1、 ITU-T RECHN*X-814 95 4862591 Ob13351 121 INTERNATIONAL TELECOMMUNICATION UNION ITU-T TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU DATA NETWORKS AND OPEN SYSTEM COMM UN ICATIONS SECURITY X.814 (1 1/95) INFORMATION TECHNOLOGY - OPEN SYSTEMS INTERCONNECTION - SECURITY FRAMEWORKS FOR OPEN SYSTEMS: C
2、ONFIDENTIALITY FRAMEWORK ITU-T Recommendation X.814 (Previously “CCIlT Recommendation”) COPYRIGHT International Telecommunications Union/ITU TelecommunicationsLicensed by Information Handling Services ITU-T RECMN*X.814 75 = 4862571 0633352 Ob8 = FOREWORD ITU (International Telecommunication Union) i
3、s the United Nations Specialized Agency in the field of telecommunications. The IT Telecommunication Standardization Sector (IW-T) is a permanent organ of the IT. Some 179 member countries, 84 telecom operating entities, 145 scientific and industrial organizations and 38 international organizations
4、participate in ITU-T which is the body which sets world telecommunications standards (Recommendations). The approval of Recommendations by the Members of ITU-T is covered by the procedure laid down in WTSC Resolution No. 1 (Helsinki, 1993). In addition, the World Telecommunication Standardization Co
5、nference (WTSC), which meets every four years, approves Recommendations submitted to it and establishes the study programme for the following period. In some areas of information technology which fall within IT-Ts purview, the necessary standards are prepared on a collaborative basis with IS0 and IE
6、C. The text of IT-T Recommendation X.814 was approved on 21st of November 1995. The identical text is also published as JSOAEC International Standard 101 81-5. NOTE In this Recommendation, the expression “Administration” is used for conciseness to indicate both a telecommunication administration and
7、 a recognized operating agency. O ITU 1996 All rights reserved. No part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from the IT. COPYRIGHT International Telecommunications
8、 Union/ITU TelecommunicationsLicensed by Information Handling ServicesITU-T RECMN*X=BL4 95 = 4862.571 Ob33353 TT4 Subject area PUBLIC DATA NETWORKS ITU-T X-SERIES RECOMMENDATIONS DATA NETWORKS AND OPEN SYSTEM COMMUNICATIONS Recommendation Series (February 1994) ORGANIZATION OF X-SERIES RECOMMENDATIO
9、NS Services and Facilities X. l-X. 19 Transmission, Signalling and Switching Network Aspects I Intedaces I X.20-X.49 I X.50-X.89 X.90-X. 149 - Maintenance X.150-X.179 Administrative Arrangements X.180-X.199 OPEN SYSTEMS INTERCONNECTION Model and Notation X.200-X.209 Service Definitions Connection-mo
10、de Protocol Specifications I Connectionless-mode Protocol Specifications I X.230-X.239 I X.210-X.219 X.220-X.229 PICS Proformas Protocol Identification X.240-X.259 X.260-X.269 Security Protocols Layer Managed Objects X.270-X.279 X.280-X.289 Conformance Testing INTERWORKING BETWEEN NETWORKS I MESSAGE
11、 HANDLING SYSTEMS I X.400-X.499 I X.290-X.299 Mobile Data Transmission Systems Management I OS1 NETWORKING AND SYSTEM ASPECTS X.350-X.369 X.370-X.399 DIRECTORY X.500-X.599 Networking Naming, Addressing and Registration I Commitment, Concurrency and Recovery I X.850-X.859 X .600-X. 649 X.650-X.679 Ab
12、stract Syntax Notation One (ASN. 1) OS1 MANAGEMENT X.680-X.699 x.700-x.799 SECURITY OS1 APPLICATIONS X.800-X.849 Transaction Processing Remote Operations OPEN DISTRIBUTED PROCESSING X.860-X.879 X.880-X.899 x.900-x.999 COPYRIGHT International Telecommunications Union/ITU TelecommunicationsLicensed by
13、 Information Handling Services1 2 3 4 5 6 7 8 9 CONTENTS Page Scope 1 Normative references . 2 2.1 Identical Recommendations I International Standards 2 2.2 Paired Recommendations I International Standards equivalent in technical content 2 Definitions 2 3.1 Basic Reference Model definitions . 2 3.2
14、Security architecture definitions . 3 3.3 Security frameworks overview definitions . 3 3.4 Additional definitions . 3 Abbreviations . 4 General discussion of confidentiality . 4 5.1 Basic concepts . 5.1.1 Protection of information 5.1.2 Hide and reveal operations Classes of confidentiality services
15、Types of confidentiality mechanisms 5.4 Threats to confidentiality 5.4.1 Threats when confidentiality is provided through access prevention . 5.4.2 Threats when confidentiality is provided through information hiding . 5.2 5.3 5.5 Types of confidentiality attacks Confidentiality policies 7 6.1 Policy
16、 expression 8 6.1.1 Information characterization . 8 6.1.2 Entity characterization 8 Confidentiality information and facilities 7.1 Confidentiality information . 7.1.2 Revealing confidentiality information 7.2 Confidentiality facilities 7.2.1 Operation related facilities 7.2.1.1 Hide . 7.2.1.2 Revea
17、l . 7.2.2 Management related facilities . 7.1.1 Hiding confidentiality information . Confidentiality mechanisms . 8.1 Confidentiality provision through access prevention Confidentiality protection through physical media protection Confidentiality protection through routing control . Confidentiality
