欢迎来到麦多课文档分享! | 帮助中心 海量文档,免费浏览,给你所需,享你所想!
麦多课文档分享
全部分类
  • 标准规范>
  • 教学课件>
  • 考试资料>
  • 办公文档>
  • 学术论文>
  • 行业资料>
  • 易语言源码>
  • ImageVerifierCode 换一换
    首页 麦多课文档分享 > 资源分类 > PDF文档下载
    分享到微信 分享到微博 分享到QQ空间

    BS ISO IEC 11586-3-1996 Information technology - Open systems interconnection - Generic upper layers security - Security exchange service element (SESE) protocol specification《信息技术.pdf

    • 资源ID:588252       资源大小:468.68KB        全文页数:18页
    • 资源格式: PDF        下载积分:10000积分
    快捷下载 游客一键下载
    账号登录下载
    微信登录下载
    二维码
    微信扫一扫登录
    下载资源需要10000积分(如需开发票,请勿充值!)
    邮箱/手机:
    温馨提示:
    如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
    如需开发票,请勿充值!如填写123,账号就是123,密码也是123。
    支付方式: 支付宝扫码支付    微信扫码支付   
    验证码:   换一换

    加入VIP,交流精品资源
     
    账号:
    密码:
    验证码:   换一换
      忘记密码?
        
    友情提示
    2、PDF文件下载后,可能会被浏览器默认打开,此种情况可以点击浏览器菜单,保存网页到桌面,就可以正常下载了。
    3、本站不支持迅雷下载,请使用电脑自带的IE浏览器,或者360浏览器、谷歌浏览器下载即可。
    4、本站资源下载后的文档和图纸-无水印,预览文档经过压缩,下载后原文更清晰。
    5、试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。

    BS ISO IEC 11586-3-1996 Information technology - Open systems interconnection - Generic upper layers security - Security exchange service element (SESE) protocol specification《信息技术.pdf

    1、BRITISH STANDARD BS ISO/IEC 11586-3:1996 Information technology Open Systems Interconnection Generic upper layers security: Security Exchange Service Element (SESE) protocol specification (ITU-T Rec. X.832 (1995) | ISO/IEC 11586-3:1996) ICS 35.100.70BS ISO/IEC 11586-3:1996 This British Standard, hav

    2、ing been prepared under the direction of the DISC Board, was published under the authority of the Standards Board and comes into effect on 15 November 1996 BSI 11-1998 ISBN 0 580 26550 1 National foreword This British Standard reproduces verbatim ISO/IEC 11586-3:1996, and implements it as the UK nat

    3、ional standard. The UK participation in its preparation was entrusted to Technical Committee IST/21, Open Systems Interconnection, Data Management and Open Distributed Processing, which has the responsibility to: aid enquirers to understand the text; present to the responsible international/European

    4、 committee any enquiries on the interpretation, or proposals for change, and keep the UK interests informed; monitor related international and European developments and promulgate them in the UK. A list of organizations represented on this committee is available on request. Cross-references The Brit

    5、ish Standards which implement international or European publications referred to in this document may be found in the BSI Standards Catalogue under the section entitled “International Standards Correspondence Index”, or using the “Find” facility of the BSI Standards Electronic Catalogue. A British S

    6、tandard does not purport to include all the necessary provisions of a contract. Users of British Standards are responsible for their correct application. Compliance with a British Standard does not of itself confer immunity from legal obligations. Summary of pages This document comprises a front cov

    7、er, an inside front cover, the ISO/IEC title page, pages ii to iv, pages 1 to 10, an inside back cover and aback cover. This standard has been updated (see copyright date) and may have had amendments incorporated. This will be indicated in the amendment table on theinside front cover. Amendments iss

    8、ued since publication Amd. No. Date CommentsBS ISO/IEC 11586-3:1996 ii BSI 11-1998 Contents Page Introduction 1 1 Scope 1 2 Normative references 1 2.1 Identical Recommendations|International Standards 1 3 Definitions 2 4 Abbreviations 2 5 Overview of the protocol 2 5.1 Service provision 2 5.2 Use of

