GSO ISO/IEC 10736:2013
信息技术 系统之间的通信和信息交换 传输层安全协议

Information technology -- Telecommunications and information exchange between systems -- Transport layer security protocol

非常抱歉，我们暂时无法提供预览，您可以试试： 免费下载 GSO ISO/IEC 10736:2013 前三页，或者稍后再访问。

您也可以尝试购买此标准，
点击右侧 “立即购买” 按钮开始采购（由第三方提供）。

标准号

GSO ISO/IEC 10736:2013

发布

2013年

发布单位

GSO

当前最新

GSO ISO/IEC 10736:2013

 

 

适用范围

The procedures specified in this Recommendation | International Standard operate as extensions to those defined in ITU-T Rec. X.224 | ISO/IEC 8073 and ITU-T Rec. X.234 | ISO/IEC 8602 and do not preclude unprotected communication between transport entities implementing ITU-T Rec. X.224 | ISO/IEC 8073 or ITU-T Rec. X.234 | ISO 8602. The protection achieved by the security protocol defined in this Recommendation | International Standard depends on the proper operation of security management including key management. However, this Recommendation | International Standard does not specify the management functions and protocols needed to support this security protocol. This protocol can support all the integrity, confidentiality, authentication and access control services identified in CCITT Rec. X.800 I ISO 7498-2 as relevant to the transport layer. The protocol supports these services through use of cryptographic mechanisms, security labelling and attributes, such as keys and authenticated identities, pre-established by security management or established through the use of the Security Association — Protocol (SA-P). Protection can be provided only within the context of a security policy. This protocol supports peer-entity authentication at the time of connection establishment. In addition, rekeying is supported within the protocol through the use of SA-P or through means outside the protocol. Security associations can only be established within the context of a security policy. It is a matter for the users to establish their own security policy, which may be constrained by the procedures specified in this Recommendation | International Standard. The following items could be included in a Security Policy: a) the method of SA establishment/release, the lifetime of SA; b) Authentication/Access Control mechanisms; c) Label mechanism; d) the procedure of the receiving an invalid TPDU during SA establishment procedure or transmission of protected PDU; e) the lifetime of Key; f) the interval of the rekey procedure in order to update key and security control information (SCI) exchange procedure; g) the time out of SCI exchange and rekey procedure; h) the number of retries of sci exchange and rekey procedure. this Recommendation | International Standard defines a protocol which may be used for Security Association establishment. Entities wishing to establish an SA must share common mechanisms for authentication and key distribution. this Recommendation | International Standard specifies one algorithm for authentication and key distribution which is based on public key crypto systems. The implementation of this algorithm is not mandatory; however, when an alternative mechanism is used, it shall satisfy the following conditions: a) All SA attributes defined in 5.2 are derived. b) Derived keys are authenticated.

GSO ISO/IEC 10736:2013相似标准

推荐