X.805 安全.pdf

ITU-T Recommendation X.805 and its application to NGN ITU/IETF Workshop on NGN Zachary Zeltsan, Lucent Technologies Rapporteur of Question 5 SG 17 Outline ß Introduction to ITU-T Recommendation X.805 - Security Architecture for Systems Providing End-to-End Communications ß Threat model ß Security Layers ß Security Planes ß Security Dimensions ß Overall model ß Modular approach ß Security work in FGNGN Security Capability WG and ITU-T Recommendation X.805 4/28/2005 2 ITU-T X.800 Threat Model 1 - Destruction (an attack on availability): – Destruction of information and/or network X resources 2 - Corruption (an attack on integrity): – Unauthorized tampering with an asset 3 - Removal (an attack on availability): – Theft, removal or loss of information and/or other resources 4 - Disclosure (an attack on confidentiality): – Unauthorized access to an asset 5 - Interruption (an attack on availability): – Network becomes unavailable or unusable X 4/28/2005 3 Three Security Layers Applications SecurityApplications Security 3 - Applications Security Layer: THREATS