欢迎来到麦多课文档分享! | 帮助中心 海量文档,免费浏览,给你所需,享你所想!
麦多课文档分享
全部分类
  • 标准规范>
  • 教学课件>
  • 考试资料>
  • 办公文档>
  • 学术论文>
  • 行业资料>
  • 易语言源码>
  • ImageVerifierCode 换一换
    首页 麦多课文档分享 > 资源分类 > PDF文档下载
    分享到微信 分享到微博 分享到QQ空间

    ISO IEC 24767-1-2008 Information technology - Home network security - Part 1 Security requirements《信息技术 家庭网络安全性 第1部分 安全性要求》.pdf

    • 资源ID:1257123       资源大小:2MB        全文页数:28页
    • 资源格式: PDF        下载积分:10000积分
    快捷下载 游客一键下载
    账号登录下载
    微信登录下载
    二维码
    微信扫一扫登录
    下载资源需要10000积分(如需开发票,请勿充值!)
    邮箱/手机:
    温馨提示:
    如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
    如需开发票,请勿充值!如填写123,账号就是123,密码也是123。
    支付方式: 支付宝扫码支付    微信扫码支付   
    验证码:   换一换

    加入VIP,交流精品资源
     
    账号:
    密码:
    验证码:   换一换
      忘记密码?
        
    友情提示
    2、PDF文件下载后,可能会被浏览器默认打开,此种情况可以点击浏览器菜单,保存网页到桌面,就可以正常下载了。
    3、本站不支持迅雷下载,请使用电脑自带的IE浏览器,或者360浏览器、谷歌浏览器下载即可。
    4、本站资源下载后的文档和图纸-无水印,预览文档经过压缩,下载后原文更清晰。
    5、试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。

    ISO IEC 24767-1-2008 Information technology - Home network security - Part 1 Security requirements《信息技术 家庭网络安全性 第1部分 安全性要求》.pdf

    1、 ISO/IEC 24767-1 Edition 1.0 2008-09 INTERNATIONAL STANDARD Information technology Home network security Part 1: Security requirements ISO/IEC 24767-1:2008(E) THIS PUBLICATION IS COPYRIGHT PROTECTED Copyright 2008 ISO/IEC, Geneva, Switzerland All rights reserved. Unless otherwise specified, no part

    2、of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either IEC or IECs member National Committee in the country of the requester. If you have any questions about ISO/IEC copy

    3、right or have an enquiry about obtaining additional rights to this publication, please contact the address below or your local IEC member National Committee for further information. IEC Central Office 3, rue de Varemb CH-1211 Geneva 20 Switzerland Email: inmailiec.ch Web: www.iec.ch About the IEC Th

    4、e International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes International Standards for all electrical, electronic and related technologies. About IEC publications The technical content of IEC publications is kept under constant review by the IEC.

    5、 Please make sure that you have the latest edition, a corrigenda or an amendment might have been published. Catalogue of IEC publications: www.iec.ch/searchpub The IEC on-line Catalogue enables you to search by a variety of criteria (reference number, text, technical committee,). It also gives infor

    6、mation on projects, withdrawn and replaced publications. IEC Just Published: www.iec.ch/online_news/justpub Stay up to date on all new IEC publications. Just Published details twice a month all new publications released. Available on-line and also by email. Electropedia: www.electropedia.org The wor

    7、lds leading online dictionary of electronic and electrical terms containing more than 20 000 terms and definitions in English and French, with equivalent terms in additional languages. Also known as the International Electrotechnical Vocabulary online. Customer Service Centre: www.iec.ch/webstore/cu

    8、stserv If you wish to give us your feedback on this publication or need further assistance, please visit the Customer Service Centre FAQ or contact us: Email: csciec.ch Tel.: +41 22 919 02 11 Fax: +41 22 919 03 00 ISO/IEC 24767-1 Edition 1.0 2008-09 INTERNATIONAL STANDARD Information technology Home

    9、 network security Part 1: Security requirements INTERNATIONAL ELECTROTECHNICAL COMMISSION K ICS 35.200 PRICE CODE ISBN 2-8318-1000-1 2 24767-1 ISO/IEC 2008(E) CONTENTS FOREWORD.4 1 Scope.5 2 Terms, definitions and abbreviations 5 2.1 Terms and definitions 5 2.2 Abbreviations 6 3 Conformance6 4 Secur

    10、ity requirements for home electronic systems and networks.6 4.1 General .6 4.2 Home electronic system security .7 4.3 Issues related to HES security but out of scope of this standard11 5 Challenges .12 5.1 General .12 5.2 Always-on challenge .12 5.3 Power line challenge .12 5.4 Wireless challenge 13

    11、 5.5 Complex assortment devices challenge.13 5.6 Many and diverse user needs13 5.7 Many and diverse applications.13 6 Security models14 6.1 Introduction .14 6.2 Owner supported single home HES (OSS).14 6.3 Externally supported single home HES (ESS)14 6.4 Externally supported multiple homes HES (ESM)

