DataMuseum.dk

Presents historical artifacts from the history of:

DKUUG/EUUG Conference tapes

This is an automatic "excavation" of a thematic subset of
artifacts from Datamuseum.dk's BitArchive.

See our Wiki for more about DKUUG/EUUG Conference tapes

Excavated with: AutoArchaeologist - Free & Open Source Software. 

top - metrics - download
Index: T U

⟦04e3c6ac3⟧ TextFile

    Length: 739665 (0xb4951)
    Types: TextFile
    Notes: Uncompressed file

Derivation

└─⟦4f9d7c866⟧ Bits:30007245 EUUGD6: Sikkerheds distributionen
    └─⟦98bf13d1f⟧ »./papers/Misc/OpenSystemsSecurity.ps.Z« 
        └─⟦this⟧

TextFile

%%Title: "Laser Prep -- The Apple PostScript Dictionary (md)"
%%Creator: Apple Software Engineering
%{appledict version #68 0
% ▶a9◀ CopyRight Apple Computer, Inc. 1984,1985,1986,1987,1988 All Rights Reserved.
%%EndComments
%%BeginProcSet: "(AppleDict md)" 68 0
% (changed) statusdict begin waittimeout 300 lt{0 60 300 setdefaulttimeouts}if end
currentfile statusdict begin serverdict begin product (LaserWriter II NT) eq revision 1 eq and {/setrealdevice {% (changed) //setrealdevice
 exec 31 sendpcmd 4 eq tonerlight} bind def
/execjob {31 sendpcmd 4 eq tonerlight % (changed) //execjob
 exec} bind def end end eexec}{end end 722{currentfile read pop pop}repeat}ifelse 
35de8eabfc7fa5eac0431edc501ad43f5fcbdf9fdd321cce93b525f4439dd94696bf56ac13a0a2aad1e6bcf444711e941d7217138d20ae0500145f815439cc14e697ad201df728ea4ccad4ac331aa03a7aacde10760bf4ee12bbf73c77cdcbf1796f26f0dd255d2407e1ac41
d27489a69d6b69c6a841468b46720b75ad65650700e0c528e7af61e7e3e821b59445c44b69831ebc9deaf0e3aecc14b7a1c2e18bc1fa42a59219f1e36f236e3d6c89114b1f231999c3dbce6b43f3e2918fcb85575941a9d1e65c86aa08e6eea86cc66ce90e5e4add57f2585e
7b1c0b5203cfc46868d6e3c0d66db79174e7091e32e307679732da062e440e41dabd36a161b611a7e4523a49694026206803dbfd5be5c5fe433f0f18a40057db6f1302848c8da4a10a7f14c63d512806362b1be092ad5dbd36d75fe63e4cae2ba9b72390f580cac344a08bdf
6eb9e36ec45bad2a0b82829a72e0efa2d87332c482196e690361168271c55053341ab3
/sc {60 45 {abs exch abs 2 copy add 1 gt{1.0 sub dup mul exch 1.0 sub dup mul add 1.0 sub}{dup mul exch dup mul add 1.0 exch sub}
ifelse}setscreen} bind def statusdict begin product(LaserWriter II)anchorsearch end
{pop pop/letter [/letter load /exec load /sc load /exec load]cvx def/legal [/legal load /exec load /sc load /exec load]cvx def/a4 [/a4 load /exec load /sc load /exec load]cvx def/b5 [/b5 load /exec load /sc load /exec load]cvx def
/lettersmall [/lettersmall load /exec load /sc load /exec load]cvx def/a4small [/a4small load /exec load /sc load /exec load]cvx def/note [/note load /exec load /sc load /exec load]cvx def}{pop}ifelse
systemdict/currentpacking known{currentpacking true setpacking}if
/LW{save statusdict/product get(LaserWriter)anchorsearch
exch pop{length 0 eq{1}{2}ifelse}{0}ifelse exch restore}bind def
/LW+{LW 2 eq}bind def
/ok{systemdict/statusdict known dup{LW 0 gt and}if}bind def
ok{statusdict begin 9 sccinteractive 3 ne exch 0 ne or{9 0 3 setsccinteractive}if end}if
/md 250 dict def md begin
/av 0 def
/T true def/F false def/mtx matrix def/s75 75 string def/s8 8 string def/s1 ( ) def/pxs 1 def/pys 1 def
1 0 mtx defaultmatrix dtransform exch atan/pa exch def/nlw .24 def/ppr [-32 -29.52 762 582.48] def
/pgs 1 def/por true def/xb 500 array def/so true def/tso true def/fillflag false def/pnm 1 def/fmv true def
/sfl false def/ma 0 def/invertflag false def/dbinvertflag false def/xflip false def/yflip false def/noflips true def/scaleby96 false def/fNote true def/fBitStretch true def
/fg (Rvd\001\001\000\000\177) def
/bdf{bind def}bind def
/xdf{exch def}bdf
/xl{neg exch neg translate}bdf
/fp{pnsh 0 ne pnsv 0 ne and}bdf
/nop{}bdf/lnop[/nop load]cvx bdf
/vrb[
{fp{fg 6 get 0 ne{gsave stroke grestore}{gsave 1 setlinewidth pnsh pnsv scale stroke grestore}ifelse}if newpath}bind
/eofill load
dup
/newpath load
2 index
dup
{clip newpath}bind
{}bind
dup
2 copy
]def
currentscreen/spf xdf/rot xdf/freq xdf
/doop{vrb exch get exec}bdf
/psu{/tso xdf /fNote xdf/fBitStretch xdf/scaleby96 xdf/yflip xdf/xflip xdf
/invertflag xdf/dbinvertflag invertflag statusdict begin version cvr 47.0 ge product (LaserWriter) eq not and end invertflag and {not}if def
xflip yflip or{/noflips false def}if
/pgs xdf 2 index .72 mul exch div/pys xdf div .72 mul/pxs xdf ppr astore pop/por xdf sn and/so xdf}bdf
/tab{statusdict /11x17 known{statusdict begin /11x17 load end}{statusdict /setpage known{statusdict begin 792 1224 1 setpage end}{statusdict /setpageparams known{statusdict begin 792 1224 0 1 setpageparams end}if}ifelse}ifelse}bdf
/txpose{fNote{smalls}{bigs}ifelse pgs get exec pxs pys scale ppr aload pop por{noflips{pop exch neg exch translate pop 1 -1 scale}if
xflip yflip and{pop exch neg exch translate 180 rotate 1 -1 scale ppr 3 get ppr 1 get neg sub neg ppr 2 get ppr 0 get neg sub neg translate}if 
xflip yflip not and{pop exch neg exch translate pop 180 rotate ppr 3 get ppr 1 get neg sub neg 0 translate}if yflip xflip not and{ppr 1 get neg ppr 0 get neg translate}if}
{noflips{translate pop pop 270 rotate 1 -1 scale}if xflip yflip and{translate pop pop 90 rotate 1 -1 scale ppr 3 get ppr 1 get neg sub neg ppr 2 get ppr 0 get neg sub neg translate}if
xflip yflip not and{translate pop pop 90 rotate ppr 3 get ppr 1 get neg sub neg 0 translate}if yflip xflip not and{translate pop pop 270 rotate ppr 2 get ppr 0 get neg sub neg 0 exch translate}if}ifelse
statusdict begin waittimeout 300 lt{/waittimeout 300 def}if end scaleby96{ppr aload pop 4 -1 roll add 2 div 3 1 roll add 2 div 2 copy translate .96 dup scale neg exch neg exch translate}if}bdf
/fr{4 copy ppr aload pop 3 -1 roll add 3 1 roll exch add 6 2 roll 3 -1 roll
sub 3 1 roll exch sub 3 -1 roll exch div 3 1 roll div exch scale pop pop xl}bdf
/obl{{0.212557 mul}{pop 0}ifelse}bdf
/sfd{ps fg 5 -1 roll get mul 100 div 0 ps 5 -1 roll obl ps neg 0 0 6a astore makefont setfont}bdf
/fnt{findfont sfd}bdf
/bt{sa 3 1 roll 3 index and put}bdf
/sa(\000\000\000\000\000\000\000\000\000\000)def
/fs{0 1 bt 1 2 bt 2 4 bt 3 8 bt 4 16 bt 5 32 bt 6 64 bt 7 128 bt sa exch 8 exch put}bdf
/mx1 matrix def
/mx2 matrix def
/mx3 matrix def
/bu{currentpoint currentgray currentlinewidth currentlinecap currentlinejoin currentdash exch aload length
fg 5 sfl{1}{0}ifelse put pnsv pnsh
2t aload pop 3a aload pop mx2 aload pop mx1 aload pop mtx currentmatrix aload pop
mx3 aload pop ps pm restore/ps xdf mx3 astore pop}bdf
/bn{/pm save def mx3 setmatrix newpath 0 0 moveto ct dup 39 get 0 exch getinterval cvx exec
mtx astore setmatrix mx1 astore pop mx2 astore pop 3a astore pop
2t astore pop/pnsh xdf/pnsv xdf gw
/sfl fg 5 get 0 ne def array astore exch setdash setlinejoin setlinecap
setlinewidth setgray moveto}bdf
/fc{save vmstatus exch sub 50000 lt
{(%%[|0|]%%)=print flush}if pop restore}bdf
/tc{32768 div add 3 1 roll 32768 div add 2t astore pop}bdf
/3a [0 0 0] def
/2t 2 array def
/tp{3a astore pop}bdf
/tt{mx2 currentmatrix pop currentpoint 2 copy 2t aload pop qa 2 copy translate 3a aload pop exch dup 0 eq
{pop}{1 eq{-1 1}{1 -1}ifelse scale}ifelse rotate pop neg exch neg exch translate moveto}bdf
/te{mx2 setmatrix}bdf
/th{3 -1 roll div 3 1 roll exch div 2 copy mx1 scale pop scale/sfl true def}bdf
/tu{1 1 mx1 itransform scale/sfl false def}bdf
/ts{1 1 mx1 transform scale/sfl true def}bdf
/fz{/ps xdf}bdf
/dv{dup 0 ne{div}{pop}ifelse}bdf
/pop4{pop pop pop pop}bdf
/it{sfl{mx1 itransform}if}bdf
/gm{exch it moveto}bdf/rm{it rmoveto}bdf
/lm{currentpoint sfl{mx1 transform}if exch pop sub 0 exch it rmoveto}bdf
/fm{statusdict/manualfeed known}bdf
/se{statusdict exch/manualfeed exch put}bdf
/mf{dup/ma exch def 0 gt{fm se/t1 5 st ok ma 1 gt and{/t2 0 st/t3 0 st
statusdict/manualfeedtimeout 3600 put
}if}if}bdf
/jn{/statusdict where exch pop{statusdict exch /jobname exch put}if}bdf
/pen{pnm mul/pnsh xdf pnm mul/pnsv xdf pnsh setlinewidth}bdf
/min{2 copy gt{exch}if pop}bdf
/max{2 copy lt{exch}if pop}bdf
/dh{fg 6 1 put array astore dup {1 pxs div mul exch}forall astore exch pop exch pop exch setdash}bdf
/ih[currentdash]def
/rh{fg 6 0 put ih aload pop setdash}bdf
/dl{gsave nlw pys div setlinewidth 0 setgray}bdf
/dlin{exch currentpoint currentlinewidth 2 div dup
translate newpath moveto lineto currentpoint stroke grestore moveto}bdf
/lin{fg 6 get 0 ne{exch lineto currentpoint 0 doop moveto}
{exch currentpoint/pnlv xdf/pnlh xdf gsave newpath/@1 xdf/@2 xdf fp{pnlh @2 lt{pnlv @1 ge
{pnlh pnlv moveto @2 @1 lineto pnsh 0 rlineto
0 pnsv rlineto pnlh pnsh add pnlv pnsv add lineto pnsh neg 0 rlineto}
{pnlh pnlv moveto pnsh 0 rlineto @2 pnsh add @1 lineto 0 pnsv rlineto
pnsh neg 0 rlineto pnlh pnlv pnsv add lineto}ifelse}{pnlv @1 gt
{@2 @1 moveto pnsh 0 rlineto pnlh pnsh add pnlv lineto 0 pnsv rlineto
pnsh neg 0 rlineto @2 @1 pnsv add lineto}{pnlh pnlv moveto pnsh 0 rlineto
0 pnsv rlineto @2 pnsh add @1 pnsv add lineto pnsh neg 0 rlineto
0 pnsv neg rlineto}ifelse}ifelse
closepath fill}if @2 @1 grestore moveto}ifelse}bdf
/gw{/pnm fg 3 get fg 4 get div def}bdf
/lw{fg exch 4 exch put fg exch 3 exch put gw pnsv pnsh pen}bdf
/barc{/@1 xdf/@2 xdf/@3 xdf/@4 xdf/@5 xdf
/@6 xdf/@7 xdf/@8 xdf gsave
@5 @7 add 2 div @6 @8 add 2 div translate newpath 0 0 moveto
@5 @7 sub @6 @8 sub mtx currentmatrix pop scale @1{newpath}if
0 0 0.5 @4 @3 arc @4 @3 sub abs 360 ge{closepath}if
mtx setmatrix @2 doop grestore}bdf
/ar{dup 0 eq barc}bdf
/ov{0 exch 360 exch true barc}bdf
/rc{/@t xdf currentpoint 6 2 roll newpath 4 copy 4 2 roll exch moveto
6 -1 roll lineto lineto lineto closepath @t doop moveto}bdf
/mup{dup pnsh 2 div le exch pnsv 2 div le or}bdf
/rr{/@1 xdf 2. div/@2 xdf 2. div/@3 xdf
/@4 xdf/@5 xdf/@6 xdf/@7 xdf
@7 @5 eq @6 @4 eq @2 mup or or{@7 @6 @5 @4 @1 rc}
{@4 @6 sub 2. div dup @2 lt{/@2 xdf}{pop}ifelse
@5 @7 sub 2. div dup @2 lt{/@2 xdf}{pop}ifelse
@1 0 eq{/@2 @2 pnsh 2 div 2 copy gt{sub def}{0 pop4}ifelse}if
currentpoint newpath
@4 @6 add 2. div @7 moveto
@4 @7 @4 @5 @2 arcto pop4
@4 @5 @6 @5 @2 arcto pop4
@6 @5 @6 @7 @2 arcto pop4
@6 @7 @4 @7 @2 arcto pop4
closepath @1 doop moveto}ifelse}bdf
/pr{gsave newpath/pl{exch moveto/pl{exch lineto}def}def}bdf
/pl{exch lineto}bdf
/ep{dup 0 eq{{moveto}{exch lin}{}{(%%[|1|]%%)= flush}pathforall
pop grestore}{doop grestore}ifelse currentpoint newpath moveto}bdf
/gr{64. div setgray}bdf
/pat{s8 copy pop 9.375 pa por not{90 add}if{1 add 4 mul cvi s8 exch get exch 1 add 4 mul cvi 7 sub bitshift 1 and}setscreen gr}bdf
/sg{freq rot/spf load setscreen gr}bdf
/dc{transform round .5 sub exch round .5 sub exch itransform}bdf
/sn{userdict/smooth4 known}bdf
/x8{3 bitshift}bdf
/x4{2 bitshift}bdf
/d4{-2 bitshift}bdf
/d8{-3 bitshift}bdf
/rb{15 add -4 bitshift 1 bitshift}bdf
/db{/@7 save def/@1 xdf/@2 xdf/@3 xdf/@4 xdf/@5 xdf/@6 @5 @3 4 add mul def
dc translate scale/xdbit 1 1 idtransform abs/ydbit exch def abs def{0 0 1 ydbit add 1 10 rc clip}if
@1 0 eq @1 4 eq or{1 setgray ydbit 0 1 ydbit add 1 2 rc}if
@1 3 eq @1 7 eq or{1}{0}ifelse setgray/@9 @1 0 eq @1 1 eq @1 3 eq or or dbinvertflag xor def/@13 @6 def
@2 fBitStretch or{/@10 @4 x4 def/@11 @3 x4 def/@12 @10 rb def/@13 @12 @11 mul def/@15 1 1 dtransform abs/calcY 1 index def round cvi/@14 exch def
abs/calcX 1 index def round cvi scaleby96 not{1 add}if def/@16 @15 rb def/@17 @16 @14 mul def}if
sn @13 60000 lt and @2 fBitStretch or and{mtx currentmatrix dup 1 get exch 2 get 0. eq exch 0. eq and @17 60000 lt and fBitStretch and{@16 3 bitshift @14 @9 [calcX 0 0 calcY 0 0]{@17 string @13 string
currentfile @6 string readhexstring pop 1 index @4 @3 @5 @12 @2 smooth4
@10 @11 @12 dup string 5 index @15 @14 @16 dup string stretch}imagemask}{@12 x8 @11 @9 [@10 0 0 @11 0 0]{@13 string
currentfile @6 string readhexstring pop 1 index @4 @3 @5 @12 @2 smooth4}imagemask}ifelse}{@5 3 bitshift @3 4 add @9 [@4 0 0 @3 0 2]{currentfile @6 string readhexstring pop}imagemask}ifelse
@7 restore}bdf
/multibit{/mbdeep exch def/mbY exch def/mbX exch def
save mbX mbY mbdeep[mbX 0 0 mbY 0 0]{currentfile picstr readhexstring pop}image
restore}bdf
/wd 16 dict def
/mfont 14 dict def
/mdf{mfont wcheck not{/mfont 14 dict def}if mfont begin xdf end}bdf
/cf{{1 index/FID ne{def}{pop pop}ifelse}forall}bdf/rf{/@1 exch def/@2 exch def
FontDirectory @2 known{cleartomark pop}{findfont dup begin dup length @1 add dict begin
cf{/Encoding macvec def}{Encoding dup length array copy/Encoding exch def
counttomark 2 idiv{Encoding 3 1 roll put}repeat}ifelse
pop
exec currentdict end end @2 exch definefont pop}ifelse}bdf
/bmbc{exch begin wd begin
/cr xdf
save
CharTable cr 6 mul 6 getinterval{}forall
/bitheight xdf/bitwidth xdf
.96 div/width xdf
Gkernmax add/XOffset xdf Gdescent add/YOffset xdf/rowbytes xdf
rowbytes 255 eq{0 0 0 0 0 0 setcachedevice}
{Gnormsize dup scale
width 0 XOffset YOffset bitwidth XOffset add bitheight YOffset add
setcachedevice
rowbytes 0 ne{
XOffset YOffset translate newpath 0 0 moveto
bitwidth bitheight scale
sn{
/xSmt bitwidth x4 def
/ySmt bitheight x4 def
/rSmt xSmt rb def
rSmt x8 ySmt true
[xSmt 0 0 ySmt neg 0 ySmt]
{rSmt ySmt mul string CharData cr get
1 index bitwidth bitheight rowbytes rSmt tso smooth4}
}{rowbytes 3 bitshift bitheight 4 add true
[bitwidth 0 0 bitheight neg 0 bitheight 2 add]
{CharData cr get}
}ifelse
imagemask
}if
}ifelse
restore
end end
}bdf
/bb{.96 exch div/Gnormsize mdf 2 index
/Gkernmax mdf 1 index/Gdescent mdf
3 index div 4 1 roll
2 index div 1. 5 2 roll
exch div 4 1 roll
4 array astore/FontBBox mdf
}bdf
/cdf{mfont/CharData get 3 1 roll put}bdf
/bf{
mfont begin
/FontType 3 def
/FontMatrix [1 0 0 1 0 0] def
/Encoding macvec def
/BuildChar/bmbc load def
end
mfont definefont pop
}bdf
/wi LW 1 eq{{gsave 0 0 0 0 0 0 0 0 moveto lineto lineto lineto closepath clip stringwidth grestore}bind}{/stringwidth load}ifelse def
/aps{0 get 124 eq}bdf
/xc{s75 cvs dup}bdf
/xp{put cvn}bdf
/scs{xc 3 67 put dup 0 95 xp}bdf
/sos{xc 3 79 xp}bdf
/sbs{xc 1 66 xp}bdf
/sis{xc 2 73 xp}bdf
/sob{xc 2 79 xp}bdf
/sss{xc 4 83 xp}bdf
/dd{exch 1 index add 3 1 roll add exch}bdf
/smc{moveto dup show}bdf
/kwn{FontDirectory 1 index known{findfont exch pop}}bdf
/gl{1 currentgray sub setgray}bdf
/mm{/mfont 10 dict def mfont begin
/FontMatrix [1 0 0 1 0 0] def
/FontType 3 def
/Encoding macvec def
/df 4 index findfont def
/FontBBox [0 0 1 1] def
/xda xdf/mbc xdf
/BuildChar{wd begin/cr xdf/fd xdf/cs s1 dup 0 cr put def fd/mbc get exec end}def
exec end mfont definefont}bdf
/ac{dup scs kwn{exch findfont dup length 1 add dict begin{1 index/FID ne 2 index/UniqueID ne and{def}{pop pop}ifelse}forall
fmv{/Encoding macvec def}if/StrokeWidth nlw 1000 mul pys div ps div dup 12 lt{pop 12}if def
/PaintType 2 def currentdict end definefont}ifelse}bdf
/mb{dup sbs kwn{exch{pop}{bbc}{}mm}ifelse sfd}bdf
/mo{dup sos kwn{exch{pop}{boc}{}mm}ifelse sfd}bdf
/ms{dup sss kwn{exch{pop}{bsc}{}mm}ifelse sfd}bdf
/ou{dup sos kwn{exch dup ac pop{scs findfont /df2 xdf}{aoc}{}mm}ifelse sfd}bdf
/su{dup sss kwn{exch dup ac pop{scs findfont /df2 xdf}{asc}{}mm}ifelse sfd}bdf
/ao{/fmv true def ou}bdf/as{/fmv true def su}bdf
/vo{/fmv false def ou}bdf/vs{/fmv false def su}bdf
/bbc{/da .03 def fd/df get setfont
gsave cs wi 1 index 0 ne{exch da add exch}if grestore setcharwidth
cs 0 0 smc da 0 smc da da smc 0 da moveto show}bdf
/boc{/da 1 ps div def fd/df get setfont
gsave cs wi 1 index 0 ne{exch da add exch}if grestore setcharwidth
cs 0 0 smc da 0 smc da da smc 0 da smc gl da 2. div dup moveto show}bdf
/bsc{/da 1 ps div def
/ds .05 def/da2 da 2. div def fd/df get setfont
gsave cs wi 1 index 0 ne{exch ds add da2 add exch}if grestore setcharwidth
cs ds da2 add .01 add 0 smc 0 ds da2 sub translate 0 0 smc
da 0 smc da da smc 0 da smc gl da 2. div dup moveto show}bdf
/aoc{fd/df get setfont
gsave cs wi grestore setcharwidth
gl cs 0 0 smc fd/df2 get setfont gl 0 0 moveto show}bdf
/asc{/da .05 def fd/df get setfont
gsave cs wi 1 index 0 ne{exch da add exch}if grestore setcharwidth
cs da .01 add 0 smc 0 da translate gl 0 0 smc gl fd/df2 get setfont 0 0 moveto show}bdf
/st{1000 mul usertime add dup 2147483647 gt{2147483647 sub}if def}bdf
/the{usertime sub dup 0 lt exch -2147483648 gt and}bdf
/6a 6 array def
/2a 2 array def
/3q 3 array def
/qs{3 -1 roll sub exch 3 -1 roll sub exch}bdf
/qa{3 -1 roll add exch 3 -1 roll add exch}bdf
/qm{3 -1 roll 1 index mul 3 1 roll mul}bdf
/qn{6a exch get mul}bdf
/qA .166667 def/qB .833333 def/qC .5 def
/qx{6a astore pop
qA 0 qn qB 2 qn add   qA 1 qn qB 3 qn add
qB 2 qn qA 4 qn add   qB 3 qn qA 5 qn add
qC 2 qn qC 4 qn add   qC 3 qn qC 5 qn add}bdf
/qp{6 copy 12 -2 roll pop pop}bdf
/qc{exch qp qx curveto}bdf
/qi{{exch 4 copy 2a astore aload pop qa .5 qm newpath moveto}{exch 2 copy 6 -2 roll 2 qm qs 4 2 roll}ifelse}bdf
/qq{{qc 2a aload pop qx curveto}{exch 4 copy qs qa qx curveto}ifelse}bdf
/pt{currentpoint newpath moveto}bdf
/qf{/fillflag true def}bdf
/ec{1 and 0 ne{0 doop}if grestore currentpoint newpath moveto/fillflag false def}bdf
/eu{currentpoint fp{0 ep}{grestore newpath}ifelse moveto/fillflag false def}bdf
/bp{currentpoint newpath 2 copy moveto}bdf
/ef{gsave fillflag{gsave eofill grestore}if}bdf
/sm{0 exch{@1 eq{1 add}if}forall}bdf
/lshow{4 1 roll exch/@1 exch def{1 index wi pop sub 1 index sm dv 0 @1 4 -1 roll widthshow}{1 index wi pop sub
1 index dup sm 10 mul exch length 1 sub add dv dup 10. mul 0 @1 4 -1 roll 0 6 -1 roll awidthshow}ifelse}bdf
/setTxMode{sa 9 2 index put 3 eq{1}{0}ifelse setgray}bdf
/SwToSym{{}mark false/Symbol/|______Symbol 0 rf 0 sa 6 get 0 ne{pop 1}{sa 7 get 0 eq{pop 2}if}ifelse
sa 1 get 0 ne/|______Symbol
sa 4 get 0 ne{vs}{sa 3 get 0 ne{vo}{fnt}ifelse}ifelse}bdf
/mc{0 3 1 roll transform neg exch pop}bdf
/ul{dup 0 ne sa 2 get 0 ne and{gsave 0 0
/UnderlinePosition kif{mc}{ps -10 div}ifelse/UnderlineThickness kif{mc}{ps 15 div}ifelse
abs setlinewidth neg rmoveto
sa 4 get 0 ne{gsave currentlinewidth 2. div dup rmoveto currentpoint newpath moveto
2 copy rlineto stroke grestore}if
sa 3 get sa 4 get or 0 ne{gsave gl 2 copy rlineto stroke grestore rlineto strokepath nlw pys div setlinewidth}{rlineto}ifelse
stroke grestore}{pop}ifelse}bdf
/sgt{2 copy known{get true}{pop pop false}ifelse}bdf
/kif{currentfont dup/FontMatrix get exch/FontInfo sgt{true}{currentfont/df sgt
{dup/FontInfo sgt{3 1 roll/FontMatrix get mtx concatmatrix exch true}{pop pop pop false}
ifelse}{pop pop false}ifelse}ifelse{3 -1 roll sgt{exch true}{pop false}ifelse}{false}ifelse}bdf
/blank/Times-Roman findfont/CharStrings get/space get def
/macvec 256 array def
/NUL/SOH/STX/ETX/EOT/ENQ/ACK/BEL/BS/HT/LF/VT/FF/CR/SO/SI
/DLE/DC1/DC2/DC3/DC4/NAK/SYN/ETB/CAN/EM/SUB/ESC/FS/GS/RS/US
macvec 0 32 getinterval astore pop
macvec 32/Times-Roman findfont/Encoding get
32 96 getinterval putinterval macvec dup 39/quotesingle put 96/grave put
/Adieresis/Aring/Ccedilla/Eacute/Ntilde/Odieresis/Udieresis/aacute
/agrave/acircumflex/adieresis/atilde/aring/ccedilla/eacute/egrave
/ecircumflex/edieresis/iacute/igrave/icircumflex/idieresis/ntilde/oacute
/ograve/ocircumflex/odieresis/otilde/uacute/ugrave/ucircumflex/udieresis
/dagger/degree/cent/sterling/section/bullet/paragraph/germandbls
/registered/copyright/trademark/acute/dieresis/notequal/AE/Oslash
/infinity/plusminus/lessequal/greaterequal/yen/mu/partialdiff/summation
/product/pi/integral/ordfeminine/ordmasculine/Omega/ae/oslash
/questiondown/exclamdown/logicalnot/radical/florin/approxequal/Delta/guillemotleft
/guillemotright/ellipsis/blank/Agrave/Atilde/Otilde/OE/oe
/endash/emdash/quotedblleft/quotedblright/quoteleft/quoteright/divide/lozenge
/ydieresis/Ydieresis/fraction/currency/guilsinglleft/guilsinglright/fi/fl
/daggerdbl/periodcentered/quotesinglbase/quotedblbase/perthousand/Acircumflex/Ecircumflex/Aacute
/Edieresis/Egrave/Iacute/Icircumflex/Idieresis/Igrave/Oacute/Ocircumflex
/apple/Ograve/Uacute/Ucircumflex/Ugrave/dotlessi/circumflex/tilde
/macron/breve/dotaccent/ring/cedilla/hungarumlaut/ogonek/caron
macvec 128 128 getinterval astore pop
{}mark true/Courier/|______Courier 0 rf
{/Metrics 21 dict begin/zero 600 def/one 600 def/two 600 def/three 600 def/four 600 def/five 600 def/six 600 def/seven 600 def/eight 600 def
/nine 600 def/comma 600 def/period 600 def/dollar 600 def/numbersign 600 def/percent 600 def/plus 600 def/hyphen 600 def/E 600 def/parenleft 600 def/parenright 600 def/space 600 def
currentdict end def currentdict/UniqueID known{/UniqueID 16#800000 def}if/FontBBox FontBBox 4 array astore def}mark true/Helvetica/|______Seattle 1 rf
/oldsettransfer/settransfer load def
/concatprocs{/proc2 exch cvlit def/proc1 exch cvlit def/newproc proc1 length proc2 length add array def
newproc 0 proc1 putinterval newproc proc1 length proc2 putinterval newproc cvx}def
/settransfer{currenttransfer concatprocs oldsettransfer}def
/PaintBlack{{1 exch sub}settransfer gsave newpath clippath 1 setgray fill grestore}def
/od{(Rvd\001\001\000\000\177) fg copy pop txpose
1 0 mtx defaultmatrix dtransform exch atan/pa exch def
newpath clippath mark
{transform{itransform moveto}}{transform{itransform lineto}}
{6 -2 roll transform 6 -2 roll transform 6 -2 roll transform
{itransform 6 2 roll itransform 6 2 roll itransform 6 2 roll curveto}}
{{closepath}}pathforall newpath counttomark array astore/gc xdf pop ct 39 0 put
10 fz 0 fs 2 F/|______Courier fnt invertflag{PaintBlack}if}bdf
/cd{}bdf
/op{/sfl false def/pm save def}bdf
/cp{not{userdict/#copies 0 put}if ma 0 gt{{t1 the{exit}if}loop}if{copypage}{showpage}ifelse pm restore}bdf
/px{0 3 1 roll tp tt}bdf
/psb{/us save def}bdf
/pse{us restore}bdf
/ct 40 string def
/nc{currentpoint initclip newpath gc{dup type dup/arraytype eq exch/packedarraytype eq or{exec}if}
forall clip newpath moveto}def
/kp{ct 0 2 index length 2 index 39 2 index put getinterval copy cvx exec mx3 currentmatrix pop}bdf
/av 68 def
end
LW 1 eq userdict/a4small known not and{/a4small
[[300 72 div 0 0 -300 72 div -120 3381]
280 3255
{statusdict/jobstate (printing) put 0 setblink
margins
exch 196 add exch 304 add 8 div round cvi frametoroket
statusdict/jobstate (busy) put
1 setblink}
/framedevice load
60 45{dup mul exch dup mul add 1.0 exch sub}/setscreen load
{}/settransfer load/initgraphics load/erasepage load]cvx
statusdict begin bind end readonly def}if
md begin/bigs[lnop userdict/letter known{/letter load}{lnop}ifelse userdict/legal known{/legal load}{lnop}ifelse userdict/a4 known{/a4 load}{lnop}ifelse userdict/b5 known{/b5 load}{lnop}ifelse 
lnop lnop lnop /tab load]def
/smalls[lnop userdict/lettersmall known{/lettersmall load}{userdict/note known{/note load}{lnop}ifelse}ifelse
userdict/legal known{/legal load}{lnop}ifelse userdict/a4small known{/a4small load}{lnop}ifelse 
userdict/b5 known{/b5 load}{userdict/note known{/note load}{lnop}ifelse}ifelse lnop lnop lnop /tab load]def end
systemdict/currentpacking known{setpacking}if
currentfile ok userdict/stretch known not and{eexec}{flushfile}ifelse
373A767D4B7FD94FE5903B7014B1B8D3BED02632C855D56F458B118ACF3AF73FC4EF5E81F5749042B5F9CF1016D093B75F250B7D8280B2EACE05A37037F7BDF6E12226D7D4E2DF2C52FAFD5FD40FE72A0D3AC4BD485D8369D4C87636E920D1DAF222D92155A9CB1667E715F0B82799B37CC8F5B32B74B39CF494536DC39C7EF04A7BCB29E2CEC79073CADCCFB23B4AA1363F876F5121B618071B7B4EB1E5DE75FAA2368A3E5DB2B198623AFE92AE9484270FE7F57A850E88C0D3EEA156611C91D8E480D4370B025CCA6929A2BF40AD3D01B2CB7EE6DFB46E12A830542337F7819B67F9765210F76DB06F34DA5B13A11759305C582E16D2B854939F6D9121F2A4F285282F5DCD3D15896D121E3D6F5BE79E087451BB0ED233CDBEF090D3B4AC2DC34B97E70C61D95FB072B8C12D2ABD843520949A39DCF99E2C1AA8FBCD025E47E0A82A8D96E75BAF40F52AD402495BBD4DE0F356C8B14E764874E639C9F045A0D1908EC6456EB6C5B8A6F826192F767EF2C55A21C58F5F9CC1F59247B55F2387828C7FE89D5E7D8484D1BC86CB6673BDBE4FE17DD9BDE95224FE645136F41330BF155A4DDE1B0A32233BF471CE58FBC660DC7E641B0A0D30018454E2191C414A3011FF3FED1C0D88FE1FF9F75DCC456D097947226FBEC92509146D3A4CFFC0471B31C53222ED9DD88566F60F6C0D705AD79DACF53B070026F083ED28B5CF757AAA0A169F6F320A75E9D2ED50ABD939AF85B6346C2ADB25D168F10508E1516D194C635E6B187FADEA0829DBF0390C0F003F0265E215BC96CA3CC13D4A8E01570BE193CA75A620728CD275ACF1986EFFB3A13419FE55EA7C4467B7E7EEDC1FC29C9F8C46A557D2CCDB914EF7B93E7530D555DFC2398AFC68CAD991F062EF85BAA1884EC166C7C5DF8543666D8C41BE267D706BD1588F1F662F705CAE4D29DC38EF66BFAA89470D8A099B6F1B4587F7B024412276106FCD3EB5AE17A5D1DF1781992DC40EA0A992F706F701304CEA9D9073E7A74F1E687D81C3E5841D31CF86855BAAAD9B5D30317C75150A857C6B114735315CDD1AEF36C26BBB0645499406DEE2F24B3B1C72FEC97C7BA31AA2CDAB25418BB1DC4C7E4757F1D625087B0FD0300C03A65F2A72CE734925735277E034CDCF599129679F70CC8B66E03878851DB75041F275E1E5761F3EC753BE1359CA364A22047AE4886217F9259FE19FF5B116E8019B98B143114B313E8BEF87EC949D85C82E0812E6F50525E73890AF362CC8EE8A85F4197E6AC18638EF12E56A808D439AF1BFD363F140314BF4E534485C42F1856688CC35288E8D770120A420FB9F1FCF8AE8BD6D6156CC23E6C51119FE4DE1B68C9DF3487E9974BF9ED31F8D3CE93FF101867319F2FF492D5D398B4F09A66F2F55BCAB34B99173B7EE89039D00DD21A7B3A52E9F028F8301B5FC12D409412E064513BC579AAC498F577EA8ECD1FE3E42DC3CC320786C7B00194FEDF344402C33FC492D4BA86992B01683F440220FFE756BC88A94223D316078D69D33560E8EAB76B24CB7AA4320CF435593D76F624324ABE00B5587A4F283C725EA24567133F25F472B5E2E4474DDB5A16AC5F2DF32350395D3E3892FE361F4D5C9A610C654C9227614FBBAFF3356A90A2266E00F66234061075491571A65616211257F160000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
cleartomark
currentfile ok userdict/smooth4 known not and{eexec}{flushfile}ifelse
F94E00EE41A71C59E5CAEED1EDBCF23D1DBA1EE99B9BB356492923BD8B1BA83A87CEB0E07377A31FD6241E814681118E17DC7CACE570399506E6E441B871B6043831BD03EFC11DBBD8001EE2FF8CFBD485065D455A2E15AC36F1A84AD8789FA6461199C7CD14CB9FD64D4B06452B7FC0A8FC263F70F1CCB893295D4DE70ADAB771C0F84396FA98C60B11DA02ABA157298DF0A23621853BEF167443A985ADC09BEFFD51CB4D29179E2B34609EF38A49DA61F4BFC256A3DE0732D7D29754A194857B9C9E9971227AA1DD0611FBB10E44E5FF66C062D9C24ED3290529330BC317825E876929582DB0E39B9FC5EFD20CC1D4F94920EB9C534D0DA90DE70D25BC7287319CF28602B3F46633C242CAFC8905E960317E3C2FA20AB8DB06ADBAF292FC7BA2CA14EE65DF28B99CC11666B70AD33E8E1D57D63D4B89ECC615AE5747C1CA752C833D8D6DE54CD4A0350B44310555CE3BD2C615ADD27B634CDB350AF3A432CE78AACD2909A5B586F666CD87919A36DB1CBE86B3CE281DFD01CD7E1B8A18A4B415CECBFF79A5C4390A15EA77D14D6BE12BAB5A8268C3F286D0590060647CABED674443CD258F11415E866AB330A251691B61F2422A61AFE59B6B4FBDCF85ED9BA0F8E483C034089E6877FF5923698D3A0DC0EED6B9CFD32DF0839BC4EA5F6D1FCB6DD0920391E57E84745131D02D100179F4E0A68EC0A5FF6680A6F463D038B04AF63FFA13D743B995A26A743C26D387209023C91DE43DF047A16F328AC9DDC08573B38BE9EA341EA16C78EC32F3A1B36B90D95A50610F4D050EC1C33497F3F3A81A1B4C8BEF0BA84EE2FAA32DC112DAC490AF53E1749C4A0D866CAF7B893E52383B0D38065C333FB122B700D7246F7EE87D942AE3DB5C1DD77E9E76C80CC5AD63D28DFED0E229CE604673F78CD47F258FDF5BF3A3EAEC5C9BC8E482D8DBA9D268A35DA8C095A690679ED2123E8B8F5E4826FA3B199EAA5D482D4B6AA86572E387CECEB7149C8947F41D6339328A748A17F8C4AD3B0555F1E409450BA0C564F1F488BB5096EB003568D4D5EF6489897E27409547D0EE4487D30184793B0F27BD265A64BDB3EA6761569DA955620C612E718677B77D6D81B999C6298877AFE0D1D6F6F358377A8BD2402F669C64B972B3A065EF7DD4BDEFFFE17E63DB8898FA6E69166B710AAD6BA2EA9AF61E4B8C8701638D4D6E4DFFFC192AEF6BC027095C4C72D748979675BA29FAF61E75343E14E61034602E5A79CD2519796ED6A9CC4EDEA46A9B59D4A807E786B5EE46F25B0360BC8E7C12D723122CDEEF247C9776F4C99C8EBED6828AA19744B5ADF0D07D95D98B3072372388D41B0FAB1CCE2775170679575ECDCA13B22A17FE9C6605C3445F58F1A829512DAB6C528F83580C8AA53C35D605F626F5AD0B7FC1EA87D69A835E3F53A1F450FB0AF42A5772F89D92A50D10F15BDBDA409F50C0B8AB93FE8A16D029DD8BB5C480D1466735ED4D9CAF637E5ECD6C2ECB6BF3B3EFBEE7AB936D2C568E3009D156B87CACB1FB3A48A70BC91B2EC35CC9147FFB1A524E2B2F2E4E2C1B12F1C1C63768BB95CD62FEC01CBA79B9FA282DD4DF49990F27FF8EE4E2DDE2F0ACD83BC9D4BE0090192C7A799967EC4DC2D63C0835E22D4C4B366D7FDCF3A05A4B53DF780F986EF25C79B665D5C00EFF7F17C0BB6D544F9D83A7FDAC47D9C5683A656011374253C918FF6EA64749DD971B2300DD5320033E01EC591F6318CCE94CE2B81C04322EC52B624E50643B52391CCD2AB56396A2AD8E2D3CA61B80D9D4CC363B2DF7863526958CDF3497E36648406C317E58EC563E7C26149A2A3C643ADFB39A8DD92974C6D2A2A9D7B71CDF3FEBBF32BB02E7B45CF53AAEAD5E963A4AA4AF9A149A08A4EC303D5F2369977E93F54897EEAD31B06C5845D63F49D65F8E5573962241A57CCD717CE6CA8C784A11192943616EA059B51BC38429E18D0121FCBB6FBD5D909B0D89E616C66DEF6A0F165A7030BD911A1B120468329CBB006C8D37720E531CF31E878CB4AAAC137633675C3D546F5162487AB35F470C042BDEB945E0F2532BF92AA6FD53434440221ECD3533A7AA89900CB19EFE2CD872DF8B7969AF0D3B72BF31DC5DD69CA6460966F61AB17CB507964098DBA3AF122EEC3128A9BAFE1034493F372B36BD1351205E9043A67C544402D8BCE24358C8A5CE33867A00794CF7097D59C88279A11EE9C854E7E7AAE881F9828C569D208F5F33375F59E9A3818CFA38AAD0CBFBA32F9F44A8BB79DE4C40E3886457C16DA4A27953AA1E99472E35F2323F0BAA5E37DC28CBA46FEFB73B190016055ADD4D27615D748499A0E1C4B8C7EC339C1C4D95A813A85918A8D01EEB485DDCDCEA6EA3F2C2A9D85C139CD90CCB352634F9AFE836BCAC0C274E352BA2071B5269D5DE4CCDE3FF990CBA974980C7332AE1545A9C60D5D1459D3AE95C1AC065733AF14FADB440A110DD539563B8D850CD0704C52F3F7CCCB53630D776560CBD22D8FF08F5B354487A171AEC15F5F54DE9CAB668BCAC573E788D92762EF63E76087005F4AC2D02E0CAC173C11BE62ACE5DC4D3374F2F9746C9981E125FF9AB8CAE76D13039E2C54DFD708E028A619EA1ED78E6B46F06DF0D0B74BBEDD8C190C7C0CEBDE8F7A4888CC36575313478DD2CFE392E9BB7B2416955D44B7024A3BA43FBF37293B386D64746D7748895411D243FAEC50638F2AA33337D7FA018ADDAC5835A0DDFAE99AD6299DFB4CA6872C59853E3AC12FC9E3D26629C5B49CF844C87B3C4BFBE3074E3A1CE6984758C20C661084381CD6B4582D84F19C0000B5FC0DCB42B567E396031601C095D7016283EBE5F13CD8A3A374A74DDBBABD36081149F8BC242085F2F7297CC97FD3B8BAD206D8AC9707A39ECCC7963B522E08DA391A1EF12DD4D746DBDDDCC0834F88160CF189A9645567CEC2F023A571AF0DFD15DB85B744C28C000DF53B05F8F210841F6E87A04F20C777B7C0BE6182BE2E90226E5301A12532A745F2FAAA81637CF11B78CD2B99A4D18B862D6C5DBD31793FB16A2D9AAD376D4484D75AA833D0068B1D34DB74E3302480854E3B5484D8A47E39A89A2FA927BC3641EA7F8E004FDE4C2F08D40D99F1ACB47CAF6887629BF6DFE12968D297596D28CE0CF148B12E7DCB49FB94F5ADBD214C3A6CE1E249831BA9EB8A189F2CE1ABE39A7B537253E369A508A2AF2ADB9463F9B56BBBFF31D535FF997F537C6675C196E7ECBD493F652FA7CC6D9C1CA3379BFDB5AF7513C6E834054494296B91A6EE800114363D5D5D0759F41B4DECB653B9DE3E94583579EF549ED5F3FAFB12661ABC0C57A332406517ED3454EDED34B386C60F78DC976266E0EAF54FC245FB0E3EFC8016236436B599C1C97A8C5E0AC8F7836161873C71F01ED9CC25C236420F41FD8277993D3959205912FA0927B59E3DAE7377D82079447D6E41EE5AEC0DFFF79AF8F4ED47F17EE708FEA45877860D56F8CBCE65A061E8E1CA4A5FBAF0E13429A7F0ADB6F178FA449F46CC539BBC0107E3A53B1C362A04B20E6D721E7E6E1E4976A11DDC98C7614D22B53DFBB6DAE533AC9BE882021A735C30DAA4A44AED09F49A390E8CFF59BD9C30667AF21B03EC5CEBD5C2C3AA2769E8D714191A48E7DDF50B13D1560E82EFB65FCE601AE9E8C351FBA1DED80B7351314E7F9F9A784BFE3759B7E322A84E7B51F9DC5F5D9C8050CD79B27C0A4B0DD68A3C27A948AD6858E35B960D2DEA838C479CAEA83B1A912174ACB2100E55E7A14892D7A9B3711FF0B20065C1995B49E1F23464A92DD140642E3A7B1973849E64D1A3CF60000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000
cleartomark
%%EndProcSet

%!PS-Adobe-2.0
%%Title: Cover
%%Creator: NoWord
%%Pages: (atend)
%%BoundingBox: ? ? ? ?
%%PageBoundingBox: 28 30 566 811
%%For: AriA
%%IncludeProcSet: "(AppleDict md)" 68 0
%%EndComments
%%EndProlog
%%BeginDocumentSetup
md begin

T T -30 -28 811 566 100 72 72 3 F F F F T T T psu
(AriA; document: Cover)jn
0 mf
od
%%EndDocumentSetup
%%Page: ? 1
op
30 28 xl
1 1 pen
99 90 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
bu fc
{}mark T /Times-Roman /|______Times-Roman 0 rf
bn
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
currentfont SwToSym
-0.07540 0.(\323)ashow
setfont
-0.07540 0.( Copyright Arto Karila, 1991)ashow
760 232 gm
14 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.12351 0.(Helsinki, May 31, 1991)ashow
131 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.17135 0. 32 0.01713 0.(This paper may be freely copied and distributed for non-profit purposes provided that)awidthshow
147 90 gm
-0.00610 0.(this front page \(including the copyright text\) is included in the copies. For commercial)ashow
163 90 gm
1.26327 0. 32 0.12632 0.(use a written permission from the author is required. Please, send any comments,)awidthshow
179 90 gm
-0.08451 0.(corrections and enquiries \(preferably by E-mail\) to the address below.)ashow
416 100 gm
18 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.28976 0. 32 0.02897 0.(Open Systems Security \320 an Architectural Framework)awidthshow
561 90 gm
14 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.70297 0. 32 0.07029 0.(Arto T. Karila)awidthshow
593 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.18864 0.(Telecom Finland)ashow
609 90 gm
-0.03498 0.(Business Systems R&D)ashow
625 90 gm
0.53604 0. 32 0.05360 0.(P.O. Box 140)awidthshow
641 90 gm
-0.05065 0.(00511 Helsinki)ashow
657 90 gm
-0.10777 0.(FINLAND)ashow
689 90 gm
-0.07275 0.(atk@ajk.tele.fi)ashow
F T cp
%%Trailer
cd
end
%%Pages: 1 0

% Next: Abstract

%!PS-Adobe-2.0
%%Title: Abstract
%%Creator: NoWord
%%Pages: (atend)
%%BoundingBox: ? ? ? ?
%%PageBoundingBox: 28 30 566 811
%%For: AriA
%%IncludeProcSet: "(AppleDict md)" 68 0
%%EndComments
%%EndProlog
%%BeginDocumentSetup
md begin

T T -30 -28 811 566 100 72 72 3 F F F F T T T psu
(AriA; document: Abstract)jn
0 mf
od
%%EndDocumentSetup
%%Page: ? 1
op
30 28 xl
1 1 pen
45 295 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
bu fc
{}mark T /Times-Roman /|______Times-Roman 0 rf
bn
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(I)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 427 gm
-0.16108 0.(Acknowledgements)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.07638 0.(Key words: Data Security, Security Architecture, Data Communication, Open Systems,)ashow
101 90 gm
-0.08222 0.(OSI, FTAM)ashow
142 90 gm
1 fs
bu fc
{}mark T /Times-Bold /|______Times-Bold 0 rf
bn
18 fz
bu fc
2 F /|______Times-Bold fnt
bn
0.29148 0.(Abstract)ashow
175 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.15441 0. 32 0.01544 0.(An architecture for building secure open systems communicating via untrusted global)awidthshow
191 90 gm
0.03631 0. 32 0.00363 0.(data networks is presented. The work is based on the ISO OSI reference model and its)awidthshow
207 90 gm
0.36636 0. 32 0.03663 0.(security architecture addendum but the results are directly applicable to virtually any)awidthshow
223 90 gm
0.28305 0. 32 0.02830 0.(layered communications architecture such as the DoD Internet architecture \(TCP/IP\).)awidthshow
239 90 gm
-0.08055 0.(Also, several extensions and modifications to the OSI model are suggested.)ashow
271 90 gm
-0.10122 0.(A semiformal model for the security of communications between peer entities within an)ashow
287 90 gm
-0.07565 0.(OSI layer and between entire application instances is presented. This model, along with)ashow
303 90 gm
-0.06401 0.(some new concepts introduced, is successfully used to analyze the security functions of)ashow
319 90 gm
0.55099 0. 32 0.05509 0.(open systems. This work brings a whole new research area at the boundary between)awidthshow
335 90 gm
0.56716 0. 32 0.05671 0.(formal protocol research and cryptology within the reach of formal study. Complete)awidthshow
351 90 gm
-0.08323 0.(formalization of and further elaboration on the model are beyond the scope of this work)ashow
367 90 gm
-0.03619 0.(and left for further study.)ashow
399 90 gm
-0.04054 0.(The degree of freedom offered by the OSI Security Architecture in placing the security)ashow
415 90 gm
-0.06289 0.(services and mechanisms defined in the OSI reference model into its layers is restricted)ashow
431 90 gm
0.42083 0. 32 0.04208 0.(in such a way as to not affect the security of the over-all communication service and)awidthshow
447 90 gm
-0.07170 0.(well-founded placements for various services and mechanisms are proposed.)ashow
479 90 gm
-0.09403 0.(In order to demonstrate the implementability of the solutions proposed here, actual low-)ashow
495 90 gm
0.17639 0. 32 0.01763 0.(level security mechanisms are chosen to fill in the missing parts. Finally, a communi-)awidthshow
511 90 gm
-0.08453 0.(cations profile for secure FTAM is drawn up and a subset of it is implemented based on)ashow
527 90 gm
-0.11808 0.(existing OSI implementations.)ashow
F T cp
%%Page: ? 2
op
30 28 xl
1 1 pen
45 293 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(II)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 427 gm
-0.16108 0.(Acknowledgements)ashow
110 90 gm
1 fs
18 fz
bu fc
2 F /|______Times-Bold fnt
bn
0.29093 0.(Foreword)ashow
143 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.02198 0.(This paper is a cosmetically updated version of my Doctoral Dissertation completed in)ashow
159 90 gm
-0.08961 0.(late 1990 and defended in March 1991 at Helsinki University of Technology.)ashow
191 90 gm
-0.04953 0.(This work is based on the experience of several years of protocol implementation work)ashow
207 90 gm
0.30914 0. 32 0.03091 0.(with the Technical Research Centre of Finland and my more recent experience in the)awidthshow
223 90 gm
1.51428 0. 32 0.15142 0.(development of value added services for our customers at Telecom Finland. The)awidthshow
239 90 gm
0.27435 0. 32 0.02743 0.(approach is rather pragmatic \(for a dissertation\) and the problems are taken from real)awidthshow
255 90 gm
-0.02053 0.(life. I hope this paper will serve a purpose in raising the general level of consciousness)ashow
271 90 gm
-0.08157 0.(of the security risks of open systems and stimulating discussion and research in the area)ashow
287 90 gm
-0.03857 0.(of developing secure open systems.)ashow
319 90 gm
1.29791 0. 32 0.12979 0.(I hope my possible American readers will not be scared off by the seeming OSI-)awidthshow
335 90 gm
0.73822 0. 32 0.07382 0.(orientation of this work. I am by no means an OSI pedantic and most of the results)awidthshow
351 90 gm
-0.12014 0.(obtained here are directly applicable to other layered communications architectures such)ashow
367 90 gm
-0.11936 0.(as the DoD Internet \(TCP/IP\) architecture.)ashow
399 90 gm
1.10733 0. 32 0.11073 0.(I wish to thank my reviewers Dr. Kaisa Nyberg of the Finnish Army and Dr. Olli)awidthshow
415 90 gm
-0.10122 0.(Martikainen of the Technical Research Centre of Finland for their constructive criticism)ashow
431 90 gm
0.38208 0. 32 0.03820 0.(and many comments on the draft versions of this paper. I also thank professor Jarmo)awidthshow
447 90 gm
-0.06970 0.(Harju of Lappeenranta University of Technology for the many discussions on this topic)ashow
463 90 gm
1.80419 0. 32 0.18041 0.(at the early stage of this work. I thank my opponent professor David Farber of)awidthshow
479 90 gm
0.00640 0. 32 0.00064 0.(University of Pennsylvania, who urged me make these minor changes to my work and)awidthshow
495 90 gm
-0.05886 0.(make it publicly available through the internet, for his careful examination of my thesis)ashow
511 90 gm
-0.10006 0.(and the stimulating conversations with him in March 1991.)ashow
543 90 gm
-0.04449 0.(Comments, suggestions, corrections and critique is welcome.)ashow
583 90 gm
0.09780 0. 32 0.00978 0.(Helsinki, Finland, May 31, 1991)awidthshow
611 90 gm
-0.09971 0.(Arto T. Karila)ashow
F T cp
%%Trailer
cd
end
%%Pages: 2 0

% Next: Dissertation

%!PS-Adobe-2.0
%%Title: Dissertation
%%Creator: NoWord
%%Pages: (atend)
%%BoundingBox: ? ? ? ?
%%PageBoundingBox: 28 30 566 811
%%For: AriA
%%IncludeProcSet: "(AppleDict md)" 68 0
%%EndComments
%%EndProlog
%%BeginDocumentSetup
md begin

