ATIS 0300020-2011 Next Generation Interconnection Interoperability (NGIIF) Reference Document Part III Installation Testing and Maintenance Responsibilities for SS7 Links and Trunk.pdf
《ATIS 0300020-2011 Next Generation Interconnection Interoperability (NGIIF) Reference Document Part III Installation Testing and Maintenance Responsibilities for SS7 Links and Trunk.pdf》由会员分享,可在线阅读,更多相关《ATIS 0300020-2011 Next Generation Interconnection Interoperability (NGIIF) Reference Document Part III Installation Testing and Maintenance Responsibilities for SS7 Links and Trunk.pdf(9页珍藏版)》请在麦多课文档分享上搜索。
1、 ATIS-0300020 Next Generation Interconnection Interoperability (NGIIF) Reference Document Part III, Installation, Testing and Maintenance Responsibilities for SS7 Links and Trunks Attachment I SS7 Network Security Base Guidelines Version 12.0 ATIS is the leading technical planning and standards deve
2、lopment organization committed to the rapid development of global, market-driven standards for the information, entertainment and communications industry. More than 200 companies actively formulate standards in ATIS Committees, covering issues including: IPTV, Cloud Services, Energy Efficiency, IP-B
3、ased and Wireless Technologies, Quality of Service, Billing and Operational Support, Emergency Services, Architectural Platforms and Emerging Networks. In addition, numerous Incubators, Focus and Exploratory Groups address evolving industry priorities including Smart Grid, Machine-to-Machine, Connec
4、ted Vehicle, IP Downloadable Security, Policy Management and Network Optimization. ATIS is the North American Organizational Partner for the 3rd Generation Partnership Project (3GPP), a member and major U.S. contributor to the International Telecommunication Union (ITU) Radio and Telecommunications
5、Sectors, and a member of the Inter-American Telecommunication Commission (CITEL). ATIS is accredited by the American National Standards Institute (ANSI). For more information, please visit www.atis.org. Notice This document was developed by the Alliance for Telecommunications Industry Solutions (ATI
6、S) sponsored Next Generation Interconnection Interoperability Forum (NGIIF). The NGIIF addresses next-generation network interconnection and interoperability issues associated with emerging technologies. Specifically, it develops operational procedures which involve the network aspects of architectu
7、re, disaster preparedness, installation, maintenance, management, reliability, routing, security, and testing between network operators. In addition, the NGIIF addresses issues which impact the interconnection of existing and next generation networks and facilitate the transition to emerging technol
8、ogies. All changes to this document shall be made through the NGIIF issue resolution process. Note Regarding Previous Versions The NIIF Reference Document was formerly known as the Network Operations Forum (NOF) Reference Document. The NOF Reference Document was published and maintained by Bellcore.
9、 The last version of the NOF Reference Document is Issue 13. Disclaimer and Limitation of Liability The information provided in this document is directed solely to professionals who have the appropriate degree of experience to understand and interpret its contents in accordance with generally accept
10、ed engineering or other professional standards and applicable regulations. No recommendation as to products or vendors is made or should be implied. NO REPRESENTATION OR WARRANTY IS MADE THAT THE INFORMATION IS TECHNICALLY ACCURATE OR SUFFICIENT OR CONFORMS TO ANY STATUTE, GOVERNMENTAL RULE OR REGUL
11、ATION, AND FURTHER NO REPRESENTATION OR WARRANTY IS MADE OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR AGAINST INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS. ATIS SHALL NOT BE LIABLE, BEYOND THE AMOUNT OF ANY SUM RECEIVED IN PAYMENT BY ATIS FOR THIS DOCUMENT, WITH RESPECT TO ANY CLAIM,
12、AND IN NO EVENT SHALL ATIS BE LIABLE FOR LOST PROFITS OR OTHER INCIDENTAL OR CONSEQUENTIAL DAMAGES. ATIS EXPRESSLY ADVISES THAT ANY AND ALL USE OF OR RELIANCE UPON THE INFORMATION PROVIDED IN THIS DOCUMENT IS AT THE RISK OF THE USER. ATIS-0300020, NGIIF Reference Document, Part III, Installation and
