ITU-T J 170-2005 IPCablecom security specification (Study Group 9)《(预发布)互联网通信电缆协议安全准则》.pdf
《ITU-T J 170-2005 IPCablecom security specification (Study Group 9)《(预发布)互联网通信电缆协议安全准则》.pdf》由会员分享,可在线阅读,更多相关《ITU-T J 170-2005 IPCablecom security specification (Study Group 9)《(预发布)互联网通信电缆协议安全准则》.pdf(172页珍藏版)》请在麦多课文档分享上搜索。
1、 International Telecommunication Union ITU-T J.170TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (11/2005) SERIES J: CABLE NETWORKS AND TRANSMISSION OF TELEVISION, SOUND PROGRAMME AND OTHER MULTIMEDIA SIGNALS IPCablecom IPCablecom security specification Recommendation ITU-T J.170 Rec. ITU-T J.170 (
2、11/2005) i Recommendation ITU-T J.170 IPCablecom security specification Summary This Recommendation defines authentication, access control, signalling and media content integrity, confidentiality, and non-repudiation security services for each of the network element interfaces. IPCablecom security s
3、pans the entire IPCablecom architecture. The IPCablecom architectural framework Recommendation (ITU-T Rec. J.160) defines the overall IPCablecom architecture, as well as the system elements, interfaces, and functional requirements for the entire IPCablecom network. Source Recommendation ITU-T J.170
4、was approved on 29 November 2005 by ITU-T Study Group 9 (2005-2008) under Recommendation ITU-T A.8 procedures. ii Rec. ITU-T J.170 (11/2005) FOREWORD The International Telecommunication Union (ITU) is the United Nations specialized agency in the field of telecommunications, information and communica
5、tion technologies (ICTs). The ITU Telecommunication Standardization Sector (ITU-T) is a permanent organ of ITU. ITU-T is responsible for studying technical, operating and tariff questions and issuing Recommendations on them with a view to standardizing telecommunications on a worldwide basis. The Wo
6、rld Telecommunication Standardization Assembly (WTSA), which meets every four years, establishes the topics for study by the ITU-T study groups which, in turn, produce Recommendations on these topics. The approval of ITU-T Recommendations is covered by the procedure laid down in WTSA Resolution 1. I
7、n some areas of information technology which fall within ITU-Ts purview, the necessary standards are prepared on a collaborative basis with ISO and IEC. NOTE In this Recommendation, the expression “Administration“ is used for conciseness to indicate both a telecommunication administration and a reco
8、gnized operating agency. Compliance with this Recommendation is voluntary. However, the Recommendation may contain certain mandatory provisions (to ensure e.g., interoperability or applicability) and compliance with the Recommendation is achieved when all of these mandatory provisions are met. The w
9、ords “shall“ or some other obligatory language such as “must“ and the negative equivalents are used to express requirements. The use of such words does not suggest that compliance with the Recommendation is required of any party. INTELLECTUAL PROPERTY RIGHTS ITU draws attention to the possibility th
10、at the practice or implementation of this Recommendation may involve the use of a claimed Intellectual Property Right. ITU takes no position concerning the evidence, validity or applicability of claimed Intellectual Property Rights, whether asserted by ITU members or others outside of the Recommenda
11、tion development process. As of the date of approval of this Recommendation, ITU had not received notice of intellectual property, protected by patents, which may be required to implement this Recommendation. However, implementers are cautioned that this may not represent the latest information and
12、are therefore strongly urged to consult the TSB patent database at http:/www.itu.int/ITU-T/ipr/. ITU 2010 All rights reserved. No part of this publication may be reproduced, by any means whatsoever, without the prior written permission of ITU. Rec. ITU-T J.170 (11/2005) iii CONTENTS Page 1 Scope and