    12、 14 7 Threat analysis.15 7.1 General .15 7.2 Unauthorized access .15 7.3 Malicious software and configuration.16 7.4 Denial of service .17 7.5 Unintended modification of data during communication .17 7.6 User errors17 7.7 System failures .17 7.8 Security service providers .17 8 Security requirements

    13、.17 8.1 General .17 8.2 Access control.18 8.3 Data and message authentication19 8.4 Remote access control 19 8.5 Protection of communications19 8.6 Firewalls20 8.7 Virus protection .20 8.8 Protection against denial of service attacks.20 8.9 Auditing.21 8.10 Recovery.21 9 Requirements on security sol

    14、utions 21 24767-1 ISO/IEC 2008(E) 3 9.1 General .21 9.2 Different levels of security services for different applications in a home.21 9.3 Convenience .22 Annex A (informative) Comparison between office IT systems and home electronic system security requirements .23 Bibliography24 Figure 1 A concept

    15、model of home networks10 Figure 2 Different considerations in different home environments 11 Table 1 Security threats and corresponding defences 18 4 24767-1 ISO/IEC 2008(E) INFORMATION TECHNOLOGY HOME NETWORK SECURITY Part 1: Security requirements FOREWORD 1) ISO (International Organization for Sta

    16、ndardization) and IEC (International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards. Their preparation is entrusted to technical committees; any ISO and I

    17、EC member body interested in the subject dealt with may participate in this preparatory work. International governmental and non-governmental organizations liaising with ISO and IEC also participate in this preparation. 2) In the field of information technology, ISO and IEC have established a joint

    18、technical committee, ISO/IEC JTC 1. Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote. 3) The formal decisions or agree

    19、ments of IEC and ISO on technical matters express, as nearly as possible, an international consensus of opinion on the relevant subjects since each technical committee has representation from all interested IEC and ISO member bodies. 4) IEC, ISO and ISO/IEC publications have the form of recommendati

    20、ons for international use and are accepted by IEC and ISO member bodies in that sense. While all reasonable efforts are made to ensure that the technical content of IEC, ISO and ISO/IEC publications is accurate, IEC or ISO cannot be held responsible for the way in which they are used or for any misi

    21、nterpretation by any end user. 5) In order to promote international uniformity, IEC and ISO member bodies undertake to apply IEC, ISO and ISO/IEC publications transparently to the maximum extent possible in their national and regional publications. Any divergence between any ISO/IEC publication and

    22、the corresponding national or regional publication should be clearly indicated in the latter. 6) ISO and IEC provide no marking procedure to indicate their approval and cannot be rendered responsible for any equipment declared to be in conformity with an ISO/IEC publication. 7) All users should ensu

    23、re that they have the latest edition of this publication. 8) No liability shall attach to IEC or ISO or its directors, employees, servants or agents including individual experts and members of their technical committees and IEC or ISO member bodies for any personal injury, property damage or other d

    24、amage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and expenses arising out of the publication of, use of, or reliance upon, this ISO/IEC publication or any other IEC, ISO or ISO/IEC publications. 9) Attention is drawn to the normative references cited in

    25、 this publication. Use of the referenced publications is indispensable for the correct application of this publication. 10) Attention is drawn to the possibility that some of the elements of this International Standard may be the subject of patent rights. ISO and IEC shall not be held responsible fo

    26、r identifying any or all such patent rights. International Standard ISO/IEC 24767-1 was prepared by subcommittee 25: Interconnection of information technology equipment, of ISO/IEC joint technical committee 1: Information technology. The list of all currently available parts of the ISO/IEC 24767 ser

    27、ies, under the general title Information technology Home network security, can be found on the IEC web site. This International Standard has been approved by vote of the member bodies, and the voting results may be obtained from the address given on the second title page. This publication has been d

    28、rafted in accordance with the ISO/IEC Directives, Part 2. 24767-1 ISO/IEC 2008(E) 5 INFORMATION TECHNOLOGY HOME NETWORK SECURITY Part 1: Security requirements 1 Scope This part of ISO/IEC 24767 specifies home network security requirements that may come from inside or outside a home. It serves as a f

    29、oundation for the development of security services against threats affecting the home environment. The discussions about security requirements in this standard are presented in a relatively informal manner. Although many of the items discussed here are expected to guide the design of security mechan

    30、isms applied either inside home networks or through the Internet, they are not considered formal requirements. Various devices are connected to the home network; see Figure 1. The devices of the “living network”, the devices for “A/V entertainment” and the devices for “informational applications” pr

    31、ovide different features and performance. This standard provides means to analyse the risks for each networked device and to define its specific “security requirements”. 2 Terms, definitions and abbreviations 2.1 Terms and definitions For the purpose of this document the following definitions apply.

