ISO-10736-1995.pdf
《ISO-10736-1995.pdf》由会员分享,可在线阅读,更多相关《ISO-10736-1995.pdf(57页珍藏版)》请在三一文库上搜索。
1、INTERNATIONAL STANDARD ISOJIEC 10736 First edition 1995-04-I 5 Information technology - Telecommunications and information exchange between systems - Transport layer security protocol Technologies de /information - TMcommunications et Bchange dinformation entre syst b) Authentication/Access Control
2、mechanisms; c Label mechanism; d) the procedure of the receiving an invalid TPDU during SA establishment procedure or transmission of protected PDU; e) the lifetime of Key; f) the interval of the rekey procedure in order to update key and security control information (SCI) exchange procedure; g) the
3、 time out of SC1 exchange and rekey procedure; h) the number of retries of sci exchange and rekey procedure. This Recommendation I International Standard defines a protocol which may be used for Security Association establishment. Entities wishing to establish an SA must share common mechanisms for
4、authentication and key distribution. This Recommendation I International Standard specifies one algorithm for authentication and key distribution which is based on public key crypt0 systems. The implementation of this algorithm is not mandatory; however, when an alternative mechanism is used, it sha
5、ll satisfy the following conditions: a) All SA attributes defined in 5.2 are derived. b) Derived keys are authenticated. ITU-T Rec. X.274 (1994 E) 1 Copyright International Organization for Standardization Provided by IHS under license with ISO Licensee=NASA Technical Standards 1/9972545001 Not for
6、Resale, 04/06/2007 23:40:14 MDTNo reproduction or networking permitted without license from IHS -,-,- ISO/IEC 10736:1995(E) 2 Normative references The following Recommendations and International Standards contain provisions which, through reference in this text, constitute provisions of this Recomme
7、ndation I International Standard. At the time of publication, the editions indicated were valid. All standards are subject to revision, and parties to agreements based on this Recommendation I International Standard are encouraged to investigate the possibility of applying the most recent editions o
8、f the standards listed below. Members of IEC and IS0 maintain registers of currently valid International Standards. The Telecommunication Standardization Bureau of the ITU maintains a list of currently valid ITU-T Recommendations. 2.1 2.2 2.3 Identical Recommendations I International Standards - ITU
9、-T Recommendation X.214 (1993) I IS0 8072:1994, Information technology - Open Systems Interconnection - Transport service de$nition. - ITU-T Recommendation X.234 (1993) I ISO/IEC 8602:1995, Information technology - Protocol for providing the OSI connectionless-mode transport service. Paired Recommen
10、dations I International Standards equivalent in technical content - CCITT Recommendation X.200 (1988), Reference Model of Open Systems Interconnection for CCZTT applications. ISOfIEC 7498-l: 1994, information technology - Open Systems Interconnection - Basic Reference Model - Part 1: The Basic Model
11、. - CCITT Recommendation X.800 (1991), Security architecture for Open Systems Interconnection for CCITT applications. IS0 7498-2:1989, Information processing systems - Open Systems Interconnection - Basic Reference Model - Part 2: Security Architecture. - ITU-T Recommendation X.224 (1993), Protocol
12、for providing the OSI connection-mode transport service. ISO/IEC 8073: 1992, Information technology - Telecommunications and information exchange between systems - Open Systems Interconnection - Protocol for providing the connection-mode transport service. - CCITT Recommendation X.208 (1988), Speci$
13、cation of Abstract Syntax Notation One (ASN.1). ISO/IEC 8824: 1990, Information technology - Open Systems Interconnection - Specification of Abstract Syntax Notation One (ASN.1). - CCITT Recommendation X.209 (1988), Specification of Basic Encoding Rules for Abstract Syntax Notation One (ASN.l). IS0
14、8825:1990, information technology - Open Systems interconnection - Specification of Basic Encoding Rules for Abstract Syntax Notation One (ASN. 1). - ITU-T Recommendation X.264 (1993), Transport protocol identification mechanism. ISO/IEC 11570: 1992, Information technology - Telecommunications and i
15、nformation exchange between systems - Open Systems Interconnection - Transport protocol identification mechanism. Additional references - ISO/IEC 9834-1:1993, Information technology - Open Systems Interconnection - Procedures for the operation of OS1 Registration Authorities: General Procedures. - I
16、SOAEC 9834-3:1990, Information technology - Open Systems Interconnection - Procedures for the operation of OSI Registration Authorities - Part 3: Registration of object identifier component values for joint ISO-CC177 use. 2 ITU-T Rec. X.274 (1994 E) Copyright International Organization for Standardi
17、zation Provided by IHS under license with ISO Licensee=NASA Technical Standards 1/9972545001 Not for Resale, 04/06/2007 23:40:14 MDTNo reproduction or networking permitted without license from IHS -,-,- ISO/IEC 10736:1995(E) 3 Definitions This Recommendation I International Standard is based on the
18、concepts developed in the Reference Model for Open Systems Interconnection (CCIIT Rec. X.200 I IS0 7498-l) as well as CCIIT Rec. X.800 I IS0 7498-2 on Security Architecture. 3.1 Security reference model definitions This Recommendation I International Standard makes use of the following terms as defi
19、ned in CCITT Rec. X.800 I IS0 7498-2: a) access control; b) asymmetric; c) ciphertext; d) cleartext; e) confidentiality; f) data integrity; g) data origin authentication; h) denial of service; i) end-to-end encipherment; j) key; k) key management; 1) security policy; m) symmetric. 3.2 Additional def
20、initions For the purposes of this Recommendation I International Standard, the following definitions apply: 3.2.1 cryptoperiod: The length of time for which a cryptographic key is permitted to be used. After this time has expired the key must be replaced. 3.2.2 in-band protocol mechanism: A protocol
21、 mechanism defined in this Recommendation I International Standard. 3.2.3 out-of-band protocol mechanism: A protocol mechanism not defined in this Recommendation I International Standard. 3.2.4 pairwise key: A pair of related (Public Key) or identical key (Secret Key) values generated for use betwee
22、n two particular parties. 3.2.5 reflection protection: A protection mechanism to detect when a protocol data unit has been sent back to the originator. 3.2.6 security association: The relationship between communicating entities for which there exists corresponding SA-Attributes. 3.2.7 security assoc
23、iation attributes: The collection of information required to control the security of communications between an entity and its remote peer(s). 3.2.8 SE TPDU: The encapsulated TPDU for security in order to send the TPDU defined in ITU-T Rec. X.224 I ISO/IEC 8073 or ITU-T Rec. X.234 I IS0 8602 after se
24、curing it. 4 Symbols and abbreviations This Recommendation I International Standard makes use of the following abbreviations from clause 4 of ITU-T Ret X.224 I ISO/IEC 8073: CR TPDU Connection request TPDU DC TPDU Disconnect confirm TPDU ITU-T Rec. X.274 (1994 E) 3 Copyright International Organizati
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- ISO 10736 1995
链接地址:https://www.31doc.com/p-3774763.html