欢迎来到麦多课文档分享! | 帮助中心 海量文档,免费浏览,给你所需,享你所想!
麦多课文档分享
全部分类
  • 标准规范>
  • 教学课件>
  • 考试资料>
  • 办公文档>
  • 学术论文>
  • 行业资料>
  • 易语言源码>
  • ImageVerifierCode 换一换
    首页 麦多课文档分享 > 资源分类 > PDF文档下载
    分享到微信 分享到微博 分享到QQ空间

    ETSI TR 103 421-2017 CYBER Network Gateway Cyber Defence (V1 1 1)《网络 网关网络防御(V1 1 1)》.pdf

    • 资源ID:736459       资源大小:581.59KB        全文页数:30页
    • 资源格式: PDF        下载积分:10000积分
    快捷下载 游客一键下载
    账号登录下载
    微信登录下载
    二维码
    微信扫一扫登录
    下载资源需要10000积分(如需开发票,请勿充值!)
    邮箱/手机:
    温馨提示:
    如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
    如需开发票,请勿充值!如填写123,账号就是123,密码也是123。
    支付方式: 支付宝扫码支付    微信扫码支付   
    验证码:   换一换

    加入VIP,交流精品资源
     
    账号:
    密码:
    验证码:   换一换
      忘记密码?
        
    友情提示
    2、PDF文件下载后,可能会被浏览器默认打开,此种情况可以点击浏览器菜单,保存网页到桌面,就可以正常下载了。
    3、本站不支持迅雷下载,请使用电脑自带的IE浏览器,或者360浏览器、谷歌浏览器下载即可。
    4、本站资源下载后的文档和图纸-无水印,预览文档经过压缩,下载后原文更清晰。
    5、试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。

    ETSI TR 103 421-2017 CYBER Network Gateway Cyber Defence (V1 1 1)《网络 网关网络防御(V1 1 1)》.pdf

    1、 ETSI TR 103 421 V1.1.1 (2017-04) CYBER; Network Gateway Cyber Defence TECHNICAL REPORT ETSI ETSI TR 103 421 V1.1.1 (2017-04) 2 Reference DTR/CYBER-0015 Keywords cyber security, information assurance, privacy ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00

    2、 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present document can be downloaded from: http:/www.etsi.org/standards-search The present document may be made available in electronic

    3、versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document

    4、 is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is

    5、available at https:/portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the following services: https:/portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or

    6、 by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified without the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all

    7、media. European Telecommunications Standards Institute 2017. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM and LTE are Trade Marks of ETSI registered for the benefit of its Members and of the 3GPP Organizat

    8、ional Partners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TR 103 421 V1.1.1 (2017-04) 3 Contents Intellectual Property Rights 5g3Foreword . 5g3Modal verbs terminology 5g3Executive summary 5g3Introduction 6g31 Scope 7g32 References 7g32.1 Normative re

    9、ferences . 7g32.2 Informative references 7g33 Definitions and abbreviations . 9g33.1 Definitions 9g33.2 Abbreviations . 9g34 Network gateway cyber defence ecosystem: activities and use cases 11g34.1 Introduction - the gateway as a protection element 11g34.2 Network gateway cyber defence related stan

    10、dards activities . 12g34.3 Network gateway cyber defence business and compliance obligation use cases . 12g34.3.1 Cyber security use cases . 12g34.3.2 Network management use cases . 13g34.3.3 Device and application management - discovery and health attestation use cases . 13g34.3.4 Industry specific

    11、ations and agreement use cases 14g34.3.5 Lawful interception and retained data use cases . 14g34.3.6 Intellectual property protection use cases . 14g34.3.7 End user privacy and protection of minors . 14g34.3.8 Resilience and security of communication infrastructure, networks and services 15g35 Netwo

    12、rk gateway cyber defence technical requirements . 15g35.1 Introduction 15g35.2 Secure and controlled exposure of traffic observables . 15g35.3 Sufficient observable information for acquisition and analysis for defence measures . 16g35.4 Ability to institute defence measures as part of gateway manage

    13、ment 17g36 New challenges and mechanisms for gateway cyber defence 17g36.1 Introduction 17g36.2 Challenges 17g36.2.1 Virtualization implementations . 17g36.2.2 5G mobile systems 18g36.2.3 Autonomous Internet of Things (IoT) deployments . 18g36.2.4 Over The Top (OTT) services. 19g36.2.5 Widespread us

    14、e of TLS as part of “Encrypt Everything“ initiatives . 19g36.3 New and modified middlebox security protocol techniques 20g36.3.1 Introduction. 20g36.3.2 Multi-Context Transport Layer Security (mcTLS) . 20g36.3.3 Other new protocol and structured expression platforms for middlebox security 22g37 Reco