    9、 underlying services 2 6 Elements of procedure 2 6.1 APDUs used 2 6.2 Transfer procedure 2 6.3 User-initiated abort procedure 2 6.4 Provider-initiated abort procedure 3 7 Structure and encoding of SESE APDUs 3 7.1 Generic APDU specification 3 7.2 Abstract syntax construction 6 8 Mapping to underlyin

    10、g services 7 8.1 General 7 8.2 Mapping to ACSE services 7 9 Conformance 7 9.1 Statement Requirements 7 9.2 Static Requirements 7 9.3 Dynamic Requirements 7 Annex A SEPM state tables 8 A.1 General 8 A.2 Conventions 8 A.3 Tables 8 Annex B Basic SESE application context definition 10 B.1 Application Co

    11、ntext Name 10 B.2 Application Service Elements 10 B.3 SESE APDU Mappings 10 B.4 PDV concatenation constraints 10 B.5 PDV embedding constraints 10 B.6 Procedural constraints 10 B.7 Presentation context constraints 10 Table 1 Incoming Event List 8 Table 2 Outgoing Event List 8 Table 3 Predicates 8 Tab

    12、le 4 SEPM States 9 Table 5 SEPM State Table 9BS ISO/IEC 11586-3:1996 BSI 11-1998 iii Foreword ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members o

    13、f ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organiza

    14、tions, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. Draft International Standards adopted by the joint technical committee are circulated to

    15、 national bodies for voting. Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote. International Standard ISO/IEC 11586-3 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 21, Open systems int

    16、erconnection, data management and open distributed processing, in collaboration with ITU-T. The identical text is published as ITU-T Recommendation X.832. ISO/IEC 11586 consists of the following parts, under the general title Information technology Open Systems Interconnection Generic upper layers s

    17、ecurity: Part 1: Overview, models and notation; Part 2: Security Exchange Service Element (SESE) service definition; Part 3: Security Exchange Service Element (SESE) protocol specification; Part 4: Protecting transfer syntax specification; Part 5: Security Exchange Service Element Protocol Implement

    18、ation Conformance Statement (PICS) proforma; Part 6: Protecting transfer syntax Protocol Implementation Conformance Statement (PICS) proforma. Annexes A and B form an integral part of this part of ISO/IEC 11586.iv blankBS ISO/IEC 11586-3:1996 BSI 11-1998 1 Introduction This Recommendation | Internat

    19、ional Standard forms part of a series of Recommendations |International Standards, which provide(s) a set of facilities to aid the construction of Upper Layers protocols which support the provision of security services. The parts are as follows: Part 1: Overview, Models and Notation; Part 2: Securit

    20、y Exchange Service Element Service Definition; Part 3: Security Exchange Service Element Protocol Specification; Part 4: Protecting Transfer Syntax Specification; Part 5: Security Exchange Service Element PICS Proforma; Part 6: Protecting Transfer Syntax PICS Proforma. This Recommendation |Internati

    21、onal Standard constitutes Part 3 of this series. 1 Scope 1.1 This series of Recommendations | International Standards defines a set of generic facilities to assist in the provision of security services in application layer protocols. These include: a) a set of notational tools to support the specifi

    22、cation of selective field protection requirements in an abstract syntax specification, and to support the specification of security exchanges and security transformations; b) a service definition, protocol specification and PICS proforma for an application-service-element (ASE) to support the provis

    23、ion of security services within the Application Layer; c) a specification and PICS proforma for a security transfer syntax, associated with Presentation Layer support for security services in the Application Layer. 1.2 This Recommendation | International Standard defines the protocol provided by the

    24、 Security Exchange Service Element (SESE). The SESE is an ASE which allows the communication of security information to support the provision of security services within the Application Layer. 2 Normative references The following Recommendations and International Standards contain provisions which,

