ITU-T M.3410-2008
支持电信管理的安全管理系统用导则和要求.研究组4已作废

Guidelines and requirements for security management systems to support telecommunications management Study Group 4

标准号

ITU-T M.3410-2008

发布日期

2008年08月01日

实施日期

废止日期

无

中国标准分类号

M09

发布单位

国际电信联盟

引用标准

ITU-T M.60-1993 ITU-T M.3010-2000 ITU-T M.3016.0-2005 ITU-T M.3016.1-2005 ITU-T M.3016.2-2005 ITU-T M.3016.3-2005 ITU-T M.3016.4-2005 ITU-T M.3050.2-2007 ITU-T M.3060/Y.2401-2006 ITU-T M.3400-2000 ITU-T X.500-2005 ITU-T X.509-2000 ITU-T X.700-1992 ITU-T X

适用范围

This document describes the functional requirements of a Security Management System (SMS) that offers a centralized view for control and security oversight of a Telecommunications Service Provider's (TSP's) infrastructure. The SMS spans the management of the Management Security Plane, the Control Security Plane, and the End-User Security Plane. The TSP's infrastructure spans, at a minimum: • Application servers (e.g., servers for mail, instant messaging, database, web, file, Voice over IP (VoIP) and other applications); • Support servers (e.g., DNS [b-IETF RFC 2181], DHCP [b-IETF RFC 2131], NTP [b-IETF RFC 1305], backup, and other infrastructure support services); • Internetworking/transport components (e.g., multiplexers, switches, routers, transport gateways, application gateways, gateway controllers, packet-filters a.k.a. firewalls, content filters, access points, bridges, wired and wireless telephony devices and monitoring probes for QoS, and network activity, to name a few); • End user host systems (e.g., laptop systems, desk-top systems, workstations, printers, etc.); and • Management systems (e.g., element management, network management, service management, and business management systems). All of the above entities are referred to in this document as Managed Elements (MEs) from a security management perspective. The requirements specified in this document should be applicable to a TSP’s current infrastructure and also infrastructure evolution necessary for building their Next Generation Networks (NGNs) (see [ITU-T Y.2001] and [ITU-T Y.2012]). This recommendation draws on an ATIS standard [ATIS 0300074.2006] as a major source of information and text. A key aspect of this recommendation is that it defines a logical architecture and set of functionality independent of physical implementation. Functionality is defined in terms of functional entities, their logical relationships as well as aggregation of Functional Entities (FEs) into Functional Groups (FGs). Deployment and implementation of these FEs and FGs, within an infrastructure, can take many forms, such as centralized, hierarchical, distributed, or some combination of these. This Recommendation takes no stand as to implementation of FEs and FGs in so far as implementation decisions do not have security related ramifications. The detailed description of the interactions between FGs is not described in this specification. Annex A contains a normative Proforma wherein specific SMS requirements are documented. Appendices I, II and III are informative and cover: Appendix I: The relationship between the SMS and the security concepts covered in [ITU-T X.800]. Appendix II: The relationship between the SMS and other TSP Management systems and frameworks. Appendix III: The structure and organization of NGN networks and their growing complexity.

ITU-T M.3410-2008相似标准

推荐

ITU-T M.3410-2008 中可能用到的仪器设备

谁引用了ITU-T M.3410-2008 更多引用