    15、mmendations 25g37.1 Introduction 25g37.2 Control at the gateway 25g37.3 Observable availability at the gateway . 26g37.4 Adoption of a common Middlebox Security Protocol, profiles and guidelines 27g37.5 Specification of a new out-of-band secure channel between endpoint and gateway, and protocols for

    16、 a set of observables . 27g37.6 Encouraging use of gateway cyber defence capabilities 28g3ETSI ETSI TR 103 421 V1.1.1 (2017-04) 4 Annex A: Bibliography 29g3History 30g3ETSI ETSI TR 103 421 V1.1.1 (2017-04) 5 Intellectual Property Rights Essential patents IPRs essential or potentially essential to th

    17、e present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI

    18、 in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (https:/ipr.etsi.org/). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the exist

    19、ence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Trademarks The present document may include trademarks and/or tradenames which are asserted and/or registered by their owners. ETSI cla

    20、ims no ownership of these except for any which are indicated as being the property of ETSI, and conveys no right to use or reproduce any trademark and/or tradename. Mention of those trademarks in the present document does not constitute an endorsement by ETSI of products, services or organizations a

    21、ssociated with those trademarks. Foreword This Technical Report (TR) has been produced by ETSI Technical Committee Cyber Security (CYBER). Modal verbs terminology In the present document “should“, “should not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be interpreted as descri

    22、bed in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“ and “must not“ are NOT allowed in ETSI deliverables except when used in direct citation. Executive summary The present document provides an overview and recommendations concerning cyber defence capab

    23、ilities at network gateways. The capabilities are implemented using what are usually referred to as “middleboxes“ that may be integrated into traffic routers that typically exist at boundaries between networks. Network gateways are critically important points for implementing cyber defence in conjun

    24、ction with other essential functions. The present document notes that network gateway cyber defence related standards activities have increased significantly because of an array of use cases combined with the rapidly increasing encryption of traffic occurring between end points where network applica

    25、tion servers are interacting directly with software clients on end user devices. The use cases consist of an array of business and compliance obligations. The present document then continues to derive a set of related cyber defence technical requirements that include: 1) secure and controlled exposu

    26、re of traffic observables; 2) sufficient observable information for acquisition and analysis for defence measures; and 3) the ability to institute defence measures as part of gateway management. The present document then examines the emerging new challenges and mechanisms for gateway cyber defence.

    27、The challenges include virtualization implementations, 5G mobile systems, Internet of Things deployments, Over The Top services, and “encrypt everything“ initiatives. On the positive side, the considerable industry and academic research and development efforts have produced a combination of existing

    28、 protocol adaptations and effective new protocols and platforms that have considerable promise - especially one known as mcTLS. ETSI ETSI TR 103 421 V1.1.1 (2017-04) 6 The present document concludes with several recommendations that include a consensus view on what information and secure access capa

    29、bilities are required to support gateway cyber defence, what steps the ETSI Cybersecurity Technical Committee should take for a new Technical Specification to support the requirements, and how collaboration with external bodies might encourage use of gateway cyber defence capabilities. Introduction

    30、A network gateway is a device that enables or facilitates the interconnecting of networks or applications via those networks. They have existed since the origins of electronic communication. With the emergence of packet data networks, they have assumed many different roles, including cyber defence.

    31、Those additional roles are commonly denominated as “middlebox“ functions i.3. An especially common network gateway used for cyber defence purposes is referred to as a firewall - defined by 3GPP as a functional entity which blocks or permits the flow of various traffic types based on a set of policy

    32、rules and definitions. All signalling to internal network resources can be directed via a network gateway dedicated to that purpose. Network gateways serve many critical needs that include management of network traffic and meeting service level agreement or regulatory requirements. One of those crit

    33、ical needs is that of cyber defence - which can be met through the detection and prevention of threats at the external border point of all kinds of networks ranging from a national infrastructure to an organization or home network. Deep Packet Inspection capabilities are widely deployed to facilitat

    34、e these capabilities. However, the appearance of ever more sophisticated threats and adaptive malware is proving challenging to detection and blocking efforts. A significant cyber security challenge emerging today is the combination of Over the Top services combined with “encrypt everything“ initiat

    35、ives that generated potentially huge amounts of traffic between some arbitrary service portal somewhere in the world, and an end users terminal - even an application on a device. Some Internet of Things implementations also fall into this category. While these steps meet significant needs today, the

    36、se practices may have adverse effects such as impeding detection of malware and other cyber security threats, as well as managing network traffic and meeting a broad array of business, organizational, and regulatory requirements. A balanced approach is needed that provides support to all the require