T T -30 -28 811 566 100 72 72 3 F F F F T T T psu
(AriA; document: Dissertation)jn
0 mf
od
%%EndDocumentSetup
%%Page: ? 1
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
bu fc
{}mark T /Times-Roman /|______Times-Roman 0 rf
bn
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.65621 0.(IV)ashow
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 468 gm
0.06370 0.(Contents)ashow
110 90 gm
1 fs
bu fc
{}mark T /Times-Bold /|______Times-Bold 0 rf
bn
18 fz
bu fc
2 F /|______Times-Bold fnt
bn
0.43197 0.(Contents)ashow
141 90 gm
12 fz
bu fc
2 F /|______Times-Bold fnt
bn
(1)show
141 126 gm
0.42515 0.(Introduction)ashow
141 497 gm
(1)show
165 126 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.5 0.(1.1)ashow
165 162 gm
-0.06504 0.(Evolution towards Open Networks)ashow
165 498 gm
(1)show
189 126 gm
0.5 0.(1.2)ashow
189 162 gm
-0.11930 0.(On the Security of LANs)ashow
189 498 gm
(5)show
213 126 gm
0.5 0.(1.3)ashow
213 162 gm
-0.08152 0.(Need for Security in Open Systems)ashow
213 498 gm
(6)show
237 126 gm
0.5 0.(1.4)ashow
237 162 gm
-0.10951 0.(Standardization of Open Systems Security)ashow
237 498 gm
(7)show
261 126 gm
0.5 0.(1.5)ashow
261 162 gm
-0.12220 0.(The Motivation and Goal of This Work)ashow
261 498 gm
(9)show
291 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
(2)show
291 126 gm
2.34329 0. 32 0.23432 0.(The Basis and Scope of This Work)awidthshow
291 490 gm
2.00006 0.(12)ashow
315 126 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.5 0.(2.1)ashow
315 162 gm
-0.18861 0.(The Basic Model)ashow
315 492 gm
(12)show
331 161 gm
0.49996 0.(2.1.1)ashow
331 197 gm
-0.10964 0.(End Systems and Application Instances)ashow
331 492 gm
(13)show
347 161 gm
0.49996 0.(2.1.2)ashow
347 197 gm
(Network)show
347 492 gm
(15)show
363 161 gm
0.49996 0.(2.1.3)ashow
363 197 gm
-0.09298 0.(Trusted Parties)ashow
363 492 gm
(15)show
379 161 gm
0.49996 0.(2.1.4)ashow
379 197 gm
-0.16458 0.(The Outside World)ashow
379 492 gm
(16)show
403 126 gm
0.5 0.(2.2)ashow
403 162 gm
-0.13761 0.(Communications Categories)ashow
403 492 gm
(16)show
427 126 gm
0.5 0.(2.3)ashow
427 162 gm
-0.05949 0.(The Scope of This Study)ashow
427 492 gm
(19)show
451 126 gm
0.5 0.(2.4)ashow
451 162 gm
-0.11468 0.(Approach to the Goals)ashow
451 492 gm
(21)show
481 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
(3)show
481 126 gm
2.51632 0. 32 0.25163 0.(On Security Requirements and Functions)awidthshow
481 490 gm
2.00006 0.(22)ashow
505 126 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.5 0.(3.1)ashow
505 162 gm
-0.19827 0.(A Security Model)ashow
505 492 gm
(23)show
529 126 gm
0.5 0.(3.2)ashow
529 162 gm
-0.13148 0.(Security Requirements)ashow
529 492 gm
(27)show
545 161 gm
0.49996 0.(3.2.1)ashow
545 197 gm
-0.14118 0.(Security Requirements of FTAM)ashow
545 492 gm
(28)show
561 161 gm
0.49996 0.(3.2.2)ashow
561 197 gm
-0.14196 0.(Security Requirements of the Directory)ashow
561 492 gm
(29)show
577 161 gm
0.49996 0.(3.2.3)ashow
577 197 gm
-0.10298 0.(Security Requirements of the Message Handling System)ashow
577 492 gm
(31)show
593 161 gm
0.49996 0.(3.2.4)ashow
593 197 gm
-0.11262 0.(Summary of the Security Requirements)ashow
593 492 gm
(33)show
617 126 gm
0.5 0.(3.3)ashow
617 162 gm
-0.07742 0.(Security Functions)ashow
617 492 gm
(33)show
641 126 gm
0.5 0.(3.4)ashow
641 162 gm
-0.10449 0.(On the Formal Analysis of Secure Open Systems)ashow
641 492 gm
(38)show
665 126 gm
0.5 0.(3.5)ashow
665 162 gm
-0.12461 0.(On the Placement of Security Functions)ashow
665 492 gm
(40)show
681 161 gm
0.49996 0.(3.5.1)ashow
681 197 gm
-0.12783 0.(Application Process)ashow
681 492 gm
(42)show
697 161 gm
0.49996 0.(3.5.2)ashow
697 197 gm
-0.14508 0.(Application and Presentation Layers)ashow
697 492 gm
(42)show
713 161 gm
0.49996 0.(3.5.3)ashow
713 197 gm
-0.10745 0.(The Lower Layers)ashow
713 492 gm
(47)show
F T cp
%%Page: ? 2
op
30 28 xl
1 1 pen
45 293 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(V)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 468 gm
0.06370 0.(Contents)ashow
99 90 gm
1 fs
12 fz
bu fc
2 F /|______Times-Bold fnt
bn
(4)show
99 126 gm
2.42523 0. 32 0.24252 0.(A Secure General Purpose OSI Protocol Stack)awidthshow
99 490 gm
2.00006 0.(49)ashow
123 126 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.5 0.(4.1)ashow
123 162 gm
-0.25469 0.(Authentication)ashow
123 492 gm
(51)show
139 161 gm
0.49996 0.(4.1.1)ashow
139 197 gm
-0.14106 0.(Authentication and its Significance with Various Services)ashow
139 492 gm
(51)show
155 161 gm
0.49996 0.(4.1.2)ashow
155 197 gm
-0.17669 0.(Placement of Authentication in the OSI model)ashow
155 492 gm
(52)show
171 161 gm
0.49996 0.(4.1.3)ashow
171 197 gm
-0.20661 0.(Authentication Mechanisms)ashow
171 492 gm
(52)show
195 126 gm
0.5 0.(4.2)ashow
195 162 gm
-0.16430 0.(Integrity)ashow
195 492 gm
(53)show
211 161 gm
0.49996 0.(4.2.1)ashow
211 197 gm
-0.11578 0.(Integrity and its Significance with Various Services)ashow
211 492 gm
(53)show
227 161 gm
0.49996 0.(4.2.2)ashow
227 197 gm
-0.15614 0.(Placement of Integrity in the OSI Model)ashow
227 492 gm
(53)show
243 161 gm
0.49996 0.(4.2.3)ashow
243 197 gm
-0.15585 0.(Integrity Mechanisms)ashow
243 492 gm
(54)show
267 126 gm
0.5 0.(4.3)ashow
267 162 gm
-0.18949 0.(Confidentiality)ashow
267 492 gm
(56)show
283 161 gm
0.49996 0.(4.3.1)ashow
283 197 gm
-0.12707 0.(Confidentiality and its Significance with Various Services)ashow
283 492 gm
(56)show
299 161 gm
0.49996 0.(4.3.2)ashow
299 197 gm
-0.16531 0.(Placement of Confidentiality in the OSI Model)ashow
299 492 gm
(56)show
315 161 gm
0.49996 0.(4.3.3)ashow
315 197 gm
-0.17204 0.(Confidentiality Mechanisms)ashow
315 492 gm
(57)show
339 126 gm
0.5 0.(4.4)ashow
339 162 gm
-0.09388 0.(Non-Repudiation)ashow
339 492 gm
(57)show
355 161 gm
0.49996 0.(4.4.1)ashow
355 197 gm
-0.10360 0.(Non-Repudiation and its Significance with Various Services)ashow
355 492 gm
(57)show
371 161 gm
0.49996 0.(4.4.2)ashow
371 197 gm
-0.13484 0.(Placement of Non-Repudiation in the OSI Model)ashow
371 492 gm
(58)show
387 161 gm
0.49996 0.(4.4.3)ashow
387 197 gm
-0.11848 0.(Non-Repudiation Mechanisms)ashow
387 492 gm
(58)show
411 126 gm
0.5 0.(4.5)ashow
411 162 gm
-0.12619 0.(Access Control)ashow
411 492 gm
(59)show
427 161 gm
0.49996 0.(4.5.1)ashow
427 197 gm
-0.11125 0.(Access Control and its Significance with Various Services)ashow
427 492 gm
(59)show
443 161 gm
0.49996 0.(4.5.2)ashow
443 197 gm
-0.14556 0.(Placement of Access Control in the OSI Model)ashow
443 492 gm
(60)show
459 161 gm
0.49996 0.(4.5.3)ashow
459 197 gm
-0.13703 0.(Access Control Mechanisms)ashow
459 492 gm
(60)show
489 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
(5)show
489 126 gm
3.47244 0. 32 0.34724 0.(Management Issues)awidthshow
489 490 gm
2.00006 0.(61)ashow
513 126 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.5 0.(5.1)ashow
513 162 gm
-0.12638 0.(Activation and Negotiation of Security Functions)ashow
513 492 gm
(61)show
537 126 gm
0.5 0.(5.2)ashow
537 162 gm
-0.13554 0.(Distribution and Management of Keys)ashow
537 492 gm
(62)show
553 161 gm
0.49996 0.(5.2.1)ashow
553 197 gm
-0.15008 0.(Management of Master Keys)ashow
553 492 gm
(63)show
569 161 gm
0.49996 0.(5.2.2)ashow
569 197 gm
-0.07817 0.(Management of Session Keys)ashow
569 492 gm
(65)show
585 161 gm
0.49996 0.(5.2.3)ashow
585 197 gm
-0.09069 0.(On the Generation of Public Key Pairs)ashow
585 492 gm
(66)show
615 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
(6)show
615 126 gm
3.75900 0. 32 0.37590 0.(Implementational Issues)awidthshow
615 490 gm
2.00006 0.(67)ashow
639 126 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.5 0.(6.1)ashow
639 162 gm
-0.08122 0.(Software Environments)ashow
639 492 gm
(67)show
655 161 gm
0.49996 0.(6.1.1)ashow
655 197 gm
-0.11485 0.(Some Sample Environments)ashow
655 492 gm
(67)show
671 161 gm
0.49996 0.(6.1.2)ashow
671 197 gm
-0.08448 0.(The Effects of Software Environment on Systems Security)ashow
671 492 gm
(70)show
695 126 gm
0.5 0.(6.2)ashow
695 162 gm
-0.05578 0.(On the Use of Hardware and Software)ashow
695 492 gm
(71)show
719 126 gm
0.5 0.(6.3)ashow
719 162 gm
-0.10513 0.(On the Role of Smart Cards)ashow
719 492 gm
(71)show
743 126 gm
0.5 0.(6.4)ashow
743 162 gm
-0.07745 0.(Real Cryptosystems)ashow
743 492 gm
(75)show
F T cp
%%Page: ? 3
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.65621 0.(VI)ashow
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 468 gm
0.06370 0.(Contents)ashow
99 90 gm
1 fs
12 fz
bu fc
2 F /|______Times-Bold fnt
bn
(7)show
99 126 gm
2.56988 0. 32 0.25698 0.(Implementing Secure FTAM)awidthshow
99 490 gm
2.00006 0.(76)ashow
123 126 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.5 0.(7.1)ashow
123 162 gm
-0.11750 0.(Requirements and Restrictions)ashow
123 492 gm
(76)show
147 126 gm
0.5 0.(7.2)ashow
147 162 gm
-0.14837 0.(FTAM Security Profile)ashow
147 492 gm
(76)show
171 126 gm
0.5 0.(7.3)ashow
171 162 gm
-0.12252 0.(Management Issues)ashow
171 492 gm
(78)show
195 126 gm
0.5 0.(7.4)ashow
195 162 gm
-0.18507 0.(Implementation Environment)ashow
195 492 gm
(79)show
219 126 gm
0.5 0.(7.5)ashow
219 162 gm
-0.09358 0.(Current Status of the Project)ashow
219 492 gm
(79)show
249 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
(8)show
249 126 gm
0.79965 0.(Conclusions)ashow
249 490 gm
2.00006 0.(82)ashow
279 90 gm
0.50004 0.(Appendix:)ashow
309 90 gm
1.33685 0.(A1)ashow
309 126 gm
3.70407 0. 32 0.37040 0.(Security Mechanisms)awidthshow
309 490 gm
2.00006 0.(84)ashow
333 126 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.11228 0.(A1.1)ashow
333 162 gm
-0.18453 0.(Data Encryption Mechanisms)ashow
333 492 gm
(85)show
349 162 gm
0.26733 0.(A1.1.1)ashow
349 207 gm
-0.15391 0.(Symmetric Encryption Mechanisms)ashow
349 492 gm
(86)show
365 162 gm
0.26733 0.(A1.1.2)ashow
365 207 gm
-0.17022 0.(Asymmetric Encryption Mechanisms)ashow
365 492 gm
(87)show
381 162 gm
0.26733 0.(A1.1.3)ashow
381 207 gm
-0.11576 0.(On the Use of Encryption Mechanisms)ashow
381 492 gm
(87)show
405 126 gm
0.11228 0.(A1.2)ashow
405 162 gm
-0.13848 0.(Signature Mechanisms)ashow
405 492 gm
(88)show
429 126 gm
0.11228 0.(A1.3)ashow
429 162 gm
-0.15585 0.(Integrity Mechanisms)ashow
429 492 gm
(89)show
453 126 gm
0.11228 0.(A1.4)ashow
453 162 gm
-0.25469 0.(Authentication)ashow
453 492 gm
(93)show
477 126 gm
0.11228 0.(A1.5)ashow
477 162 gm
-0.09434 0.(Zero-Knowledge Techniques)ashow
477 486 gm
(102)show
501 126 gm
0.11228 0.(A1.6)ashow
501 162 gm
-0.12812 0.(Physical Mechanisms)ashow
501 486 gm
(103)show
531 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.33685 0.(A2)ashow
531 126 gm
3.61679 0. 32 0.36167 0.(Some Commonly Used Cryptosystems)awidthshow
531 483 gm
1.50004 0.(105)ashow
555 126 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.11228 0.(A2.1)ashow
555 162 gm
-0.33200 0.(DES)ashow
555 486 gm
(105)show
579 126 gm
0.11228 0.(A2.2)ashow
579 162 gm
-0.16897 0.(RSA)ashow
579 486 gm
(107)show
603 126 gm
0.11228 0.(A2.3)ashow
603 162 gm
-0.20751 0.(The Diffie-Hellman Algorithm)ashow
603 486 gm
(108)show
633 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.33685 0.(A3)ashow
633 126 gm
2.60314 0. 32 0.26031 0.(The Kerberos Authentication Server)awidthshow
633 483 gm
1.50004 0.(109)ashow
663 90 gm
1.33685 0.(A4)ashow
663 126 gm
4.17831 0. 32 0.41783 0.(Security Policy)awidthshow
663 483 gm
1.50004 0.(111)ashow
693 90 gm
0.60507 0.(Bibliography)ashow
693 483 gm
1.50004 0.(113)ashow
723 90 gm
0.81022 0.(Glossary)ashow
723 483 gm
1.50004 0.(132)ashow
F T cp
%%Page: ? 4
op
30 28 xl
1 1 pen
45 294 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(1)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
110 90 gm
1 fs
18 fz
bu fc
2 F /|______Times-Bold fnt
bn
(1)show
110 126 gm
0.27415 0.(Introduction)ashow
143 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.15554 0. 32 0.11555 0.(The role of information networks in today's world is becoming ever more central.)awidthshow
159 90 gm
0.76385 0. 32 0.07638 0.(Information systems are taking over new areas of application and replacing manual)awidthshow
175 90 gm
0.40008 0. 32 0.04000 0.(systems in private, public and corporate life. Electronic Data Processing \(EDP\) is no)awidthshow
191 90 gm
-0.06631 0.(longer seen as simply a way to rationalize the internal operations of an organization but)ashow
207 90 gm
-0.03979 0.(it is expanding from within the organization to its external relations, such as those with)ashow
223 90 gm
-0.00549 0.(customers, partners, suppliers and officials.)ashow
255 90 gm
-0.10653 0.(Data communication is an integral part of any modern information system. In the earlier)ashow
271 90 gm
1.07162 0. 32 0.10716 0.(days data communication was seen as a way of making computing equipment and)awidthshow
287 90 gm
-0.07675 0.(centralized information systems accessible from a geographically large area. Nowadays)ashow
303 90 gm
0.58288 0. 32 0.05828 0.(the network is seen as the central part of information systems, interconnecting com-)awidthshow
319 90 gm
-0.04818 0.(municating peers, not masters and slaves.)ashow
351 90 gm
0.37017 0. 32 0.03701 0.(The client-server architecture is based on the central role of telecommunications net-)awidthshow
367 90 gm
0.39398 0. 32 0.03939 0.(works. The network interconnects users with various information services \(and these)awidthshow
383 90 gm
0.95748 0. 32 0.09574 0.(services with one-another\). Large, distributed information systems are increasingly)awidthshow
399 90 gm
2.54791 0. 32 0.25479 0.(often collections of smaller systems communicating through the network \(not)awidthshow
415 90 gm
-0.11708 0.(necessarily in real-time\).)ashow
450 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(1.1)ashow
450 126 gm
3.12591 0. 32 0.31259 0.(Evolution towards Open Networks)awidthshow
482 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.38238 0. 32 0.03823 0.(Separate networks are integrating into a universal internet, consisting of a number of)awidthshow
498 90 gm
-0.15309 0.(interconnected networks. The  )ashow
2 fs
bu fc
{}mark T /Times-Italic /|______Times-Italic 0 rf
bn
bu fc
2 F /|______Times-Italic fnt
bn
-0.15303 0.(International Organization of Standardization)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.10830 0.( \()ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.19262 0.(ISO)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.10830 0.(\) )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.24777 0.(Con-)ashow
514 90 gm
0.79299 0. 32 0.07929 0.(nectionless Network Protocol)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.15625 0. 32 0.01562 0.( \()awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.20112 0.(CLNP)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.36544 0. 32 0.03654 0.(, also called )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.55267 0. 32 0.05526 0.(ISO IP)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.39993 0. 32 0.03999 0.(\) will define a way to inter-)awidthshow
530 90 gm
1.55868 0. 32 0.15586 0.(connect virtually all the networks and access any )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.14584 0. 32 0.21458 0.(Network Service Access Point)awidthshow
546 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.21484 0.(\()ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.38554 0.(NSAP)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.07666 0. 32 0.10766 0.(\) from any other NSAP worldwide \(see e.g. [BI89, IS8348/A1, IS8473] for)awidthshow
562 90 gm
-0.08433 0.(detailed information on ISO IP\).)ashow
594 90 gm
0.05767 0. 32 0.00576 0.(At the moment, the )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.09094 0. 32 0.00909 0.(Internet Protocol Suite)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.04943 0. 32 0.00494 0.( \(also known as )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.02172 0.(TCP/IP)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.05554 0. 32 0.00555 0.(, see [Cla88] for an)awidthshow
610 90 gm
0.24429 0. 32 0.02442 0.(overview of the goals and reasoning behind the design of these protocols\) of the U.S.)awidthshow
626 90 gm
0.18173 0. 32 0.01817 0.(Department of Defense \(DoD\), defined in the )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.24978 0. 32 0.02497 0.(Request for Comment)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.05462 0. 32 0.00546 0.( \()awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.07078 0.(RFC)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.24673 0. 32 0.02467 0.(\) standards,)awidthshow
642 90 gm
0.24459 0. 32 0.02445 0.(offers the most natural evolution path towards true open systems \(in the OSI sense of)awidthshow
658 90 gm
1.26358 0. 32 0.12635 0.(the word\). The DoD IP network protocol [RFC81a] offers the first usable way of)awidthshow
674 90 gm
0.98556 0. 32 0.09855 0.(interconnecting heterogeneous networks and routing traffic between them. It is the)awidthshow
690 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.17523 0. 32 0.11752 0.(Connectionless Network Service)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.22048 0. 32 0.02204 0.( \()awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.27131 0.(CLNS)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.71716 0. 32 0.07171 0.(\) [IS8348/A1] and )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.42791 0. 32 0.14279 0.(Connectionless Network)awidthshow
706 90 gm
0.07937 0.(Protocol)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.08819 0. 32 0.00881 0.( \()awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.11344 0.(CLNP)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.26443 0. 32 0.02644 0.(\) [IS8473] of ISO that are the natural successors of DoD IP, offering)awidthshow
722 90 gm
-0.08149 0.(practically the same functionality but in an internationally standardized form and with a)ashow
738 90 gm
-0.04833 0.(larger, better structured address space.)ashow
F T cp
%%Page: ? 5
op
30 28 xl
1 1 pen
45 294 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(2)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.03775 0.(The employment of US GOSIP [GOS89] in August 1990, mandating the use of ISO IP)ashow
117 90 gm
0.46112 0. 32 0.04611 0.(by US Agencies, whenever possible, will give significant boost to ISO IP during the)awidthshow
133 90 gm
0.23361 0. 32 0.02336 0.(year 1991. The proliferation of DECnet Phase V, based on ISO IP and TP4 [IS8073],)awidthshow
149 90 gm
0.63598 0. 32 0.06359 0.(coincides with this development. [Hei90] gives a concise overview of the migration)awidthshow
165 90 gm
-0.03024 0.(from DoD IP to ISO IP.)ashow
197 90 gm
0.21972 0. 32 0.02197 0.(In addition to the Connectionless Network Service and Protocol, ISO also defines the)awidthshow
213 90 gm
2.15789 0. 32 0.21578 0.(Connection-mode Network Service \(CONS\) [IS8348, X.213] and its associated)awidthshow
229 90 gm
1.53518 0. 32 0.15351 0.(protocols. Network or transport layer gateways can be used to interface between)awidthshow
245 90 gm
-0.02819 0.(networks offering these two kinds of service.)ashow
277 90 gm
0.63522 0. 32 0.06352 0.(It is, however, probable that the connectionless version of the ISO Network Service)awidthshow
293 90 gm
-0.05526 0.(will be predominant in the near future, e.g. for the following reasons:)ashow
325 90 gm
(-)show
325 126 gm
1.39785 0. 32 0.13978 0.(For the client-server architecture connectionless communications are more)awidthshow
341 126 gm
0.02868 0. 32 0.00286 0.(natural than connection-oriented communications. In many cases, such as with)awidthshow
357 126 gm
1.10351 0. 32 0.11035 0.(directory or database queries, the exchange of one request-response pair of)awidthshow
373 126 gm
1.71966 0. 32 0.17196 0.(messages is sufficient to do the job without the unnecessary overhead of)awidthshow
389 126 gm
-0.08485 0.(opening and closing a \(virtual\) network connection.)ashow
421 90 gm
(-)show
421 126 gm
0.52764 0. 32 0.05276 0.(For example LANs, which are becoming ever more popular as local network)awidthshow
437 126 gm
-0.00262 0.(solutions, are connectionless by nature. Mapping a connectionless service onto)ashow
453 126 gm
-0.09628 0.(a connection-oriented network is much easier than doing the opposite.)ashow
485 90 gm
(-)show
485 126 gm
-0.02401 0.(It has been shown in the world-wide Academic Internet \(currently based on the)ashow
501 126 gm
0.64788 0. 32 0.06478 0.(DoD IP\) that it is possible to build large, technologically heterogeneous net-)awidthshow
517 126 gm
0.65505 0. 32 0.06550 0.(works offering universal connectionless service while using low-cost routers)awidthshow
533 126 gm
0.64529 0. 32 0.06452 0.(and achieving high line utilization. In fact, connectionless service appears to)awidthshow
549 126 gm
1.50360 0. 32 0.15036 0.(make the interconnection of networks of highly different capacities rather)awidthshow
565 126 gm
-0.07475 0.(straight-forward and efficient.)ashow
597 90 gm
(-)show
597 126 gm
-0.00668 0.(Transmission techniques are becoming ever more reliable making it feasible to)ashow
613 126 gm
-0.06962 0.(recover from transmission errors at a higher protocol layer, namely by using the)ashow
629 126 gm
1.52893 0. 32 0.15289 0.(ISO )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.25418 0. 32 0.22541 0.(Class 4 Transport Protocol)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.55877 0. 32 0.05587 0.( \()awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.34924 0. 32 0.23492 0.(ISO TP4)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.77154 0. 32 0.17715 0.(\) [IS8073, X.224] or the DoD)awidthshow
645 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.03881 0. 32 0.10388 0.(Transmission Control Protocol)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.19775 0. 32 0.01977 0.( \()awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.24891 0.(TCP)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.72784 0. 32 0.07278 0.(\) [RFC81b], which effectively hide the)awidthshow
661 126 gm
-0.08662 0.(connectionless nature of the network service from the upper protocol layers.)ashow
693 90 gm
0.02792 0. 32 0.00279 0.(In a world-wide connectionless internet alternate routes, load balancing and automatic)awidthshow
709 90 gm
1.31866 0. 32 0.13186 0.(rerouting are operating on a global scale. Individually routed data packets can be)awidthshow
725 90 gm
0.11306 0. 32 0.01130 0.(expected to arrive via any route and it is impossible to trust all the networks along the)awidthshow
741 90 gm
0.57800 0. 32 0.05780 0.(way. Therefore, it is practically impossible to guarantee the security of the network,)awidthshow
757 90 gm
-0.09211 0.(even though teleoperators will do their best to make their networks reasonably secure.)ashow
F T cp
%%Page: ? 6
op
30 28 xl
1 1 pen
45 294 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(3)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.32485 0. 32 0.03248 0.(For example [Bar90] deals with the security requirements of WANs. This paper only)awidthshow
117 90 gm
1.42501 0. 32 0.14250 0.(discusses the more traditional networks: the Public Switched Telephone Network)awidthshow
133 90 gm
1.12045 0. 32 0.11204 0.(\(PSTN\), its digital successor Integrated Services Digital Network \(ISDN\), and the)awidthshow
149 90 gm
0.64712 0. 32 0.06471 0.(X.25 packet network [X.25]. The paper is interesting because it gives a list of basic)awidthshow
165 90 gm
0.09628 0. 32 0.00962 0.(requirements for the security of a WAN as seen from the teleoperator's perspective. A)awidthshow
181 90 gm
-0.00178 0.(rather superficial survey of the security problems associated with a DoD IP network is)ashow
197 90 gm
-0.03544 0.(presented in [Bel89] \(and criticized in [Ken89]\). In practice, a world-wide internet will)ashow
213 90 gm
-0.03253 0.(always have to be assumed untrustworthy.)ashow
245 90 gm
0.18020 0. 32 0.01802 0.(The DoD TCP/IP offers to a great extent the same kind of service as ISO TP4/CLNP.)awidthshow
261 90 gm
-0.02973 0.(Upper layer ISO protocols can be run on top of either, as demonstrated by the example)ashow
277 90 gm
0.72082 0. 32 0.07208 0.(of ISODE, and the evolution from DoD to ISO protocols will be aided by transport)awidthshow
293 90 gm
0.88256 0. 32 0.08825 0.(layer gateways [KLP83, Ros90, LT90] \(for an example of an asymmetric transport)awidthshow
309 90 gm
2.16629 0. 32 0.21662 0.(layer gateway see figure 7-3\). Some of the first large scale open systems will)awidthshow
325 90 gm
1.10000 0. 32 0.11000 0.(undoubtedly be based on the existing DoD IP infrastructure. During the migration)awidthshow
341 90 gm
0.18508 0. 32 0.01850 0.(towards OSI the upper layer protocols of the DoD Internet Protocol Suite will also be)awidthshow
357 90 gm
0.29281 0. 32 0.02928 0.(run on top of OSI lower layers, where ISO IP solves the problems of insufficient and)awidthshow
373 90 gm
0.24475 0. 32 0.02447 0.(badly structured address space of the DoD IP. As OSI matures, true seven-layer open)awidthshow
389 90 gm
-0.05136 0.(systems \(in the ISO sense of the word\) will emerge.)ashow
421 90 gm
0.24276 0. 32 0.02427 0.(In the future, Corporate Networks, Value Added Networks \(VANs\) and such will not)awidthshow
437 90 gm
0.31692 0. 32 0.03169 0.(be separate physical networks but rather virtual networks, i.e. collections of Network)awidthshow
453 90 gm
1.54678 0. 32 0.15467 0.(Service Access Points \(NSAPs\) forming a logical network. Also, one NSAP can)awidthshow
469 90 gm
-0.07087 0.(simultaneously belong to any number of such logical networks.)ashow
0 0 gm
(nc 511 193 700 400 6 rc)kp
64 gr
543 252 656 365 1 ov
1 2 lw
0 gr
543.5 252.5 655.5 364.5 0 ov
1 1 lw
0 0 pen
433 107 gm
433 107 lin
604 287 gm
0.01074 0 rmoveto
1 setTxMode
18 fz
bu fc
2 F /|______Times-Roman fnt
bn
(WAN)show
1 2 lw
1 1 pen
0 gr
531.5 213.5 589.5 271.5 0 ov
1 1 lw
0 0 pen
609 287 gm
609 287 lin
566 226 gm
1 setTxMode
14 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.32940 0.(MAN)ashow
1 2 lw
1 1 pen
0 gr
525.5 341.5 583.5 399.5 0 ov
1 1 lw
0 0 pen
569 226 gm
569 226 lin
560 354 gm
1 setTxMode
-0.32940 0.(MAN)ashow
1 2 lw
1 1 pen
0 gr
626.5 228.5 684.5 286.5 0 ov
1 1 lw
0 0 pen
563 354 gm
563 354 lin
661 241 gm
1 setTxMode
-0.32940 0.(MAN)ashow
1 2 lw
1 1 pen
0 gr
511.5 198.5 545.5 233.5 0 ov
1 1 lw
0 0 pen
664 241 gm
664 241 lin
64 gr
523 203 535 229 1 rc
531 204 gm
1 setTxMode
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.32806 0.(LAN)ashow
1 2 lw
1 1 pen
0 gr
572.5 193.5 606.5 228.5 0 ov
1 1 lw
0 0 pen
534 204 gm
534 204 lin
64 gr
584 198 596 224 1 rc
592 199 gm
1 setTxMode
-0.32806 0.(LAN)ashow
1 2 lw
1 1 pen
0 gr
642.5 196.5 676.5 231.5 0 ov
1 1 lw
0 0 pen
595 199 gm
595 199 lin
64 gr
654 201 666 227 1 rc
662 202 gm
1 setTxMode
-0.32806 0.(LAN)ashow
1 2 lw
1 1 pen
0 gr
628.5 344.5 662.5 379.5 0 ov
1 1 lw
0 0 pen
665 202 gm
665 202 lin
64 gr
640 349 652 375 1 rc
648 350 gm
1 setTxMode
-0.32806 0.(LAN)ashow
1 2 lw
1 1 pen
0 gr
515.5 291.5 549.5 326.5 0 ov
1 1 lw
0 0 pen
651 350 gm
651 350 lin
64 gr
527 296 539 322 1 rc
535 297 gm
1 setTxMode
-0.32806 0.(LAN)ashow
1 2 lw
1 1 pen
0 gr
665.5 274.5 699.5 309.5 0 ov
1 1 lw
0 0 pen
538 297 gm
538 297 lin
64 gr
677 279 689 305 1 rc
685 280 gm
1 setTxMode
-0.32806 0.(LAN)ashow
1 1 pen
753 90 gm
(nc 30 28 811 566 6 rc)kp
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.26438 0.(Figure 1-1:)ashow
753 162 gm
-0.06256 0.(A multi-level network hierarchy.)ashow
F T cp
%%Page: ? 7
op
30 28 xl
1 1 pen
45 294 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(4)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.11781 0.(A multi-level hierarchy of networks is emerging \(as depicted in figure 1-1\):)ashow
133 90 gm
0.83831 0. 32 0.08383 0.(Individual computers and work stations are connected to fast Local Area Networks)awidthshow
149 90 gm
-0.00221 0.(\(LANs\) spanning office buildings or parts of them. LANs offer transmission speeds in)ashow
165 90 gm
0.49942 0. 32 0.04994 0.(the range of Mb/s today and the speeds are rising. This is a significant improvement)awidthshow
181 90 gm
-0.01734 0.(over the more traditional transmission speeds in the order of kb/s. LANs also offer full)ashow
197 90 gm
0.65628 0. 32 0.06562 0.(connectivity \(direct communication between any two stations in the same network\).)awidthshow
213 90 gm
0.74737 0. 32 0.07473 0.(Examples of todays LANs are Ethernet \(10 Mb/s\) [IS8802-3], Token Ring \(4 or 16)awidthshow
229 90 gm
0.25360 0. 32 0.02536 0.(Mb/s\) [IS8802-5], and FDDI and FDDI II \(100 Mb/s\) [IS9314-1,2,3,4,5, RHF90].)awidthshow
261 90 gm
1.22222 0. 32 0.12222 0.(These LANs may be connected into fast areal backbone networks interconnecting)awidthshow
277 90 gm
0.58029 0. 32 0.05802 0.(LANs within e.g. one building, building complex or campus area at a speed compa-)awidthshow
293 90 gm
0.49087 0. 32 0.04908 0.(rable to that of the LANs. Current backbones are of the same types as the LANs but)awidthshow
309 90 gm
-0.04200 0.(usually built with fiber optics technology \(see e.g. [Kat90]\).)ashow
341 90 gm
0.93872 0. 32 0.09387 0.(Metropolitan Area Networks \(MANs\) [IEE90] are emerging. They will span entire)awidthshow
357 90 gm
0.25970 0. 32 0.02597 0.(cities with speeds above 100 Mb/s. LANs and Private Branch Exchanges \(PBXs\) can)awidthshow
373 90 gm
1.40838 0. 32 0.14083 0.(in the near future be connected to these MANs. Unlike LANs, MANs will be an)awidthshow
389 90 gm
-0.02168 0.(integral part of the modern public network infrastructure being owned and operated by)ashow
405 90 gm
0.56869 0. 32 0.05686 0.(teleoperators and sharing the addressing and network management schemes of other)awidthshow
421 90 gm
(public networks.)show
453 90 gm
1.06826 0. 32 0.10682 0.(Wide Area Networks \(WANs\) are used for long-haul services. Modern WANs are)awidthshow
469 90 gm
1.02142 0. 32 0.10214 0.(based on fiber optics transmission systems in the Gb/s speed range. 2 Mb/s leased)awidthshow
485 90 gm
-0.11938 0.(circuits are now available to most places, even internationally. Among the most interest-)ashow
501 90 gm
0.09017 0. 32 0.00901 0.(ing new public data services are )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.15884 0. 32 0.01588 0.(Frame Relay)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.10330 0. 32 0.01033 0.(, a next generation public packet service)awidthshow
517 90 gm
-0.06976 0.(standardized by CCITT and ANSI, already commercially supported and soon emerging)ashow
533 90 gm
-0.04421 0.(in many countries, and the )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.04731 0.(Switched Multi-megabit Data Service)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.03211 0.( \()ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.07040 0.(SMDS)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.04283 0.(\), a fast packet)ashow
549 90 gm
0.45379 0. 32 0.04537 0.(service expected to supersede the current WAN services [DKK90, PK90]. The long-)awidthshow
565 90 gm
-0.02345 0.(haul network is \(possibly\) evolving towards Asynchronous Transfer Mode \(ATM\) and)ashow
581 90 gm
0.04333 0. 32 0.00433 0.(Broadband ISDN. For those interested in the evolution of wide-area networks [Hei91])awidthshow
597 90 gm
-0.06930 0.(gives a good overview of the current trends in this area.)ashow
629 90 gm
-0.00579 0.(In this network hierarchy most of the traffic is local \(within the same LAN\). The LAN)ashow
645 90 gm
0.18432 0. 32 0.01843 0.(offers virtually unlimited capacity for a flat fee \(the cost of the investment and opera-)awidthshow
661 90 gm
-0.01657 0.(tion\). As we rise higher in the hierarchy the amount of traffic decreases and the cost of)ashow
677 90 gm
0.92376 0. 32 0.09237 0.(transmission increases but the quality and speed of the service remain high. A few)awidthshow
693 90 gm
-0.10264 0.(orders of magnitude increase in the capacities of internets is expected within a couple of)ashow
709 90 gm
0.17822 0. 32 0.01782 0.(years, as pointed out e.g. in [Par90].)awidthshow
741 90 gm
0.21087 0. 32 0.02108 0.(This development opens completely new views for designers of information services.)awidthshow
757 90 gm
0.19775 0. 32 0.01977 0.(For example, a work station connected to a LAN can communicate with virtually any)awidthshow
F T cp
%%Page: ? 8
op
30 28 xl
1 1 pen
45 294 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(5)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.03729 0.(other computer \(world-wide\) at a high bandwidth and with a relatively short round-trip)ashow
101 90 gm
1.09024 0. 32 0.10902 0.(delay. It is clear that this kind of connectivity brings with it hitherto unthought-of)awidthshow
117 90 gm
-0.08485 0.(security risks that need to be taken under control.)ashow
149 90 gm
0.08026 0. 32 0.00802 0.(The complexities of network management are described e.g. in [CPW89]. The emerg-)awidthshow
165 90 gm
0.54000 0. 32 0.05400 0.(ing new network architecture presents two major challenges for telecommunications)awidthshow
181 90 gm
-0.06640 0.(operators and vendors of information systems:)ashow
213 90 gm
(-)show
213 126 gm
1.76895 0. 32 0.17689 0.(Network management needs to be raised onto a new level, where virtual)awidthshow
229 126 gm
-0.05776 0.(networks can efficiently be defined and managed on top of the integrating basic)ashow
245 126 gm
0.12707 0.(networks.)ashow
277 90 gm
(-)show
277 126 gm
0.92208 0. 32 0.09220 0.(Tools for enforcing the security policies dictated by owners of these virtual)awidthshow
293 126 gm
-0.03198 0.(networks are needed.)ashow
325 90 gm
0.27328 0. 32 0.02732 0.(Practically all Local Area Networks have a multicast capability where the same \(data)awidthshow
341 90 gm
0.98571 0. 32 0.09857 0.(link level\) message can be simultaneously addressed to a group of recipients. This)awidthshow
357 90 gm
0.19592 0. 32 0.01959 0.(capability is also included in some of the modern WAN networks techniques, such as)awidthshow
373 90 gm
0.76049 0. 32 0.07604 0.(Frame Relay. Also some applications, such as MHS, include a multicast capability.)awidthshow
389 90 gm
1.69952 0. 32 0.16995 0.(Unfortunately the ISO network service is not designed to offer this service. For)awidthshow
405 90 gm
1.21337 0. 32 0.12133 0.(emerging new internet-based services, such as workstation-based multimedia- and)awidthshow
421 90 gm
-0.07154 0.(video conferencing, a multicast network service would be most useful.)ashow
453 90 gm
1.00357 0. 32 0.10035 0.(In fact, there is a strong tendency to develop a multicast capability to protocols of)awidthshow
469 90 gm
0.66741 0. 32 0.06674 0.(various layers of the OSI model. The need for LAN-like multicasting in internets is)awidthshow
485 90 gm
0.33355 0. 32 0.03335 0.(pointed out e.g. in [Dee88] and various data link and network layer multicast routing)awidthshow
501 90 gm
1.03912 0. 32 0.10391 0.(algorithms are suggested. A multicast transport protocol, supporting a sequence of)awidthshow
517 90 gm
0.23956 0. 32 0.02395 0.(exchanges of arbitrarily sized request and response messages between a client a large)awidthshow
533 90 gm
0.13992 0. 32 0.01399 0.(number of servers, is proposed in [CP88].)awidthshow
568 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(1.2)ashow
568 126 gm
2.30010 0. 32 0.23001 0.(On the Security of LANs)awidthshow
600 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.08917 0. 32 0.10891 0.(While LANs have many desirable properties, such as high bandwidth, short trans-)awidthshow
616 90 gm
0.75103 0. 32 0.07510 0.(mission delay, and no traffic-dependent cost, they also pose a considerable security)awidthshow
632 90 gm
-0.05227 0.(threat.)ashow
664 90 gm
0.15975 0. 32 0.01597 0.(In a LAN, all the stations are constantly listening to the medium, picking up all trans-)awidthshow
680 90 gm
-0.03796 0.(mitted messages, and recognizing those addressed to them by the destination addresses)ashow
696 90 gm
-0.00938 0.(of the messages. This means that any station can undetected listen to all the traffic in a)ashow
712 90 gm
-0.00625 0.(LAN. Also, any station can assume a false identity and start transmitting with a wrong)ashow
728 90 gm
-0.07072 0.(source address thereby impersonating as another station.)ashow
F T cp
%%Page: ? 9
op
30 28 xl
1 1 pen
45 294 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(6)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
2.28591 0. 32 0.22859 0.(One of the most obvious attacks is the recording and replay of authentication)awidthshow
117 90 gm
0.76110 0. 32 0.07611 0.(sequences. With a workstation costing about $1,000 \(in 1990\) and widely available)awidthshow
133 90 gm
0.26153 0. 32 0.02615 0.(public domain software, anybody with access to the LAN \(such as Ethernet or Token)awidthshow
149 90 gm
2.26577 0. 32 0.22657 0.(Ring\) can monitor the traffic, search for sequences such as ")awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.74740 0.(Username:)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
2.27340 0. 32 0.22734 0.(" and)awidthshow
165 90 gm
0.13363 0.(")ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.15568 0.(Password:)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.55038 0. 32 0.05503 0.(" on virtual terminal connections, record the responses to these prompts,)awidthshow
181 90 gm
-0.11349 0.(and later log in a service under a false identity.)ashow
213 90 gm
0.32043 0. 32 0.03204 0.(It is easy to imagine more ingenious attacks through a LAN. To protect against these)awidthshow
229 90 gm
0.08102 0. 32 0.00810 0.(threats the IEEE 802.10 work group is standardizing the use of data link level encryp-)awidthshow
245 90 gm
0.00503 0. 32 0.00050 0.(tion in LANs but this work is still at an early stage. In spite of what has been said here)awidthshow
261 90 gm
0.96084 0. 32 0.09608 0.(about the security of LANs, it must be noted that any large network offering good)awidthshow
277 90 gm
0.28198 0. 32 0.02819 0.(connectivity between organizations and countries has to be considered untrusted and,)awidthshow
293 90 gm
-0.05012 0.(on the other hand, a piece of LAN along the route from A to B can be made reasonably)ashow
309 90 gm
-0.06846 0.(secure by using a pair of trusted encryption devices.)ashow
339 90 gm
0.87371 0. 32 0.08737 0.(The question remains, how to protect against the threats coming from the network.)awidthshow
355 90 gm
0.04364 0. 32 0.00436 0.(Should we abandon the possibilities offered by new networking technologies securing)awidthshow
371 90 gm
0.03585 0. 32 0.00358 0.(information systems by isolating them? Obviously not! The most logical solution is to)awidthshow
387 90 gm
0.85449 0. 32 0.08544 0.(reject the idea of networks being secure and build systems in such a way that their)awidthshow
403 90 gm
1.80999 0. 32 0.18099 0.(security does not rely on the security of the network they are built on. Today's)awidthshow
419 90 gm
0.11978 0. 32 0.01197 0.(cryptographic techniques provide us with the tools for building such systems. What is)awidthshow
435 90 gm
0.77514 0. 32 0.07751 0.(needed is significant architectural work in defining and building secure seven-layer)awidthshow
451 90 gm
-0.09228 0.(open systems from the more basic building blocks available today.)ashow
486 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(1.3)ashow
486 126 gm
2.44018 0. 32 0.24401 0.(Need for Security in Open Systems)awidthshow
518 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
2.45437 0. 32 0.24543 0.(Connectivity and security are inherently contradictory requirements. However,)awidthshow
534 90 gm
0.23803 0. 32 0.02380 0.(openness does not mean lack of security but interconnectivity and the ability to inter-)awidthshow
550 90 gm
-0.06326 0.(operate between systems in different organizations and from different manufacturers. It)ashow
566 90 gm
0.10864 0. 32 0.01086 0.(is possible to build open systems with any required level of security. When building a)awidthshow
582 90 gm
0.25253 0. 32 0.02525 0.(distributed information system, it is essential that we be able to define precisely what)awidthshow
598 90 gm
0.30960 0. 32 0.03096 0.(users and end systems are allowed what kind of access to each service and be able to)awidthshow
614 90 gm
0.12939 0. 32 0.01293 0.(enforce this policy in practice. It is also often necessary that we be able to make com-)awidthshow
630 90 gm
-0.12336 0.(mitments electronically \(and confidentially\) and be able to show them true afterwards.)ashow
662 90 gm
0.67581 0. 32 0.06758 0.(Until recently, international standardization has focused on various aspects of inter-)awidthshow
678 90 gm
-0.07263 0.(connecting information systems and making them interoperate with a sufficient level of)ashow
694 90 gm
0.07278 0. 32 0.00727 0.(functionality. One of the major obstacles hindering the proliferation of EDI, and other)awidthshow
710 90 gm
0.12191 0. 32 0.01219 0.(types of inter-corporate utilization of Electronic Data Processing \(EDP\), is the lack of)awidthshow
726 90 gm
0.36880 0. 32 0.03688 0.(security in today's distributed information systems. The basic set-up is that of parties)awidthshow
742 90 gm
0.14038 0. 32 0.01403 0.(with at least some degree of confidence in one-another wishing to securely communi-)awidthshow
758 90 gm
1.02890 0. 32 0.10289 0.(cate through an untrustworthy network. The need for security in open systems has)awidthshow
F T cp
%%Page: ? 10
op
30 28 xl
1 1 pen
45 294 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(7)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.21383 0. 32 0.12138 0.(recently been officially acknowledged on many forums, e.g. in [Com90]. Another)awidthshow
101 90 gm
-0.12023 0.(important recent document on the security of EDI is [TED90b].)ashow
136 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(1.4)ashow
136 126 gm
2.69302 0. 32 0.26930 0.(Standardization of Open Systems Security)awidthshow
168 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.04486 0. 32 0.00448 0.(The ISO )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.08682 0. 32 0.00868 0.(Open Systems Interconnection)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
( \()show
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.01774 0.(OSI)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.07217 0. 32 0.00721 0.(\) reference model [IS7498-1, IS7498/C1,)awidthshow
184 90 gm
0.05447 0. 32 0.00544 0.(X.200] has recently become universally accepted as the basis of open systems. All the)awidthshow
200 90 gm
-0.00221 0.(major manufacturers of computer systems are committed to OSI and some of the most)ashow
216 90 gm
0.10589 0. 32 0.01058 0.(important users, such as the DoD, have based their data communications strategies on)awidthshow
232 90 gm
-0.04008 0.(it. Despite its serious shortcomings, which will be discussed later in this study, the OSI)ashow
248 90 gm
0.02319 0. 32 0.00231 0.(reference model is a lot better than no commonly agreed on reference model at all and)awidthshow
264 90 gm
-0.08654 0.(we shall be forced to live with it.)ashow
296 90 gm
-0.01463 0.(From the beginning OSI has concentrated on interoperability leaving management and)ashow
312 90 gm
-0.07112 0.(security issues with little attention. The OSI model was later extended with connection-)ashow
328 90 gm
-0.00672 0.(less-mode communications, security, naming and addressing, and management, which)ashow
344 90 gm
3.11492 0. 32 0.31149 0.(were added to the OSI model as its later parts and addenda [IS7498-2,3,4,)awidthshow
360 90 gm
0.78903 0. 32 0.07890 0.(IS7498/A1,A2]. Unfortunately these extensions are still not nearly as mature as the)awidthshow
376 90 gm
-0.10337 0.(basic OSI reference model.)ashow
408 90 gm
0.65460 0. 32 0.06546 0.(The OSI Security Architecture [IS7498-2] addresses security by listing a number of)awidthshow
424 90 gm
0.03768 0. 32 0.00376 0.(security threats and defining a number of )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.06423 0. 32 0.00642 0.(Security Services)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.03265 0. 32 0.00326 0.( \(or more properly )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.01182 0.(Security)ashow
440 90 gm
0.04971 0.(Functions)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.17318 0. 32 0.01731 0.(, see 3.1\) and mechanisms to protect against these threats. The threat model)awidthshow
456 90 gm
0.19439 0. 32 0.01943 0.(assumed in this work is that of [IS7498-2]. The addendum defines possible places for)awidthshow
472 90 gm
0.08758 0. 32 0.00875 0.(these services and mechanisms in the seven layers of OSI but still leaves a lot of open)awidthshow
488 90 gm
-0.06835 0.(ends. Similar work has been carried out in ECMA [ECM88, ECM89].)ashow
520 90 gm
-0.13056 0.(Among the shortcomings of the OSI Security Architecture are the following:)ashow
552 90 gm
(-)show
552 126 gm
0.88088 0. 32 0.08808 0.(Most services can be placed at any one of a number of layers \(especially at)awidthshow
568 126 gm
0.13900 0. 32 0.01390 0.(layers 3, 4, 6 and 7\). This freedom needs to be restricted in a way that will not)awidthshow
584 126 gm
-0.10330 0.(affect the overall security of the system.)ashow
616 90 gm
(-)show
616 126 gm
0.76980 0. 32 0.07698 0.(Little, if any, clue is given as to how these services and mechanisms should)awidthshow
632 126 gm
1.41311 0. 32 0.14131 0.(interoperate with the rest of the system. E.g. how they are embedded into)awidthshow
648 126 gm
0.37887 0. 32 0.03788 0.(existing services and protocols, how their use is negotiated, and how they are)awidthshow
664 126 gm
-0.14515 0.(activated.)ashow
696 90 gm
(-)show
696 126 gm
1.01379 0. 32 0.10137 0.(Security-wise, the end system needs to be considered as a whole. From the)awidthshow
712 126 gm
-0.03811 0.(user's point of view the security of the service provided by the entire communi-)ashow
728 126 gm
0.02197 0. 32 0.00219 0.(cations system, not that provided by each layer, is essential. In this respect, the)awidthshow
F T cp
%%Page: ? 11
op
30 28 xl
1 1 pen
45 294 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(8)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
85 126 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.04078 0.(layers are strongly interdependent. Clearly, an integrated view on open systems)ashow
101 126 gm
-0.03503 0.(security is wanted.)ashow
133 90 gm
-0.07000 0.(An overview of the standardization of open systems security is given in [CEN90].)ashow
165 90 gm
1.00128 0. 32 0.10012 0.(The OSI model defines only a framework for the standardization of open systems.)awidthshow
181 90 gm
1.08963 0. 32 0.10896 0.(Numerous other OSI standards standards define services and protocols for various)awidthshow
197 90 gm
-0.05699 0.(layers of OSI. Standardization of actual Open Systems can be seen as consisting of two)ashow
213 90 gm
0.16896 0.(phases.)ashow
245 90 gm
0.34790 0. 32 0.03479 0.(First, the need for standardizing some functional entity, such as message handling, is)awidthshow
261 90 gm
0.02395 0. 32 0.00239 0.(realized. This standardization leads into a number of standards, in the case of message)awidthshow
277 90 gm
1.64840 0. 32 0.16484 0.(handling the X.400-series recommendations of the CCITT. However, these )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.53469 0.(base)ashow
293 90 gm
-0.11387 0.(standards)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.10046 0.( often include parallel, alternative or optional features included in the standard)ashow
309 90 gm
0.42266 0. 32 0.04226 0.(as a compromise between various parties. In various countries and by various manu-)awidthshow
325 90 gm
1.76971 0. 32 0.17697 0.(facturers different functional groups and subsets of these standards are adopted.)awidthshow
341 90 gm
0.94665 0. 32 0.09466 0.(Therefore, compliance with the standards does not alone guarantee interoperability)awidthshow
357 90 gm
1.60949 0. 32 0.16094 0.(between two end systems. This was first seen in practice with the public packet)awidthshow
373 90 gm
0.36468 0. 32 0.03646 0.(networks of the type X.25, where interfaces to the network still vary from country to)awidthshow
389 90 gm
0.88058 0. 32 0.08805 0.(country and teleoperator to teleoperator, even though these networks nowadays are)awidthshow
405 90 gm
-0.12846 0.(globally interconnected.)ashow
437 90 gm
0.13946 0. 32 0.01394 0.(In the second phase, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.27999 0. 32 0.02799 0.(functional standards)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.06774 0. 32 0.00677 0.( \(or )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.03887 0.(profiles)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.15792 0. 32 0.01579 0.(\), referring to the base standards)awidthshow
453 90 gm
0.02166 0. 32 0.00216 0.(and specifying in detail the functional groups, functions, options, PDU sizes etc. used,)awidthshow
469 90 gm
0.29159 0. 32 0.02915 0.(are defined. The purpose of OSI profiles is to define how various OSI base standards)awidthshow
485 90 gm
-0.06240 0.(are to be used in specific, real contexts to implement systems capable of interoperating.)ashow
501 90 gm
0.05935 0. 32 0.00593 0.(When true interoperability between systems by various vendors \(which is the ultimate)awidthshow
517 90 gm
0.51223 0. 32 0.05122 0.(goal of the whole OSI philosophy\) is required, it is usually better to refer to profiles)awidthshow
533 90 gm
0.68237 0. 32 0.06823 0.(and require that the systems comply with them than refer to the base standards. For)awidthshow
549 90 gm
0.89920 0. 32 0.08992 0.(example, if a message handling system is guaranteed to comply with the European)awidthshow
565 90 gm
0.54000 0. 32 0.05400 0.(MHS profiles \(CEPT A/311 and CEN/CENELEC A/3211\) it either will interoperate)awidthshow
581 90 gm
-0.08694 0.(with other similar products or one of the vendors can be pointed to be at fault.)ashow
613 90 gm
0.29754 0. 32 0.02975 0.(In OSI standardization defining communications profiles for various applications has)awidthshow
629 90 gm
0.07095 0. 32 0.00709 0.(recently become perhaps the most important area of activity. A new type of document)awidthshow
645 90 gm
0.65994 0. 32 0.06599 0.(called the )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.27517 0. 32 0.12751 0.(International Standardized Profile)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.86898 0. 32 0.08689 0.( has been created \(see [IS10000-1,2]\).)awidthshow
661 90 gm
-0.00942 0.(However, it is only after )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.00965 0.(Security Profiles)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.00953 0.(, defining in detail the security functions and)ashow
677 90 gm
0.18341 0. 32 0.01834 0.(mechanisms of complete seven-layer protocol stacks and their use, have been defined)awidthshow
693 90 gm
-0.10702 0.(that truly open secure systems can be implemented.)ashow
725 90 gm
-0.04426 0.(I claim that defining Security Profiles will prove to be a major step on the way towards)ashow
741 90 gm
0.07095 0. 32 0.00709 0.(secure open systems. The suggested profile for FTAM \(depicted in figure 7-1\) as well)awidthshow
757 90 gm
-0.10531 0.(as the results presented in chapter 4 are among the first attempts to this direction.)ashow
F T cp
%%Page: ? 12
op
30 28 xl
1 1 pen
45 294 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(9)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
104 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(1.5)ashow
104 126 gm
2.11761 0. 32 0.21176 0.(The Motivation and Goal of This Work)awidthshow
136 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.23849 0. 32 0.02384 0.(It is seen that definitions and actual implementations of secure open systems are vital)awidthshow
152 90 gm
-0.01348 0.(for the future of information networks. Extensive research has been done \(and is being)ashow
168 90 gm
0.08941 0. 32 0.00894 0.(done\) in the area of cryptology resulting in usable cryptographic mechanisms, such as)awidthshow
184 90 gm
0.02746 0. 32 0.00274 0.(symmetric and asymmetric cryptosystems, hash functions, and signature and authenti-)awidthshow
200 90 gm
1.60446 0. 32 0.16044 0.(cation schemes. Also, the OSI reference model [IS7498-1] has been extended to)awidthshow
216 90 gm
0.73806 0. 32 0.07380 0.(include a security framework [IS7498-2]. The increasing activity in ISO in security)awidthshow
232 90 gm
1.44348 0. 32 0.14434 0.(architectures is demonstrated by a number of new standards in this area, such as)awidthshow
248 90 gm
0.08895 0. 32 0.00889 0.([ISO90c] and [IS10181-1].)awidthshow
280 90 gm
0.51162 0. 32 0.05116 0.(However, little work has still been done between these two extremes on the abstrac-)awidthshow
296 90 gm
-0.04698 0.(tional scale. The OSI reference model is on a very high level of abstraction, offering us)ashow
312 90 gm
-0.10153 0.(a conceptual framework but little guidance for building real systems. On the other hand,)ashow
328 90 gm
0.94345 0. 32 0.09434 0.(most of the work done in the field of cryptology concentrates on the mathematical)awidthshow
344 90 gm
-0.08384 0.(properties of individual cryptosystems. At most, authentication protocols and such have)ashow
360 90 gm
-0.02130 0.(been analyzed with no regard to their position in the OSI model and relation to the rest)ashow
376 90 gm
0.80322 0. 32 0.08032 0.(of the open system. One of the first mentions of these two, often disjoint, tracks of)awidthshow
392 90 gm
1.84539 0. 32 0.18453 0.(development is found in [MM83]. The final report of the COST-11 Ter project)awidthshow
408 90 gm
2.05337 0. 32 0.20533 0.([COS90] \(chaired by S. Muftic\), which is soon coming out, is among the first)awidthshow
424 90 gm
-0.08998 0.(publications in the area of architectures for secure open systems.)ashow
456 90 gm
-0.09069 0.(There is an urgent need for work combining these two main lines of research in the area)ashow
472 90 gm
-0.00593 0.(of secure communications. Starting from the general models and frameworks, security)ashow
488 90 gm
1.34658 0. 32 0.13465 0.(functions, services and mechanisms need to be put in their proper places in open)awidthshow
504 90 gm
-0.03736 0.(systems. They need to be embedded into the existing protocols and services, interfaced)ashow
520 90 gm
0.20263 0. 32 0.02026 0.(with management etc. Finally, appropriate cryptosystems need to be adopted to fill in)awidthshow
536 90 gm
0.71762 0. 32 0.07176 0.(the missing parts. As a result of this work, justified, implementable solutions to the)awidthshow
552 90 gm
-0.02958 0.(security problems of open systems now exist.)ashow
584 90 gm
-0.03146 0.(This work combines the current knowledge of open systems, the OSI framework, open)ashow
600 90 gm
0.70327 0. 32 0.07032 0.(systems management, actual communications protocols, the available cryptographic)awidthshow
616 90 gm
-0.07186 0.(functions, and their implementation, coming up with an architecture for building secure)ashow
632 90 gm
0.74798 0. 32 0.07479 0.(open systems. Because this work aims at actual working implementations of secure)awidthshow
648 90 gm
-0.07513 0.(open systems, implementational issues will be kept in mind throughout the study.)ashow
680 90 gm
-0.03713 0.(This study is written for the OSI-oriented reader involved in research and development)ashow
696 90 gm
-0.03361 0.(of secure open systems. The OSI reference model is used as a guideline, even though a)ashow
712 90 gm
0.01876 0. 32 0.00187 0.(critical view is kept on it. Based on the reasoning given in chapter 3, it can be claimed)awidthshow
728 90 gm
0.44815 0. 32 0.04481 0.(that security should be an integral part of the service provided by the OSI world and)awidthshow
744 90 gm
0.85830 0. 32 0.08583 0.(embedded into the layers of OSI, rather than something designed and implemented)awidthshow
F T cp
%%Page: ? 13
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(10)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.04812 0. 32 0.10481 0.(from scratch for each application using the services of OSI. This work is not very)awidthshow
101 90 gm
0.06027 0. 32 0.00602 0.(closely tied to the OSI model which is merely used as a frame of reference. In fact the)awidthshow
117 90 gm
0.30044 0. 32 0.03004 0.(results obtained here can be directly applied to virtually any layered communications)awidthshow
133 90 gm
1.46087 0. 32 0.14608 0.(architecture, such as the DoD Internet Protocol Suite or IBM's System Networks)awidthshow
149 90 gm
-0.10777 0.(Architecture \(SNA\).)ashow
181 90 gm
-0.08905 0.(The mathematical properties of protocols as well as mathematical cryptology have been)ashow
197 90 gm
-0.07373 0.(areas of theoretical research for a long time. There are certain well known requirements)ashow
213 90 gm
-0.02960 0.(that can be posed to any telecommunications protocol, such as: completeness, fairness,)ashow
229 90 gm
0.92651 0. 32 0.09265 0.(and freedom of dead-locks. Also cryptology has been an area of formal theoretical)awidthshow
245 90 gm
0.53985 0. 32 0.05398 0.(study ever since Shannon published his now classical paper breaking new ground in)awidthshow
261 90 gm
0.47958 0. 32 0.04795 0.(1949 [Sha49]. Some of these aspects are discussed in some classical papers \(such as)awidthshow
277 90 gm
0.03234 0. 32 0.00323 0.([NS78], [DS81] and [NS89]\). However, so far a list of the properties of "good" secure)awidthshow
293 90 gm
-0.07330 0.(protocols have not been defined.)ashow
325 90 gm
0.55770 0. 32 0.05577 0.(The main goals of this work are to create an architectural framework integrating the)awidthshow
341 90 gm
0.67520 0. 32 0.06752 0.(security functions and mechanisms into the the OSI reference model and to analyze)awidthshow
357 90 gm
0.87921 0. 32 0.08792 0.(various security functions and mechanisms with respect to this framework. Several)awidthshow
373 90 gm
0.56228 0. 32 0.05622 0.(new concepts, such as )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.93078 0. 32 0.09307 0.(security context)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.29861 0. 32 0.02986 0.( and )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.89813 0. 32 0.08981 0.(security profile)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.60134 0. 32 0.06013 0.(, are introduced and used)awidthshow
389 90 gm
1.04461 0. 32 0.10446 0.(successfully in analyzing the security requirements of open systems and designing)awidthshow
405 90 gm
-0.01760 0.(solutions for them.)ashow
437 90 gm
-0.05242 0.(This work gives the guidelines for an entire new research area at the boundary between)ashow
453 90 gm
0.76385 0. 32 0.07638 0.(theoretical protocol research and cryptology, which so far has been virgin soil. The)awidthshow
469 90 gm
-0.04750 0.(importance of this area is demonstrated by the fact, that in this study alone a number of)ashow
485 90 gm
0.35476 0. 32 0.03547 0.(new research topics are pointed out and a number of problems, until now completely)awidthshow
501 90 gm
-0.09609 0.(unrecognized, are formulated and brought within the reach of theoretical study.)ashow
533 90 gm
0.29556 0. 32 0.02955 0.(In chapter 2, the scope of this work and the model of the world this work is based on)awidthshow
549 90 gm
-0.05679 0.(are defined.)ashow
581 90 gm
0.96923 0. 32 0.09692 0.(In chapter 3, a formal security model is defined, which is then used as a guideline)awidthshow
597 90 gm
1.41494 0. 32 0.14149 0.(throughout this work. Also the security requirements of real sample applications,)awidthshow
613 90 gm
-0.00956 0.(representing a wide scope of applications, are studied and security functions needed to)ashow
629 90 gm
0.14678 0. 32 0.01467 0.(fulfill these requirements are found. Some general considerations on the placement of)awidthshow
645 90 gm
-0.07771 0.(these functions in the layers of OSI are presented.)ashow
677 90 gm
-0.06809 0.(In chapter 4, the security functions are placed into the layer of OSI based on the criteria)ashow
693 90 gm
-0.02600 0.(set in chapter 3. Mechanisms for implementing these functions are found, based on the)ashow
709 90 gm
-0.07672 0.(analysis presented in the appendix.)ashow
741 90 gm
0.22750 0. 32 0.02275 0.(In chapter 5, management issues associated with the secure OSI stack sketched in the)awidthshow
757 90 gm
-0.05940 0.(previous chapter are discussed. Methods for the activation and negotiation of the use of)ashow
F T cp
%%Page: ? 14
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(11)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.00624 0.(these security functions and mechanisms are found. Key management, which is one of)ashow
101 90 gm
-0.06140 0.(the most important issues in any large, secure system, are also dealt with.)ashow
133 90 gm
0.55465 0. 32 0.05546 0.(In chapter 6, implementational issues are discussed. We aim at solutions that can be)awidthshow
149 90 gm
0.10452 0. 32 0.01045 0.(implemented with reasonable modifications to the existing open systems implementa-)awidthshow
165 90 gm
0.07629 0. 32 0.00762 0.(tions. In this chapter we have a look at some existing OSI implementations, the use of)awidthshow
181 90 gm
0.35690 0. 32 0.03569 0.(software and hardware, and existing cryptosystems that can be used in implementing)awidthshow
197 90 gm
-0.08338 0.(the mechanisms sketched in chapters 4 and 5.)ashow
229 90 gm
0.28121 0. 32 0.02812 0.(In chapter 7, the results of this work are applied to a real case. A subset of the secure)awidthshow
245 90 gm
0.29129 0. 32 0.02912 0.(OSI protocol stack is used in building a secure FTAM system, based on existing OSI)awidthshow
261 90 gm
-0.13218 0.(implementations.)ashow
293 90 gm
1.17111 0. 32 0.11711 0.(In chapter 8, a short overview of this work is given, the results are evaluated and)awidthshow
309 90 gm
-0.08239 0.(directions for further research are pointed out.)ashow
341 90 gm
0.82794 0. 32 0.08279 0.(In the appendix, security mechanisms which can be used to implement the security)awidthshow
357 90 gm
0.02197 0. 32 0.00219 0.(functions of chapter 3 are studied. Some areas of interest to this work, which are more)awidthshow
373 90 gm
-0.06021 0.(or less tutorial in nature and are clearly outside the core of this work, are also discussed)ashow
389 90 gm
0.08866 0.(here.)ashow
F T cp
%%Page: ? 15
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(12)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
110 90 gm
1 fs
18 fz
bu fc
2 F /|______Times-Bold fnt
bn
(2)show
110 126 gm
2.41607 0. 32 0.24160 0.(The Basis and Scope of This Work)awidthshow
146 90 gm
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(2.1)ashow
146 126 gm
2.55279 0. 32 0.25527 0.(The Basic Model)awidthshow
178 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.11322 0. 32 0.01132 0.(For the purposes of this work the world is divided into four parts as depicted in figure)awidthshow
194 90 gm
-0.07225 0.(2-1 below:)ashow
226 90 gm
(-)show
226 126 gm
0.50201 0. 32 0.05020 0.(The communicating )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.63400 0. 32 0.06340 0.(application instances)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.33523 0. 32 0.03352 0.(, consisting of the user \(or service\),)awidthshow
242 126 gm
0.74768 0. 32 0.07476 0.(the application process serving it, and the part of the OSI stack dedicated to)awidthshow
258 126 gm
0.11413 0. 32 0.01141 0.(serving this application process, running on )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.15319 0. 32 0.01531 0.(end systems)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.10040 0. 32 0.01004 0.( which are assumed to)awidthshow
274 126 gm
-0.07518 0.(be trustworthy and physically protected.)ashow
306 90 gm
(-)show
306 126 gm
-0.06846 0.(An untrusted )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.07095 0.(network )ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.06884 0.(interconnecting the end systems.)ashow
338 90 gm
(-)show
338 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
3.98452 0. 32 0.39845 0.(Trusted functionality)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
2.25479 0. 32 0.22547 0.( residing beyond the network. At least an off-line)awidthshow
354 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.09808 0. 32 0.20980 0.(Certification Authority)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.11694 0. 32 0.11169 0.( \(which need not be connected to the network\) and,)awidthshow
370 126 gm
-0.04808 0.(optionally, a trusted on-line )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.05220 0.(Security Server)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(.)show
402 90 gm
(-)show
402 126 gm
0.15625 0. 32 0.01562 0.(The )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.27099 0. 32 0.02709 0.(outer world)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.23010 0. 32 0.02301 0.(, including enemies attacking the interconnected end systems,)awidthshow
418 126 gm
-0.07597 0.(both through the network and directly at the end systems.)ashow
0 0 gm
(nc 437 141 713 452 6 rc)kp
64 gr
437 141 713 452 1 rc
585 351 gm
0 gr
552 417 lin
553 181 gm
579 236 lin
619 381 gm
609 350 lin
psb
pse
nc ct 39 0 put
574 355 gm
bp
554 349 T qi
548 327 qc
544 298 qc
557 277 qc
552 263 qc
553 247 qc
562 230 qc
580 224 qc
590 233 qc
596 217 qc
612 218 qc
623 230 qc
637 234 qc
644 263 qc
637 291 qc
642 312 qc
635 335 qc
632 356 qc
606 357 qc
597 368 qc
574 362 qc
573 356 qc
573 356 qc
574 355 62 gr
T qq
0.969  60 45 {dup mul exch dup mul add 1.0 exch sub }setscreen setgray
qf
ef
0 gr
7 ec
(nc 437 141 713 452 6 rc)kp
321 358 276 311 th
614 273 gm
1 setTxMode
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.14756 0.(untrusted )ashow
624 277 gm
0.17138 0 rmoveto
(network)show
tu
64 gr
440 147 556 212 1 rc
2 2 pen
0 gr
441 148 555 211 0 rc
64 gr
502 158 548 201 1 rc
1 1 pen
0 gr
502.5 158.5 547.5 200.5 0 rc
516 159 gm
516 200 lin
526 159 gm
526 200 lin
537 159 gm
537 200 lin
ts
515 177 gm
1 setTxMode
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(7)show
tu
ts
525 177 gm
(6)show
tu
ts
535 177 gm
(5)show
tu
ts
544 177 gm
(4)show
tu
479 179 gm
0 gr
485 179 lin
485.5 156.5 505.5 203.5 0 ov
64 gr
453 165 483 195 1 ov
0 gr
453.5 165.5 482.5 194.5 0 ov
466.5 170.5 476.5 188.5 0 90 0 ar
466.5 171.5 476.5 188.5 90 180 0 ar
nc ct 39 0 put
464 180 gm
pt
471 177 pl
471 182 pl
464 180 pl
ef
eu
(nc 437 141 713 452 6 rc)kp
64 gr
464 184 466 187 1 ov
0 gr
464.5 184.5 465.5 186.5 0 ov
64 gr
464 173 466 177 1 ov
0 gr
464.5 173.5 465.5 176.5 0 ov
ts
451 171 gm
0.00683 0 rmoveto
1 setTxMode
(user)show
tu
ts
496 163 gm
2.00708 0 rmoveto
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(application)show
tu
ts
580 152 gm
0.68017 0 rmoveto
2 fs
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
(end system A)show
tu
0 gr
pr
518 212 pl
514 225 pl
521 225 pl
518 212 pl
1 ep
pr
518 380 pl
521 367 pl
514 367 pl
518 380 pl
1 ep
2 2 pen
517 366 gm
517 224 lin
ts
502 250 gm
1 setTxMode
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.14770 0.(secure communications)ashow
513 237 gm
-0.15248 0.(between application instances)ashow
tu
64 gr
661 257 711 328 1 rc
0 gr
662 258 710 327 0 rc
ts
673 278 gm
1 setTxMode
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.18974 0.(trusted )ashow
684 270 gm
-0.26620 0.(third party)ashow
694 264 gm
-0.23716 0.(\(Certification )ashow
704 271 gm
-0.03536 0.(Authority\))ashow
tu
64 gr
566 277 596 308 1 ov
1 1 pen
0 gr
566.5 277.5 595.5 307.5 0 ov
nc ct 39 0 put
576 292 gm
pt
585 290 pl
585 295 pl
576 292 pl
ef
eu
(nc 437 141 713 452 6 rc)kp
64 gr
576 296 579 299 1 ov
0 gr
576.5 296.5 578.5 298.5 0 ov
64 gr
576 285 579 289 1 ov
0 gr
576.5 285.5 578.5 288.5 0 ov
psb
pse
nc ct 39 0 put
qf
581 309 gm
pt
581 275 pl
601 292 pl
581 309 pl
ef
eu
(nc 437 141 713 452 6 rc)kp
pr
464 357 pl
470 349 pl
465 347 pl
464 357 pl
1 ep
467 348 gm
471 336 lin
nc ct 39 0 put
pt
463 336 pl
469 320 pl
ef
eu
(nc 437 141 713 452 6 rc)kp
pr
464 242 pl
464 252 pl
470 250 pl
464 242 pl
1 ep
466 250 gm
471 263 lin
nc ct 39 0 put
pt
463 263 pl
469 280 pl
ef
eu
(nc 437 141 713 452 6 rc)kp
ts
448 285 gm
1 setTxMode
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.21896 0.(enemies)ashow
tu
64 gr
452 286 483 316 1 ov
0 gr
452.5 286.5 482.5 315.5 0 ov
nc ct 39 0 put
464 302 gm
pt
472 299 pl
472 304 pl
464 302 pl
ef
eu
(nc 437 141 713 452 6 rc)kp
64 gr
463 304 465 308 1 ov
0 gr
463.5 304.5 464.5 307.5 0 ov
64 gr
463 294 465 297 1 ov
0 gr
463.5 294.5 464.5 296.5 0 ov
psb
pse
nc ct 39 0 put
qf
468 318 gm
pt
468 284 pl
489 302 pl
468 318 pl
ef
eu
(nc 437 141 713 452 6 rc)kp
64 gr
611 380 641 410 1 ov
0 gr
611.5 380.5 640.5 409.5 0 ov
nc ct 39 0 put
621 395 gm
pt
630 392 pl
630 397 pl
621 395 pl
ef
eu
(nc 437 141 713 452 6 rc)kp
64 gr
621 398 624 402 1 ov
0 gr
621.5 398.5 623.5 401.5 0 ov
64 gr
621 388 624 391 1 ov
0 gr
621.5 388.5 623.5 390.5 0 ov
psb
pse
nc ct 39 0 put
qf
625 411 gm
pt
625 377 pl
646 395 pl
625 411 pl
ef
eu
(nc 437 141 713 452 6 rc)kp
ts
580 386 gm
0.68017 0 rmoveto
1 setTxMode
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
(end system B)show
tu
64 gr
440 381 556 446 1 rc
2 2 pen
0 gr
441 382 555 445 0 rc
64 gr
502 392 548 435 1 rc
1 1 pen
0 gr
502.5 392.5 547.5 434.5 0 rc
516 392 gm
516 433 lin
526 392 gm
526 433 lin
537 392 gm
537 433 lin
ts
515 410 gm
1 setTxMode
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(7)show
tu
ts
525 410 gm
(6)show
tu
ts
535 410 gm
(5)show
tu
ts
544 410 gm
(4)show
tu
479 413 gm
0 gr
485 413 lin
485.5 389.5 505.5 435.5 0 ov
ts
496 396 gm
2.00708 0 rmoveto
1 setTxMode
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(application)show
tu
ts
451 398 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.16207 0.(service)ashow
tu
64 gr
456 398 482 428 20.5 20.5 1 rr
0 gr
456.5 398.5 481.5 427.5 20.5 20.5 0 rr
ts
541 254 gm
1 setTxMode
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.26579 0.(application instances)ashow
tu
1 2 lw
537 351 gm
0 gr
520 388 lin
1 1 lw
0 0 pen
520 388 lin
1 2 lw
1 1 pen
537 244 gm
520 205 lin
1 1 lw
0 0 pen
520 205 lin
1 1 pen
742 90 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
-0.26438 0.(Figure 2-1:)ashow
742 162 gm
2.11746 0. 32 0.21174 0.(Model of the world: application instances at trusted end systems)awidthshow
758 162 gm
-0.10531 0.(communicating securely across an untrusted network.)ashow
F T cp
%%Page: ? 16
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(13)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.06373 0.(This work is based on the following ideas:)ashow
133 90 gm
(-)show
133 126 gm
2.00958 0. 32 0.20095 0.(The client-server model. The network is seen as interconnecting various)awidthshow
149 126 gm
1.30905 0. 32 0.13090 0.(services and their users. This model is commonly accepted as the basis of)awidthshow
165 126 gm
-0.06892 0.(modern distributed information systems.)ashow
197 90 gm
(-)show
197 126 gm
1.65481 0. 32 0.16548 0.(Openness and globalness. It is seen that the value of various information)awidthshow
213 126 gm
-0.05262 0.(services is directly proportional to their geographic coverage and the number of)ashow
229 126 gm
1.71630 0. 32 0.17163 0.(users that can reach them. It is essential that these services can be made)awidthshow
245 126 gm
-0.09526 0.(accessible across organizational and geographic boundaries.)ashow
277 90 gm
(-)show
277 126 gm
1.40533 0. 32 0.14053 0.(The necessity of security in open systems. For these global services to be)awidthshow
293 126 gm
1.09832 0. 32 0.10983 0.(valuable in real life, it is necessary that they can be used securely and that)awidthshow
309 126 gm
-0.17318 0.(commitments can be made electronically.)ashow
341 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(2.1.1)ashow
341 126 gm
2.76458 0. 32 0.27645 0.(End Systems and Application Instances)awidthshow
373 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.10475 0.(The )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.10021 0.(end systems)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.09495 0.( are computers hosting applications and interconnected via an untrusted)ashow
389 90 gm
0.00671 0. 32 0.00067 0.(network \(see figure 2-1\). In this study, the end systems, including their local terminals)awidthshow
405 90 gm
0.44387 0. 32 0.04438 0.(and applications running on them, are considered trustworthy by their owners. How-)awidthshow
421 90 gm
0.32058 0. 32 0.03205 0.(ever, a user does not trust other users of the same end system nor do the end systems)awidthshow
437 90 gm
0.13046 0. 32 0.01304 0.(trust one another, unless otherwise stated. Furthermore, a user does not trust a foreign)awidthshow
453 90 gm
-0.01206 0.(end system, such as a vending machine, he is using.)ashow
485 90 gm
0.60379 0. 32 0.06037 0.(Physical and local security of end systems have been widely studied and techniques)awidthshow
501 90 gm
0.88088 0. 32 0.08808 0.(have been developed for ensuring them. Lots of work has been done in the area of)awidthshow
517 90 gm
-0.06314 0.(securing the end-systems and it will not be dealt with in this study. A short overview of)ashow
533 90 gm
-0.05050 0.(work already done in this area follows.)ashow
565 90 gm
0.24780 0. 32 0.02478 0.(Multi-level security models, such as the Bell-la Padula model [BP74] introducing the)awidthshow
581 90 gm
-0.00997 0.(concept of )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.00965 0.(security classes)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.01026 0.( extended by Biba [Bib77] with )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.00941 0.(integrity classes)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.01118 0.(, have been)ashow
597 90 gm
0.92102 0. 32 0.09210 0.(developed for formalizing and implementing security policies. A brief summary of)awidthshow
613 90 gm
-0.08329 0.(security policies and models is presented in appendix 4.)ashow
645 90 gm
0.81771 0. 32 0.08177 0.(When this study was already written I received a preprint copy of Rainer Rueppels)awidthshow
661 90 gm
0.42663 0. 32 0.04266 0.(paper )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.54199 0. 32 0.05419 0.(A Formal Approach to Security Architectures)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.39062 0. 32 0.03906 0.(  to be presented in Eurocrypt'91)awidthshow
677 90 gm
-0.04484 0.([Rue90] \(dated Dec. 17, 1990\). This paper appears to constitute a fundamental piece of)ashow
693 90 gm
0.00762 0. 32 0.00076 0.(work in the area of formalizing the design and analysis of secure information systems.)awidthshow
709 90 gm
0.00808 0. 32 0.00080 0.(The formalism developed could probably be adapted to the formal analysis of security)awidthshow
725 90 gm
-0.07878 0.(contexts and secure communications sketched in section 3.4.)ashow
F T cp
%%Page: ? 17
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(14)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.06835 0.(In the )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.08033 0.(Trusted Computer System Evaluation Criteria)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.05458 0.( \()ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.11241 0.(TCSEC)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.08169 0.(\) of the US Department of)ashow
117 90 gm
1.48529 0. 32 0.14852 0.(Defense \(DoD\) [DoD85], also known as the "Orange Book", computer operating)awidthshow
133 90 gm
1.27990 0. 32 0.12799 0.(systems are divided into seven security classes \(A1 through D\) grouped into four)awidthshow
149 90 gm
1.32308 0. 32 0.13230 0.(divisions. The criteria and procedures for evaluating computer operating systems,)awidthshow
165 90 gm
-0.07752 0.(covering the aspects of Security Policy, Accountability, Assurance and Documentation,)ashow
181 90 gm
-0.03781 0.(are defined. However, telecommunications are not included in this evaluation. As soon)ashow
197 90 gm
0.88470 0. 32 0.08847 0.(as a computer is connected to an untrusted network, it in practice loses its security)awidthshow
213 90 gm
0.17608 0. 32 0.01760 0.(clearance. No security requirements or validation procedures are defined for telecom-)awidthshow
229 90 gm
-0.07379 0.(munications subsystems of computer operating systems in the Orange Book.)ashow
261 90 gm
0.03265 0. 32 0.00326 0.(The "Red Book" [NCS87] extends the evaluation criteria of the Orange Book to cover)awidthshow
277 90 gm
-0.01011 0.(computers connected to trusted networks. However, untrusted networks, which are the)ashow
293 90 gm
-0.02752 0.(basis of this study, are outside the scope of the Red Book.)ashow
325 90 gm
0.02120 0. 32 0.00212 0.(The European counterpart of the Orange Book is the )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.03723 0. 32 0.00372 0.(Information Technology Security)awidthshow
341 90 gm
2.25326 0. 32 0.22532 0.(Evaluation Criteria)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.40374 0. 32 0.04037 0.( \()awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.44332 0.(ITSEC)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.44149 0. 32 0.14414 0.(\) [ITS90] defining the harmonized criteria of France,)awidthshow
357 90 gm
0.16540 0. 32 0.01654 0.(Germany, the Netherlands and the United Kingdom \(and probably in the future of the)awidthshow
373 90 gm
0.24139 0. 32 0.02413 0.(European Communities\). In ITSEC six )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.33187 0. 32 0.03318 0.(assurance levels)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.19699 0. 32 0.01969 0.( \(E1 through E6\) are defined,)awidthshow
389 90 gm
-0.07765 0.(indicating increasing degree of trust in the )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.08959 0.(Correctness)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.07929 0.( and )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.08189 0.(Effectiveness)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.08117 0.( of the security)ashow
405 90 gm
0.14526 0. 32 0.01452 0.(functions of a computer system. In addition, ten predefined )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.25573 0. 32 0.02557 0.(Functionality Classes)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.11489 0. 32 0.01148 0.( \(F1)awidthshow
421 90 gm
0.70953 0. 32 0.07095 0.(through F10\) are specified with F1 \(together with E2\) corresponding to the TCSEC)awidthshow
437 90 gm
-0.04367 0.(class C1 and F5 \(together with E6\) corresponding to A1. E0 corresponds to class D.)ashow
469 90 gm
-0.09272 0.(A great deal of practically oriented literature is available on the topic of secure informa-)ashow
485 90 gm
1.01333 0. 32 0.10133 0.(tion systems. For example, [Woo87] gives a rather comprehensive checklist of the)awidthshow
501 90 gm
0.97991 0. 32 0.09799 0.(security controls of an information system  and [Woo90] gives an overview of the)awidthshow
517 90 gm
-0.07450 0.(design principles of a secure information system.)ashow
549 90 gm
0.36529 0. 32 0.03652 0.(In this study, the term )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.81497 0. 32 0.08149 0.(application instance)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.37902 0. 32 0.03790 0.( is used to mean one instance of an appli-)awidthshow
565 90 gm
-0.05665 0.(cation consisting of the user \(or service\), the application process serving it, and the part)ashow
581 90 gm
-0.02131 0.(of the OSI stack dedicated to serving this application process \(namely the OSI layers 4)ashow
597 90 gm
0.42327 0. 32 0.04232 0.(through 7\). Each application instance runs on an end system and communicates with)awidthshow
613 90 gm
-0.02554 0.(other application instances, running on other end systems, via an untrusted network. In)ashow
629 90 gm
-0.04692 0.(this study, an application instance is trusted by its user, unless otherwise stated.)ashow
661 90 gm
0.61935 0. 32 0.06193 0.(It is worth pointing out that the division between the end system and the network is)awidthshow
677 90 gm
-0.07348 0.(somewhat artificial. In fact the end system is a network of circuit boards interconnected)ashow
693 90 gm
1.18591 0. 32 0.11859 0.(via the backplane. Similarly each ciruit board is a network of interconnected chip)awidthshow
709 90 gm
-0.09826 0.(carriers. One chip carrier may contain several chips ponded together. The ultimate com-)ashow
725 90 gm
