PRICES include / exclude VAT
Homepage>BS Standards>35 INFORMATION TECHNOLOGY. OFFICE MACHINES>35.100 Open systems interconnection (OSI)>35.100.40 Transport layer>BS ISO/IEC 10736:1995 Information technology. Telecommunications and information exchange between systems. Transport layer security protocol
Sponsored link
immediate downloadReleased: 1995-09-15
BS ISO/IEC 10736:1995 Information technology. Telecommunications and information exchange between systems. Transport layer security protocol

BS ISO/IEC 10736:1995

Information technology. Telecommunications and information exchange between systems. Transport layer security protocol

Format
Availability
Price and currency
English Secure PDF
Immediate download
348.00 EUR
You can read the standard for 1 hour. More information in the category: E-reading
Reading the standard
for 1 hour
34.80 EUR
You can read the standard for 24 hours. More information in the category: E-reading
Reading the standard
for 24 hours
104.40 EUR
English Hardcopy
In stock
348.00 EUR
Standard number:BS ISO/IEC 10736:1995
Pages:62
Released:1995-09-15
ISBN:0 580 24459 8
Status:Standard
DESCRIPTION

BS ISO/IEC 10736:1995


This standard BS ISO/IEC 10736:1995 Information technology. Telecommunications and information exchange between systems. Transport layer security protocol is classified in these ICS categories:
  • 35.100.40 Transport layer

The procedures specified in this Recommendation | International Standard operate as extensions to those defined in ITU-T Rec. X.224 | ISO/IEC 8073 and ITU-T Rec. X.234 | ISO/IEC 8602 and do not preclude unprotected communication between transport entities implementing ITU-T Rec. X.224 | ISO/IEC 8073 or ITU-T Rec. X.234 | ISO 8602.

The protection achieved by the security protocol defined in this Recommendation | International Standard depends on the proper operation of security management including key management. However, this Recommendation | International Standard does not specify the management functions and protocols needed to support this security protocol.

This protocol can support all the integrity, confidentiality, authentication and access control services identified in CCITT Rec. X.800 I ISO 7498-2 as relevant to the transport layer. The protocol supports these services through use of cryptographic mechanisms, security labelling and attributes, such as keys and authenticated identities, pre-established by security management or established through the use of the Security Association - Protocol (SA-P).

Protection can be provided only within the context of a security policy.

This protocol supports peer-entity authentication at the time of connection establishment. In addition, rekeying is supported within the protocol through the use of SA-P or through means outside the protocol.

Security associations can only be established within the context of a security policy. It is a matter for the users to establish their own security policy, which may be constrained by the procedures specified in this Recommendation | International Standard.

The following items could be included in a Security Policy:

  1. the method of SA establishment/release, the lifetime of SA;

  2. Authentication/Access Control mechanisms;

  3. Label mechanism;

  4. the procedure of the receiving an invalid TPDU during SA establishment procedure or transmission of protected PDU;

  5. the lifetime of Key;

  6. the interval of the rekey procedure in order to update key and security control information (SCI) exchange procedure;

  7. the time out of SCI exchange and rekey procedure;

  8. the number of retries of sci exchange and rekey procedure.

this Recommendation | International Standard defines a protocol which may be used for Security Association establishment. Entities wishing to establish an SA must share common mechanisms for authentication and key distribution. this Recommendation | International Standard specifies one algorithm for authentication and key distribution which is based on public key crypto systems. The implementation of this algorithm is not mandatory; however, when an alternative mechanism is used, it shall satisfy the following conditions:

  1. All SA attributes defined in 5.2 are derived.

  2. Derived keys are authenticated.