    37、ments that exist today. The emergence of NFV-SDN implementations is engendering considerable new efforts to virtualize network gateway capabilities. These efforts include the use of on-demand Big Data Analysis to more rapidly detect and mitigate threats. Many different industry forums today are exam

    38、ining network gateway requirements and solutions available - largely as insular work items and projects. The present document assembles an understanding of the related ecosystem, models, protocols, and implementation mechanisms for gateway-based cyber defence. ETSI ETSI TR 103 421 V1.1.1 (2017-04) 7

    39、 1 Scope The present document provides an overview and recommendations concerning cyber defence capabilities at network gateways. It analyses the network gateway cyber defence ecosystem, technical requirements, new challenges and techniques and then draws recommendations for new standardization work

    40、 in that area. 2 References 2.1 Normative references Normative references are not applicable in the present document. 2.2 Informative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only t

    41、he cited version applies. For non-specific references, the latest version of the referenced document (including any amendments) applies. NOTE: While any hyperlinks included in this clause were valid at the time of publication ETSI cannot guarantee their long term validity. The following referenced d

    42、ocuments are not necessary for the application of the present document but they assist the user with regard to a particular subject area. i.1 SIGCOMM 15, Naylor et al., Multi-Context TLS (mcTLS): “Enabling Secure In-Network Functionality in TLS“, August 17 - 21, 2015, London, United Kingdom. NOTE: A

    43、vailable at http:/conferences.sigcomm.org/sigcomm/2015/pdf/papers/p199.pdf. i.2 ETSI TR 103 456: “CYBER; Implementation of the Network and Information Security (NIS) Directive“. i.3 IETF RFC 3224: “Middleboxes: Taxonomy and Issues“, February 2002. i.4 IETF draft-mm-wg-effect-encrypt-04: “Effect of U

    44、biquitous Encryption“, October 2016. i.5 OASIS CybOX Version 2.1.1. Part 01: “Overview“. NOTE: Available at http:/docs.oasis-open.org/cti/cybox/v2.1.1/cybox-v2.1.1-part01-overview.pdf. See also, CybOX Project/specifications, https:/ i.6 NIST SP 800-117: “Guide to Adopting and Using the Security Cont

    45、ent Automation Protocol (SCAP)“. i.7 SP 800-126 Revision 2: “The Technical Specification for the Security Content Automation Protocol (SCAP)“. i.8 Recommendation ITU.T X.1500: “Overview of cybersecurity information exchange“. NOTE: See http:/www.itu.int/itu-t/recommendations/rec.aspx?rec=11060. i.9

    46、IETF RFC 7632: “Endpoint Security Posture Assessment: Enterprise Use Cases“. i.10 IETF draft-ietf-sacm-requirements-15: “Security Automation and Continuous Monitoring (SACM) Requirements“. NOTE: Available at https:/datatracker.ietf.org/doc/draft-ietf-sacm-requirements/. i.11 ETSI TS 101 331 (V1.4.1)

    47、: “Lawful Interception (LI); Requirements of Law Enforcement Agencies“. ETSI ETSI TR 103 421 V1.1.1 (2017-04) 8 i.12 ETSI TS 133 106 (V13.4.0): “Universal Mobile Telecommunications System (UMTS); LTE; 3G security; Lawful interception requirements (3GPP TS 33.106 version 13.4.0 Release 13)“. i.13 ETS

    48、I TS 102 656 (V1.2.2): “Lawful Interception (LI); Retained Data; Requirements of Law Enforcement Agencies for handling Retained Data“. i.14 Recommendation ITU-T X.1038: “Security Requirements and reference architecture for Software-Defined Networking“ (10/2016). NOTE: Available at http:/www.itu.int/

    49、itu-t/recommendations/rec.aspx?rec=13058. i.15 5G PPP Architecture Working Group, View on 5G Architecture, Version 1.0, July 2016. NOTE: Available at https:/5g-ppp.eu/wp-content/uploads/2014/02/5G-PPP-5G-Architecture-WP-July-2016.pdf. i.16 European Commission, Copyright and Neighbouring Rights. NOTE: Available at , http:/ec.europa.eu/internal_market/copyright/documents/index_en.htm. i.17 Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the pro


    注意事项

    本文(ETSI TR 103 421-2017 CYBER Network Gateway Cyber Defence (V1 1 1)《网络 网关网络防御(V1 1 1)》.pdf)为本站会员(sumcourage256)主动上传,麦多课文档分享仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文档分享(点击联系客服),我们立即给予删除!




    关于我们 - 网站声明 - 网站地图 - 资源地图 - 友情链接 - 网站客服 - 联系我们

    copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
    备案/许可证编号:苏ICP备17064731号-1 

    收起
    展开