13、 introduction . 1 1.1 Scope 1 1.2 Introduction 1 2 References. 2 2.1 Normative references 2 2.2 Informative references 3 3 Terms and definitions . 4 4 Abbreviations, acronyms and conventions . 5 4.1 Abbreviations and acronyms 5 4.2 Conventions 8 5 Architectural overview of IPCablecom security. 9 5.1
14、 IPCablecom reference architecture . 9 5.2 Threats 13 5.3 Security architecture . 19 6 Security mechanisms 26 6.1 IPsec . 26 6.2 Internet Key Exchange (IKE) . 28 6.3 SNMPv3 . 30 6.4 Kerberos/PKINIT . 31 6.5 Kerberized key management 55 6.6 End-to-end security for RTP 76 6.7 End-to-end security for R
15、TCP 76 6.8 BPI+ 77 6.9 TLS . 78 7 Security profile . 80 7.1 Device and service provisioning 81 7.2 Quality of Service (QoS) signalling . 93 7.3 Billing system interfaces 95 7.4 Call signalling . 97 7.5 PSTN Gateway interface 104 7.6 Media stream 106 7.7 Audio Server services . 126 7.8 Electronic sur
16、veillance interfaces . 129 7.9 CMS provisioning 133 8 IPCablecom certificates 134 8.1 Generic structure 134 8.2 Certificate trust hierarchy . 135 iv Rec. ITU-T J.170 (11/2005) Page 9 Cryptographic algorithms . 145 9.1 AES . 145 9.2 DES . 145 9.3 Block termination . 146 9.4 RSA signature . 151 9.5 HM
17、AC-SHA-1 . 151 9.6 Key derivation 151 9.7 The MMH-MAC 152 9.8 Random number generation . 154 10 Physical security . 154 10.1 Protection for MTA key storage . 154 10.2 MTA key encapsulation . 157 11 Secure software upgrade . 157 Annex A Oakley groups 158 Annex B Kerberos Network Authentication Servic
18、e 159 Annex C PKINIT specification . 159 Appendix I IPCablecom administration guidelines and best practices . 160 I.1 Routine CMS service key refresh . 160 Appendix II Example of MMH algorithm implementation 161 Rec. ITU-T J.170 (11/2005) 1 Recommendation ITU-T J.170 IPCablecom security specificatio
19、n 1 Scope and introduction 1.1 Scope Authentication, access control, signalling and media content integrity, confidentiality, and non-repudiation security services must be provided as defined herein for each of the network element interfaces. IPCablecom security spans the entire IPCablecom architect
20、ure. The IPCablecom architectural framework Recommendation (ITU-T Rec. J.160) defines the overall IPCablecom architecture, as well as the system elements, interfaces, and functional requirements for the entire IPCablecom network. 1.2 Introduction 1.2.1 Goals This Recommendation describes the securit
21、y relationships between the elements on the IPCablecom network. The general goals of this IPCablecom network security Recommendation and any implementations that encompass the requirements defined herein should be: Secure network communications: The IPCablecom network security must define a security
22、 architecture, methods, algorithms and protocols that meet the stated security service requirement. All media packets and all sensitive signalling communication across the network must be safe from eavesdropping. Unauthorized message modification, insertion, deletion and replays anywhere in the netw
23、ork must be easily detectable and must not affect proper network operation. Reasonable cost: The IPCablecom network security must define security methods, algorithms and protocols that meet the stated security service requirements such that a reasonable implementation can be manifested with reasonab
24、le cost and implementation complexity. Network element interoperability: All of the security services for any of the IPCablecom network elements must interoperate with the security services for all of the other IPCablecom network elements. Multiple vendors may implement each of the IPCablecom networ
- 1.请仔细阅读文档,确保文档完整性,对于不预览、不比对内容而直接下载带来的问题本站不予受理。
- 2.下载的文档,不会出现我们的网址水印。
- 3、该文档所得收入(下载+内容+预览)归上传者、原创作者;如果您是本文档原作者,请点此认领!既往收益都归您。
下载文档到电脑,查找使用更方便
10000 积分 0人已下载
下载 | 加入VIP,交流精品资源 |
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- ITUTJ1702005IPCABLECOMSECURITYSPECIFICATIONSTUDYGROUP9 发布 互联网 通信 电缆 协议 安全 准则 PDF

链接地址:http://www.mydoc123.com/p-798735.html