    25、through reference in this text, constitute provisions of this Recommendation| International Standard. At the time of publication, the editions indicated were valid. All Recommendations and Standards are subject to revision, and parties to agreements based on this Recommendation| International Standa

    26、rd are encouraged to investigate the possibility of applying the most recent edition of the Recommendations and Standards listed below. Members of IEC and ISO maintain registers of currently valid International Standards. The Telecommunication Standardization Bureau of the ITU maintains a list of cu

    27、rrently valid ITU-T Recommendations. 2.1 Identical Recommendations | International Standards ITU-T Recommendation X.207 (1993)| ISO/IEC 9545:1994, Information technology Open Systems Interconnection Application Layer structure. ITU-T Recommendation X.216 (1994)| ISO/IEC 8822:1994, Information techno

    28、logy Open Systems Interconnection Presentation service definition. ITU-T Recommendation X.217 (1995) | ISO/IEC 8649:. 1) . Information technology Open Systems Interconnection Service definition for the Association Control Service Element. ITU-T Recommendation X.226 (1994) | ISO/IEC 8823-1:1994, Info

    29、rmation technology Open Systems Interconnection Connection-oriented presentation protocol: Protocol specification. ITU-T Recommendation X.227 (1995)| ISO/IEC 8650-1:. 1) , Information technology Open Systems Interconnection Connection-oriented protocol for the Association Control Service Element: Pr

    30、otocol specification. ITU-T Recommendation X.680 (1994)| ISO/IEC 8824-1:1995, Information technology Abstract Syntax Notation One (ASN.1):Specification of basic notation. ITU-T Recommendation X.681 (1994)| ISO/IEC 8824-2:1995, Information technology Abstract Syntax Notation One (ASN.1):Information o

    31、bject specification. ITU-T Recommendation X.682 (1994)| ISO/IEC 8824-3:1995, Information technology Abstract Syntax Notation One (ASN.1):Constraint specification. 1) To be published.BS ISO/IEC 11586-3:1996 2 BSI 11-1998 ITU-T Recommendation X.683 (1994)| ISO/IEC 8824-4:1995, Information technology A

    32、bstract Syntax Notation One (ASN.1):Parameterization of ASN.1 specifications. ITU-T Recommendation X.690 (1994)| ISO/IEC 8825-1:1995, Information technology ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER). ITU-T

    33、 Recommendation X.803 (1994)| ISO/IEC 10745:1995, Information technology Open Systems Interconnection Upper layers security model. 3 Definitions This Recommendation |International Standard makes use of the following terms defined in ITU-TRec. X.803 | ISO/IEC 10745: security exchange; security exchan

    34、ge item. 4 Abbreviations 5 Overview of the protocol 5.1 Service provision The protocol defined in this Specification provides the services defined in ITU-T Rec. X.831 | ISO/IEC 11586-2. These services are as follows: 5.2 Use of underlying services This SESE protocol defines a set of APDUs, each of w

    35、hich may potentially be mapped onto any Presentation Layer service which conveys user-data, or which may be embedded in or concatenated with any other application-PDU, according to the rules of the ASO-context or application-context in force. Clause 8 defines some useful mappings to the presentation

    36、-service and ACSE. 6 Elements of procedure 6.1 APDUs used The SESE protocol specifies the following APDUs: 6.2 Transfer procedure This procedure is used by a requestor SEPM to initiate a security-exchange requiring the transfer of one or more security-exchange-items. This procedure is also used by e

    37、ither requestor or responder SEPM to transfer further security-exchange-items started by the requestor SEPM. On receipt of a SE-TRANSFER request primitive, the SEPM retains the security exchange identifier, and generates a SE-TRANSFER APDU (SETR). On receipt of a SE-TRANSFER APDU (SETR), the SEPM re

