BS ISO/IEC 10736:1995

$198.66

Information technology. Telecommunications and information exchange between systems. Transport layer security protocol

Published By	Publication Date	Number of Pages
BSI	1995	62

Guaranteed Safe Checkout

Categories: 35.100.40 - Transport layer, BSI

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

Description

The procedures specified in this Recommendation | International Standard operate as extensions to those defined in ITU-T Rec. X.224 | ISO/IEC 8073 and ITU-T Rec. X.234 | ISO/IEC 8602 and do not preclude unprotected communication between transport entities implementing ITU-T Rec. X.224 | ISO/IEC 8073 or ITU-T Rec. X.234 | ISO 8602.

The protection achieved by the security protocol defined in this Recommendation | International Standard depends on the proper operation of security management including key management. However, this Recommendation | International Standard does not specify the management functions and protocols needed to support this security protocol.

This protocol can support all the integrity, confidentiality, authentication and access control services identified in CCITT Rec. X.800 I ISO 7498-2 as relevant to the transport layer. The protocol supports these services through use of cryptographic mechanisms, security labelling and attributes, such as keys and authenticated identities, pre-established by security management or established through the use of the Security Association – Protocol (SA-P).

Protection can be provided only within the context of a security policy.

This protocol supports peer-entity authentication at the time of connection establishment. In addition, rekeying is supported within the protocol through the use of SA-P or through means outside the protocol.

Security associations can only be established within the context of a security policy. It is a matter for the users to establish their own security policy, which may be constrained by the procedures specified in this Recommendation | International Standard.

The following items could be included in a Security Policy:

the method of SA establishment/release, the lifetime of SA;
Authentication/Access Control mechanisms;
Label mechanism;
the procedure of the receiving an invalid TPDU during SA establishment procedure or transmission of protected PDU;
the lifetime of Key;
the interval of the rekey procedure in order to update key and security control information (SCI) exchange procedure;
the time out of SCI exchange and rekey procedure;
the number of retries of sci exchange and rekey procedure.

this Recommendation | International Standard defines a protocol which may be used for Security Association establishment. Entities wishing to establish an SA must share common mechanisms for authentication and key distribution. this Recommendation | International Standard specifies one algorithm for authentication and key distribution which is based on public key crypto systems. The implementation of this algorithm is not mandatory; however, when an alternative mechanism is used, it shall satisfy the following conditions:

All SA attributes defined in 5.2 are derived.
Derived keys are authenticated.

Additional information

Status	Confirmed
Pages	62
Publication Date	1995-09-15
ISBN	0 580 24459 8
Standard Number	BS ISO/IEC 10736:1995
Title	Information technology. Telecommunications and information exchange between systems. Transport layer security protocol
Identical National Standard Of	ISO/IEC 10736:1995
Descriptors	Conformity, Communication procedures, Data transmission, Data security, Coding (data conversion), Open systems interconnection, Transport layer (OSI), Data processing, Data transfer, Information exchange, Data transmission control procedures
Publisher	BSI
Committee	IST/6
ICS Codes	35.100.40 - Transport layer

Preview PDF


PDF Format	Searchable	Printable	Preview Now

BS ISO/IEC 10736:1995

Related products