13、 Maintenance Responsibilities for SS7 Links and Trunks, Attachment G, SS7 Network Security Base Guidelines, Formerly NIIF 5015 The NGIIF Reference Document, Part III, Installation and Maintenance Responsibilities for SS7 Links and Trunks, Attachment G, SS7 Network Security Base Guidelines, is an ATI
14、S standard developed by the NGIIF. Published by Alliance for Telecommunications Industry Solutions 1200 G Street, NW, Suite 500 Washington, DC 20005 Copyright 2011 by Alliance for Telecommunications Industry Solutions All rights reserved. 2 No part of this publication may be reproduced in any form,
15、in an electronic retrieval system or otherwise, without the prior written permission of the publisher. For information contact ATIS at 202.628.6380. ATIS is online at . Printed in the United States of America. 3 SS7 NETWORK SECURITY BASE GUIDELINES Table of Contents 1 GENERAL 4 1.1 PURPOSE OF THIS D
16、OCUMENT . 4 2 SECURITY BASELINE FOR SS7 . 4 2.1 DATA SECURITY FEATURES OF CRITICAL SS7 NODES 4 2.2 IDENTIFICATION 4 2.3 AUTHENTICATION . 4 2.4 SYSTEM ACCESS CONTROL . 5 2.5 RESOURCE ACCESS CONTROL 5 2.6 SECURITY LOG (AUDIT) 5 2.7 SECURITY ADMINISTRATION 6 2.8 DOCUMENTATION . 6 3 CONCLUSION 7 4 1 Gen
17、eral The following SS7 Network Security Base Guidelines should be used as a minimum set of guidelines to be adopted by the Access Service Providers and the Access Service Customers. 1.1 Purpose of this Document This document is intended to provide a minimum set of general guidelines to be adopted by
18、 the Access Service Providers and Access Service Customers. 2 Security Baseline for SS7 2.1 Data Security Features of Critical SS7 Nodes This section specifies the desirable security features that any SS7 Network Element (NE), Network System (NS), Operations System (OS) or Data Communications Networ
19、k (DCN) should provide in order to reduce the risk of potentially service affecting security compromises. Highlights of the critical components of those documents are listed below. For the sake of brevity, the term “SS7 node“ in the following list is used to imply an NE, NS, OS, or a DCN and its nod
20、es. 2.2 Identification The SS7 node should not allow an existing user-ID to be assigned to another active user (i.e., user-IDs should be unique). Each operations related process running in the SS7 node should be associated with the corresponding user-ID (so that an audit trail can be established if
21、there is a need). The SS7 node should disable a user-ID if it has remained inactive (i.e., never used) over a specifiable time period. 2.3 Authentication All OAM&P input ports of the SS7 node (including direct, dial-up and network access) should require authentication of a session requester, without
22、 any provision for a bypass mechanism. A single stored password entry (e.g., in a password file) should not be allowed to be shared by multiple user-IDs. However, the SS7 node should not prevent a user from choosing (unknowingly) a password that is already being used by some other user. Nor should t
23、he SS7 node volunteer this information to either user. Passwords should be stored in a one-way encrypted form, and should not be retrievable by any user including managers or administrators (of system and security). Also, there should be no clear text display (on a device such as a screen, typewrite
24、r, or printer) of a password at any time (e.g., login, file dump, etc.). The SS7 node should allow passwords to be user changeable (requiring reauthentication), and should require that the user change it the first time he/she establishes a session with the password assigned to him/her. The default s
- 1.请仔细阅读文档,确保文档完整性,对于不预览、不比对内容而直接下载带来的问题本站不予受理。
- 2.下载的文档,不会出现我们的网址水印。
- 3、该文档所得收入(下载+内容+预览)归上传者、原创作者;如果您是本文档原作者,请点此认领!既往收益都归您。
下载文档到电脑,查找使用更方便
10000 积分 0人已下载
下载 | 加入VIP,交流精品资源 |
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- ATIS03000202011NEXTGENERATIONINTERCONNECTIONINTEROPERABILITYNGIIFREFERENCEDOCUMENTPARTIIIINSTALLATIONTESTINGANDMAINTENANCERESPONSIBILITIESFORSS7LINKSANDTRUNKPDF

链接地址:http://www.mydoc123.com/p-540930.html