18、provision through encipherment Confidentiality provision through dummy events . Confidentiality provision through PDU header protection . Confidentiality provision through time varying fields Confidentiality provision through contextual location . 8.1.1 8.1.2 8.2.1 8.2.2 8.2.3 8.2.4 8.2 Confidential
19、ity provision through data padding . 8.3 10 10 10 10 10 10 11 11 11 11 Interactions with other security services and mechanisms . 12 9.1 Access Control 12 ITU-T Rec . X.814 (1995 E) 1 COPYRIGHT International Telecommunications Union/ITU TelecommunicationsLicensed by Information Handling ServicesITU-
20、T RECflN*X- identifies possible classes of confidentiality mechanisms; classifies and identifies facilities for each class of confidentiality mechanisms; identifies management required to support the classes of confidentiality mechanism; and addresses the interaction of confidentiality mechanism and
21、 the supporting services with other security services and mechanisms. A number of different types of standards can use this framework, including: 1) 2) 3) 4) 5) standards that incorporate the concept of confidentiality; standards that specify abstract services that include confidentiality; standards
22、 that specify uses of a confidentiality service; standards that specify means of providing confidentiality within an open system architecture; and standards that specify confidentiality mechanisms. Such standards can use this framework as follows: - - - standards of type l), 2), 3), 4) and 5) can us
23、e the terminology of this framework; standards of type 2), 3), 4) and 5) can use the facilities defined in clause 7 of this framework; standards of type 5) can be based upon the classes of mechanism defined in clause 8 of this framework. As with other security services, confidentiality can only be p
24、rovided within the context of a defined security policy for a particular application. The definitions of specific security policies are outside the scope of this Recommendation I International Standard. It is not a matter for this Recommendation I International Standard to specify details of the pro
25、tocol exchanges which need to be performed in order to achieve confidentiality. This Recommendation I International Standard does not specify particular mechanisms to support these confidentiality services nor the full details of security management services and protocols. Generic mechanisms to supp
26、ort confidentiality are described in clause 8. ITU-T Rec. X.814 (1995 E) 1 COPYRIGHT International Telecommunications Union/ITU TelecommunicationsLicensed by Information Handling Services ITU-T RECMNUX-BL4 95 m 4862593 Ob33359 412 m ISOIIEC 10181-5 : 1996 (E) Some of the procedures described in this
27、 security framework achieve confidentiality by the application of cryptographic techniques. This framework is not dependent on the use of particular cryptographic or other algorithms, although certain classes of confidentiality mechanisms may depend on particular algorithm properties. NOTE - Althoug
28、h IS0 does not standardize cryptographic algorithms, it does standardize the procedures used to register them in ISOfiEC 9979: 1991, Procedures for the registration of criptographic algorithms. This framework addresses the provision of confidentiality when the information is represented by data that
29、 are read- accessible to potential attackers. Its scope includes traffic flow confidentiality. 2 Normative references The following Recommendations and International Standards contain provisions which, through reference in this text, constitute provisions of this Recommendation I International Stand
30、ard. At the time of publication, the editions indicated were valid. All Recommendations and Standards are subject to revision, and parties to agreements based on this Recommendation I International Standard are encouraged to investigate the possibility of applying the most recent edition of the Reco
31、mmendations and Standards listed below. Members of IEC and IS0 maintain registers of currently valid International Standards. The Telecommunication Standardization Bureau of the ITU maintains a list of currently valid ITU-T Recommendations. 2.1 Identical Recommendations I International Standards - I
32、TU-T Recommendation X.200 (1994) I ISO/IEC 7498-1:1994, Information technology - Open Systems Interconnection - Basic Reference Model: The Basic Model. ITU-T Recommendation X.233 (1993) I ISO/IEC 8473-1:1994, Information technology - Protocol for providing the connectionless-mode Network service: Pr
33、otocol specijcation. IT-T Recommendation X.273 (1994) I ISO/IEC 11577:1995, Information technology - Open Systems Interconnection - Network layer security protocol. ITU-T Recommendation X.274 (1994) I ISODEC 10736: 1995, Information technology - Telecommunica- tion and information exchange between s