-0.06265 0.(municatings elements communicating via an untrusted network are the individual chips)ashow
741 90 gm
-0.09277 0.(which can be made physically secure.)ashow
F T cp
%%Page: ? 18
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(15)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.03736 0.(This revelation gives rise to a unified view on security where network and end systems)ashow
117 90 gm
0.22598 0. 32 0.02259 0.(security are no longer treated separately. By adding these lower layers to the network)awidthshow
133 90 gm
1.26846 0. 32 0.12684 0.(hierarchy depicted in figure 1-1 we can view any information system as an inter-)awidthshow
149 90 gm
-0.06962 0.(connections of chips communicating via an untrusted network. Our ultimate goal there-)ashow
165 90 gm
0.14892 0. 32 0.01489 0.(fore is to find the basic elements of security and implement these on each chip. These)awidthshow
181 90 gm
-0.01907 0.(thoughts were brought up in the discussion with D. Farber [Far91].)ashow
213 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(2.1.2)ashow
213 126 gm
0.72627 0.(Network)ashow
245 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.10604 0. 32 0.01060 0.(The )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.03784 0.(network)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.13214 0. 32 0.01321 0.( is an internet, consisting of a number of interconnected networks, whose)awidthshow
261 90 gm
-0.03268 0.(security cannot be guaranteed. The network may \(accidentally or voluntarily\) e.g. lose,)ashow
277 90 gm
0.98556 0. 32 0.09855 0.(duplicate, generate or change messages passing through it. When a trusted, locally)awidthshow
293 90 gm
1.12304 0. 32 0.11230 0.(secure system is connected to a network, a whole new group of threats coming in)awidthshow
309 90 gm
-0.08500 0.(through the network needs to be taken into account.)ashow
341 90 gm
-0.09669 0.(It deserves to be noted that teleoperators are doing their best to guarantee the security of)ashow
357 90 gm
-0.05595 0.(public data networks. Their cablings are physically secured and their cross-connections)ashow
373 90 gm
-0.05653 0.(and active components reside in secure premises and are operated by trusted personnel.)ashow
389 90 gm
0.07431 0. 32 0.00743 0.(In addition, many of the network services offer security enhancements, such as closed)awidthshow
405 90 gm
0.45089 0. 32 0.04508 0.(user groups or authentication of the calling party \(the A-subscriber\). It is also likely,)awidthshow
421 90 gm
1.15249 0. 32 0.11524 0.(that teleoperators will increasingly often employ cryptographic techniques in their)awidthshow
437 90 gm
0.50827 0. 32 0.05082 0.(networks in the near future. However, at least for yet a long time, not all public net-)awidthshow
453 90 gm
-0.02209 0.(works can be trusted. In this study the network is always assumed to be untrustworthy.)ashow
485 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(2.1.3)ashow
485 126 gm
2.65197 0. 32 0.26519 0.(Trusted Parties)awidthshow
517 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.90582 0. 32 0.19058 0.(In order to carry out secure communications we always have to trust someone.)awidthshow
533 90 gm
0.30609 0. 32 0.03060 0.(However, the amount of trusted parties needs to be kept at its minimum. At least one)awidthshow
549 90 gm
0.21575 0. 32 0.02157 0.(trusted )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.36193 0. 32 0.03619 0.(Certification Authority)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.06347 0. 32 0.00634 0.( \()awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.08352 0.(CA)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.17684 0. 32 0.01768 0.(\) is always needed. That is, a third party whom we)awidthshow
565 90 gm
-0.05706 0.(can trust to certify at least the authentication parameters of ourselves and those of other)ashow
581 90 gm
-0.03540 0.(parties and, optionally, to notarize agreements etc. In case of disagreement, this trusted)ashow
597 90 gm
-0.09666 0.(third party can act as an impartial judge \(or witness\).)ashow
629 90 gm
0.95260 0. 32 0.09526 0.(The minimal trusted third party is an off-line Certification Authority certifying the)awidthshow
645 90 gm
0.11108 0. 32 0.01110 0.(public keys of other parties. These certified public keys can then be used for purposes)awidthshow
661 90 gm
-0.04710 0.(of authentication, safe distribution of session keys, ensuring the integrity and confiden-)ashow
677 90 gm
0.42327 0. 32 0.04232 0.(tiality of the transferred data, and non-repudiation. It is worth noting that certificates)awidthshow
693 90 gm
-0.07974 0.(issued by the CA can be distributed through an untrusted channel, such as the Directory)ashow
709 90 gm
-0.07377 0.(Service, without the danger of them being compromised.)ashow
741 90 gm
-0.05482 0.(Even though no trusted on-line server is actually needed \(only a trusted off-line author-)ashow
757 90 gm
0.49697 0. 32 0.04969 0.(ity\), the use of a trusted on-line Security Server for purposes of e.g. Key Generation)awidthshow
F T cp
%%Page: ? 19
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(16)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.80718 0. 32 0.08071 0.(and Distribution, Notarization, Security Logging etc. can often simplify things. For)awidthshow
101 90 gm
-0.04499 0.(example, in [BM90] a security scheme for selling the spare time of a computer to other)ashow
117 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.03195 0.(authorized)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.02940 0.( users is proposed, based on )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.03556 0.(coupons)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.02987 0.(, DES and a trusted )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.03318 0.(broker)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(.)show
149 90 gm
-0.00588 0.(In this study, we try to minimize the number of trusted parties. We expect each user to)ashow
165 90 gm
-0.00265 0.(trust his own CA. We also assume the transitivity of trust, that is we trust the CAs that)ashow
181 90 gm
0.21316 0. 32 0.02131 0.(a CA trusted by us trusts. This makes it possible for the CAs to form global chains of)awidthshow
197 90 gm
0.13438 0.(trust.)ashow
229 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(2.1.4)ashow
229 126 gm
2.13119 0. 32 0.21311 0.(The Outside World)awidthshow
261 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.12054 0. 32 0.01205 0.(The outside world includes )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.03344 0.(enemies)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.09124 0. 32 0.00912 0.( that may have access to the network or to the end)awidthshow
277 90 gm
0.25344 0. 32 0.02534 0.(systems. The three masked villains in figure 2-1 represent enemies attacking the end-)awidthshow
293 90 gm
-0.04115 0.(systems directly, through the network \(a crooked user\), and from within the network \(a)ashow
309 90 gm
-0.09390 0.(crooked teleoperator\). Of these three types of attacks, the latter two are within the scope)ashow
325 90 gm
0.20324 0. 32 0.02032 0.(of this study.)awidthshow
357 90 gm
0.54031 0. 32 0.05403 0.(Possible attacks by enemies through or from within the network include, but are not)awidthshow
373 90 gm
-0.11929 0.(limited to, the following:)ashow
405 90 gm
(-)show
405 126 gm
-0.06576 0.(Masquerade, somebody else trying to impersonate as one of the communicating)ashow
421 126 gm
(parties.)show
453 90 gm
(-)show
453 126 gm
-0.06239 0.(Eavesdropping, unauthorized passive monitoring of traffic.)ashow
485 90 gm
(-)show
485 126 gm
0.49133 0. 32 0.04913 0.(Manipulation of messages between the communicating parties \(e.g. changing)awidthshow
501 126 gm
-0.04917 0.(the sums in banking transactions\).)ashow
533 90 gm
-0.01380 0.(Especially nodes acting as gateways between two networks \(of any kind\) can intercept)ashow
549 90 gm
-0.12100 0.(traffic and launch any kind of active attack towards the integrity of communications.)ashow
584 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(2.2)ashow
584 126 gm
4.08538 0. 32 0.40853 0.(Communications Categories)awidthshow
616 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.51071 0. 32 0.05107 0.(Distributed information services can broadly be divided into two main categories by)awidthshow
632 90 gm
-0.15966 0.(their communications requirements:)ashow
664 90 gm
(-)show
664 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.02880 0.(Connection-oriented services)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.02851 0.(, where an end-to-end connection is built between)ashow
680 126 gm
-0.03712 0.(the two communicating parties. Examples of this category are )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.04078 0.(Virtual Terminal)ashow
696 126 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.16639 0.(\()ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.29173 0.(VT)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.75164 0. 32 0.07516 0.(\) [IS9040, IS9041] and )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.03591 0. 32 0.10359 0.(File Transfer, Access and Management)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.24291 0. 32 0.02429 0.( \()awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.32633 0.(FTAM)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(\))show
712 126 gm
0.23974 0.([IS8571-1,2,4].)ashow
F T cp
%%Page: ? 20
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(17)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(-)show
101 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
3.01406 0. 32 0.30140 0.(Connectionless \(request-reply type\) services)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.75872 0. 32 0.17587 0.(, where a service request is)awidthshow
117 126 gm
-0.03242 0.(generated and sent by the user and a response message is generated and sent by)ashow
133 126 gm
0.23300 0. 32 0.02330 0.(the service provider. For these services it is usually not worth while to build a)awidthshow
149 126 gm
0.21270 0. 32 0.02127 0.(connection at any layer and they are more naturally based on a connectionless)awidthshow
165 126 gm
0.74768 0. 32 0.07476 0.(network and and upper layer services. Examples of this category in the near)awidthshow
181 126 gm
(future will be )show
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
(Directory Access)show
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
( [X.500, IS9594-1] or )show
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.01251 0. 32 0.00125 0.(Remote Database Access)awidthshow
197 126 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.15129 0.(\()ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.29455 0.(RDA)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.80276 0. 32 0.08027 0.(\) [IS9579-1,2]. Connectionless communications at all the layers of the)awidthshow
213 126 gm
-0.09323 0.(OSI model are clearly the most natural basis for this type of services.)ashow
245 90 gm
-0.09045 0.(As a special case of connectionless services, )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.09326 0.( relayed \(store-and-forward type\) services)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
261 90 gm
1.20880 0. 32 0.12088 0.(where no real-time end-to-end communications take place, have to be considered.)awidthshow
277 90 gm
0.52291 0. 32 0.05229 0.(Examples of this category are the Message Handling System [X.400] or file transfer)awidthshow
293 90 gm
-0.11552 0.(through an intermediate file store.)ashow
325 90 gm
-0.01710 0.(The first category is OSI-wise the purest in the sense that the OSI reference model and)ashow
341 90 gm
0.20233 0. 32 0.02023 0.(most of its associated standards were first designed with this kind of communications)awidthshow
357 90 gm
-0.08740 0.(in mind and have later on been extended towards the use of connectionless services.)ashow
389 90 gm
-0.02107 0.(The second category is of increasing importance because it fits well in with the Client-)ashow
405 90 gm
0.00839 0. 32 0.00083 0.(Server Architecture, which seems to be the current trend in information systems. With)awidthshow
421 90 gm
0.67977 0. 32 0.06797 0.(the advent of the Directory Service and Distributed Database Management, the OSI)awidthshow
437 90 gm
-0.01347 0.(standards have been extended towards this direction, e.g. with the definitions of a con-)ashow
453 90 gm
1.74957 0. 32 0.17495 0.(nectionless transport service [IS8072/A1] and protocol [IS8602], session service)awidthshow
469 90 gm
0.99472 0. 32 0.09947 0.([IS8326/A3] and protocol [IS9549], presentation service [IS8822/A1] and protocol)awidthshow
485 90 gm
0.26443 0. 32 0.02644 0.([IS9576], and ACSE service [IS8649/A2] and protocol [IS10035]. [IS9545/A1] deals)awidthshow
501 90 gm
-0.07795 0.(with connectionless operation of the application layer. It is likely, that in the near future)ashow
517 90 gm
1.05911 0. 32 0.10591 0.(both the use of the Directory and Remote Database Management will be based on)awidthshow
533 90 gm
1.09878 0. 32 0.10987 0.(connectionless communications services. At the moment they both still run on the)awidthshow
549 90 gm
0.85815 0. 32 0.08581 0.(Remote Operations Service \(ROS\) of the application layer and connection-oriented)awidthshow
565 90 gm
-0.03648 0.(transport service.)ashow
597 90 gm
1.11404 0. 32 0.11140 0.(Relayed communications are also increasing in importance, mainly because of the)awidthshow
613 90 gm
0.92941 0. 32 0.09294 0.(Message Handling System \(MHS\) [X.400] which is among the first internationally)awidthshow
629 90 gm
2.29431 0. 32 0.22943 0.(standardized open systems of commercial importance. However, from the OSI)awidthshow
645 90 gm
0.63232 0. 32 0.06323 0.(perspective, this kind of service is not pure peer-to-peer communication. In the OSI)awidthshow
661 90 gm
1.48757 0. 32 0.14875 0.(sense, one hop on the path of a message in the MHS, from User Agent \(UA\) or)awidthshow
677 90 gm
0.05722 0. 32 0.00572 0.(Message Store \(MS\) to Message Transfer Agent \(MTA\), from MTA to MTA, or from)awidthshow
693 90 gm
-0.04838 0.(MTA to UA or MS, forms an instance of end-to-end communications in the OSI sense.)ashow
709 90 gm
0.65063 0. 32 0.06506 0.(Between the hops, the message is raised into the domain of applications, stored and)awidthshow
725 90 gm
-0.06546 0.(later passed on. In MHS the lowest layer of real end-to-end communications is the UA-)ashow
741 90 gm
0.07537 0. 32 0.00753 0.(to-UA protocol [X.400] \(also known as P2, see figure 2-2\).)awidthshow
F T cp
%%Page: ? 21
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(18)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01446 0.(Among the most important applications of MHS is Electronic Data Interchange \(EDI\).)ashow
117 90 gm
0.66116 0. 32 0.06611 0.(Basically EDI means the computer-to-computer exchange of information relating to)awidthshow
133 90 gm
0.40161 0. 32 0.04016 0.(trade activities [TED89]. The information is in the form of EDI messages, which are)awidthshow
149 90 gm
0.01129 0. 32 0.00112 0.(structured electronic messages for administrative or commercial purposes. EDI strives)awidthshow
165 90 gm
1.52206 0. 32 0.15220 0.(to automate the bulk exchange of routine data, such as orders and invoices, sent)awidthshow
181 90 gm
1.11755 0. 32 0.11175 0.(between organizations. The use of MHS with EDI is discussed e.g. in [Gen90]. A)awidthshow
197 90 gm
-0.06423 0.(concise introduction to EDI, including legal aspects etc., can be found in [Com89]. The)ashow
213 90 gm
0.50689 0. 32 0.05068 0.(TEDIS Program [TED90a] gives an overview of current European EDI activities. In)awidthshow
229 90 gm
-0.03129 0.([TED90b] a specific and detailed scheme for signing EDIFACT messages is proposed,)ashow
245 90 gm
-0.12030 0.(including technical details and references to real cryptosystems to be employed.)ashow
277 90 gm
0.74615 0. 32 0.07461 0.(In connection with MHS, the secure general-purpose OSI protocol stack \(drafted in)awidthshow
293 90 gm
0.45135 0. 32 0.04513 0.(chapter 4\) can be used to enhance security on connections between the agents \(UAs,)awidthshow
309 90 gm
0.79483 0. 32 0.07948 0.(MSes and MTAs\) of a MHS but these measures alone cannot guarantee end-to-end)awidthshow
325 90 gm
-0.11476 0.(security because the intermediate nodes cannot be trusted.)ashow
357 90 gm
0.02182 0. 32 0.00218 0.(This is analogous to the situation with true end-to-end services, such as FTAM, where)awidthshow
373 90 gm
-0.00186 0.(end-to-end security has to be implemented at layer 4 \(the lowest layer with end-to-end)ashow
389 90 gm
1.5625 0. 32 0.15625 0.(significance\) or above and any security measures at layers 1 through 3 can only)awidthshow
405 90 gm
-0.05850 0.(enhance the security of the total service but not alone guarantee it. In MHS true end-to-)ashow
421 90 gm
0.25146 0. 32 0.02514 0.(end security can only be achieved at the level of P2 \(see figure 2-2\) or higher \(within)awidthshow
437 90 gm
-0.08111 0.(the application process\).)ashow
0 0 pen
413 195 gm
(nc 456 148 659 445 6 rc)kp
62 gr
413 195 lin
0.969  60 45 {dup mul exch dup mul add 1.0 exch sub }setscreen setgray
503 152 654 439 1 ov
2 2 pen
0 gr
503 153 654 439 0 ov
64 gr
541 166 575 210 1 ov
1 2 lw
1 1 pen
0 gr
541.5 166.5 574.5 209.5 0 ov
1 1 lw
0 0 pen
413 195 lin
561 179 gm
1 setTxMode
bu fc
2 F /|______Times-Roman fnt
bn
-0.32623 0.(UA)ashow
64 gr
541 381 575 425 1 ov
1 2 lw
1 1 pen
0 gr
541.5 381.5 574.5 424.5 0 ov
1 1 lw
0 0 pen
564 179 gm
564 179 lin
561 394 gm
1 setTxMode
-0.32623 0.(UA)ashow
64 gr
471 166 505 210 1 ov
1 2 lw
1 1 pen
0 gr
471.5 166.5 504.5 209.5 0 ov
1 1 lw
0 0 pen
564 394 gm
564 394 lin
491 177 gm
0.17529 0 rmoveto
1 setTxMode
(User)show
64 gr
471 381 505 425 1 ov
1 2 lw
1 1 pen
0 gr
471.5 381.5 504.5 424.5 0 ov
1 1 lw
0 0 pen
494 177 gm
494 177 lin
491 392 gm
0.17529 0 rmoveto
1 setTxMode
(User)show
0 gr
475 199 499 223 340 380 1 ar
475 368 499 392 160 200 1 ar
1 1 pen
487 369 gm
487 222 lin
470 266 gm
0.02197 0 rmoveto
1 setTxMode
(User-to-user )show
482 255 gm
-0.15330 0.(Communications)ashow
519 271 gm
1.73437 0 rmoveto
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
(Message)show
534 245 gm
3.36206 0 rmoveto
(Handling System)show
0 gr
545 199 569 223 340 380 1 ar
545 368 569 392 160 200 1 ar
557 369 gm
557 222 lin
553 290 gm
0.16455 0 rmoveto
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(P2)show
0 gr
529 175 553 199 250 290 1 ar
492 175 516 199 70 110 1 ar
515 187 gm
530 187 lin
530 392 554 416 250 290 1 ar
493 392 517 416 70 110 1 ar
516 404 gm
531 404 lin
0 0 pen
60 gr
531 404 lin
0.937  60 45 {dup mul exch dup mul add 1.0 exch sub }setscreen setgray
562 224 649 368 1 ov
1 2 lw
1 1 pen
0 gr
562.5 224.5 648.5 367.5 0 ov
1 1 lw
0 0 pen
531 404 lin
64 gr
574 239 609 283 1 ov
1 2 lw
1 1 pen
0 gr
574.5 239.5 608.5 282.5 0 ov
1 1 lw
0 0 pen
531 404 lin
594 248 gm
1 setTxMode
-0.83007 0.(MTA)ashow
64 gr
574 310 609 354 1 ov
1 2 lw
1 1 pen
0 gr
574.5 310.5 608.5 353.5 0 ov
1 1 lw
0 0 pen
597 248 gm
597 248 lin
594 319 gm
1 setTxMode
-0.83007 0.(MTA)ashow
0 gr
578 271 602 295 340 380 1 ar
578 299 602 323 160 200 1 ar
1 1 pen
590 300 gm
590 294 lin
619 234 gm
1 setTxMode
-0.08819 0.(Message Transfer System)ashow
0 gr
572 229 596 253 182 222 1 ar
557 192 581 216 2 42 1 ar
573 214 gm
579 230 lin
571 339 595 363 318 358 1 ar
556 376 580 400 138 178 1 ar
572 377 gm
578 361 lin
582 290 gm
0.16455 0 rmoveto
1 setTxMode
(P1)show
688 90 gm
(nc 30 28 811 566 6 rc)kp
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.26438 0.(Figure 2-2:)ashow
688 162 gm
0.08697 0. 32 0.00869 0.(Message Handling System.)awidthshow
720 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.05035 0.(In many respects the service provided by an MHS is comparable to that provided by an)ashow
736 90 gm
0.43716 0. 32 0.04371 0.(ISO Internet. From the user's point of view both of these services transfer datagrams)awidthshow
752 90 gm
-0.00964 0.(across a network of interconnected networks the main differences between them being)ashow
F T cp
%%Page: ? 22
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(19)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.70312 0. 32 0.07031 0.(that MHS operates at the application layer whereas Internet operates at the network)awidthshow
101 90 gm
-0.06886 0.(layer and that the Internet is real-time whereas MHS is not. In an internet the delays are)ashow
117 90 gm
-0.02172 0.(typically in the order of milliseconds whereas MHS causes significantly longer delays,)ashow
133 90 gm
-0.07638 0.(typically in the order of minutes or even hours.)ashow
165 90 gm
2.50091 0. 32 0.25009 0.(Therefore, with MHS \(and other relayed services\) we have to include all the)awidthshow
181 90 gm
-0.06874 0.(information needed for Integrity, Confidentiality, and Authentication \(or Non-Repudia-)ashow
197 90 gm
0.15487 0. 32 0.01548 0.(tion of Origin\) within the message. Only Non-repudiation of Delivery should be done)awidthshow
213 90 gm
0.30349 0. 32 0.03034 0.(with a separate acknowledgement message. With connectionless end-to-end services,)awidthshow
229 90 gm
0.26336 0. 32 0.02633 0.(such as the directory, we can exchange messages in real-time and use, for example, a)awidthshow
245 90 gm
-0.04716 0.(two-way handshake mechanism.)ashow
277 90 gm
-0.01678 0.(In this work the analysis of MHS \(and other relayed services\) is restricted to the layers)ashow
293 90 gm
-0.02561 0.(of OSI and the application part of MHS is only briefly dealt with. The general-purpose)ashow
309 90 gm
-0.09506 0.(secure OSI stack drafted in chapter 4 can be used with MHS and it will make it possible)ashow
325 90 gm
-0.11221 0.(for the communicating MHS agents to mutually authenticate and then communicate in a)ashow
341 90 gm
0.56610 0. 32 0.05661 0.(secure manner. However, since the intermediate agents cannot in general be trusted,)awidthshow
357 90 gm
-0.07194 0.(true security in MHS requires Data Origin Authentication, Integrity and Confidentiality)ashow
373 90 gm
0.89202 0. 32 0.08920 0.(to be implemented within the message being transferred. These arrangements are a)awidthshow
389 90 gm
-0.06350 0.(research area in their own right and beyond the scope of this work.)ashow
421 90 gm
0.10269 0. 32 0.01026 0.(Irrespective of the communications category, a basic requirement in secure communi-)awidthshow
437 90 gm
0.11795 0. 32 0.01179 0.(cations is always the support for a common )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.21026 0. 32 0.02102 0.(Security Context)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.12908 0. 32 0.01290 0.( \(defined in 3.1\) between)awidthshow
453 90 gm
-0.00256 0.(the communicating parties. This includes things such as a mutual understanding of the)ashow
469 90 gm
-0.06729 0.(encryption functions, mechanisms and keys used between the communicating parties at)ashow
485 90 gm
1.14929 0. 32 0.11492 0.(a given point in time at all the of layers OSI. Prior agreements as well as various)awidthshow
501 90 gm
1.01776 0. 32 0.10177 0.(management and negotiation mechanisms can be used in establishing this Security)awidthshow
517 90 gm
-0.10406 0.(Context. In real-time communications we can establish the security context by means of)ashow
533 90 gm
-0.11564 0.(negotiation between the communicating parties \(and possibly others\) whereas in relayed)ashow
549 90 gm
0.98709 0. 32 0.09870 0.(services the security context can only be established by means of prior agreement,)awidthshow
565 90 gm
-0.09407 0.(management, and information included in the one-way message.)ashow
600 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(2.3)ashow
600 126 gm
2.18566 0. 32 0.21856 0.(The Scope of This Study)awidthshow
632 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.00732 0. 32 0.00073 0.(This study deals with secure communications between trusted end-systems through an)awidthshow
648 90 gm
-0.05247 0.(untrusted network \(the arrow between the end-systems in figure 2-1\).)ashow
680 90 gm
-0.00573 0.(In order to protect against the threats posed by the untrusted network, secure protocols)ashow
696 90 gm
0.03570 0. 32 0.00357 0.(between these end systems have to be devised. It is also possible, and sometimes even)awidthshow
712 90 gm
1.06292 0. 32 0.10629 0.(necessary, to involve a trusted third party called the security server in these trans-)awidthshow
728 90 gm
(actions.)show
F T cp
%%Page: ? 23
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(20)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.56854 0. 32 0.05685 0.(This work concentrates on the threats coming in through the network. Local threats,)awidthshow
117 90 gm
0.77728 0. 32 0.07772 0.(such as )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.59637 0. 32 0.15963 0.(insider threats)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.28656 0. 32 0.02865 0.(, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.66900 0. 32 0.16690 0.(Trojan horses)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.90194 0. 32 0.09019 0.( etc. are beyond the scope of this study. The)awidthshow
133 90 gm
1.85592 0. 32 0.18559 0.(communicating end systems are assumed to be secure and physically protected.)awidthshow
149 90 gm
-0.06825 0.(Referring to the restrictions above, such services as )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.07482 0.(Data Flow Confidentiality)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.04431 0.(, )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.09353 0.(Routing)ashow
165 90 gm
0.12078 0.(Control)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.39611 0. 32 0.03961 0.( and protection against )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.50979 0. 32 0.05097 0.(Denial of Service)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.37139 0. 32 0.03713 0.( are also beyond the scope here \(see)awidthshow
181 90 gm
-0.03575 0.([IS7498-2] for definitions of these threats\).)ashow
213 90 gm
0.21987 0. 32 0.02198 0.(In this study we do not concentrate on cryptography, e.g. the mathematical properties)awidthshow
229 90 gm
1.34078 0. 32 0.13407 0.(of real cryptographic mechanisms are not analyzed. The requirements for various)awidthshow
245 90 gm
0.24566 0. 32 0.02456 0.(mechanisms \(such as )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.06452 0.(symmetric)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.10986 0. 32 0.01098 0.( and )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.43518 0. 32 0.04351 0.(asymmetric cryptosystems)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.05889 0. 32 0.00588 0.(, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.06437 0.(cryptosums)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.10986 0. 32 0.01098 0.( and )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.08900 0.(hash)ashow
261 90 gm
0.04893 0.(functions)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.10131 0. 32 0.01013 0.(, and )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.27282 0. 32 0.02728 0.(digital signature schemes)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.19042 0. 32 0.01904 0.(\) to be used in implementing various security)awidthshow
277 90 gm
0.23101 0. 32 0.02310 0.(functions are stated and mechanisms complying with these requirements are assumed)awidthshow
293 90 gm
1.28280 0. 32 0.12828 0.(and used as basic building blocks of secure open systems. For each such abstract)awidthshow
309 90 gm
0.10742 0. 32 0.01074 0.(mechanism an existing mechanism \(such as DES or RSA\) which is currently believed)awidthshow
325 90 gm
0.09475 0. 32 0.00947 0.(to fulfill these requirements is found \(see Appendix 1\). However, this work is not tied)awidthshow
341 90 gm
-0.10716 0.(to any existing mechanisms and they can be replaced as needed.)ashow
373 90 gm
0.20462 0. 32 0.02046 0.(It is expected that in the future various symmetric and asymmetric cryptosystems and)awidthshow
389 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.05412 0.(zero-knowledge schemes)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.04992 0.( will be designed and broken in a continuous struggle between)ashow
405 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.07539 0.(cryptographers)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.13305 0. 32 0.01330 0.( and )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.07022 0.(cryptanalysts)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.27297 0. 32 0.02729 0.( \(code makers and code breakers\). This study being)awidthshow
421 90 gm
0.73425 0. 32 0.07342 0.(independent of any specific cryptosystems, new cryptosystems can be adopted with)awidthshow
437 90 gm
-0.10095 0.(only minimal modifications to the security profiles drawn up here.)ashow
469 90 gm
0.25665 0. 32 0.02566 0.(This work deals with the architectural aspects of open systems security. Based on the)awidthshow
485 90 gm
1.10427 0. 32 0.11042 0.(OSI reference model and its associated security framework, answers are sought to)awidthshow
501 90 gm
0.03677 0. 32 0.00367 0.(questions such as what type and level of security is needed \(and feasible\) with various)awidthshow
517 90 gm
1.20513 0. 32 0.12051 0.(real information services, what combination of security functions will provide the)awidthshow
533 90 gm
-0.05464 0.(overall level of security needed with each service, and what layers of the OSI reference)ashow
549 90 gm
-0.07989 0.(model should these functions be placed in.)ashow
581 90 gm
-0.04136 0.(Mechanisms used to realize these functions as well as implementational issues, such as)ashow
597 90 gm
0.10787 0. 32 0.01078 0.(the use of hardware and software in implementing these mechanisms and the implica-)awidthshow
613 90 gm
0.52383 0. 32 0.05238 0.(tions of the chosen software and hardware architecture on the overall security of the)awidthshow
629 90 gm
0.18630 0. 32 0.01863 0.(system, are studied. To facilitate this work, a semiformal security model is developed)awidthshow
645 90 gm
-0.03648 0.(and used to analyze the security functions derived from actual security requirements of)ashow
661 90 gm
-0.01766 0.(real open systems.)ashow
F T cp
%%Page: ? 24
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(21)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
104 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(2.4)ashow
104 126 gm
2.21603 0. 32 0.22160 0.(Approach to the Goals)awidthshow
136 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.25222 0. 32 0.02522 0.(In this work, the security requirements of the three categories of information services)awidthshow
152 90 gm
1.64230 0. 32 0.16423 0.(listed in 2.2 are analyzed. FTAM and Virtual Terminal are used as examples of)awidthshow
168 90 gm
0.60089 0. 32 0.06008 0.(connection-oriented services, the Directory Service and Remote Database Access as)awidthshow
184 90 gm
-0.06217 0.(examples of connectionless real-time services, and the Message Handling System as an)ashow
200 90 gm
-0.06181 0.(example of relayed services. Their required types and levels of security are defined, the)ashow
216 90 gm
0.47103 0. 32 0.04710 0.(combinations of security functions to achieve the required overall security levels are)awidthshow
232 90 gm
-0.00170 0.(found, these functions are placed into the layers of OSI, and mechanisms are specified)ashow
248 90 gm
-0.09561 0.(to implement them \(including cryptosystems and extensions to current protocols\).)ashow
280 90 gm
0.44006 0. 32 0.04400 0.(Based on this analysis, a general purpose OSI protocol stack with built-in security is)awidthshow
296 90 gm
0.60379 0. 32 0.06037 0.(drawn up. This stack can be used with most connection-oriented and connectionless)awidthshow
312 90 gm
-0.03828 0.(end-to-end services and it can also be used to provide "hop-by-hop security" in relayed)ashow
328 90 gm
0.79345 0. 32 0.07934 0.(services such as MHS. The required management services and mechanisms for this)awidthshow
344 90 gm
-0.08389 0.(protocol stack are sketched.)ashow
376 90 gm
-0.04983 0.(For FTAM a complete security profile is drawn up and the ideas presented in this work)ashow
392 90 gm
1.03607 0. 32 0.10360 0.(are tested in practise with a limited working prototype implementation of a secure)awidthshow
408 90 gm
0.59173 0. 32 0.05917 0.(FTAM service. The solutions are evaluated against the initial security requirements,)awidthshow
424 90 gm
-0.08314 0.(possible enhancements are sketched and directions for further work are pointed out.)ashow
F T cp
%%Page: ? 25
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(22)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
110 90 gm
1 fs
18 fz
bu fc
2 F /|______Times-Bold fnt
bn
(3)show
110 126 gm
2.34603 0. 32 0.23460 0.(On Security Requirements and Functions)awidthshow
143 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.04922 0.(Various information services have different security requirements which can be met by)ashow
159 90 gm
0.38513 0. 32 0.03851 0.(the five security services listed in the OSI Security Architecture [IS7498-2], namely:)awidthshow
175 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.10479 0.(Authentication)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.10391 0. 32 0.01039 0.(, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.09533 0.(Integrity)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.10391 0. 32 0.01039 0.(, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.09967 0.(Confidentiality)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.10391 0. 32 0.01039 0.(, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.11444 0.(Non-Repudiation)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.19378 0. 32 0.01937 0.( and )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.63110 0. 32 0.06311 0.(Access Control.)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.34591 0. 32 0.03459 0.( The)awidthshow
191 90 gm
0.00930 0. 32 0.00093 0.(OSI Security Architecture lists these five services and a number of subclasses of each,)awidthshow
207 90 gm
0.24887 0. 32 0.02488 0.(such as )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.10147 0.(Connection)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.12222 0. 32 0.01222 0.( or )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.63461 0. 32 0.06346 0.(Connectionless Integrity)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.05004 0. 32 0.00500 0.( )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.10391 0.(With)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.12222 0. 32 0.01222 0.( or )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.09954 0.(Without)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.05004 0. 32 0.00500 0.( )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.10231 0.(Recovery)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.29998 0. 32 0.02999 0.(, with little)awidthshow
223 90 gm
0.41152 0. 32 0.04115 0.(insight to their significance or the relations between them. Here we shall analyze the)awidthshow
239 90 gm
0.40313 0. 32 0.04031 0.(interdependencies between these services and make some general observations. Also)awidthshow
255 90 gm
-0.11120 0.(some sample services are analyzed with regard to their specific security requirements.)ashow
287 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.05261 0.(File Transfer, Access and Management)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.03506 0.( \()ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.07850 0.(FTAM)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.03959 0.(\), the )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.05195 0.(Directory)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.04399 0.(, and )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.06036 0.(Message Handling)ashow
303 90 gm
-0.02246 0.(System)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
( \()show
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.03323 0.(MHS)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.01972 0.(\) were chosen as the sample services for the following reasons:)ashow
335 90 gm
(-)show
335 126 gm
0.27740 0. 32 0.02774 0.(All of these services are already rather mature \(implementations do exist\) and)awidthshow
351 126 gm
-0.10655 0.(seem to be useful in real life in the near future.)ashow
383 90 gm
(-)show
383 126 gm
0.18798 0. 32 0.01879 0.(These three services represent the three categories of services described in 2.2)awidthshow
399 126 gm
-0.12332 0.(and a closer analysis of them should reveal something applicable to virtually any)ashow
415 126 gm
-0.11952 0.(application.)ashow
447 90 gm
-0.02650 0.(Even though the term )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.02531 0.(Security Service)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.02470 0.( is used in the OSI Security Architecture, it does)ashow
463 90 gm
0.24261 0. 32 0.02426 0.(not mean a service in the normal OSI sense of the word. In the OSI Reference Model)awidthshow
479 90 gm
-0.04541 0.(the term )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.04699 0.(\(N\)-service)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.04528 0.( is defined as: "A capability of the \(N\)-layer and the layers beneath)ashow
495 90 gm
0.37719 0. 32 0.03771 0.(it, which is provided to \(N+1\)-entities at the boundary between the \(N\)-layer and the)awidthshow
511 90 gm
0.77651 0. 32 0.07765 0.(\(N+1\)-layer" at an )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.20483 0.(\(N\)-service-access-point)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.74615 0. 32 0.07461 0.( [X.200] by means of \(conceptual\) )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.27767 0.(\(N\)-)ashow
527 90 gm
0.01472 0.(service-primitives)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.07476 0. 32 0.00747 0.( [X.210].)awidthshow
559 90 gm
0.34057 0. 32 0.03405 0.(However, in the Security Architecture addendum of OSI [IS7498-2] )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.49697 0. 32 0.04969 0.(Security Service)awidthshow
575 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.05783 0.(means a more abstract kind of functionality provided by the entire OSI system. An OSI)ashow
591 90 gm
-0.08441 0.(Security Service, in the sense it is being used in the OSI Security Architecture, need not)ashow
607 90 gm
0.07263 0. 32 0.00726 0.(show at all in the service interface of any layer. The use of a Security Service, such as)awidthshow
623 90 gm
-0.08471 0.(Confidentiality, may be dictated by a )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.08654 0.(Security Policy)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.08717 0.( and enforced by )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.10713 0.(Systems Manage-)ashow
639 90 gm
-0.05598 0.(ment )ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.05325 0.(without the user knowing anything about this.)ashow
671 90 gm
0.87158 0. 32 0.08715 0.(Therefore, it would be more appropriate to talk about )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.56539 0. 32 0.15653 0.(Security Functions)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.82656 0. 32 0.08265 0.( when we)awidthshow
687 90 gm
-0.07463 0.(mean security as a part of the overall quality of service provided by the OSI system and)ashow
703 90 gm
0.53695 0. 32 0.05369 0.(reserve the word )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.90835 0. 32 0.09083 0.(Security Service)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.57342 0. 32 0.05734 0.( to mean services offered at the boundary between)awidthshow
719 90 gm
0.22537 0. 32 0.02253 0.(two OSI layer by means of service primitives. This practise is followed hereinafter in)awidthshow
735 90 gm
0.33203 0. 32 0.03320 0.(this study.)awidthshow
F T cp
%%Page: ? 26
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(23)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.08990 0.(Definitions of some terms used in this study:)ashow
133 90 gm
(-)show
133 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.08421 0.(\(N\) Security Service:)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.08187 0.( a security-related capability of the \(N\)-layer and the layers)ashow
149 126 gm
-0.09182 0.(beneath it, provided to \(N+1\)-entities at the boundary between the \(N\)-layer and)ashow
165 126 gm
-0.07225 0.(the \(N+1\)-layer by means of service primitives.)ashow
197 90 gm
(-)show
197 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.30508 0. 32 0.13050 0.(\(N\) Security Function:)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.03057 0. 32 0.10305 0.( a security-related function, enhancing the quality of)awidthshow
213 126 gm
0.43518 0. 32 0.04351 0.(service provided by the \(N\)-layer, controlled by the control part of \(N\)-entity)awidthshow
229 126 gm
-0.09750 0.(and activated at the request of the user of the \(N\)-service or by systems manage-)ashow
245 126 gm
(ment.)show
277 90 gm
(-)show
277 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.31677 0. 32 0.03167 0.(\(N\) Security Mechanism:)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.18692 0. 32 0.01869 0.( a mechanism at the \(N\)-layer realizing \(a part of\) an)awidthshow
293 126 gm
-0.02935 0.(\(N\) security function.)ashow
328 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(3.1)ashow
328 126 gm
2.86773 0. 32 0.28677 0.(A Security Model)awidthshow
360 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.10681 0. 32 0.01068 0.(A layer entity A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(N)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.09887 0. 32 0.00988 0.( \(entity in system A at layer N\) is depicted in figure 3-1, below. The)awidthshow
376 90 gm
-0.11817 0.(entity is divided into the following parts:)ashow
408 90 gm
(-)show
408 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.13111 0.(Control Part)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.12062 0.( realizing the protocol logic and controlling the use of functions and)ashow
424 126 gm
-0.03407 0.(variables.)ashow
456 90 gm
(-)show
456 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.41511 0.(Mechanisms)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.25427 0. 32 0.12542 0.( controlled by the control part, operating on the variables and)awidthshow
472 126 gm
-0.08569 0.(realizing functions.)ashow
504 90 gm
(-)show
504 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.15504 0.(Variables)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.14241 0.( most of which are local to each entity instance.)ashow
536 90 gm
0.19531 0. 32 0.01953 0.(The Control Part is usually modelled as a state machine. In the C-VOPS environment)awidthshow
552 90 gm
1.30386 0. 32 0.13038 0.(an Extended Finite State Automaton \(EFSA\) is used to model and implement the)awidthshow
568 90 gm
(Control Part [Kar87].)show
600 90 gm
0.28991 0. 32 0.02899 0.(Mechanisms include three major groups, each realizing one interface of the \(N\) layer)awidthshow
616 90 gm
-0.27705 0.(entity:)ashow
648 90 gm
(-)show
648 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.91802 0. 32 0.19180 0.(Upper Interface Mechanisms)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.07910 0. 32 0.10791 0.(, realizing the interface to layer N+1 \(the \(N\))awidthshow
664 126 gm
-0.08824 0.(Service Interface\).)ashow
696 90 gm
(-)show
696 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.27380 0. 32 0.12738 0.(Lower Interface Mechanisms)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.72906 0. 32 0.07290 0.(, realizing the interface to layer N-1 \(the \(N-1\))awidthshow
712 126 gm
-0.08824 0.(Service Interface\).)ashow
744 90 gm
(-)show
744 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.15216 0.(Protocol Mechanisms)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.125 0.(, realizing the protocol interface to the peer entity.)ashow
F T cp
%%Page: ? 27
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(24)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
0 0 pen
272 206 gm
(nc 88 91 334 503 6 rc)kp
62 gr
272 206 lin
0.969  60 45 {dup mul exch dup mul add 1.0 exch sub }setscreen setgray
121 188 299 419 1 rc
2 2 pen
0 gr
121 188 299 419 0 rc
0 0 pen
60 gr
272 206 lin
0.937  60 45 {dup mul exch dup mul add 1.0 exch sub }setscreen setgray
166 257 242 362 1 rc
2 2 pen
0 gr
167 258 241 361 0 rc
1 1 pen
166 258 gm
166 418 lin
256 258 gm
256 418 lin
259 434 246 412 th
189 288 gm
1.50634 0 rmoveto
1 setTxMode
1 fs
12 fz
bu fc
2 F /|______Times-Bold fnt
bn
(Control)show
200 297 gm
0.17529 0 rmoveto
(Part)show
tu
ts
148 284 gm
0 fs
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.13449 0.(Interface Mechanisms)ashow
tu
ts
283 285 gm
-0.13449 0.(Interface Mechanisms)ashow
tu
ts
201 376 gm
0.05908 0 rmoveto
(Protocol)show
212 367 gm
-0.05998 0.(Mechanisms)ashow
tu
ts
116 259 gm
-0.16851 0.(\(N\) Service Interface)ashow
tu
ts
312 251 gm
-0.16806 0.(\(N-1\) Service Interface)ashow
tu
ts
199 428 gm
0.05908 0 rmoveto
(Protocol)show
211 427 gm
-0.31437 0.(Interface)ashow
tu
ts
188 150 gm
-0.25537 0.(Manage-)ashow
199 157 gm
0.00244 0 rmoveto
(ment)show
211 150 gm
-0.31437 0.(Interface)ashow
tu
0 gr
207 454 230 476 160 200 1 ar
207 411 230 434 340 380 1 ar
218 433 gm
218 455 lin
ts
215 475 gm
0.78808 0 rmoveto
1 setTxMode
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
(Peer)show
227 472 gm
2.16870 0 rmoveto
(Entity)show
tu
ts
215 105 gm
3.28442 0 rmoveto
(Systems)show
227 95 gm
2.45556 0 rmoveto
(Management)show
tu
ts
100 320 gm
3.69018 0 rmoveto
(Layer \(N+1\))show
tu
ts
328 321 gm
3.37548 0 rmoveto
(Layer \(N-1\))show
tu
0 gr
207 138 230 160 340 380 1 ar
207 173 230 195 160 200 1 ar
218 174 gm
218 159 lin
64 gr
227 370 251 413 1 rc
1 2 lw
0 gr
227.5 370.5 250.5 412.5 0 rc
1 1 lw
0 0 pen
218 159 lin
ts
236 383 gm
0.03198 0 rmoveto
1 setTxMode
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(Sec.)show
248 379 gm
-0.06651 0.(Mech.)ashow
tu
64 gr
128 378 155 413 1 rc
1 2 lw
1 1 pen
0 gr
128.5 378.5 154.5 412.5 0 rc
1 1 lw
0 0 pen
239 383 gm
239 383 lin
64 gr
131 383 154 409 1 rc
ts
139 388 gm
0.03198 0 rmoveto
1 setTxMode
(Sec.)show
151 383 gm
-0.06651 0.(Mech.)ashow
tu
64 gr
266 378 293 413 1 rc
1 2 lw
1 1 pen
0 gr
266.5 378.5 292.5 412.5 0 rc
1 1 lw
0 0 pen
142 388 gm
142 388 lin
64 gr
268 383 291 409 1 rc
ts
277 388 gm
0.03198 0 rmoveto
1 setTxMode
(Sec.)show
288 383 gm
-0.06651 0.(Mech.)ashow
tu
0 gr
93 335 116 358 68 108 1 ar
127 336 150 359 248 288 1 ar
1 1 pen
128 346 gm
114 346 lin
306 335 328 358 250 290 1 ar
273 335 296 358 70 110 1 ar
295 346 gm
306 346 lin
64 gr
206 280 233 338 1 rc
1 2 lw
0 gr
206.5 280.5 232.5 337.5 0 rc
1 1 lw
0 0 pen
306 346 lin
64 gr
209 291 231 325 1 rc
ts
217 291 gm
1 setTxMode
-0.04576 0.(Security)ashow
229 293 gm
0.22290 0 rmoveto
(Control)show
tu
1 2 lw
1 1 pen
168 361 gm
0 gr
256 361 lin
1 1 lw
0 0 pen
256 361 lin
ts
252 282 gm
2.50927 0 rmoveto
1 setTxMode
1 fs
12 fz
bu fc
2 F /|______Times-Bold fnt
bn
(Mechanisms)show
tu
ts
116 354 gm
0 fs
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.21411 0.(\(N\)-interface-data-units)ashow
tu
ts
312 354 gm
-0.21011 0.(\(N-1\)-interface-data-units)ashow
tu
ts
236 421 gm
-0.15434 0.(\(N\)-protocol-)ashow
248 428 gm
-0.15876 0.(data-units)ashow
tu
2 2 pen
121 257 gm
0 gr
298 257 lin
ts
211 199 gm
1.83935 0 rmoveto
1 setTxMode
1 fs
12 fz
bu fc
2 F /|______Times-Bold fnt
bn
(Variables)show
tu
64 gr
250 193 294 252 1 rc
1 2 lw
1 1 pen
0 gr
250.5 193.5 293.5 251.5 0 rc
1 1 lw
0 0 pen
214 199 gm
214 199 lin
ts
269 206 gm
1 setTxMode
0 fs
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.04576 0.(Security)ashow
281 203 gm
-0.16352 0.(Variables)ashow
tu
1 1 pen
363 90 gm
(nc 30 28 811 566 6 rc)kp
2 fs
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
-0.26438 0.(Figure 3-1:)ashow
363 162 gm
-0.13973 0.(OSI layer N entity security architecture.)ashow
394 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.48828 0. 32 0.04882 0.(Formally, layer entity A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.16413 0.(N)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.31723 0. 32 0.03172 0.( can be modelled as a triplet: )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.13638 0.(\(C)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.13888 0.(A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.13647 0.(N)ashow
0 -3 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.11743 0.(,V)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.13888 0.(A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.13647 0.(N)ashow
0 -3 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.14770 0.(,M)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.13888 0.(A)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.09078 0.(\))ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.36315 0. 32 0.03631 0.(, where C)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.16413 0.(A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.14772 0.(N)ashow
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.20843 0. 32 0.02084 0.( is)awidthshow
410 90 gm
-0.03565 0.(the control logic, V)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.05519 0.(A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(N)show
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.03483 0.( is the set of variables, and M)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.05519 0.(A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(N)show
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.03694 0.( is the set of mechanisms of A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.05519 0.(N)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(.)show
427 90 gm
0.15609 0. 32 0.01560 0.(The set of variables of layer entity A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.06906 0.(N)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.10803 0. 32 0.01080 0.( is the union of the set of )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.31311 0. 32 0.03131 0.(Protocol Variables)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.10360 0. 32 0.01036 0.( of)awidthshow
443 90 gm
-0.16235 0.(entity A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.24047 0.(N)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.14636 0.( and the set of )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.16464 0.(Security Variables)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.15263 0.( of entity A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.24047 0.(N)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(:)show
474 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.41249 0.(V)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.34375 0.(A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.33781 0.(N)ashow
0 -3 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.50247 0. 32 0.05024 0.( = V)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.34375 0.(A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.33781 0.(N)ashow
0 -1 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.24221 0.(,P)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.15350 0. 32 0.01535 0.( )awidthshow
bu fc
{}mark T /Helvetica-Oblique /|______Helvetica-Oblique 0 rf
bn
bu fc
2 F /|______Helvetica-Oblique fnt
bn
0.48750 0.(U)ashow
bu fc
2 F /|______Times-Italic fnt
bn
0.48446 0. 32 0.04844 0.( V)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.34375 0.(A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.33781 0.(N)ashow
0 -1 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.42205 0.(,S)ashow
507 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.10069 0.(The set of security variables of application instance A is the union of the sets of security)ashow
523 90 gm
-0.11557 0.(variables of all of its layers 4 through 7 and the security variables of the application:)ashow
554 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.45410 0.(V)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.28102 0.(A,S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.46691 0. 32 0.04669 0.( = \()awidthshow
bu fc
2 F /|______Helvetica-Oblique fnt
bn
0.53668 0.(U)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.27290 0.(i=4,7)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.45410 0.(V)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.37841 0.(A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.15490 0.(i)ashow
0 -1 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.23231 0.(,S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.26916 0. 32 0.02691 0.( \) )awidthshow
bu fc
2 F /|______Helvetica-Oblique fnt
bn
0.53668 0.(U)ashow
bu fc
2 F /|______Times-Italic fnt
bn
0.53329 0. 32 0.05332 0.( V)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.37841 0.(A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.34057 0.(A)ashow
0 -1 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.46463 0.(,S)ashow
587 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.17501 0. 32 0.01750 0.(Similarly, the set of mechanisms of layer entity A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.06874 0.(N)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.10757 0. 32 0.01075 0.( is the union of the set of )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.05711 0.(Protocol)ashow
603 90 gm
-0.02159 0.(Mechanisms)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.01467 0.(, the set of )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.01913 0.(Interface Mechanisms)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.01467 0.(, the set of )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.01939 0.(Security Mechanisms)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.01844 0.(, and the)ashow
619 90 gm
-0.11621 0.(set of other mechanisms of A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.16667 0.(N)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(:)show
650 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.38029 0.(M)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.23245 0.(A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.22843 0.(N)ashow
0 -3 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.38192 0. 32 0.03819 0.( = M)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.23245 0.(A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.22843 0.(N)ashow
0 -1 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.16380 0.(,P)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.10375 0. 32 0.01037 0.( )awidthshow
bu fc
2 F /|______Helvetica-Oblique fnt
bn
0.32968 0.(U)ashow
bu fc
2 F /|______Times-Italic fnt
bn
0.41198 0. 32 0.04119 0.( M)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.23245 0.(A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.22843 0.(N)ashow
0 -1 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.11088 0.(,I)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.10375 0. 32 0.01037 0.( )awidthshow
bu fc
2 F /|______Helvetica-Oblique fnt
bn
0.32968 0.(U)ashow
bu fc
2 F /|______Times-Italic fnt
bn
0.41198 0. 32 0.04119 0.( M)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.23245 0.(A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.22843 0.(N)ashow
0 -1 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.14271 0.(,S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.10375 0. 32 0.01037 0.( )awidthshow
bu fc
2 F /|______Helvetica-Oblique fnt
bn
0.32968 0.(U)ashow
bu fc
2 F /|______Times-Italic fnt
bn
0.41198 0. 32 0.04119 0.( M)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.23245 0.(A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.22843 0.(N)ashow
0 -1 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.18493 0.(,O)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
(.)show
683 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.03312 0.(Security variables include key values and information controlling the selection and use)ashow
699 90 gm
-0.02938 0.(of various security mechanisms. The values of security variables can be set by systems)ashow
715 90 gm
-0.06994 0.(management \(as dictated by the security policy\) or as a result of negotiation at an upper)ashow
731 90 gm
0.62942 0. 32 0.06294 0.(layer of OSI, or the control part of the layer entity \(as a result of negotiation or key)awidthshow
747 90 gm
-0.06686 0.(exchange within layer N\).)ashow
F T cp
%%Page: ? 28
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(25)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
2 fs
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.09902 0. 32 0.00990 0.(Layer N Security Context)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.07995 0. 32 0.00799 0.( between the layer entity instances A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.01831 0.(N,i)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.05294 0. 32 0.00529 0.( and B)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.01831 0.(N,j)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.06332 0. 32 0.00633 0.( can now be)awidthshow
117 90 gm
-0.13796 0.(formally defined as:)ashow
148 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.60803 0.(SC)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.53044 0.(A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.31126 0.(N,i)ashow
0 -1 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.37376 0.(,B)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.31126 0.(N,j)ashow
0 -3 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.88302 0. 32 0.08830 0.( = \(V)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.53044 0.(A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.31126 0.(N,i)ashow
0 -1 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.32565 0.(,S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.89035 0. 32 0.08903 0.(, V)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.53044 0.(B)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.31126 0.(N,j)ashow
0 -1 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.32565 0.(,S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
(\))show
181 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.31753 0. 32 0.03175 0.(To be usable in real communications, a security context has to include a lot of things)awidthshow
197 90 gm
0.05233 0. 32 0.00523 0.(left implicit in this definition. For example, we need to have a common understanding)awidthshow
213 90 gm
-0.08735 0.(of the cryptographic mechanisms employed, their modes of operation, the initial default)ashow
229 90 gm
0.25817 0. 32 0.02581 0.(security context etc. Many of these aspects belong to the domain of security manage-)awidthshow
245 90 gm
0.04989 0. 32 0.00498 0.(ment. In this study we shall assume that the security related variables contain not only)awidthshow
261 90 gm
-0.04750 0.(such information as key values etc. but also control information used to select and acti-)ashow
277 90 gm
0.24719 0. 32 0.02471 0.(vate the appropriate cryptographic mechanisms. Further elaboration of the concept of)awidthshow
293 90 gm
-0.07604 0.(security context is left outside the scope of this study.)ashow
325 90 gm
1.40960 0. 32 0.14096 0.(Because in this study we are interested in secure communications between entire)awidthshow
341 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.77368 0. 32 0.17736 0.(application instances)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.90270 0. 32 0.09027 0.( as defined in section 2.1.2 \(see figure 2-1\), not in individual)awidthshow
357 90 gm
-0.11671 0.(layers of the OSI model, we also need to define the security context between application)ashow
373 90 gm
-0.08287 0.(instances. We therefore define the security context between application instances A and)ashow
389 90 gm
-0.12333 0.(B \(at all the layers 4 through 7 and the application\) as:)ashow
421 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.51925 0.(SC)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.36378 0.(A,B)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.75408 0. 32 0.07540 0.( = \(V)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.33639 0.(A,S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.76034 0. 32 0.07603 0.(, V)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.33639 0.(B,S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
(\))show
453 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.22033 0. 32 0.02203 0.(The respective systems managements, in cooperation with the Control Parts of all the)awidthshow
469 90 gm
0.38497 0. 32 0.03849 0.(OSI layers 4 through 7, are responsible for negotiating the Security Context between)awidthshow
485 90 gm
1.29272 0. 32 0.12927 0.(two application instances, using the Security Mechanisms to perform the selected)awidthshow
501 90 gm
0.14190 0. 32 0.01419 0.(Security Functions within this Security Context, and releasing the Security Context at)awidthshow
517 90 gm
-0.04537 0.(the end of communications. The life span of a security context can now be divided into)ashow
533 90 gm
-0.02127 0.(three consecutive phases: )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.02261 0.(Set-up)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(, )show
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.02751 0.(Use)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.02064 0.( and )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.02297 0.(Termination.)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.02210 0.( More formally, we shall write:)ashow
549 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.03018 0.(Set-up\(SC)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.02738 0.(A,B)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
(\))show
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.05203 0. 32 0.00520 0.( and )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.03132 0.(Terminate\(SC)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.02738 0.(A,B)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
(\))show
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.10452 0. 32 0.01045 0.( for these two operations.)awidthshow
581 90 gm
1.34063 0. 32 0.13406 0.(A Security Context can be set up by means of prior agreement, management and)awidthshow
597 90 gm
0.16601 0. 32 0.01660 0.(negotiation. It is possible to negotiate several Security Contexts, label them \(e.g. with)awidthshow
613 90 gm
0.30883 0. 32 0.03088 0.(small integers\) and manage them in much the same way as Presentation Contexts are)awidthshow
629 90 gm
-0.11880 0.(managed at the Presentation Layer.)ashow
661 90 gm
0.56900 0. 32 0.05690 0.(Security functions can be )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.18080 0.(Autonomous)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.47790 0. 32 0.04779 0.(, that is they only show to the security profile)awidthshow
677 90 gm
0.03601 0. 32 0.00360 0.(and need not be activated by the user \(they are either always active or are activated by)awidthshow
693 90 gm
1.38381 0. 32 0.13838 0.(the systems management guided by the )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.04803 0. 32 0.20480 0.(Security Policy)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.62042 0. 32 0.06204 0.(\), or )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.34860 0.(Activatable)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.66107 0. 32 0.16610 0.( \(security)awidthshow
709 90 gm
0.28549 0. 32 0.02854 0.(services\), meaning that their use is negotiated and controlled by the service user with)awidthshow
725 90 gm
-0.11711 0.(service primitives and their parameters.)ashow
F T cp
%%Page: ? 29
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(26)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(A )show
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.01284 0.(layer entity)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.01214 0.( is a static type definition of )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.01315 0.(layer entity instances)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.01422 0.( which together consti-)ashow
117 90 gm
0.39062 0. 32 0.03906 0.(tute a class. The layer entity A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.17735 0.(N)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.41320 0. 32 0.04132 0.( is like a program which can be invoked many times)awidthshow
133 90 gm
-0.02696 0.(over whereas the layer entity instance A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.02333 0.(N,i)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.02688 0.( is a dynamic invocation of such a type, like)ashow
149 90 gm
-0.05531 0.(a process executing the program. In OSI both types and instances of layer entities carry)ashow
165 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.16333 0. 32 0.11633 0.(distinguishable names)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.54367 0. 32 0.05436 0.(. Usually it is clear from the context when we are referring to)awidthshow
181 90 gm
0.15457 0. 32 0.01545 0.(types and when instances of layer entities. From here on, we shall talk about an )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.04962 0.(entity)ashow
197 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.13636 0.(meaning either an entity )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.13714 0.(class)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.12380 0.( or an entity )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.14285 0.(instance)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.13708 0.(. When it is not clear from the context)ashow
213 90 gm
-0.10061 0.(which we mean, the distinction is made explicitly.)ashow
245 90 gm
1.01196 0. 32 0.10119 0.(When establishing an )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.25189 0.(\(N\)-connection)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.44189 0. 32 0.04418 0.(, the )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.24667 0.(\(N\)-user)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.63568 0. 32 0.06356 0.( issues and )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.26058 0.(\(N\)-connect-request)ashow
261 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.31600 0. 32 0.03160 0.(\(\(N\)-CR\) primitive to an )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.08322 0.(\(N\)-service-access-point)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.24749 0. 32 0.02474 0.( \(\(N\)SAP\) of the )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.08428 0.(\(N\)-service-inter-)ashow
277 90 gm
(face)show
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.00550 0.(. This service request typically invokes a new instance of the \(N\)-entity, dedicated)ashow
293 90 gm
1.06063 0. 32 0.10606 0.(to serving this one instance of communications, which immediately issues an )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.35208 0.(\(N\)-)ashow
309 90 gm
(connection-request)show
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(  \(\(N\)CR\) )show
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
(Protocol Data Unit)show
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.00503 0. 32 0.00050 0.( \(PDU\) to its peer entity. At the other)awidthshow
325 90 gm
-0.06167 0.(end system, the \(N\)CR PDU invokes a new instance of the \(N\)-entity, also dedicated to)ashow
341 90 gm
0.38833 0. 32 0.03883 0.(serving this one instance of communications. All PDUs on this connection now flow)awidthshow
357 90 gm
0.85464 0. 32 0.08546 0.(between these two peer entity instances \(called )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.47720 0. 32 0.14772 0.(correspondent entities)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.84640 0. 32 0.08464 0.(\) and service)awidthshow
373 90 gm
0.61782 0. 32 0.06178 0.(primitives of this connection at the )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.18016 0.(connection-end-points)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.80093 0. 32 0.08009 0.( \(CEPs\), distinguished by)awidthshow
389 90 gm
-0.08699 0.(their )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.10136 0.(connection-end-point-identifiers)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.09934 0.( \(CEPIs\), are directed to and issued by these entity)ashow
405 90 gm
(instances.)show
437 90 gm
0.94390 0. 32 0.09439 0.(Communications can only occur between layer entity )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.21887 0.(instances)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.82000 0. 32 0.08200 0.( and, therefore, e.g.)awidthshow
453 90 gm
0.42373 0. 32 0.04237 0.(connections, associations and security contexts cannot exist between entity types but)awidthshow
469 90 gm
0.12680 0. 32 0.01268 0.(always between pairs of layer entity instances. In a real open system, each instance of)awidthshow
485 90 gm
0.20156 0. 32 0.02015 0.(the same layer entity type executes independently of all other instances. This implies,)awidthshow
501 90 gm
-0.09527 0.(for example, that they have their own sets of variable instances \(local variables\).)ashow
533 90 gm
-0.05633 0.(While there is nothing in the OSI reference model explicitly denying us from establish-)ashow
549 90 gm
0.68557 0. 32 0.06855 0.(ing connections between specific instances of entities \(if we know their names\), we)awidthshow
565 90 gm
1.15447 0. 32 0.11544 0.(usually only are interested in entity types when opening a connection. In fact, the)awidthshow
581 90 gm
0.19134 0. 32 0.01913 0.(current OSI protocols do not allow us to address individual entity instances. After the)awidthshow
597 90 gm
-0.02439 0.(connection is established, we never need to explicitly refer to entity instances, but they)ashow
613 90 gm
0.06072 0. 32 0.00607 0.(are associated with the connection-end-points of this connection at the respective \(N\)-)awidthshow
629 90 gm
-0.04437 0.(service-access-points.)ashow
661 90 gm
0.67916 0. 32 0.06791 0.(With connectionless services the situation is essentially the same \320 we only need to)awidthshow
677 90 gm
1.21459 0. 32 0.12145 0.(know the address of the other party and issue a service request to the appropriate)awidthshow
693 90 gm
0.22425 0.(\(N\)SAP.)ashow
725 90 gm
-0.10968 0.(Here again we suffer from the connection-oriented tradition of the OSI reference model.)ashow
741 90 gm
0.36346 0. 32 0.03634 0.(It would be more appropriate to adopt the concept of )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.10797 0.(association)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.41122 0. 32 0.04112 0.(, originally born for)awidthshow
757 90 gm
-0.08843 0.(use in the application layer \()ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.09509 0.(application association)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.09658 0.(\), which does not make a distinction)ashow
F T cp
%%Page: ? 30
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(27)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.03112 0. 32 0.00311 0.(between connection-oriented and connectionless communications. An )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.00617 0.(\(N\)-association)ashow
101 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.01309 0.(is established between two entity instances at layer N in order to facilitate their mutual)ashow
117 90 gm
1.32781 0. 32 0.13278 0.(communication. \(N\)-association can be supported by an \(N-1\)-connection or con-)awidthshow
133 90 gm
1.56265 0. 32 0.15626 0.(nectionless \(N-1\)-service. It is evident, that the OSI reference model is evolving)awidthshow
149 90 gm
0.36682 0. 32 0.03668 0.(towards equally supporting connection-oriented and connectionless communications.)awidthshow
165 90 gm
0.60134 0. 32 0.06013 0.(One example of this development is the connectionless )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.88256 0. 32 0.08825 0.(Association Control Service)awidthshow
181 90 gm
-0.07112 0.(Element)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.04428 0.( \()ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.09075 0.(ACSE)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.06188 0.(\) of the application layer defined in [IS8649/A2] and [IS10035].)ashow
216 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(3.2)ashow
216 126 gm
3.92715 0. 32 0.39271 0.(Security Requirements)awidthshow
248 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.74295 0. 32 0.07429 0.(Here the requirements are seen mainly from the user's point of view. When using a)awidthshow
264 90 gm
-0.07722 0.(connection-oriented information service across the network, the user may need to know)ashow
280 90 gm
-0.09353 0.(one or more of the following:)ashow
310 90 gm
(-)show
310 126 gm
0.10742 0. 32 0.01074 0.(That the identity of the other party is that claimed and that it remains the same)awidthshow
326 126 gm
(throughout the session.)show
356 90 gm
(-)show
356 126 gm
-0.06617 0.(That nobody else can listen to \(and understand\) the session.)ashow
386 90 gm
(-)show
386 126 gm
1.01516 0. 32 0.10151 0.(That nobody can undetected delete from, change, or add to the information)awidthshow
402 126 gm
(transferred.)show
432 90 gm
(-)show
432 126 gm
1.28540 0. 32 0.12854 0.(That commitments made during the session can, beyond reasonable doubt,)awidthshow
448 126 gm
-0.09291 0.(afterwards be proved to an impartial judge.)ashow
480 90 gm
-0.09494 0.(Similarly, the service provider may need to know the same plus the following:)ashow
510 90 gm
(-)show
510 126 gm
-0.12135 0.(That nobody except the legitimate users can access the service.)ashow
540 90 gm
(-)show
540 126 gm
0.02441 0. 32 0.00244 0.(That the service provider can, if necessary, prove to an impartial judge that the)awidthshow
556 126 gm
-0.06672 0.(user actually has used the services he is charged for.)ashow
588 90 gm
0.48370 0. 32 0.04837 0.(In OSI terminology [IS7498-2], the five security functions needed to provide for the)awidthshow
604 90 gm
0.14526 0. 32 0.01452 0.(five first requirements stated above are called )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.21514 0. 32 0.02151 0.(Peer Entity Authentication)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(, )show
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.04756 0.(Connection)ashow
620 90 gm
0.12413 0.(Confidentiality)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.12939 0. 32 0.01293 0.(, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.85906 0. 32 0.08590 0.(Connection Integrity)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.12939 0. 32 0.01293 0.(, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.13792 0.(Non-repudiation)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.26184 0. 32 0.02618 0.(, and )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.78643 0. 32 0.07864 0.(Access Control)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.58380 0. 32 0.05838 0.(, respec-)awidthshow
636 90 gm
0.30166 0. 32 0.03016 0.(tively. In the case of connection-oriented communications, a Security Context can be)awidthshow
652 90 gm
-0.08663 0.(set-up when establishing the connection and remain in effect throughout the session.)ashow
684 90 gm
1.22070 0. 32 0.12207 0.(With services not based on an end-to-end connection between the communicating)awidthshow
700 90 gm
2.00881 0. 32 0.20088 0.(parties, the situation is somewhat different. With these services, connectionless)awidthshow
716 90 gm
1.35742 0. 32 0.13574 0.(versions of the above functions are needed, such as )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.23617 0. 32 0.22361 0.(Data Origin Authentication)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
732 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.86456 0. 32 0.08645 0.(Connectionless Confidentiality)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.23605 0. 32 0.02360 0.(, and )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.80673 0. 32 0.08067 0.(Connectionless Integrity)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.35385 0. 32 0.03538 0.(. Also, since there is no)awidthshow
F T cp
%%Page: ? 31
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(28)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.09759 0.(connection, there cannot be a Security Context associated with a connection but rather a)ashow
101 90 gm
-0.08877 0.(Security Context has to be associated with each message or request-reply pair.)ashow
133 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(3.2.1)ashow
133 126 gm
2.59811 0. 32 0.25981 0.(Security Requirements of FTAM)awidthshow
165 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.07437 0. 32 0.10743 0.(File Transfer, Access and Management)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.25177 0. 32 0.02517 0.( \()awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.33840 0.(FTAM)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.86212 0. 32 0.08621 0.(\) [IS8571-1] is a typical end-to-end)awidthshow
181 90 gm
1.07666 0. 32 0.10766 0.(service, where layers 4 through 7 communicate in real time, on-line from one end)awidthshow
197 90 gm
-0.09625 0.(system to the other. FTAM is currently the most mature connection-oriented service but)ashow
213 90 gm
1.09237 0. 32 0.10923 0.(results obtained here should be rather easily applicable to such services as Virtual)awidthshow
229 90 gm
-0.00221 0.(Terminal \(VT\) [IS9040], Job Transfer and Manipulation \(JTM\) [IS8831, IS8832], and)ashow
245 90 gm
0.44265 0. 32 0.04426 0.(Reliable Transfer \(RTS\) [IS9066-1,2, X.218, X.228].)awidthshow
277 90 gm
-0.02093 0.(In FTAM the concept of a file store is generalized and the real file systems residing on)ashow
293 90 gm
-0.06416 0.(various host systems are mapped into a global Virtual File Store [IS8571-2] where files)ashow
309 90 gm
-0.10900 0.(can be accessed independently of their physical locations.)ashow
341 90 gm
0.63507 0. 32 0.06350 0.(In real file systems we need to give individual users and user groups various access)awidthshow
357 90 gm
-0.02032 0.(rights to each file. Usually, we can specify for each file what users and user groups are)ashow
373 90 gm
0.37841 0. 32 0.03784 0.(allowed to read, write, execute or delete it. The local operating system is responsible)awidthshow
389 90 gm
0.64239 0. 32 0.06423 0.(for enforcing these restrictions on the user of files. Local access control is based on)awidthshow
405 90 gm
0.10208 0. 32 0.01020 0.(user IDs and the user authentication scheme used by the operating system. The access)awidthshow
421 90 gm
-0.00610 0.(control mechanism can be implemented by associating an access control list with each)ashow
437 90 gm
-0.12847 0.(file or by assigning appropriate capabilities to each legitimate user.)ashow
0 0 pen
659 105 gm
(nc 456 148 713 444 6 rc)kp
60 gr
659 105 lin
0.937  60 45 {dup mul exch dup mul add 1.0 exch sub }setscreen setgray
513 205 656 382 25 25 1 rr
2 2 pen
0 gr
514 206 655 381 24 24 0 rr
64 gr
522 222 562 282 1 rc
1 1 pen
0 gr
522.5 222.5 561.5 281.5 0 rc
538 231 gm
0.03808 0 rmoveto
1 setTxMode
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(virtual file)show
550 232 gm
0.36328 0 rmoveto
(system #1)show
64 gr
522 306 562 366 1 rc
0 gr
522.5 306.5 561.5 365.5 0 rc
538 315 gm
0.03808 0 rmoveto
1 setTxMode
(virtual file)show
550 316 gm
0.36328 0 rmoveto
(system #2)show
64 gr
589 222 629 282 1 rc
0 gr
589.5 222.5 628.5 281.5 0 rc
605 231 gm
0.03808 0 rmoveto
1 setTxMode
(virtual file)show
617 232 gm
0.36328 0 rmoveto
(system #3)show
64 gr
589 306 629 366 1 rc
0 gr
589.5 306.5 628.5 365.5 0 rc
605 315 gm
0.03808 0 rmoveto
1 setTxMode
(virtual file)show
617 316 gm
0.36328 0 rmoveto
(system #4)show
579 245 gm
0.51538 0 rmoveto
14 fz
bu fc
2 F /|______Times-Roman fnt
bn
(Virtual File Store)show
645 252 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.14134 0.(OSI Environment)ashow
64 gr
456 149 498 199 1 rc
0 gr
456.5 149.5 497.5 198.5 0 rc
467 159 gm
1 setTxMode
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.10070 0.(real file)ashow
479 160 gm
0.11328 0 rmoveto
(system)show
491 169 gm
(#1)show
64 gr
456 392 498 443 1 rc
0 gr
456.5 392.5 497.5 442.5 0 rc