    38、tains the security exchange identifier, and issues a SE-TRANSFER indication primitive. If the security exchange belongs to the “Alternating” class, and the exchange does not follow the expected sequence, then the SEPM generates an SE-P-ABORT APDU (SEPA), and issues an SE-P-ABORT indication. 6.3 User

    39、-initiated abort procedure This procedure is used for one SESE user to indicate to the peer SESE user and the SEPM that an error has occurred and that any security exchange in progress is to be abnormally terminated. Additionally, it may optionally cause the abnormal release of the ASO-association w

    40、ith the possible loss of information in transit. It is initiated by an SE-U-ABORT request primitive. On receipt of an SE-U-ABORT request primitive, the SEPM generates an SE-ABORT APDU (SEAB). On receipt of an SE-ABORT APDU (SEAB), the SEPM issues an SE-U-ABORT indication primitive. ACSE Association

    41、Control Service Element APDU application-protocol-data-unit ASE application-service-element ASO application-service-object OSI Open Systems Interconnection PICS Protocol Implementation Conformance Statement SEPM Security Exchange Protocol Machine SEI Security Exchange Item SESE Security Exchange Ser

    42、vice Element SE-TRANSFER Non-confirmed SE-U-ABORT Non-confirmed SE-P-ABORT Provider-initiated SE-TRANSFER APDU (SETR) SE-U-ABORT APDU (SEAB) SE-P-ABORT APDU (SEPA)BS ISO/IEC 11586-3:1996 BSI 11-1998 3 6.4 Provider-initiated abort procedure This procedure is used for the SEPM to indicate to the SESE

    43、users that an error has occurred and that any security exchange in progress is to be abnormally terminated. Additionally, it may optionally cause the abnormal release of the ASO-association with the possible loss of information in transit. On detection of an error, the SEPM issues an SE-P-ABORT indi

    44、cation primitive and generates an SE-P-ABORT APDU (SEPA). If the severity of the error requires the ASO-association to be terminated, the SEPA APDU is mapped to the ASO-Association Abort service. On receiving an ASO-Association Abort indication with SEPA APDU, the SEPM issues an SE-P-ABORT indicatio

    45、n with the fatality indicator set. An error condition causing a SE-P-ABORT to be generated has an associated problem code, which may be indicated to both ends. The problems so indicated are categorized as follows: a) general problem Not peculiar to any particular APDU type; b) transfer problem Probl

    46、em resulting from receipt of a SE-TRANSFER APDU; c) abort problem Problem resulting from receipt of a SE-U-ABORT APDU. Particular error conditions, and the associated problem codes, are described in the following. 6.4.1 General problem Invalid APDU The structure and/or encoding of the APDU do not co

    47、nform to either SETR, SEAB, or SEPA APDUs. 6.4.2 Transfer problem a) Duplicate invocation identifier The same invocation identifier is in use for another active security exchange invocation. b) Unrecognized security exchange The security exchange identified is not valid for this ASO-context. c) Mist

    48、yped item The type of the SEI does not conform to that in the object class definition. d) Inappropriate invocation identifier The invocation identifier is not within the set specified for this ASO-context. e) Alternating sequence error The received SETR does not follow the sequence of the “Alternati

    49、ng” class of security exchange. 6.4.3 Abort problem a) Unrecognized invocation identifier The invocation identifier does not identify an active or just-completed security exchange transfer. b) Abort unexpected The identified security exchange does not generate an abort for this security exchange item. c) Unrecognized error The identified security exchange does not generate this error. d) Unexpected error The identified secu


    注意事项

    本文(BS ISO IEC 11586-3-1996 Information technology - Open systems interconnection - Generic upper layers security - Security exchange service element (SESE) protocol specification《信息技术.pdf)为本站会员(吴艺期)主动上传,麦多课文档分享仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文档分享(点击联系客服),我们立即给予删除!




    关于我们 - 网站声明 - 网站地图 - 资源地图 - 友情链接 - 网站客服 - 联系我们

    copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
    备案/许可证编号:苏ICP备17064731号-1 

    收起
    展开