34、ystems - Transport layer security protocol. ITU-T Recommendation X.810 (1995) I ISOIIEC 10181-1:1996, Information technology - Open Systems Interconnection - Securityframeworks for open systems: Overview. ITU-T Recommendation X.812 (1995) I ISOAEC 10181-3:1996, Information technology - Open Systems
35、Interconnection - Security frameworks for open systems: Access control framework. - - - - - 2.2 Paired Recommendations I International Standards equivalent in technical content - CCITT Recommendation X.800 (199 l), Security architecture for Open Systems Interconnection for CCIT applications. IS0 749
36、8-2: 1989, Information processing systems - Open Systems Interconnection - Basic Reference Model - Part 2: Security Architecture. 3 Definitions For the purposes of this Recommendation I International Standard, the following definitions apply. 3.1 Basic Reference Model definitions This Recommendation
37、 I International Standard makes use of the following general security-related terms defined in ITU-T Rec. X.200 I ISO/IEC 7498-1: a) (N)-connection; b) (N)-entity; c) (N)-facility; d) (N)-layer; 2 ITU-T Rec. X.814 (1995 E) COPYRIGHT International Telecommunications Union/ITU TelecommunicationsLicens
38、ed by Information Handling ServicesITU-T RECNN*X.814 75 48b259L ObL33b0 II34 ISO/IEC 10181-5 : 1996 (E) e) (N)-PDU; f) (N)-SDU; g) (N)-service; h) i)-unitdata; i) (N)-userdata; j) segmenting. 3.2 Security architecture definitions This Recommendation I International Standard makes use of the followin
39、g terms defined in CCKT Rec. X.800 i IS0 7498-2: a) active threat; b) Confidentiality; c) decipherment: d) decryption; e) encipherment; f) encryption; g) identity-based security policy; h) key; i) passive threat; j) routing control; k) rule-based security policy; I) sensitivity; m) traffic analysis;
40、 n) traffic padding. 3.3 Security frameworks overview definitions This Recommendation I International Standard makes use of the following general security-related terms defined in ITU-T Rec. X.810 i ISO/IEC 10181-1: a) secret key: b) private key: c) public key. 3.4 Additional definitions For the pur
41、poses of this Recommendation i Intemational Standard, the following definitions apply: 3.4.1 confidentiality-protected-environment: An environment which prevents unauthorized information disclosure either by preventing unauthorized data inspection or by preventing unauthorized derivation of sensitiv
42、e information through data inspection. Sensitive information may include some or all of the data attributes (e.g. value, size, or existence). 3.4.2 confidentiality-protected-data: Data within a confidentiality-protected-environment. NOTE - A confidentiaiity-protected environment may also protect som
43、e (or all) of the attributes of the confidentiality- protected data. 3.4.3 confidentiality-protected-information: Information all of whose concrete encodings (i.e. data) are confidentiality protected. 3.4.4 protection to already protected data. hide: An operation that applies confidentiality protect
44、ion to unprotected data or additional confidentiality ITU-T Rec. X.814 (1995 E) 3 COPYRIGHT International Telecommunications Union/ITU TelecommunicationsLicensed by Information Handling Services ITU-T RECMN*X-B34 95 W 4862543 Ob33363 O70 D ISO/IEC 10181-5 : 1996 (E) 3.4.5 3.4.6 3.4.7 3.4.8 propertie
45、s of a security mechanism. 3.4.9 indirect attack: An attack on a system which is not based on the deficiencies of a particular security mechanism (e.g. attacks which bypass the mechanism, or attacks which depend on the system using the mechanism incorrectly). reveal: An operation that removes some o
46、r all of previously applied confidentiality protection. hiding confidentiality information: Information that is used to perform the hide operation. revealing confidentiality information: Information that is used to perform the reveal operation. direct attack: An attack on a system based on deficienc
47、ies in the underlying algorithms, principies, or 4 Abbreviations For the purposes of this Recommendation I International Standard, the following abbreviations apply: HCI Hiding Confidentiality Information PDU Protocol Data Unit RCI Revealing Confidentiality Information SDU Service Data Unit 5 Genera
48、l discussion of confidentiality 5.1 Basic concepts The purpose of the confidentiality service is to ensure that information is available only to those authorized. Insofar as information is represented through data and insofar as data may result in contextual changes (e.g. file manipulations may resu
49、lt in directory changes or in changes in the number of available storage locations), information can be derived from data in a number of different ways: 1) 2) 3) 4) by understanding the semantics of the data (e.g. the value of the data); by using the associated attributes of the data (such as existence, date of creation, size, date of last update, etc.) to permit inferencing; and by considering the context of the data, i.e. those other data objects that are associated with it; and by observing the dynamic variations of the representation. The information can be protect