467 403 gm
1 setTxMode
-0.10070 0.(real file)ashow
479 404 gm
0.11328 0 rmoveto
(system)show
491 413 gm
(#2)show
64 gr
671 392 712 443 1 rc
0 gr
671.5 392.5 711.5 442.5 0 rc
682 403 gm
1 setTxMode
-0.10070 0.(real file)ashow
694 404 gm
0.11328 0 rmoveto
(system)show
706 413 gm
(#4)show
64 gr
671 149 712 199 1 rc
0 gr
671.5 149.5 711.5 198.5 0 rc
682 159 gm
1 setTxMode
-0.10070 0.(real file)ashow
694 160 gm
0.11328 0 rmoveto
(system)show
706 169 gm
(#3)show
0 gr
509 239 533 263 199 239 1 ar
466 187 490 211 19 59 1 ar
485 207 gm
513 242 lin
509 329 533 353 301 341 1 ar
466 381 490 405 121 161 1 ar
485 384 gm
513 349 lin
616 240 640 264 111 151 1 ar
676 188 700 212 291 331 1 ar
679 207 gm
636 244 lin
616 329 640 353 29 69 1 ar
676 381 700 405 209 249 1 ar
679 385 gm
636 348 lin
742 90 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
2 fs
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
-0.26438 0.(Figure 3-2:)ashow
742 162 gm
-0.07304 0.(The FTAM Virtual File Store.)ashow
F T cp
%%Page: ? 32
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(29)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.95489 0. 32 0.09548 0.(With the FTAM Virtual)awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.69213 0. 32 0.06921 0.( File Store)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.65826 0. 32 0.06582 0.(, we have the same threats as those with real file)awidthshow
117 90 gm
-0.03237 0.(systems, and some more. Because the virtual file store is distributed globally it reaches)ashow
133 90 gm
-0.08695 0.(across organizational, administrative, social and cultural boundaries. Not all the parts of)ashow
149 90 gm
-0.09107 0.(the system are controlled by the same organization or even by the same laws and ethics.)ashow
165 90 gm
-0.08709 0.(This brings with it new worries that did not exist with a local real file store.)ashow
197 90 gm
-0.04681 0.(With the virtual file store we need the same kind of security as in real file systems with)ashow
213 90 gm
0.55053 0. 32 0.05505 0.(sufficient granularity for being able to enforce these restrictions on individual users,)awidthshow
229 90 gm
0.14144 0. 32 0.01414 0.(groups of users, and types of use. However, in a global open environment the number)awidthshow
245 90 gm
0.62438 0. 32 0.06243 0.(of users who could attack the system is much greater and even in legitimate use the)awidthshow
261 90 gm
-0.07983 0.(often confidential data has to be transferred across an untrusted network.)ashow
293 90 gm
-0.06362 0.(While in a local environment we can normally rely on the user IDs as a basis for access)ashow
309 90 gm
0.11520 0. 32 0.01152 0.(control, in a distributed environment we need strong )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.16769 0. 32 0.01676 0.(Peer Entity Authentication)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.06790 0. 32 0.00679 0.( \(for a)awidthshow
325 90 gm
0.38497 0. 32 0.03849 0.(definition of Strong Authentication see 4.3\). Furthermore, we need to make sure that)awidthshow
341 90 gm
-0.03314 0.(the peer entity authenticated at the beginning of a session remains the same throughout)ashow
357 90 gm
0.32318 0. 32 0.03231 0.(the session.)awidthshow
389 90 gm
-0.08018 0.(This means tieing )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.08142 0.(Connection Integrity)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.07444 0.( with )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.08247 0.(Authentication)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.08168 0.( in such a way that a change)ashow
405 90 gm
-0.09924 0.(of the peer entity at any time will be detected. The integrity function needs to make sure)ashow
421 90 gm
0.80841 0. 32 0.08084 0.(that the whole data stream is intact, that is no part of it has been changed, omitted,)awidthshow
437 90 gm
-0.01441 0.(duplicated or misplaced. With FTAM \(and VT\) the purpose of the integrity function is)ashow
453 90 gm
0.87127 0. 32 0.08712 0.(not only to protect the integrity of the data being transferred but also to extend the)awidthshow
469 90 gm
-0.11431 0.(authentication of the peer entity from a one-time operation to cover the whole session.)ashow
501 90 gm
0.80780 0. 32 0.08078 0.(If the data being accessed is confidential, then a Confidentiality function should be)awidthshow
517 90 gm
1.49261 0. 32 0.14926 0.(invoked. With services such as FTAM and VT non-repudiation is usually not an)awidthshow
533 90 gm
0.24902 0. 32 0.02490 0.(important issue, undisputability being a property of the data itself and independent of)awidthshow
549 90 gm
-0.07255 0.(the way the data is transferred.)ashow
581 90 gm
1.14852 0. 32 0.11485 0.(Based on the above discussion, it can be claimed that the most important security)awidthshow
597 90 gm
0.02136 0. 32 0.00213 0.(functions needed with FTAM \(and VT\) are \(in this order\): )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.03311 0. 32 0.00331 0.(Peer Entity Authentication)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
613 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.08232 0.(Connection Integrity)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.07250 0.(, and )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.08282 0.(Connection Confidentiality)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(.)show
645 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(3.2.2)ashow
645 126 gm
2.61138 0. 32 0.26113 0.(Security Requirements of the Directory)awidthshow
677 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.10345 0. 32 0.01034 0.(The same Authentication, Access Control, Confidentiality and Integrity functions that)awidthshow
693 90 gm
0.91491 0. 32 0.09149 0.(are needed with FTAM and VT are also needed when using the Directory Service.)awidthshow
709 90 gm
0.21560 0. 32 0.02156 0.(While the Directory plays an important role in most OSI applications as the means of)awidthshow
725 90 gm
0.91217 0. 32 0.09121 0.(finding various services and distributing authentication information [X.500, X.509,)awidthshow
741 90 gm
-0.05693 0.(IS9594-1,8], it is also itself an OSI application that needs to be secured.)ashow
F T cp
%%Page: ? 33
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(30)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.69839 0. 32 0.06983 0.(Secure use of the Directory is important because not necessarily all the information)awidthshow
117 90 gm
-0.00967 0.(stored in the Directory is public and some of it needs to be protected against modifica-)ashow
133 90 gm
-0.10676 0.(tion. The main distinction between the Directory and FTAM is that the use of the Direc-)ashow
149 90 gm
0.17883 0. 32 0.01788 0.(tory is most naturally based on connectionless communication service, even though it)awidthshow
165 90 gm
0.12359 0. 32 0.01235 0.(currently still is running on the )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.21148 0. 32 0.02114 0.(Remote Operations Service Element)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.04470 0. 32 0.00447 0.( \()awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.05627 0.(ROSE)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.20050 0. 32 0.02005 0.(\) [IS9072-)awidthshow
181 90 gm
0.54550 0. 32 0.05455 0.(1,2, X.219, X.229] and connection-oriented protocols from the transport layer up. A)awidthshow
197 90 gm
-0.02775 0.(closer analysis of the Directory should reveal something applicable to, at least, )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.04304 0.(Remote)ashow
213 90 gm
-0.01585 0.(Database Access)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
( \()show
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.02265 0.(RDA)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.01359 0.(\) [IS9579-1,2], )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.01516 0.(Job Transfer and Manipulation)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
( \()show
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.02136 0.(JTM)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.01574 0.(\) [IS8831,)ashow
229 90 gm
-0.02996 0.(IS8832], and )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.03541 0.(Network Management)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.03063 0.( \(for an overview and some more detailed informa-)ashow
245 90 gm
0.27572 0. 32 0.02757 0.(tion on systems management, see e.g. [IS10040, CPW89, IS9595, IS9596]\).)awidthshow
277 90 gm
1.16790 0. 32 0.11679 0.(One of the main obstacles for a wide acceptance of a global distributed Directory)awidthshow
293 90 gm
-0.06936 0.(Service is that most companies do not want to reveal the details of their internal organi-)ashow
309 90 gm
1.21261 0. 32 0.12126 0.(zation, personnel etc. to their competitors. This would be the same as making the)awidthshow
325 90 gm
0.57861 0. 32 0.05786 0.(company's internal telephone catalogue public and, furthermore, distributing it in an)awidthshow
341 90 gm
-0.11604 0.(electronic form ready for duplication and automatic processing.)ashow
373 90 gm
-0.02867 0.(What is needed in a typical large company is a secure directory server, being under the)ashow
389 90 gm
0.61889 0. 32 0.06188 0.(control of the company but forming a part of the global directory system, that gives)awidthshow
405 90 gm
0.43685 0. 32 0.04368 0.(each user secure access to precisely the information that he is entitled to access. The)awidthshow
421 90 gm
-0.01966 0.(secure use of the directory service appears to be a necessary prerequisite for the prolif-)ashow
437 90 gm
-0.08079 0.(eration of the whole service.)ashow
469 90 gm
0.12664 0. 32 0.01266 0.(Data Origin Authentication needs to be applied to each message in order to assure the)awidthshow
485 90 gm
1.18560 0. 32 0.11856 0.(directory server that the request came from the user claimed and the user that the)awidthshow
501 90 gm
0.07202 0. 32 0.00720 0.(response actually came from the directory server claimed. This gives the server a firm)awidthshow
517 90 gm
0.16387 0. 32 0.01638 0.(basis for applying access control and the user an idea of the degree of confidence that)awidthshow
533 90 gm
-0.11239 0.(he can have in the correctness of the information received.)ashow
565 90 gm
-0.09826 0.(As with virtually any application, data origin authentication would be worthless without)ashow
581 90 gm
0.34835 0. 32 0.03483 0.(an associated data integrity function. Integrity together with Authentication gives the)awidthshow
597 90 gm
-0.07778 0.(user and server an assurance of that the request or reply received has not been tampered)ashow
613 90 gm
-0.01423 0.(with \(e.g. by an enemy within the network\).)ashow
645 90 gm
-0.03665 0.(The Confidentiality Function is needed when critical data stored within the directory is)ashow
661 90 gm
0.25360 0. 32 0.02536 0.(accessed. Usually this is not as important an issue as Authentication and Integrity are)awidthshow
677 90 gm
-0.06886 0.(because it is much more difficult and less efficient for an enemy to wait for the piece of)ashow
693 90 gm
0.43411 0. 32 0.04341 0.(confidential information that he wants to get to pass by than it would be to ask for it)awidthshow
709 90 gm
-0.00166 0.(directly from the directory. In any case, a data confidentiality function is needed when)ashow
725 90 gm
-0.11668 0.(accessing the most critical pieces of information stored in the directory.)ashow
F T cp
%%Page: ? 34
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(31)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.02157 0.(Based on the above discussion, it can be claimed that when accessing the Directory, or)ashow
117 90 gm
-0.08515 0.(a remote database, the most important security functions are the following: )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.10531 0.(Data Origin)ashow
133 90 gm
-0.08647 0.(Authentication)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.05140 0.(, )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.08398 0.(Connectionless Integrity)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.07518 0.(, and )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.08471 0.(Connectionless Confidentiality)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.08961 0.(. These are)ashow
149 90 gm
-0.08612 0.(simply the connectionless versions of the functions needed with FTAM, JTM and VT.)ashow
181 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(3.2.3)ashow
181 126 gm
2.83096 0. 32 0.28309 0.(Security Requirements of the Message Handling System)awidthshow
213 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.02890 0. 32 0.10289 0.(The by far most significant relayed information service today is the CCITT X.400)awidthshow
229 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.44479 0. 32 0.04447 0.(Message Handling System)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.08804 0. 32 0.00880 0.( \()awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.12416 0.(MHS)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.19409 0. 32 0.01940 0.(\) or, in ISO terms, the )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.37521 0. 32 0.03752 0.(Message Oriented Text Inter-)awidthshow
245 90 gm
-0.03749 0.(change System)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
( \()show
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.04850 0.(MOTIS)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.03349 0.(\). One of the most important applications of MHS is )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.03813 0.(Electronic)ashow
261 90 gm
0.77148 0. 32 0.07714 0.(Data Interchange)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.13763 0. 32 0.01376 0.( \()awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.15725 0.(EDI)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.45730 0. 32 0.04573 0.(\) aiming to replace a large part of inter-corporate documents,)awidthshow
277 90 gm
-0.08731 0.(currently transferred on paper, with electronic trade documents.)ashow
309 90 gm
-0.11802 0.(Among the security threats associated with MHS are the following:)ashow
341 90 gm
(-)show
341 126 gm
-0.12776 0.(A recipient making a false claim of the origin of a message.)ashow
373 90 gm
(-)show
373 126 gm
-0.05999 0.(The sender falsely denying the submission of a message.)ashow
405 90 gm
(-)show
405 126 gm
-0.08883 0.(Somebody falsely acknowledging the receipt of a message.)ashow
437 90 gm
(-)show
437 126 gm
-0.12104 0.(The recipient falsely denying the receipt of a message.)ashow
469 90 gm
(-)show
469 126 gm
0.24597 0. 32 0.02459 0.(Somebody impersonating as another user of the MTS \(a UA impersonating as)awidthshow
485 126 gm
-0.12472 0.(another UA to an MTA\).)ashow
517 90 gm
(-)show
517 126 gm
-0.14234 0.(An MTA impersonating as another MTA \(to the user or to another MTA\).)ashow
549 90 gm
-0.10060 0.(Security of the MHS can be divided into two parts:)ashow
581 90 gm
(-)show
581 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.00326 0. 32 0.10032 0.(Hop-by-hop security)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.71060 0. 32 0.07106 0.(, focusing on communications between two consecutive)awidthshow
597 126 gm
-0.01809 0.(agents of the MHS.)ashow
629 90 gm
(-)show
629 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.04232 0.(End-to-end security)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.04179 0.(, which mainly belongs to the domain of applications and is)ashow
645 126 gm
-0.04783 0.(therefore beyond the scopes of both OSI and this study.)ashow
677 90 gm
-0.00993 0.(While an individual user is mainly interested in the end-to-end security of his message)ashow
693 90 gm
0.79330 0. 32 0.07933 0.(\(the first four threats listed above\), a company using or providing the MHS service)awidthshow
709 90 gm
0.42633 0. 32 0.04263 0.(should be interested in both aspects of MHS security \(including the last two security)awidthshow
725 90 gm
-0.07716 0.(threats listed above\).)ashow
F T cp
%%Page: ? 35
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(32)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.06022 0.(Hop-by-hop security of MHS is important for several reasons:)ashow
133 90 gm
(-)show
133 126 gm
-0.07084 0.(In order to guarantee that messages are ultimately delivered to their right recipi-)ashow
149 126 gm
0.24902 0. 32 0.02490 0.(ents it is important that an MHS agent shall not forward messages to anybody)awidthshow
165 126 gm
-0.09533 0.(but the right peer agent.)ashow
197 90 gm
(-)show
197 126 gm
0.17440 0. 32 0.01744 0.(Even if a message is encrypted it should not be exposed to an untrusted agent.)awidthshow
213 126 gm
-0.09419 0.(An enemy with access to the message stream could, for example, easily perform)ashow
229 126 gm
0.31112 0. 32 0.03111 0.(extensive traffic analysis based on the addresses on the cleartext envelopes or)awidthshow
245 126 gm
2.17361 0. 32 0.21736 0.(make a serious attempt to break the encrypted messages assumed to be)awidthshow
261 126 gm
-0.10688 0.(important based on the envelope information.)ashow
293 90 gm
(-)show
293 126 gm
-0.00723 0.(For a long time yet, most messages will be unencrypted. While these messages)ashow
309 126 gm
-0.07562 0.(may not be overly critical they should by no means be entrusted to just anybody)ashow
325 126 gm
1.28936 0. 32 0.12893 0.(or subjected to easy alteration by the network. While the interacting MHS)awidthshow
341 126 gm
-0.05169 0.(agents are not all trustworthy they still pose a very small security risk compares)ashow
357 126 gm
-0.10299 0.(with that posed by all the other parties connected to the same network.)ashow
389 90 gm
0.16128 0. 32 0.01612 0.(Currently, there is a lot of ongoing activity in the area of the security of MHS and the)awidthshow
405 90 gm
1.92581 0. 32 0.19258 0.(latest blue book recommendations \([X.400] and others\) include several security)awidthshow
421 90 gm
1.34979 0. 32 0.13497 0.(features. The work is still far from mature. For a concise critical study on X.400)awidthshow
437 90 gm
0.00961 0. 32 0.00096 0.(security see e.g. [Mit90].)awidthshow
469 90 gm
0.46264 0. 32 0.04626 0.(The security requirements of the connection between two agents of an MHS are to a)awidthshow
485 90 gm
0.20278 0. 32 0.02027 0.(great extent the same as those of FTAM and VT. First the two communicating agents)awidthshow
501 90 gm
-0.04182 0.(need to perform strong mutual authentication. Just like with FTAM, this authentication)ashow
517 90 gm
-0.08076 0.(can be extended by employing an integrity function closely coupled with authentication)ashow
533 90 gm
1.62948 0. 32 0.16294 0.(this function also protects the transferred message stream from modifications. A)awidthshow
549 90 gm
-0.00201 0.(confidentiality function can also be employed to protect against revealing the message)ashow
565 90 gm
0.26885 0. 32 0.02688 0.(flow or contents of individual, unencrypted messages. Also with MHS access control)awidthshow
581 90 gm
0.81466 0. 32 0.08146 0.(is left to the application and hop-by-hop non-repudiation is usually of little interest)awidthshow
597 90 gm
-0.09516 0.(\(except at the boundaries between operators of interconnected MHS services\).)ashow
629 90 gm
0.12985 0. 32 0.01298 0.(End-to-end security in MHS is concerned with individual messages transferred by the)awidthshow
645 90 gm
-0.06076 0.(MHS. Each of these messages has associated with it a security context of its own.)ashow
677 90 gm
0.27557 0. 32 0.02755 0.(Especially in EDI, but also in the exchange of free format documents, instead of data)awidthshow
693 90 gm
1.39846 0. 32 0.13984 0.(origin authentication the stronger function of non-repudiation of origin is usually)awidthshow
709 90 gm
-0.07989 0.(required. In order to make electronic commitments it is not enough to know the identity)ashow
725 90 gm
-0.01728 0.(of the other party but we also need to be able to show this to an impartial judge in case)ashow
741 90 gm
0.17272 0. 32 0.01727 0.(of dispute.)awidthshow
F T cp
%%Page: ? 36
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(33)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.43005 0. 32 0.14300 0.(As always, non-repudiation is impossible without integrity. Therefore integrity is)awidthshow
117 90 gm
0.64453 0. 32 0.06445 0.(implied by non-repudiation. Integrity is also often required when non-repudiation is)awidthshow
133 90 gm
0.22203 0.(not.)ashow
165 90 gm
0.43060 0. 32 0.04306 0.(End-to-end confidentiality is always required with truly confidential messages, since)awidthshow
181 90 gm
-0.08737 0.(not all of the MHS agents handling the message along its way can be trusted.)ashow
213 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(3.2.4)ashow
213 126 gm
2.49969 0. 32 0.24996 0.(Summary of the Security Requirements)awidthshow
245 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.68466 0. 32 0.06846 0.(Basically, the security functions needed by the two main categories of OSI services)awidthshow
261 90 gm
-0.08006 0.(\()ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.10197 0.(connection-oriented)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.09353 0.( and )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.10116 0.(connectionless)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.09933 0.( services\) appear to be approximately the same,)ashow
277 90 gm
0.65811 0. 32 0.06581 0.(the main distinction being that in the former case the security context applies to the)awidthshow
293 90 gm
-0.04685 0.(entire connection whereas in the latter case each message \(or each request-reply pair of)ashow
309 90 gm
2.51266 0. 32 0.25126 0.(messages\) has a security context of its own and that connection-oriented and)awidthshow
325 90 gm
0.60760 0. 32 0.06076 0.(connectionless versions of the security functions \(respectively\) are needed. Also the)awidthshow
341 90 gm
-0.01252 0.(security requirements of the third category \()ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.01295 0.(relayed services)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.01348 0.(\) on each hop are approxi-)ashow
357 90 gm
-0.11608 0.(mately the same as the security requirements of connection-oriented services.)ashow
389 90 gm
-0.00234 0.(This observation seems to support the view that security, indeed, should be an integral)ashow
405 90 gm
0.08071 0. 32 0.00807 0.(part of the communications service provided by the OSI system. It also shows that we)awidthshow
421 90 gm
0.15289 0. 32 0.01528 0.(should look for ways of unifying the connection-oriented and connectionless versions)awidthshow
437 90 gm
0.04287 0. 32 0.00428 0.(of security functions. True end-to-end security in relayed services falls mainly outside)awidthshow
453 90 gm
-0.01339 0.(the scope of this study.)ashow
488 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(3.3)ashow
488 126 gm
3.94027 0. 32 0.39402 0.(Security Functions)awidthshow
520 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.70938 0. 32 0.07093 0.(Even though it is difficult to prioritize the OSI security functions, as their priorities)awidthshow
536 90 gm
0.78323 0. 32 0.07832 0.(depend on the specific user, type of use and application, some general conclusions,)awidthshow
552 90 gm
-0.06964 0.(based on the above discussion, can be made:)ashow
584 90 gm
(-)show
584 126 gm
-0.06585 0.(With the connectivity offered by today's integrating networks, reliable )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.07553 0.(authenti-)ashow
600 126 gm
0.09169 0.(cation)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.32943 0. 32 0.03294 0.( appears to be the most urgent need. With current technologies, such as)awidthshow
616 126 gm
0.36056 0. 32 0.03605 0.(the use of passwords on sessions and reserved fields in E-mail messages, it is)awidthshow
632 126 gm
-0.06748 0.(very easy to e.g. log in a service or send E-mail under a false identity.)ashow
664 90 gm
(-)show
664 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.00692 0.(Data integrity)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.00675 0.( is of paramount interest in virtually any information service. All)ashow
680 126 gm
1.71463 0. 32 0.17146 0.(essential data has to be secured against both accidental and premeditated)awidthshow
696 126 gm
0.48339 0. 32 0.04833 0.(tampering. Even data that is not valuable for an outsider can be manipulated,)awidthshow
712 126 gm
-0.07136 0.(systematically or at random, by e.g. a competitor or a casual hacker.)ashow
F T cp
%%Page: ? 37
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(34)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(-)show
101 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.03723 0. 32 0.00372 0.(Data confidentiality)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.01892 0. 32 0.00189 0.( is usually less critical an issue than data integrity. Most of)awidthshow
117 126 gm
0.05645 0. 32 0.00564 0.(the data transferred across a network is not very interesting for an outsider and)awidthshow
133 126 gm
1.17355 0. 32 0.11735 0.(usually the sheer bulk of it makes it difficult to find the relevant pieces of)awidthshow
149 126 gm
0.77163 0. 32 0.07716 0.(information. However, a part of the information transferred through the net-)awidthshow
165 126 gm
0.49285 0. 32 0.04928 0.(work is critical and needs to be encrypted. Among the most critical pieces of)awidthshow
181 126 gm
0.68283 0. 32 0.06828 0.(information are encryption keys distributed through the network. Sometimes)awidthshow
197 126 gm
0.46508 0. 32 0.04650 0.(entire documents, such as offers and sales reports, need to be protected. Also)awidthshow
213 126 gm
-0.10118 0.(bank transactions are usually confidential.)ashow
245 90 gm
(-)show
245 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.52841 0. 32 0.05284 0.(Non-repudiation )awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.29525 0. 32 0.02952 0.(is a very difficult area because of the legal aspects involved.)awidthshow
261 126 gm
-0.03285 0.(Electronic commitments are also to a great extent application-dependent. How-)ashow
277 126 gm
1.38824 0. 32 0.13882 0.(ever, a )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
3.58993 0. 32 0.35899 0.(Generic Non-repudiation Function)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.93115 0. 32 0.19311 0.(, offering the service of non-)awidthshow
293 126 gm
1.04461 0. 32 0.10446 0.(repudiation of an Application Protocol Data Unit without any regard to the)awidthshow
309 126 gm
-0.10607 0.(semantics of the information transferred, can be included in the service provided)ashow
325 126 gm
0.06591 0. 32 0.00659 0.(by the OSI, as proposed in section 3.5.)awidthshow
357 90 gm
(-)show
357 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.04959 0. 32 0.00495 0.(Access control)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.03189 0. 32 0.00318 0.( is a "function" belonging mainly to the domains of applications)awidthshow
373 126 gm
1.28112 0. 32 0.12811 0.(and management. Based on reliable authentication, it is relatively straight-)awidthshow
389 126 gm
-0.06932 0.(forward to check the privileges of the user and allow him the appropriate access)ashow
405 126 gm
-0.08830 0.(to the service. Access control only is a service from the information service pro-)ashow
421 126 gm
0.06912 0. 32 0.00691 0.(vider's point of view \320 as seen by the user it is rather a restriction. Access con-)awidthshow
437 126 gm
-0.04727 0.(trol can also be applied at various layers of OSI, as pointed out in section 4.5.2.)ashow
0 0 gm
(nc 464 166 583 427 6 rc)kp
64 gr
542 225 576 373 1 rc
1 2 lw
0 gr
542.5 225.5 575.5 372.5 0 rc
1 1 lw
0 0 pen
408 458 gm
408 458 lin
557 256 gm
1 setTxMode
bu fc
2 F /|______Times-Roman fnt
bn
-0.20579 0.(authenticated and)ashow
569 260 gm
-0.19735 0.(integral channel)ashow
0 gr
552 217 564 229 160 200 1 ar
1 1 pen
558 193 gm
558 218 lin
552 398 564 410 160 200 1 ar
558 374 gm
558 399 lin
569 398 581 410 173 213 1 ar
568 374 gm
573 399 lin
536 398 548 410 147 187 1 ar
549 374 gm
543 399 lin
64 gr
471 225 505 373 1 rc
1 2 lw
0 gr
471.5 225.5 504.5 372.5 0 rc
1 1 lw
0 0 pen
543 399 lin
491 249 gm
1 setTxMode
-0.19050 0.(confidential channel)ashow
0 gr
482 215 494 227 160 200 1 ar
1 1 pen
488 192 gm
488 216 lin
473 215 485 227 175 215 1 ar
471 192 gm
477 216 lin
491 215 503 227 147 187 1 ar
504 192 gm
498 216 lin
481 400 493 412 160 200 1 ar
487 376 gm
487 401 lin
473 169 gm
1 setTxMode
(A)show
491 169 gm
(B)show
510 169 gm
(C)show
491 414 gm
(D)show
561 169 gm
(A)show
543 415 gm
(B)show
561 415 gm
(C)show
580 415 gm
(D)show
621 90 gm
(nc 30 28 811 566 6 rc)kp
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.26438 0.(Figure 3-3:)ashow
621 162 gm
-0.17376 0.(Confidential and Integral channels [Rue91].)ashow
653 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.12411 0. 32 0.11241 0.(Figure 3-3 Illustrates the functions of confidentiality, authenticity and integrity. A)awidthshow
669 90 gm
0.45623 0. 32 0.04562 0.(confidential channel is one that anybody \(in this case A, B and C\) can write into but)awidthshow
685 90 gm
-0.10382 0.(only the legitimate recipient \(D\) can read from. An authenticated and integral channel is)ashow
701 90 gm
-0.04463 0.(one that only the legitimate sender \(A\) can write into but anybody \(B, C or D\) can read)ashow
717 90 gm
1.01669 0. 32 0.10166 0.(from. These channels can be either physically protected \(e.g. optical transmissions)awidthshow
733 90 gm
-0.03276 0.(systems with just one receiver or transmitter\) or cryptographic channels. They can also)ashow
749 90 gm
-0.09947 0.(be formalized.)ashow
F T cp
%%Page: ? 38
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(35)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.94207 0. 32 0.09420 0.([Sim84] provides the basis of systematic study of authenticity. The topic is further)awidthshow
117 90 gm
0.65124 0. 32 0.06512 0.(elaborated on e.g. in [Sim88]. OSI security standards now include a fairly complete)awidthshow
133 90 gm
1.15356 0. 32 0.11535 0.(Authentication Framework [IS10181-2]. The corresponding other frameworks \(the)awidthshow
149 90 gm
-0.03469 0.(Integrity Framework [ISO90d] and the Non-repudiation Framework [ISO90e]\) are still)ashow
165 90 gm
-0.06663 0.(rather early drafts.)ashow
197 90 gm
-0.07301 0.(For example Integrity alone is useless, it must always be combined with Authentication)ashow
213 90 gm
0.37521 0. 32 0.03752 0.(to be of any real value. If we cannot be sure of the identity of the other party, it is of)awidthshow
229 90 gm
2.05352 0. 32 0.20535 0.(little value to us to know that the data has not been tampered with. Similarly,)awidthshow
245 90 gm
0.59829 0. 32 0.05982 0.(Authentication is of little value without Integrity. If we do not know that the data is)awidthshow
261 90 gm
-0.04847 0.(intact it is not worth much for us to know who sent it.)ashow
293 90 gm
0.04745 0. 32 0.00474 0.(It is easy to annul the effect of either of these two functions unless they are combined.)awidthshow
309 90 gm
-0.04560 0.(Consider an active attack against the security of communication between two parties A)ashow
325 90 gm
0.17517 0. 32 0.01751 0.(and B launched by enemy X, connected between A and B and capable of intercepting)awidthshow
341 90 gm
0.74142 0. 32 0.07414 0.(all traffic between these two parties. X can be e.g. an untrusted router between two)awidthshow
357 90 gm
0.12707 0.(networks.)ashow
389 90 gm
0.02182 0. 32 0.00218 0.(Suppose the enemy X intercepts an authenticated message from A to B. If no integrity)awidthshow
405 90 gm
0.05401 0. 32 0.00540 0.(function is provided X can now change the information contents of the message while)awidthshow
421 90 gm
-0.07186 0.(leaving the authentication information intact. B now checks the authentication informa-)ashow
437 90 gm
-0.10922 0.(tion and assumes that the message came from A when it actually did come from X.)ashow
469 90 gm
1.38641 0. 32 0.13864 0.(Also, in case of connection-oriented communication, X can let the authentication)awidthshow
485 90 gm
0.83633 0. 32 0.08363 0.(exchange between A and B pass through unmodified. When the real information is)awidthshow
501 90 gm
1.63406 0. 32 0.16340 0.(exchanged, X can intercept these messages and modify them as it pleases, if no)awidthshow
517 90 gm
-0.07652 0.(integrity function is provided.)ashow
549 90 gm
0.31448 0. 32 0.03144 0.(Similarly, if only integrity but no authentication is provided X can intercept the mes-)awidthshow
565 90 gm
0.10955 0. 32 0.01095 0.(sages and send them on as his own. B now believes that it got the information from X)awidthshow
581 90 gm
0.03570 0. 32 0.00357 0.(when it actually came from A. If this information happens to be, for example, a patent)awidthshow
597 90 gm
-0.09078 0.(application the consequences can be serious.)ashow
629 90 gm
0.26657 0. 32 0.02665 0.(In order to protect against these attacks authentication and integrity should always be)awidthshow
645 90 gm
-0.09231 0.(provided together. During the authentication exchange a common security context is set)ashow
661 90 gm
0.30639 0. 32 0.03063 0.(up between the mutually authenticated parties in such a way as to keep it secret from)awidthshow
677 90 gm
1.95480 0. 32 0.19548 0.(everybody else. This means exchanging confidential information \(pair-wise key)awidthshow
693 90 gm
0.10025 0. 32 0.01002 0.(values\), included in the security context, as a part of the authentication exchange. The)awidthshow
709 90 gm
0.02365 0. 32 0.00236 0.(authentication exchange is performed in one security context, that is one including the)awidthshow
725 90 gm
0.00839 0. 32 0.00083 0.(certified public key pairs of the authenticating parties. In this security context, another)awidthshow
741 90 gm
0.52886 0. 32 0.05288 0.(security context, lasting for the duration of the connection, is set up and can then be)awidthshow
757 90 gm
1.16409 0. 32 0.11640 0.(used in subsequent communications. Because only the two mutually authenticated)awidthshow
F T cp
%%Page: ? 39
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(36)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01045 0.(parties know this security context, communications in it provide not only integrity and)ashow
101 90 gm
-0.14752 0.(confidentiality but also continued mutual authentication.)ashow
133 90 gm
1.13998 0. 32 0.11399 0.(A secure session \(e.g. between an FTAM user and his server or between a virtual)awidthshow
149 90 gm
-0.09513 0.(terminal and a host computer\) should proceed as follows:)ashow
181 90 gm
(-)show
181 126 gm
-0.01542 0.(When opening the session mutual strong authentication takes place. It is essen-)ashow
197 126 gm
0.56030 0. 32 0.05603 0.(tial that a fresh )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.22499 0.(pairwise)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.77148 0. 32 0.07714 0.( \(that is one shared by only the two communicating)awidthshow
213 126 gm
-0.06547 0.(parties\) session key be securely exchanged during this procedure.)ashow
245 90 gm
(-)show
245 126 gm
0.72021 0. 32 0.07202 0.(This session key can be used in subsequent communications for purposes of)awidthshow
261 126 gm
-0.11753 0.(continued authentication as well as data integrity and confidentiality in a manner)ashow
277 126 gm
-0.13169 0.(explained in more detail in the appendix.)ashow
309 90 gm
(-)show
309 126 gm
2.09548 0. 32 0.20954 0.(Finally, the session is gracefully closed in such a way that no data can)awidthshow
325 126 gm
-0.09350 0.(undetected be omitted from the end of the session.)ashow
357 90 gm
(-)show
357 126 gm
0.32836 0. 32 0.03283 0.(Optionally, a digital signature scheme can be employed if parts of the session)awidthshow
373 126 gm
-0.14770 0.(include commitments that may need to be verified \(by an impartial judge\) later.)ashow
405 90 gm
0.51071 0. 32 0.05107 0.(There are a number of security contexts that can be involved in this process. Firstly,)awidthshow
421 90 gm
0.58181 0. 32 0.05818 0.(there is the security context between the user and his CA, where the user knows the)awidthshow
437 90 gm
0.10162 0. 32 0.01016 0.(public key of his CA and can check the certificates of the public keys of other parties.)awidthshow
453 90 gm
0.50918 0. 32 0.05091 0.(Secondly, there is the security context between the two parties knowing each other's)awidthshow
469 90 gm
-0.06327 0.(public keys, certified by the CAs, and therefore being able to mutually authenticate and)ashow
485 90 gm
0.80047 0. 32 0.08004 0.(exchange information confidentially and retaining its integrity. Thirdly, there is the)awidthshow
501 90 gm
-0.10942 0.(security context established during the authentication exchange, to be used on the newly)ashow
517 90 gm
0.48843 0. 32 0.04884 0.(established connection. Lastly, another security context, the union of the second and)awidthshow
533 90 gm
0.02243 0. 32 0.00224 0.(third context, can be used for making confidential commitments on this connection by)awidthshow
549 90 gm
0.48934 0. 32 0.04893 0.(using the second context for signing and the third context for ensuring the confiden-)awidthshow
565 90 gm
0.66452 0. 32 0.06645 0.(tiality of the messages exchanged. The security contexts employed are illustrated in)awidthshow
581 90 gm
1 2 lw
(figure 3-4 below.)show
0 0 gm
(nc 600 125 712 468 6 rc)kp
0 gr
635 160 647 172 59 99 1 ar
611.5 166.5 670.5 401.5 90 172 0 ar
1 1 lw
0 0 pen
624 210 gm
624 210 lin
64 gr
611 166 671 400 0 90 1 ar
1 2 lw
1 1 pen
0 gr
611.5 166.5 670.5 399.5 0 90 0 ar
1 1 lw
0 0 pen
624 210 lin
64 gr
600 126 649 175 1 ov
1 2 lw
1 1 pen
0 gr
600.5 126.5 648.5 174.5 0 ov
1 1 lw
0 0 pen
624 210 lin
64 gr
602 128 647 173 1 ov
1 2 lw
1 1 pen
0 gr
602.5 128.5 646.5 172.5 0 ov
1 1 lw
0 0 pen
624 210 lin
627 136 gm
1.16259 0 rmoveto
1 setTxMode
bu fc
2 F /|______Times-Roman fnt
bn
(S.C. 1)show
64 gr
602 216 647 260 1 ov
1 2 lw
1 1 pen
0 gr
602.5 216.5 646.5 259.5 0 ov
1 1 lw
0 0 pen
630 136 gm
630 136 lin
627 223 gm
1.16259 0 rmoveto
1 setTxMode
(S.C. 2)show
64 gr
602 304 647 349 1 ov
1 2 lw
1 1 pen
0 gr
602.5 304.5 646.5 348.5 0 ov
1 1 lw
0 0 pen
630 223 gm
630 223 lin
627 311 gm
1.16259 0 rmoveto
1 setTxMode
(S.C. 3)show
64 gr
602 392 647 437 1 ov
1 2 lw
1 1 pen
0 gr
602.5 392.5 646.5 436.5 0 ov
1 1 lw
0 0 pen
630 311 gm
630 311 lin
627 399 gm
1.16259 0 rmoveto
1 setTxMode
(S.C. 4)show
0 gr
618 209 630 221 160 200 1 ar
1 1 pen
624 174 gm
624 210 lin
618 297 630 309 160 200 1 ar
624 260 gm
624 298 lin
618 385 630 397 160 200 1 ar
624 348 gm
624 386 lin
693 418 gm
0.12475 0 rmoveto
1 setTxMode
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S,A)show
690 432 gm
0.39038 0 rmoveto
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(, K)show
690 365 gm
-0.12915 0.(A: {K)ashow
690 460 gm
(})show
690 403 gm
0.39038 0 rmoveto
(, K)show
693 446 gm
0.37194 0 rmoveto
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(P,B)show
693 390 gm
-0.50030 0.(AB)ashow
708 417 gm
0.37194 0 rmoveto
(S,B)show
705 432 gm
0.39038 0 rmoveto
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(, K)show
705 366 gm
-0.24182 0.(B: {K)ashow
705 460 gm
(})show
705 403 gm
0.39038 0 rmoveto
(, K)show
708 446 gm
0.12475 0 rmoveto
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(P,A)show
708 390 gm
-0.50030 0.(AB)ashow
690 305 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.12915 0.(A: {K)ashow
693 330 gm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.50030 0.(AB)ashow
690 343 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(})show
705 306 gm
-0.24182 0.(B: {K)ashow
708 330 gm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.50030 0.(AB)ashow
705 343 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(})show
693 228 gm
0.12475 0 rmoveto
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S,A)show
690 242 gm
0.39038 0 rmoveto
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(, K)show
690 202 gm
-0.12915 0.(A: {K)ashow
690 270 gm
(})show
693 256 gm
0.37194 0 rmoveto
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(P,B)show
708 227 gm
0.37194 0 rmoveto
(S,B)show
704 241 gm
0.39038 0 rmoveto
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(, K)show
705 202 gm
-0.24182 0.(B: {K)ashow
705 270 gm
(})show
708 255 gm
0.12475 0 rmoveto
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(P,A)show
690 125 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.12915 0.(A: {K)ashow
693 151 gm
0.12329 0 rmoveto
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(P,CA)show
690 171 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(})show
704 125 gm
-0.24182 0.(B: {K)ashow
708 150 gm
0.12329 0 rmoveto
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(P,CA)show
704 171 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(})show
741 90 gm
(nc 30 28 811 566 6 rc)kp
2 fs
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
-0.26438 0.(Figure 3-4:)ashow
741 162 gm
0.00869 0. 32 0.00086 0.(Switching between security contexts.)awidthshow
F T cp
%%Page: ? 40
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(37)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.25 0. 32 0.125 0.(The purpose of the approach proposed above is to keep things simple. The initial)awidthshow
117 90 gm
-0.05932 0.(security context is always required in order to be able to perform strong mutual authen-)ashow
133 90 gm
0.03677 0. 32 0.00367 0.(tication and securely agree on the security context to be used on the newly established)awidthshow
149 90 gm
-0.07875 0.(connection. For purposes of continued authentication, as well as integrity and confiden-)ashow
165 90 gm
1.36657 0. 32 0.13665 0.(tiality, the third security context, based on the agreed session key and symmetric)awidthshow
181 90 gm
1.19110 0. 32 0.11911 0.(cryptography, is much more efficient than the second security context used in the)awidthshow
197 90 gm
1.90582 0. 32 0.19058 0.(authentication exchange. If commitments must be made during the session it is)awidthshow
213 90 gm
1.12564 0. 32 0.11256 0.(necessary to employ a digital signature scheme in an appropriate security context.)awidthshow
229 90 gm
-0.04074 0.(Rather than establishing a new security context for this purpose, we can use the second)ashow
245 90 gm
-0.07572 0.(security context instead. This can be done either by employing a security context which)ashow
261 90 gm
1.02783 0. 32 0.10278 0.(is the union of the second and third context \(as described above\) or by alternating)awidthshow
277 90 gm
-0.07980 0.(between these two contexts \(as illustrated in figure 3-4\).)ashow
309 90 gm
-0.08728 0.(In connectionless communication each Data Unit has to carry with it all the information)ashow
325 90 gm
0.55618 0. 32 0.05561 0.(needed for Data Origin Authentication and Data Integrity. With connection-oriented)awidthshow
341 90 gm
-0.07707 0.(communication the same effect is achieved by securely exchanging a secret session key)ashow
357 90 gm
0.06881 0. 32 0.00688 0.(in connection with Peer Entity Authentication. This key can then be used to guarantee)awidthshow
373 90 gm
0.25772 0. 32 0.02577 0.(continued authentication and the integrity of each data unit, as well as the whole data)awidthshow
389 90 gm
0.17898 0. 32 0.01789 0.(stream, during subsequent communication. This ties the Confidentiality function with)awidthshow
405 90 gm
-0.14114 0.(Authentication and Integrity.)ashow
437 90 gm
1.03851 0. 32 0.10385 0.(While Integrity and Confidentiality are orthogonal functions they are usually most)awidthshow
453 90 gm
-0.11341 0.(naturally implemented by using the same mechanism for both.)ashow
485 90 gm
-0.11822 0.(Authentication and Non-Repudiation are not at all orthogonal but the former is a weaker)ashow
501 90 gm
0.37658 0. 32 0.03765 0.(version of the latter. With Authentication we )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.12696 0.(know)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.31661 0. 32 0.03166 0.( who the other party is, with Non-)awidthshow
517 90 gm
-0.10632 0.(repudiation we can also )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.11955 0.(prove)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.10208 0.( this to an impartial judge.)ashow
549 90 gm
1.61743 0. 32 0.16174 0.(Access Control is closely coupled with Authentication. We cannot apply Access)awidthshow
565 90 gm
-0.06092 0.(Control without knowing who the other party is. Access Control is not a function in the)ashow
581 90 gm
0.02120 0. 32 0.00212 0.(same sense as the other four are. The originating user can ask for the invocation of the)awidthshow
597 90 gm
0.11901 0. 32 0.01190 0.(other functions when opening the communication whereas Access Control is imposed)awidthshow
613 90 gm
0.28976 0. 32 0.02897 0.(on the user by the communication service provider or the responding party. From the)awidthshow
629 90 gm
-0.05841 0.(user's point-of-view Access Control is a restriction rather than a service.)ashow
661 90 gm
0.14526 0. 32 0.01452 0.(Based on the above discussion, it can be stated that the security functions listed in the)awidthshow
677 90 gm
0.26626 0. 32 0.02662 0.(OSI Security Architecture are an ad-hoc enumeration of security-related issues rather)awidthshow
693 90 gm
0.16113 0. 32 0.01611 0.(than a well thought-out list of orthogonal elements of security. The three real security)awidthshow
709 90 gm
-0.00608 0.(functions appear to be )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.00646 0.(Authentication)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(, )show
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.00588 0.(Integrity)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
( and )show
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.00614 0.(Confidentiality)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.00692 0.( while Non-repudi-)ashow
725 90 gm
0.08605 0. 32 0.00860 0.(ation can be viewed as a stronger version of Authentication and Access Control really)awidthshow
741 90 gm
1.27670 0. 32 0.12767 0.(should be left to systems management and various applications, based on reliable)awidthshow
757 90 gm
-0.08271 0.(authentication of the service user \(and his end-system\).)ashow
F T cp
%%Page: ? 41
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(38)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.10209 0.(The orthogonality of the three basic security functions implies that it is generally a good)ashow
117 90 gm
0.10604 0. 32 0.01060 0.(practice to use independent key values for different purposes. For example, the public)awidthshow
133 90 gm
-0.07441 0.(key pair used for authentication should be separate from the key pair used for confiden-)ashow
149 90 gm
0.95260 0. 32 0.09526 0.(tiality, even though these two functions often are based on the same cryptographic)awidthshow
165 90 gm
-0.07192 0.(mechanism.)ashow
197 90 gm
0.19119 0. 32 0.01911 0.(As a summary it can be stated that the three most important security functions of OSI)awidthshow
213 90 gm
0.96481 0. 32 0.09648 0.(are Authentication, Integrity and Confidentiality, in this order, and that these three)awidthshow
229 90 gm
0.53863 0. 32 0.05386 0.(should be provided by the OSI protocol stack, either on the request of the user or as)awidthshow
245 90 gm
-0.02214 0.(dictated by the Security Policy and management, in both their connection-oriented and)ashow
261 90 gm
-0.03137 0.(connectionless forms.)ashow
293 90 gm
1.15966 0. 32 0.11596 0.(It is worth noting that while confidentiality can \(in theory\) be guaranteed \(that is,)awidthshow
309 90 gm
2.06497 0. 32 0.20649 0.(disclosure of confidential information can be prevented by using cryptographic)awidthshow
325 90 gm
0.70755 0. 32 0.07075 0.(techniques\) it is impossible to )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.20384 0.(prevent)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.82336 0. 32 0.08233 0.( fraudulent modification of information in an)awidthshow
341 90 gm
1.43997 0. 32 0.14399 0.(untrusted network. The integrity function can only )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.33920 0.(detect)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.53884 0. 32 0.15388 0.( such modification and,)awidthshow
357 90 gm
0.17715 0. 32 0.01771 0.(optionally, make a serious effort to recover from it. Similarly, authentication function)awidthshow
373 90 gm
-0.07539 0.(can only )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.07022 0.(verify)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.07279 0.( the identity of the other party and detect any changes, not guarantee that)ashow
389 90 gm
-0.06748 0.(the other party remains the same. When an unrecoverable security violation is detected,)ashow
405 90 gm
0.35369 0. 32 0.03536 0.(the communication system can only disconnect and report the incident. The situation)awidthshow
421 90 gm
1.18301 0. 32 0.11830 0.(then reduces to ordinary denial of service, which again cannot be prevented in an)awidthshow
437 90 gm
0.11810 0. 32 0.01181 0.(untrustworthy network.)awidthshow
472 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(3.4)ashow
472 126 gm
2.22351 0. 32 0.22235 0.(On the Formal Analysis of Secure Open Systems)awidthshow
504 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.46188 0. 32 0.04618 0.(The preceding analysis of security functions and mechanisms, together with the new)awidthshow
520 90 gm
0.23117 0. 32 0.02311 0.(concept of )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.39108 0. 32 0.03910 0.(security context)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.23635 0. 32 0.02363 0.(, gives us new insight to the relations between the security)awidthshow
536 90 gm
1.53533 0. 32 0.15353 0.(functions and mechanisms of open systems and enables us to split open systems)awidthshow
552 90 gm
-0.09196 0.(security into chunks of manageable size.)ashow
584 90 gm
0.22155 0. 32 0.02215 0.(With our security model, these informally stated ideas can be formalized and brought)awidthshow
600 90 gm
-0.03047 0.(within the reach of theoretical study. Just like the well known properties of any "good")ashow
616 90 gm
-0.05305 0.(communications protocol \(completeness, dead-lock freeness, etc.\) a number of require-)ashow
632 90 gm
0.00900 0. 32 0.00090 0.(ments for secure protocols, based on real security needs of the user, can be formulated)awidthshow
648 90 gm
-0.11376 0.(and protocols fulfilling these requirements can be designed and implemented.)ashow
680 90 gm
0.30227 0. 32 0.03022 0.(As defined in section 3.1, a security context between two communicating application)awidthshow
696 90 gm
1.37145 0. 32 0.13714 0.(instances is the union of the security variables of all the OSI layers of these two)awidthshow
712 90 gm
0.20446 0. 32 0.02044 0.(application instances. In this way, security can be split by the layers of OSI. We have)awidthshow
728 90 gm
0.22750 0. 32 0.02275 0.(also seen that security can be divided in the dimension of time and seen as a series of)awidthshow
744 90 gm
0.53070 0. 32 0.05307 0.(consecutive security contexts. Furthermore, it is possible to split security into ortho-)awidthshow
F T cp
%%Page: ? 42
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(39)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.10658 0.(gonal functions \(authentication, integrity and confidentiality\) which can be treated sepa-)ashow
101 90 gm
0.65780 0. 32 0.06578 0.(rately. Here again we have to beware of the subtle interdependencies between these)awidthshow
117 90 gm
0.03837 0.(functions.)ashow
149 90 gm
0.20004 0. 32 0.02000 0.(While the complete formalization of these ideas is beyond the scope of this study, we)awidthshow
165 90 gm
0.81024 0. 32 0.08102 0.(shall elaborate on them a bit further and present a semi-formal description of some)awidthshow
181 90 gm
-0.09022 0.(aspects in order to clarify them and point out a direction for further study.)ashow
213 90 gm
0.15563 0. 32 0.01556 0.(In the OSI security architecture no clear relationship between the connection-oriented)awidthshow
229 90 gm
0.14877 0. 32 0.01487 0.(and connectionless security functions and mechanisms was shown. Now we have dis-)awidthshow
245 90 gm
0.82489 0. 32 0.08248 0.(covered that the connection-oriented functions and mechanisms really are based on)awidthshow
261 90 gm
0.52093 0. 32 0.05209 0.(connectionless functions and mechanisms, which are the more fundamental building)awidthshow
277 90 gm
-0.00967 0.(blocks of secure open systems.)ashow
309 90 gm
0.80474 0. 32 0.08047 0.(In the example at the end of section 3.3 we could see that in order to set up secure)awidthshow
325 90 gm
-0.12619 0.(connection-oriented communications connectionless functions first need to be applied to)ashow
341 90 gm
1.82510 0. 32 0.18251 0.(the messages exchanged during connection establishment. Only by applying the)awidthshow
357 90 gm
1.31164 0. 32 0.13116 0.(connectionless security functions and mechanisms to the first couple of messages)awidthshow
373 90 gm
1.07727 0. 32 0.10772 0.(exchanged can we gain confidence in the identity of the other party and exchange)awidthshow
389 90 gm
-0.10903 0.(connection-specific secret information with him in a secure and integral manner. This in)ashow
405 90 gm
0.63110 0. 32 0.06311 0.(turn enables us to switch into a new security context specific to this connection and)awidthshow
421 90 gm
-0.09819 0.(known only by the two communicating application instances.)ashow
453 90 gm
1.79824 0. 32 0.17982 0.(This simple revelation opens up interesting new views. By developing a formal)awidthshow
469 90 gm
0.02685 0. 32 0.00268 0.(technique for describing and analyzing the security contexts and the transfers between)awidthshow
485 90 gm
-0.06576 0.(them we could formally deduce and prove things about the security of open systems. In)ashow
501 90 gm
-0.10061 0.(the area of formal protocol research there are a number of well established requirements)ashow
517 90 gm
1.92108 0. 32 0.19210 0.(for a "good" telecommunications protocol and a number of formal methods for)awidthshow
533 90 gm
-0.06968 0.(describing and analyzing various protocols.)ashow
565 90 gm
-0.12571 0.(Among the commonly accepted basic properties of a good protocol are the following:)ashow
597 90 gm
(-)show
597 126 gm
-0.10382 0.(A protocol has to be completely and unambiguously defined.)ashow
629 90 gm
(-)show
629 126 gm
-0.08766 0.(A protocol must be free of dead-locks and live-locks.)ashow
661 90 gm
(-)show
661 126 gm
-0.12663 0.(A protocol has to have an initial state.)ashow
693 90 gm
(-)show
693 126 gm
0.91705 0. 32 0.09170 0.(After error situations the protocol must return to a certain state \(usually the)awidthshow
709 126 gm
-0.13922 0.(initial state\) within a finite period of time.)ashow
F T cp
%%Page: ? 43
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(40)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.03216 0.(Surprisingly, no such list of properties has so far been published for security protocols.)ashow
117 90 gm
-0.03132 0.(As a first approximation we could state some rather obvious requirements for a "good")ashow
133 90 gm
-0.13537 0.(security protocol:)ashow
161 90 gm
(-)show
161 126 gm
-0.11735 0.(It has to have an initial security context.)ashow
189 90 gm
(-)show
189 126 gm
-0.12655 0.(After error situations the protocol must return to a certain security context within)ashow
201 126 gm
-0.15194 0.(a finite time.)ashow
229 90 gm
(-)show
229 126 gm
-0.02101 0.(All the security contexts employed have to be "secure" in the sense that we can)ashow
241 126 gm
-0.08026 0.(rely on the security functions provided in these contexts.)ashow
269 90 gm
(-)show
269 126 gm
-0.09925 0.(The changes between the security contexts have to be secure.)ashow
301 90 gm
-0.09506 0.(After developing formalisms suited for defining and analyzing the security contexts and)ashow
317 90 gm
-0.03526 0.(changes between them we could prove something about the security of an open system)ashow
333 90 gm
-0.09875 0.(in the following way:)ashow
365 90 gm
(-)show
365 126 gm
-0.12408 0.(Define the security contexts employed.)ashow
397 90 gm
(-)show
397 126 gm
-0.07101 0.(Split up the contexts by the layers of OSI if necessary.)ashow
429 90 gm
(-)show
429 126 gm
-0.08787 0.(Prove each context secure \(layer by layer if necessary\).)ashow
461 90 gm
(-)show
461 126 gm
-0.07908 0.(Prove the changes between the contexts secure.)ashow
493 90 gm
1.52999 0. 32 0.15299 0.(The development of a formalism for the analysis described above is obviously a)awidthshow
509 90 gm
0.13839 0. 32 0.01383 0.(rewarding task and should not prove too difficult for a mathematically oriented scien-)awidthshow
525 90 gm
0.95718 0. 32 0.09571 0.(tist. It is, however, beyond the scope of this work and proposed here as an area of)awidthshow
541 90 gm
0.48843 0. 32 0.04884 0.(further research. Rainer Rueppels paper [Rue90] appears to provide a good basis for)awidthshow
557 90 gm
-0.05821 0.(developing a formalism for this purpose.)ashow
592 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(3.5)ashow
592 126 gm
2.46749 0. 32 0.24674 0.(On the Placement of Security Functions)awidthshow
624 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.14102 0.(Originally the OSI reference model was based on the assumption that all communication)ashow
640 90 gm
1.21185 0. 32 0.12118 0.(is connection oriented and end-to-end from the transport layer up. Connectionless)awidthshow
656 90 gm
0.66055 0. 32 0.06605 0.(transport service was later included because it is more natural with the client-server)awidthshow
672 90 gm
1.71630 0. 32 0.17163 0.(model. Also relayed services, mainly electronic mail, are becoming increasingly)awidthshow
688 90 gm
0.69030 0. 32 0.06903 0.(important. As discussed earlier, the basic OSI model is not very well suited for this)awidthshow
704 90 gm
0.16128 0. 32 0.01612 0.(kind of use and leaves lots of the functionality of such services outside the OSI world)awidthshow
720 90 gm
-0.13810 0.(and entirely to the application.)ashow
F T cp
%%Page: ? 44
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(41)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.26266 0. 32 0.12626 0.(In a connection-oriented end-to-end service a transport connection is dedicated to)awidthshow
117 90 gm
1.61834 0. 32 0.16183 0.(serving one end-to-end instance of communication. For this reason, any security)awidthshow
133 90 gm
-0.11007 0.(functions can be placed at the transport layer with end-to-end significance and sufficient)ashow
149 90 gm
-0.05827 0.(granularity.)ashow
181 90 gm
0.23468 0. 32 0.02346 0.(With a relayed service, such as MHS, the situation is in many ways analogous. In the)awidthshow
197 90 gm
0.27328 0. 32 0.02732 0.(OSI sense each hop is an instance of end-to-end communication. However, messages)awidthshow
213 90 gm
-0.08522 0.(of several users are transferred across the same connections and the messages are raised)ashow
229 90 gm
-0.12947 0.(to the level of the application process and stored at each intermediate node.)ashow
261 90 gm
0.13839 0. 32 0.01383 0.(From the user's \(or information system builder's\) point of view, each hop corresponds)awidthshow
277 90 gm
0.17013 0. 32 0.01701 0.(to one sub-network in the previous case. Similarly, the routing function performed by)awidthshow
293 90 gm
0.92651 0. 32 0.09265 0.(the MHS \(within the application\), based on the information on the envelope of the)awidthshow
309 90 gm
0.25360 0. 32 0.02536 0.(message, is comparable to internet routing. Finally, part of the envelope \(P2 in figure)awidthshow
325 90 gm
0.80108 0. 32 0.08010 0.(2-2\) and the message content is transferred truly end-to-end and corresponds to the)awidthshow
341 90 gm
-0.02644 0.(TPDU \(or NSDU\) in the previous case.)ashow
373 90 gm
0.06393 0. 32 0.00639 0.(Therefore, it is natural that functions which can be placed at the transport layer in true)awidthshow
389 90 gm
0.54580 0. 32 0.05458 0.(end-to-end communication shall be placed within the application in services such as)awidthshow
405 90 gm
0.33306 0.(MHS.)ashow
437 90 gm
1.50863 0. 32 0.15086 0.(In connection-oriented end-to-end communications, security measures at layers 1)awidthshow
453 90 gm
0.58059 0. 32 0.05805 0.(through 3 can be used to further enhance the security of the service but not alone to)awidthshow
469 90 gm
0.21759 0. 32 0.02175 0.(guarantee it. Some functions, such as traffic flow confidentiality, can only be reliably)awidthshow
485 90 gm
0.54794 0. 32 0.05479 0.(implemented at these layers. In MHS, security measures at layers 1 through 6 \(or 7\))awidthshow
501 90 gm
0.10650 0. 32 0.01065 0.(can be used to enhance security but true end-to-end security and sufficient granularity)awidthshow
517 90 gm
-0.13488 0.(can only be achieved in the application.)ashow
549 90 gm
0.48782 0. 32 0.04878 0.(If data is encrypted at layer N the headers of the PDUs of all the layers below N are)awidthshow
565 90 gm
-0.07281 0.(sent in cleartext and are susceptible to traffic analysis as well as manipulation. Network)ashow
581 90 gm
-0.00975 0.(Addresses need to be in cleartext, at least in the routing nodes within the network. The)ashow
597 90 gm
0.50949 0. 32 0.05094 0.(routers always can perform traffic analysis and therefore should be reasonably trust-)awidthshow
613 90 gm
0.45883 0. 32 0.04588 0.(worthy. However, Data Link or Physical Layer Encryption between two consecutive)awidthshow
629 90 gm
0.74707 0. 32 0.07470 0.(nodes or Traffic Padding at the Network or Data Link Layer can be used to protect)awidthshow
645 90 gm
-0.08573 0.(against traffic analysis on the links between the routers.)ashow
677 90 gm
1.02706 0. 32 0.10270 0.(There are a number of possible places for the above-mentioned security functions,)awidthshow
693 90 gm
0.82031 0. 32 0.08203 0.(especially Authentication, Integrity, and Confidentiality, in the information system.)awidthshow
709 90 gm
0.45532 0. 32 0.04553 0.(Here, a brief overview of the advantages and disadvantages of various placements is)awidthshow
725 90 gm
-0.03297 0.(given. The structure of the application layer is explained e.g. in [X.200] or [IS9545].)ashow
F T cp
%%Page: ? 45
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(42)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
1 fs
12 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(3.5.1)ashow
101 126 gm
4.05731 0. 32 0.40573 0.(Application Process)awidthshow
133 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.03558 0.(Placing these functions in the )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.03901 0.(Application Process)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.03538 0.( is a rather straight-forward solution.)ashow
149 90 gm
0.16677 0. 32 0.01667 0.(This approach, however, suffers from a number of shortcomings and should therefore)awidthshow
165 90 gm
-0.00595 0.(be avoided. Among the reasons why this is not acceptable as a general solution are the)ashow
181 90 gm
-0.11027 0.(following:)ashow
213 90 gm
(-)show
213 126 gm
0.72067 0. 32 0.07206 0.(This means having to define and implement the same security functions and)awidthshow
229 126 gm
0.72570 0. 32 0.07257 0.(mechanisms separately for each application leading into excessive work and)awidthshow
245 126 gm
-0.10655 0.(needless duplication of functionality.)ashow
277 90 gm
(-)show
277 126 gm
-0.11189 0.(This approach contradicts the principle that security should be an integral part of)ashow
293 126 gm
-0.09745 0.(the communication service provided by OSI, functions and mechanism included)ashow
309 126 gm
-0.09367 0.(in the application process being mainly beyond the scope of OSI.)ashow
341 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(3.5.2)ashow
341 126 gm
2.60925 0. 32 0.26092 0.(Application and Presentation Layers)awidthshow
373 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.32943 0. 32 0.03294 0.(Security functions and mechanisms can be placed in the )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.50643 0. 32 0.05064 0.(Specific Application Service)awidthshow
389 90 gm
0.04446 0.(Elements)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.04714 0. 32 0.00471 0.( \()awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.05067 0.(SASEs)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.15899 0. 32 0.01589 0.(\) within the Application Layer of OSI. From the application process')awidthshow
405 90 gm
0.52185 0. 32 0.05218 0.(point of view, these security functions are then a part of the communication service.)awidthshow
421 90 gm
0.59494 0. 32 0.05949 0.(However, should another SASE need the same functions and mechanisms, they will)awidthshow
437 90 gm
-0.10691 0.(have to be rewritten for that SASE \(and application\).)ashow
469 90 gm
0.92727 0. 32 0.09272 0.(Security functions and mechanisms can also be placed in the common )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.27117 0.(Application)ashow
485 90 gm
1.45065 0. 32 0.14506 0.(Service Elements)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.26718 0. 32 0.02671 0.( \()awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.29023 0.(ASEs)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.54702 0. 32 0.05470 0.(\), such as the )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.24786 0. 32 0.12478 0.(Association Control Service Element)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.26718 0. 32 0.02671 0.( \()awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.32847 0.(ACSE)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
501 90 gm
0.62179 0. 32 0.06217 0.(defined in [IS8649, /A1, /A2, /A3, X.217] and [IS8650, /A1, /A4, X.227]\). The ser-)awidthshow
517 90 gm
0.34133 0. 32 0.03413 0.(vice is now available to many SASEs and the same implementation can serve a wide)awidthshow
533 90 gm
0.40206 0. 32 0.04020 0.(range of applications \(but not necessarily all of them\). For example, ACSE currently)awidthshow
549 90 gm
-0.10961 0.(provides the means to exchange authentication information coming from the SASE, still)ashow
565 90 gm
-0.11732 0.(leaving much of the functionality to the SASE.)ashow
597 90 gm
-0.07897 0.(A natural solution to avoid duplicating the security functionality for each SASE and yet)ashow
613 90 gm
-0.03993 0.(avoid the limitations of ACSE is to add another Common Application Service Element)ashow
629 90 gm
-0.02017 0.(positioned between ACSE and the SASEs, namely the Secure Communication Service)ashow
645 90 gm
-0.00778 0.(Element \(SCSE as proposed in [NS89]\).)ashow
677 90 gm
0.49835 0. 32 0.04983 0.(Figure 3-5 illustrates the security architecture of an application, such as FTAM. The)awidthshow
693 90 gm
0.86318 0. 32 0.08631 0.(SASE relies on the security services offered by the SCSE. SCSE interacts with the)awidthshow
709 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.90521 0. 32 0.19052 0.(Security Management Information Base)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.38253 0. 32 0.03825 0.( \()awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.44818 0.(SMIB)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.30126 0. 32 0.13012 0.(\) and the X.500 Directory Service)awidthshow
725 90 gm
0.79620 0. 32 0.07962 0.(\(X.509, for distributing certified public keys\). SCSE in turn uses the authentication)awidthshow
741 90 gm
-0.10913 0.(exchange mechanism of the ACSE.)ashow
F T cp
%%Page: ? 46
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(43)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.42770 0. 32 0.04277 0.(The functions that naturally belong to the SCSE are )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.12213 0.(Authentication)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.35079 0. 32 0.03507 0.( \(with the help of)awidthshow
117 90 gm
0.34011 0. 32 0.03401 0.(ACSE\), )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.06527 0.(Integrity)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.13275 0. 32 0.01327 0.( and )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.06825 0.(Confidentiality)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.27359 0. 32 0.02735 0.( \(especially Selective Field versions of the latter)awidthshow
133 90 gm
1.07513 0. 32 0.10751 0.(two\).To complement the services that SCSE produces using its own functions and)awidthshow
149 90 gm
-0.01379 0.(mechanisms, it also uses the presentation context management service of the Presenta-)ashow
165 90 gm
-0.10221 0.(tion Layer and the bulk integrity and confidentiality service provided by the )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.13505 0.(End-to-End)ashow
181 90 gm
-0.08489 0.(Security Protocol)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.05986 0.( \()ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.11979 0.(EESP)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.08537 0.(\) [ISO90a] at the Transport Layer.)ashow
213 90 gm
-0.01002 0.(In [ZE90] it is proposed that the simple one-way authentication mechanism of the cur-)ashow
229 90 gm
-0.08680 0.(rent FTAM protocol be extended to provide strong authentication. A working prototype)ashow
245 90 gm
-0.06318 0.(of this scheme has been implemented at Swedish Telecom. While this approach has the)ashow
261 90 gm
0.27481 0. 32 0.02748 0.(advantage of complying with the standards as far as possible it cannot be expected to)awidthshow
277 90 gm
1 2 lw
-0.10041 0.(gain ground because of its application specific and ad-hoc nature.)ashow
329 395 gm
(nc 297 101 614 492 6 rc)kp
0 gr
392 395 lin
1 1 lw
0 0 pen
392 395 lin
1 1 pen
365 449 gm
408 449 lin
315 472 gm
414 472 lin
428 411 gm
572 411 lin
psb
pse
nc ct 39 0 put
64 gr
qf
311 332 gm
pt
311 490 pl
334 490 pl
334 332 pl
311 332 pl
ef
0 gr
eu
(nc 297 101 614 492 6 rc)kp
327 363 gm
0.01074 0 rmoveto
1 setTxMode
bu fc
2 F /|______Times-Roman fnt
bn
(SASE \(e.g. FTAM\))show
psb
pse
nc ct 39 0 put
64 gr
qf
455 332 gm
pt
455 490 pl
478 490 pl
478 332 pl
455 332 pl
ef
0 gr
eu
(nc 297 101 614 492 6 rc)kp
470 366 gm
1 setTxMode
-0.13452 0.(Presentation Layer)ashow
psb
pse
nc ct 39 0 put
64 gr
qf
383 332 gm
pt
383 435 pl
406 435 pl
406 332 pl
383 332 pl
ef
0 gr
eu
(nc 297 101 614 492 6 rc)kp
399 350 gm
1 setTxMode
-0.06652 0.(ACSE/Add. 1)ashow
psb
pse
nc ct 39 0 put
64 gr
qf
406 332 gm
pt
406 490 pl
428 490 pl
428 332 pl
406 332 pl
ef
0 gr
eu
(nc 297 101 614 492 6 rc)kp
421 396 gm
1 setTxMode
-0.22259 0.(ACSE)ashow
psb
pse
nc ct 39 0 put
64 gr
qf
347 332 gm
pt
347 463 pl
370 463 pl
370 332 pl
347 332 pl
ef
0 gr
eu
(nc 297 101 614 492 6 rc)kp
363 382 gm
1.49560 0 rmoveto
1 setTxMode
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
(SCSE)show
psb
pse
nc ct 39 0 put
64 gr
qf
369 112 gm
pt
369 172 pl
430 172 pl
430 112 pl
369 112 pl
ef
0 gr
eu
(nc 297 101 614 492 6 rc)kp
390 126 gm
0.66845 0 rmoveto
1 setTxMode
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(X.500)show
402 118 gm
-0.24620 0.(Directory)ashow
414 123 gm
0.67529 0 rmoveto
(\(X.509\))show
64 gr
537 102 561 180 0 90 1 ar
0 gr
537.5 102.5 560.5 179.5 0 90 0 ar
64 gr
537 103 561 181 90 180 1 ar
0 gr
537.5 103.5 560.5 180.5 90 180 0 ar
477 179 gm
549 179 lin
477 103 gm
549 103 lin
64 gr
463 103 491 180 1 ov
0 gr
463.5 103.5 490.5 179.5 0 ov
524 127 gm
1 setTxMode
-0.11160 0.(SMIB)ashow
64 gr
311 217 613 294 1 rc
0 gr
311.5 217.5 612.5 293.5 0 rc
453 234 gm
1 setTxMode
-0.14059 0.(Security)ashow
465 233 gm
-0.27314 0.(Manage-)ashow
477 244 gm
-0.33134 0.(ment)ashow
0 gr
392 169 404 181 340 380 1 ar
392 211 404 223 160 200 1 ar
398 212 gm
398 180 lin
513 211 525 223 160 200 1 ar
513 175 525 187 340 380 1 ar
519 186 gm
519 212 lin
354 288 366 300 340 380 1 ar
354 326 366 338 160 200 1 ar
360 327 gm
360 299 lin
64 gr
563 331 613 491 1 rc
0 gr
563.5 331.5 612.5 490.5 0 rc
588 490 gm
588 331 lin
579 401 gm
1 setTxMode
(TP4)show
603 396 gm
0.99560 0 rmoveto
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
(EESP)show
0 gr
595 287 607 299 340 380 1 ar
595 325 607 337 160 200 1 ar
601 326 gm
601 298 lin
561 362 gm
1 setTxMode
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.10792 0.(Transport  Layer)ashow
psb
pse
nc ct 39 0 put
64 gr
qf
509 332 gm
pt
509 490 pl
532 490 pl
532 332 pl
509 332 pl
ef
0 gr
eu
(nc 297 101 614 492 6 rc)kp
524 378 gm
1 setTxMode
-0.05340 0.(Session Layer)ashow
0 gr
462 288 474 300 340 380 1 ar
462 326 474 338 160 200 1 ar
468 327 gm
468 299 lin
308 366 gm
1 setTxMode
-0.22671 0.(Application Layer)ashow
645 90 gm
(nc 30 28 811 566 6 rc)kp
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.26438 0.(Figure 3-5:)ashow
645 162 gm
-0.15039 0.(The proposed security architecture for an application such as FTAM.)ashow
677 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.06820 0. 32 0.00682 0.(In [NS89] the )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.02261 0.(non-repudiation)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.08483 0. 32 0.00848 0.( function is completely ignored \(not even explicitly left)awidthshow
693 90 gm
1.15036 0. 32 0.11503 0.(outside the scope of the paper\), probably because of its strong dependency on the)awidthshow
709 90 gm
0.28411 0. 32 0.02841 0.(application. However, the SCSE is also a natural place for a )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.61187 0. 32 0.06118 0.(generic non-repudiation)awidthshow
725 90 gm
0.09826 0.(function)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.35476 0. 32 0.03547 0.(. This function can provide non-repudiation of the sending of an )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.11192 0.(Application)ashow
741 90 gm
-0.00648 0.(Protocol Data Unit)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
( \()show
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
(APDU)show
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.00598 0.(\) without any regard to its semantics. This service can then)ashow
757 90 gm
-0.05465 0.(be utilized by a variety of SASEs for various purposes. In this respect it is analogous to)ashow
F T cp
%%Page: ? 47
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(44)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.30294 0. 32 0.13029 0.(the )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
3.61450 0. 32 0.36145 0.(synchronization function)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.94046 0. 32 0.19404 0.( provided by the Session Layer with no semantics)awidthshow
101 90 gm
-0.07794 0.(associated with the synchronization points.)ashow
133 90 gm
0.96664 0. 32 0.09666 0.(It is assumed in [NS89] that Selective Field Confidentiality should be provided by)awidthshow
149 90 gm
0.06790 0. 32 0.00679 0.(dividing a )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.10330 0. 32 0.01033 0.(Presentation Service Data Unit)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
( \()show
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.03146 0.(PSDU)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.06332 0. 32 0.00633 0.( = APDU\) into several )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.02288 0.(Presentation)ashow
165 90 gm
-0.07546 0.(Protocol Data Units)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.05116 0.( \()ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.10726 0.(PPDUs)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.07409 0.(\), where each PPDU would be entirely encrypted or clear-)ashow
181 90 gm
0.41793 0. 32 0.04179 0.(text. The reason given for this is, that the current presentation layer does not support)awidthshow
197 90 gm
-0.07669 0.(the use of more than one )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.08033 0.(Presentation Context)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.08361 0.( \(Transfer Syntax\) with one PPDU.)ashow
229 90 gm
0.07858 0. 32 0.00785 0.(The approach proposed in [NS89] has several serious shortcomings, among which are)awidthshow
245 90 gm
-0.12713 0.(the following:)ashow
277 90 gm
(-)show
277 126 gm
0.91491 0. 32 0.09149 0.(The segmentation and reassembly of the PSDU \(APDU\) at the Presentation)awidthshow
293 126 gm
0.86944 0. 32 0.08694 0.(Layer introduces a new complicated mechanism causing major changes and)awidthshow
309 126 gm
-0.10096 0.(excessive over-head at the Presentation Layer.)ashow
341 90 gm
(-)show
341 126 gm
0.27908 0. 32 0.02790 0.(The need to change Presentation Contexts between each resulting PPDU adds)awidthshow
357 126 gm
-0.05096 0.(further to this over-head.)ashow
389 90 gm
1.58676 0. 32 0.15867 0.(In fact, this extra complexity appears to be completely unnecessary. A proposed)awidthshow
405 90 gm
-0.10032 0.(simpler solution is the following:)ashow
437 90 gm
(-)show
437 126 gm
-0.00292 0.(Enhance the ASN.1 data definition language [IS8824, IS8824/A1, X.208] \(and)ashow
453 126 gm
1.12777 0. 32 0.11277 0.(the associated Abstract Syntax\) to include qualifiers )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.30296 0.(Encrypted)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.51589 0. 32 0.05158 0.( and )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.36120 0.(Signed)ashow
469 126 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.11434 0.(applicable to any \(structured\) data type.)ashow
501 90 gm
(-)show
501 126 gm
-0.09503 0.(Define Transfer Syntaxes capable of handling these new data types.)ashow
533 90 gm
0.49667 0. 32 0.04966 0.(It is obvious that the macro facility of the ASN.1 definition language will undergo a)awidthshow
549 90 gm
0.17395 0. 32 0.01739 0.(total renovation in the near future for reasons discussed e.g. in [Ros90]. It is also pro-)awidthshow
565 90 gm
0.43395 0. 32 0.04339 0.(bable, that ASN.1 and its )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.70220 0. 32 0.07022 0.(Basic Encoding Rules)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.64575 0. 32 0.06457 0.( \(BER\) [IS8825, IS8825/A1, X.209])awidthshow
581 90 gm
-0.10197 0.(will be extended to support cryptography instead leaving these things to be defined with)ashow
597 90 gm
0.21057 0. 32 0.02105 0.(macros. For reasons of both security and efficiency, BER should be redesigned in the)awidthshow
613 90 gm
0.14968 0. 32 0.01496 0.(near future. E.g. [HD89] proposes a transfer syntax which is claimed to be one to two)awidthshow
629 90 gm
0.78140 0. 32 0.07814 0.(orders of magnitude faster than BER. In the current version of the X.509 Authenti-)awidthshow
645 90 gm
-0.00231 0.(cation Framework [X.509], the following ASN.1 macro definitions for these functions)ashow
661 90 gm
-0.06211 0.(already exist \(see figure 3-6 below\).)ashow
693 90 gm
0.03646 0. 32 0.00364 0.(With the change in the roles of the Application and Presentation layers to be proposed)awidthshow
709 90 gm
0.56747 0. 32 0.05674 0.(here, the Application Layer would be responsible for performing the encryption and)awidthshow
725 90 gm
-0.08923 0.(signature functions while it would be the task of the Presentation Layer to negotiate and)ashow
741 90 gm
-0.09832 0.(manage the appropriate Presentation Contexts for this Security Context.)ashow
F T cp
%%Page: ? 48
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(45)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
99 126 gm
2 fs
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
-0.04100 0.(ENCRYPTED MACRO ::=)ashow
113 126 gm
0.41996 0.(BEGIN)ashow
127 126 gm
1.36291 0. 32 0.13629 0.(TYPE NOTATION)awidthshow
127 234 gm
-0.19551 0.(::= type \(ToBeEnciphered\))ashow
141 126 gm
1.59881 0. 32 0.15988 0.(VALUE NOTATION)awidthshow
141 234 gm
0.29296 0. 32 0.02929 0.(::= value \(VALUE BIT STRING\))awidthshow
155 126 gm
(END)show
185 126 gm
-0.07055 0.(SIGNED MACRO ::=)ashow
199 126 gm
0.41996 0.(BEGIN)ashow
213 126 gm
1.36291 0. 32 0.13629 0.(TYPE NOTATION)awidthshow
213 234 gm
-0.10221 0.(::= type \(ToBeSigned\))ashow
227 126 gm
1.59881 0. 32 0.15988 0.(VALUE NOTATION)awidthshow
227 234 gm
-0.15922 0.(::= value \(VALUE)ashow
241 162 gm
0.23458 0.(SEQUENCE{)ashow
255 198 gm
0.20129 0.(ToBeSigned,)ashow
269 198 gm
-0.06900 0.(AlgorithmIdentifier,)ashow
283 198 gm
-0.13354 0.(-- of the algorithm usedto compute the signature)ashow
297 162 gm
1.13830 0. 32 0.11383 0.(ENCRYPTED OCTET STRING)awidthshow
311 162 gm
-0.13899 0.(-- where the octet string is the result)ashow
325 162 gm