    32、 2.1.1 brown goods A/V devices that are mainly used for entertainment, for example, television or DVD recorder 2.1.2 confidentiality property that information is not made available or disclosed to unauthorized individuals, entities or processes 2.1.3 data authentication service used to ensure that t

    33、he source of the data claimed by a party to a communication is correctly verified 2.1.4 data integrity property that data has not been altered or destroyed in an unauthorized manner 2.1.5 user authentication service used to ensure that the identity claimed by a party to a communication is correctly

    34、verified, whereas an authorization service ensures that the identified and authenticated party is entitled to access a particular device or application on the home network 2.1.6 white goods appliances that are used for daily life, for example, air conditioner, refrigerator and so on 6 24767-1 ISO/IE

    35、C 2008(E) 2.2 Abbreviations For the purpose of this document the following abbreviations apply. A/V Audio / Visual DDoS Distributed Denial of Service DoS Denial of Service DRM Digital Rights Management DTV Digital TeleVision DVD Digital Versatile Disc ESM Externally Supported Multiple homes HES ESS

    36、Externally Supported Single home HES HES Home Electronic System ICT Information and Communication Technology IP Internet Protocol IPSec IP Security protocol IPv4 Internet Protocol version 4 IPv6 Internet Protocol version 6 IT Information Technology MPEG Moving Picture Expert Group OSS Owner supporte

    37、d single home HES PDA Personal Digital Assistant SSL Secure Sockets Layer TCP Transmission Control Protocol TLS Transport Layer Security URL Uniform Resource Locator VCR Video Cassette Recorder VoIP Voice over Internet Protocol 3 Conformance This part of ISO/IEC 24767 provides guidelines and contain

    38、s no conformance requirements. 4 Security requirements for home electronic systems and networks 4.1 General With the rapid development of the Internet and related networking technologies, computers in offices as well as homes have been enabled to be connected to each other or to the outside world to

    39、 gain lots of resources. Today, the same technologies behind these successes are extending their reach right into our homes to make devices as connectable as ordinary PCs. In doing so, they will not only permit users to monitor and control their home appliances from inside or outside the home, but a

    40、lso create new service development and opportunities, such as remote controlling and maintenance of home appliances. This means that a simple home computing environment will evolve into a home network of multiple devices for which security will also be demanded. A HES needs to be trusted by the inha

    41、bitants, users and owners of both the home and the system. The purpose of security of the HES is to provide trust in the system. Since many components of HES will be in operation 24 hours a day continuously and automatically exchange information with the outside world, IT security is necessary in or

    42、der to maintain the confidentiality, integrity and availability of the data and the system. A well implemented security solution implies for example that only authorized users and processes have access to 24767-1 ISO/IEC 2008(E) 7 the system and the data stored on the system or is communicated to an

    43、d from the system, and that only authorized users are able to use and modify the system. Security requirements for HES can be described in several ways. This standard is limited to IT security of the HES. However, information technology security needs to look beyond the system itself, since the home

    44、 shall be able to function, although with limited functionality, in case of a break down of the IT system. There exists in an intelligent home features that are normally supported by the HES that shall be possible to function also when the system breaks down. In such cases one realizes that there ex

    45、ist security requirements that cannot be part of the system itself, but that the system shall not prohibit the implementation of fallback solutions. There are several stakeholders in security. Not only inhabitants and owners of the HES have to trust it, but also service providers and content provide

    46、rs. These latter have to trust that their offered services and content are only used as authorized by them. However, one of the foundations of the security of a system is that it has to be under the responsibility of a single security manager. It is obvious that this has to be the responsibility of

    47、the inhabitants/owners of the system. Whether this is done by him/herself or outsourced is irrelevant. It is still the security manager who has the responsibility. The way service and content providers trust that the HES and its users handle their services and content correctly is reduced to a contr

    48、actual issue. The contract may, for example, state functions, components or processes that shall be supported by the HES. It is not expected that a single architecture of HES can support all types of homes. Each model might have a different set of security requirements. Three different models of des

    49、igning a HES will be described, each with a different set of security requirements. It is obvious that some security requirements are seen as more important than others. Thus, it can be seen that the support of some countermeasures will be optional. Furthermore, countermeasures can be of different quality and cost. Also, the management and maintenance efforts of these countermeasures can require different skills. This standard tries to explain the reasons for the listed security requirements and thus allow the desi


    注意事项

    本文(ISO IEC 24767-1-2008 Information technology - Home network security - Part 1 Security requirements《信息技术 家庭网络安全性 第1部分 安全性要求》.pdf)为本站会员(刘芸)主动上传,麦多课文档分享仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文档分享(点击联系客服),我们立即给予删除!




    关于我们 - 网站声明 - 网站地图 - 资源地图 - 友情链接 - 网站客服 - 联系我们

    copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
    备案/许可证编号:苏ICP备17064731号-1 

    收起
    展开