mechanisms. As with other security services, access control can be provided only within the context of a defined security policy for a particular application. The definition of access control policies is outside the scope o
39、f this Recommendation I International Standard, however, some characteristics of access control policies are discussed. It is not a matter for this Recommendation I International Standard to specify details of the protocol exchanges which may need to be performed in order to provide access control s
40、ervices. This Recommendation I International Standard does not specify particular mechanisms to support these access control services nor the details of security management services and protocols. ITU-T Rec. X.812 (1995 E) 1 COPYRIGHT International Telecommunications Union/ITU TelecommunicationsLice
41、nsed by Information Handling ServicesISO/IEC 10181-3 : 1996 (E) A number of different types of standard can use this framework including: a) b) c) d) e) standards that incorporate the concept of access control; standards that specify abstract services that include access control; standards that spec
42、ify uses of an access control service; standards that specify the means of providing access control within an Open System environment; and standards that specify access control mechanisms. Such standards can use this framework as follows: - - - standard types a, b, c, d, and e can use the terminolog
43、y of this framework; standard types b, c, d, and e can use the facilities defined in clause 7 of this framework; and standard type e can be based upon the classes of mechanism defined in clause 8. 2 Normative references The following Recommendations and International Standards contain provisions, wh
44、ich through reference in this text, constitute provisions of this Recommendation I International Standard. At the time of publication, the editions indicated were valid. All Recommendations and Standards are subject to revision, and parties to agreements based on this Recommendation I International
45、Standard are encouraged to investigate the possibility of applying the most recent edition of the Recommendations and Standards listed below. Members of IEC and IS0 maintain registers of currently valid International Standards. The Telecommunication Standardization Bureau of the ITU maintains a list
46、 of currently valid ITU-T Recommendations. 2.1 Identical Recommendations I International Standards - IT-T Recommendation X.200 (1994) I ISO/IEC 7498-1:1994, Information technology - Open Systems Interconnection - Basic Reference Model: The Basic Model. ITU-T Recommendation X.810 (1995) I ISO/IEC 101
47、81-1:1996, Information technology - Open Systems Interconnection - Security frameworks for open systems: Overview. IT-T Recommendation X.81 l(1995) I ISO/IEC 10181-2: 1996, Informafion technology - Open Systems Interconnection - Security frameworks for open systems: Authentication framework. IT-T Re
48、commendation X.880 (1994) I ISO/IEC 13712-1: 1995, Information technology - Remote Operations: Concepts model and notation. - - - 2.2 Paired Recommendations I International Standards equivalent in technical content - CCIT Recommendation X.800 (199 1), Security Architecture for Open Systems Interconn
49、ection for CCITT applications. IS0 7498-2: 1989, Information processing systems - Open Systems Interconnection - Basic Reference Model - Part 2: Security Architecture. 3 Definitions For the purposes of this Recommendation I International Standard, the following definitions apply. 3.1 Rec. X.800 I IS0 7498-2: This Recommendation I International Standard makes use of the following terms defined in a) access control; b) access control list; c) accountability; d) authentication; e) authentication information; f) authorization; C