0.27328 0. 32 0.02732 0.(-- of the hashing of the value of 'ToBeSigned' --})awidthshow
339 126 gm
0.52337 0. 32 0.05233 0.(END -- of SIGNED. \))awidthshow
369 126 gm
0.42404 0. 32 0.04240 0.(SIGNATURE MACRO ::=)awidthshow
383 126 gm
0.41996 0.(BEGIN)ashow
397 126 gm
1.36291 0. 32 0.13629 0.(TYPE NOTATION)awidthshow
397 234 gm
-0.22450 0.(::= type \(OfSignature\))ashow
411 126 gm
1.59881 0. 32 0.15988 0.(VALUE NOTATION)awidthshow
411 234 gm
-0.15922 0.(::= value \(VALUE)ashow
425 162 gm
0.23458 0.(SEQUENCE{)ashow
439 198 gm
-0.06900 0.(AlgorithmIdentifier,)ashow
453 198 gm
-0.13354 0.(-- of the algorithm usedto compute the signature)ashow
467 162 gm
1.13830 0. 32 0.11383 0.(ENCRYPTED OCTET STRING)awidthshow
481 162 gm
-0.09320 0.(-- where the octet string is a function \(e.g. a compressed or hashed)ashow
495 162 gm
-0.01179 0.(-- version\) of the value 'OfSignature', which may include the)ashow
509 162 gm
-0.11196 0.(-- identifier of the algorithm used to compute the signature --})ashow
523 126 gm
0.93521 0. 32 0.09352 0.(END -- of SIGNATURE. \))awidthshow
555 90 gm
-0.26438 0.(Figure 3-6:)ashow
555 162 gm
1.04537 0. 32 0.10453 0.(ASN.1 macros ENCRYPTED, SIGNED and SIGNATURE [X.509].)awidthshow
587 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.00596 0.(In practise, data to be signed would first be transformed into a Canonical Form \(that is)ashow
603 90 gm
0.33615 0. 32 0.03361 0.(a fixed Transfer Syntax applicable to this Security Context, such as the ASN.1 BER\))awidthshow
619 90 gm
0.67977 0. 32 0.06797 0.(and then encrypted \(with the key applicable to this Security Context\). The resulting)awidthshow
635 90 gm
0.77270 0. 32 0.07727 0.(binary data would then be handed over to the Presentation Layer as an octet string.)awidthshow
651 90 gm
-0.11663 0.(With our new arrangement the Presentation Layer is no longer interested in the structure)ashow
667 90 gm
-0.04696 0.(or semantics of the PSDU, which is in harmony with the Layer Independence Principle)ashow
683 90 gm
-0.09941 0.(of the OSI reference model.)ashow
715 90 gm
1.11877 0. 32 0.11187 0.(As for signing data, a Digital Signature Scheme applicable to the current Security)awidthshow
731 90 gm
0.34835 0. 32 0.03483 0.(Context is employed in way similar to that described above for encryption. Here it is)awidthshow
747 90 gm
1.26861 0. 32 0.12686 0.(also possible to describe the Digital Signature mechanism in terms of ASN.1 and)awidthshow
F T cp
%%Page: ? 49
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(46)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.30294 0. 32 0.13029 0.(employing a PKC without ever using the key word )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.39636 0.(Signed)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.19140 0. 32 0.11914 0.(. However, the )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.47563 0.(Signed)ashow
101 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.00970 0.(qualifier still needs to be included in the ASN.1 definition language in order to respect)ashow
117 90 gm
-0.03327 0.(the orthogonality of Signature and Public Key Encryption and facilitate possible future)ashow
133 90 gm
-0.11837 0.(Digital Signature Schemes.)ashow
165 90 gm
-0.07319 0.(According to the OSI reference model [X.200], the Presentation Layer provides session)ashow
181 90 gm
0.20019 0. 32 0.02001 0.(services and the following facilities: )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.27008 0. 32 0.02700 0.(transformation of syntax)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.09399 0. 32 0.00939 0.( and )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.22888 0. 32 0.02288 0.(selection of syntax)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(.)show
197 90 gm
-0.12384 0.(There are three syntactic versions of the data: the syntax used by the originating applica-)ashow
213 90 gm
0.06729 0. 32 0.00672 0.(tion entity, the syntax used by the receiving application entity \(the local syntaxes\) and)awidthshow
229 90 gm
-0.06610 0.(the syntax used between the presentation entities \(the transfer syntax\). The presentation)ashow
245 90 gm
1.54586 0. 32 0.15458 0.(layer contains functions necessary to transform between these syntaxes and each)awidthshow
261 90 gm
-0.09751 0.(presentation entity must know the syntax used by its application entity.)ashow
293 90 gm
-0.06341 0.(In the OSI reference model the principles used to determine the seven layers of OSI are)ashow
309 90 gm
-0.06498 0.(given. Among these principles are the following [X.200]:)ashow
341 90 gm
(P2:)show
341 126 gm
0.03906 0. 32 0.00390 0.(create a boundary at a point where the description of services can be small and)awidthshow
357 126 gm
-0.12573 0.(the number of interactions across the boundary are minimized;)ashow
389 90 gm
(P5:)show
389 126 gm
1.34536 0. 32 0.13453 0.(select boundaries at a point which past experience has demonstrated to be)awidthshow
405 126 gm
-0.06903 0.(successful; and)ashow
437 90 gm
(P9:)show
437 126 gm
1.25625 0. 32 0.12562 0.(allow changes of functions or protocols to be made within a layer without)awidthshow
453 126 gm
-0.08784 0.(affecting other layers.)ashow
485 90 gm
-0.07600 0.(However, the current boundary between the application layer and the presentation layer)ashow
501 90 gm
0.22171 0. 32 0.02217 0.(seems to violate all of these three principles. With the current division data structures)awidthshow
517 90 gm
0.02349 0. 32 0.00234 0.(should be passed between the Application and Presentation Layers in the local syntax.)awidthshow
533 90 gm
0.04241 0. 32 0.00424 0.(Consequently, Presentation Layer would need to know about the structure of Applica-)awidthshow
549 90 gm
-0.07447 0.(tion PDUs to be able to convert between the local and transfer syntaxes. This creates an)ashow
565 90 gm
0.31112 0. 32 0.03111 0.(unnecessary dependency between the two layers and causes any changes made in the)awidthshow
581 90 gm
0.31982 0. 32 0.03198 0.(application layer PDUs to affect the presentation layer. Real implementation work of)awidthshow
597 90 gm
1.05300 0. 32 0.10530 0.(open systems, such as the work with C-VOPS [Kar87], has shown that in practice)awidthshow
613 90 gm
-0.10729 0.(syntax conversions have to be performed at the Application Layer.)ashow
645 90 gm
-0.09925 0.(The division of responsibilities between the Application and Presentation Layers should)ashow
661 90 gm
0.05203 0. 32 0.00520 0.(be revised. The proposed remedy is to let the Application Layer be responsible for the)awidthshow
677 90 gm
-0.02938 0.(conversions between the local and transfer syntaxes and only leave the negotiation and)ashow
693 90 gm
-0.10751 0.(management of Presentation Contexts to the Presentation Layer.)ashow
F T cp
%%Page: ? 50
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(47)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.10589 0.(Among the benefits of this new arrangement would the following:)ashow
133 90 gm
(-)show
133 126 gm
-0.11134 0.(In the new arrangement the Service Data Units transferred between any two OSI)ashow
149 126 gm
0.08346 0. 32 0.00834 0.(layers would be included in the Data PDUs of the lower layer as such, without)awidthshow
165 126 gm
0.54611 0. 32 0.05461 0.(any modifications, except possible encryption. No layer would need to know)awidthshow
181 126 gm
1.24923 0. 32 0.12492 0.(anything about the internal structure of its SDUs. That is, the Presentation)awidthshow
197 126 gm
-0.08076 0.(Layer would not need to know about the syntax of the Application PDUs.)ashow
229 90 gm
(-)show
229 126 gm
1.75811 0. 32 0.17581 0.(Encoding and decoding of APDUs could be done more efficiently in the)awidthshow
245 126 gm
0.18386 0. 32 0.01838 0.(Application Layer, without the need to pass control information related to this)awidthshow
261 126 gm
1.67404 0. 32 0.16740 0.(process between the two layers. This would also make the description of)awidthshow
277 126 gm
-0.11022 0.(services at the boundary between the application layer and the presentation layer)ashow
293 126 gm
-0.07078 0.(simpler \(see principle P2 above\).)ashow
325 90 gm
1.10885 0. 32 0.11088 0.(For the reasons stated above, practically all the upper layer security functions and)awidthshow
341 90 gm
-0.03337 0.(mechanisms, including data encryption, are actually placed in the Application Layer in)ashow
357 90 gm
0.35247 0. 32 0.03524 0.(this study. Only the definition and management of transfer syntaxes and presentation)awidthshow
373 90 gm
-0.10131 0.(contexts is left to the Presentation Layer.)ashow
405 90 gm
-0.08648 0.(Even though this may seem to be a fundamental change to the universally accepted OSI)ashow
421 90 gm
0.03799 0. 32 0.00379 0.(reference model it still can be done without serious consequences. OSI should only be)awidthshow
437 90 gm
0.71075 0. 32 0.07107 0.(concerned with the external protocol properties of telecommunications systems, not)awidthshow
453 90 gm
0.84579 0. 32 0.08457 0.(with their internals. The modification proposed here would not change the external)awidthshow
469 90 gm
-0.08702 0.(behavior of an open systems, only make it internally cleaner.)ashow
501 90 gm
-0.00175 0.(The architecture proposed in [NS89] has since then been developed further by a group)ashow
517 90 gm
0.19378 0. 32 0.01937 0.(of Korean experts who have also implemented their SCSE proposal to run on a Sun 3)awidthshow
533 90 gm
0.44418 0. 32 0.04441 0.(workstation and ISODE 5.0 [ISO90f]. The paper discusses the functions of authenti-)awidthshow
549 90 gm
1.37802 0. 32 0.13780 0.(cation, integrity and confidentiality. Plans for extending the design to cover non-)awidthshow
565 90 gm
1.41433 0. 32 0.14143 0.(repudiation and access control as well as for improving the efficiency of the test)awidthshow
581 90 gm
-0.12332 0.(implementation were also mentioned in this paper.)ashow
613 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(3.5.3)ashow
613 126 gm
2.38739 0. 32 0.23873 0.(The Lower Layers)awidthshow
645 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.64468 0. 32 0.06446 0.(Most security functions and mechanisms can be placed at the Transport or Network)awidthshow
661 90 gm
0.27038 0. 32 0.02703 0.(Layers of OSI, so that they are available for various protocol stacks and applications.)awidthshow
677 90 gm
0.24078 0. 32 0.02407 0.(The main difference between placing these functions and mechanisms into one or the)awidthshow
693 90 gm
0.48141 0. 32 0.04814 0.(other of these two layers is that a transport connection is always serving exactly one)awidthshow
709 90 gm
0.19424 0. 32 0.01942 0.(instance of application level communication between two systems whereas a network)awidthshow
725 90 gm
-0.11599 0.(connection can be multiplexed among several transport connections.)ashow
F T cp
%%Page: ? 51
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(48)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.08633 0.(Also, in connectionless-mode communication, datagrams at the Network layer are host-)ashow
117 90 gm
0.18203 0. 32 0.01820 0.(to-host, whereas datagrams at the Transport Layer are process-to-process \(that is they)awidthshow
133 90 gm
0.24185 0. 32 0.02418 0.(serve one instance of process-to-process communications, or one application associa-)awidthshow
149 90 gm
0.10101 0. 32 0.01010 0.(tion\). Even though functions and mechanisms placed in the upper part of the Network)awidthshow
165 90 gm
-0.06692 0.(Layer can provide end-to-end security functions \(in the host-to-host sense\) they cannot,)ashow
181 90 gm
0.23254 0. 32 0.02325 0.(in general, provide sufficient granularity, that is they cannot be focused on individual)awidthshow
197 90 gm
1.69708 0. 32 0.16970 0.(instances of user-to-user communication. For these reasons, the Transport Layer)awidthshow
213 90 gm
-0.09428 0.(usually is a better place for these functions and mechanisms than the Network layer.)ashow
245 90 gm
0.72036 0. 32 0.07203 0.(Unfortunately the question of placing certain functions at the Transport or Network)awidthshow
261 90 gm
1.37207 0. 32 0.13720 0.(layer often becomes a political issue. Transport layer being end-to-end, functions)awidthshow
277 90 gm
1.80389 0. 32 0.18038 0.(placed in the Transport layer or above it are entirely in the domain of terminal)awidthshow
293 90 gm
0.53390 0. 32 0.05339 0.(equipment and outside the control of teleoperators. For this reason there is usually a)awidthshow
309 90 gm
1.78237 0. 32 0.17823 0.(strong tendency to place functions and mechanisms in the Network \(rather than)awidthshow
325 90 gm
-0.12376 0.(Transport\) layer among the teleoperators participating in international standardization. It)ashow
341 90 gm
-0.10424 0.(is anticipated that the current liberalization trend in the area of telecommunications will,)ashow
357 90 gm
-0.06977 0.(in the long run, solve these political problems.)ashow
F T cp
%%Page: ? 52
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(49)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
110 90 gm
1 fs
18 fz
bu fc
2 F /|______Times-Bold fnt
bn
(4)show
110 126 gm
2.39562 0. 32 0.23956 0.(A Secure General Purpose OSI Protocol)awidthshow
128 126 gm
0.50201 0.(Stack)ashow
161 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.03958 0. 32 0.10395 0.(In this chapter we shall place the security functions and mechanisms that we have)awidthshow
177 90 gm
0.13412 0. 32 0.01341 0.(discussed in the preceding chapter and in the appendix into the layers of OSI and find)awidthshow
193 90 gm
-0.00170 0.(the appropriate mechanisms for realizing them. This placement is based on the criteria)ashow
209 90 gm
0.77972 0. 32 0.07797 0.(and considerations presented in chapter 3 and the appendix. To keep the work on a)awidthshow
225 90 gm
0.04043 0. 32 0.00404 0.(sufficiently general level, we do not not employ actual low-level mechanisms, such as)awidthshow
241 90 gm
1.25 0. 32 0.125 0.(cryptosystems, but keep the discussion on the level of protocol logic and abstract)awidthshow
257 90 gm
0.13076 0. 32 0.01307 0.(cryptographic mechanisms. Low-level mechanisms are dealt with in chapters 6 and 7,)awidthshow
273 90 gm
0.41824 0. 32 0.04182 0.(where real cryptosystems, real software environments, and concrete modifications to)awidthshow
289 90 gm
-0.06375 0.(the existing protocols and their PDUs are suggested.)ashow
321 90 gm
0.54199 0. 32 0.05419 0.(The functions and mechanisms are placed into a general purpose OSI protocol stack)awidthshow
337 90 gm
0.98983 0. 32 0.09898 0.(which can be used for various kinds of applications. Both connection-oriented and)awidthshow
353 90 gm
-0.05012 0.(connectionless communications are considered and the same protocol stack can also be)ashow
369 90 gm
-0.06999 0.(used to enhance the security of relayed services such as MHS.)ashow
401 90 gm
-0.09054 0.(Our goal here is as general a solution as possible, applicable to a large group of services)ashow
417 90 gm
1.19781 0. 32 0.11978 0.(and not tied into existing cryptosystems or protocols. It is realized that individual)awidthshow
433 90 gm
0.16204 0. 32 0.01620 0.(cryptosystems and even protocols will evolve and the solutions presented here should)awidthshow
449 90 gm
-0.11015 0.(outlive them.)ashow
481 90 gm
-0.02569 0.(In order to accommodate for a number of various applications, options for using or not)ashow
497 90 gm
-0.08068 0.(using various security functions need to be provided. Depending on the requirements of)ashow
513 90 gm
0.00930 0. 32 0.00093 0.(the specific application and economical reasons we may, for example, want to encrypt)awidthshow
529 90 gm
-0.06156 0.(all, some or none of the data being transferred.)ashow
561 90 gm
0.34667 0. 32 0.03466 0.(One instance of using a service across a network is illustrated in figure 2-1. Layers 1)awidthshow
577 90 gm
1.09268 0. 32 0.10926 0.(through 3 of the OSI system are shared among various users, services and service)awidthshow
593 90 gm
0.87356 0. 32 0.08735 0.(instances. It is therefore not feasible to implement security functions focusing on a)awidthshow
609 90 gm
0.53146 0. 32 0.05314 0.(single service instance in these layers. It is possible to embed security functions and)awidthshow
625 90 gm
-0.02139 0.(mechanisms in the lower layers, but they will only be effective across one hop or host-)ashow
641 90 gm
-0.06507 0.(to-host, not from application process to application process.)ashow
673 90 gm
-0.06942 0.(Some possible uses of security functions in layers 1 through 3 are the following:)ashow
705 90 gm
(-)show
705 126 gm
0.13244 0. 32 0.01324 0.(Use of physical layer encryption to provide for traffic flow confidentiality and)awidthshow
721 126 gm
-0.13761 0.(encryption of all traffic across a critical communication link.)ashow
F T cp
%%Page: ? 53
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(50)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(-)show
101 126 gm
0.65093 0. 32 0.06509 0.(Use of data link level encryption on an untrusted link \(such as radio link\) or)awidthshow
117 126 gm
-0.03132 0.(authentication, confidentiality, and integrity functions between pairs of stations)ashow
133 126 gm
-0.08859 0.(on a broadcast medium \(such as Local Area Network or Packet Radio\).)ashow
165 90 gm
(-)show
165 126 gm
-0.04241 0.(Use of network level security functions to secure communications between two)ashow
181 126 gm
-0.03820 0.(hosts on the same subnetwork or across an internet.)ashow
213 90 gm
-0.00227 0.(Although access control should primarily be left to the application, it is often useful to)ashow
229 90 gm
0.73547 0. 32 0.07354 0.(have multilevel access control in a distributed environment in order to stop dummy)awidthshow
245 90 gm
-0.07933 0.(traffic and most attacks as early as possible.)ashow
277 90 gm
(-)show
277 126 gm
-0.05776 0.(Data link level access control can be used in broadcast media, such as LANs, to)ashow
293 126 gm
0.30883 0. 32 0.03088 0.(limit access from untrusted \(or to critical\) hosts or networks. For example, all)awidthshow
309 126 gm
-0.09870 0.(messages arriving from a gateway to a critical host can be ignored.)ashow
341 90 gm
(-)show
341 126 gm
0.65368 0. 32 0.06536 0.(Similarly, network level access control can be used to limit data flow to and)awidthshow
357 126 gm
-0.06823 0.(from critical hosts.)ashow
389 90 gm
0.21987 0. 32 0.02198 0.(However, these measures alone should never be considered adequate and they should)awidthshow
405 90 gm
2.22930 0. 32 0.22293 0.(only be used to limit the number of attacks ever reaching the upper layers of)awidthshow
421 90 gm
0.43212 0. 32 0.04321 0.(information systems. If most attacks can be dealt with at the lower layers of the host)awidthshow
437 90 gm
0.36483 0. 32 0.03648 0.(machines \(or even by dedicated gateways and other telecommunications equipment\),)awidthshow
453 90 gm
-0.06283 0.(more resources are spared to deal with the more serious attacks. All of these techniques)ashow
469 90 gm
-0.00979 0.(merely serve as supplementary measures and do not provide the granularity or level of)ashow
485 90 gm
0.72723 0. 32 0.07272 0.(service necessary for secure use of various services by various users across a large,)awidthshow
501 90 gm
(untrusted network.)show
533 90 gm
0.30654 0. 32 0.03065 0.(Because layers 4 through 7 are end-to-end and no multiplexing takes place above the)awidthshow
549 90 gm
1.04309 0. 32 0.10430 0.(transport layer, that is, each \(N\)-connection \(n=4,7\) serves exactly one application)awidthshow
565 90 gm
0.45196 0. 32 0.04519 0.(association \(service instance\), it seems natural that all security functions and mecha-)awidthshow
581 90 gm
0.10986 0. 32 0.01098 0.(nisms relating to a single service instance should be placed in these layers. Already in)awidthshow
597 90 gm
-0.09274 0.(1983 Voydock and Kent concluded that end-to-end security measures, accomplished by)ashow
613 90 gm
-0.04096 0.(adding security mechanisms in the high-level protocols \(those of layers 4 through 7\) of)ashow
629 90 gm
-0.01380 0.(OSI, are more appropriate in an OSI environment than link-oriented security measures)ashow
645 90 gm
0.11462 0.([VK83].)ashow
677 90 gm
1.13372 0. 32 0.11337 0.(This work gives the first concrete and complete suggestion as to how the security)awidthshow
693 90 gm
-0.05020 0.(functions and mechanisms described in the OSI Security Architecture should be placed)ashow
709 90 gm
-0.05865 0.(in the layer of OSI in such a way as to considerably limit the degree of freedom in their)ashow
725 90 gm
0.47790 0. 32 0.04779 0.(placement without affecting the level of security offered by the OSI system. A well-)awidthshow
741 90 gm
0.02319 0. 32 0.00231 0.(founded placement of these functions and mechanisms is assumed to be of great value)awidthshow
757 90 gm
-0.07768 0.(in defining and building secure open systems in the near future.)ashow
F T cp
%%Page: ? 54
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(51)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
104 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(4.1)ashow
104 126 gm
0.58303 0.(Authentication)ashow
136 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.54403 0. 32 0.15440 0.(In the open systems environment there are many types of entities which may be)awidthshow
152 90 gm
0.32638 0. 32 0.03263 0.(identified, such as physical entities \(e.g. real open systems\), logical entities \(e.g. OSI)awidthshow
168 90 gm
0.36087 0. 32 0.03608 0.(layer entities\) and human entities. Identification associates an identity with an entity.)awidthshow
184 90 gm
-0.09326 0.(The process of corroborating an identity is called authentication [IS10181-2].)ashow
216 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(4.1.1)ashow
216 126 gm
2.90786 0. 32 0.29078 0.(Authentication and its Significance with Various Services)awidthshow
248 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.07962 0.(As indicated earlier in this thesis, reliable authentication of the other party of communi-)ashow
264 90 gm
1.08016 0. 32 0.10801 0.(cation is probably the most urgent problem in today's integrating, world-wide net-)awidthshow
280 90 gm
-0.09281 0.(works. Authentication can be divided into two classes:)ashow
312 90 gm
(-)show
312 126 gm
-0.11882 0.(Peer Entity Authentication, used with connection-oriented communications.)ashow
344 90 gm
(-)show
344 126 gm
0.64468 0. 32 0.06446 0.(Data Origin Authentication, used with connectionless and relayed communi-)awidthshow
360 126 gm
(cations.)show
392 90 gm
-0.18162 0.(Peer Entity Authentication only authenticates the entity participating in the authentication)ashow
408 90 gm
1.39907 0. 32 0.13990 0.(exchange, it cannot alone guarantee that the other party remains the same during)awidthshow
424 90 gm
-0.09349 0.(subsequent communications over the established connection. In Peer Entity Authentica-)ashow
440 90 gm
-0.04115 0.(tion a secure exchange of a session key in connection with the authentication exchange)ashow
456 90 gm
-0.08868 0.(is needed for continued authentication. This leads into the need to not only sign but also)ashow
472 90 gm
-0.11109 0.(encrypt at least parts of the authentication messages.)ashow
504 90 gm
0.18127 0. 32 0.01812 0.(The secure exchange of a fresh pairwise session key completes the establishment of a)awidthshow
520 90 gm
0.58013 0. 32 0.05801 0.(Security Context, effective on this connection, where only the two mutually authen-)awidthshow
536 90 gm
0.57205 0. 32 0.05720 0.(ticated parties are in possession of this session key which can be used for continued)awidthshow
552 90 gm
-0.11401 0.(authentication as well as purposes of data confidentiality and integrity.)ashow
584 90 gm
0.06515 0. 32 0.00651 0.(When using a service across a network, we have to be able to reliably authenticate the)awidthshow
600 90 gm
0.06423 0. 32 0.00642 0.(other party. This means the user being able to authenticate the service and server he is)awidthshow
616 90 gm
-0.09159 0.(using and the server being able to authenticate the user and his end system.)ashow
648 90 gm
0.00717 0. 32 0.00071 0.(Ultimately, data security means giving only the legitimate )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
(users)show
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
( access to the data and)show
664 90 gm
0.57891 0. 32 0.05789 0.(services they are authorized to access. Therefore, it is essential that the user, not his)awidthshow
680 90 gm
0.40985 0. 32 0.04098 0.(system, be in possession of the keys required for authentication. However, it is often)awidthshow
696 90 gm
-0.10736 0.(necessary to authenticate the end system as well, to ensure that:)ashow
F T cp
%%Page: ? 55
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(52)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(-)show
101 126 gm
-0.03935 0.(A legitimate user is not trying to access the service from a disallowed host \(e.g.)ashow
117 126 gm
1.34872 0. 32 0.13487 0.(at gun-point from the enemy's system or voluntarily from a system whose)awidthshow
133 126 gm
-0.09730 0.(security cannot be guaranteed\).)ashow
165 90 gm
(-)show
165 126 gm
0.03921 0. 32 0.00392 0.(An illegitimate user is not using the service having first somehow obtained the)awidthshow
181 126 gm
-0.07833 0.(keys necessary for authentication.)ashow
213 90 gm
0.35812 0. 32 0.03581 0.(So, we need to be able to authenticate the service, its user, or both, depending on the)awidthshow
229 90 gm
-0.09902 0.(specific service and its security requirements.)ashow
261 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(4.1.2)ashow
261 126 gm
2.23968 0. 32 0.22396 0.(Placement of Authentication in the OSI model)awidthshow
293 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.38839 0. 32 0.13883 0.(The application layer is the appropriate place for authentication because only the)awidthshow
309 90 gm
0.64498 0. 32 0.06449 0.(application layer knows about various services, service instances etc. Therefore, the)awidthshow
325 90 gm
-0.09684 0.(service and its user can only be reliably, and with sufficient granularity, authenticated at)ashow
341 90 gm
-0.03147 0.(this layer.)ashow
373 90 gm
0.64758 0. 32 0.06475 0.(While the authentication function is provided by the Application Layer, parts of the)awidthshow
389 90 gm
0.39611 0. 32 0.03961 0.(functionality need to reside above the OSI model. When authenticating the user, it is)awidthshow
405 90 gm
-0.05160 0.(essential that he need not give his keys to the system, even though the application layer)ashow
421 90 gm
0.07507 0. 32 0.00750 0.(can provide the mechanism for user authentication. For example, a careful user would)awidthshow
437 90 gm
-0.07289 0.(never feed in his secret authentication and signature keys to an untrusted sales terminal.)ashow
453 90 gm
-0.08787 0.(However, it is necessary that the terminal be able to authenticate the user to the banking)ashow
469 90 gm
-0.08967 0.(system and have him approve the money transfer with his digital signature.)ashow
501 90 gm
0.72463 0. 32 0.07246 0.(The Authentication Function logically belongs to the proposed new common SASE)awidthshow
517 90 gm
0.78384 0. 32 0.07838 0.(called SCSE \(Secure Communications Service Element, see [NS89]\). SCSE can, in)awidthshow
533 90 gm
0.11260 0. 32 0.01126 0.(turn, use the authentication exchange mechanism defined in the security addendum of)awidthshow
549 90 gm
-0.10757 0.(the Association Control Service Element \(ACSE\) [IS8649/A1].)ashow
581 90 gm
1.67266 0. 32 0.16726 0.(As an intermediate solution, it is possible to offer authentication function at the)awidthshow
597 90 gm
2.48916 0. 32 0.24891 0.(transport layer. The proposed secure "network" \(or in fact transport\) protocol)awidthshow
613 90 gm
-0.05976 0.([ISO90a,b] provides us with this option and the secret information used in the authenti-)ashow
629 90 gm
-0.05778 0.(cation can still be supplied from the upper layers. While this is not a very neat solution,)ashow
645 90 gm
-0.09455 0.(it gives us most of the benefits of authentication at the application layer and can be used)ashow
661 90 gm
0.30242 0. 32 0.03024 0.(in connection with virtually any service without us having to wait for the upper layer)awidthshow
677 90 gm
-0.09062 0.(protocol standards to reach maturity.)ashow
709 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(4.1.3)ashow
709 126 gm
3.34472 0. 32 0.33447 0.(Authentication Mechanisms)awidthshow
741 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.09996 0.(The two-way authentication protocol described in the appendix can be realized by using)ashow
757 90 gm
1.18576 0. 32 0.11857 0.(the authentication information exchange facility of the ACSE Security Addendum)awidthshow
F T cp
%%Page: ? 56
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(53)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.00245 0.([IS8649/A1]. Because ACSE only provides us with the means for a two-way authenti-)ashow
101 90 gm
0.28549 0. 32 0.02854 0.(cation exchange, it is vital that we have a reliable two-way authentication protocol to)awidthshow
117 90 gm
-0.12213 0.(implement with ACSE.)ashow
152 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(4.2)ashow
152 126 gm
0.76719 0.(Integrity)ashow
184 90 gm
12 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(4.2.1)ashow
184 126 gm
2.88925 0. 32 0.28892 0.(Integrity and its Significance with Various Services)awidthshow
216 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.09780 0. 32 0.00978 0.(Together with Authentication, Data Integrity is usually considered the most important)awidthshow
232 90 gm
-0.06327 0.(security function. In fact, functions such as Authentication and Non-repudiation are not)ashow
248 90 gm
0.23437 0. 32 0.02343 0.(of much value if not combined with Integrity. Being able to know, or even prove, the)awidthshow
264 90 gm
1.47827 0. 32 0.14782 0.(identity of the other party is useless if we cannot be certain that the information)awidthshow
280 90 gm
1.04675 0. 32 0.10467 0.(exchanged has not been tampered with. Similarly, knowing that the information is)awidthshow
296 90 gm
-0.10221 0.(intact does not mean much if we cannot be sure whom it came from.)ashow
328 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(4.2.2)ashow
328 126 gm
2.15011 0. 32 0.21501 0.(Placement of Integrity in the OSI Model)awidthshow
360 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.14715 0. 32 0.11471 0.(According to the OSI reference model, the Transport Service provides transparent)awidthshow
376 90 gm
-0.09475 0.(transfer of data between session entities relieving them from any concern about how the)ashow
392 90 gm
0.67687 0. 32 0.06768 0.(reliable and cost-effective transfer of data is achieved. The functions invoked at the)awidthshow
408 90 gm
0.09552 0. 32 0.00955 0.(transport layer to provide the requested quality of service depend on the quality of the)awidthshow
424 90 gm
0.39108 0. 32 0.03910 0.(underlying network service. The selected quality of service is maintained throughout)awidthshow
440 90 gm
-0.11067 0.(the lifetime of the transport connection and the session entity is notified of any failure to)ashow
456 90 gm
-0.08580 0.(maintain the required quality of service on the transport connection [X.200].)ashow
488 90 gm
-0.11277 0.(Among the end-to-end functions of Transport Layer already are the following: sequence)ashow
504 90 gm
0.61111 0. 32 0.06111 0.(control, error detection and monitoring of the quality of service, and error recovery.)awidthshow
520 90 gm
0.07965 0. 32 0.00796 0.(Because Transport Layer is responsible for end-to-end error detection and recovery, it)awidthshow
536 90 gm
-0.10765 0.(is natural to extend the error detection \(and correction\) functions and mechanisms of the)ashow
552 90 gm
1.13693 0. 32 0.11369 0.(transport layer to detect \(and as much as possible recover from\) malicious attacks)awidthshow
568 90 gm
-0.01754 0.(against integrity as well as transmission errors. Activation of these mechanisms can be)ashow
584 90 gm
-0.05166 0.(made easily, as an extension to the selection of functions describe above already taking)ashow
600 90 gm
-0.08732 0.(place when opening a transport connection.)ashow
632 90 gm
0.56579 0. 32 0.05657 0.(Being the lowest end-to-end layer, transport layer is the lowest possible layer for an)awidthshow
648 90 gm
-0.03897 0.(end-to-end integrity function and mechanism. This mechanism could also be placed on)ashow
664 90 gm
0.14785 0. 32 0.01478 0.(top of the network layer. However, this is not an acceptable solution because network)awidthshow
680 90 gm
1.32461 0. 32 0.13246 0.(connections can be multiplexed \(and in fact network service is increasingly often)awidthshow
696 90 gm
1.63970 0. 32 0.16397 0.(connectionless\). Only in layers 4 through 7 does each connection serve just one)awidthshow
712 90 gm
-0.01347 0.(instance of communications thereby offering sufficient granularity for the provision of)ashow
728 90 gm
-0.13641 0.(integrity and confidentiality.)ashow
F T cp
%%Page: ? 57
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(54)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.26251 0. 32 0.12625 0.(When using a sophisticated transport protocol, such as the ISO Class 4 Transport)awidthshow
117 90 gm
-0.08459 0.(Protocol \(ISO TP4\) or the Department of Defense Transmission Control Protocol \(DoD)ashow
133 90 gm
0.20126 0. 32 0.02012 0.(TCP\) [RFC81b], reliable end-to-end protection is provided against accidental modifi-)awidthshow
149 90 gm
-0.07954 0.(cations of the data stream between the two transport entities. In this case, strong end-to-)ashow
165 90 gm
1.66488 0. 32 0.16648 0.(end integrity is easily achieved by placing an encryption mechanisms below the)awidthshow
181 90 gm
-0.05642 0.(transport protocol as proposed in the appendix.)ashow
213 90 gm
0.13061 0. 32 0.01306 0.(It is, therefore, suggested that the Integrity Function be placed at the Transport Layer.)awidthshow
229 90 gm
0.18295 0. 32 0.01829 0.(This applies to both Connection-oriented and Connectionless Transport Service when)awidthshow
245 90 gm
-0.07482 0.(the integrity of the whole TPDU is to be ensured.)ashow
277 90 gm
0.13549 0. 32 0.01354 0.(With some applications, Selective Field Integrity is desired. This function needs to be)awidthshow
293 90 gm
0.55892 0. 32 0.05589 0.(provided at the Application Layer because no lower layer is capable of dealing with)awidthshow
309 90 gm
0.18234 0. 32 0.01823 0.(various fields of the APDU. It is suggested, that Selective Field Integrity be placed in)awidthshow
325 90 gm
0.47592 0. 32 0.04759 0.(the Secure Communications Service Element \(SCSE\) of the Application Layer. This)awidthshow
341 90 gm
1.85806 0. 32 0.18580 0.(arrangement requires some support from the Presentation Layer. New data type)awidthshow
357 90 gm
("Signed" has to be included in the ASN.1 specification language and transfer syntaxes)show
373 90 gm
-0.10517 0.(capable of handing this new data type need to be deviced.)ashow
405 90 gm
0.85601 0. 32 0.08560 0.(It is also possible to cope with just one new type "Encrypted" and define signature)awidthshow
421 90 gm
1.13861 0. 32 0.11386 0.(mechanisms based on encryption by means of ASN.1. However, this is not a neat)awidthshow
437 90 gm
0.39230 0. 32 0.03923 0.(solution because digital signatures should be considered separately from PKCs, even)awidthshow
453 90 gm
-0.04368 0.(though most current signature schemes are based on the use of PKCs.)ashow
485 90 gm
0.40649 0. 32 0.04064 0.(The use of transport layer gateways complicates the provision of end-to-end security)awidthshow
501 90 gm
-0.06462 0.(services at the transport layer, because then the transport connection is not truly end-to-)ashow
517 90 gm
-0.05252 0.(end. When this is the case, two approaches are possible:)ashow
549 90 gm
(-)show
549 126 gm
0.04882 0. 32 0.00488 0.(Use trusted gateways within your own organization. This approach contradicts)awidthshow
565 126 gm
-0.09382 0.(with our original goal of minimizing the use of trusted parties.)ashow
597 90 gm
(-)show
597 126 gm
-0.13232 0.(Use the selective field integrity function of the application layer.)ashow
629 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(4.2.3)ashow
629 126 gm
3.34777 0. 32 0.33477 0.(Integrity Mechanisms)awidthshow
661 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.96832 0. 32 0.09683 0.(Data Integrity is closely coupled with Confidentiality and can be provided with an)awidthshow
677 90 gm
1.92840 0. 32 0.19284 0.(Integrity Check Value calculated by using symmetric or asymmetric encryption)awidthshow
693 90 gm
-0.03425 0.(mechanisms. Usually data encryption, combined with redundancy in the cleartext data,)ashow
709 90 gm
-0.09020 0.(is sufficient to provide Integrity as a by-product of Confidentiality.)ashow
F T cp
%%Page: ? 58
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(55)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.06402 0.(With connection-oriented services, it is suggested that non-selective "bulk-integrity" be)ashow
117 90 gm
1.25396 0. 32 0.12539 0.(provided by means of a secure transport protocol of the type SP4, EESP, or their)awidthshow
133 90 gm
-0.05827 0.(derivatives.)ashow
165 90 gm
1.20254 0. 32 0.12025 0.(SP4 is an encapsulating protocol placed at the bottom of the Transport Layer and)awidthshow
181 90 gm
0.49346 0. 32 0.04934 0.(encrypting all TPDUs of the actual Transport Protocol. EESP is a derivative of SP4,)awidthshow
197 90 gm
-0.01440 0.(fixing some of the problems found in the preliminary SP4 specification. However, this)ashow
213 90 gm
-0.02186 0.(proposal too has some faults which need to be corrected. SP3 is the counterpart of SP4)ashow
229 90 gm
-0.06927 0.(placed at uppermost part of the network layer. An introduction to SP3 and SP4 is found)ashow
245 90 gm
0.47149 0. 32 0.04714 0.(in [Nel88] and to SP4 in [BDH88]. For more precise definitions of the protocols see)awidthshow
261 90 gm
1.25900 0. 32 0.12590 0.([SDN89a, SDN89b, ISO90b]. In [Hou89] a protocol based on SP4 is proposed to)awidthshow
277 90 gm
-0.03921 0.(enhance the Xerox XNS \(Xerox Network Systems\) protocol suite with the functions of)ashow
293 90 gm
0.09963 0. 32 0.00996 0.(authentication, confidentiality and integrity. SP4-like functionality is also proposed in)awidthshow
309 90 gm
-0.07756 0.([Bir85] to be used with remote procedure calls.)ashow
341 90 gm
-0.07646 0.(The protocols mentioned above always do offer Message Integrity. That is, they protect)ashow
357 90 gm
-0.04420 0.(each individual TPDU from modifications. With connection-oriented communications,)ashow
373 90 gm
-0.06327 0.(Message Integrity alone is not sufficient but Sequence Integrity is required. This means)ashow
389 90 gm
-0.09371 0.(that not only each TPDU but also the entire TPDU sequence is intact. That is, no TPDU)ashow
405 90 gm
-0.07801 0.(has been deleted, added, repeated, or misplaced without this being detected.)ashow
437 90 gm
0.44235 0. 32 0.04423 0.(Because the entire TPDU is encrypted, it is sufficient for Sequence Integrity that the)awidthshow
453 90 gm
0.27877 0. 32 0.02787 0.(TPDUs carry sequence numbers. This is the case with TP4 but, alas, not with TP0. If)awidthshow
469 90 gm
-0.01057 0.(TP0 is used the Security Protocol has to be augmented with sequence numbers. A pro-)ashow
485 90 gm
0.09399 0. 32 0.00939 0.(posal to that direction is found in [CGV90]. Also, the current EESP proposal does not)awidthshow
501 90 gm
-0.05398 0.(detect TPDUs omitted from the end of a transport connection if TP0 is used. TP4 again)ashow
517 90 gm
-0.06907 0.(has sufficient functionality \(a graceful disconnect procedure with negotiation of the last)ashow
533 90 gm
-0.10166 0.(TPDU sequence number\) to detect such attempts.)ashow
565 90 gm
0.17883 0. 32 0.01788 0.(It is suggested, that a pairwise session key be generated for each connection, securely)awidthshow
581 90 gm
0.47088 0. 32 0.04708 0.(exchanged in connection with the Authentication Exchange, used with the Transport)awidthshow
597 90 gm
0.52322 0. 32 0.05232 0.(Layer Security Protocol, and disposed of at the end of the connection. This pairwise)awidthshow
613 90 gm
-0.08987 0.(key forms an important part of the Security Context.)ashow
645 90 gm
-0.00994 0.(With connectionless services, only Message Integrity can be provided. Here setting up)ashow
661 90 gm
0.93627 0. 32 0.09362 0.(a Security Context including a pairwise symmetric key is impractical unless a pre-)awidthshow
677 90 gm
0.12161 0. 32 0.01216 0.(defined Default Context exists. It is, therefore, suggested that each message be signed)awidthshow
693 90 gm
2.27340 0. 32 0.22734 0.(with the secret key of the sender. This procedure offers not only Data Origin)awidthshow
709 90 gm
-0.10200 0.(Authentication but also the stronger function of Non-repudiation of Origin.)ashow
F T cp
%%Page: ? 59
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(56)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
104 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(4.3)ashow
104 126 gm
0.69970 0.(Confidentiality)ashow
136 90 gm
12 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(4.3.1)ashow
136 126 gm
3.08212 0. 32 0.30821 0.(Confidentiality and its Significance with Various Services)awidthshow
168 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.82305 0. 32 0.08230 0.(Confidentiality is usually the first function that people associate with data security.)awidthshow
184 90 gm
0.55145 0. 32 0.05514 0.(However, it is generally not as important as Authentication or Integrity. Most of the)awidthshow
200 90 gm
0.88378 0. 32 0.08837 0.(data passed through a network is not very critical and the sheer bulk of it makes it)awidthshow
216 90 gm
-0.05924 0.(difficult for the enemy to find the relevant pieces of information and make use of them.)ashow
232 90 gm
0.03326 0. 32 0.00332 0.(However, some of the data is always critical and  should not be sent in cleartext. Most)awidthshow
248 90 gm
0.62271 0. 32 0.06227 0.(notably passwords and usernames must always be considered pieces of such critical)awidthshow
264 90 gm
-0.04042 0.(information, as mentioned in section 1.2.)ashow
296 90 gm
-0.11453 0.(Confidentiality should be used to make gaining access to the data more expensive for an)ashow
312 90 gm
-0.02540 0.(enemy than the value of the information revealed would be for him. This requires risk-)ashow
328 90 gm
-0.06564 0.(assessment and security classification of data. It should again be noted that the Security)ashow
344 90 gm
0.22613 0. 32 0.02261 0.(and Integrity classes of the same information may be quite different. For example the)awidthshow
360 90 gm
-0.09684 0.(Integrity Level of a public record is very high whereas its Security Level is nil.)ashow
392 90 gm
0.12847 0. 32 0.01284 0.(However, confidentiality is vital for many applications, such as Electronic Data Inter-)awidthshow
408 90 gm
-0.01722 0.(change \(EDI\), Electronic Funds Transfer \(EFT\) etc., and it can often be provided at no)ashow
424 90 gm
-0.03950 0.(extra cost, as a by-product of Integrity.)ashow
456 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(4.3.2)ashow
456 126 gm
2.41012 0. 32 0.24101 0.(Placement of Confidentiality in the OSI Model)awidthshow
488 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.12464 0.(Confidentiality is closely coupled with Integrity and it logically belongs to the Transport)ashow
504 90 gm
-0.01745 0.(Layer because it augments the Transport Service in a most natural way. Like Integrity,)ashow
520 90 gm
0.00778 0. 32 0.00077 0.(Confidentiality can be viewed as one more attribute of the quality of transport service.)awidthshow
536 90 gm
0.07034 0. 32 0.00703 0.(Also, since Confidentiality is usually produced by the same mechanism as integrity, it)awidthshow
552 90 gm
-0.11291 0.(is natural to place these two functions at the same layer \(and use the same mechanism to)ashow
568 90 gm
-0.11659 0.(implement them both\) in order to avoid unnecessary duplication of functionality.)ashow
600 90 gm
0.30197 0. 32 0.03019 0.(In fact, based on the preceding discussion, Transport Layer is the only possible place)awidthshow
616 90 gm
-0.09648 0.(for end-to-end bulk confidentiality for the following reasons:)ashow
648 90 gm
(-)show
648 126 gm
0.07003 0. 32 0.00700 0.(End-to-end Confidentiality cannot be placed below the transport layer because)awidthshow
664 126 gm
-0.08242 0.(the lower layers are not necessarily end-to-end.)ashow
696 90 gm
(-)show
696 126 gm
1.08581 0. 32 0.10858 0.(Confidentiality should be placed below the transport protocol \(such as ISO)awidthshow
712 126 gm
-0.08421 0.(TP4\) in order to provide end-to-end integrity at no extra cost.)ashow
F T cp
%%Page: ? 60
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(57)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.51925 0. 32 0.05192 0.(Bulk confidentiality should, therefore, be placed at the transport layer in such a way)awidthshow
117 90 gm
1.04522 0. 32 0.10452 0.(that the actual TPDUs can be encrypted and that each transport connection can be)awidthshow
133 90 gm
-0.06993 0.(protected independently of the other connections \(that is, a different key can be used on)ashow
149 90 gm
-0.11805 0.(each connection and not all connections need to be encrypted\).)ashow
181 90 gm
0.20782 0. 32 0.02078 0.(Just like with Selective Field Integrity, the function of Selective Field Confidentiality)awidthshow
197 90 gm
0.79284 0. 32 0.07928 0.(needs to be provided at the Application Layer because no lower layer is capable of)awidthshow
213 90 gm
0.22247 0. 32 0.02224 0.(dealing with various fields of the APDU. Selective Field Confidentiality is one of the)awidthshow
229 90 gm
3.67095 0. 32 0.36709 0.(functions provided by the SCSE of the Application Layer. Like Integrity,)awidthshow
245 90 gm
0.29907 0. 32 0.02990 0.(Confidentiality in the Application Layer requires some support from the Presentation)awidthshow
261 90 gm
1.54144 0. 32 0.15414 0.(Layer. What was said previously about the effect of transport layer gateways on)awidthshow
277 90 gm
-0.12857 0.(integrity also applies to confidentiality at the transport layer.)ashow
309 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(4.3.3)ashow
309 126 gm
3.91479 0. 32 0.39147 0.(Confidentiality Mechanisms)awidthshow
341 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.98907 0. 32 0.09890 0.(For Connection Confidentiality, the same Transport Layer Security Protocol as for)awidthshow
357 90 gm
-0.05831 0.(Connection Integrity is used.)ashow
389 90 gm
0.17761 0. 32 0.01776 0.(For Connectionless Confidentiality, Public Key Encryption with the public key of the)awidthshow
405 90 gm
-0.05690 0.(recipient is used.)ashow
437 90 gm
1.64840 0. 32 0.16484 0.(If a pre-defined \(or otherwise agreed-on\) common Security Context, including a)awidthshow
453 90 gm
0.45639 0. 32 0.04563 0.(pairwise symmetric key between the sender and the recipient, exists, it is possible to)awidthshow
469 90 gm
1.71203 0. 32 0.17120 0.(use symmetric encryption with this key for Connectionless Confidentiality. This)awidthshow
485 90 gm
0.10025 0. 32 0.01002 0.(common Security Context can also be set up by including the pairwise key, encrypted)awidthshow
501 90 gm
1.36276 0. 32 0.13627 0.(with the public key of the recipient, in the message. This procedure makes sense)awidthshow
517 90 gm
-0.06564 0.(performance-wise if the message is very long.)ashow
552 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(4.4)ashow
552 126 gm
0.61160 0.(Non-Repudiation)ashow
584 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.05569 0. 32 0.00556 0.(Non-Repudiation is a security function, which provides proof of the origin or delivery)awidthshow
600 90 gm
0.22171 0. 32 0.02217 0.(of data in order to protect the sender against false denial by the recipient that the data)awidthshow
616 90 gm
0.03646 0. 32 0.00364 0.(has been received, or to protect the recipient against false denial by the sender that the)awidthshow
632 90 gm
1.22879 0. 32 0.12287 0.(data has been sent. Non-repudiation implies the existence of a trusted third party,)awidthshow
648 90 gm
-0.07450 0.(whose primary role is to arbitrate disputes resulting from Non-Repudiation [ISO90e].)ashow
680 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(4.4.1)ashow
680 126 gm
3.13812 0. 32 0.31381 0.(Non-Repudiation and its Significance with Various Services)awidthshow
712 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.05828 0.(Data Communication is gradually replacing the transfer of paper documents within and)ashow
728 90 gm
1.81671 0. 32 0.18167 0.(between organizations. If Electronic Documents and direct transactions between)awidthshow
744 90 gm
-0.07807 0.(information systems are ever to replace \(or even seriously compete with\) paper in inter-)ashow
F T cp
%%Page: ? 61
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(58)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.10044 0.(corporate business, it is essential that there exist means to make commitments electroni-)ashow
101 90 gm
-0.06410 0.(cally.)ashow
133 90 gm
0.24719 0. 32 0.02471 0.(Non-repudiation is especially important with services such as MHS, where electronic)awidthshow
149 90 gm
0.34698 0. 32 0.03469 0.(mail needs to be signed, EDI, where inter-corporate offers, orders, bills etc. are to be)awidthshow
165 90 gm
0.97930 0. 32 0.09793 0.(handled electronically, and EMT, where \(possibly large\) sums of money are trans-)awidthshow
181 90 gm
0.06138 0.(ferred.)ashow
213 90 gm
-0.07875 0.(Non-repudiation has associated with it a hoard of legal problems that need to be solved.)ashow
229 90 gm
0.92330 0. 32 0.09233 0.(Before electronic commitments can be used in the court of law, a lot of legislative)awidthshow
245 90 gm
-0.03637 0.(work, which is outside the scope of engineering as well as that of this study, is needed.)ashow
277 90 gm
2.03216 0. 32 0.20321 0.(In any case, we must first define sound methods for making and showing true)awidthshow
293 90 gm
0.42098 0. 32 0.04209 0.(electronic commitments before any concrete legislation in this area is possible. Then)awidthshow
309 90 gm
-0.05007 0.(there is a chance that laws defining the properties of an acceptable digital signature can)ashow
325 90 gm
-0.02056 0.(be passed and a procedure for keeping and updating an official list of currently accept-)ashow
341 90 gm
0.36743 0. 32 0.03674 0.(able signature mechanisms, as well as an official record of approved CAs, can be set)awidthshow
357 90 gm
0.5 0.(up.)ashow
389 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(4.4.2)ashow
389 126 gm
2.47314 0. 32 0.24731 0.(Placement of Non-Repudiation in the OSI Model)awidthshow
421 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.83395 0. 32 0.18339 0.(Non-repudiation is strongly application-dependent but a generic non-repudiation)awidthshow
437 90 gm
0.07965 0. 32 0.00796 0.(function can still be included in the SCSE of the Application Layer. This function can)awidthshow
453 90 gm
0.55175 0. 32 0.05517 0.(be used to sign any APDU with no regard to its structure or semantics. This generic)awidthshow
469 90 gm
0.00625 0. 32 0.00062 0.(service can, in turn, be used by various SASEs for various purposes.)awidthshow
501 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(4.4.3)ashow
501 126 gm
4.10186 0. 32 0.41018 0.(Non-Repudiation Mechanisms)awidthshow
533 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.95687 0. 32 0.09568 0.(Non-repudiation is usually based on digital signatures which, in turn, are currently)awidthshow
549 90 gm
0.29678 0. 32 0.02967 0.(based on PKCs. A message signed with the secret key of the sender can be proved to)awidthshow
565 90 gm
1.62048 0. 32 0.16204 0.(have been sent by the holder of the secret key, because nobody else could have)awidthshow
581 90 gm
0.06301 0. 32 0.00630 0.(generated the signature. Giving away one's secret key can be considered giving out an)awidthshow
597 90 gm
0.25329 0. 32 0.02532 0.(open proxy, even though a procedure for cancelling compromised keys will normally)awidthshow
613 90 gm
0.06958 0. 32 0.00695 0.(have to be provided. Cryptosums based on symmetric encryption can be used to make)awidthshow
629 90 gm
-0.11068 0.(the generation and checking of signatures more efficient.)ashow
661 90 gm
0.76583 0. 32 0.07658 0.(It is proposed that a Digital Signature Mechanism be embedded in the SCSE in the)awidthshow
677 90 gm
-0.00991 0.(application layer. In terms of low-level mechanisms the signature mechanism operates)ashow
693 90 gm
-0.09875 0.(in the following way:)ashow
725 90 gm
(-)show
725 126 gm
-0.11225 0.(Convert the APDU into a canonical form.)ashow
757 90 gm
(-)show
757 126 gm
-0.07394 0.(Compute a cryptosum of the APDU.)ashow
F T cp
%%Page: ? 62
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(59)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(-)show
101 126 gm
-0.08279 0.(Encrypt the cryptosum with the secret key of the sender.)ashow
133 90 gm
(-)show
133 126 gm
-0.12561 0.(Attach this signature to the original APDU.)ashow
165 90 gm
-0.10404 0.(In the receiving end the signature is checked in a similar fashion.)ashow
197 90 gm
0.14068 0. 32 0.01406 0.(In case of non-repudiation of receipt, it deserves to be noted that the mechanism must)awidthshow
213 90 gm
-0.02783 0.(be activated )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.03048 0.(before)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.02812 0.( the data is transmitted to the recipient. Otherwise the recipient may)ashow
229 90 gm
-0.07557 0.(first examine the data and then decide whether or not he wishes to acknowledge it. This)ashow
245 90 gm
-0.08479 0.(leads into one of the two solutions:)ashow
277 90 gm
(-)show
277 126 gm
2.49435 0. 32 0.24943 0.(First deliver a digital finger-print of the message and require a signed)awidthshow
293 126 gm
1.16867 0. 32 0.11686 0.(acknowledgement from the recipient \("intent to receive"\). Then deliver the)awidthshow
309 126 gm
(whole message.)show
341 90 gm
(-)show
341 126 gm
-0.00151 0.(Use a trusted security server to handle the delivery and require a receipt before)ashow
357 126 gm
-0.07467 0.(submitting the message.)ashow
389 90 gm
1.68365 0. 32 0.16836 0.(Neither of these two approaches completely solves the problem, as explained in)awidthshow
405 90 gm
1.99630 0. 32 0.19963 0.([ISO90e]. Also, since we do not wish to include any more trusted parties than)awidthshow
421 90 gm
0.19668 0. 32 0.01966 0.(absolutely necessary, we decide, that a receipt obtained voluntarily from the recipient)awidthshow
437 90 gm
-0.03700 0.(shall be adequate for our purposes.)ashow
469 90 gm
0.16128 0. 32 0.01612 0.(Notary services can be used to support non-repudiation. It is, for example, possible to)awidthshow
485 90 gm
-0.06678 0.(allow a trusted notary server to authenticate the communicating parties and register and)ashow
501 90 gm
1.52221 0. 32 0.15222 0.(certify commitments made between them. This kind of service can be offered in)awidthshow
517 90 gm
0.77972 0. 32 0.07797 0.(connection with, or instead of, the mechanism described above. This study concen-)awidthshow
533 90 gm
-0.13600 0.(trates on realizing secure communications with a minimal number of trusted parties \(that)ashow
549 90 gm
0.42816 0. 32 0.04281 0.(is, we trust in only our own CA\). Therefore, trusted servers are not dealt with in any)awidthshow
565 90 gm
-0.11814 0.(detail here.)ashow
600 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(4.5)ashow
600 126 gm
4.00421 0. 32 0.40042 0.(Access Control)awidthshow
632 90 gm
12 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(4.5.1)ashow
632 126 gm
2.96936 0. 32 0.29693 0.(Access Control and its Significance with Various Services)awidthshow
664 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.71127 0. 32 0.17112 0.(Access Control is not a security function in the same sense as the four security)awidthshow
680 90 gm
0.08422 0. 32 0.00842 0.(functions discussed above. For example, we do not explicitly ask for access control to)awidthshow
696 90 gm
0.06576 0. 32 0.00657 0.(be employed with a connection when opening it. Rather, access control has to do with)awidthshow
712 90 gm
-0.13470 0.(Authentication as well as Network and Applications Management.)ashow
F T cp
%%Page: ? 63
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(60)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
1 fs
12 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(4.5.2)ashow
101 126 gm
2.33810 0. 32 0.23381 0.(Placement of Access Control in the OSI Model)awidthshow
133 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.07882 0.(Access Control can be employed at most levels of OSI to limit illegitimate access to \(or)ashow
149 90 gm
2.37548 0. 32 0.23754 0.(from\) networks and services. In current distributed systems Access Control is)awidthshow
165 90 gm
-0.05699 0.(performed by means of e.g. the following mechanisms:)ashow
193 90 gm
(-)show
193 126 gm
-0.10453 0.(At the Data Link Layer, with filters in bridges.)ashow
221 90 gm
(-)show
221 126 gm
-0.05963 0.(At the Network Layer, in routers with limitations based on network addresses.)ashow
249 90 gm
(-)show
249 126 gm
0.86669 0. 32 0.08666 0.(At the Transport Layer, in routers based on TCP Socket Numbers \(and OSI)awidthshow
265 126 gm
0.02760 0.(TSAP-numbers\).)ashow
293 90 gm
(-)show
293 126 gm
-0.16543 0.(Within the Application.)ashow
325 90 gm
-0.14228 0.(The ultimate responsibility for Access Control is in the Application and therefore mainly)ashow
341 90 gm
-0.02719 0.(beyond the scope of OSI.)ashow
373 90 gm
-0.00183 0.(Access Control in the lower layers \(Transport, Network and Data Link\) can be used to)ashow
389 90 gm
0.07949 0. 32 0.00794 0.(effectively reduce the number of serious attacks. Management of virtual networks can)awidthshow
405 90 gm
0.91125 0. 32 0.09112 0.(be used to aid in this. Current routers have Access Control Lists etc. which can be)awidthshow
421 90 gm
0.81253 0. 32 0.08125 0.(maintained by means of standardized network management protocols. Frame Relay)awidthshow
437 90 gm
-0.12585 0.(techniques will make it possible to define virtual networks at the Datalink Layer.)ashow
469 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(4.5.3)ashow
469 126 gm
3.42193 0. 32 0.34219 0.(Access Control Mechanisms)awidthshow
501 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.30334 0. 32 0.03033 0.(Access Control should be based on reliable \(strong\) authentication of the user and an)awidthshow
517 90 gm
-0.00196 0.(information base kept by the application on the privileges and restrictions of each user)ashow
533 90 gm
0.08483 0. 32 0.00848 0.(or group of users. It is important to separate Authentication from Access Control. The)awidthshow
549 90 gm
1.46713 0. 32 0.14671 0.(Access Control Scheme included in the current FTAM standard [IS8571-2] is an)awidthshow
565 90 gm
-0.06401 0.(example of mixing \(simple, application specific\) authentication and access control with)ashow
581 90 gm
-0.06546 0.(disastrous consequences. This example demonstrates the necessity to find more general)ashow
597 90 gm
0.39871 0. 32 0.03987 0.(solutions to the security problems of open systems instead of solving these problems)awidthshow
613 90 gm
-0.07487 0.(on a per-application basis.)ashow
F T cp
%%Page: ? 64
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(61)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
110 90 gm
1 fs
18 fz
bu fc
2 F /|______Times-Bold fnt
bn
(5)show
110 126 gm
3.28521 0. 32 0.32852 0.(Management Issues)awidthshow
143 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.06715 0.(All security functions and services can only be provided within the context of a defined)ashow
159 90 gm
0.84762 0. 32 0.08476 0.(security policy for a specific application. Ultimately, it is left as a responsibility of)awidthshow
175 90 gm
1.42349 0. 32 0.14234 0.(systems management to enforce this security policy by activating the appropriate)awidthshow
191 90 gm
1.28112 0. 32 0.12811 0.(security functions required by the security policy. International standardization of)awidthshow
207 90 gm
1.13265 0. 32 0.11326 0.(systems management is increasingly focusing on security management, as demon-)awidthshow
223 90 gm
0.66390 0. 32 0.06639 0.(strated by e.g. [IS10164-7,8,9].)awidthshow
258 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(5.1)ashow
258 126 gm
3.09402 0. 32 0.30940 0.(Activation and Negotiation of Security Functions)awidthshow
290 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.11822 0.(Security functions can be activated in either of the two ways:)ashow
322 90 gm
(-)show
322 126 gm
-0.01974 0.(On user request.)ashow
354 90 gm
(-)show
354 126 gm
-0.11355 0.(By system management as dictated by the security policy.)ashow
386 90 gm
0.63247 0. 32 0.06324 0.(In the general-purpose secure OSI protocol stack drafted in chapter 4, security is an)awidthshow
402 90 gm
-0.02607 0.(integral element of the quality of service provided by the communications system. The)ashow
418 90 gm
0.03692 0. 32 0.00369 0.(user can indicate the security functions he wishes to activate by the Quality of Service)awidthshow
434 90 gm
-0.01046 0.(\(QOS\) parameter when opening the communications. Only formal changes are needed)ashow
450 90 gm
-0.13388 0.(in the current service interfaces to accommodate for this facility.)ashow
482 90 gm
1.81137 0. 32 0.18113 0.(Each OSI layer can provide the security services requested that it is capable of)awidthshow
498 90 gm
0.79864 0. 32 0.07986 0.(providing and pass a request for the rest on to the lower layers. In this manner, the)awidthshow
514 90 gm
0.39596 0. 32 0.03959 0.(application is not greatly affected by the fact that some security functions are moved)awidthshow
530 90 gm
0.57144 0. 32 0.05714 0.(from one layer to another. For example, Authentication or Integrity could be moved)awidthshow
546 90 gm
-0.01339 0.(from the transport layer up to the application layer without any changes to the applica-)ashow
562 90 gm
-0.02384 0.(tions using these functions.)ashow
594 90 gm
0.86166 0. 32 0.08616 0.(The communication service provider need not provide exactly the security services)awidthshow
610 90 gm
1.22940 0. 32 0.12294 0.(requested by the user. For example, if the user requires data integrity, the service)awidthshow
626 90 gm
0.44952 0. 32 0.04495 0.(provider can activate an encryption mechanism offering both integrity and confiden-)awidthshow
642 90 gm
1.39633 0. 32 0.13963 0.(tiality. Also the system may have a policy of, for example, not offering integrity)awidthshow
658 90 gm
0.10925 0. 32 0.01092 0.(without authentication, or vice versa. Should the user ask for integrity, he may end up)awidthshow
674 90 gm
-0.03414 0.(getting authentication and confidentiality too. Also, systems management may activate)ashow
690 90 gm
2.05871 0. 32 0.20587 0.(security functions without any interference from the user when dictated by the)awidthshow
706 90 gm
-0.12620 0.(applicable security policy.)ashow
738 90 gm
-0.06813 0.(When negotiating the use of security functions and mechanisms between the communi-)ashow
754 90 gm
0.26763 0. 32 0.02676 0.(cating parties, a complicated negotiating procedure should be avoided. It is enough if)awidthshow
F T cp
%%Page: ? 65
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(62)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.70745 0. 32 0.17074 0.(we let the originating party choose the set of functions it is willing to use. The)awidthshow
101 90 gm
0.27221 0. 32 0.02722 0.(responding party may either accept this offer, add its own requirements, or refuse the)awidthshow
117 90 gm
1.77658 0. 32 0.17765 0.(connection. Similarly the originating party can refuse the connection should the)awidthshow
133 90 gm
0.30105 0. 32 0.03010 0.(responding party require the use of additional security functions and mechanisms not)awidthshow
149 90 gm
-0.01109 0.(supported by this end system.)ashow
181 90 gm
0.42129 0. 32 0.04212 0.(The negotiation mechanism suggested above appears to be a reasonable compromise)awidthshow
197 90 gm
0.02166 0. 32 0.00216 0.(between simplicity and functionality. It can be easily implemented, it only uses a two-)awidthshow
213 90 gm
-0.06161 0.(way handshake, and nevertheless it provides adequate functionality for most purposes.)ashow
248 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(5.2)ashow
248 126 gm
2.51403 0. 32 0.25140 0.(Distribution and Management of Keys)awidthshow
280 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.10913 0.(Keys are divided into two categories:)ashow
312 90 gm
(-)show
312 126 gm
1.15539 0. 32 0.11553 0.(Master Keys, used for authentication, key exchange, and key management.)awidthshow
328 126 gm
2.09869 0. 32 0.20986 0.(They can also be used for encrypting short datagrams in connectionless)awidthshow
344 126 gm
0.90011 0. 32 0.09001 0.(communications. These keys are rather permanent in nature, they should be)awidthshow
360 126 gm
-0.08116 0.(stored with utmost care and never be used for the encryption of bulk traffic.)ashow
392 90 gm
(-)show
392 126 gm
1.32080 0. 32 0.13208 0.(Session Keys, used for the encryption of bulk traffic. These keys are very)awidthshow
408 126 gm
0.57281 0. 32 0.05728 0.(perishable and should not be used for extended periods of time. They should)awidthshow
424 126 gm
-0.06452 0.(normally be pairwise.)ashow
456 90 gm
1.27075 0. 32 0.12707 0.(A third group of keys are those used for encrypting stored data. These keys have)awidthshow
472 90 gm
0.24429 0. 32 0.02442 0.(nothing to do with data transfer and their generation and secure storage is beyond the)awidthshow
488 90 gm
0.07186 0. 32 0.00718 0.(scope of this study.)awidthshow
520 90 gm
0.27832 0. 32 0.02783 0.(In most security schemes, keys are referred to by key-IDs. The idea is to separate the)awidthshow
536 90 gm
0.69305 0. 32 0.06930 0.(use of keys from their distribution. Keys are stored in a database, referenced by the)awidthshow
552 90 gm
0.00991 0. 32 0.00099 0.(key-IDs, and used as needed.)awidthshow
584 90 gm
1.01699 0. 32 0.10169 0.(However, this approach has a severe shortcoming. When using a key stored in the)awidthshow
600 90 gm
2.20855 0. 32 0.22085 0.(database we cannot have any knowledge of its freshness. In fact, this practise)awidthshow
616 90 gm
0.08972 0. 32 0.00897 0.(encourages sloppy usage of session keys. It is highly likely that in many cases a small)awidthshow
632 90 gm
-0.07763 0.(collection of keys will be used for extended periods of time leading into repeated use of)ashow
648 90 gm
-0.04354 0.(the same keys. Also, stored keys can leak before or after their use making it possible to)ashow
664 90 gm
-0.08190 0.(decrypt recorded traffic afterwards.)ashow
696 90 gm
0.61462 0. 32 0.06146 0.(Generating symmetric encryption keys is almost trivial and session keys usually are)awidthshow
712 90 gm
0.42327 0. 32 0.04232 0.(symmetric. Even strong public key pairs can nowadays rather easily be generated by)awidthshow
728 90 gm
1.24542 0. 32 0.12454 0.(using a cheap personal computer. It is therefore evident that labelling and storing)awidthshow
744 90 gm
1.80053 0. 32 0.18005 0.(session keys does more harm than good and this practise should be abandoned.)awidthshow
F T cp
%%Page: ? 66
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(63)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.21942 0. 32 0.02194 0.(Instead, fresh session keys should be generated when needed and securely exchanged)awidthshow
101 90 gm
-0.05805 0.(in connection with authentication by using the permanent master keys. Should the need)ashow
117 90 gm
0.00473 0. 32 0.00047 0.(arise to change session keys in the middle of a long session, this can easily be done by)awidthshow
133 90 gm
-0.12622 0.(repeating the authentication procedure and its associated key exchange.)ashow
165 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(5.2.1)ashow
165 126 gm
2.35824 0. 32 0.23582 0.(Management of Master Keys)awidthshow
197 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.12843 0.(The minimal procedures for the management of master keys are the following:)ashow
229 90 gm
(-)show
229 126 gm
1.50588 0. 32 0.15058 0.(User A registers to his CA exchanging Public Keys with it. The user can)awidthshow
245 126 gm
0.23620 0. 32 0.02362 0.(generate his own key pair himself, so that he need not trust anybody else with)awidthshow
261 126 gm
0.52581 0. 32 0.05258 0.(his secret key. The CA gives A a Signed Certificate of A's Public Key K)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.16249 0.(P,A)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(:)show
277 126 gm
0.17915 0.(S)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.18650 0.(CA)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.47927 0. 32 0.04792 0.({CA, A, K)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.13676 0.(P,A)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.19287 0. 32 0.01928 0.(, t)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.11920 0.(e)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.42434 0. 32 0.04243 0.(}, where t)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.11920 0.(e)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.45440 0. 32 0.04544 0.( is the expiration time of the certificate. Also)awidthshow
293 126 gm
0.23956 0. 32 0.02395 0.(the CA's Public Key K)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.07325 0.(P,CA)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.17822 0. 32 0.01782 0.( is handed over to A in such a way as to sustain its)awidthshow
309 126 gm
-0.07283 0.(integrity.)ashow
341 90 gm
(-)show
341 126 gm
-0.01937 0.(The CAs form a global hierarchy logically structured as a tree. Each CA in this)ashow
357 126 gm
-0.11999 0.(tree certifies its father and children.)ashow
389 90 gm
-0.07815 0.(It is important to notice that the hierarchy of CAs need not have anything to do with the)ashow
405 90 gm
-0.05972 0.(hierarchy of Directory Server Agents \(DSAs\) distributing the certificates. For example,)ashow
421 90 gm
1.76727 0. 32 0.17672 0.(the CAs may be administrative bodies while the DSAs may be administered by)awidthshow
437 90 gm
-0.11181 0.(teleoperators and private companies.)ashow
469 90 gm
0.02319 0. 32 0.00231 0.(To facilitate the possibility of using different key pairs for different purposes \(e.g. one)awidthshow
485 90 gm
1.92687 0. 32 0.19268 0.(key pair for confidentiality, another for non-repudiation\) we should include the)awidthshow
501 90 gm
0.09338 0. 32 0.00933 0.(intended area of use of the public key in each certificate. Because the PKCs used may)awidthshow
517 90 gm
0.70922 0. 32 0.07092 0.(\(and will\) change with time, we must also include an identifier of the algorithm for)awidthshow
533 90 gm
-0.10375 0.(which the public key is intended. This is most easily done by letting the key value in the)ashow
549 90 gm
0.52673 0. 32 0.05267 0.(certificate be a structured data type with all essential information \(such as algorithm)awidthshow
565 90 gm
1.26602 0. 32 0.12660 0.(identifier and scope of use\) included. Considering the fast progress in the area of)awidthshow
581 90 gm
0.02243 0. 32 0.00224 0.(cryptology, we must be prepared for completely new types of keys, which may be, for)awidthshow
597 90 gm
0.36468 0. 32 0.03646 0.(example, large sets of data items. This should be borne in mind when certificates are)awidthshow
613 90 gm
0.04336 0.(designed.)ashow
645 90 gm
0.02212 0. 32 0.00221 0.(In the CCITT recommendation X.509 a )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.03417 0. 32 0.00341 0.(Certification Path)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.01953 0. 32 0.00195 0.( is formed between the CAs)awidthshow
661 90 gm
-0.08920 0.(of two parties served by different CAs and wishing to communicate in a secure manner.)ashow
693 90 gm
0.21102 0. 32 0.02110 0.(Let us assume that A trusts CA)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.09187 0.(A)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.23101 0. 32 0.02310 0.( and wishes to communicate with B belonging to the)awidthshow
708 90 gm
-0.04644 0.(domain of CA)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.05413 0.(B)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.04002 0.(. A now possesses an integral copy of K)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.04454 0.(P,CA)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.05274 0.(A)ashow
0 -1 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
( )show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.04045 0.(\(the public key of CA)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.05860 0.(A)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.05676 0.(\).)ashow
725 90 gm
-0.12478 0.(However, CA)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.14871 0.(A)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.09843 0.( cannot directly certify B because B belongs to a different administrative)ashow
741 90 gm
0.17562 0. 32 0.01756 0.(domain, namely that of CA)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.05812 0.(B)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.15121 0. 32 0.01512 0.(. We now need to find a Certification Path between CA)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(A)show
757 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.04943 0. 32 0.00494 0.(and CA)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(B)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.02700 0. 32 0.00270 0.(, that is a chain of CA)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(i)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.03051 0. 32 0.00305 0.(, such that: A => CA)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(A)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.02746 0. 32 0.00274 0.( -> CA)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(1)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.02746 0. 32 0.00274 0.( -> CA)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(2)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.02380 0. 32 0.00238 0.( -> ... -> CA)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(n )show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(->)show
F T cp
%%Page: ? 67
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(64)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.31140 0.(CA)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.20254 0. 32 0.12025 0.(B )awidthshow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
2.37655 0. 32 0.23765 0.(-> B \(A trusts CA)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.13604 0.(A)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
3.04107 0. 32 0.30410 0.(, which certifies CA)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.78681 0.(1)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
3.04107 0. 32 0.30410 0.(, which certifies CA)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.78681 0.(2)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
3.47412 0. 32 0.34741 0.(, which)awidthshow
101 90 gm
0.19119 0. 32 0.01911 0.(certifies...which certifies CA)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(n)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.16586 0. 32 0.01658 0.(,which certifies CA)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(B)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.13793 0. 32 0.01379 0.(, which certifies B\). This unbroken)awidthshow
117 90 gm
-0.06541 0.(chain of trust implies that A can trust in the integrity of B's Public Key K)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.08659 0.(PB)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.07293 0.( included in)ashow
132 90 gm
-0.02899 0.(the certificate S)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.04545 0.(CA)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(B)show
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.04893 0.({CA)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(A)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.03199 0.(, A, K)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.03213 0.(P,B)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.02037 0.(, t)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(e)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.03433 0.(} issued by CA)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(B)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(.)show
165 90 gm
-0.00167 0.(This means that A has to acquire from somewhere \(not necessarily from the directory\))ashow
181 90 gm
0.10498 0. 32 0.01049 0.(all the certificates necessary for forming this Certification Path \(that is one Certificate)awidthshow
197 90 gm
0.58364 0. 32 0.05836 0.(for each arrow "->" in the formula above\). These Certificates may be obtained from)awidthshow
213 90 gm
-0.05674 0.(anywhere, not necessarily from different DSAs.)ashow
245 90 gm
-0.07859 0.(In a tree-like structure of CAs the shortest Certification Path is never overly long. It can)ashow
261 90 gm
0.05416 0. 32 0.00541 0.(be shortened further by having CAs with lots of traffic between their domains directly)awidthshow
277 90 gm
0.09994 0. 32 0.00999 0.(cross-certify one-another. It is not obvious how a reasonably short and reliable path is)awidthshow
293 90 gm
-0.02497 0.(found. For example X.509 does not recommend any method for this.)ashow
325 90 gm
-0.12619 0.(The three basic approaches are the following:)ashow
357 90 gm
(-)show
357 126 gm
0.59753 0. 32 0.05975 0.(The originating party can find a certification path and pass it to the recipient)awidthshow
373 126 gm
-0.05902 0.(along with the message.)ashow
405 90 gm
(-)show
405 126 gm
-0.11114 0.(The responding party can find a certification path.)ashow
437 90 gm
(-)show
437 126 gm
1.33178 0. 32 0.13317 0.(The originator can provide part of the certification path and the responder)awidthshow
453 126 gm
-0.13537 0.(complete the path.)ashow
485 90 gm
0.20462 0. 32 0.02046 0.(These three modes of operation are not mutually exclusive. Obviously, the amount of)awidthshow
501 90 gm
0.33187 0. 32 0.03318 0.(trust that a user can place in a certification path cannot be greater than the amount of)awidthshow
517 90 gm
0.44647 0. 32 0.04464 0.(trust he is willing to place in the weakest link of the chain. If the responder does not)awidthshow
533 90 gm
0.27496 0. 32 0.02749 0.(trust in \(parts of\) the path provided by the originator and wants to find a safer certifi-)awidthshow
549 90 gm
-0.07531 0.(cation path this option should be left open for him as proposed in [MWR89].)ashow
581 90 gm
0.13259 0. 32 0.01325 0.(A simple solution for finding a path is to require that every communicating party if in)awidthshow
597 90 gm
0.38131 0. 32 0.03813 0.(possession of the \(bi-directional\) certification path between itself and the world root.)awidthshow
613 90 gm
0.37933 0. 32 0.03793 0.(The sender passes the half-path from the world root to itself along with the message.)awidthshow
629 90 gm
0.33187 0. 32 0.03318 0.(The recipient combines this information with the half path from itself to to the world)awidthshow
645 90 gm
0.31723 0. 32 0.03172 0.(root to find the certification path via the closest common ancestor in the tree of CAs.)awidthshow
661 90 gm
1.75323 0. 32 0.17532 0.(Optimization, e.g. based on knowledge about the uppermost level of the closest)awidthshow
677 90 gm
-0.03472 0.(common ancestor, is possible but not necessary.)ashow
709 90 gm
0.83724 0. 32 0.08372 0.(The normal way of distributing certificates is via the Directory by according to the)awidthshow
725 90 gm
0.32531 0. 32 0.03253 0.(CCITT recommendation X.509. However, certificates can be distributed through any)awidthshow
741 90 gm
0.92117 0. 32 0.09211 0.(channel and in the scheme described above each party only has to know the rather)awidthshow
F T cp
%%Page: ? 68
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(65)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01705 0.(stable certification path between itself and the world root making the need of directory)ashow
101 90 gm
-0.11880 0.(queries in forming certification path rather infrequent.)ashow
133 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(5.2.2)ashow
133 126 gm
3.27926 0. 32 0.32792 0.(Management of Session Keys)awidthshow
165 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.27227 0. 32 0.12722 0.(Ways of exchanging fresh keys in connection with authentication and using them)awidthshow
181 90 gm
0.64376 0. 32 0.06437 0.(exclusively for this one session should be studied. Here, no need to identify session)awidthshow
197 90 gm
0.19119 0. 32 0.01911 0.(keys exists, as long as they are mutually agreed upon. The session key never needs to)awidthshow
213 90 gm
-0.04005 0.(be explicitly referenced, the key belonging to the current security context always being)ashow
229 90 gm
-0.01298 0.(used. After the session the key is disposed of.)ashow
261 90 gm
-0.08308 0.(To guarantee the freshness of keys, at least three approaches are possible:)ashow
293 90 gm
(-)show
293 126 gm
-0.01727 0.(Store hash values of old keys and refuse synonym keys.)ashow
325 90 gm
(-)show
325 126 gm
-0.01191 0.(Use two xored half-keys, one chosen by each party, to form a session key.)ashow
357 90 gm
(-)show
357 126 gm
-0.06996 0.(Use a trusted server \(key distribution center\) to generate fresh keys.)ashow
389 90 gm
0.46066 0. 32 0.04606 0.(Old keys cannot be stored as such because they must not leak. Therefore, a one-way)awidthshow
405 90 gm
0.15045 0. 32 0.01504 0.(hash function needs to be applied on them before they can be stored. A proposed new)awidthshow
421 90 gm
-0.00953 0.(key is first hashed and then checked against the hash values of used keys. If the values)ashow
437 90 gm
-0.06932 0.(match, the new key is rejected, otherwise accepted as being fresh.)ashow
469 90 gm
1.77291 0. 32 0.17729 0.(One way of achieving freshness is generating pairwise session keys by bit-wise)awidthshow
485 90 gm
-0.02201 0.(exclusive or \(xor\) operation between two half-keys. In this scheme the communicating)ashow
501 90 gm
0.80368 0. 32 0.08036 0.(parties A and B choose their own half-keys K)awidthshow
0 2 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.29533 0.(A)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.55923 0. 32 0.05592 0.( and K)awidthshow
0 2 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.27287 0.(B)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.05484 0. 32 0.10548 0.(, respectively. The pairwise)awidthshow
517 90 gm
0.30578 0. 32 0.03057 0.(session key K)awidthshow
0 2 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.09460 0.(AB)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.23651 0. 32 0.02365 0.( is formed as follows: K)awidthshow
0 2 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.09460 0.(AB)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.13519 0. 32 0.01351 0.( = K)awidthshow
0 2 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.09834 0.(A)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.23284 0. 32 0.02328 0.( XOR K)awidthshow
0 2 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.09086 0.(B)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.25222 0. 32 0.02522 0.(. In this scheme a protocol)awidthshow
533 90 gm
0.88256 0. 32 0.08825 0.(for securely exchanging the half-keys without A knowing K)awidthshow
0 2 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.25152 0.(B)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.56823 0. 32 0.05682 0.( before it has sent K)awidthshow
0 2 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(A)show
549 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.60537 0. 32 0.16053 0.(\(and without B knowing K)awidthshow
0 2 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.51890 0.(A)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.08306 0. 32 0.10830 0.( before it has sent K)awidthshow
0 2 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.47941 0.(B)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.45690 0. 32 0.14569 0.(\) is needed. The most straight-)awidthshow
565 90 gm
0.24703 0. 32 0.02470 0.(forward way of achieving this is with the help of a trusted security server involved in)awidthshow
581 90 gm
0.17166 0. 32 0.01716 0.(the process.)awidthshow
613 90 gm
0.67581 0. 32 0.06758 0.(Also, a trusted security server can be used to generate and securely distribute fresh,)awidthshow
629 90 gm
0.22338 0. 32 0.02233 0.(strong, pairwise session keys. However, this is not a desirable solution since we want)awidthshow
645 90 gm
-0.11981 0.(to minimize the use of trusted functionality.)ashow
677 90 gm
0.58319 0. 32 0.05831 0.(In practise, the freshness of randomly generated keys can usually be trusted without)awidthshow
693 90 gm
0.71990 0. 32 0.07199 0.(any extra precautions. Well designed authentication protocols suffice to prevent the)awidthshow
709 90 gm
0.42800 0. 32 0.04280 0.(replay of authentication sequences \(and the malicious reintroduction of old, compro-)awidthshow
725 90 gm
0.87051 0. 32 0.08705 0.(mised session keys\). It is, therefore, adequate that the originating party generates a)awidthshow
741 90 gm
-0.06233 0.(random session key when needed and securely conveys it to the responding party.)ashow
F T cp
%%Page: ? 69
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(66)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
1 fs
12 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(5.2.3)ashow
101 126 gm
2.19238 0. 32 0.21923 0.(On the Generation of Public Key Pairs)awidthshow
133 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.06639 0.(The generation of strong Public Key Pairs \(e.g. for RSA\) is a fairly simple task that can)ashow
149 90 gm
-0.06098 0.(be performed, for example, on a microcomputer. However, for the non-technical user it)ashow
165 90 gm
0.11993 0. 32 0.01199 0.(is necessary that he be able to purchase Public Key Pairs from a trusted supplier. This)awidthshow
181 90 gm
-0.08140 0.(supplier can be the CA the user registers to.)ashow
213 90 gm
0.35659 0. 32 0.03565 0.(When the keys are generated by someone else than the user, the following procedure)awidthshow
229 90 gm
-0.07287 0.(should be followed:)ashow
261 90 gm
(-)show
261 126 gm
1.59729 0. 32 0.15972 0.(A trusted piece of software and hardware is used for key generation. For)awidthshow
277 126 gm
0.88134 0. 32 0.08813 0.(example a dedicated microcomputer with the proper software. The software)awidthshow
293 126 gm
1.53518 0. 32 0.15351 0.(should first be inspected as source code, then compiled. The system used)awidthshow
309 126 gm
-0.07881 0.(should be sealed after inspection.)ashow
341 90 gm
(-)show
341 126 gm
0.58898 0. 32 0.05889 0.(The system should work in such a way that when a key pair is generated the)awidthshow
357 126 gm
-0.01119 0.(secret key is only output on a diskette \(or other medium\) belonging to the user.)ashow
373 126 gm
0.16891 0. 32 0.01689 0.(After this, the memory of the system is erased and the service provider cannot)awidthshow
389 126 gm
-0.08380 0.(obtain a copy of the secret key.)ashow
421 90 gm
0.02563 0. 32 0.00256 0.(It should be noted, that with zero-knowledge techniques the identification information)awidthshow
437 90 gm
1.59255 0. 32 0.15925 0.(cannot be generated by the user but it always needs to be generated by the CA.)awidthshow
453 90 gm
-0.02548 0.(Compares with public key pairs generated by the user, this causes the extra problem of)ashow
469 90 gm
-0.01325 0.(securely transferring the secret authentication information from the CA to the user and)ashow
485 90 gm
-0.01345 0.(requires us to trust the CA to keep this authentication information secret \(or dispose of)ashow
501 90 gm
-0.06272 0.(it\) and not misuse it.)ashow
533 90 gm
1.44577 0. 32 0.14457 0.(In fact we always have to trust the CA in any case. If we want to use PKCs for)awidthshow
549 90 gm
-0.10809 0.(authentication and encryption we have to trust in the certificates issued by the CA. Even)ashow
565 90 gm
-0.04476 0.(if a crooked CA does not know the secret key generated by us, it can always generate a)ashow
581 90 gm
-0.09562 0.(key pair of its own and issue a false certificate for the public part of it.)ashow
613 90 gm
-0.07588 0.(Similarly, we always have to distribute some general, public authentication information)ashow
629 90 gm
0.74752 0. 32 0.07475 0.(to all users. If we are using PKCs this is the public key of the CA. In case of zero-)awidthshow
645 90 gm
-0.11134 0.(knowledge schemes it is the public verification information.)ashow
677 90 gm
0.19821 0. 32 0.01982 0.(So, in fact zero-knowledge schemes don't introduce any new problems, except that of)awidthshow
693 90 gm
-0.08958 0.(securely transferring the secret key to each user. This problem is more than made up for)ashow
709 90 gm
-0.11030 0.(by the ease of key management, when no user-dependent public authentication informa-)ashow
725 90 gm
-0.02159 0.(tion needs to be distributed but the same public information is used to authenticate any)ashow
741 90 gm
0.09262 0. 32 0.00926 0.(user. We can therefore expect the use of zero-knowledge schemes in authentication to)awidthshow
757 90 gm
-0.06221 0.(rapidly grow in the near future.)ashow
F T cp
%%Page: ? 70
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(67)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
110 90 gm
1 fs
18 fz
bu fc
2 F /|______Times-Bold fnt
bn
(6)show
110 126 gm
3.60671 0. 32 0.36067 0.(Implementational Issues)awidthshow
143 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.36010 0. 32 0.03601 0.(The goal of this work is to come up with solutions for open systems security that are)awidthshow
159 90 gm
-0.06498 0.(implementable. This chapter deals with the implementational issues associated with the)ashow
175 90 gm
0.33050 0. 32 0.03305 0.(solutions proposed here and seeks to demonstrate that it actually is feasible to imple-)awidthshow
191 90 gm
0.53695 0. 32 0.05369 0.(ment a secure open system with a reasonable amount of work, based on the existing)awidthshow
207 90 gm
-0.12161 0.(OSI implementations.)ashow
239 90 gm
0.67901 0. 32 0.06790 0.(In this chapter the effect of various hardware and software solutions on the over-all)awidthshow
255 90 gm
0.58807 0. 32 0.05880 0.(security of an open system are analyzed. Also some existing cryptosystems are sug-)awidthshow
271 90 gm
-0.10778 0.(gested to fill in the parts still missing after the preceding chapters.)ashow
306 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(6.1)ashow
306 126 gm
4.36660 0. 32 0.43666 0.(Software Environments)awidthshow
338 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.71701 0. 32 0.07170 0.(Because the goal of this work is solutions that can be implemented with reasonable)awidthshow
354 90 gm
-0.02970 0.(modifications to the existing open systems implementations, it is necessary to consider)ashow
370 90 gm
0.64849 0. 32 0.06484 0.(the existing software environments and their use in implementing the solutions pro-)awidthshow
386 90 gm
0.18051 0. 32 0.01805 0.(posed here.)awidthshow
418 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(6.1.1)ashow
418 126 gm
3.10684 0. 32 0.31068 0.(Some Sample Environments)awidthshow
450 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.11184 0. 32 0.01118 0.(In the implementation work going on at Telecom Finland, two software environments)awidthshow
466 90 gm
-0.08854 0.(are being used. These are the C-VOPS protocol development and run-time environment)ashow
482 90 gm
0.32348 0. 32 0.03234 0.(developed at the Technical Research Centre of Finland [Kar86, Kar87] and the inter-)awidthshow
498 90 gm
0.11520 0. 32 0.01152 0.(nationally well-established ISODE software package, whose development was started)awidthshow
514 90 gm
1.19033 0. 32 0.11903 0.(by Marshall Rose [Ros90, PSI90]. A brief overview of these two environments is)awidthshow
530 90 gm
-0.03057 0.(given here.)ashow
562 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
0.66911 0.(C-VOPS)ashow
594 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.03016 0.(Development of software tools for implementing open systems was started at the Tele-)ashow
610 90 gm
0.00762 0. 32 0.00076 0.(communications laboratory of the Technical Research Centre of Finland in 1983. This)awidthshow
626 90 gm
0.87478 0. 32 0.08747 0.(work led to the birth of the Virtual Operating System \(VOPS\) originally written in)awidthshow
642 90 gm
-0.11973 0.(Pascal and running on a VAX/VMS minicomputer.)ashow
674 90 gm
0.42602 0. 32 0.04260 0.(The main goals of VOPS were to develop an integrated environment for developing,)awidthshow
690 90 gm
0.58334 0. 32 0.05833 0.(testing, and running layered protocols that would run on virtually any computer and)awidthshow
706 90 gm
0.80749 0. 32 0.08074 0.(host operating system. Protocols were modelled as Extended Finite State Automata)awidthshow
722 90 gm
-0.05828 0.(\(EFSAs\) which were then converted into state transition tables accepted by VOPS. The)ashow
738 90 gm
0.60546 0. 32 0.06054 0.(control logic was implemented as a data structure rather than in program code. This)awidthshow
754 90 gm
0.64987 0. 32 0.06498 0.(made the protocols much easier to modify and debug. The EFSA would contain the)awidthshow
F T cp
%%Page: ? 71
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(68)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.00793 0. 32 0.00079 0.(sequential control logic \(see fig. 3-1\) of the protocol whereas the coding and decoding)awidthshow
101 90 gm
-0.07942 0.(functions were written as separate subroutines and linked together with the system.)ashow
133 90 gm
0.81710 0. 32 0.08171 0.(Each protocol entity instance runs as a virtual process of VOPS whereas the whole)awidthshow
149 90 gm
0.67581 0. 32 0.06758 0.(VOPS system is just one process from the host operating system's point of view, as)awidthshow
165 90 gm
0.97946 0. 32 0.09794 0.(illustrated in figure 6-1. In this way, the protocol entities only rely on the services)awidthshow
181 90 gm
0.30502 0. 32 0.03050 0.(offered by VOPS, such as scheduling, dynamic memory allocation, message passing,)awidthshow
197 90 gm
-0.09513 0.(and timer services, and are completely independent of the host operating system.)ashow
229 90 gm
0.45166 0. 32 0.04516 0.(The VOPS environment itself being written in a high-level language, porting it from)awidthshow
245 90 gm
2.20565 0. 32 0.22056 0.(one system to another is fairly straight-forward. All the host operating system)awidthshow
261 90 gm
0.03936 0. 32 0.00393 0.(dependent parts of VOPS were collected to a couple of modules. When these modules)awidthshow
277 90 gm
0.84518 0. 32 0.08451 0.(were rewritten, the whole system could be compiled for a new machine and all the)awidthshow
293 90 gm
-0.10845 0.(existing protocol implementations could be used without any modifications.)ashow
325 90 gm
-0.00625 0.(The portability of VOPS was demonstrated in practise by using the same software in a)ashow
341 90 gm
0.41046 0. 32 0.04104 0.(number of systems, such as VAX/VMS, intel 8086/iRMX-86 and IBM PC/PC-DOS,)awidthshow
357 90 gm
-0.09887 0.(with a very reasonable effort in porting the system. Also the same protocol implementa-)ashow
373 90 gm
-0.05963 0.(tions were used as parts of various protocol stacks, demonstrating the modularity of the)ashow
389 90 gm
-0.04411 0.(system. For example, the first prototype transport layer gateway \(just like the gateways)ashow
405 90 gm
1.36505 0. 32 0.13650 0.(described in [Ros90] and [LT90]\) relaying between TP4/LAN and TP0/PDN was)awidthshow
421 90 gm
1.31072 0. 32 0.13107 0.(designed in 1983 [KLP83] and built in 1985 at the Technical Research Centre of)awidthshow
437 90 gm
0.04782 0.(Finland.)ashow
469 90 gm
0.35903 0. 32 0.03590 0.(With VOPS the CCITT Teletex document transfer system, which at the time was the)awidthshow
485 90 gm
0.45364 0. 32 0.04536 0.(only standardized seven-layer open system, was implemented in 1983 through 1985.)awidthshow
501 90 gm
1.29806 0. 32 0.12980 0.(The implementation was validated by Telecom Finland in 1985 and turned into a)awidthshow
517 90 gm
0.94802 0. 32 0.09480 0.(commercial product \(the first available Teletex implementation for VAX/VMS\) by)awidthshow
533 90 gm
1.30615 0. 32 0.13061 0.(Scandinavian Softline Technologies Inc. This implementation was then used by a)awidthshow
549 90 gm
-0.04574 0.(number of large Finnish corporations as the "transport system" in the first national EDI)ashow
565 90 gm
-0.05822 0.(experiments.)ashow
597 90 gm
0.39413 0. 32 0.03941 0.(In early 1986 the development of the second generation VOPS was started. C-VOPS)awidthshow
613 90 gm
0.59936 0. 32 0.05993 0.(\(for C-language VOPS\) was written in the C programming language, which is more)awidthshow
629 90 gm
-0.04187 0.(portable, more modular, and better suited for systems programming than Pascal. At the)ashow
645 90 gm
0.11917 0. 32 0.01191 0.(same time a block-structured and more powerful C-like protocol description language)awidthshow
661 90 gm
-0.07109 0.(was developed for specifying the EFSAs. Also an ASN.1 compiler and interpreter were)ashow
677 90 gm
-0.01292 0.(developed to be used with C-VOPS [Koi87, Nok90].)ashow
709 90 gm
0.72509 0. 32 0.07250 0.(C-VOPS was later adopted by several large Finnish organizations as their preferred)awidthshow
725 90 gm
-0.06648 0.(protocol development environment. Telenokia Inc. chose C-VOPS as the basis for their)ashow
741 90 gm
0.58517 0. 32 0.05851 0.(GSM system development after comparing it with the other available environments,)awidthshow
757 90 gm
-0.11892 0.(including ISODE and Retix.)ashow
F T cp
%%Page: ? 72
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(69)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.17196 0. 32 0.01719 0.(There currently exists a large library of C-VOPS protocol implementations, including)awidthshow
117 90 gm
0.17379 0. 32 0.01737 0.(the most complete FTAM protocol stack available today, a complete MAP 2.1 imple-)awidthshow
133 90 gm
0.90606 0. 32 0.09060 0.(mentation \(completed in 1987\), and the X.500 Directory \(including X.509\). For an)awidthshow
149 90 gm
-0.07106 0.(overview of the current status of the C-VOPS protocol library see [AKS90].)ashow
181 90 gm
0.10284 0. 32 0.01028 0.(The strengths of C-VOPS still are its portability, modularity, large number of existing)awidthshow
197 90 gm
1.52221 0. 32 0.15222 0.(protocol implementations, integrated testing facilities, and available licensing for)awidthshow
213 90 gm
-0.09602 0.(commercial use. A current description of the C-VOPS tool and its features can be found)ashow
229 90 gm
-0.04222 0.(in [HKK90]. The basic principle of C-VOPS is presented in figure 6-1.)ashow
0 0 gm
(nc 256 161 591 433 6 rc)kp
64 gr
322 170 343 210 1 rc
2 2 pen
0 gr
323 171 342 209 0 rc
337 187 gm
1 setTxMode
bu fc
2 F /|______Times-Roman fnt
bn
(7.)show
64 gr
362 170 383 210 1 rc
0 gr
363 171 382 209 0 rc
377 187 gm
1 setTxMode
(6.)show
64 gr
402 170 423 210 1 rc
0 gr
403 171 422 209 0 rc
417 187 gm
1 setTxMode
(4.)show
64 gr
442 170 463 210 1 rc
0 gr
443 171 462 209 0 rc
458 187 gm
1 setTxMode
(5.)show
64 gr
483 170 503 210 1 rc
0 gr
484 171 502 209 0 rc
498 187 gm
1 setTxMode
(3.)show
64 gr
523 170 544 210 1 rc
0 gr
524 171 543 209 0 rc
538 187 gm
1 setTxMode
(2.)show
64 gr
561 170 591 210 1 rc
0 gr
562 171 590 209 0 rc
573 185 gm
0.00366 0 rmoveto
1 setTxMode
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(I/O)show
584 180 gm
0.25756 0 rmoveto
(driver)show
64 gr
259 161 298 219 1 rc
0 gr
260 162 297 218 0 rc
276 166 gm
1 setTxMode
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.02096 0.(Application)ashow
288 175 gm
-0.09033 0.(Process)ashow
0 gr
316 183 328 195 250 290 1 ar
291 183 303 195 70 110 1 ar
1 1 pen
302 189 gm
317 189 lin
356 183 368 195 250 290 1 ar
336 183 348 195 70 110 1 ar
347 189 gm
357 189 lin
396 183 408 195 250 290 1 ar
376 183 388 195 70 110 1 ar
387 189 gm
397 189 lin
436 183 448 195 250 290 1 ar
416 183 428 195 70 110 1 ar
427 189 gm
437 189 lin
476 183 488 195 250 290 1 ar
456 183 468 195 70 110 1 ar
467 189 gm
477 189 lin
516 183 528 195 250 290 1 ar
496 183 508 195 70 110 1 ar
507 189 gm
517 189 lin
555 183 567 195 250 290 1 ar
537 183 549 195 70 110 1 ar
548 189 gm
556 189 lin
0 0 pen
60 gr
556 189 lin
0.937  60 45 {dup mul exch dup mul add 1.0 exch sub }setscreen setgray
320 303 541 433 1 rc
2 2 pen
0 gr
321 304 540 432 0 rc
64 gr
360 389 379 427 1 rc
1 2 lw
1 1 pen
0 gr
360.5 389.5 378.5 426.5 0 rc
1 1 lw
0 0 pen
556 189 lin
373 404 gm
1 setTxMode
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(7.)show
64 gr
384 389 404 427 1 rc
1 2 lw
1 1 pen
0 gr
384.5 389.5 403.5 426.5 0 rc
1 1 lw
0 0 pen
376 404 gm
376 404 lin
397 404 gm
1 setTxMode
(6.)show
64 gr
408 389 428 427 1 rc
1 2 lw
1 1 pen
0 gr
408.5 389.5 427.5 426.5 0 rc
1 1 lw
0 0 pen
400 404 gm
400 404 lin
421 404 gm
1 setTxMode
(4.)show
64 gr
433 389 452 427 1 rc
1 2 lw
1 1 pen
0 gr
433.5 389.5 451.5 426.5 0 rc
1 1 lw
0 0 pen
424 404 gm
424 404 lin
445 404 gm
1 setTxMode
(5.)show
64 gr
457 389 476 427 1 rc
1 2 lw
1 1 pen
0 gr
457.5 389.5 475.5 426.5 0 rc
1 1 lw
0 0 pen
448 404 gm
448 404 lin
469 404 gm
1 setTxMode
(3.)show
64 gr
481 389 500 427 1 rc
1 2 lw
1 1 pen
0 gr
481.5 389.5 499.5 426.5 0 rc
1 1 lw
0 0 pen
472 404 gm
472 404 lin
493 404 gm
1 setTxMode
(2.)show
64 gr
327 389 355 427 1 rc
1 2 lw
1 1 pen
0 gr
327.5 389.5 354.5 426.5 0 rc
1 1 lw
0 0 pen
496 404 gm
496 404 lin
338 393 gm
0.76538 0 rmoveto
1 setTxMode
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(interface)show
349 404 gm
(up)show
64 gr
505 389 533 427 1 rc
1 2 lw
1 1 pen
0 gr
505.5 389.5 532.5 426.5 0 rc
1 1 lw
0 0 pen
341 393 gm
341 393 lin
516 393 gm
0.76538 0 rmoveto
1 setTxMode
(interface)show
527 399 gm
0.00134 0 rmoveto
(down)show
64 gr
416 310 444 357 1 rc
1 2 lw
1 1 pen
0 gr
416.5 310.5 443.5 356.5 0 rc
1 1 lw
0 0 pen
519 393 gm
519 393 lin
433 318 gm
1 setTxMode
-0.19979 0.(C-VOPS)ashow
1 2 lw
1 1 pen
341 389 gm
0 gr
420 356 lin
1 1 lw
0 0 pen
420 356 lin
1 2 lw
1 1 pen
369 389 gm
423 356 lin
1 1 lw
0 0 pen
423 356 lin
1 2 lw
1 1 pen
393 389 gm
425 356 lin
1 1 lw
0 0 pen
425 356 lin
1 2 lw
1 1 pen
417 389 gm
428 356 lin
1 1 lw
0 0 pen
428 356 lin
1 2 lw
1 1 pen
518 389 gm
439 356 lin
1 1 lw
0 0 pen
439 356 lin
1 2 lw
1 1 pen
490 389 gm
437 356 lin
1 1 lw
0 0 pen
437 356 lin
1 2 lw
1 1 pen
466 389 gm
434 356 lin
1 1 lw
0 0 pen
434 356 lin
1 2 lw
1 1 pen
442 389 gm
432 356 lin
1 1 lw
0 0 pen
432 356 lin
554 362 566 374 250 290 1 ar
533 362 545 374 70 110 1 ar
1 1 pen
544 368 gm
555 368 lin
64 gr
561 348 591 388 1 rc
2 2 pen
0 gr
562 349 590 387 0 rc
573 363 gm
0.00366 0 rmoveto
1 setTxMode
(I/O)show
584 358 gm
0.25756 0 rmoveto
(driver)show
64 gr
256 339 295 398 1 rc
0 gr
257 340 294 397 0 rc
273 344 gm
1 setTxMode
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.02096 0.(Application)ashow
285 353 gm
-0.09033 0.(Process)ashow
0 gr
313 362 325 374 250 290 1 ar
288 362 300 374 70 110 1 ar
1 1 pen
299 368 gm
314 368 lin
620 90 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
2 fs
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
-0.26438 0.(Figure 6-1:)ashow
620 162 gm
-0.00392 0.(A conventional vs. C-VOPS -based open systems implementation.)ashow
652 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.11468 0.(The next generation of VOPS is already under development since 1988. The Distributed)ashow
668 90 gm
-0.04685 0.(VOPS \(D-VOPS\) has all the good features of C-VOPS but it is also designed to be dis-)ashow
684 90 gm
1.65618 0. 32 0.16561 0.(tributed to a number of processors. Compilers for the SDL [Z.100] and LOTOS)awidthshow
700 90 gm
0.30471 0. 32 0.03047 0.([IS8807] protocol specification languages are also being developed for D-VOPS \(see)awidthshow
716 90 gm
-0.05191 0.(also [IS10167]\). D-VOPS is described in detail in [KM91].)ashow
F T cp
%%Page: ? 73
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(70)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.25802 0. 32 0.02580 0.(I believe, that the cheap and powerful microprocessors available today and the use of)awidthshow
117 90 gm
0.50994 0. 32 0.05099 0.(parallel processing, together with automatic and semi-automatic tools for converting)awidthshow
133 90 gm
-0.00230 0.(high-level formal protocol descriptions into executable programs, will provide us with)ashow
149 90 gm
-0.11663 0.(the keys to implement affordable and efficient open systems that can take full advantage)ashow
165 90 gm
0.07720 0. 32 0.00772 0.(of the transmission capacity of tomorrow's high-performance data networks. Sophisti-)awidthshow
181 90 gm
-0.05224 0.(cated software tools, such as C-VOPS and D-VOPS, are of great value in this work.)ashow
213 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
0.41534 0.(ISODE)ashow
245 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.06889 0.(ISODE is in many ways fundamentally different from C-VOPS. Rather than a develop-)ashow
261 90 gm
-0.04470 0.(ment environment, it is a large, well-structured collection of program modules with the)ashow
277 90 gm
0.63796 0. 32 0.06379 0.(appropriate )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.15412 0.(make)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.41610 0. 32 0.04161 0.( files etc. included. ISODE relies heavily on the system calls of the)awidthshow
293 90 gm
0.17578 0. 32 0.01757 0.(SunOS operating system, being initially developed on a Sun 3 workstation, and is not)awidthshow
309 90 gm
0.71060 0. 32 0.07106 0.(easily ported to other versions of Unix, let alone other operating systems. While C-)awidthshow
325 90 gm
-0.01788 0.(VOPS tries to minimize the number of real processes \(replacing them with virtual pro-)ashow
341 90 gm
-0.06211 0.(cesses\) ISODE )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.05543 0.(forks)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.05520 0.( a large number of processes in the best Unix tradition.)ashow
373 90 gm
0.20202 0. 32 0.02020 0.(ISODE has rapidly become the most widely used OSI protocol development environ-)awidthshow
389 90 gm
1.18286 0. 32 0.11828 0.(ment, both in the U.S. and in Europe. The current version 6.0 of ISODE includes)awidthshow
405 90 gm
0.82885 0. 32 0.08288 0.(many interesting things in addition to the normal FTAM and MHS, such as ASN.1)awidthshow
421 90 gm
-0.08049 0.(tools, FTAM/FTP gateway, OSI Directory Service, OSI Virtual Terminal, OSI Reliable)ashow
437 90 gm
0.45776 0. 32 0.04577 0.(Transfer, transport layer gateways between TP0, TP4 and TCP, and support for both)awidthshow
453 90 gm
2.52639 0. 32 0.25263 0.(X.25 and DoD IP networks [PSI90]. ISODE 6.0 is aligned with U.S. GOSIP)awidthshow
469 90 gm
0.48843 0. 32 0.04884 0.([GOS89]. ISODE has in fact become the de facto reference against which other OSI)awidthshow
485 90 gm
-0.13304 0.(implementations are frequently tested.)ashow
517 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.75003 0.(6.1.2)ashow
517 126 gm
2.83111 0. 32 0.28311 0.(The Effects of Software Environment on Systems Security)awidthshow
549 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.10293 0.(The implications of the software environment on the overall security of the system must)ashow
565 90 gm
0.88592 0. 32 0.08859 0.(be stressed here. While in theory it is often significant in which layer a function is)awidthshow
581 90 gm
-0.08198 0.(placed this may not be so with the actual working system.)ashow
613 90 gm
-0.01731 0.(It can, for example, be argued that peer entity authentication on the level of the FTAM)ashow
629 90 gm
0.52536 0. 32 0.05253 0.(SASE is more reliable than on the level of ACSE, which again is more reliable than)awidthshow
645 90 gm
0.05294 0. 32 0.00529 0.(authentication at the Transport Layer. However, this need not be the case. In an actual)awidthshow
661 90 gm
-0.07968 0.(implementation at least layers 4 through 7 are usually running within the same software)ashow
677 90 gm
0.44235 0. 32 0.04423 0.(environment. For example, with ISODE they are running as Unix processes with the)awidthshow
693 90 gm
0.35064 0. 32 0.03506 0.(same owner, privileges etc., or with C-VOPS they are running as virtual tasks within)awidthshow
709 90 gm
0.59234 0. 32 0.05923 0.(the same process of the host operating system. Therefore, mechanisms in any of the)awidthshow
725 90 gm
-0.09162 0.(layers 4 through 7 can be considered equally vulnerable \(or resistant\) to outside attacks.)ashow
F T cp
%%Page: ? 74
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(71)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.14028 0. 32 0.11402 0.(Usually layers 4 through 7 of OSI are implemented within the same environment.)awidthshow
117 90 gm
0.25802 0. 32 0.02580 0.(Therefore, the degree of trust one can place in security measures located within these)awidthshow
133 90 gm
0.24978 0. 32 0.02497 0.(layers if practically independent of the layer. E.g. Confidentiality can equally well be)awidthshow
149 90 gm
-0.10510 0.(placed in the Transport Layer or in the Application Layer as far as the size of the trusted)ashow
165 90 gm
-0.03538 0.(software base is concerned.)ashow
200 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(6.2)ashow
200 126 gm
1.87515 0. 32 0.18751 0.(On the Use of Hardware and Software)awidthshow
232 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01339 0.(The price of encryption hardware is decreasing and its availability is improving. In the)ashow
248 90 gm
0.16220 0. 32 0.01622 0.(near future it will be feasible to encrypt all data with a symmetric cryptosystem at the)awidthshow
264 90 gm
0.48461 0. 32 0.04846 0.(full speed of current LANs \(1-100 Mb/s\). Encryption chips are still rather expensive)awidthshow
280 90 gm
0.03387 0. 32 0.00338 0.(and hard to get outside the U.S., mainly because of the policy of the National Security)awidthshow
296 90 gm
0.32150 0. 32 0.03215 0.(Agency \(NSA\) to limit the exportation and use of encryption devices abroad. In time)awidthshow
312 90 gm
1.74545 0. 32 0.17454 0.(this area will enjoy the benefits of the same kind of technological progress and)awidthshow
328 90 gm
-0.10865 0.(commercial competition as we have seen in the area of microprocessors.)ashow
360 90 gm
-0.03939 0.(A study on VLSI implementations of PKCs is found in [BG89].)ashow
392 90 gm
-0.05781 0.(The use of signal processors can offer speeds comparable to hardware implementations)ashow
408 90 gm
-0.11653 0.(with the flexibility of software implementations.)ashow
443 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(6.3)ashow
443 126 gm
1.65878 0. 32 0.16587 0.(On the Role of Smart Cards)awidthshow
475 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.02102 0.(As mentioned earlier, it is desirable to authenticate not only the end system but also its)ashow
491 90 gm
0.83267 0. 32 0.08326 0.(user. This will make it possible for the user to use information services in a secure)awidthshow
507 90 gm
-0.05581 0.(manner, make commitments etc. from any work station. Especially when using a  work)ashow
523 90 gm
0.50155 0. 32 0.05015 0.(station other than that of his own, the user should not trust in it. At the very least he)awidthshow
539 90 gm
0.16921 0. 32 0.01692 0.(should never give his master keys \(those used for authentication and key distribution\))awidthshow
555 90 gm
0.32028 0. 32 0.03202 0.(to an untrusted piece of equipment. Even giving a perishable session key to someone)awidthshow
571 90 gm
-0.01293 0.(else is a security threat but at least this threat is limited in time and does not enable the)ashow
587 90 gm
-0.14192 0.(enemy to make commitments on behalf of the legitimate user.)ashow
619 90 gm
-0.04127 0.(In fact, it can be argued that it is judicially essential that the functions of authentication)ashow
635 90 gm
0.58074 0. 32 0.05807 0.(and non-repudiation be raised on the level of the user, rather than left to his "agent")awidthshow
651 90 gm
-0.07052 0.(within the OSI world \(that is his Application Entity\). For example, it can be argued that)ashow
667 90 gm
0.08438 0. 32 0.00843 0.(it is not the work station of the President but only the President himself that should be)awidthshow
683 90 gm
-0.09403 0.(allowed to declare a war.)ashow
715 90 gm
-0.02146 0.(In secure communications between application instances A and B, it is essential that at)ashow
731 90 gm
-0.09593 0.(least some part of the security context SC)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.14019 0.(AB)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.10041 0.( depend on the user in the following ways:)ashow
F T cp
%%Page: ? 75
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(72)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(-)show
101 126 gm
-0.05847 0.(Identification of the user is required when setting up the security context \("need)ashow
117 126 gm
-0.02668 0.(to know"\) and activity from the part of the user is required for making commit-)ashow
133 126 gm
0.06773 0.(ments.)ashow
165 90 gm
(-)show
165 126 gm
-0.13130 0.(The security context will be automatically terminated as soon as the user secedes)ashow
181 126 gm
-0.08102 0.(from the transaction.)ashow
213 90 gm
0.25268 0. 32 0.02526 0.(If the secret required for authentication and digital signature is possessed by the user,)awidthshow
229 90 gm
0.15945 0. 32 0.01594 0.(and can only be used by him, it is fairly simple to give this kind of authentication and)awidthshow
245 90 gm
-0.02874 0.(non-repudiation a judicial standing by means of legislation. If, on the other hand, these)ashow
261 90 gm
1.09115 0. 32 0.10911 0.(operations were performed entirely by a piece of equipment \(that is the user's end)awidthshow
277 90 gm
-0.05618 0.(system\), it would always be possible to dispute them later.)ashow
309 90 gm
-0.00617 0.(However, the cryptographic keys and functions involved in strong authentication, data)ashow
325 90 gm
0.21728 0. 32 0.02172 0.(encryption, and digital signature are too complicated to be memorized and performed)awidthshow
341 90 gm
0.20706 0. 32 0.02070 0.(mentally. This means that the user needs to store his keys somewhere and use a piece)awidthshow
357 90 gm
-0.08850 0.(of trusted equipment to perform the cryptographic functions.)ashow
389 90 gm
0.36376 0. 32 0.03637 0.(There clearly exists a need for a small, trusted personal piece of equipment, which is)awidthshow
405 90 gm
-0.08015 0.(capable of securely storing the keys and performing the cryptographic functions needed)ashow
421 90 gm
-0.04051 0.(and can only be activated by its legitimate owner. A smart card can be used to securely)ashow
437 90 gm
1.51428 0. 32 0.15142 0.(hold its owner's secret keys and include hardware mechanisms implementing the)awidthshow
453 90 gm
0.28717 0. 32 0.02871 0.(cryptosystems employed. For the activation of the smart card a biometric mechanism)awidthshow
469 90 gm
1.38854 0. 32 0.13885 0.(\(based on e.g. recognition of retina patterns or finger prints\) could be used but a)awidthshow
485 90 gm
0.45074 0. 32 0.04507 0.(Personal Identity Number \(PIN code, comparable to that of the PIN codes of current)awidthshow
501 90 gm
-0.10542 0.(dumb plastic cards\) memorized by the user can be considered adequate.)ashow
533 90 gm
-0.07536 0.(The current smart cards are not suitable for our purposes for several reasons:)ashow
565 90 gm
(-)show
565 126 gm
-0.05654 0.(They include functions that are not at all necessary but add to the complexity of)ashow
581 126 gm
-0.02207 0.(the device, such as a "purse" for storing money.)ashow
613 90 gm
(-)show
613 126 gm
-0.01472 0.(They lack an integrated keyboard, which is absolutely vital for safe authentica-)ashow
629 126 gm
-0.01924 0.(tion of the user.)ashow
661 90 gm
-0.00553 0.(To protect against misuse after theft or loss of a smart card, it must be activated with a)ashow
677 90 gm
-0.06468 0.(PIN code. Without this PIN code the card cannot be activated and used. The security of)ashow
693 90 gm
-0.01333 0.(a smart card depends on the secrecy of this PIN code, should it leak the smart card can)ashow
709 90 gm
0.14816 0. 32 0.01481 0.(be misused by anyone gaining possession of the card. Therefore, the PIN code should)awidthshow
725 90 gm
0.46554 0. 32 0.04655 0.(be memorized by the owner of the card and never be written down, or keyed into an)awidthshow
741 90 gm
-0.09333 0.(untrusted piece of equipment.)ashow
F T cp
%%Page: ? 76
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(73)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.11045 0.(What is an untrusted piece of equipment? Any public device, such as an automatic teller)ashow
117 90 gm
1.31011 0. 32 0.13101 0.(machine or vending machine, certainly has to be considered untrustworthy. One's)awidthshow
133 90 gm
0.54046 0. 32 0.05404 0.(private work station probably is relatively trustworthy, provided that it is sealed and)awidthshow
149 90 gm
1.10580 0. 32 0.11058 0.(kept behind locked doors. However, ultimately the smallest possible set of trusted)awidthshow
165 90 gm
-0.10247 0.(equipment is the smart card itself. A minimum requirement for a truly secure smart card)ashow
181 90 gm
-0.06013 0.(is that it has a keyboard of its own for keying in the secret PIN code.)ashow
213 90 gm
-0.06970 0.(On the other hand, some facilities commonly included in modern smart cards, such as a)ashow
229 90 gm
0.50079 0. 32 0.05007 0.(rechargeable purse for petty cash, will be completely unnecessary in the near future.)awidthshow
245 90 gm
-0.02183 0.(With the integrating networks and real-time banking services emerging, authentication)ashow
261 90 gm
0.75942 0. 32 0.07594 0.(and non-repudiation \(combined with integrity and confidentiality\) will be sufficient)awidthshow
277 90 gm
0.05462 0. 32 0.00546 0.(functions for electronic purchases. Once the user is identified, any one of his accounts)awidthshow
293 90 gm
-0.05610 0.(can be debited, in real-time, through the network. With small purchases, where the cost)ashow
309 90 gm
-0.07212 0.(of real-time communications and processing would be unreasonable, vending machines)ashow
325 90 gm
0.63034 0. 32 0.06303 0.(and such can be operated off-line. Larger transactions can still be processed in real-)awidthshow
341 90 gm
0.03601 0. 32 0.00360 0.(time. The limit for checking the status of the card \(e.g. reported stolen\) and balance of)awidthshow
357 90 gm
-0.00961 0.(the account can be made variable \(from day to day and machine to machine\) to further)ashow
373 90 gm
-0.06298 0.(discourage the misuse of smart cards that have got into wrong hands.)ashow
405 90 gm
-0.14495 0.(The essential facilities a smart card must include are the following:)ashow
437 90 gm
(-)show
437 126 gm
-0.04202 0.(Public key cryptosystem for encrypting and decrypting data and generating and)ashow
453 126 gm
0.49453 0. 32 0.04945 0.(checking digital signatures. It must be impossible to gain access to the secret)awidthshow
469 126 gm
-0.05728 0.(key of the card by any means.)ashow
501 90 gm
(-)show
501 126 gm
-0.11955 0.(Symmetric cryptosystem for bulk encryption and decryption \(confidentiality and)ashow
517 126 gm
0.18234 0. 32 0.01823 0.(integrity of communications\). It should be possible to load in pairwise session)awidthshow
533 126 gm
0.04440 0. 32 0.00444 0.(keys encrypted and signed with public key cryptosystems without the pairwise)awidthshow
549 126 gm
-0.09291 0.(keys ever leaving the card in an unencrypted form.)ashow
581 90 gm
(-)show
581 126 gm
-0.10705 0.(Memory to keep a log of the most recent transactions.)ashow
613 90 gm
(-)show
613 126 gm
-0.06932 0.(Integrated keyboard to key in the PIN code.)ashow
645 90 gm
(-)show
645 126 gm
-0.09339 0.(Preferably, a small display for displaying critical information.)ashow
677 90 gm
0.06393 0. 32 0.00639 0.(The reasons for wanting all these facilities on the smart card are more or less obvious.)awidthshow
693 90 gm
1.34155 0. 32 0.13415 0.(Without an integrated keyboard PIN-codes would easily be compromised and the)awidthshow
709 90 gm
0.27984 0. 32 0.02798 0.(reliable authentication and non-repudiation functions of the smart card lost. A hostile)awidthshow
725 90 gm
0.49636 0. 32 0.04963 0.(machine could even swallow the smart card having first obtained the secret code for)awidthshow
741 90 gm
0.25604 0. 32 0.02560 0.(activating it. An asymmetric cryptosystem is essential for authentication, non-repudi-)awidthshow
757 90 gm
-0.08827 0.(ation, and confidentiality.)ashow
F T cp
%%Page: ? 77
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(74)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.05508 0. 32 0.00550 0.(A symmetric cryptosystem is needed on the card for efficient bulk encryption in order)awidthshow
117 90 gm
1.03103 0. 32 0.10310 0.(to achieve confidentiality, integrity, and continued authentication with connection-)awidthshow
133 90 gm
0.03616 0. 32 0.00361 0.(oriented services, as described in section 3.2.1. If this mechanism was not to reside on)awidthshow
149 90 gm
-0.02607 0.(the card, the terminal would have to know the pairwise session key and could continue)ashow
165 90 gm
-0.02033 0.(the transaction on behalf of the user even after the smart card has been extracted. Even)ashow
181 90 gm
-0.08876 0.(though the terminal could not make commitments without the secret keys on the card, it)ashow
197 90 gm
0.81893 0. 32 0.08189 0.(could still impersonate as the user after the user has left. If the physical encryption)awidthshow
213 90 gm
0.44082 0. 32 0.04408 0.(mechanism, as well as the pairwise symmetric key, is on the smart card, the security)awidthshow
229 90 gm
-0.11952 0.(context will automatically be terminated when when the user takes his card and leaves.)ashow
261 90 gm
1.32339 0. 32 0.13233 0.(An integrated display is needed, because without a trusted system that includes a)awidthshow
277 90 gm
1.13189 0. 32 0.11318 0.(display the user cannot know for sure what he is signing. For example, a vending)awidthshow
293 90 gm
0.88317 0. 32 0.08831 0.(machine or an automatic teller machine could debit $1,000 from the user's account)awidthshow
309 90 gm
0.10513 0. 32 0.01051 0.(while the user thinks he is approving a transaction of $100. In fact, the machine could)awidthshow
325 90 gm
0.46401 0. 32 0.04640 0.(perform any number of transactions that the user is completely unaware of while his)awidthshow
341 90 gm
-0.05561 0.(activated card is inserted in the machine. The way to prevent this is by letting the user's)ashow
357 90 gm
0.43472 0. 32 0.04347 0.(card display the essentials of a transaction before the user commits himself to it. For)awidthshow
373 90 gm
-0.03887 0.(example, the card could display the message: "debit $1,000" after which the user could)ashow
389 90 gm
-0.05403 0.(either approve or abort the transaction by pressing a key on the card's keyboard.)ashow
421 90 gm
0.43609 0. 32 0.04360 0.(The log memory is needed in order to settle any possible disputes later. Its existence)awidthshow
437 90 gm
0.68725 0. 32 0.06872 0.(alone considerably reduces the chance of a dispute. In the log memory the card can)awidthshow
453 90 gm
0.24139 0. 32 0.02413 0.(store an unforgeable receipt, signed by the other party, of each transaction made with)awidthshow
469 90 gm
1.31851 0. 32 0.13185 0.(the card. The user can periodically download the contents of the log e.g. into his)awidthshow
485 90 gm
0.18173 0. 32 0.01817 0.(personal work station or a commercial \(or official\) trusted machine, thereby releasing)awidthshow
501 90 gm
-0.06118 0.(the memory space for reuse.)ashow
533 90 gm
0.05691 0. 32 0.00569 0.(The chip area, and therefore also the storage and processing capacity, of current smart)awidthshow
549 90 gm
0.06378 0. 32 0.00637 0.(cards is rather limited, as pointed out e.g. in [FP90]. Also display tehcnologies are not)awidthshow
565 90 gm
-0.07142 0.(yet sufficiently advanced for building small, cheap, and flexible displays. It is clear that)ashow
581 90 gm
-0.06240 0.(all of the facilities discussed above will not fit on a smart card for at least several years.)ashow
597 90 gm
-0.05917 0.(However, it can be argued that a smart card without these facilities cannot be used with)ashow
613 90 gm
-0.05108 0.(untrusted terminals and it can give the user a false impression of security thereby being)ashow
629 90 gm
-0.09538 0.(even less safe than the magnetic stripe card it superseded.)ashow
661 90 gm
-0.02032 0.(It appears that current smart cards are designed to protect the interests of banks, shops,)ashow
677 90 gm
0.95245 0. 32 0.09524 0.(and such rather than those of the customers. The large-scale automated transaction)awidthshow
693 90 gm
0.97290 0. 32 0.09729 0.(systems of the near future can \(and should\) be designed to protect the privacy and)awidthshow
709 90 gm
-0.08401 0.(maintain the security of both individuals and organizations, as pointed out in [Cha85].)ashow
741 90 gm
0.64926 0. 32 0.06492 0.(While waiting for the smart card technology to catch up with the requirements, it is)awidthshow
757 90 gm
1.84936 0. 32 0.18493 0.(possible to build larger trusted pieces of equipment that could, for example, be)awidthshow
F T cp
%%Page: ? 78
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(75)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.03652 0. 32 0.10365 0.(integrated into a pocket calculator or a personal portable phone emerging with the)awidthshow
101 90 gm
0.78521 0. 32 0.07852 0.(Universal Personal Telecommunications \(UPT\) concept. In such a phone we would)awidthshow
117 90 gm
0.07476 0. 32 0.00747 0.(actually have a wireless connection to worldwide networks at our disposal where ever)awidthshow
133 90 gm
-0.03521 0.(we are. On this scale, it is fairly easy to build tamper-proof modules to hold the critical)ashow
149 90 gm
-0.01588 0.(parts of the system.)ashow
184 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(6.4)ashow
184 126 gm
3.57849 0. 32 0.35784 0.(Real Cryptosystems)awidthshow
216 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.00241 0.(The core of this work is independent of existing cryptosystems and should remain that)ashow
232 90 gm
0.04180 0. 32 0.00418 0.(way. While the preceding chapters have not been based on any current cryptosystems,)awidthshow
248 90 gm
1.11236 0. 32 0.11123 0.(the availability of at least a good symmetric cryptosystem and a good asymmetric)awidthshow
264 90 gm
0.97366 0. 32 0.09736 0.(\(public key\) cryptosystem is assumed. To tie this work more firmly to the ground,)awidthshow
280 90 gm
0.67138 0. 32 0.06713 0.(some real cryptosystems, that can be used as pieces of the higher level mechanisms)awidthshow
296 90 gm
-0.05993 0.(described earlier, are suggested here.)ashow
328 90 gm
1.63116 0. 32 0.16311 0.(For a symmetric cryptosystem to be used for bulk encryption and calculation of)awidthshow
344 90 gm
-0.05821 0.(cryptosums DES is suggested. While DES is not believed to be totally unbreakable, the)ashow
360 90 gm
0.21850 0. 32 0.02185 0.(cost of breaking it is still relatively high \(probably even for NSA\) and few parties are)awidthshow
376 90 gm
0.88134 0. 32 0.08813 0.(even suspected to have the skills required for a serious attack against it, other than)awidthshow
392 90 gm
0.51834 0. 32 0.05183 0.(exhaustive search of keys. DES is also reasonably efficient to execute with software)awidthshow
408 90 gm
-0.05390 0.(and fast DES chips are in production. DES is described more closely in appendix 1 and)ashow
424 90 gm
0.26657 0. 32 0.02665 0.(in references [SB88, DP84, ANS81, ANS83].)awidthshow
456 90 gm
1.82586 0. 32 0.18258 0.(For a Public Key Cryptosystem the Rivest-Shamir-Adleman algorithm \(RSA\) is)awidthshow
472 90 gm
-0.03872 0.(recommended. With key lengths of about 1000 bits RSA is believed to be secure and it)ashow
488 90 gm
-0.00971 0.(has some nice properties which make is well suited for generation of digital signatures)ashow
504 90 gm
1.43203 0. 32 0.14320 0.(as well as data encryption. Breaking RSA is as hard as factoring a large integer.)awidthshow
520 90 gm
2.11090 0. 32 0.21109 0.(Therefore, significant advances in the area of number theory could make RSA)awidthshow
536 90 gm
0.94985 0. 32 0.09498 0.(unusable. RSA is described more closely in appendix 1 and in references [RSA78,)awidthshow
552 90 gm
0.13461 0.(DP84].)ashow
F T cp
%%Page: ? 79
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(76)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
110 90 gm
1 fs
18 fz
bu fc
2 F /|______Times-Bold fnt
bn
(7)show
110 126 gm
2.80822 0. 32 0.28082 0.(Implementing Secure FTAM)awidthshow
143 90 gm
2 fs
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
-0.05548 0.(The proof of a pudding is its eating.)ashow
159 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.07449 0.(\(an old English saying\))ashow
191 90 gm
0.15411 0. 32 0.01541 0.(Since the fall of 1989 implementation work based on the ideas presented in this study)awidthshow
207 90 gm
1.06460 0. 32 0.10646 0.(has been going on in Telecom Finland. As the first concrete application, a limited)awidthshow
223 90 gm
0.53894 0. 32 0.05389 0.(working prototype of secure FTAM is being built. The architecture of this project is)awidthshow
239 90 gm
-0.01412 0.(described in [KHA90].)ashow
274 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(7.1)ashow
274 126 gm
3.11538 0. 32 0.31153 0.(Requirements and Restrictions)awidthshow
306 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.05706 0. 32 0.00570 0.(The basic security requirements for FTAM were those stated in section 3.2.1, namely:)awidthshow
322 90 gm
0.59936 0. 32 0.05993 0.(Peer Entity Authentication, Connection Integrity, and Connection Confidentiality. It)awidthshow
338 90 gm
0.11672 0. 32 0.01167 0.(was concluded that Non-repudiation and Access Control could be left out for the time)awidthshow
354 90 gm
0.06797 0.(being.)ashow
389 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(7.2)ashow
389 126 gm
3.65402 0. 32 0.36540 0.(FTAM Security Profile)awidthshow
421 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.02874 0. 32 0.10287 0.(The ultimate profile of Secure FTAM is presented in figure 7-1 below. The figure)awidthshow
437 90 gm
0.24749 0. 32 0.02474 0.(shows both communications and security profiles, security related parts of the profile)awidthshow
453 90 gm
-0.07341 0.(are in bold-face. For practical reasons, the work was started with a modified profile and)ashow
469 90 gm
-0.03607 0.(later extended to that of figure 7-1. Here the Secure FTAM Profile is presented briefly,)ashow
485 90 gm
-0.06846 0.(layer by layer.)ashow
517 90 gm
0.32211 0. 32 0.03221 0.(In the application layer, the latest versions of FTAM [IS8571-4] and ACSE [IS8650])awidthshow
533 90 gm
-0.00918 0.(protocols are used. In the first phase, authentication is done at the transport layer but it)ashow
549 90 gm
1.06887 0. 32 0.10688 0.(will later be moved up to the application layer. The Security Addendum of ACSE)awidthshow
565 90 gm
-0.02592 0.([IS8650/A1] is used for the two-way authentication exchange. A limited version of the)ashow
581 90 gm
0.27252 0. 32 0.02725 0.(SCSE \(see section 3.4.3\) is implemented in phase two to perform the actual authenti-)awidthshow
597 90 gm
-0.08717 0.(cation function.)ashow
629 90 gm
1.13632 0. 32 0.11363 0.(In the presentation layer, the standard ISO presentation protocol [IS8823] is used.)awidthshow
645 90 gm
-0.02180 0.(When selective field integrity and confidentiality are included in the SCSE \(some time)ashow
661 90 gm
-0.08120 0.(in the future\), the presentation layer standards will have to be augmented with presenta-)ashow
677 90 gm
-0.08206 0.(tion contexts supporting data encryption.)ashow
709 90 gm
0.73791 0. 32 0.07379 0.(In the session layer, the standard ISO session protocol is used. The functional units)awidthshow
725 90 gm
-0.09968 0.(Kernel and Full Duplex are mandatory.)ashow
F T cp
%%Page: ? 80
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(77)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
2.32986 0. 32 0.23298 0.(In the transport layer, the standard ISO transport protocol [IS8073], including)awidthshow
117 90 gm
2.02087 0. 32 0.20208 0.(operation on a connectionless network service [IS8073/A2], is used. Class 4 is)awidthshow
133 90 gm
0.87310 0. 32 0.08731 0.(supported, with negotiation down to class 0 if necessary. An augmented version of)awidthshow
149 90 gm
1.13952 0. 32 0.11395 0.(EESP [ISO90a] is used, where certain defects, ambiguities, and contradictions are)awidthshow
165 90 gm
0.48721 0. 32 0.04872 0.(solved in a way commonly agreed on in the European COST-225 Secure Communi-)awidthshow
181 90 gm
-0.07028 0.(cations project [CGV90].)ashow
213 90 gm
0.29037 0. 32 0.02903 0.(In the network layer, the choice between two different subnetworks is given: one is a)awidthshow
229 90 gm
0.48843 0. 32 0.04884 0.(Local Area Network of the Ethernet-type, the other is the world-wide public packet-)awidthshow
245 90 gm
-0.06289 0.(switched X.25 data network. Three alternatives, all in accordance with the principles of)ashow
261 90 gm
1.57104 0. 32 0.15710 0.(OSI sub-layering, exist: ISO IP [IS8473] can be run on top of ISO 8802-2 LLC)awidthshow
277 90 gm
0.94390 0. 32 0.09439 0.([IS8802-2] or on X.25 PLP \(CCITT 1984, [IS8208]\); as the third alternative, X.25)awidthshow
293 90 gm
-0.02416 0.(can be used without ISO IP.)ashow
325 90 gm
0.59082 0. 32 0.05908 0.(At the two bottom layers, either a local are network of the Ethernet type [IS8802-3])awidthshow
341 90 gm
0.82962 0. 32 0.08296 0.(with ISO LLC type 1 [IS8802-2] or, with X.25, LAPB [IS7776] and X.21 physical)awidthshow
357 90 gm
1 2 lw
-0.00984 0.(interface [X.21] are used.)ashow
psb
pse
nc ct 39 0 put
0 0 gm
64 gr
qf
683 367 gm
pt
585 367 pl
585 433 pl
562 433 pl
ef
0 gr
eu
(nc 392 94 685 500 6 rc)kp
1 1 lw
0 0 pen
0 gr
562 433 lin
2 2 pen
393 236 683 499 0 rc
411 339 gm
1 setTxMode
bu fc
2 F /|______Times-Roman fnt
bn
-0.03561 0.(ISO 8571-4)ashow
429 298 gm
7.32714 0 rmoveto
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
(SCSE and ISO 8650/DAD1)show
448 344 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.04675 0.(ISO 8650)ashow
476 344 gm
-0.04675 0.(ISO 8823)ashow
504 344 gm
-0.04675 0.(ISO 8327)ashow
533 260 gm
0.01562 0 rmoveto
(ISO 8073 and ISO 8073/Add. 2, Class 4 or 0)show
577 344 gm
-0.04675 0.(ISO 8473)ashow
626 255 gm
0.01171 0 rmoveto
(ISO 8802-2, Type 1)show
673 275 gm
-0.03561 0.(ISO 8802-3)ashow
645 274 gm
-0.03561 0.(ISO 8802-3)ashow
551 352 gm
0.99560 0 rmoveto
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
(EESP)show
600 375 gm
0.18115 0 rmoveto
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(ISO 8208 \(CCITT X.25\))show
636 387 gm
-0.07009 0.(ISO 7776 \(LAPB\))ashow
673 401 gm
0.33789 0 rmoveto
(CCITT X.21)show
1 2 lw
1 1 pen
458 236 gm
0 gr
458 498 lin
1 1 lw
0 0 pen
458 498 lin
1 2 lw
1 1 pen
486 236 gm
486 498 lin
1 1 lw
0 0 pen
486 498 lin
1 2 lw
1 1 pen
514 236 gm
514 498 lin
1 1 lw
0 0 pen
514 498 lin
1 2 lw
1 1 pen
561 236 gm
561 498 lin
1 1 lw
0 0 pen
561 498 lin
1 2 lw
1 1 pen
608 236 gm
608 498 lin
1 1 lw
0 0 pen
608 498 lin
1 2 lw
1 1 pen
655 236 gm
655 498 lin
1 1 lw
0 0 pen
655 498 lin
429 96 gm
1 setTxMode
-0.13825 0.(7. Application Layer)ashow
476 96 gm
-0.06437 0.(6. Presentation Layer)ashow
504 96 gm
(5. Session Layer)show
542 96 gm
-0.03643 0.(4. Transport Layer)ashow
589 96 gm
(3. Network Layer)show
636 96 gm
-0.13462 0.(2. Data Link Layer)ashow
673 96 gm
-0.03964 0.(1. Physical Layer)ashow
626 198 gm
-0.16264 0.(\(LLC\))ashow
645 193 gm
-0.33010 0.(\(MAC\))ashow
577 183 gm
-0.14367 0.(\(Internet\))ashow
600 186 gm
-0.04530 0.(\(Subnet\))ashow
1 1 pen
730 90 gm
(nc 30 28 811 566 6 rc)kp
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.26438 0.(Figure 7-1:)ashow
730 162 gm
-0.01553 0.(Secure FTAM Profile.)ashow
F T cp
%%Page: ? 81
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(78)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01925 0.(Authentication is handled by the Secure Communications Service Element \(SCSE, see)ashow
117 90 gm
0.02365 0. 32 0.00236 0.(section 3.4.3\) with the help of the Association Control Service Element authentication)awidthshow
133 90 gm
-0.05264 0.(facility [IS8650/A1]. Bulk Integrity and Confidentiality are achieved by using the End-)ashow
149 90 gm
0.20568 0. 32 0.02056 0.(system to End-system Security Protocol \(EESP\) [ISO90a] at the bottom of the Trans-)awidthshow
165 90 gm
0.07720 0. 32 0.00772 0.(port Layer, as proposed in sections 4.2 and 4.3. DES is used as the symmetric encryp-)awidthshow
181 90 gm
-0.07388 0.(tion mechanism required by EESP.)ashow
213 90 gm
0.02349 0. 32 0.00234 0.(The EESP proposal also includes Peer Entity Authentication at the Transport Layer. It)awidthshow
229 90 gm
-0.04112 0.(was decided, that the first working prototype should use the Peer Entity Authentication)ashow
245 90 gm
0.45257 0. 32 0.04525 0.(facility of EESP but based on asymmetric, rather than symmetric, encryption. At the)awidthshow
261 90 gm
0.89508 0. 32 0.08950 0.(next stage, authentication will be moved up to the Application Layer and based on)awidthshow
277 90 gm
0.25970 0. 32 0.02597 0.(ACSE, as proposed in section 4.1. RSA is used as the asymmetric encryption mecha-)awidthshow
293 90 gm
-0.08366 0.(nism required for strong authentication.)ashow
328 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(7.3)ashow
328 126 gm
2.76885 0. 32 0.27688 0.(Management Issues)awidthshow
360 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.07008 0.(The certificate distribution mechanism of the Directory [X.509] is used to distribute the)ashow
376 90 gm
0.04348 0. 32 0.00434 0.(public keys. The X.500 Directory User Agents \(DUAs\), located at the communicating)awidthshow
392 90 gm
-0.02102 0.(end-systems, can query X.509-type certificates of the public keys of other parties from)ashow
408 90 gm
1.15982 0. 32 0.11598 0.(their Directory Server Agents \(DSAs\). The certified public keys are then used for)awidthshow
424 90 gm
0.55725 0. 32 0.05572 0.(mutual strong authentication and the exchange of a pair-wise session key to be used)awidthshow
440 90 gm
(with the EESP.)show
2 2 pen
623 333 gm
(nc 463 154 700 438 6 rc)kp
0 gr
655 398 lin
613 229 gm
660 192 lin
548 286 gm
501 286 lin
psb
pse
nc ct 39 0 put
594 220 gm
bp
576 239 T qi
557 239 qc
538 258 qc
538 295 qc
557 314 qc
557 333 qc
566 342 qc
585 342 qc
594 333 qc
604 333 qc
623 342 qc
632 333 qc
632 314 qc
641 304 qc
651 304 qc
660 295 qc
660 276 qc
651 267 qc
632 267 qc
623 258 qc
623 248 qc
613 220 qc
594 220 64 gr
T qq
qf
ef
0 gr
7 ec
(nc 463 154 700 438 6 rc)kp
585 259 gm
1 setTxMode
bu fc
2 F /|______Times-Roman fnt
bn
-0.03971 0.(Untrusted)ashow
597 262 gm
0.01025 0 rmoveto
(Network)show
609 260 gm
-0.14367 0.(\(Internet\))ashow
64 gr
463 258 512 316 1 rc
0 gr
464 259 511 315 0 rc
484 272 gm
0.66845 0 rmoveto
1 setTxMode
(X.500)show
496 275 gm
-0.49853 0.(DSA)ashow
64 gr
651 154 700 222 1 rc
0 gr
652 155 699 221 0 rc
681 171 gm
1 setTxMode
-0.44366 0.(FTAM)ashow
693 175 gm
-0.33082 0.(client)ashow
665 175 gm
-0.49472 0.(DUA)ashow
64 gr
651 370 700 438 1 rc
0 gr
652 371 699 437 0 rc
681 389 gm
1 setTxMode
-0.44366 0.(FTAM)ashow
693 391 gm
-0.06117 0.(server)ashow
665 393 gm
-0.49472 0.(DUA)ashow
0 gr
676 360 688 372 160 200 1 ar
676 219 688 231 340 380 1 ar
1 1 pen
682 230 gm
682 361 lin
496 250 508 262 96 136 1 ar
643 180 655 192 276 316 1 ar
644 188 gm
506 253 lin
642 394 654 406 221 261 1 ar
495 312 507 324 41 81 1 ar
505 320 gm
643 397 lin
679 242 gm
1 setTxMode
-0.09107 0.(Secure FTAM Session)ashow
569 171 gm
0.66845 0 rmoveto
(X.509)show
581 158 gm
-0.20887 0.(Certificates)ashow
569 379 gm
0.66845 0 rmoveto
(X.509)show
581 366 gm
-0.20887 0.(Certificates)ashow
734 90 gm
(nc 30 28 811 566 6 rc)kp
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.26438 0.(Figure 7-2:)ashow
734 162 gm
-0.00938 0.(Key management in Secure FTAM.)ashow
F T cp
%%Page: ? 82
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(79)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
104 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(7.4)ashow
104 126 gm
4.15527 0. 32 0.41552 0.(Implementation Environment)awidthshow
136 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.61508 0. 32 0.06150 0.(The FTAM implementation of ISODE is used as the basis of this work for practical)awidthshow
152 90 gm
0.52795 0. 32 0.05279 0.(reasons. Because it is our intention to experiment with secure FTAM internationally)awidthshow
168 90 gm
-0.11923 0.(within the COST-225 project, and because ISODE is the international de facto reference)ashow
184 90 gm
0.44235 0. 32 0.04423 0.(implementation it, rather than C-VOPS, was chosen as the basis of this work. A Sun)awidthshow
200 90 gm
0.10192 0. 32 0.01019 0.(3/80 workstation connected to both a Local Area Network and the public X.25 Packet)awidthshow
216 90 gm
0.47225 0. 32 0.04722 0.(Switched Data Network is used. The system is first tested with TP0 running on both)awidthshow
232 90 gm
0.00396 0. 32 0.00039 0.(X.25 and TCP/IP. Later on, ISO IP will be used in the LAN.)awidthshow
264 90 gm
0.48660 0. 32 0.04866 0.(The C-VOPS implementations of both the Directory Server Agent and the Directory)awidthshow
280 90 gm
-0.02423 0.(User Agent of the X.500 Directory \(including X.509\) are used and run on Sun 3.)ashow
315 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.74998 0.(7.5)ashow
315 126 gm
2.18765 0. 32 0.21876 0.(Current Status of the Project)awidthshow
347 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.73898 0. 32 0.07389 0.(The first version of Secure FTAM was successfully demonstrated at the COST-225)awidthshow
363 90 gm
-0.07885 0.(management committee meeting in Yugoslavia in October 1990. At that time, integrity,)ashow
379 90 gm
-0.06738 0.(confidentiality, and primitive authentication \(based on symmetric encryption and initial)ashow
395 90 gm
-0.03465 0.(sequence numbers of PDUs\), all done with EESP at the transport layer, were working.)ashow
427 90 gm
0.14572 0. 32 0.01457 0.(At the next phase, public key encryption and certificates distributed via X.509 will be)awidthshow
443 90 gm
1.47598 0. 32 0.14759 0.(used for key management. Interfacing the key management with X.509 was well)awidthshow
459 90 gm
-0.05813 0.(under-way in November. At the first stage, both the DUA and the DSA \(see figure 7-2\))ashow
475 90 gm
0.63232 0. 32 0.06323 0.(are running on the same Sun 3 workstation and communicating via shared memory.)awidthshow
491 90 gm
0.46081 0. 32 0.04608 0.(Later on, a real, distributed directory system will be used. In the year 1991 the work)awidthshow
507 90 gm
-0.15936 0.(will be continued by implementing Peer Entity Authentication in the Application Layer.)ashow
539 90 gm
0.28823 0. 32 0.02882 0.(Due to some limitations of the latest ISODE version \(v. 6.0\), the current status of the)awidthshow
555 90 gm
-0.07510 0.(system differs from figure 7-1 in several ways which are described here in some detail.)ashow
587 90 gm
0.40008 0. 32 0.04000 0.(In ISODE, only class 0 transport protocol is currently supported on the LAN. There-)awidthshow
603 90 gm
1.44973 0. 32 0.14497 0.(fore, transport protocol class 4, which is the preferable class with connectionless)awidthshow
619 90 gm
1.24069 0. 32 0.12406 0.(networks, cannot be used in LANs. ISODE currently runs TP0 on top of TCP/IP,)awidthshow
635 90 gm
0.45974 0. 32 0.04597 0.(instead of ISO IP, as shown in figure 7-3 \(just forget the EESP in end-system A and)awidthshow
651 90 gm
-0.08752 0.(you see the current profile of ISODE\).)ashow
683 90 gm
0.32043 0. 32 0.03204 0.(TCP/IP offers quality of service comparable to that of the X.25-type packet switched)awidthshow
699 90 gm
0.60821 0. 32 0.06082 0.(networks, which makes the use of TP0 on top of it quite reliable. The solution is an)awidthshow
715 90 gm
0.73593 0. 32 0.07359 0.(intermediate one and, luckily, does not reflect to the upper layers in any significant)awidthshow
731 90 gm
-0.04107 0.(way. Later on, the network layer can be changed into ISO IP and the transport protocol)ashow
747 90 gm
-0.10026 0.(into class 4 without significant impact on the other layers.)ashow
F T cp
%%Page: ? 83
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(80)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.17990 0. 32 0.01799 0.(The other alternative currently supported by ISODE is presented in figure 7-3 as end-)awidthshow
117 90 gm
-0.06401 0.(system B \(just forget the EESP again\). This is already a pure OSI protocol stack, where)ashow
133 90 gm
-0.06561 0.(class 0 transport protocol is run on top of the reliable virtual circuits offered by X.25.)ashow
165 90 gm
-0.07148 0.(In ISODE the LAN currently supported is not ISO 8802-3 \(IEEE 802.3\) but Ethernet 2.)ashow
181 90 gm
-0.00964 0.(There are subtle differences between these two types of LAN, both in the physical and)ashow
197 90 gm
-0.05065 0.(in the data link layer, which make them incompatible. Also, IEEE 802.2 Type 1, which)ashow
213 90 gm
-0.02038 0.(really is functionally empty \(just add a header consisting of a 0-octet to each frame\), is)ashow
229 90 gm
0.23834 0. 32 0.02383 0.(not included in the current ISODE distribution. In fact, practically the whole world is)awidthshow
245 90 gm
-0.09925 0.(using Ethernet 2 at the moment and even though stations of the two types can operate in)ashow
261 90 gm
0.36499 0. 32 0.03649 0.(the same physical network, they cannot \(without clever tricks, such those used in the)awidthshow
277 90 gm
0.05355 0. 32 0.00535 0.(BSD 4.3 Unix\) interoperate. Therefore, the use of Ethernet 2 is preferable for the time)awidthshow
293 90 gm
1 2 lw
0.06797 0.(being.)ashow
psb
pse
nc ct 39 0 put
0 0 gm
64 gr
qf
464 325 gm
pt
482 325 pl
482 447 pl
464 447 pl
ef
0 gr
eu
(nc 312 108 505 486 6 rc)kp
1 1 lw
0 0 pen
0 gr
464 447 lin
1 2 lw
psb
pse
nc ct 39 0 put
64 gr
qf
1 1 pen
464 147 gm
pt
482 147 pl
482 269 pl
464 269 pl
ef
0 gr
eu
(nc 312 108 505 486 6 rc)kp
1 1 lw
0 0 pen
0 gr
464 269 lin
64 gr
350 240 465 354 1 rc
2 2 pen
0 gr
351 241 464 353 0 rc
1 2 lw
1 1 pen
435 240 gm
435 353 lin
1 1 lw
0 0 pen
435 353 lin
1 2 lw
1 1 pen
379 240 gm
379 353 lin
1 1 lw
0 0 pen
379 353 lin
1 2 lw
1 1 pen
407 240 gm
407 353 lin
1 1 lw
0 0 pen
407 353 lin
1 2 lw
1 1 pen
351 296 gm
463 296 lin
1 1 lw
0 0 pen
463 296 lin
64 gr
313 108 465 185 1 rc
2 2 pen
0 gr
314 109 464 184 0 rc
1 2 lw
1 1 pen
435 184 gm
435 109 lin
1 1 lw
0 0 pen
435 109 lin
1 2 lw
1 1 pen
407 184 gm
407 109 lin
1 1 lw
0 0 pen
407 109 lin
1 2 lw
1 1 pen
379 184 gm
379 109 lin
1 1 lw
0 0 pen
379 109 lin
1 2 lw
1 1 pen
351 184 gm
351 109 lin
1 1 lw
0 0 pen
351 109 lin
369 135 gm
1 setTxMode
bu fc
2 F /|______Times-Roman fnt
bn
(TCP)show
397 141 gm
0.16796 0 rmoveto
(IP)show
425 122 gm
-0.18264 0.(Ethernet 2)ashow
452 122 gm
-0.18264 0.(Ethernet 2)ashow
369 258 gm
(TCP)show
397 261 gm
0.16796 0 rmoveto
(IP)show
425 244 gm
-0.18264 0.(Ethernet 2)ashow
452 244 gm
-0.18264 0.(Ethernet 2)ashow
397 312 gm
0.66845 0 rmoveto
(X.25)show
425 309 gm
-0.22259 0.(LAPB)ashow
453 312 gm
0.66845 0 rmoveto
(X.21)show
369 320 gm
0.16845 0 rmoveto
(\257)show
64 gr
313 408 465 485 1 rc
2 2 pen
0 gr
314 409 464 484 0 rc
1 2 lw
1 1 pen
435 484 gm
435 409 lin
1 1 lw
0 0 pen
435 409 lin
1 2 lw
1 1 pen
407 484 gm
407 409 lin
1 1 lw
0 0 pen
407 409 lin
1 2 lw
1 1 pen
379 484 gm
379 409 lin
1 1 lw
0 0 pen
379 409 lin
1 2 lw
1 1 pen
351 484 gm
351 409 lin
1 1 lw
0 0 pen
351 409 lin
397 435 gm
0.66845 0 rmoveto
1 setTxMode
(X.25)show
425 431 gm
-0.22259 0.(LAPB)ashow
453 435 gm
0.66845 0 rmoveto
(X.21)show
369 442 gm
0.16845 0 rmoveto
(\257)show
330 136 gm
(TP0)show
345 132 gm
(EESP)show
330 438 gm
(TP0)show
345 434 gm
(EESP)show
0 gr
389 348 401 360 340 380 1 ar
389 402 401 414 160 200 1 ar
1 1 pen
395 403 gm
395 359 lin
416 348 428 360 340 380 1 ar
416 402 428 414 160 200 1 ar
422 403 gm
422 359 lin
444 348 456 360 340 380 1 ar
444 402 456 414 160 200 1 ar
450 403 gm
450 359 lin
360 179 372 191 340 380 1 ar
360 234 372 246 160 200 1 ar
366 235 gm
366 190 lin
389 179 401 191 340 380 1 ar
389 234 401 246 160 200 1 ar
395 235 gm
395 190 lin
416 179 428 191 340 380 1 ar
416 234 428 246 160 200 1 ar
422 235 gm
422 190 lin
444 179 456 191 340 380 1 ar
444 234 456 246 160 200 1 ar
450 235 gm
450 190 lin
326 403 338 415 160 200 1 ar
326 178 338 190 340 380 1 ar
332 189 gm
332 404 lin
501 143 gm
1 setTxMode
(A)show
501 240 gm
-0.11831 0.(transport layer gateway)ashow
501 443 gm
(B)show
534 90 gm
(nc 30 28 811 566 6 rc)kp
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.26438 0.(Figure 7-3:)ashow
534 162 gm
-0.11331 0.(The current layers one through four.)ashow
566 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.06764 0.(As shown in figure 7-3, a transport layer gateway can be used to interconnect these two)ashow
582 90 gm
0.59570 0. 32 0.05957 0.(ISODE-based implementations in such as way, that EESP and TP0 truly are end-to-)awidthshow
598 90 gm
-0.07357 0.(end. With this kind of gateway, which can easily be built with ISODE \(and was already)ashow
614 90 gm
1.13891 0. 32 0.11389 0.(built and tested at the Technical Research Centre of Finland as early as 1986, see)awidthshow
630 90 gm
2.04986 0. 32 0.20498 0.([TTY88], pp. 29-30\), it is possible to communicate end-to-end between all the)awidthshow
646 90 gm
0.34133 0. 32 0.03413 0.(workstations connected to a LAN and all the computers connected to the world-wide)awidthshow
662 90 gm
(X.25 public data network.)show
694 90 gm
0.33660 0. 32 0.03366 0.(Since 1989 Telecom Finland has been offering the first public service for high-speed)awidthshow
710 90 gm
-0.03379 0.(LAN interconnection in the world. The Datanet Service currently operates nation-wide)ashow
726 90 gm
0.33554 0. 32 0.03355 0.(at the maximum speed of 2 Mb/s, which will soon be significantly increased. For the)awidthshow
742 90 gm
1.90750 0. 32 0.19075 0.(time being only DoD IP is officially supported but support for other protocols,)awidthshow
758 90 gm
2.00866 0. 32 0.20086 0.(including the routing of ISO IP and tunneling of proprietary protocols, will be)awidthshow
F T cp
%%Page: ? 84
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(81)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.08830 0.(announced soon. Infonet Inc. is developing a similar international LAN-interconnection)ashow
101 90 gm
0.03799 0. 32 0.00379 0.(service in cooperation with Telecom Finland. This means that the service will soon be)awidthshow
117 90 gm
-0.03216 0.(available in most of Europe and the U.S. This is a clear indication of the validity of the)ashow
133 90 gm
-0.08915 0.(speculation on network evolution presented in chapter 1.)ashow
165 90 gm
0.13778 0. 32 0.01377 0.(In this kind of global, untrusted commercial network, the importance of open systems)awidthshow
181 90 gm
0.60012 0. 32 0.06001 0.(security cannot be over-estimated. As the leading teleoperator in Finland \(where we)awidthshow
197 90 gm
0.20416 0. 32 0.02041 0.(have the most deregulated telecommunications business in Europe\), Telecom Finland)awidthshow
213 90 gm
0.48233 0. 32 0.04823 0.(intends to be among the first teleoperators to offer secure services in a network with)awidthshow
229 90 gm
0.50857 0. 32 0.05085 0.(world-wide connectivity. The results of the implementation project of secure FTAM)awidthshow
245 90 gm
-0.05519 0.(will provide valuable feed-back to the theory presented in this study and, possibly, lead)ashow
261 90 gm
0.07507 0. 32 0.00750 0.(to revising some parts of it. Being financed by Telecom Finland, it is only natural that)awidthshow
277 90 gm
-0.11795 0.(this project should lead into commercial applications within a couple of years.)ashow
F T cp
%%Page: ? 85
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(82)show
802 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
110 90 gm
1 fs
18 fz
bu fc
2 F /|______Times-Bold fnt
bn
(8)show
110 126 gm
0.69935 0.(Conclusions)ashow
143 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.13433 0. 32 0.11343 0.(This work was based on the security requirements of real applications used in the)awidthshow
159 90 gm
-0.05654 0.(business world and the real evolution of private and public networks. It was shown that)ashow
175 90 gm
-0.01188 0.(tomorrow's world-wide interconnected networks cannot be trusted but secure informa-)ashow
191 90 gm
1.18041 0. 32 0.11804 0.(tion systems have to be developed to operate on an untrusted network. Therefore,)awidthshow
207 90 gm
0.45776 0. 32 0.04577 0.(physical security measures and cryptographic techniques within the networks cannot)awidthshow
223 90 gm
-0.05752 0.(alone guarantee security in an open systems environment but end-to-end security needs)ashow
239 90 gm
0.59951 0. 32 0.05995 0.(to be built into terminal equipment \(both terminals and computers\) by using crypto-)awidthshow
255 90 gm
-0.07180 0.(graphic techniques.)ashow
287 90 gm
1.47720 0. 32 0.14772 0.(In this study, a security framework based on the properties of a layer entity was)awidthshow
303 90 gm
0.33905 0. 32 0.03390 0.(developed, integrated into the OSI reference model, and used to analyze a number of)awidthshow
319 90 gm
1.45950 0. 32 0.14595 0.(security functions and mechanisms and place them into the OSI model. The OSI)awidthshow
335 90 gm
0.24703 0. 32 0.02470 0.(reference model was taken as the basis of this study because it is the only universally)awidthshow
351 90 gm
-0.04675 0.(accepted framework we have. However, a critical view was kept on the OSI model and)ashow
367 90 gm
-0.03289 0.(several modifications and extensions to it were proposed. In this way, this study serves)ashow
383 90 gm
0.73318 0. 32 0.07331 0.(as a contribution to the ongoing, rather lively, OSI discussion. Most of this work is)awidthshow
399 90 gm
-0.15531 0.(also directly applicable to other layered telecommunications architectures.)ashow
431 90 gm
0.31921 0. 32 0.03192 0.(Starting from the customer needs, the security requirements of real applications were)awidthshow
447 90 gm
-0.00518 0.(analyzed, prioritized, and seen to be, to a large extent, rather similar from one applica-)ashow
463 90 gm
0.33096 0. 32 0.03309 0.(tion to another. It was therefore concluded, that security should be an integral part of)awidthshow
479 90 gm
0.52841 0. 32 0.05284 0.(the quality of service provided by OSI rather than something implemented on a per-)awidthshow
495 90 gm
-0.07695 0.(application basis.)ashow
527 90 gm
-0.00169 0.(A set of criteria affecting the placement of the security functions and mechanisms into)ashow
543 90 gm
-0.05543 0.(the layers of OSI were presented. These criteria were then used to determine the proper)ashow
559 90 gm
0.38879 0. 32 0.03887 0.(place of each security function and mechanism in the OSI reference model. For each)awidthshow
575 90 gm
-0.08409 0.(function, a mechanisms capable of implementing this function was found.)ashow
607 90 gm
0.04547 0. 32 0.00454 0.(Management issues associated with these functions and mechanisms were studied and)awidthshow
623 90 gm
0.02243 0. 32 0.00224 0.(solutions were found to problems such as the activation of these functions and mecha-)awidthshow
639 90 gm
-0.08168 0.(nisms and key management.)ashow
671 90 gm
0.57189 0. 32 0.05718 0.(This work is not tied into any existing cryptosystems, which are expected to change)awidthshow
687 90 gm
0.39489 0. 32 0.03948 0.(continuously with the advances in cryptology \(both cryptography and cryptanalysis\).)awidthshow
703 90 gm
-0.01347 0.(However, in order to tie this work more closely to reality, real cryptosystems, physical)ashow
719 90 gm
1.47079 0. 32 0.14707 0.(mechanisms for implementing them, and OSI software implementations, together)awidthshow
735 90 gm
-0.08279 0.(forming a sound platform for real implementations, were pointed out.)ashow
F T cp
%%Page: ? 86
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(83)show
802 288 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.00671 0. 32 0.00067 0.(The ultimate test of the ideas presented here is whether they will be found to be useful)awidthshow
117 90 gm
0.24047 0. 32 0.02404 0.(in implementing real secure open systems based, as much as possible, on the existing)awidthshow
133 90 gm
0.63171 0. 32 0.06317 0.(implementations. The solutions were tested in a pilot project implementing a secure)awidthshow
149 90 gm
-0.07133 0.(version of the internationally standardized FTAM service. This work is still continuing,)ashow
165 90 gm
-0.08392 0.(but encouraging results have already been achieved. Feed-back gained from this project)ashow
181 90 gm
-0.09988 0.(will prove to be valuable in developing these ideas further.)ashow
213 90 gm
0.19454 0. 32 0.01945 0.(It was shown that Secure Open Systems, in deed, are very much needed and that they)awidthshow
229 90 gm
0.42922 0. 32 0.04292 0.(can be efficiently built based on the existing protocols, cryptosystems, and OSI soft-)awidthshow
245 90 gm
-0.09341 0.(ware implementations. This study provides an architecture and implementational guide-)ashow
261 90 gm
-0.06015 0.(lines for building secure open systems from these building blocks.)ashow
293 90 gm
0.43273 0. 32 0.04327 0.(Along the way, several new concepts, such as )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.74447 0. 32 0.07444 0.(Security Context)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.22674 0. 32 0.02267 0.( and )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.70709 0. 32 0.07070 0.(Security Profile)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
309 90 gm
0.95046 0. 32 0.09504 0.(were defined and found to be useful. Many apparently fertile directions for further)awidthshow
325 90 gm
-0.09039 0.(research in the field of Secure Open Systems were pointed out. The architectural frame-)ashow
341 90 gm
-0.02615 0.(work and concepts developed in this study make it possible to formulate questions that)ashow
357 90 gm
0.22048 0. 32 0.02204 0.(have never been asked before, which brings a whole new research area, at the bound-)awidthshow
373 90 gm
0.42449 0. 32 0.04244 0.(ary between theoretical protocol research and cryptology, within the scope of formal)awidthshow
389 90 gm
-0.00344 0.(research. In this way, this work opens more doors than it closes.)ashow
421 90 gm
1.09649 0. 32 0.10964 0.(Among the directions for further work found and pointed out in this study are the)awidthshow
437 90 gm
-0.11027 0.(following:)ashow
469 90 gm
0.68756 0. 32 0.06875 0.(A formalism for analyzing the security of open systems and constructively building)awidthshow
485 90 gm
-0.05682 0.(provably secure open systems needs to be developed as pointed out in section 3.4.)ashow
517 90 gm
-0.01379 0.(The security mechanisms described in the appendix need to be split up further in order)ashow
533 90 gm
-0.10144 0.(to find the "atomic" elements of security. These elements appear to include mechanisms)ashow
549 90 gm
-0.03781 0.(for en/decrypting messages and signing them. If these basic mechanisms can in turn be)ashow
565 90 gm
0.33813 0. 32 0.03381 0.(implemented on silicon with a reasonable amount of chip area they can be integrated)awidthshow
581 90 gm
1.80694 0. 32 0.18069 0.(into various ICs which constitute the basic physically secure "computers" inter-)awidthshow
597 90 gm
0.37094 0. 32 0.03709 0.(connected via a global untrusted network consisting of hierarchy of networks \(multi-)awidthshow
613 90 gm
-0.01855 0.(chip carrier, circuit board, backplane, LAN, MAN, WAN\) all with high bandwidth but)ashow
629 90 gm
-0.09893 0.(the latency times increasing with the dimensions of the network.)ashow
661 90 gm
0.53268 0. 32 0.05326 0.(If these two goals are reached we'll be able to construct provably secure fully distri-)awidthshow
677 90 gm
0.29922 0. 32 0.02992 0.(buted global information systems trusting only in the physically secure chips and our)awidthshow
693 90 gm
0.80032 0. 32 0.08003 0.(Certification Authority. The task should not be underestimated but this direction of)awidthshow
709 90 gm
-0.07472 0.(research certainly looks very promising.)ashow
F T cp
%%Trailer
cd
end
%%Pages: 86 0

% Next: Appendices

%!PS-Adobe-2.0
%%Title: Appendices
%%Creator: NoWord
%%Pages: (atend)
%%BoundingBox: ? ? ? ?
%%PageBoundingBox: 28 30 566 811
%%For: AriA
%%IncludeProcSet: "(AppleDict md)" 68 0
%%EndComments
%%EndProlog
%%BeginDocumentSetup
md begin

T T -30 -28 811 566 100 72 72 3 F F F F T T T psu
(AriA; document: Appendices)jn
0 mf
od
%%EndDocumentSetup
%%Page: ? 1
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
bu fc
{}mark T /Times-Roman /|______Times-Roman 0 rf
bn
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(84)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
110 90 gm
1 fs
bu fc
{}mark T /Times-Bold /|______Times-Bold 0 rf
bn
18 fz
bu fc
2 F /|______Times-Bold fnt
bn
2.00527 0.(A1)ashow
110 135 gm
3.77014 0. 32 0.37701 0.(Security Mechanisms)awidthshow
143 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.04818 0.(This appendix is provided as a general introduction to cryptology for those not familiar)ashow
159 90 gm
-0.07037 0.(with the topic.)ashow
191 90 gm
2 fs
bu fc
{}mark T /Times-Italic /|______Times-Italic 0 rf
bn
bu fc
2 F /|______Times-Italic fnt
bn
2.79998 0. 32 0.27999 0.(Security mechanisms)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.35925 0. 32 0.13592 0.(, as defined in [IS7498-2], are the means by which the OSI)awidthshow
207 90 gm
0.35720 0. 32 0.03572 0.(Security Functions can be provided. In the OSI Security Architecture mechanisms of)awidthshow
223 90 gm
-0.07037 0.(quite different levels are all called security mechanisms. In fact these mechanisms form)ashow
239 90 gm
-0.17808 0.(a hierarchy:)ashow
271 90 gm
(-)show
271 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.72647 0. 32 0.07264 0.(Higher level mechanisms)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.53070 0. 32 0.05307 0.(, such as security protocols and \(semantic\) message)awidthshow
287 126 gm
(contents.)show
319 90 gm
(-)show
319 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.77362 0. 32 0.07736 0.(Lower level mechanisms)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.52536 0. 32 0.05253 0.(, such as cryptosystems, forming parts of the above-)awidthshow
335 126 gm
-0.11943 0.(mentioned higher level mechanisms.)ashow
367 90 gm
(-)show
367 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.24557 0. 32 0.12455 0.(Physical mechanisms)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.64331 0. 32 0.06433 0.(, such as encryption chips and pieces of program code,)awidthshow
383 126 gm
1 2 lw
-0.13789 0.(implementing the above-mentioned mechanisms.)ashow
592 119 gm
(nc 409 112 640 481 6 rc)kp
0 gr
592 480 lin
1 1 lw
0 0 pen
592 480 lin
64 gr
545 208 574 284 1 rc
1 2 lw
1 1 pen
0 gr
545.5 208.5 573.5 283.5 0 rc
1 1 lw
0 0 pen
592 480 lin
556 224 gm
0.06152 0 rmoveto
1 setTxMode
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(Symmetric)show
568 219 gm
(Encr. Mechs.)show
64 gr
545 293 574 368 1 rc
1 2 lw
1 1 pen
0 gr
545.5 293.5 573.5 367.5 0 rc
1 1 lw
0 0 pen
559 224 gm
559 224 lin
556 306 gm
1 setTxMode
-0.04734 0.(Asymmetric)ashow
568 304 gm
(Encr. Mechs.)show
64 gr
480 124 508 200 1 rc
1 2 lw
1 1 pen
0 gr
480.5 124.5 507.5 199.5 0 rc
1 1 lw
0 0 pen
559 306 gm
559 306 lin
491 144 gm
1 setTxMode
-0.05358 0.(Integrity)ashow
503 136 gm
-0.05998 0.(Mechanisms)ashow
1 2 lw
1 1 pen
0 gr
438.5 232.5 507.5 325.5 0 rc
1 1 lw
0 0 pen
494 144 gm
494 144 lin
460 247 gm
1 setTxMode
-0.03277 0.(Authentication)ashow
472 252 gm
-0.05998 0.(Mechanisms)ashow
64 gr
480 382 508 476 1 rc
1 2 lw
1 1 pen
0 gr
480.5 382.5 507.5 475.5 0 rc
1 1 lw
0 0 pen
463 247 gm
463 247 lin
491 410 gm
1 setTxMode
-0.04005 0.(Signature)ashow
503 404 gm
-0.05998 0.(Mechanisms)ashow
1 2 lw
1 1 pen
0 gr
414.5 321.5 512.5 391.5 0 rc
1 1 lw
0 0 pen
494 410 gm
494 410 lin
446 343 gm
1 setTxMode
-0.30049 0.(Zero-)ashow
458 331 gm
-0.26173 0.(Knowledge)ashow
470 329 gm
-0.05998 0.(Mechanisms)ashow
1 2 lw
1 1 pen
0 gr
409.5 227.5 442.5 335.5 0 rc
1 1 lw
0 0 pen
449 343 gm
449 343 lin
429 244 gm
0.20434 0 rmoveto
1 setTxMode
(Security Protocols)show
64 gr
611 251 640 326 1 rc
1 2 lw
1 1 pen
0 gr
611.5 251.5 639.5 325.5 0 rc
1 1 lw
0 0 pen
432 244 gm
432 244 lin
622 272 gm
0.05908 0 rmoveto
1 setTxMode
(Physical)show
634 263 gm
-0.05998 0.(Mechanisms)ashow
1 2 lw
1 1 pen
461 119 gm
0 gr
461 480 lin
1 1 lw
0 0 pen
461 480 lin
432 113 gm
0.07495 0 rmoveto
1 setTxMode
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
(higher level mechanisms)show
531 113 gm
0.23999 0 rmoveto
(lower level mechanisms)show
629 113 gm
0.15258 0 rmoveto
(physical mechanisms)show
1 1 pen
677 90 gm
(nc 30 28 811 566 6 rc)kp
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
-0.17942 0.(Figure A1-1:)ashow
677 162 gm
-0.07237 0.(The hierarchy of security mechanisms.)ashow
709 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.47546 0. 32 0.04754 0.(The security of a local system can, to a great extent, be ensured by physical security)awidthshow
725 90 gm
-0.08149 0.(arrangements. In a global untrusted network it is impossible to guarantee the security of)ashow
741 90 gm
1.75567 0. 32 0.17556 0.(communications by means of physical security but cryptographic techniques are)awidthshow
757 90 gm
-0.06008 0.(needed. A lot of work has been done in the area of cryptology during the past couple of)ashow
F T cp
%%Page: ? 2
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(85)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.74325 0. 32 0.07432 0.(thousand years but the most significant progress has taken place after the advent of)awidthshow
101 90 gm
-0.10626 0.(electronic computing. Today we have at our disposal a number of cryptographic mecha-)ashow
117 90 gm
-0.10945 0.(nisms that can be used in connection with open communications architectures.)ashow
149 90 gm
1.85653 0. 32 0.18565 0.(Among the basic cryptographic mechanisms are those used for data encryption,)awidthshow
165 90 gm
-0.10137 0.(integrity and authentication. Data encryption mechanisms can be used for all these three)ashow
181 90 gm
0.20950 0. 32 0.02095 0.(purposes and they are usually divided into symmetric and asymmetric cryptosystems.)awidthshow
197 90 gm
0.84182 0. 32 0.08418 0.(There are cryptosystems, not based on asymmetric encryption, that can be used for)awidthshow
213 90 gm
0.52856 0. 32 0.05285 0.(purposes or authentication and non-repudiation. Here we shall discuss the four main)awidthshow
229 90 gm
0.16540 0. 32 0.01654 0.(classes of cryptographic mechanisms: )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.22354 0. 32 0.02235 0.(symmetric encryption mechanisms)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(, )show
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.04238 0.(asymmetric)ashow
245 90 gm
0.15960 0. 32 0.01596 0.(encryption mechanisms)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(, )show
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.15609 0. 32 0.01560 0.(signature mechanisms)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.04440 0. 32 0.00444 0.(, and )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.14938 0. 32 0.01493 0.(integrity mechanisms)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.11474 0. 32 0.01147 0.(, separately.)awidthshow
261 90 gm
-0.10859 0.(The use of signature mechanisms for )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.10758 0.(authentication)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.10499 0.( is discussed and the important class)ashow
277 90 gm
0.68237 0. 32 0.06823 0.(of )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.54119 0. 32 0.25411 0.(zero-knowledge techniques)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.36688 0. 32 0.13668 0.( is briefly dealt with. Finally, the implementational)awidthshow
293 90 gm
-0.05813 0.(aspects of cryptographic mechanisms and the )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.06202 0.(physical mechanisms)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.06593 0.( implementing them)ashow
309 90 gm
-0.03952 0.(are touched upon.)ashow
341 90 gm
0.39764 0. 32 0.03976 0.(While this chapter is outside the core of this study, it is necessary to discuss security)awidthshow
357 90 gm
-0.05326 0.(mechanisms in some detail in order to demonstrate the implementability of the security)ashow
373 90 gm
-0.10545 0.(architecture proposed and tie this work more firmly to reality.)ashow
408 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.46440 0.(A1.1)ashow
408 135 gm
2.87292 0. 32 0.28729 0.(Data Encryption Mechanisms)awidthshow
440 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.10932 0.(An )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.10055 0.(encryption mechanism)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.08862 0.( is used to convert a cleartext message into a cryptogram, that)ashow
456 90 gm
-0.08589 0.(is into a form that is unintelligible to anyone not knowing the secret decryption method.)ashow
472 90 gm
0.42098 0. 32 0.04209 0.(An encryption mechanism is based on a )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.72311 0. 32 0.07231 0.(public algorithm)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.27633 0. 32 0.02763 0.( and at least one )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.12466 0.(key)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.52520 0. 32 0.05252 0.( whose)awidthshow
488 90 gm
-0.07919 0.(value is randomly chosen from a large set.)ashow
520 90 gm
-0.03344 0.(The need for separating the algorithm from the keys is obvious. In this way we can use)ashow
536 90 gm
-0.06976 0.(the same \(hardware or software\) implementation of a cryptosystem over and over again)ashow
552 90 gm
-0.12974 0.(with different key values. The algorithm remains the same and only a relatively compact)ashow
568 90 gm
-0.07830 0.(key value needs to be changed.)ashow
600 90 gm
0.87127 0. 32 0.08712 0.(The reason why the algorithm needs to be public is less obvious. The security of a)awidthshow
616 90 gm
-0.07745 0.(cryptographic mechanism should never be based on the secrecy of an algorithm. This is)ashow
632 90 gm
0.16464 0. 32 0.01646 0.(a generally accepted principle known as the )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.28701 0. 32 0.02870 0.(Kerckhoff's principle)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.14434 0. 32 0.01443 0.( \(named after a 19th)awidthshow
648 90 gm
-0.09048 0.(century Flemish linguist\). Only an algorithm that has been open for public criticism and)ashow
664 90 gm
1.62841 0. 32 0.16284 0.(cryptanalysis for a reasonable period of time can be trusted to be secure. Secret)awidthshow
680 90 gm
-0.10031 0.(algorithms may \(intentionally or not\) contain trapdoors and other faults.)ashow
712 90 gm
0.18661 0. 32 0.01866 0.(In fact, it can be claimed that not only the security of a cryptosystem but, in deed, the)awidthshow
728 90 gm
0.27481 0. 32 0.02748 0.(security of the entire open system should always be based on public mechanisms and)awidthshow
744 90 gm
0.12634 0. 32 0.01263 0.(secret keys. That is, everything else about a secure open system except the key values)awidthshow
F T cp
%%Page: ? 3
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(86)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.28945 0. 32 0.02894 0.(should be public and open for analysis and criticism. Not only is this the only way to)awidthshow
101 90 gm
0.41671 0. 32 0.04167 0.(gain reasonable assurance of the security of an open system but it also seems to be a)awidthshow
117 90 gm
0.02532 0. 32 0.00253 0.(prerequisite for any legislation related to data security giving the security mechanisms)awidthshow
133 90 gm
-0.06768 0.(used a legal standing \(e.g. making digital signatures binding in the court of law\).)ashow
165 90 gm
-0.06381 0.(An interesting current research area in cryptology is that of )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.06816 0.(elliptic curve cryptosystems)ashow
181 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.88470 0. 32 0.08847 0.(based on a group of points on an elliptic curve. Originally proposed in 1985 by V.)awidthshow
197 90 gm
-0.05908 0.(Miller of IBM and further developed by N. Koblitz and others, these mechanisms seem)ashow
213 90 gm
0.73776 0. 32 0.07377 0.(to promise public key cryptosystems more secure than RSA with comparable block)awidthshow
229 90 gm
0.98526 0. 32 0.09852 0.(lengths in the near future. These cryptosystems are believed to be computationally)awidthshow
245 90 gm
0.45455 0. 32 0.04545 0.(intensive but the current fast progress in VLSI technology will help in their efficient)awidthshow
261 90 gm
-0.16511 0.(implementation [BVA90].)ashow
293 90 gm
-0.04560 0.(This is not meant to be a study on new emerging cryptosystems or their principles. The)ashow
309 90 gm
0.54916 0. 32 0.05491 0.(only motivation here is to show, that we cannot expect anything of the nature of the)awidthshow
325 90 gm
-0.00997 0.(keys of possible future cryptosystems. They may, for example, be sets of data items or)ashow
341 90 gm
-0.07156 0.(functions. Therefore, it is vital that we leave enough flexibility in our current designs to)ashow
357 90 gm
0.49835 0. 32 0.04983 0.(accommodate for new cryptosystems which inevitably will emerge. In this study the)awidthshow
373 90 gm
2.07366 0. 32 0.20736 0.(word )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59904 0.(key)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.96533 0. 32 0.19653 0.( is used to denote any \(secret or public\) reasonably compact piece of)awidthshow
389 90 gm
0.46508 0. 32 0.04650 0.(information which can be presented digitally \(as a bit-string\) and used in connection)awidthshow
405 90 gm
-0.10546 0.(with a public algorithm to form a cryptographic function.)ashow
433 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.46739 0.(A1.1.1)ashow
433 135 gm
3.01208 0. 32 0.30120 0.(Symmetric Encryption Mechanisms)awidthshow
465 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.20782 0. 32 0.02078 0.(In a )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.87524 0. 32 0.08752 0.(symmetric cryptosystem)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.38146 0. 32 0.03814 0.( we have two functions )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.12524 0.(encrypt)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.22735 0. 32 0.02273 0.( and )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.12524 0.(decrypt)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.47363 0. 32 0.04736 0.(. A message)awidthshow
481 90 gm
-0.05900 0.(encrypted with key K can only be decrypted with the same key. Symmetric key crypto-)ashow
497 90 gm
0.21118 0. 32 0.02111 0.(graphy, which dates back to ancient times, was developed into exact science in Shan-)awidthshow
513 90 gm
-0.01547 0.(non's famous paper written in 1945 as a secret report and declassified and published in)ashow
529 90 gm
0.46203 0. 32 0.04620 0.(1949 [Sha49].)awidthshow
561 90 gm
0.97885 0. 32 0.09788 0.(From here on we shall use the following notation for encrypting with a symmetric)awidthshow
577 90 gm
1.16012 0. 32 0.11601 0.(cryptosystem: c = eK\(m\), where m is the )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.21817 0. 32 0.22181 0.(cleartext message)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.63537 0. 32 0.06353 0.(, K is the )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.37254 0.(key)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.71716 0. 32 0.07171 0.(, e is the)awidthshow
593 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.22888 0. 32 0.02288 0.(encrypt function)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.07156 0. 32 0.00715 0.( and c is the )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.04254 0.(cryptogram)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.14297 0. 32 0.01429 0.(. Similarly, we use the following notation for)awidthshow
609 90 gm
-0.03651 0.(decryption: m = dK\(c\), where d is the )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.03697 0.(decrypt function)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(.)show
641 90 gm
-0.01406 0.(In our notation, the key used is combined with the function rather than supplied as one)ashow
657 90 gm
-0.06442 0.(of its arguments in order to point out the fact that the public part of the function and the)ashow
673 90 gm
-0.01780 0.(key together form a unique function used for encryption or decryption. The key can be)ashow
689 90 gm
-0.05967 0.(thought of as an index choosing one of a family of functions.)ashow
F T cp
%%Page: ? 4
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(87)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
97 90 gm
1 fs
12 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.46739 0.(A1.1.2)ashow
97 135 gm
3.01956 0. 32 0.30195 0.(Asymmetric Encryption Mechanisms)awidthshow
129 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
2.57080 0. 32 0.25708 0.(The first mention of )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
4.28314 0. 32 0.42831 0.(public key cryptography)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
2.51296 0. 32 0.25129 0.( is found in [DH76]. The first)awidthshow
145 90 gm
0.57464 0. 32 0.05746 0.(implemented )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.52200 0. 32 0.05220 0.(public key cryptosystems)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.28778 0. 32 0.02877 0.( \(from here on simply )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.13482 0.(PKCs)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.35079 0. 32 0.03507 0.(\) were the Rivest-)awidthshow
161 90 gm
1.54541 0. 32 0.15454 0.(Shamir-Adleman \(RSA\) scheme, presented in [RSA78], and the Merkle-Hellman)awidthshow
177 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.37625 0. 32 0.23762 0.(trapdoor knapsacks)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.27807 0. 32 0.12780 0.(, presented in [MH78]. For an introduction to the history and)awidthshow
193 90 gm
-0.01371 0.(current status of public key cryptography see e.g. [Dif88] and [BVA90]. A short intro-)ashow
209 90 gm
-0.00244 0.(duction is also found e.g. in [Den83]. Even though the original Merkle-Hellman knap-)ashow
225 90 gm
0.11047 0. 32 0.01104 0.(sacks were soon broken, some of their improved versions are still believed to be quite)awidthshow
241 90 gm
-0.05018 0.(secure. Some improved Merkle-Hellman knapsacks are presented e.g. in [LLH89].)ashow
273 90 gm
-0.05480 0.(In a \(PKC\) the key can be divided into two parts, the )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.05799 0.(encryption key)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.05259 0.( and the )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.06585 0.(decryption)ashow
289 90 gm
(key)show
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.03005 0. 32 0.00300 0.(, in such a way that the encryption key specifies the )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.07110 0. 32 0.00711 0.(encryption transformation)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
( and)show
305 90 gm
3.58306 0. 32 0.35830 0.(the decryption key determines its left inverse mapping )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.94052 0.(decryption)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.62872 0. 32 0.16287 0.(. If it is)awidthshow
321 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.10446 0.(computationally unfeasible)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.09994 0.( \(for a more precise definition of the term see [DH79]\) to de-)ashow
337 90 gm
-0.11323 0.(termine the decryption key from the encryption key the PKC is called an )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.12828 0.(asymmetric)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.13131 0.( \(or)ashow
353 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.01359 0.(public key)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(\) )show
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.01502 0.(encryption mechanism)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.01290 0.(. If it is unfeasible to derive the encryption key from)ashow
369 90 gm
-0.09129 0.(the decryption key the PKC is called a )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.09777 0.(public key signature mechanism)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(.)show
401 90 gm
1.15539 0. 32 0.11553 0.(An asymmetric encryption mechanism provides complete confidentiality \(only the)awidthshow
417 90 gm
0.71197 0. 32 0.07119 0.(legitimate recipient in possession of the secret key can decrypt the message\) but no)awidthshow
433 90 gm
0.49011 0. 32 0.04901 0.(authentication of the sender \(anybody with access to the recipient's public key could)awidthshow
449 90 gm
-0.09573 0.(have generated the message\).)ashow
481 90 gm
0.36407 0. 32 0.03640 0.(From here on we shall use the following notation for encrypting with the public key:)awidthshow
497 90 gm
0.25863 0. 32 0.02586 0.(c = eK)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.10676 0.(P,X)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.37399 0. 32 0.03739 0.(\(m\), where m is the cleartext message, K)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.10676 0.(P,X)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.25192 0. 32 0.02519 0.( is the public key of X, e is the)awidthshow
513 90 gm
-0.06318 0.(Encrypt function, and c is the cryptogram.)ashow
545 90 gm
-0.04902 0.(The following notation is used for decrypting with the secret key: m = dK)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.05143 0.(S,X)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.05456 0.(\(c\), where)ashow
561 90 gm
-0.08010 0.(K)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.04708 0.(S,X)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.04138 0.( is the secret key of X and d is the )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.04753 0.(decrypt)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.04724 0.( function.)ashow
589 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
1.46739 0.(A1.1.3)ashow
589 135 gm
2.42599 0. 32 0.24259 0.(On the Use of Encryption Mechanisms)awidthshow
621 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.66732 0. 32 0.16673 0.(For encrypting large amounts of data symmetric cryptosystems are preferable to)awidthshow
637 90 gm
-0.04669 0.(asymmetric cryptosystems e.g. for the following reasons:)ashow
669 90 gm
0.04440 0. 32 0.00444 0.(Firstly, symmetric encryption is much more efficient than asymmetric encryption. For)awidthshow
685 90 gm
-0.10354 0.(example, both hardware and software implementations of DES are currently about 1000)ashow
701 90 gm
-0.10391 0.(times faster than corresponding RSA implementations \(with a reasonable key length\).)ashow
733 90 gm
-0.11587 0.(Secondly, when multicasting a large message it is much more efficient to use symmetric)ashow
749 90 gm
0.82870 0. 32 0.08287 0.(than asymmetric encryption. If the message is encrypted with the public key of the)awidthshow
F T cp
%%Page: ? 5
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(88)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.06204 0.(recipient, a different key has to be used for each recipient, causing the same message to)ashow
101 90 gm
0.06103 0. 32 0.00610 0.(be encrypted and transferred several times. With symmetric encryption, only the sym-)awidthshow
117 90 gm
-0.06297 0.(metric key used needs to be encrypted separately and passed to each recipient, then this)ashow
133 90 gm
-0.08229 0.(one key \(now a part of the security context associated with this message\) can be used to)ashow
149 90 gm
-0.05805 0.(encrypt \(and decrypt\) the data which is multicast to all of the recipients. This scheme is)ashow
165 90 gm
-0.06150 0.(adopted e.g. in the )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.06883 0.(Privacy Enhancement for Internet E-mail)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.07391 0.( [RFC89a,b,c].)ashow
200 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.46440 0.(A1.2)ashow
200 135 gm
3.28659 0. 32 0.32865 0.(Signature Mechanisms)awidthshow
232 90 gm
2 fs
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
-0.04476 0.(Digital signatures)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.04295 0.( can be used to realize various security functions, including )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.05015 0.(authenti-)ashow
248 90 gm
0.38711 0.(cation)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.85800 0. 32 0.08580 0.( \(both of )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.87973 0. 32 0.18797 0.(peer entity)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.72250 0. 32 0.07225 0.( and )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.97906 0. 32 0.19790 0.(data origin)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.59524 0. 32 0.05952 0.(\), )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.40261 0.(non-repudiation)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.85800 0. 32 0.08580 0.( \(both of )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.37861 0.(origin)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.21078 0. 32 0.12107 0.( and)awidthshow
264 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.02630 0.(delivery)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.02359 0.(\), and )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.02461 0.(integrity)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(.)show
296 90 gm
0.17990 0. 32 0.01799 0.(The digital signature of a message is a redundant piece of information which depends)awidthshow
312 90 gm
-0.02525 0.(on the entire contents of the message in such a way that only the party in possession of)ashow
328 90 gm
0.33020 0. 32 0.03302 0.(the secret signing function can produce it but its validity can be checked without this)awidthshow
344 90 gm
0.14724 0. 32 0.01472 0.(secret information. The signature \(when associated with the message\) proves both the)awidthshow
360 90 gm
1.50588 0. 32 0.15058 0.(origin and integrity of the message providing the function of Non-repudiation of)awidthshow
376 90 gm
-0.05403 0.(Origin.)ashow
408 90 gm
-0.05729 0.(Just like with encryption mechanisms, a good digital signature scheme has the property)ashow
424 90 gm
0.39810 0. 32 0.03981 0.(that it is based on a public algorithm and a secret key. Public information is used for)awidthshow
440 90 gm
-0.05947 0.(checking the signature. It should be computationally unfeasible to generate valid signa-)ashow
456 90 gm
-0.03312 0.(tures without knowing the secret key as well as to find two different messages with the)ashow
472 90 gm
-0.08103 0.(same signature value.)ashow
504 90 gm
-0.03419 0.(A PKC is a signature mechanism if the encryption or )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.03489 0.(signing)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.03305 0.(, as we may call it now, is)ashow
520 90 gm
1.24343 0. 32 0.12434 0.(secret and the decryption, i.e. the checking of the signature is a public algorithm.)awidthshow
536 90 gm
-0.05058 0.(When using RSA, the most straight-forward way of signing a message is to encrypt the)ashow
552 90 gm
0.79544 0. 32 0.07954 0.(whole message with the secret key of the sender. In this case we need not send the)awidthshow
568 90 gm
0.27252 0. 32 0.02725 0.(cleartext message at all. If the message has sufficient redundancy, so that a randomly)awidthshow
584 90 gm
2.18109 0. 32 0.21810 0.(chosen cryptogram does not decrypt into an acceptable cleartext message with)awidthshow
600 90 gm
0.08377 0. 32 0.00837 0.(anybody's public key, we can be confident in, and show to an impartial judge, that the)awidthshow
616 90 gm
0.05203 0. 32 0.00520 0.(message was originated by the holder of the secret key. This kind of signature scheme)awidthshow
632 90 gm
-0.00216 0.(is presented in [IS9796] )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.00239 0.(Signature Algorithm with Message Recovery)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(, which currently)show
648 90 gm
(is a DIS version.)show
680 90 gm
0.16433 0. 32 0.01643 0.(A more common practice is to send the cleartext message together with the signature.)awidthshow
696 90 gm
-0.10569 0.(This makes it possible to read the contents of the message at intermediate nodes without)ashow
712 90 gm
-0.07864 0.(having to decrypt the message.)ashow
F T cp
%%Page: ? 6
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(89)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.05676 0. 32 0.00567 0.(For performance reasons we usually encrypt a hash value based on the message rather)awidthshow
117 90 gm
0.56594 0. 32 0.05659 0.(than the whole message. The hash function used in computing the hash value has to)awidthshow
133 90 gm
1.10153 0. 32 0.11015 0.(have certain properties described more closely in e.g. [DP84]. Obviously we must)awidthshow
149 90 gm
-0.11724 0.(claim the hash function to be such, that it is computationally unfeasible to find two valid)ashow
165 90 gm
-0.09852 0.(cleartext messages with the same hash value.)ashow
197 90 gm
0.86639 0. 32 0.08663 0.(Hash functions are currently an area of very active research. A proposal for a hash)awidthshow
213 90 gm
-0.02243 0.(function which is light to compute with software is presented in [Riv90]. Among other)ashow
229 90 gm
1.30859 0. 32 0.13085 0.(recent proposals are Merkle's Snefru function and Miyaguchis's N-hash [MOI90].)awidthshow
245 90 gm
-0.04969 0.(Biham and Shamir have shown in [BS90] that it is easy to find synonyms \(i.e. different)ashow
261 90 gm
-0.02911 0.(messages with the same hash value\) for all of these three algorithms. Also in ISO stan-)ashow
277 90 gm
0.81527 0. 32 0.08152 0.(dard hash functions for digital signatures are being defined [IS10118-1,2]. [Mer89])awidthshow
293 90 gm
-0.03533 0.(discusses the use of DES in computing one-way hash functions. DES-based hash func-)ashow
309 90 gm
-0.09747 0.(tions still appear to be a safe choice for most commercial purposes.)ashow
341 90 gm
-0.07743 0.(A message is now signed in three steps:)ashow
373 90 gm
(-)show
373 126 gm
-0.10897 0.(Calculate the hash value of the message.)ashow
405 90 gm
(-)show
405 126 gm
-0.08709 0.(Encrypt the hash value with the secret key of the sender.)ashow
437 90 gm
(-)show
437 126 gm
-0.11724 0.(Attach the encrypted hash value \(signature\) to the original message.)ashow
469 90 gm
1.32797 0. 32 0.13279 0.(The notation S)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.46133 0.(X)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.04141 0. 32 0.10414 0.({m} is used in this study to mean "message m signed by X". The)awidthshow
485 90 gm
-0.09576 0.(notation does not stand for the signature but for the message together with its associated)ashow
501 90 gm
1.67633 0. 32 0.16763 0.(signature, hence the notation \(use of curly brackets instead of parentheses\). The)awidthshow
517 90 gm
0.93719 0. 32 0.09371 0.(notation S)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.27616 0.(X)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.65841 0. 32 0.06584 0.(\(m\) is used to denote the signature value of message m generated by X.)awidthshow
533 90 gm
-0.03129 0.(This practice is consistent with that adopted in e.g. [X.509].)ashow
568 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.46440 0.(A1.3)ashow
568 135 gm
3.79058 0. 32 0.37905 0.(Integrity Mechanisms)awidthshow
600 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.14221 0.(Data Integrity can be divided into two parts:)ashow
632 90 gm
(-)show
632 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.11685 0.(Message)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.07789 0.( \(or )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.09831 0.(content)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.06813 0.(\) )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.08802 0.(integrity)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.09375 0.( means that each individual message is intact \(that)ashow
648 126 gm
-0.07742 0.(is, received in exactly the same form as sent\).)ashow
680 90 gm
(-)show
680 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.18325 0. 32 0.01832 0.(Sequence integrity)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.11260 0. 32 0.01126 0.( means that the sequence of messages \(usually the sequence)awidthshow
696 126 gm
0.09078 0. 32 0.00907 0.(of messages sent across a connection during its life-time\) is intact. This means)awidthshow
712 126 gm
1.08184 0. 32 0.10818 0.(that no messages have, undetected, been omitted or duplicated and that the)awidthshow
728 126 gm
-0.05584 0.(original ordering of the messages is preserved.)ashow
F T cp
%%Page: ? 7
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(90)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.57830 0. 32 0.05783 0.(In [ISO90d] integrity mechanisms are classified as those designed to protect against)awidthshow
117 90 gm
-0.00233 0.(random modifications and those designed to protect against modifications deliberately)ashow
133 90 gm
-0.08045 0.(engineered to defeat the integrity mechanism. In this study, we shall use the terms )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.14007 0.(weak)ashow
149 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.01426 0.(and )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.01304 0.(strong integrity)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.01322 0.(, respectively, for these two cases. Data integrity in the weak sense)ashow
165 90 gm
2.08282 0. 32 0.20828 0.(of the word means detecting all incidental \(random\) changes in the data being)awidthshow
181 90 gm
0.28137 0. 32 0.02813 0.(transferred, optionally recovering from the changes, when possible, and reporting the)awidthshow
197 90 gm
0.19485 0. 32 0.01948 0.(cases where recovery is not possible. Weak integrity is normally provided at the Data)awidthshow
213 90 gm
-0.01379 0.(Link layer point-to-point \(e.g. HDLC\) and at the Transport Layer end-to-end \(e.g. ISO)ashow
229 90 gm
0.26016 0. 32 0.02601 0.(TP4\). Protocols of both of these layers are designed to detect and recover from trans-)awidthshow
245 90 gm
-0.09355 0.(mission errors \(but not planned attacks against data integrity\).)ashow
277 90 gm
1.33728 0. 32 0.13372 0.(For weak message integrity simple redundancy in the data is adequate. Usually a)awidthshow
293 90 gm
-0.03921 0.(Checksum or, preferably, a Cyclic Redundancy Check \(CRC\) is used to detect chances)ashow
309 90 gm
-0.00625 0.(in the data. In LANs a 32-bit CRC is normally used and found to be quite effective for)ashow
325 90 gm
0.30838 0. 32 0.03083 0.(this purpose.)awidthshow
357 90 gm
1.15417 0. 32 0.11541 0.(Sequence integrity is achieved by labelling the messages with a running sequence)awidthshow
373 90 gm
-0.01403 0.(number which can be used to detect omitted, duplicated, or out-of-sequence messages.)ashow
389 90 gm
-0.05258 0.(To detect messages omitted at the end of a connection, a graceful disconnect procedure)ashow
405 90 gm
0.74279 0. 32 0.07427 0.(with the negotiation of the last sequence number sent is required before closing the)awidthshow
421 90 gm
-0.06462 0.(connection.)ashow
453 90 gm
2.58117 0. 32 0.25811 0.(For purposes of error recovery, retransmission of corrupted messages is used)awidthshow
469 90 gm
0.02822 0. 32 0.00282 0.(\(Automatic Repeat Request, ARQ\). In time-critical applications or with unidirectional)awidthshow
485 90 gm
0.16586 0. 32 0.01658 0.(transmission systems, error-correcting codes, such as Hamming codes, are sometimes)awidthshow
501 90 gm
-0.00791 0.(used \(Forward Error Correction\).)ashow
533 90 gm
-0.02114 0.(Integrity in the strong sense of the word means detecting not only accidental errors but)ashow
549 90 gm
0.14282 0. 32 0.01428 0.(also those deliberately caused by an enemy by means of an active attack. Here simple)awidthshow
565 90 gm
-0.03752 0.(redundancy added to the messages with public algorithms is not sufficient to guarantee)ashow
581 90 gm
1.44836 0. 32 0.14483 0.(message integrity and the use of sequence numbers is not sufficient to guarantee)awidthshow
597 90 gm
-0.10020 0.(sequence integrity because both can easily be forged.)ashow
629 90 gm
0.29113 0. 32 0.02911 0.(In the set-up illustrated in figure 4-2, X can easily modify the data stream between A)awidthshow
645 90 gm
1.69784 0. 32 0.16978 0.(and B, without this being detected by either communicating party, if only weak)awidthshow
661 90 gm
-0.04808 0.(integrity is provided. A simple way of doing this is by letting an untrusted intermediate)ashow
677 90 gm
0.22659 0. 32 0.02265 0.(node in the network, such as a router, act as a transport layer gateway between A and)awidthshow
693 90 gm
1.06430 0. 32 0.10643 0.(B, using the standard transport protocol towards both A and B, relaying the infor-)awidthshow
709 90 gm
0.66726 0. 32 0.06672 0.(mation transferred from one connection to another, modifying the information at its)awidthshow
725 90 gm
0.40939 0. 32 0.04093 0.(will, and letting both A and B believe that they are communicating end-to-end at the)awidthshow
741 90 gm
-0.08403 0.(transport layer. The attack is illustrated in figure 4-2 below.)ashow
F T cp
%%Page: ? 8
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(91)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
1 2 lw
-0.20510 0.(Appendix)ashow
192 177 gm
(nc 88 150 226 443 6 rc)kp
0 gr
205 177 lin
1 1 lw
0 0 pen
205 177 lin
1 2 lw
1 1 pen
192 275 gm
205 275 lin
1 1 lw
0 0 pen
205 275 lin
1 2 lw
1 1 pen
192 315 gm
205 315 lin
1 1 lw
0 0 pen
205 315 lin
1 2 lw
1 1 pen
192 413 gm
205 413 lin
1 1 lw
0 0 pen
205 413 lin
1 2 lw
1 1 pen
205 177 gm
205 274 lin
1 1 lw
0 0 pen
205 274 lin
1 2 lw
1 1 pen
205 315 gm
205 412 lin
1 1 lw
0 0 pen
205 412 lin
1 2 lw
1 1 pen
122 286 gm
135 277 lin
1 1 lw
0 0 pen
135 277 lin
1 2 lw
1 1 pen
120 308 gm
133 317 lin
1 1 lw
0 0 pen
133 317 lin
64 gr
88 384 192 443 1 rc
1 2 lw
1 1 pen
0 gr
88.5 384.5 191.5 442.5 0 rc
1 1 lw
0 0 pen
133 317 lin
1 2 lw
1 1 pen
177 384 gm
177 442 lin
1 1 lw
0 0 pen
177 442 lin
1 2 lw
1 1 pen
162 384 gm
162 442 lin
1 1 lw
0 0 pen
162 442 lin
1 2 lw
1 1 pen
147 384 gm
147 442 lin
1 1 lw
0 0 pen
147 442 lin
1 2 lw
1 1 pen
132 384 gm
132 442 lin
1 1 lw
0 0 pen
132 442 lin
1 2 lw
1 1 pen
117 384 gm
117 442 lin
1 1 lw
0 0 pen
117 442 lin
1 2 lw
1 1 pen
103 384 gm
103 442 lin
1 1 lw
0 0 pen
103 442 lin
188 409 gm
0.5 0 rmoveto
1 setTxMode
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(1.)show
174 409 gm
0.5 0 rmoveto
(2.)show
159 409 gm
0.5 0 rmoveto
(3.)show
144 409 gm
0.5 0 rmoveto
(4.)show
130 409 gm
0.5 0 rmoveto
(5.)show
115 409 gm
0.5 0 rmoveto
(6.)show
100 409 gm
0.5 0 rmoveto
(7.)show
64 gr
132 252 192 341 1 rc
1 2 lw
1 1 pen
0 gr
132.5 252.5 191.5 340.5 0 rc
1 1 lw
0 0 pen
103 409 gm
103 409 lin
1 2 lw
1 1 pen
177 253 gm
177 339 lin
1 1 lw
0 0 pen
177 339 lin
1 2 lw
1 1 pen
162 253 gm
162 339 lin
1 1 lw
0 0 pen
162 339 lin
1 2 lw
1 1 pen
147 253 gm
147 339 lin
1 1 lw
0 0 pen
147 339 lin
1 2 lw
1 1 pen
132 296 gm
191 296 lin
1 1 lw
0 0 pen
191 296 lin
188 273 gm
0.5 0 rmoveto
1 setTxMode
(1.)show
174 273 gm
0.5 0 rmoveto
(2.)show
159 273 gm
0.5 0 rmoveto
(3.)show
144 273 gm
0.5 0 rmoveto
(4.)show
188 314 gm
0.5 0 rmoveto
(1.)show
174 314 gm
0.5 0 rmoveto
(2.)show
159 314 gm
0.5 0 rmoveto
(3.)show
144 314 gm
0.5 0 rmoveto
(4.)show
64 gr
88 150 192 209 1 rc
1 2 lw
1 1 pen
0 gr
88.5 150.5 191.5 208.5 0 rc
1 1 lw
0 0 pen
147 314 gm
147 314 lin
1 2 lw
1 1 pen
177 150 gm
177 208 lin
1 1 lw
0 0 pen
177 208 lin
1 2 lw
1 1 pen
162 150 gm
162 208 lin
1 1 lw
0 0 pen
162 208 lin
1 2 lw
1 1 pen
147 150 gm
147 208 lin
1 1 lw
0 0 pen
147 208 lin
1 2 lw
1 1 pen
132 150 gm
132 208 lin
1 1 lw
0 0 pen
132 208 lin
1 2 lw
1 1 pen
117 150 gm
117 208 lin
1 1 lw
0 0 pen
117 208 lin
1 2 lw
1 1 pen
103 150 gm
103 208 lin
1 1 lw
0 0 pen
103 208 lin
188 175 gm
0.5 0 rmoveto
1 setTxMode
(1.)show
174 175 gm
0.5 0 rmoveto
(2.)show
159 175 gm
0.5 0 rmoveto
(3.)show
144 175 gm
0.5 0 rmoveto
(4.)show
130 175 gm
0.5 0 rmoveto
(5.)show
115 175 gm
0.5 0 rmoveto
(6.)show
100 175 gm
0.5 0 rmoveto
(7.)show
0 gr
134 202 146 214 340 380 1 ar
134 246 146 258 160 200 1 ar
1 1 pen
140 247 gm
140 213 lin
148 202 160 214 340 380 1 ar
148 246 160 258 160 200 1 ar
154 247 gm
154 213 lin
163 202 175 214 340 380 1 ar
163 246 175 258 160 200 1 ar
169 247 gm
169 213 lin
177 202 189 214 340 380 1 ar
177 246 189 258 160 200 1 ar
183 247 gm
183 213 lin
134 334 146 346 340 380 1 ar
134 378 146 390 160 200 1 ar
140 379 gm
140 345 lin
148 334 160 346 340 380 1 ar
148 378 160 390 160 200 1 ar
154 379 gm
154 345 lin
163 334 175 346 340 380 1 ar
163 378 175 390 160 200 1 ar
169 379 gm
169 345 lin
177 334 189 346 340 380 1 ar
177 378 189 390 160 200 1 ar
183 379 gm
183 345 lin
64 gr
95 278 127 315 1 ov
1 2 lw
0 gr
95.5 278.5 126.5 314.5 0 ov
1 1 lw
0 0 pen
183 345 lin
223 291 gm
0.16845 0 rmoveto
1 setTxMode
(X)show
223 175 gm
(A)show
223 408 gm
(B)show
1 2 lw
1 1 pen
205 177 gm
0 gr
205 177 lin
1 1 lw
0 0 pen
205 177 lin
1 2 lw
1 1 pen
205 315 gm
205 315 lin
1 1 lw
0 0 pen
205 315 lin
115 282 gm
1 setTxMode
-0.24760 0.(Relay)ashow
1 1 pen
255 90 gm
(nc 30 28 811 566 6 rc)kp
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.17942 0.(Figure A1-2:)ashow
255 162 gm
-0.18113 0.(Attack against a weak integrity mechanism at the transport layer.)ashow
287 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.09994 0. 32 0.00999 0.(Strong Integrity can be efficiently achieved by using the orthogonal function of )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.02929 0.(confi-)ashow
303 90 gm
-0.00573 0.(dentiality)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.00610 0.( in combination with a )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.00660 0.(weak integrity mechanism)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.00579 0.(. If the confidentiality func-)ashow
319 90 gm
0.02059 0. 32 0.00205 0.(tion is placed below the weak integrity mechanism in the OSI Protocol Stack, then the)awidthshow
335 90 gm
-0.08499 0.(result is strong integrity. This result can be justified with the following reasoning:)ashow
367 90 gm
(-)show
367 126 gm
1.13037 0. 32 0.11303 0.(Assuming that the encryption mechanism is an acceptable one and that the)awidthshow
383 126 gm
2.01400 0. 32 0.20140 0.(enemy does not possess the key used, it is impossible for the enemy to)awidthshow
399 126 gm
0.85845 0. 32 0.08584 0.(determine anything of the contents of the cleartext message by studying the)awidthshow
415 126 gm
1.24603 0. 32 0.12460 0.(cryptogram. It is equally impossible for him to generate a cryptogram that)awidthshow
431 126 gm
-0.10171 0.(would decrypt into anything but a random cleartext message.)ashow
463 90 gm
(-)show
463 126 gm
0.87783 0. 32 0.08778 0.(Therefore, from the weak integrity mechanism's point-of-view, any changes)awidthshow
479 126 gm
0.35171 0. 32 0.03517 0.(introduced by the enemy to the stream of cryptograms are seen as completely)awidthshow
495 126 gm
-0.04226 0.(random changes in the stream of cleartext messages. But these random changes)ashow
511 126 gm
-0.10169 0.(are just what the weak integrity mechanism was designed to protect against.)ashow
543 90 gm
-0.05715 0.(It must be noted that there are a number of requirements for an "acceptable" encryption)ashow
559 90 gm
1.73736 0. 32 0.17373 0.(mechanism and weak integrity mechanism as well as for their combination. For)awidthshow
575 90 gm
0.83236 0. 32 0.08323 0.(example, when a block cipher \(with the ECB mode of operation\) is used, the weak)awidthshow
591 90 gm
1.06628 0. 32 0.10662 0.(integrity mechanism must be able to detect errors in the ordering of the encrypted)awidthshow
607 90 gm
0.11218 0.(blocks.)ashow
639 90 gm
1.32232 0. 32 0.13223 0.(If, for example, all TPDUs of TP4 are encrypted, then the Integrity Check Value)awidthshow
655 90 gm
1.14166 0. 32 0.11416 0.(carried by each TPDU is also encrypted and the TPDUs, including their sequence)awidthshow
671 90 gm
-0.02662 0.(numbers, cannot be modified by the enemy without this being detected. This makes all)ashow
687 90 gm
0.77346 0. 32 0.07734 0.(attempts to modify the content of individual messages or the sequence of messages)awidthshow
703 90 gm
-0.11415 0.(rather random and enables the normal functions of TP4 to detect \(and attempt to recover)ashow
719 90 gm
-0.07794 0.(from\) these modifications.)ashow
F T cp
%%Page: ? 9
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(92)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.49423 0. 32 0.04942 0.(The situation is clarified in figure 4-3 below. In case a\) TP4 is run on top of a noisy)awidthshow
117 90 gm
0.41503 0. 32 0.04150 0.(channel. This results in reliable transfer on the transport connection between the two)awidthshow
133 90 gm
0.39077 0. 32 0.03907 0.(Transport Service Access Points. In case b\) the channel is not only noisy but hostile,)awidthshow
149 90 gm
-0.04476 0.(meaning that it causes planned non-random changes in the data stream transferred \(e.g.)ashow
165 90 gm
0.06805 0. 32 0.00680 0.(the situation depicted in figure 4-2\). This results in unreliable transfer on the transport)awidthshow
181 90 gm
0.99761 0. 32 0.09976 0.(connection. If end-to-end encryption is introduced below the transport protocol, as)awidthshow
197 90 gm
-0.00581 0.(depicted in case c\), all changes caused to the data stream by enemies not in possession)ashow
213 90 gm
0.63430 0. 32 0.06343 0.(of the encryption key are random and result in the illusion of a noisy channel at the)awidthshow
229 90 gm
0.15640 0. 32 0.01564 0.(interface between the encryption layer and the actual transport layer. This reduces the)awidthshow
245 90 gm
1.93237 0. 32 0.19323 0.(situation to that of case a\) resulting, again, in reliable transfer on the transport)awidthshow
261 90 gm
-0.06462 0.(connection.)ashow
0 0 gm
(nc 270 133 575 461 6 rc)kp
64 gr
270 133 575 461 1 rc
486 180 524 227 1 rc
1 2 lw
0 gr
486.5 180.5 523.5 226.5 0 rc
1 1 lw
0 0 pen
498 145 gm
498 145 lin
504 193 gm
1 setTxMode
bu fc
2 F /|______Times-Roman fnt
bn
(TP4)show
64 gr
486 330 524 377 1 rc
1 2 lw
1 1 pen
0 gr
486.5 330.5 523.5 376.5 0 rc
1 1 lw
0 0 pen
507 193 gm
507 193 lin
504 343 gm
1 setTxMode
(TP4)show
0 gr
494 220 506 232 340 380 1 ar
494 324 506 336 160 200 1 ar
1 1 pen
500 325 gm
500 231 lin
471 241 gm
1 setTxMode
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.47445 0.(reliable)ashow
471 278 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.07907 0.( transfer)ashow
1 2 lw
486 203 gm
0 gr
471 236 lin
1 1 lw
0 0 pen
471 236 lin
1 2 lw
1 1 pen
486 358 gm
471 325 lin
1 1 lw
0 0 pen
471 325 lin
64 gr
392 180 430 227 1 rc
1 2 lw
1 1 pen
0 gr
392.5 180.5 429.5 226.5 0 rc
1 1 lw
0 0 pen
471 325 lin
410 193 gm
1 setTxMode
(TP4)show
64 gr
392 330 430 377 1 rc
1 2 lw
1 1 pen
0 gr
392.5 330.5 429.5 376.5 0 rc
1 1 lw
0 0 pen
413 193 gm
413 193 lin
410 343 gm
1 setTxMode
(TP4)show
0 gr
400 220 412 232 340 380 1 ar
400 324 412 336 160 200 1 ar
1 1 pen
406 325 gm
406 231 lin
377 234 gm
1 setTxMode
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.36901 0.(unreliable)ashow
377 283 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.07907 0.( transfer)ashow
1 2 lw
392 203 gm
0 gr
378 231 lin
1 1 lw
0 0 pen
378 231 lin
1 2 lw
1 1 pen
392 358 gm
378 330 lin
1 1 lw
0 0 pen
378 330 lin
64 gr
298 180 336 227 1 rc
1 2 lw
1 1 pen
0 gr
298.5 180.5 335.5 226.5 0 rc
1 1 lw
0 0 pen
378 330 lin
316 193 gm
1 setTxMode
(TP4)show
64 gr
298 330 336 377 1 rc
1 2 lw
1 1 pen
0 gr
298.5 330.5 335.5 376.5 0 rc
1 1 lw
0 0 pen
319 193 gm
319 193 lin
316 343 gm
1 setTxMode
(TP4)show
64 gr
326 180 355 377 1 rc
1 2 lw
1 1 pen
0 gr
326.5 180.5 354.5 376.5 0 rc
1 1 lw
0 0 pen
319 343 gm
319 343 lin
345 241 gm
1 setTxMode
-0.32612 0.(a )ashow
345 249 gm
0.33642 0 rmoveto
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
(noisy)show
345 274 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.18753 0.( channel)ashow
0 gr
306 220 318 232 340 380 1 ar
306 324 318 336 160 200 1 ar
1 1 pen
312 325 gm
312 231 lin
284 241 gm
1 setTxMode
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.47445 0.(reliable)ashow
284 278 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.07907 0.( transfer)ashow
64 gr
420 180 449 377 1 rc
1 2 lw
0 gr
420.5 180.5 448.5 376.5 0 rc
1 1 lw
0 0 pen
287 241 gm
287 241 lin
438 238 gm
1 setTxMode
(a)show
438 243 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.14219 0.( hostile)ashow
438 277 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.18753 0.( channel)ashow
64 gr
514 180 571 377 1 rc
1 2 lw
1 1 pen
0 gr
514.5 180.5 570.5 376.5 0 rc
1 1 lw
0 0 pen
441 238 gm
441 238 lin
560 238 gm
1 setTxMode
(a)show
560 243 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.14219 0.( hostile)ashow
560 277 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.18753 0.( channel)ashow
1 2 lw
1 1 pen
542 376 gm
0 gr
542 180 lin
1 1 lw
0 0 pen
542 180 lin
532 225 gm
1 setTxMode
-0.11433 0.(end-to-end encryption)ashow
1 2 lw
1 1 pen
298 203 gm
0 gr
284 236 lin
1 1 lw
0 0 pen
284 236 lin
1 2 lw
1 1 pen
298 358 gm
284 325 lin
1 1 lw
0 0 pen
284 325 lin
1 2 lw
1 1 pen
514 170 gm
514 395 lin
1 1 lw
0 0 pen
514 395 lin
457 385 gm
1 setTxMode
-0.32612 0.(a )ashow
457 393 gm
0.33642 0 rmoveto
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
(noisy)show
457 418 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.18753 0.( channel)ashow
469 389 gm
-0.07482 0.(as seen by the)ashow
481 387 gm
-0.11618 0.(transport layer)ashow
0 gr
503 375 515 387 305 345 1 ar
1 1 pen
486 414 gm
506 385 lin
307 145 gm
1 setTxMode
-0.31938 0.(a\))ashow
401 145 gm
0.00341 0 rmoveto
(b\))show
495 145 gm
-0.31938 0.(c\))ashow
594 90 gm
(nc 30 28 811 566 6 rc)kp
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.17942 0.(Figure A1-3:)ashow
594 162 gm
-0.08070 0.(Weak integrity combined with encryption produces strong integrity.)ashow
626 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.42480 0. 32 0.04248 0.(In order to prove the reasoning presented above for a given transport protocol \320 data)awidthshow
642 90 gm
0.48995 0. 32 0.04899 0.(encryption scheme pair, detailed requirements of the transport protocol \(e.g. TP4\) to)awidthshow
658 90 gm
1.08459 0. 32 0.10845 0.(the underlying "channel" \(network service\) in order to guarantee reliable transport)awidthshow
674 90 gm
-0.02169 0.(service must first be stated. Then it must be shown, that the hostile channel augmented)ashow
690 90 gm
1.63772 0. 32 0.16377 0.(with the proposed encryption scheme \(e.g. DES\) does fulfill these requirements.)awidthshow
706 90 gm
-0.07800 0.(Because the purpose of this work is to create an architectural framework, not to analyze)ashow
722 90 gm
0.38436 0. 32 0.03843 0.(the properties of individual cryptosystems \(such as DES\) or protocols \(such as TP4\),)awidthshow
738 90 gm
-0.08317 0.(the detailed analysis is left for further study.)ashow
F T cp
%%Page: ? 10
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(93)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.09506 0.(This revelation gives us one more criterion for placing the functions and mechanisms of)ashow
117 90 gm
-0.01000 0.(Integrity and Confidentiality in the layers of OSI. To avoid unnecessary duplication of)ashow
133 90 gm
0.25421 0. 32 0.02542 0.(functionality, it usually seems to be a good idea to place a confidentiality mechanism)awidthshow
149 90 gm
0.30593 0. 32 0.03059 0.(somewhere below an existing weak integrity mechanism and get strong integrity as a)awidthshow
165 90 gm
-0.04714 0.(by-product of these two mechanisms.)ashow
197 90 gm
1.11511 0. 32 0.11151 0.(S. Walker proposes, in [Wal89], that EESP-like protocols should be placed )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.40463 0.(above)ashow
213 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.04141 0. 32 0.10414 0.(rather than below the normal transport protocol in order to minimize the overhead)awidthshow
229 90 gm
0.08316 0. 32 0.00831 0.(caused by encryption and decryption in case of error recovery at the transport layer. It)awidthshow
245 90 gm
1.26174 0. 32 0.12617 0.(is my belief that efficiency under normal operation is by far more important than)awidthshow
261 90 gm
-0.04951 0.(efficiency in the rather rare case of retransmission at the transport layer. Obviously this)ashow
277 90 gm
-0.07482 0.(also depends on the quality of the underlying network service.)ashow
309 90 gm
0.70312 0. 32 0.07031 0.(We can determine that, with some restrictions, a reliable )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.10839 0. 32 0.11083 0.(weak integrity mechanism)awidthshow
325 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.03276 0.(when used on top of a reliable )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.03475 0.(confidentiality mechanism)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.03392 0.( provides us with the function)ashow
341 90 gm
-0.04440 0.(of )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.04763 0.(strong integrity)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.05302 0.(. The problem of which encryption mechanisms are "acceptable" and)ashow
357 90 gm
0.40832 0. 32 0.04083 0.(which weak integrity mechanisms they should be combined with in order to produce)awidthshow
373 90 gm
1.01699 0. 32 0.10169 0.(strong integrity is a current research topic of cryptography. One basic requirement)awidthshow
389 90 gm
-0.04968 0.(appears to be that the integrity check value employed by the weak integrity mechanism)ashow
405 90 gm
0.59371 0. 32 0.05937 0.(should be non-linear. It is generally known that block cipher with the OFB mode of)awidthshow
421 90 gm
0.23559 0. 32 0.02355 0.(operation together with linear redundancy in the cleartext message \(for example DES)awidthshow
437 90 gm
1.62796 0. 32 0.16279 0.(with the OFB mode of operation in connection with Hamming coding\) does not)awidthshow
453 90 gm
0.85540 0. 32 0.08554 0.(produce strong integrity. Integrity mechanisms are also being standardized by ISO.)awidthshow
469 90 gm
-0.07653 0.([IS9797] is an example of a standardized strong integrity mechanism which is currently)ashow
485 90 gm
-0.01829 0.(a draft proposal.)ashow
520 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.46440 0.(A1.4)ashow
520 135 gm
0.58303 0.(Authentication)ashow
552 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.13381 0.(Authentication is divided into two classes:)ashow
582 90 gm
(-)show
582 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.06201 0.(Weak)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.07446 0. 32 0.00744 0.( \(or )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.04859 0.(simple)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.05432 0. 32 0.00543 0.(\) )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.04609 0.(authentication)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.16662 0. 32 0.01666 0.(, where a password but no encryption may \(or)awidthshow
598 126 gm
-0.03167 0.(may not\) be used, and)ashow
628 90 gm
(-)show
628 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.09930 0.(Strong authentication)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.10009 0.(, based on cryptographic techniques.)ashow
660 90 gm
-0.09841 0.(Weak authentication offers no protection \(if not even passwords are used\) or inadequate)ashow
676 90 gm
0.90515 0. 32 0.09051 0.(protection against malicious attacks. Weak authentication is currently used in most)awidthshow
692 90 gm
0.85632 0. 32 0.08563 0.(systems \(e.g. practically all operating systems\) but, even with passwords, it is very)awidthshow
708 90 gm
1.46118 0. 32 0.14611 0.(vulnerable to replay. In strong authentication, the user \(or service\) can prove his)awidthshow
724 90 gm
0.44723 0. 32 0.04472 0.(identity without revealing his secret piece of information. The need to authenticate a)awidthshow
740 90 gm
0.26611 0. 32 0.02661 0.(user without him having to reveal his secret authentication information is pointed out)awidthshow
F T cp
%%Page: ? 11
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(94)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.03698 0. 32 0.10369 0.(e.g. in [Sim89] where a simple identity verification scheme is presented providing)awidthshow
101 90 gm
-0.12077 0.(unforgeable transaction receipts for later arbitration.)ashow
133 90 gm
0.83709 0. 32 0.08370 0.(A requirement for any type of trust in a verifier by a claimant should not be a pre-)awidthshow
149 90 gm
0.35415 0. 32 0.03541 0.(requisite for the correct operation of any authentication mechanism. If passwords are)awidthshow
165 90 gm
0.23605 0. 32 0.02360 0.(used, then the claimant always has to trust the verifier not to keep and reuse his pass-)awidthshow
181 90 gm
0.55084 0. 32 0.05508 0.(word to impersonate as him to another entity [IS10181-2]. This observation alone is)awidthshow
197 90 gm
1.21841 0. 32 0.12184 0.(sufficient for ruling out the use of passwords as an acceptable general solution to)awidthshow
213 90 gm
0.18020 0. 32 0.01802 0.(authentication. It has also been shown \(e.g. in [MT79]\) that password-based authenti-)awidthshow
229 90 gm
0.38619 0. 32 0.03861 0.(cation schemes can never be made completely reliable. Therefore, in this study, only)awidthshow
245 90 gm
0.97412 0. 32 0.09741 0.(strong authentication is discussed, since weak authentication clearly does not offer)awidthshow
261 90 gm
-0.06187 0.(adequate security for our needs.)ashow
293 90 gm
0.78323 0. 32 0.07832 0.(Strong authentication can be based on symmetric or public key cryptography. With)awidthshow
309 90 gm
1.80572 0. 32 0.18057 0.(symmetric cryptosystems a mutually agreed-upon pairwise key belonging to the)awidthshow
325 90 gm
-0.00544 0.(appropriate security context is needed for authentication between any pair of parties A)ashow
341 90 gm
0.58944 0. 32 0.05894 0.(and B. Therefore, with n communicating parties n\(n-1\)/2 keys are needed. For large)awidthshow
357 90 gm
0.37261 0. 32 0.03726 0.(values of n this is clearly impractical. The number of keys required is too large to be)awidthshow
373 90 gm
0.56472 0. 32 0.05647 0.(securely generated, transferred and stored, every party having to be in possession of)awidthshow
389 90 gm
0.10009 0. 32 0.01000 0.(n-1 pairwise keys.)awidthshow
421 90 gm
1.14791 0. 32 0.11479 0.(Public key signature mechanisms have several advantages over symmetric crypto-)awidthshow
437 90 gm
-0.10406 0.(systems when used for authentication. Key management is greatly simplified by the fact)ashow
453 90 gm
-0.05963 0.(that only public keys of the key pairs need to be shared and only one key pair is needed)ashow
469 90 gm
1.36840 0. 32 0.13684 0.(for each party. Also, since the secret key is only known to one party, public key)awidthshow
485 90 gm
-0.05345 0.(signatures can be used for non-repudiation.)ashow
517 90 gm
-0.05096 0.(Even though symmetric encryption schemes can be used for authentication they cannot)ashow
533 90 gm
1.71157 0. 32 0.17115 0.(easily be used for the stronger service of non-repudiation. Because a symmetric)awidthshow
549 90 gm
0.17532 0. 32 0.01753 0.(communication key always has to be shared by at least two parties, it is impossible to)awidthshow
565 90 gm
0.07690 0. 32 0.00769 0.(prove to an impartial judge the origin of a message signed with an algorithm based on)awidthshow
581 90 gm
0.05096 0. 32 0.00509 0.(symmetric encryption without relying on a trusted server of some kind, such as an on-)awidthshow
597 90 gm
0.80780 0. 32 0.08078 0.(line notary. If A produces a message signed with a pairwise key between A and B,)awidthshow
613 90 gm
-0.02217 0.(claiming that this message was created by B, B can always claim that the message was)ashow
629 90 gm
-0.01399 0.(forged by A, A also being in possession of the same key. In a case such as this, only A)ashow
645 90 gm
0.99975 0. 32 0.09997 0.(and B know the truth but neither can convince the judge. Some signature schemes)awidthshow
661 90 gm
0.02426 0. 32 0.00242 0.(based on symmetric encryption are presented in e.g. [Akl83] and [Dav83] but they are)awidthshow
677 90 gm
0.19409 0. 32 0.01940 0.(rather artificial \(i.e. they "consume" keys when used\) and not very well suited for our)awidthshow
693 90 gm
0.16831 0.(purposes.)ashow
725 90 gm
0.04470 0. 32 0.00447 0.(From the authentication point-of-view we simply need a trusted certification authority)awidthshow
741 90 gm
0.13290 0. 32 0.01329 0.(whose certificates can be used to verify the integrity of other parties' public keys. The)awidthshow
757 90 gm
1.31469 0. 32 0.13146 0.(way in which these certificates are distributed is a management issue. The X.500)awidthshow
F T cp
%%Page: ? 12
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(95)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.07148 0.(Directory Service \(more precisely X.509\) provides us with a natural means of distribut-)ashow
101 90 gm
-0.09136 0.(ing these certificates. It is worth pointing out \(again\) that the directory itself need not be)ashow
117 90 gm
-0.02574 0.(trusted, we only need to trust our CA.)ashow
149 90 gm
1 fs
bu fc
2 F /|______Times-Bold fnt
bn
3.75076 0. 32 0.37507 0.(Authentication Protocols)awidthshow
181 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.34323 0. 32 0.13432 0.(Authentication protocols have been widely studied \(see e.g. [NS78, DS81, NS87,)awidthshow
197 90 gm
0.68344 0. 32 0.06834 0.(DH79, Moo88, IM90]\). Often the need for three-way handshake for reliable mutual)awidthshow
213 90 gm
0.39199 0. 32 0.03919 0.(authentication has been pointed out. The main motivation for a three-way handshake)awidthshow
229 90 gm
-0.12200 0.(mechanism is the need for each party to challenge the other.)ashow
261 90 gm
0.00579 0. 32 0.00057 0.(The mechanisms included in the ACSE Security Addendum can be used to implement)awidthshow
277 90 gm
-0.05516 0.(the authentication procedure describe above. This arrangement allows the client \(initia-)ashow
293 90 gm
-0.09490 0.(tor\) to challenge the server \(responder\) by having him increment the time stamp by one.)ashow
309 90 gm
0.36270 0. 32 0.03627 0.(However, the server does not get to challenge the client. This is usually considered a)awidthshow
325 90 gm
1.00296 0. 32 0.10029 0.(shortcoming in ACSE's authentication mechanism, since three-way handshake was)awidthshow
341 90 gm
-0.05455 0.(ruled out of ACSE in ISO.)ashow
373 90 gm
-0.03663 0.(The idea of exchanging challenges is that in this way each party can make sure that the)ashow
389 90 gm
0.21133 0. 32 0.02113 0.(authentication message received from the other party was not a replay. However, it is)awidthshow
405 90 gm
0.96511 0. 32 0.09651 0.(not the exchange of challenges per se but rather the )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.29397 0.(freshness)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.80932 0. 32 0.08093 0.( of the tokens that is)awidthshow
421 90 gm
0.06484 0. 32 0.00648 0.(required. With the freshness of a token we mean that it was generated for this purpose)awidthshow
437 90 gm
0.35385 0. 32 0.03538 0.(and has not been used before. It is shown below that two-way handshake is adequate)awidthshow
453 90 gm
0.71273 0. 32 0.07127 0.(for reliable mutual authentication when used with a time stamping mechanism. The)awidthshow
469 90 gm
1.03500 0. 32 0.10350 0.(principles presented here are nowadays widely known and accepted, the interested)awidthshow
485 90 gm
0.60455 0. 32 0.06045 0.(reader is referred to e.g. [IS9798-1,2,3] and [IS9799]. However, a brief summary of)awidthshow
501 90 gm
-0.08940 0.(the principles of authentication based on a two-way handshake protocol is given here.)ashow
533 90 gm
-0.18051 0.(Assume that:)ashow
565 90 gm
(1\))show
565 126 gm
1.88140 0. 32 0.18814 0.(Each authentication message from A to B includes S)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.69905 0.(A)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.74758 0. 32 0.17475 0.({A, B, t} \(sender,)awidthshow
581 126 gm
-0.07624 0.(recipient and time stamp, signed by the sender\).)ashow
613 90 gm
(2\))show
613 126 gm
-0.03977 0.(B is responsible for storing all authentication messages still valid \(those, whose)ashow
629 126 gm
-0.13871 0.(time stamps have not yet expired\) and detecting attempted replay.)ashow
661 90 gm
(3\))show
661 126 gm
0.57510 0. 32 0.05751 0.(The signature scheme is reliable \(only A can produce an acceptable message)awidthshow
677 126 gm
(signed by A\).)show
709 90 gm
-0.10723 0.(Conclusion: two-way authentication is adequate, because:)ashow
741 90 gm
(1\))show
741 126 gm
-0.09230 0.(Message S)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.11610 0.(A)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.07629 0.({A, B, t} is only accepted by B \(the indicated recipient\).)ashow
F T cp
%%Page: ? 13
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(96)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(2\))show
101 126 gm
0.29571 0. 32 0.02957 0.(It is only accepted if it is fresh \(generated by A for this purpose\), i.e. the time)awidthshow
117 126 gm
-0.09771 0.(stamp is still valid and B has not received the same message before.)ashow
149 90 gm
(3\))show
149 126 gm
-0.00833 0.(B knows that the message was )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.00808 0.(for him)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(, )show
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.00889 0.(from A)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.00758 0.( wishing to authenticate )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
(now)show
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(.)show
181 90 gm
(4\))show
181 126 gm
1.31057 0. 32 0.13105 0.(Likewise, A knows that the response from B: S)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.48149 0.(B)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.04339 0. 32 0.10433 0.({A, B, t+1} was )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.48620 0. 32 0.14862 0.(for him)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
197 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.00973 0.(from B)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.00828 0.( and a reply to his request.)ashow
229 90 gm
-0.05552 0.(The fields for sender and recipient \(A and B\) included in the signed portion prevent the)ashow
245 90 gm
-0.07077 0.(use of a captured message anywhere except between A and B. The time stamp values \(t)ashow
261 90 gm
0.46981 0. 32 0.04698 0.(and t+1, where the time unit is the resolution of the time stamp used, i.e. one "tick"\))awidthshow
277 90 gm
-0.01464 0.(link the two authentication messages together and, when combined with the obligation)ashow
293 90 gm
-0.02931 0.(of B to detect replay, make up for the lack of challenges chosen by A and B. The order)ashow
309 90 gm
0.09658 0. 32 0.00965 0.(of A and B \(not implied with this notation\) prevents the use of a response as a request)awidthshow
325 90 gm
1.99432 0. 32 0.19943 0.(later. These conditions appear to be sufficient for the conclusion that A and B)awidthshow
341 90 gm
-0.13340 0.(unquestionably have mutually authenticated.)ashow
373 90 gm
2.40737 0. 32 0.24073 0.(These conditions are thought to be sufficient but not necessarily minimal. As)awidthshow
389 90 gm
0.04013 0. 32 0.00401 0.(demonstrated by the error in X.509 [BAN89, IM90] the strive towards minimality can)awidthshow
405 90 gm
0.54931 0. 32 0.05493 0.(be dangerous, and it is by no means very useful. The conditions stated above are, in)awidthshow
421 90 gm
-0.08447 0.(any case, reasonable and can be fulfilled without excessive over-head.)ashow
453 90 gm
-0.09193 0.(In case public key signature mechanisms are used for purposes of authentication \(which)ashow
469 90 gm
0.20675 0. 32 0.02067 0.(most often is the case\), it is necessary to include the recipient in the signed portion of)awidthshow
485 90 gm
-0.03683 0.(the message to avoid the same message being used for another purpose later \(referring,)ashow
501 90 gm
0.07354 0. 32 0.00735 0.(again, e.g. to the X.509 attack in [BAN89]\). However, if symmetric cryptosystem and)awidthshow
517 90 gm
0.46524 0. 32 0.04652 0.(pairwise keys are used for authentication, it is possible to do without the Sender and)awidthshow
533 90 gm
2.13180 0. 32 0.21318 0.(Recipient fields in the signed portion of the message. That is because a given)awidthshow
549 90 gm
0.00793 0. 32 0.00079 0.(authentication key is only valid between a certain pair of communicating parties \(such)awidthshow
565 90 gm
-0.06015 0.(as A and B\) and replay is impossible outside this Security Context. Here too, it must be)ashow
581 90 gm
0.37948 0. 32 0.03794 0.(assured that a reply cannot be used as a request later. With public key cryptosystems)awidthshow
597 90 gm
0.24703 0. 32 0.02470 0.(authentication message originally sent from A to B could later be used by B trying to)awidthshow
613 90 gm
0.57907 0. 32 0.05790 0.(impersonate as A to C if the recipient was not included. The necessity of the sender)awidthshow
629 90 gm
-0.08021 0.(field can always be argued, it is included mainly for consistency.)ashow
661 90 gm
-0.06800 0.(The only question left open is whether, after the authentication exchange, both A and B)ashow
677 90 gm
0.47088 0. 32 0.04708 0.(know that a connection has been opened and a session key \(completing the common)awidthshow
693 90 gm
1.46636 0. 32 0.14663 0.(Security Context\) has been agreed upon. Obviously, after two-way handshake, B)awidthshow
709 90 gm
1.59347 0. 32 0.15934 0.(cannot know that A has received and accepted his last message. The problem is)awidthshow
725 90 gm
0.09643 0. 32 0.00964 0.(analogous to that found in establishing a transport connection. Also the solution is the)awidthshow
741 90 gm
0.08671 0.(same.)ashow
F T cp
%%Page: ? 14
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(97)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.71990 0. 32 0.07199 0.(We can require that A sends the first \(encrypted\) message on the newly established)awidthshow
117 90 gm
2.30224 0. 32 0.23022 0.(connection as soon as it receives the response from B. Authentication is only)awidthshow
133 90 gm
1.56051 0. 32 0.15605 0.(considered completed after one more message is passed from A to B. This third)awidthshow
149 90 gm
-0.07752 0.(message, after the two previously mentioned authentication messages, concludes a kind)ashow
165 90 gm
-0.02915 0.(of three-way handshake. If B does not receive this message within a reasonable time, a)ashow
181 90 gm
-0.10180 0.(time-out occurs and the connection is aborted.)ashow
213 90 gm
-0.01802 0.(A more formal proof of the adequacy of this two-way authentication protocol could be)ashow
229 90 gm
0.56167 0. 32 0.05616 0.(given by using the "Logic for Authentication" presented in [BAN89]. However, this)awidthshow
245 90 gm
0.19622 0. 32 0.01962 0.(logic is still at its early stage \(as pointed out e.g. in [Nes90]\) and does not \(yet\) fulfill)awidthshow
261 90 gm
0.72250 0. 32 0.07225 0.(the requirements for a serious mathematical formalism. Substantial extension to the)awidthshow
277 90 gm
0.79315 0. 32 0.07931 0.(BAN logic are proposed in [GNY90]. It is also used in [CG90] to analyze a secure)awidthshow
293 90 gm
-0.06996 0.(multi-party session protocol. While it is evident that this kind of formalism is needed in)ashow
309 90 gm
0.54016 0. 32 0.05401 0.(developing and analyzing security protocols, a ready-to-use formalism does not cur-)awidthshow
325 90 gm
-0.02960 0.(rently exist and developing one is a major undertaking and clearly beyond the scope of)ashow
341 90 gm
0.33203 0. 32 0.03320 0.(this study.)awidthshow
373 90 gm
-0.08543 0.(The authentication function per se does not protect against an untrusted party within the)ashow
389 90 gm
-0.02117 0.(network intercepting the connection later, after authentication, and impersonating as A)ashow
405 90 gm
1.99813 0. 32 0.19981 0.(to B and vice versa. However, if a pairwise symmetric session key is securely)awidthshow
421 90 gm
-0.10386 0.(exchanged between A and B during the authentication exchange and used in subsequent)ashow
437 90 gm
0.74310 0. 32 0.07431 0.(communication, e.g. in the way presented in figure 4-3, this threat can be protected)awidthshow
453 90 gm
-0.06283 0.(against \(an authentication protocol that enables us to securely exchange secret informa-)ashow
469 90 gm
-0.12071 0.(tion in connection with the authentication exchange is called a )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.13029 0.(subliminal channel)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.13359 0.(\). This)ashow
485 90 gm
0.97579 0. 32 0.09757 0.(session key can be generated by either of the communicating parties alone or both)awidthshow
501 90 gm
-0.03923 0.(together.)ashow
533 90 gm
-0.13354 0.(The communicating parties can authenticate each other \(both at the end system level and)ashow
549 90 gm
-0.03253 0.(at the user level\) in the following manner. The process is initiated by user U logging in)ashow
565 90 gm
-0.00596 0.(a service. The initial log-in is omitted in the following description, which concentrates)ashow
581 90 gm
-0.11079 0.(on the security related aspects of the communications sequence.)ashow
613 90 gm
1.16363 0. 32 0.11636 0.(The application entity A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.38786 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.86898 0. 32 0.08689 0.( serving user U forms token T)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.43518 0. 32 0.04351 0.(U )awidthshow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.20391 0. 32 0.12039 0.(= {U,A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.38786 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.28654 0.(,S,A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.29867 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.42471 0. 32 0.14247 0.(,TD} and)awidthshow
629 90 gm
0.83877 0. 32 0.08387 0.(signs it with its public key. If authentication of the user is required, the message is)awidthshow
645 90 gm
-0.01884 0.(handed over to be signed by U. A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(U)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01803 0.( then sends the signed token over to A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01826 0.(. A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.02027 0.( \(and S\))ashow
661 90 gm
0.02700 0. 32 0.00270 0.(can now authenticate both U and A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(U)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.02502 0. 32 0.00250 0.( by checking that the signatures are intact and the)awidthshow
677 90 gm
-0.06031 0.(time stamp is valid. This procedure can be performed without U giving its secret key to)ashow
693 90 gm
-0.12226 0.(A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.10189 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.06784 0.( or vice versa.)ashow
725 90 gm
-0.09477 0.(In a similar fashion, the server S and its application entity A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.11502 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.10235 0.( can identify themselves to)ashow
741 90 gm
0.13092 0. 32 0.01309 0.(U and A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.06278 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.15228 0. 32 0.01522 0.( without trusting each other with their secret keys. This makes it possible to)awidthshow
757 90 gm
-0.06315 0.(use, for example, a smart card for authentication of the user.)ashow
F T cp
%%Page: ? 15
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(98)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
0 0 gm
(nc 99 132 273 460 6 rc)kp
64 gr
193 167 250 253 1 rc
0 gr
193.5 167.5 249.5 252.5 0 rc
64 gr
102 190 143 230 1 ov
0 gr
102.5 190.5 142.5 229.5 0 ov
122.5 198.5 133.5 221.5 0 90 0 ar
122.5 198.5 133.5 223.5 90 180 0 ar
nc ct 39 0 put
116 210 gm
pt
127 207 pl
127 212 pl
116 210 pl
ef
eu
(nc 99 132 273 460 6 rc)kp
64 gr
116 215 120 219 1 ov
0 gr
116.5 215.5 119.5 218.5 0 ov
64 gr
116 201 120 205 1 ov
0 gr
116.5 201.5 119.5 204.5 0 ov
64 gr
193 317 250 403 1 rc
0 gr
193.5 317.5 249.5 402.5 0 rc
64 gr
107 132 137 174 1 rc
2 2 pen
0 gr
108 133 136 173 0 rc
0 0 pen
120 148 132 164 0 rc
129 149 gm
0.36083 0 rmoveto
1 setTxMode
bu fc
2 F /|______Times-Roman fnt
bn
(S,U)show
(nc 99 132 273 358 6 rc)kp
0 gr
114 139 126 148 0 rc
123 140 gm
0.16845 0 rmoveto
1 setTxMode
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(K)show
(nc 99 132 273 421 6 rc)kp
0 gr
253 202 265 211 0 rc
262 203 gm
1 setTxMode
(A)show
(nc 99 132 273 460 6 rc)kp
0 gr
260 212 272 220 0 rc
269 213 gm
1 setTxMode
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(U)show
64 gr
197 172 228 213 1 rc
2 2 pen
0 gr
198 173 227 212 0 rc
0 0 pen
211 185 223 201 0 rc
220 186 gm
0.36083 0 rmoveto
1 setTxMode
(S,A)show
(nc 99 132 273 395 6 rc)kp
0 gr
202 176 214 185 0 rc
211 177 gm
0.16845 0 rmoveto
1 setTxMode
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(K)show
(nc 99 132 273 420 6 rc)kp
0 gr
215 203 226 210 0 rc
223 204 gm
1 setTxMode
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(U)show
(nc 99 132 273 460 6 rc)kp
0 gr
113 241 125 250 0 rc
122 242 gm
0.16845 0 rmoveto
1 setTxMode
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(U)show
64 gr
99 317 145 403 1 ov
1 1 pen
0 gr
99.5 317.5 144.5 402.5 0 ov
0 0 pen
(nc 99 155 273 460 6 rc)kp
116 355 128 364 0 rc
125 357 gm
0.16455 0 rmoveto
1 setTxMode
(S)show
(nc 99 132 273 460 6 rc)kp
64 gr
107 418 137 460 1 rc
2 2 pen
0 gr
108 419 136 459 0 rc
0 0 pen
120 435 132 449 0 rc
129 436 gm
0.69091 0 rmoveto
1 setTxMode
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S,S)show
(nc 99 225 273 460 6 rc)kp
0 gr
114 425 126 434 0 rc
123 426 gm
0.16845 0 rmoveto
1 setTxMode
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(K)show
(nc 99 132 273 460 6 rc)kp
64 gr
197 323 228 364 1 rc
2 2 pen
0 gr
198 324 227 363 0 rc
0 0 pen
211 336 223 352 0 rc
220 337 gm
0.36083 0 rmoveto
1 setTxMode
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S,A)show
0 gr
202 327 214 336 0 rc
211 328 gm
0.16845 0 rmoveto
1 setTxMode
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(K)show
(nc 99 155 273 460 6 rc)kp
0 gr
215 355 226 361 0 rc
223 356 gm
1 setTxMode
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S)show
(nc 99 150 273 460 6 rc)kp
0 gr
252 350 264 359 0 rc
261 351 gm
1 setTxMode
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(A)show
(nc 99 132 273 460 6 rc)kp
0 gr
259 360 271 366 0 rc
268 361 gm
0.22045 0 rmoveto
1 setTxMode
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S)show
1 1 pen
122 173 gm
0 gr
122 190 lin
122 419 gm
122 402 lin
0 0 pen
(nc 99 132 273 409 6 rc)kp
158 190 170 199 0 rc
167 191 gm
1 setTxMode
-0.32759 0.(1\))ashow
(nc 99 132 273 419 6 rc)kp
0 gr
158 200 170 209 0 rc
167 201 gm
1 setTxMode
-0.32759 0.(2\))ashow
(nc 99 132 273 460 6 rc)kp
0 gr
202 283 214 292 0 rc
211 284 gm
1 setTxMode
-0.32759 0.(3\))ashow
0 gr
231 284 243 293 0 rc
240 285 gm
1 setTxMode
-0.32759 0.(6\))ashow
(nc 99 147 273 460 6 rc)kp
0 gr
164 347 176 356 0 rc
173 348 gm
1 setTxMode
-0.32759 0.(4\))ashow
(nc 99 166 273 460 6 rc)kp
0 gr
164 366 176 375 0 rc
173 367 gm
1 setTxMode
-0.32759 0.(5\))ashow
(nc 99 132 273 460 6 rc)kp
0 gr
181 197 205 221 250 290 1 ar
1 1 pen
142 209 gm
182 209 lin
129 187 153 211 70 110 1 ar
152 199 gm
192 199 lin
182 352 206 376 250 290 1 ar
144 364 gm
183 364 lin
131 345 155 369 70 110 1 ar
154 357 gm
193 357 lin
205 305 229 329 160 200 1 ar
217 306 gm
217 252 lin
215 240 239 264 340 380 1 ar
227 317 gm
227 263 lin
130 207 154 231 70 110 1 ar
153 219 gm
193 219 lin
0 0 pen
(nc 99 132 273 429 6 rc)kp
158 210 170 219 0 rc
167 211 gm
1 setTxMode
-0.32759 0.(7\))ashow
1 1 pen
305 90 gm
(nc 30 28 811 566 6 rc)kp
2 fs
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
-0.26438 0.(Figure 4-4:)ashow
305 162 gm
-0.06840 0.(Strong two-way authentication.)ashow
337 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.07252 0.(Strong two-way authentication goes as follows:)ashow
369 90 gm
(A)show
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(U)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.00440 0.( generates token T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(U)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(={U,A)show
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(U)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(,S,A)show
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.00451 0.(,TD}, where TD is a time stamp, and passes it on)ashow
385 90 gm
-0.08279 0.(to U:)ashow
417 90 gm
(1\))show
417 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.05273 0.(T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
(U)show
449 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.02697 0.(U signs T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(U)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.02389 0.( \(with its secret key K)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.02650 0.(S,U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.02673 0.(\) and responds with:)ashow
481 90 gm
(2\))show
481 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.53823 0.(S)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.64761 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.51446 0.({T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.64761 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
(})show
512 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.12068 0.(A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.10057 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.06347 0.( co-signs the result \(with its secret key K)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.07095 0.(S,A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.09051 0.(U)ashow
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.07012 0.(\) and sends the signed message over to)ashow
529 90 gm
-0.27442 0.(A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.17610 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(:)show
560 90 gm
(3\))show
560 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.65533 0.(S)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.66717 0.(A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.70965 0.(U)ashow
0 -3 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.58973 0.({S)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.78849 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.62637 0.({T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.78849 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
1.04827 0.(}})ashow
593 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.64785 0.(A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.41572 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.22940 0. 32 0.12294 0.( checks the signature of A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.53987 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.38671 0. 32 0.13867 0.(, thereby verifying its identity. A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.41572 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.25686 0. 32 0.12568 0.( also checks the)awidthshow
609 90 gm
0.36422 0. 32 0.03642 0.(freshness of T)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.14755 0. 32 0.01475 0.(U )awidthshow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.26992 0. 32 0.02699 0.(by checking that the time stamp TD is still valid and \(if it is\) that the)awidthshow
625 90 gm
5.50720 0. 32 0.55072 0.(same token has not been received before. A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.63880 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
6.18820 0. 32 0.61882 0.( now generates token:)awidthshow
641 90 gm
(T)show
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(={S,A)show
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(,U,A)show
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(U)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.01983 0. 32 0.00198 0.(,TD+1} and passes it on to S together with T)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(U)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.01892 0. 32 0.00189 0.( signed by U:)awidthshow
673 90 gm
(4\))show
673 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.73077 0.({T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.98022 0. 32 0.09802 0.(S, )awidthshow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.76455 0.(S)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.91992 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.73077 0.({T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.91992 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
1.22299 0.(}})ashow
705 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.23910 0. 32 0.02391 0.(S checks the signature of U, signs T)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.08160 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.21240 0. 32 0.02124 0.( \(with its secret key K)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.06663 0.(S,S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.22247 0. 32 0.02224 0.(\). S can also generate a)awidthshow
721 90 gm
0.61431 0. 32 0.06143 0.(pair-wise fresh session key, encrypt it with the secret key of U, and include it in T)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S)show
737 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
2.13043 0. 32 0.21304 0.(before signing, yielding: T)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.52752 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.58570 0.(={S,A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.52752 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.55337 0.(,U,A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.68505 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.57826 0.(,TD+1,eK)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.48327 0.(P,U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.60050 0.(\(K)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.65901 0.(AB)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.72103 0. 32 0.17210 0.(\)}, as described in)awidthshow
753 90 gm
0.04470 0. 32 0.00447 0.(appendix 3. S now responds with:)awidthshow
F T cp
%%Page: ? 16
op
30 28 xl
1 1 pen
45 291 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(99)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(5\))show
101 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.06567 0.(S)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.88806 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
1.01858 0.({T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.88806 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
(})show
132 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.05604 0.(A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.02947 0.( co-signs the result \(with its secret key K)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.03294 0.(S,A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S)show
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.03257 0.(\) and sends the signed message over to)ashow
149 90 gm
-0.54830 0.(A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.45692 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(:)show
180 90 gm
(6\))show
180 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.07995 0.(S)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
1.09947 0.(A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.80996 0.(S)ashow
0 -3 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.97186 0.({S)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.89996 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
1.03224 0.({T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.89996 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
1.72750 0.(}})ashow
213 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.13059 0.(A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.10884 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.24780 0. 32 0.02478 0.( checks the signature of A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.08380 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.27954 0. 32 0.02795 0.(, thereby verifying its identity. A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.10884 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.24276 0. 32 0.02427 0.( also checks that the)awidthshow
229 90 gm
2.59506 0. 32 0.25950 0.(value of the time stamp in T)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.93833 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
2.53616 0. 32 0.25361 0.( is TD+1 \(where TD is the time stamp of the)awidthshow
245 90 gm
-0.12130 0.(corresponding T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.16633 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.10803 0.(\) and that the time stamp is still valid \(not too much time has elapsed\).)ashow
261 90 gm
-0.13391 0.(A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.11158 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.07469 0.( then passes T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.08592 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.07293 0.( signed by S on to U for it to check the signature:)ashow
293 90 gm
(7\))show
293 126 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.06567 0.(S)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.88806 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
1.01858 0.({T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.88806 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
(})show
325 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.83404 0. 32 0.08340 0.(U checks the signature of S completing the authentication cycle. If T)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.25158 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.85769 0. 32 0.08576 0.( includes the)awidthshow
341 90 gm
-0.01602 0.(encrypted pair-wise session key eK)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(P,U)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(\(K)show
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(AB)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01553 0.(\), U recovers the key by decrypting it with)ashow
357 90 gm
0.07415 0. 32 0.00741 0.(its secret key K)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.02339 0.(S,U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(.)show
389 90 gm
1.50588 0. 32 0.15058 0.(Confidential encrypted information can be included in the signed portions of the)awidthshow
405 90 gm
0.10086 0. 32 0.01008 0.(authentication messages. One way of doing this is by using a PKC and the key pair of)awidthshow
421 90 gm
0.33340 0. 32 0.03334 0.(U \(the calling party\) in message 6\), as describe above and in appendix 3. In this case)awidthshow
437 90 gm
0.05157 0. 32 0.00515 0.(the pairwise session key is generated by the service, which usually is a good approach)awidthshow
453 90 gm
-0.04214 0.(when using a smart card with limited memory and processing capacity for user authen-)ashow
469 90 gm
-0.12351 0.(tication.)ashow
501 90 gm
0.13473 0. 32 0.01347 0.(It is also possible to have the calling party U generate the session key. In this case the)awidthshow
517 90 gm
-0.01774 0.(PKC key pair of S \(the called party\) is used in message 3\). In message 6\) either a PKC)ashow
533 90 gm
0.77377 0. 32 0.07737 0.(and the key pair of U or a symmetric cryptosystem and the session key included in)awidthshow
549 90 gm
-0.10192 0.(message 3\) can be used for confidentiality. The latter approach has two benefits:)ashow
581 90 gm
(-)show
581 126 gm
0.07369 0. 32 0.00736 0.(By using the pairwise key included in message 3\) S acknowledges this session)awidthshow
597 126 gm
-0.04118 0.(key and U can now be sure that S agrees on the use of this key.)ashow
629 90 gm
(-)show
629 126 gm
-0.04225 0.(Using a symmetric cryptosystem is computationally more efficient than using a)ashow
645 126 gm
0.55406 0.(PKC.)ashow
677 90 gm
2.44018 0. 32 0.24401 0.(If a fresh, pairwise session key is securely exchanged in connection with the)awidthshow
693 90 gm
-0.04515 0.(authentication procedure, we can be confident that only the two mutually authenticated)ashow
709 90 gm
1.66519 0. 32 0.16651 0.(parties are in possession of this key. This key can then be used for purposes of)awidthshow
725 90 gm
-0.03230 0.(continued authentication, integrity and confidentiality over this session, e.g. in the way)ashow
741 90 gm
-0.07824 0.(illustrated in figure 4-3.)ashow
F T cp
%%Page: ? 17
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(100)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.30532 0. 32 0.03053 0.(Two considerations regarding the exchange of a fresh session key in connection with)awidthshow
117 90 gm
-0.14486 0.(the authentication exchange are worth pointing out:)ashow
149 90 gm
(-)show
149 126 gm
-0.00306 0.(The session key must be signed by the sender, that is it must be included in the)ashow
165 126 gm
-0.09957 0.(portion of the message affecting the value of the signature.)ashow
197 90 gm
(-)show
197 126 gm
0.03814 0. 32 0.00381 0.(Even though the session key is always sent in an encrypted form, the signature)awidthshow
213 126 gm
-0.05836 0.(function should preferably be performed before the encryption, because signing)ashow
229 126 gm
0.18005 0. 32 0.01800 0.(encrypted data is always considered a bad practise as shown e.g. in [MWR89])awidthshow
245 126 gm
0.59280 0. 32 0.05928 0.(or [IS9798-3].)awidthshow
277 90 gm
-0.11557 0.(The authentication protocol described above can be realized by using a symmetric block)ashow
293 90 gm
-0.05990 0.(cipher \(such as DES\) and a PKC \(such as RSA\) in the following way:)ashow
325 90 gm
(-)show
325 126 gm
0.07400 0. 32 0.00740 0.(The symmetric cryptosystem is used to calculate the hash function h \(e.g. with)awidthshow
341 126 gm
-0.08198 0.(Cipher Block Chaining mode of operation\).)ashow
373 90 gm
(-)show
373 126 gm
0.54183 0. 32 0.05418 0.(The PKC is used for encrypting and decrypting the hash values. For this, the)awidthshow
389 126 gm
-0.10452 0.(encryption key is kept secret while the decryption key is made public.)ashow
421 90 gm
1.00997 0. 32 0.10099 0.(The application entity A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.33663 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.76812 0. 32 0.07681 0.( serving User U forms token T)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.37765 0. 32 0.03776 0.(U )awidthshow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.04492 0. 32 0.10449 0.(= {U,A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.33663 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.24870 0.(,S,A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.25923 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.23657 0. 32 0.12365 0.(,TD} and)awidthshow
437 90 gm
0.26260 0. 32 0.02626 0.(signs it. A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.11996 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.25650 0. 32 0.02565 0.( then sends the signed token to A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.09237 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.18737 0. 32 0.01873 0.(. A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.09237 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.27084 0. 32 0.02708 0.( and S can now authenticate U and)awidthshow
453 90 gm
-0.06398 0.(A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.05331 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.03613 0.(, respectively, by checking that both of the signatures match and the time stamp TD)ashow
469 90 gm
-0.00117 0.(is valid. Mutual authentication is achieved by having A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
( and S perform the symmetric)show
485 90 gm
-0.03480 0.(operation.)ashow
517 90 gm
-0.07931 0.(Mutual strong two-way authentication now proceeds as follows \(see also figure 4-3\):)ashow
549 90 gm
(A)show
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(U)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.00912 0.( generates token T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(U )show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01112 0.(= {U,A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(U)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(,S,A)show
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.00935 0.(,TD} and passes it on to U:)ashow
581 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
(1\))show
581 126 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.27671 0.(T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(U)show
613 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.58203 0. 32 0.15820 0.(U signs T)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.70985 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.84783 0. 32 0.18478 0.(, by calculating h\(T)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.70985 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.63818 0. 32 0.16381 0.(\), encrypting this with its secret key K)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.50076 0.(S,U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.63833 0. 32 0.16383 0.(, and)awidthshow
629 90 gm
-0.08056 0.(appending this signature to T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.12051 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.07882 0.(, and returns the signed token to A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.09280 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(:)show
661 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
(2\))show
661 126 gm
0.34757 0.({T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.56961 0. 32 0.05696 0.(U, )awidthshow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.40396 0.(eK)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.29736 0.(S,U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.31300 0.(\(h\(T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.43754 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.38745 0.(\)\)})ashow
692 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.53509 0.(A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.44590 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.06231 0. 32 0.10623 0.( co-signs T)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.44590 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.97427 0. 32 0.09742 0.( by encrypting the signature of U with its secret key K)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.31457 0.(S,A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.40132 0.(U)ashow
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.71258 0. 32 0.07125 0.(: X)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.50033 0. 32 0.05003 0.(U )awidthshow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(=)show
708 90 gm
(eK)show
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01678 0.(S,A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(U)show
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01976 0.(\(eK)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01678 0.(S,U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01756 0.(\(h\(T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(U)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01548 0.(\)\)\) and sends this signature X)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(U)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01550 0.(, together with T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(U)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01538 0.(, over to A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S.)show
741 90 gm
2 fs
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
(3\))show
741 126 gm
0.66130 0.({T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
1.08383 0. 32 0.10838 0.(U, )awidthshow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.84523 0.(X)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.83245 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
(})show
F T cp
%%Page: ? 18
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(101)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(A)show
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.01937 0. 32 0.00193 0.( decrypts the signature with the public key of A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(U)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.01998 0. 32 0.00199 0.( recovering the signature of U. A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S)show
117 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.06172 0.(also checks the freshness of T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.09307 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.06076 0.( by checking that the time stamp TD is still valid and \(if)ashow
133 90 gm
0.10421 0. 32 0.01042 0.(it is\) that the same token has not been received before.  A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.12390 0. 32 0.01239 0.( now generates token: T)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.04547 0. 32 0.00454 0.(S )awidthshow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(=)show
149 90 gm
-0.02316 0.({S,A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.02243 0.(,U,A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(U)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01879 0.(,TD+1} and passes it on to S together with T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(U)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01889 0.( and the signature of U:)ashow
181 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
(4\))show
181 126 gm
0.49827 0.({T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.66833 0. 32 0.06683 0.(S, )awidthshow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.57958 0.(T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.81665 0. 32 0.08166 0.(U, )awidthshow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.60835 0.(dK)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.45838 0.(P,U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.49191 0.(\(X)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.62722 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.76388 0.(\)})ashow
213 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.80078 0. 32 0.08007 0.(S checks the signature of U by decrypting dK)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.23133 0.(P,U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.28746 0.(\(X)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.32794 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.65277 0. 32 0.06527 0.(\) with the secret key of U and)awidthshow
229 90 gm
0.55541 0. 32 0.05554 0.(comparing the result with h\(T)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.19309 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.37414 0. 32 0.03741 0.(\). S now signs T)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.14869 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.49957 0. 32 0.04995 0.( by encrypting h\(T)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.14869 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.42816 0. 32 0.04281 0.(\) with its secret)awidthshow
245 90 gm
1.74011 0. 32 0.17401 0.(key K)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.40873 0.(S,S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.54205 0. 32 0.15420 0.(, appends this signature to T)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.50054 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.42456 0. 32 0.14245 0.(, and passes the signed token back to A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.72566 0.(S.)ashow
261 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.15136 0. 32 0.01513 0.(Optionally S can generate a pair-wise session key K)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.05509 0.(AB)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.12817 0. 32 0.01281 0.(, encrypt it with the public key)awidthshow
277 90 gm
0.06500 0. 32 0.00650 0.(of U, and append it to T)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.07644 0. 32 0.00764 0.( before signing \(this seems to be one of the rare cases, where)awidthshow
293 90 gm
-0.02676 0.(signing encrypted data is justified\). This means substituting T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.02876 0.( with {T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.03222 0.(,eK)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.02899 0.(P,U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.03602 0.(\(K)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.03953 0.(AB)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.05551 0.(\)})ashow
309 90 gm
-0.11553 0.(in the message below \(the optional part is denoted with angle brackets\):)ashow
341 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
(5\))show
341 126 gm
0.42945 0.({{T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.39596 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
1.26693 0. 32 0.12669 0.( [,eK)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.41781 0.(P,U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.47505 0.(\(K)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.48374 0.(AB)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.35528 0.(\)]})ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.33004 0. 32 0.03300 0.(, )awidthshow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.52783 0.(eK)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.32997 0.(S,S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.42492 0.({h\(T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.49499 0. 32 0.04949 0.(S )awidthshow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.41571 0.([,eK)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.41781 0.(P,U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.47505 0.(\(K)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.48374 0.(AB)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.44053 0.(\)]\)}})ashow
372 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.13919 0.(A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.08932 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.27633 0. 32 0.02763 0.( co-signs T)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.08932 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.29510 0. 32 0.02951 0.( by encrypting eK)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.07293 0.(S,S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.09272 0.(\(h{T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.08932 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.08428 0.([,eK)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.08183 0.(P,U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.10168 0.(\(K)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.11158 0.(AB)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.25238 0. 32 0.02523 0.(\)]}\) with its secret key K)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.08183 0.(S,A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.08038 0.(S)ashow
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(:)show
388 90 gm
0.77806 0.(X)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.49928 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.62141 0.(=eK)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.45739 0.(S,A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.44935 0.(S)ashow
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.53836 0.(\(eK)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.40769 0.(S,S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.51829 0.(\(h{T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.49928 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.47113 0.([,eK)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.45739 0.(P,U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.56835 0.(\(K)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.62371 0.(AB)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.71630 0. 32 0.17163 0.(\)]}\)\) and sends the resulting signature X)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.49928 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
405 90 gm
-0.08383 0.(together with T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.09449 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.07929 0.(, over to A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.12271 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(:)show
437 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
(6\))show
437 126 gm
0.54298 0.({{T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.50064 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
1.60186 0. 32 0.16018 0.( [,eK)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.52825 0.(P,U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.60063 0.(\(K)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.61163 0.(AB)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.44920 0.(\)]})ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.41717 0. 32 0.04171 0.(, )awidthshow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.73394 0.(X)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.50064 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
(})show
469 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.73126 0.(A)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.60939 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.38763 0. 32 0.13876 0.( checks the signature of A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.46925 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.50817 0. 32 0.15081 0.(, by decrypting X)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.46925 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.19140 0. 32 0.11914 0.( with the public key of A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.46925 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.31988 0. 32 0.13198 0.( and)awidthshow
485 90 gm
0.74066 0. 32 0.07406 0.(recovering the signature of S: eK)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.17558 0.(S,S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.22322 0.(\(h{T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.21502 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.20291 0.([,eK)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.19699 0.(P,U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.24478 0.(\(K)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.26863 0.(AB)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.73730 0. 32 0.07373 0.(\)]}\). A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.21502 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.62286 0. 32 0.06228 0.( also checks that the)awidthshow
501 90 gm
0.22628 0. 32 0.02262 0.(value of time stamp in T)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.07914 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.24444 0. 32 0.02444 0.( is TD+1 \(where TD is the time stamp of the corresponding)awidthshow
517 90 gm
0.39146 0.(T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.38554 0.(U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.82901 0. 32 0.08290 0.(\) and that the time stamp is still valid \(not too much time has elapsed\). A)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.29689 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.97213 0. 32 0.09721 0.( now)awidthshow
533 90 gm
2.36282 0. 32 0.23628 0.(passes T)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.57688 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
2.02941 0. 32 0.20294 0.( \(together with the optional encrypted pair-wise session key\) and the)awidthshow
549 90 gm
-0.04823 0.(signature of S  and on to U:)ashow
580 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
(7\))show
580 126 gm
0.49838 0.({{T)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.45951 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
1.47033 0. 32 0.14703 0.( [,eK)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.48487 0.(P,U)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.55128 0.(\(K)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.56138 0.(AB)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.41230 0.(\)]})ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.38299 0. 32 0.03829 0.(, )awidthshow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.64350 0.(dK)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.45083 0.(P,A)ashow
0 1 rm
9 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.41357 0.(S)ashow
0 -3 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.52032 0.(\(X)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.45951 0.(S)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Italic fnt
bn
0.80801 0.(\)})ashow
613 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.03297 0.(U checks the signature of S by decrypting it with the public key of S and verifying that)ashow
628 90 gm
(h\(T)show
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
([,eK)show
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(P,U)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(\(K)show
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(AB)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(\)]\) = dK)show
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(P,S)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(\(dK)show
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(P,A)show
0 1 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S)show
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(\(X)show
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.01312 0. 32 0.00131 0.(\)\), completing the authentication cycle.)awidthshow
661 90 gm
0.92880 0. 32 0.09288 0.(The key exchange scheme presented here is by no means the only possible way of)awidthshow
677 90 gm
0.28427 0. 32 0.02842 0.(securely exchanging a fresh, pair-wise session key in connection with the authentica-)awidthshow
693 90 gm
0.07461 0. 32 0.00746 0.(tion exchange. It is, for example, possible to have U \(instead of S\) generate the key or)awidthshow
709 90 gm
-0.11662 0.(exchange the key on application \(rather than user\) level.)ashow
741 90 gm
0.45333 0. 32 0.04533 0.(However, the scheme presented here appears to be well suited for user identification)awidthshow
757 90 gm
0.12969 0. 32 0.01296 0.(based on a smart card. Here the burden of key generation is left entirely to the service)awidthshow
F T cp
%%Page: ? 19
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(102)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
85 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.68634 0. 32 0.06863 0.(which has better facilities for this purpose. Also, if the smart card has an integrated)awidthshow
101 90 gm
-0.06227 0.(symmetric encryption mechanism, the key can easily be loaded onto the smart card and)ashow
117 90 gm
-0.13189 0.(decrypted there without it ever leaving the card in clear-text form.)ashow
152 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.46440 0.(A1.5)ashow
152 135 gm
4.92645 0. 32 0.49264 0.(Zero-Knowledge Techniques)awidthshow
184 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.20477 0. 32 0.02047 0.(A rapidly growing area is that of zero-knowledge techniques. In these techniques, the)awidthshow
200 90 gm
0.46264 0. 32 0.04626 0.(secret authentication information of each party plays very much the same role as the)awidthshow
216 90 gm
0.46752 0. 32 0.04675 0.(secret key in PKCs but it cannot be used for data encryption, only for authentication)awidthshow
232 90 gm
0.54077 0. 32 0.05407 0.(\(and possibly digital signatures\). In some zero-knowledge schemes, unlike in PKCs,)awidthshow
248 90 gm
-0.01866 0.(the "public key" needed to verify an entity can be the same for all entities belonging to)ashow
264 90 gm
0.21881 0. 32 0.02188 0.(the domain of the same CA. Another typical characteristic of current zero-knowledge)awidthshow
280 90 gm
-0.06907 0.(schemes is, that they often use several iteration cycles of challenges and replies to them)ashow
296 90 gm
-0.13037 0.(to achieve the required level of confidence in the identity of the other party.)ashow
328 90 gm
-0.00985 0.(A class of authentication schemes, where the the )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.01072 0.(claimant)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.00962 0.( can prove his identity to the)ashow
344 90 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.05819 0.(verifier)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.06253 0.( without revealing a single bit of his secret authentication information, is known)ashow
360 90 gm
0.52108 0. 32 0.05210 0.(as Zero-knowledge techniques. Perhaps the nicest property of Zero-knowledge tech-)awidthshow
376 90 gm
-0.08149 0.(niques is that they eliminate the need to periodically change the authentication informa-)ashow
392 90 gm
0.50140 0. 32 0.05014 0.(tion in order to protect against cryptanalysis, because the verifier \(or a casual eaves-)awidthshow
408 90 gm
0.30624 0. 32 0.03062 0.(dropper\) cannot learn anything in the process that would help him masquerade as the)awidthshow
424 90 gm
0.56991 0. 32 0.05699 0.(claimant later. The first zero-knowledge technique was proposed by Shamir in 1984)awidthshow
440 90 gm
-0.01034 0.([Sha85]. Another important scheme is presented in [FFS88]. [QG90] gives an easy-to-)ashow
456 90 gm
-0.07946 0.(read introduction to zero-knowledge protocols.)ashow
488 90 gm
0.72402 0. 32 0.07240 0.(In [IS10181-2] zero-knowledge techniques are \(falsely\) defined as a class of proce-)awidthshow
504 90 gm
0.73974 0. 32 0.07397 0.(dures adequate for authentication of single principal or for signature, using a single)awidthshow
520 90 gm
-0.03172 0.(value of verification authentication information for a set of principals. This property of)ashow
536 90 gm
-0.11325 0.(zero-knowledge techniques makes key distribution much easier than with authentication)ashow
552 90 gm
1.36962 0. 32 0.13696 0.(based on PKCs, where a separate piece of verification authentication information)awidthshow
568 90 gm
0.04135 0. 32 0.00413 0.(\(namely the public key\) is needed for each principal. Unfortunately, this nice property)awidthshow
584 90 gm
-0.05990 0.(is not shared by all zero-knowledge schemes.)ashow
616 90 gm
2.10449 0. 32 0.21044 0.(Zero-knowledge techniques can be used for purposes of authentication or non-)awidthshow
632 90 gm
0.39291 0. 32 0.03929 0.(repudiation but usually not for data encryption. Zero-knowledge techniques are most)awidthshow
648 90 gm
0.41107 0. 32 0.04110 0.(often computationally less complex than PKCs which makes them attractive for user)awidthshow
664 90 gm
0.92697 0. 32 0.09269 0.(authentication with a smart card. Typical properties of zero-knowledge techniques,)awidthshow
680 90 gm
-0.05963 0.(according to [FP90], are the following:)ashow
712 90 gm
(-)show
712 126 gm
0.31280 0. 32 0.03128 0.(The security level of the verifier depends on the number of iteration cycles of)awidthshow
728 126 gm
-0.07223 0.(the basic protocol.)ashow
F T cp
%%Page: ? 20
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(103)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(-)show
101 126 gm
-0.13825 0.(The claimant protects his secret key by giving the verifier at every iteration cycle)ashow
117 126 gm
-0.09788 0.(access only to a randomly selected part of the key.)ashow
149 90 gm
(-)show
149 126 gm
-0.10104 0.(One-way functions are used to minimize information flow.)ashow
181 90 gm
(-)show
181 126 gm
1.31072 0. 32 0.13107 0.(The verifier does not learn anything during the authentication process that)awidthshow
197 126 gm
-0.13650 0.(would enable him to impersonate as the claimant later.)ashow
229 90 gm
1.41967 0. 32 0.14196 0.(Some existing zero-knowledge techniques make key management very simple by)awidthshow
245 90 gm
-0.06924 0.(completely abolishing the need for user-dependent public keys. The draw-back of these)ashow
261 90 gm
1.53747 0. 32 0.15374 0.(techniques \(in comparison with PKCs\) is, that they require the secret keys to be)awidthshow
277 90 gm
0.10742 0. 32 0.01074 0.(generated by a trusted third party \(the CA\) and they cannot be used for data confiden-)awidthshow
293 90 gm
-0.13693 0.(tiality. An example of such an authentication technique is the Fiat-Shamir technique first)ashow
309 90 gm
0.06759 0. 32 0.00675 0.(presented in 1986 [FS87].)awidthshow
344 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.46440 0.(A1.6)ashow
344 135 gm
3.60122 0. 32 0.36012 0.(Physical Mechanisms)awidthshow
376 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.10911 0.(In the case of cryptography, the physical mechanisms at the bottom of the hierarchy that)ashow
392 90 gm
0.10864 0. 32 0.01086 0.(are needed to actually perform the cryptographic functions employed can be pieces of)awidthshow
408 90 gm
-0.04708 0.(software \(running on a piece of hardware\) or hardware.)ashow
440 90 gm
0.05523 0. 32 0.00552 0.(Usually the two lowest layers of OSI are implemented in hardware \(the Physical layer)awidthshow
456 90 gm
0.56671 0. 32 0.05667 0.(and the Medium Access Control sublayer of the Data Link layer\) whereas the upper)awidthshow
472 90 gm
2.09548 0. 32 0.20954 0.(layers \(from the Logical Link Control sublayer of the Data Link layer up\) are)awidthshow
488 90 gm
-0.04151 0.(implemented in software. However, dedicated hardware can be used at any layer of the)ashow
504 90 gm
-0.07040 0.(OSI model to perform computation-intensive functions, such as cryptography.)ashow
536 90 gm
0.40237 0. 32 0.04023 0.(The physical mechanisms used have an impact on the over-all security of the system)awidthshow
552 90 gm
-0.00195 0.(because an implementation of an open system cannot be more secure than the weakest)ashow
568 90 gm
1.42364 0. 32 0.14236 0.(physical mechanism, or the weakest path between these mechanisms, used in the)awidthshow
584 90 gm
1.68960 0. 32 0.16896 0.(trusted parts of the system. A more detailed analysis of the security of physical)awidthshow
600 90 gm
0.24749 0. 32 0.02474 0.(mechanisms falls in the area of local systems security and is beyond the scope of this)awidthshow
616 90 gm
0.19984 0.(study.)ashow
648 90 gm
0.58395 0. 32 0.05839 0.(With the transmission speeds offered by current data networks, the efficiency of the)awidthshow
664 90 gm
0.66421 0. 32 0.06642 0.(physical mechanisms used can become a major issue of systems design. The choice)awidthshow
680 90 gm
-0.00595 0.(between various physical mechanisms is a trade-off between economy, flexibility, and)ashow
696 90 gm
0.17227 0. 32 0.01722 0.(performance. Therefore, different solutions will be used in different applications. The)awidthshow
712 90 gm
-0.03321 0.(choice of these mechanisms does usually not affect the external behavior of the system)ashow
728 90 gm
-0.08319 0.(except performance-wise.)ashow
F T cp
%%Page: ? 21
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(104)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.52291 0. 32 0.05229 0.(However, new portable trusted pieces of software open up new opportunities for the)awidthshow
117 90 gm
0.07400 0. 32 0.00740 0.(application of secure open systems. The smart card, or its less compact calculator-like)awidthshow
133 90 gm
0.72662 0. 32 0.07266 0.(version with an integrated keyboard and display, is the only reliable way for strong)awidthshow
149 90 gm
-0.08973 0.(authentication of the user. There is a very large potential for the use of such devices.)ashow
F T cp
%%Page: ? 22
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(105)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
110 90 gm
1 fs
18 fz
bu fc
2 F /|______Times-Bold fnt
bn
2.00527 0.(A2)ashow
110 135 gm
3.37554 0. 32 0.33755 0.(Some Commonly Used Cryptosystems)awidthshow
143 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.44357 0. 32 0.04435 0.(This work is independent of any individual cryptosystems or other low-level mecha-)awidthshow
159 90 gm
-0.00221 0.(nisms. In the preceding chapters we have simply assumed that we have at our disposal)ashow
175 90 gm
-0.08830 0.(symmetric and asymmetric cryptosystems with certain properties. In a constant struggle)ashow
191 90 gm
1.60614 0. 32 0.16061 0.(between cryptographers and cryptanalysts to make and break new cryptosystems)awidthshow
207 90 gm
0.14526 0. 32 0.01452 0.(existing systems will die and new systems be born. It is important that this work shall)awidthshow
223 90 gm
-0.09474 0.(not be tied to any currently existing schemes.)ashow
255 90 gm
-0.07542 0.(However, since we are interested in actual implementations of secure open systems it is)ashow
271 90 gm
0.04074 0. 32 0.00407 0.(important that we be able to specify some current cryptosystems fulfilling the require-)awidthshow
287 90 gm
1.20407 0. 32 0.12040 0.(ments set before. In this chapter we will have a brief look at some cryptosystems)awidthshow
303 90 gm
-0.03778 0.(which, for the time being, are considered suitable for our purposes.)ashow
335 90 gm
0.24108 0. 32 0.02410 0.(Here we shall not present the details of these cryptosystems but rather concentrate on)awidthshow
351 90 gm
0.31585 0. 32 0.03158 0.(their applicability to our purposes. Any good tutorial on cryptology, such as [DH79],)awidthshow
367 90 gm
-0.03834 0.([DP84], [Mas88] or [Pat87], will discuss these algorithms in detail.)ashow
399 90 gm
0.73898 0. 32 0.07389 0.(The schemes presented here are all well known and well established. They have all)awidthshow
415 90 gm
0.01037 0. 32 0.00103 0.(resisted cryptanalytic attacks for a number of years and are still considered reasonably)awidthshow
431 90 gm
0.25955 0. 32 0.02595 0.(safe although many of the later cryptosystems have been broken. See e.g. [BO88] for)awidthshow
447 90 gm
-0.01348 0.(an overview of cryptanalytic attacks against these three cryptosystems as well as some)ashow
463 90 gm
0.11326 0.(others.)ashow
498 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.46440 0.(A2.1)ashow
498 135 gm
0.88618 0.(DES)ashow
530 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.05187 0. 32 0.00518 0.(Those interested in the history, current use and future prospects of DES are advised to)awidthshow
546 90 gm
-0.04771 0.(read [SB88] for an overview of the topic.)ashow
578 90 gm
0.27450 0. 32 0.02745 0.(In 1973 the US National Bureau of Standards \(NBS\) initiated the development of the)awidthshow
594 90 gm
-0.03819 0.(Data Encryption Standard \(DES\) by publishing a solicitation for encryption algorithms)ashow
610 90 gm
0.04440 0. 32 0.00444 0.(for computer data protection. The US National Security Agency \(NSA\) was requested)awidthshow
626 90 gm
-0.07313 0.(to assist in the evaluation of proposed encryption schemes.)ashow
658 90 gm
0.10879 0. 32 0.01087 0.(IBM had started work on developing cryptosystems in the late 60's which had already)awidthshow
674 90 gm
-0.04981 0.(resulted in commercial applications. In the early 70's the work was continued and it led)ashow
690 90 gm
-0.03929 0.(to a number of patents and products. IBM submitted a cryptographic algorithm to NBS)ashow
706 90 gm
-0.10168 0.(in response to the solicitation and this algorithm was to become DES.)ashow
738 90 gm
0.73120 0. 32 0.07312 0.(From the very beginning there was a lot of concern about the security of DES. The)awidthshow
754 90 gm
-0.10189 0.(main grounds for criticism were the following:)ashow
F T cp
%%Page: ? 23
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(106)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.38818 0. 32 0.03881 0.(Firstly, the 56-bit key-length of DES was not considered adequate by everybody and)awidthshow
117 90 gm
0.12191 0. 32 0.01219 0.(for all kinds of use. In 1975 Diffie and Hellman proposed a scheme for breaking DES)awidthshow
133 90 gm
-0.06655 0.(by using massive parallelism and exhaustive search of keys. This would make breaking)ashow
149 90 gm
1.11770 0. 32 0.11177 0.(DES quite costly but possible for organizations such as intelligence services. This)awidthshow
165 90 gm
-0.05519 0.(scheme is presented in [DH77].)ashow
197 90 gm
0.06454 0. 32 0.00645 0.(Secondly, the design criteria of the eight substitution tables \(called "S-boxes"\) used in)awidthshow
213 90 gm
0.47470 0. 32 0.04747 0.(DES were never made public. This led many to believe that there was an intentional)awidthshow
229 90 gm
-0.05883 0.(trapdoor in DES making it very easy break for NBS and NSA, and very hard for every-)ashow
245 90 gm
0.18249 0. 32 0.01824 0.(body else.)awidthshow
277 90 gm
0.79421 0. 32 0.07942 0.(Before accepting the standard, NBS organized two workshops in order to study the)awidthshow
293 90 gm
1.16058 0. 32 0.11605 0.(security of the proposed algorithm. One was on mathematics and the other on the)awidthshow
309 90 gm
0.28701 0. 32 0.02870 0.(economic trade-offs of increasing the key-length. Based on the results of these work-)awidthshow
325 90 gm
1.67877 0. 32 0.16787 0.(shops, NBS decided to pass the standard without modifications but it was to be)awidthshow
341 90 gm
1.06216 0. 32 0.10621 0.(reviewed every five years. The standard was last reviewed in 1988 and passed for)awidthshow
357 90 gm
-0.06472 0.(another five years. The next revision process will start in early 1992.)ashow
389 90 gm
0.23132 0. 32 0.02313 0.(Despite extensive cryptanalysis during the past fifteen years and the proposed attacks)awidthshow
405 90 gm
0.37216 0. 32 0.03721 0.(nobody has to date been able to show a flaw in the design of DES. All of the serious)awidthshow
421 90 gm
0.22125 0. 32 0.02212 0.(attacks are based on exhaustive search. DES is therefore still considered a reasonably)awidthshow
437 90 gm
-0.08596 0.(safe algorithm for commercial \(but not for military\) use. Some of the most recent crypt-)ashow
453 90 gm
-0.01748 0.(analytic studies \(see e.g. [BS90]\) seem to indicate that the standard 16-round DES still)ashow
469 90 gm
0.05950 0. 32 0.00595 0.(is reasonably safe \320 in fact much safer than many of its more recent rivals, such as the)awidthshow
485 90 gm
-0.08705 0.(Japanese FEAL algorithm [SM87].)ashow
517 90 gm
-0.07588 0.(DES is a symmetric block cipher with a block length of 64 bits and effective key length)ashow
533 90 gm
0.40313 0. 32 0.04031 0.(of 56 bits. The DES standards [ANS81, ANS83] define the basic 64-bit block cipher)awidthshow
549 90 gm
0.96466 0. 32 0.09646 0.(and four modes of operation for it. These modes are called: Electronic Code Book)awidthshow
565 90 gm
0.19470 0. 32 0.01947 0.(\(ECB\), Cipher Block Chaining \(CBC\), Cipher Feedback \(CFB\) and Output Feedback)awidthshow
581 90 gm
0.19592 0. 32 0.01959 0.(\(OFB\). Of these modes, the first one is the basic block cipher and the latter three turn)awidthshow
597 90 gm
0.36270 0. 32 0.03627 0.(DES into a chained "stream cipher". CBC and OFB are well suited for calculation of)awidthshow
613 90 gm
0.79132 0. 32 0.07913 0.(cryptosums \(e.g. integrity check values\) and CFB is good for encrypting individual)awidthshow
629 90 gm
0.75119 0. 32 0.07511 0.(characters. These modes of operation can also be used with any other block cipher,)awidthshow
645 90 gm
0.26397 0. 32 0.02639 0.(such as FEAL. Similar definitions now also exist as international standards, [IS8372])awidthshow
661 90 gm
-0.05290 0.(defines the modes of operation for 64-bit and [IS10116] for N-bit block ciphers.)ashow
693 90 gm
1.81365 0. 32 0.18136 0.(As a summary, it can be stated that among the good properties of DES are the)awidthshow
709 90 gm
-0.02172 0.(following: it is a commonly accepted standard encryption scheme with lots of efficient)ashow
725 90 gm
1.39129 0. 32 0.13912 0.(hardware implementations available, it is computationally reasonably light, it has)awidthshow
741 90 gm
0.38208 0. 32 0.03820 0.(several standardized modes of operation suited for various purposes, and its safety is)awidthshow
757 90 gm
-0.08346 0.(still believed to be adequate for most purposes.)ashow
F T cp
%%Page: ? 24
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(107)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.52642 0. 32 0.05264 0.(Among the shortcomings of DES are the following: the key length is insufficient by)awidthshow
117 90 gm
0.16708 0. 32 0.01670 0.(today's standards, it is still rumored to contain trapdoors, even though the most recent)awidthshow
133 90 gm
0.18157 0. 32 0.01815 0.(studies [BS90] don't seem to support this belief, and the initial and final permutations)awidthshow
149 90 gm
-0.11581 0.(of DES decrease the efficiency of its software implementations.)ashow
181 90 gm
-0.11192 0.(It is expected that DES will survive yet for a long time in commercial applications, even)ashow
197 90 gm
1.28173 0. 32 0.12817 0.(though in has already been replaced by later, more secure cryptosystems, such as)awidthshow
213 90 gm
-0.06791 0.(CCEP, in the most critical \(e.g. defense-related\) applications.)ashow
248 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.46440 0.(A2.2)ashow
248 135 gm
0.50173 0.(RSA)ashow
280 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.34210 0. 32 0.03421 0.(The Rivest-Shamir-Adleman \(RSA\) algorithm first presented in [RSA78] is the most)awidthshow
296 90 gm
0.83236 0. 32 0.08323 0.(commonly used and probably most usable Public Key Cryptosystem today. RSA is)awidthshow
312 90 gm
0.01953 0. 32 0.00195 0.(based on the exponentiation of primes \(modulo n\) and breaking it is as hard as finding)awidthshow
328 90 gm
0.31951 0. 32 0.03195 0.(the logarithm \(modulo n\) of an integer, which is believed to be as hard as factoring a)awidthshow
344 90 gm
-0.09858 0.(large integer. With key lengths of at least 500 bits RSA is still believed to be reasonably)ashow
360 90 gm
-0.05596 0.(and with about 1000 bits quite safe.)ashow
392 90 gm
2.71697 0. 32 0.27169 0.(RSA is fairly simple, safe, and adaptive to various kinds of use. Among its)awidthshow
408 90 gm
0.83648 0. 32 0.08364 0.(shortcomings are its large \(and variable\) block length and heaviness \(RSA is about)awidthshow
424 90 gm
-0.10897 0.(three orders of magnitude heavier to compute than DES\).)ashow
456 90 gm
-0.00187 0.(As we can see, RSA can easily be used for generating digital signatures. However, the)ashow
472 90 gm
-0.09521 0.(group of possible future algorithms meeting one of the two requirements stated above is)ashow
488 90 gm
-0.08830 0.(presumably much larger than just RSA and we can feel confident that generating digital)ashow
504 90 gm
-0.04922 0.(signatures using a PKC as described here does not limit us into using RSA.)ashow
536 90 gm
0.99304 0. 32 0.09930 0.(Because breaking RSA is at most as hard as factoring a large integer, some recent)awidthshow
552 90 gm
0.30883 0. 32 0.03088 0.(advances in the factoring of large integers have made the use of RSA less secure and)awidthshow
568 90 gm
-0.04811 0.(increased the needed key length. Considering the possibility of a final break-through in)ashow
584 90 gm
-0.02532 0.(factoring, we cannot base everything \(authentication, non-repudiation, key distribution)ashow
600 90 gm
1.15707 0. 32 0.11570 0.(etc.\) on RSA but have to be ready to quickly adopt new PKCs and authentication)awidthshow
616 90 gm
-0.03027 0.(schemes if necessary.)ashow
F T cp
%%Page: ? 25
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(108)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
104 90 gm
1 fs
14 fz
bu fc
2 F /|______Times-Bold fnt
bn
1.46440 0.(A2.3)ashow
104 135 gm
4.26925 0. 32 0.42692 0.(The Diffie-Hellman Algorithm)awidthshow
136 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.51757 0. 32 0.05175 0.(The Diffie-Hellman scheme, first proposed in [DH76] as the first published "public-)awidthshow
152 90 gm
-0.04632 0.(key" algorithm, is still considered one of the best methods for secretly sharing pairwise)ashow
168 90 gm
1.72988 0. 32 0.17298 0.(symmetric keys. The algorithm is based on public "half-keys" and secret values)awidthshow
184 90 gm
1.20925 0. 32 0.12092 0.(associated with them. From their public half-keys K)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.42266 0.(A)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.72036 0. 32 0.07203 0.( and K)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.39050 0.(B)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
1.50817 0. 32 0.15081 0.( the communicating)awidthshow
200 90 gm
-0.00845 0.(parties A and B can determine a pairwise session key K)ashow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
(AB)show
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.00878 0.(, which remains secret from)ashow
216 90 gm
0.38284 0. 32 0.03828 0.(other parties. This key can then be used for mutual authentication and or exchanging)awidthshow
232 90 gm
-0.03932 0.(secret information \(such as a fresh session key\).)ashow
264 90 gm
0.39916 0. 32 0.03991 0.(In fact this algorithm is not a data encryption scheme but a key management scheme)awidthshow
280 90 gm
0.25878 0. 32 0.02587 0.(where n parties can secretly agree on n)awidthshow
0 -3 rm
(.)show
0 3 rm
0.31845 0. 32 0.03184 0.(\(n-1\)/2 pairwise encryption keys using only n)awidthshow
296 90 gm
0.65704 0. 32 0.06570 0.(public "half-keys". Normally n)awidthshow
0 -3 rm
0.07969 0.(.)ashow
0 3 rm
0.51467 0. 32 0.05146 0.(\(n-1\)/2 pairwise keys would have be created and n-1)awidthshow
312 90 gm
-0.04403 0.(keys securely delivered and stored at each site in order to allow for secure communica-)ashow
328 90 gm
0.21530 0. 32 0.02153 0.(tions between any two sites. When using the Diffie-Hellman algorithm only authenti-)awidthshow
344 90 gm
0.12557 0. 32 0.01255 0.(cated and integral \(not confidential\) copies of n-1 public "half-keys" have to be deliv-)awidthshow
360 90 gm
-0.12597 0.(ered to and a site-specific \(locally created\) secret number securely stored at each site.)ashow
392 90 gm
0.13214 0. 32 0.01321 0.(One of the problems associated with the Diffie-Hellman scheme is, that all the parties)awidthshow
408 90 gm
1.06018 0. 32 0.10601 0.(wishing to communicate with one-another have to use the same parameters values)awidthshow
424 90 gm
-0.06536 0.(\(namely the generator and modulus\) of the cryptosystem. Obviously this is not possible)ashow
440 90 gm
-0.04081 0.(on a global scale. Another problem with the Diffie-Hellman algorithm is that, since the)ashow
456 90 gm
0.93856 0. 32 0.09385 0.(master key K)awidthshow
0 2 rm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.32606 0.(AB)ashow
0 -2 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.80596 0. 32 0.08059 0.( between A and B is shared by both parties, non-repudiation is not)awidthshow
472 90 gm
-0.07518 0.(possible without employing a trusted third-party.)ashow
504 90 gm
-0.00997 0.(Furthermore, with this algorithm each user in the group needs to have an integral copy)ashow
520 90 gm
1.12289 0. 32 0.11228 0.(of every other user's public authentication information in order to establish secure)awidthshow
536 90 gm
1.48544 0. 32 0.14854 0.(communication with him. This public authentication information either has to be)awidthshow
552 90 gm
0.26977 0. 32 0.02697 0.(distributed through an authenticated and integral channel or certified by a CA \(which)awidthshow
568 90 gm
-0.07768 0.(requires the use of a public key signature scheme\).)ashow
600 90 gm
-0.02127 0.(These restrictions together make the Diffie-Hellman algorithm only suitable for secure)ashow
616 90 gm
1.23489 0. 32 0.12348 0.(communications in a closed, reasonably sized, fairly stable user group where it is)awidthshow
632 90 gm
-0.10137 0.(possible to agree on the common parameters and for all users to keep the integral copies)ashow
648 90 gm
0.05172 0. 32 0.00517 0.(of the public authentication information of all the users. Despite its shortcomings,  the)awidthshow
664 90 gm
-0.06144 0.(Diffie-Hellman algorithm is the basis of public key cryptography and even some recent)ashow
680 90 gm
0.29739 0. 32 0.02973 0.(publications, such as [OT89], do propose authentication and key distribution systems)awidthshow
696 90 gm
(based on it.)show
F T cp
%%Page: ? 26
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(109)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
110 90 gm
1 fs
18 fz
bu fc
2 F /|______Times-Bold fnt
bn
2.00527 0.(A3)ashow
110 135 gm
2.47604 0. 32 0.24760 0.(The Kerberos Authentication Server)awidthshow
143 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.81604 0. 32 0.08160 0.(Authentication protocols have been widely studied for a long time and it is not our)awidthshow
159 90 gm
1.09573 0. 32 0.10957 0.(purpose to present a tutorial here. The interested reader is referred to the classical)awidthshow
175 90 gm
0.06439 0. 32 0.00643 0.(papers [NS78, DS81, NS87, OR87] or any good tutorial on cryptology.)awidthshow
207 90 gm
1.13922 0. 32 0.11392 0.(Perhaps the most prominent strong authentication service in wide use today is the)awidthshow
223 90 gm
1.93405 0. 32 0.19340 0.(Kerberos Authentication Server created in the Athena project at MIT [SNC88].)awidthshow
239 90 gm
-0.06843 0.(Kerberos is in everyday use in several major universities \(including MIT and Carnegie-)ashow
255 90 gm
-0.05413 0.(Mellon University\) and obviously has solved a number of security problems in them. It)ashow
271 90 gm
0.69427 0. 32 0.06942 0.(has also recently been adopted as a standard part of distributions of the DEC Ultrix)awidthshow
287 90 gm
0.22171 0. 32 0.02217 0.(operating system. Therefore, its significance should not be underestimated. However,)awidthshow
303 90 gm
0.01998 0. 32 0.00199 0.(it deserves to be pointed out that the approach taken in this work is fundamentally dif-)awidthshow
319 90 gm
1.52420 0. 32 0.15242 0.(ferent from that of Kerberos in several respects and is assumed to supersede the)awidthshow
335 90 gm
-0.12008 0.(currently existing authentication schemes.)ashow
367 90 gm
1.28234 0. 32 0.12823 0.(In Kerberos authentication is based on symmetric encryption which precludes the)awidthshow
383 90 gm
1.16088 0. 32 0.11608 0.(stronger service of non-repudiation and leads to the problems of key management)awidthshow
399 90 gm
0.14419 0. 32 0.01441 0.(described in chapter 4.1.3. Obviously, in an academic environment, repudiation is not)awidthshow
415 90 gm
0.87295 0. 32 0.08729 0.(considered a serious threat. The way in which key management has been solved in)awidthshow
431 90 gm
-0.05531 0.(Kerberos is interesting and deserves a brief summary.)ashow
463 90 gm
0.44128 0. 32 0.04412 0.(To avoid the need for O\(n)awidthshow
0 -3 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.11920 0.(2)ashow
0 3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.58502 0. 32 0.05850 0.(\) pairwise master keys, each communicating party shares)awidthshow
479 90 gm
0.44479 0. 32 0.04447 0.(one master key with Kerberos. Kerberos, therefore, is in possession of all the master)awidthshow
495 90 gm
-0.04362 0.(keys. When using Kerberos, the authentication process proceeds as follows:)ashow
527 90 gm
(1\))show
527 126 gm
-0.02375 0.(Client C first asks for a certificate \(called "ticket"\) from Kerberos by sending it)ashow
543 126 gm
-0.00500 0.(the message: "C, TGS")ashow
575 90 gm
(2\))show
575 126 gm
-0.00660 0.(Kerberos authenticates the user by his master key and prevents replay by using)ashow
591 126 gm
0.92712 0. 32 0.09271 0.(time-stamps. Kerberos now passes the ticket for a "Ticket Granting Server")awidthshow
607 126 gm
1.76361 0. 32 0.17636 0.(\(TGS\) to C. This ticket includes a pairwise fresh session key to be used)awidthshow
623 126 gm
-0.09352 0.(between the C and TGS:)ashow
638 126 gm
(T)show
0 3 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(C,TGS)show
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.00923 0.(: TGS, C, Addr, TimeStamp, LifeTime, K)ashow
0 3 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(C,TGS)show
654 126 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
("eK)show
0 3 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(C)show
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(\(K)show
0 3 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(C,TGS)show
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(, eK)show
0 3 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(TGS)show
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(\(T)show
0 3 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(C,TGS)show
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(\)\)")show
687 90 gm
(3\))show
687 126 gm
-0.03710 0.(User C now identifies himself to the TGS by presenting his ticket together with)ashow
702 126 gm
-0.12216 0.(an "authenticator" A)ashow
0 3 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.14903 0.(C)ashow
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.11718 0.( and asks for another ticket to the actual service S he wants)ashow
719 126 gm
(to access.)show
734 126 gm
-0.11750 0.(A)ashow
0 3 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.08143 0.(C)ashow
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.07638 0.(: C, Addr, TimeStamp)ashow
750 126 gm
("S, eK)show
0 3 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(TGS)show
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(\(T)show
0 3 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(C,TGS)show
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(\), eK)show
0 3 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(C,TGS)show
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(\(A)show
0 3 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(C)show
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(\)")show
F T cp
%%Page: ? 27
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(110)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(4\))show
101 126 gm
-0.11076 0.(TGS checks the validity of the ticket and uses the timestamp of the authenticator)ashow
117 126 gm
-0.05278 0.(to detect attempts of replay. TGS now gives C a ticket to S. This ticket includes)ashow
133 126 gm
-0.04237 0.(a pairwise session key to be used between the C and S.)ashow
148 126 gm
0.11856 0.(T)ashow
0 3 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.07147 0.(C,S)ashow
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.27191 0. 32 0.02719 0.(: "eK)awidthshow
0 3 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.08168 0.(C,TGS)ashow
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.09695 0.(\(eK)ashow
0 3 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.08091 0.(S)ashow
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.09158 0.(\(T)ashow
0 3 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.07147 0.(C,S)ashow
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.21560 0. 32 0.02156 0.(\), K)awidthshow
0 3 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.07147 0.(C,S)ashow
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.14376 0.(\)")ashow
181 90 gm
(5\))show
181 126 gm
0.44479 0. 32 0.04447 0.(The user can now access the service by presenting his ticket together with an)awidthshow
197 126 gm
-0.12565 0.(authenticator.)ashow
212 126 gm
(A)show
0 3 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(C)show
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.03161 0.(:"eK)ashow
0 3 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(S)show
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.03222 0.(\(T)ashow
0 3 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.02514 0.(C,S)ashow
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.09094 0. 32 0.00909 0.(\), eK)awidthshow
0 3 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.02514 0.(C,S)ashow
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.03602 0.(\(A)ashow
0 3 rm
9 fz
bu fc
2 F /|______Times-Roman fnt
bn
(C)show
0 -3 rm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.05058 0.(\)")ashow
245 90 gm
1.44058 0. 32 0.14405 0.(While this approach works well in limited environments, it still has a number of)awidthshow
261 90 gm
-0.08247 0.(shortcomings:)ashow
293 90 gm
(-)show
293 126 gm
0.14389 0. 32 0.01438 0.(Kerberos is in possession of all the master keys and can therefore impersonate)awidthshow
309 126 gm
1.07574 0. 32 0.10757 0.(as any of the other parties. Placing this much trust in any one party causes)awidthshow
325 126 gm
-0.08946 0.(considerable security threats.)ashow
357 90 gm
(-)show
357 126 gm
1.74407 0. 32 0.17440 0.(As the number of users and services grows, it will become unfeasible to)awidthshow
373 126 gm
-0.08842 0.(manage the master keys.)ashow
405 90 gm
1.04965 0. 32 0.10496 0.(In our approach we only need to trust our own CA and the CAs certified by it. In)awidthshow
421 90 gm
1.19110 0. 32 0.11911 0.(particular, none of the on-line servers needs to be trusted. Certificates forming an)awidthshow
437 90 gm
1.81167 0. 32 0.18116 0.(unbroken chain of trust can be received from any untrusted source, such as the)awidthshow
453 90 gm
-0.02584 0.(Directory. As soon as we know the public keys of our peer, authentication can be done)ashow
469 90 gm
0.78811 0. 32 0.07881 0.(on a bilateral basis between the two communicating end-systems without involving)awidthshow
485 90 gm
-0.03530 0.(anybody else in the process.)ashow
0 0 gm
(nc 504 155 665 438 6 rc)kp
64 gr
607 224 665 310 1 ov
0 gr
607.5 224.5 664.5 309.5 0 ov
0 0 pen
624 235 648 297 0 rc
633 248 gm
1 setTxMode
bu fc
2 F /|______Times-Roman fnt
bn
-0.18832 0.(\(Client\))ashow
645 262 gm
(C)show
64 gr
505 166 563 252 1 ov
1 1 pen
0 gr
505.5 166.5 562.5 251.5 0 ov
0 0 pen
527 170 539 246 0 rc
536 187 gm
0.01562 0 rmoveto
1 setTxMode
(Kerberos)show
64 gr
505 299 563 385 1 ov
1 1 pen
0 gr
505.5 299.5 562.5 384.5 0 ov
0 0 pen
527 325 539 357 0 rc
536 330 gm
0.16796 0 rmoveto
1 setTxMode
(TGS)show
64 gr
607 352 665 438 1 ov
1 1 pen
0 gr
607.5 352.5 664.5 437.5 0 ov
0 0 pen
624 358 648 431 0 rc
633 375 gm
1 setTxMode
-0.04223 0.(\(Server\))ashow
645 392 gm
0.16455 0 rmoveto
(S)show
0 gr
585 218 597 229 0 rc
594 221 gm
1 setTxMode
(1)show
0 gr
573 243 585 254 0 rc
582 246 gm
1 setTxMode
(2)show
0 gr
572 289 584 300 0 rc
581 292 gm
1 setTxMode
(3)show
0 gr
586 314 598 325 0 rc
595 317 gm
1 setTxMode
(4)show
0 gr
622 322 634 333 0 rc
631 325 gm
1 setTxMode
(5)show
1 1 pen
585 156 gm
0 gr
585 156 lin
603 247 615 259 227 267 1 ar
557 231 gm
604 251 lin
555 214 567 226 47 87 1 ar
565 221 gm
613 242 lin
550 311 562 323 98 138 1 ar
610 288 gm
560 314 lin
610 291 622 303 278 318 1 ar
560 327 gm
611 299 lin
629 346 641 358 160 200 1 ar
635 347 gm
635 309 lin
694 90 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.17942 0.(Figure A3-1:)ashow
694 162 gm
-0.07704 0.(The Kerberos Authentication Server.)ashow
F T cp
%%Page: ? 28
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(111)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
110 90 gm
1 fs
18 fz
bu fc
2 F /|______Times-Bold fnt
bn
2.00527 0.(A4)ashow
110 135 gm
4.39254 0. 32 0.43925 0.(Security Policy)awidthshow
143 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
2.06420 0. 32 0.20642 0.(Security policy is a statement, made with the knowledge and assistance of top)awidthshow
159 90 gm
-0.07882 0.(management, that says, in very general terms, what is and what is not to be permitted in)ashow
175 90 gm
-0.03195 0.(the area of security during the general operation of the system being secured. That is, a)ashow
191 90 gm
-0.05354 0.(security policy tells "what" rather than "how" is to be done [IS7498-2].)ashow
223 90 gm
1.64413 0. 32 0.16441 0.(Security policies are conventionally divided into )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.38310 0.(Identity-Based)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.71533 0. 32 0.07153 0.( and )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.47108 0.(Rule-Based)ashow
239 90 gm
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.20689 0.(policies:)ashow
271 90 gm
0.53588 0. 32 0.05358 0.(Identity-based security policies are based on privileges or capabilities given to users)awidthshow
287 90 gm
0.25634 0. 32 0.02563 0.(and/or Access Control Lists associated with data items and other resources. In a rule-)awidthshow
303 90 gm
1.23565 0. 32 0.12356 0.(based security policy, Security Classes are normally used for determining what is)awidthshow
319 90 gm
-0.01722 0.(authorized behavior. In identity-based systems, the user traditionally identifies himself)ashow
335 90 gm
-0.01812 0.(by presenting to the system something he knows \(e.g. a password\). This is often called)ashow
351 90 gm
-0.02070 0.("need to know" policy.)ashow
383 90 gm
1.09619 0. 32 0.10961 0.(In rule-based security policies, information and other resources are conventionally)awidthshow
399 90 gm
-0.00584 0.(divided into )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.00585 0.(security classes)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.00622 0.( and the flow of information between \(and within\) various)ashow
415 90 gm
1.39877 0. 32 0.13987 0.(classes is controlled by a set of rules. There are also rules regarding the security)awidthshow
431 90 gm
0.11184 0. 32 0.01118 0.(relations between various resources. A classical rule-based security model is the Bell-)awidthshow
447 90 gm
0.43899 0. 32 0.04389 0.(LaPadula model, based on finite state machines and security classes. The model was)awidthshow
463 90 gm
-0.05206 0.(first presented in 1973 and a refined version can be found in [BP74].)ashow
495 90 gm
0.53314 0. 32 0.05331 0.(It should be noted, that besides security classes there is the orthogonal dimension of)awidthshow
511 90 gm
0.48583 0. 32 0.04858 0.(integrity by which resources can be divided into )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.77056 0. 32 0.07705 0.(integrity classes)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.50109 0. 32 0.05010 0.( first introduced by)awidthshow
527 90 gm
0.80795 0. 32 0.08079 0.(Biba in [Bib77]. Combining the ideas of Bell, LaPadula and Biba, we can state the)awidthshow
543 90 gm
-0.09237 0.(following general rules for information flow in a rule-based secure system:)ashow
575 90 gm
(-)show
575 126 gm
0.00656 0. 32 0.00065 0.(A subject can only read an object, whose security level is the same or less than)awidthshow
591 126 gm
-0.08605 0.(that of the subject.)ashow
623 90 gm
(-)show
623 126 gm
-0.09666 0.(A subject can only write to an object, whose security level is the same or greater)ashow
639 126 gm
-0.09559 0.(than that of the subject.)ashow
671 90 gm
(-)show
671 126 gm
0.26748 0. 32 0.02674 0.(A subject can only read an object, whose integrity level is the same or greater)awidthshow
687 126 gm
-0.09559 0.(than that of the subject.)ashow
719 90 gm
(-)show
719 126 gm
0.20965 0. 32 0.02096 0.(A subject can only write to an object, whose integrity level is the same or less)awidthshow
735 126 gm
-0.09559 0.(than that of the subject.)ashow
F T cp
%%Page: ? 29
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(112)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 466 gm
-0.20510 0.(Appendix)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.21942 0. 32 0.02194 0.(A recent paper on rule-based security policies in a distributed environment is [LS90].)awidthshow
117 90 gm
0.42419 0. 32 0.04241 0.(Some classical papers on security policies are [Den76] and [Lan81]. An overview of)awidthshow
133 90 gm
0.00625 0. 32 0.00062 0.(the topic can be found e.g. in [IS7498-2].)awidthshow
165 90 gm
-0.05603 0.(In a system everything, including processes, data items and channels, are resources and)ashow
181 90 gm
0.13015 0. 32 0.01301 0.(can be labeled with attributes. Security policies indicate how these attributes are to be)awidthshow
197 90 gm
2.51998 0. 32 0.25199 0.(used to provide required level of security. The rules are stored in a Security)awidthshow
213 90 gm
-0.10562 0.(Management Information Base \(SMIB\).)ashow
245 90 gm
0.98953 0. 32 0.09895 0.(It is only after an explicit security policy has been stated that security becomes an)awidthshow
261 90 gm
-0.07179 0.(engineering problem and every organization seriously interested in security should one.)ashow
277 90 gm
-0.07763 0.(The enforcement of this security policy and monitoring of security related events lies in)ashow
293 90 gm
-0.06698 0.(the domain of engineering and means for doing this are discussed in this study.)ashow
325 90 gm
0.88058 0. 32 0.08805 0.(Security finally boils down into an economic issue. Security is on its optimal level)awidthshow
341 90 gm
1.21810 0. 32 0.12181 0.(when the sum of total losses caused by security defects and the cost of providing)awidthshow
357 90 gm
0.53527 0. 32 0.05352 0.(security is at its minimum. The losses caused by security violations are usually very)awidthshow
373 90 gm
0.85861 0. 32 0.08586 0.(difficult to quantify. However, the optimal security level always lies somewhere in)awidthshow
389 90 gm
0.21240 0. 32 0.02124 0.(between the two extremes. With no security measures losses can easily grow large. If)awidthshow
405 90 gm
0.23880 0. 32 0.02388 0.(flawless security is pursued the cost of providing security grows out of all reasonable)awidthshow
421 90 gm
-0.06115 0.(bounds. The situation is depicted in figure A4-1.)ashow
453 90 gm
0.49224 0. 32 0.04922 0.(While exactly locating the optimum is impossible, careful risk assessment should be)awidthshow
469 90 gm
0.57022 0. 32 0.05702 0.(used to approximately locate it. In drawing up a security policy and performing risk)awidthshow
485 90 gm
2.03918 0. 32 0.20391 0.(assessment also non-technical security measures should be considered. Without)awidthshow
501 90 gm
0.73059 0. 32 0.07305 0.(appropriate measures e.g. in the areas of Personnel Policy and Physical Security all)awidthshow
517 90 gm
-0.08303 0.(technical efforts to ensure security are in vain, the security chain always being as strong)ashow
533 90 gm
nc ct 39 0 put
-0.03363 0.(as its weakest link.)ashow
568 191 gm
bp
650 219 F qi
680 260 qc
686 295 qc
690 327 qc
690 360 F qq
ef
0 gr
1 ec
(nc 552 173 725 421 6 rc)kp
nc ct 39 0 put
580 350 gm
bp
633 320 F qi
666 297 qc
685 265 qc
691 237 qc
693 192 F qq
ef
0 gr
1 ec
(nc 552 173 725 421 6 rc)kp
692 200 gm
0 gr
544 179 568 203 70 110 1 ar
567 191 gm
692 191 lin
681 380 705 404 160 200 1 ar
693 191 gm
693 381 lin
psb
pse
nc ct 39 0 put
569 191 gm
bp
636 221 F qi
665 249 qc
668 274 qc
643 304 qc
610 329 qc
580 349 64 gr
F qq
qf
ef
0 gr
3 ec
(nc 552 173 725 421 6 rc)kp
664 264 gm
0 gr
668 264 lin
637 320 gm
632 335 lin
631 342 gm
0.00097 0 rmoveto
1 setTxMode
bu fc
2 F /|______Times-Roman fnt
bn
(Cost of)show
643 339 gm
-0.14059 0.(Security)ashow
561 208 gm
0.00097 0 rmoveto
(Cost of)show
573 205 gm
-0.14059 0.(Security)ashow
585 203 gm
-0.13839 0.(Breaches)ashow
620 212 gm
0 gr
587 225 lin
709 245 gm
1 setTxMode
-0.33213 0.(Optimal )ashow
721 229 gm
-0.17700 0.(Security Level)ashow
627 241 gm
-0.14770 0.(Total Cost)ashow
632 264 gm
0 gr
659 279 lin
690 374 gm
696 374 lin
690 264 gm
696 264 lin
707 359 gm
0.00341 0 rmoveto
1 setTxMode
(100 %)show
566 177 gm
($)show
682 349 gm
-0.17700 0.(Security Level)ashow
754 90 gm
(nc 30 28 811 566 6 rc)kp
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.17942 0.(Figure A4-1:)ashow
754 162 gm
-0.13429 0.(Optimal security level.)ashow
F T cp
%%Trailer
cd
end
%%Pages: 29 0

% Next: Bibliography

%!PS-Adobe-2.0
%%Title: Bibliography
%%Creator: NoWord
%%Pages: (atend)
%%BoundingBox: ? ? ? ?
%%PageBoundingBox: 28 30 566 811
%%For: AriA
%%IncludeProcSet: "(AppleDict md)" 68 0
%%EndComments
%%EndProlog
%%BeginDocumentSetup
md begin

T T -30 -28 811 566 100 72 72 3 F F F F T T T psu
(AriA; document: Bibliography)jn
0 mf
od
%%EndDocumentSetup
%%Page: ? 1
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
bu fc
{}mark T /Times-Roman /|______Times-Roman 0 rf
bn
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(113)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 452 gm
-0.07005 0.(Bibliography)ashow
110 90 gm
1 fs
bu fc
{}mark T /Times-Bold /|______Times-Bold 0 rf
bn
18 fz
bu fc
2 F /|______Times-Bold fnt
bn
0.54383 0.(Bibliography)ashow
143 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.16392 0.([Akl83])ashow
143 162 gm
1.81945 0. 32 0.18194 0.(S. Akl: )awidthshow
2 fs
bu fc
{}mark T /Times-Italic /|______Times-Italic 0 rf
bn
bu fc
2 F /|______Times-Italic fnt
bn
3.22982 0. 32 0.32298 0.(Digital Signatures: A Tutorial Survey)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
3.35998 0. 32 0.33599 0.(, IEEE Computer)awidthshow
159 162 gm
0.24719 0. 32 0.02471 0.(Magazine, Feb. 1983, pp. 15-24)awidthshow
191 90 gm
([AKS90])show
191 162 gm
0.18386 0. 32 0.01838 0.(A. Ahtiainen, J. Keskinen, J. Simolin, K. Tarpila, I. Turunen, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.06059 0.(Protocol)ashow
207 162 gm
0.37231 0. 32 0.03723 0.(Software Engineering Tools for Implementation of a General Purpose)awidthshow
223 162 gm
0.03372 0. 32 0.00337 0.(OSI Stack)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.02609 0. 32 0.00260 0.(, in Computer Networking \(L. Csaba et all., editors\), Elsevier)awidthshow
239 162 gm
0.07736 0. 32 0.00773 0.(Science Publishers, BV \(North Holland\), presented in IFIP conference,)awidthshow
255 162 gm
-0.03828 0.(Budapest, May 1990)ashow
287 90 gm
([ANS81])show
287 162 gm
-0.07322 0.(ANSI X3.92, )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.06959 0.(Data Encryption Algorithm)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.06965 0.(, American National Standards)ashow
303 162 gm
0.06851 0. 32 0.00685 0.(Institute, New York, 1981)awidthshow
335 90 gm
([ANS83])show
335 162 gm
1.79092 0. 32 0.17909 0.(ANSI X3.106, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.84646 0. 32 0.18464 0.(Data Encryption Algorithm \320 Modes of Operation)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
351 162 gm
-0.06860 0.(American National Standards Institute, New York, 1983)ashow
383 90 gm
-0.05278 0.([BAN89])ashow
383 162 gm
0.15594 0. 32 0.01559 0.(M. Burrows, M. Abadi, R. Needham: )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.18081 0. 32 0.01808 0.(A Logic of Authentication)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.19149 0. 32 0.01914 0.(, ACM)awidthshow
399 162 gm
0.14892 0. 32 0.01489 0.(Operating Systems Review, Vol. 23, No. 5, 1989)awidthshow
431 90 gm
-0.05162 0.([Bar90])ashow
431 162 gm
0.37094 0. 32 0.03709 0.(R. Barrett, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.46722 0. 32 0.04672 0.(Security in Wide Area Networks \320 Some Baseline Require-)awidthshow
447 162 gm
(ments)show
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.00425 0.(, Computer Fraud & Security Bulletin, Dec. 1990, pp. 14-18)ashow
479 90 gm
-0.05278 0.([BDH88])ashow
479 162 gm
0.31799 0. 32 0.03179 0.(D. Branstad, J. Dorman, R. Housley, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.45303 0. 32 0.04530 0.(SP4: A Transport Encapsulation)awidthshow
495 162 gm
-0.05659 0.(Security Protocol)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.06848 0.(, 1988)ashow
527 90 gm
-0.10839 0.([Bel89])ashow
527 162 gm
0.93566 0. 32 0.09356 0.(S. Bellowin, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.06887 0. 32 0.10688 0.(Security Problems in the TCP/IP Protocol Suite)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.17309 0. 32 0.11730 0.(, ACM)awidthshow
543 162 gm
0.06362 0. 32 0.00636 0.(Computer Communication Review, Vol. 19, No. 2, April 1989, pp. 32-)awidthshow
559 162 gm
(48)show
591 90 gm
0.06935 0.([BG89])ashow
591 162 gm
2.87078 0. 32 0.28707 0.(T. Beth, D. Gollmann, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
3.94561 0. 32 0.39456 0.(Algorithm Engineering for Public Key)awidthshow
607 162 gm
0.06990 0.(Algorithms)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.27603 0. 32 0.02760 0.(, IEEE Journal on Selected Areas in Communications, Vol.)awidthshow
623 162 gm
0.48355 0. 32 0.04835 0.(7, No. 4, May 1989, pp. 458-466)awidthshow
655 90 gm
([BI89])show
655 162 gm
2.64984 0. 32 0.26498 0.(F. Burg, N. Di Iorio, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
5.37979 0. 32 0.53797 0.(Networking of Networks: Interworking)awidthshow
671 162 gm
-0.03387 0.(According to OSI)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.03359 0.(, IEEE Journal on Selected Areas in Communications,)ashow
687 162 gm
0.35705 0. 32 0.03570 0.(Vol. 7, No. 7, September 1989, pp. 1131-1142)awidthshow
719 90 gm
-0.05401 0.([Bib77])ashow
719 162 gm
0.16525 0. 32 0.01652 0.(K. Biba, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.28442 0. 32 0.02844 0.(Integrity Considerations for Secure Computer Systems)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.24078 0. 32 0.02407 0.(, ESD-)awidthshow
735 162 gm
0.63552 0. 32 0.06355 0.(TR-76-372, MITRE MTR-3153 NTIS AD A039324, Bedford, Mass.,)awidthshow
751 162 gm
-0.14717 0.(April 1977)ashow
F T cp
%%Page: ? 2
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(114)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 452 gm
-0.07005 0.(Bibliography)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.05290 0.([Bir85])ashow
101 162 gm
0.87203 0. 32 0.08720 0.(A. Birrell, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.44714 0. 32 0.14471 0.(Secure Communications Using Remote Procedure Calls)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
117 162 gm
0.97000 0. 32 0.09700 0.(ACM Transactions on Computer Systems, Vol. 3, No. 1, Feb. 1985,)awidthshow
133 162 gm
0.59234 0. 32 0.05923 0.(pp. 1-14)awidthshow
165 90 gm
-0.13142 0.([BM90])ashow
165 162 gm
0.39077 0. 32 0.03907 0.(J. Burns, C. Mitchell, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.46493 0. 32 0.04649 0.(A Security Scheme for Resource Sharing over a)awidthshow
181 162 gm
0.13604 0.(Network)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.40237 0. 32 0.04023 0.(, Computers & Security, Vol. 9, No. 1, Feb. 1990, pp. 67-75)awidthshow
213 90 gm
-0.13064 0.([BO88])ashow
213 162 gm
0.95153 0. 32 0.09515 0.(E. Brickell, A. Odlyzko, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.14593 0. 32 0.11459 0.(Cryptanalysis: A Survey of Recent Results)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
229 162 gm
0.17974 0. 32 0.01797 0.(Proceedings of the IEEE, Vol. 76, No. 5, May 1988, pp. 578-593)awidthshow
261 90 gm
0.06781 0.([BP74])ashow
261 162 gm
2.15057 0. 32 0.21505 0.(D. Bell, E. LaPadula, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
3.80355 0. 32 0.38035 0.(Secure Computer Systems: Mathematical)awidthshow
277 162 gm
1.59820 0. 32 0.15982 0.(Foundations and Model)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.19552 0. 32 0.11955 0.(, M74-244, Vol. 2, MITRE Corp., Bedford,)awidthshow
293 162 gm
0.38543 0. 32 0.03854 0.(Mass., Oct. 1984)awidthshow
325 90 gm
0.06781 0.([BS90])ashow
325 162 gm
0.38681 0. 32 0.03868 0.(E. Biham, A. Shamir, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59341 0. 32 0.05934 0.(Differential Cryptanalysis of DES-Like Crypto-)awidthshow
341 162 gm
0.10073 0.(systems)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.40969 0. 32 0.04096 0.(, Proceedings of Crypto'90, June 1990)awidthshow
373 90 gm
-0.21942 0.([BVA90])ashow
373 162 gm
1.98043 0. 32 0.19804 0.(T. Beth, S. Vanstone, G. Agnew, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.53707 0. 32 0.25370 0.(What One Should Know about)awidthshow
389 162 gm
1.28570 0. 32 0.12857 0.(Public Key Algorithms \320 Today!)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.41067 0. 32 0.14106 0.(, proceedings of SECURICOM 90,)awidthshow
405 162 gm
-0.01895 0.(Paris, March 1990)ashow
437 90 gm
([CEN90])show
437 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.51504 0. 32 0.15150 0.(Report on Taxonomy for Security Standardisation)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.07788 0. 32 0.10778 0.(, prepared for the)awidthshow
453 162 gm
1.36978 0. 32 0.13697 0.(ITSTC by the CEN/CENELEC Security Group, CSecG/49/90, Sep.)awidthshow
469 162 gm
(1990)show
501 90 gm
0.06935 0.([CG90])ashow
501 162 gm
0.36682 0. 32 0.03668 0.(P.-C. Cheng, V. Gligor, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.47103 0. 32 0.04710 0.(On the Formal Specification and Verification)awidthshow
517 162 gm
2.17468 0. 32 0.21746 0.(of a Multiparty Session Protocol)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.71356 0. 32 0.17135 0.(,  Proceedings of the 1990 IEEE)awidthshow
533 162 gm
1.01516 0. 32 0.10151 0.(Computer Society Symposium on Research in Security and Privacy,)awidthshow
549 162 gm
0.16326 0. 32 0.01632 0.(Oakland, May 7-9, 1990, pp. 216-233)awidthshow
581 90 gm
-0.05278 0.([CGV90])ashow
581 162 gm
0.31845 0. 32 0.03184 0.(R. Cocino, M.T. Grillo, F. Vaschetto, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.36834 0. 32 0.03683 0.(Draft Specification for a Secure)awidthshow
597 162 gm
0.79376 0. 32 0.07937 0.(Tranport Protocol Class 0)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.69305 0. 32 0.06930 0.(, 4th version, a contribution to COST-225,)awidthshow
613 162 gm
-0.07475 0.(ISO/IEC JTC1/SC6/WG4,  December 1990)ashow
645 90 gm
-0.05268 0.([Cha85])ashow
645 162 gm
1.29226 0. 32 0.12922 0.(D. Chaum, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.78054 0. 32 0.17805 0.(Security without Identification: Transaction Systems to)awidthshow
661 162 gm
1.16012 0. 32 0.11601 0.(Make Big Brother Obsolete)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.97457 0. 32 0.09745 0.(, Communications of the ACM, Vol. 28,)awidthshow
677 162 gm
0.49652 0. 32 0.04965 0.(No. 10, Oct. 1985, pp. 1030-1044)awidthshow
709 90 gm
-0.10839 0.([Cla88])ashow
709 162 gm
0.88073 0. 32 0.08807 0.(D. Clark, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.24191 0. 32 0.12419 0.(The Design Philosophy of the DARPA Internet Protocols)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
725 162 gm
0.625 0. 32 0.0625 0.(ACM Computer Communication Review, Vol. 18, No. 4, Aug. 1988,)awidthshow
741 162 gm
0.50354 0. 32 0.05035 0.(pp. 106-114)awidthshow
F T cp
%%Page: ? 3
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(115)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 452 gm
-0.07005 0.(Bibliography)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.05398 0.([Com89])ashow
101 162 gm
0.47882 0. 32 0.04788 0.(Commission of the European Communities, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.48385 0. 32 0.04838 0.(EDI in Perspective)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.43151 0. 32 0.04315 0.(, EUR)awidthshow
117 162 gm
0.12145 0. 32 0.01214 0.(11883 EN, Brussel \320 Luxembourg, 1989)awidthshow
149 90 gm
-0.05398 0.([Com90])ashow
149 162 gm
(Commission of the European Communities, )show
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
(Proposal for a Decision of)show
165 162 gm
-0.01739 0.(the Council in the Field of Information Security)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.02316 0.( \(INFOSEC\), COM\(90\))ashow
181 162 gm
0.24948 0. 32 0.02494 0.(314 final, Brussel, July 3, 1990)awidthshow
213 90 gm
-0.05398 0.([COS90])ashow
213 162 gm
0.44601 0. 32 0.04460 0.(Security Mechanisms for Computer Networks, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.49560 0. 32 0.04956 0.(Extended OSI Security)awidthshow
229 162 gm
-0.07527 0.(Architecture)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.07670 0.(, COST-11 Ter Project Report, Volume II, Draft, Oct. 1990)ashow
261 90 gm
0.06781 0.([CP88])ashow
261 162 gm
1.59393 0. 32 0.15939 0.(J. Crowcroft, K. Paliwoda, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.05596 0. 32 0.20559 0.(A Multicast Transport Protocol)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.93679 0. 32 0.19367 0.(, ACM)awidthshow
277 162 gm
1.44699 0. 32 0.14469 0.(Computer Communication Review, Vol. 18, No. 4, Aug. 1988, pp.)awidthshow
293 162 gm
(247-256)show
325 90 gm
([CPW89])show
325 162 gm
3.91067 0. 32 0.39106 0.(L. Cassel, C. Partridge, J. Westcott, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
8.67446 0. 32 0.86744 0.(Network Management)awidthshow
341 162 gm
0.16372 0. 32 0.01637 0.(Architectures and Protocols: Problems and Approaches)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.13198 0. 32 0.01319 0.(, IEEE Journal)awidthshow
357 162 gm
0.12557 0. 32 0.01255 0.(on Selected Areas in Communications, Vol. 7, No. 7, September 1989,)awidthshow
373 162 gm
0.45776 0. 32 0.04577 0.(pp. 1104-1114)awidthshow
405 90 gm
-0.16256 0.([Dav83])ashow
405 162 gm
-0.08790 0.(D. Davies, )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.08865 0.(Applying the RSA Digital Signature to Electronic Mail)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.11459 0.(, IEEE)ashow
421 162 gm
0.08117 0. 32 0.00811 0.(Computer Magazine, Feb. 1983, pp. 55-62)awidthshow
453 90 gm
-0.21699 0.([Dee88])ashow
453 162 gm
0.82595 0. 32 0.08259 0.(S. Deering, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.09771 0. 32 0.10977 0.(Multicast Routing in Internetworks and Extended LANs)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
469 162 gm
0.625 0. 32 0.0625 0.(ACM Computer Communication Review, Vol. 18, No. 4, Aug. 1988,)awidthshow
485 162 gm
0.55953 0. 32 0.05595 0.(pp. 55-64)awidthshow
517 90 gm
-0.16256 0.([Den83])ashow
517 162 gm
2.54730 0. 32 0.25473 0.(D. Denning, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
3.00979 0. 32 0.30097 0.(Protecting Public Keys and Signature Keys)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
2.80395 0. 32 0.28039 0.(, IEEE)awidthshow
533 162 gm
0.08117 0. 32 0.00811 0.(Computer Magazine, Feb. 1983, pp. 27-35)awidthshow
565 90 gm
-0.06251 0.([DH76])ashow
565 162 gm
2.19360 0. 32 0.21936 0.(W. Diffie, M. Hellman, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
3.13156 0. 32 0.31315 0.(New Directions in Cryptography)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
2.54135 0. 32 0.25413 0.(, IEEE)awidthshow
581 162 gm
1.47552 0. 32 0.14755 0.(Transactions on Information Theory,Vol. IT-22, No. 6, Nov. 1976,)awidthshow
597 162 gm
0.50354 0. 32 0.05035 0.(pp. 644-654)awidthshow
629 90 gm
-0.06251 0.([DH77])ashow
629 162 gm
1.29104 0. 32 0.12910 0.(W. Diffie, M. Hellman, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.60491 0. 32 0.16049 0.(Exhaustive Cryptanalysis of the NBS Data)awidthshow
645 162 gm
-0.00596 0.(Encryption Standard)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.00585 0.(, Computer, June 1977, pp. 74-78)ashow
677 90 gm
-0.06251 0.([DH79])ashow
677 162 gm
-0.02291 0.(W. Diffie, M. Hellman, )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.02299 0.(Privacy and Authentication: An Introduction to)ashow
693 162 gm
0.28892 0.(Cryptography)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.87387 0. 32 0.08738 0.(, Proceedings of the IEEE, Vol. 67, No. 3, Mar. 1979,)awidthshow
709 162 gm
0.50354 0. 32 0.05035 0.(pp. 397-427)awidthshow
741 90 gm
-0.16276 0.([Dif88])ashow
741 162 gm
2.98828 0. 32 0.29882 0.(W. Diffie, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
3.95675 0. 32 0.39567 0.(The First Ten Years of Public-Key Cryptography)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
757 162 gm
0.17974 0. 32 0.01797 0.(Proceedings of the IEEE, Vol. 76, No. 5, May 1988, pp. 560-577)awidthshow
F T cp
%%Page: ? 4
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(116)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 452 gm
-0.07005 0.(Bibliography)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
([DKK90])show
101 162 gm
0.05035 0. 32 0.00503 0.(F. Dix, M. Kelly, R. Klessig, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.07202 0. 32 0.00720 0.(Access to a Public Switched Multi-Mega-)awidthshow
117 162 gm
0.87829 0. 32 0.08782 0.(bit Data Service Offering)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.09786 0. 32 0.10978 0.(, ACM Computer Communication Review,)awidthshow
133 162 gm
0.50903 0. 32 0.05090 0.(Vol. 20, No. 3, July 1990, pp. 46-61)awidthshow
165 90 gm
-0.21876 0.([DoD85])ashow
165 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.23840 0. 32 0.12384 0.(Trusted Computer Systems Evaluation Criteria)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.25640 0. 32 0.12564 0.(, DoD 5200.28-STD,)awidthshow
181 162 gm
-0.06219 0.(Department of Defense, USA, 1985)ashow
213 90 gm
-0.06402 0.([DP84])ashow
213 162 gm
0.55999 0. 32 0.05599 0.(D. Davies, W. Price, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.86914 0. 32 0.08691 0.(Security for Computer Networks)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.57144 0. 32 0.05714 0.(, John Wiley &)awidthshow
229 162 gm
0.87463 0. 32 0.08746 0.(Sons, 1984)awidthshow
261 90 gm
-0.06402 0.([DS81])ashow
261 162 gm
1.41937 0. 32 0.14193 0.(D. Denning, G. Sacco, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.00286 0. 32 0.20028 0.(Timestamps in Key Distribution Protocols)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
277 162 gm
0.15548 0. 32 0.01554 0.(Communications of the ACM, Vol. 24, No. 8, Aug. 1981, pp. 533-536)awidthshow
309 90 gm
-0.16455 0.([ECM88])ashow
309 162 gm
1.61483 0. 32 0.16148 0.(ECMA, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.30462 0. 32 0.13046 0.(Security in Open Systems - A Security Framework)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.72241 0. 32 0.17224 0.(, ECMA)awidthshow
325 162 gm
0.09445 0. 32 0.00944 0.(TR/46, July 1988)awidthshow
357 90 gm
-0.16455 0.([ECM89])ashow
357 162 gm
3.69735 0. 32 0.36973 0.(ECMA, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
3.12652 0. 32 0.31265 0.(Security in Open Systems, Data Elements and Service)awidthshow
373 162 gm
-0.01493 0.(Definitions)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.01634 0.(, July 1989)ashow
405 90 gm
([Far91])show
405 162 gm
-0.04600 0.(Discussions with professsor David Farber in Helsinki, March 1991)ashow
437 90 gm
0.16682 0.([FFS88])ashow
437 162 gm
1.63269 0. 32 0.16326 0.(U. Feige, A. Fiat, A. Shamir, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.70996 0. 32 0.27099 0.(Zero-knowledge Proofs of Identity)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
453 162 gm
0.14785 0. 32 0.01478 0.(Journal of Cryptology, 1, 1988)awidthshow
485 90 gm
0.13435 0.([FP90])ashow
485 162 gm
1.26419 0. 32 0.12641 0.(W. Fumy, A. Pfau, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.12417 0. 32 0.21241 0.(Asymmetric Authentication Schemes for Smart)awidthshow
501 162 gm
-0.13992 0.(Cards \320 Dream or reality?)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.13775 0.(, IFIP TC-11 6th International Conference and)ashow
517 162 gm
-0.02941 0.(Exhibition on Information Security, Espoo, Finland, 1990)ashow
549 90 gm
0.13435 0.([FS87])ashow
549 162 gm
1.30081 0. 32 0.13008 0.(A. Fiat, A. Shamir, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.75460 0. 32 0.17546 0.(How to Prove Yourself: Practical Solutions to)awidthshow
565 162 gm
2.31765 0. 32 0.23176 0.(Identification and Signature Problems)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.97296 0. 32 0.19729 0.(, Proceedings of Crypto'86,)awidthshow
581 162 gm
0.29663 0. 32 0.02966 0.(Springer, 1987)awidthshow
613 90 gm
([Gen90])show
613 162 gm
0.65383 0. 32 0.06538 0.(G. Genilloud, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.72677 0. 32 0.07267 0.(X.400 MHS: First Steps Towards an EDI Communica-)awidthshow
629 162 gm
0.54153 0. 32 0.05415 0.(tion Standard)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.43395 0. 32 0.04339 0.(, ACM Computer Communication Review, Vol. 20, No.)awidthshow
645 162 gm
0.26702 0. 32 0.02670 0.(2, April 1990, pp. 72-86)awidthshow
677 90 gm
([GNY90])show
677 162 gm
2.62954 0. 32 0.26295 0.(L. Gong, R. Needham, R. Yahalom, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
3.19931 0. 32 0.31993 0.(Reasoning about Belief in)awidthshow
693 162 gm
1.83807 0. 32 0.18380 0.(Cryptographic Protocols)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.94940 0. 32 0.09494 0.(,  Proceedings of the 1990 IEEE Computer)awidthshow
709 162 gm
1.32095 0. 32 0.13209 0.(Society Symposium on Research in Security and Privacy, Oakland,)awidthshow
725 162 gm
0.31082 0. 32 0.03108 0.(May 7-9, 1990, pp. 234-248)awidthshow
F T cp
%%Page: ? 5
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(117)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 452 gm
-0.07005 0.(Bibliography)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
([GOS90])show
101 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.08465 0. 32 0.20846 0.(U.S. Government Open Systems Interconnection Profile)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
2.14233 0. 32 0.21423 0.( \(GOSIP\),)awidthshow
117 162 gm
-0.02130 0.(Draft, Version 2.0, April 1989)ashow
149 90 gm
-0.06251 0.([HD89])ashow
149 162 gm
0.22216 0. 32 0.02221 0.(C. Huitema, A. Doghri, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.25756 0. 32 0.02575 0.(Defining Faster Transfer Syntaxes for the OSI)awidthshow
165 162 gm
0.44586 0. 32 0.04458 0.(Presentation Protocol)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.33416 0. 32 0.03341 0.(, ACM Computer Communication Review, Vol.)awidthshow
181 162 gm
0.55786 0. 32 0.05578 0.(19, No. 5, Oct. 1989, pp. 44-55)awidthshow
213 90 gm
-0.05162 0.([Hei90])ashow
213 162 gm
1.74316 0. 32 0.17431 0.(J. Hein\212nen, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.65603 0. 32 0.16560 0.(Review of ISO IP)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.67312 0. 32 0.16731 0.(, a contribution to the EC COSINE)awidthshow
229 162 gm
(project, August 13, 1990)show
261 90 gm
-0.05162 0.([Hei91])ashow
261 162 gm
0.95932 0. 32 0.09593 0.(J. Hein\212nen, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.36093 0. 32 0.13609 0.(Review of Backbone Technologies)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.81710 0. 32 0.08171 0.(, preprint, to be pub-)awidthshow
277 162 gm
2.49206 0. 32 0.24920 0.(lished in the RARE Symposium on High Speed Networking for)awidthshow
293 162 gm
0.23498 0. 32 0.02349 0.(Research in Europe, Jan. 24, 1991, Brussels)awidthshow
325 90 gm
0.17070 0.([HKK90])ashow
325 162 gm
0.92910 0. 32 0.09291 0.(J. Harju, J. Koivisto, J. Kuittinen, J. Lahti, J. Malka, E. Ojanper\212, J.)awidthshow
341 162 gm
0.03173 0. 32 0.00317 0.(Reilly, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.04653 0. 32 0.00465 0.(C-VOPS Users' Manual)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.03509 0. 32 0.00350 0.(, Technical Research Centre of Finland,)awidthshow
357 162 gm
-0.11584 0.(Telecommunications laboratory, 1990)ashow
389 90 gm
0.05841 0.([Hou89])ashow
389 162 gm
-0.03303 0.(R. Housley, )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.03182 0.(Authentication, Confidentiality, and Integrity Extensions to)ashow
405 162 gm
0.17135 0. 32 0.01713 0.(the XNS Protocol Suite)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.16220 0. 32 0.01622 0.(, ACM Security, Audit & Control Review, Vol.)awidthshow
421 162 gm
0.46783 0. 32 0.04678 0.(7, No. 3, Fall  1989, pp. 17-24)awidthshow
453 90 gm
-0.10661 0.([IEE90])ashow
453 162 gm
1.27517 0. 32 0.12751 0.(Institute of Electrical and Electronic Engineers, Proposed Standard:)awidthshow
469 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.97769 0. 32 0.19776 0.(DQDB Subnetwork of a Metropolitan Area Network)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.69860 0. 32 0.16986 0.(, IEEE 802.6,)awidthshow
485 162 gm
0.43151 0. 32 0.04315 0.(P802.6/D14, July 13, 1990)awidthshow
517 90 gm
-0.12931 0.([IM90])ashow
517 162 gm
0.58044 0. 32 0.05804 0.(C. I'Anson, C. Mitchell, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.86212 0. 32 0.08621 0.(Security Defects in CCITT Recommendation)awidthshow
533 162 gm
1.31668 0. 32 0.13166 0.(X.509 \320 The Directory Authentication Framework)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.34246 0. 32 0.13424 0.(, ACM Computer)awidthshow
549 162 gm
0.13793 0. 32 0.01379 0.(Communication Review, Vol. 20, No. 2, April 1990, pp. 30-34)awidthshow
581 90 gm
0.03962 0.([IS7498-1])ashow
581 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.49285 0. 32 0.04928 0.(Open  Systems Interconnection)awidthshow
597 162 gm
0.11871 0. 32 0.01187 0.(Reference Model, Part 1: Basic Reference Model)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.11535 0. 32 0.01153 0.(, ISO 7498-1 \(CCITT)awidthshow
613 162 gm
0.44799 0. 32 0.04479 0.(X.200\), Geneva 1984)awidthshow
645 90 gm
0.03962 0.([IS7498-2])ashow
645 162 gm
0.68817 0. 32 0.06881 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.88180 0. 32 0.08818 0.(Open Systems Interconnection)awidthshow
661 162 gm
0.28930 0. 32 0.02893 0.(Reference Model, Part 2: Security Architecture)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.22171 0. 32 0.02217 0.(, ISO DIS 7498-2, July)awidthshow
677 162 gm
0.58807 0. 32 0.05880 0.(19, 1988)awidthshow
709 90 gm
0.03962 0.([IS7498-3])ashow
709 162 gm
0.68817 0. 32 0.06881 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.88180 0. 32 0.08818 0.(Open Systems Interconnection)awidthshow
725 162 gm
0.92849 0. 32 0.09284 0.(Reference Model, Part 3: Naming and Addressing)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.77835 0. 32 0.07783 0.(, ISO DIS 7498-3,)awidthshow
741 162 gm
(1989)show
F T cp
%%Page: ? 6
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(118)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 452 gm
-0.07005 0.(Bibliography)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.03962 0.([IS7498-4])ashow
101 162 gm
0.68817 0. 32 0.06881 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.88180 0. 32 0.08818 0.(Open Systems Interconnection)awidthshow
117 162 gm
0.60470 0. 32 0.06047 0.(Reference Model, Part 4: Management Framework)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.44403 0. 32 0.04440 0.(, ISO DIS 7498-4,)awidthshow
133 162 gm
(1987)show
165 90 gm
-0.06477 0.([IS7498/A1])ashow
165 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
181 162 gm
-0.05847 0.(Connectionless Data Transmission)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.05955 0.(, ISO 7498-1/Add. 1, 1987)ashow
213 90 gm
-0.06477 0.([IS7498/A2])ashow
213 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
229 162 gm
-0.11595 0.(Multipeer Data Transmission)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.12043 0.(, ISO 7498-1/Add. 2)ashow
261 90 gm
([IS7498/C1])show
261 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
277 162 gm
-0.03520 0.(Technical Corrigendum 1)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.03419 0.(, ISO 7498-1/Cor. 1, 1988)ashow
309 90 gm
0.04992 0.([IS7776])ashow
309 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.34613 0. 32 0.13461 0.(HDLC \320 Description of the X.25 LAPB-compatible DTE Data Link)awidthshow
325 162 gm
-0.02557 0.(Procedures)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.02537 0.(, ISO 7776, 1986)ashow
357 90 gm
-0.06477 0.([IS8072/A1])ashow
357 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
373 162 gm
2.49221 0. 32 0.24922 0.(Transport Service Definition, Addendum 1: Connectionless-mode)awidthshow
389 162 gm
(Transmission)show
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(, ISO 8072/Add. 1)show
421 90 gm
-0.06477 0.([IS8073/A2])ashow
421 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
437 162 gm
0.73135 0. 32 0.07313 0.(Connection Oriented Transport Protocol Specification, Addendum 2:)awidthshow
453 162 gm
3.72817 0. 32 0.37281 0.(Class 4 Operation over Connectionless Network Service)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
2.81646 0. 32 0.28164 0.(, ISO)awidthshow
469 162 gm
(8073/Add. 2)show
501 90 gm
0.04992 0.([IS8073])ashow
501 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
517 162 gm
2.45178 0. 32 0.24517 0.(Connection Oriented Transport Protocol Specification)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.54983 0. 32 0.15498 0.(, ISO 8073)awidthshow
533 162 gm
0.44448 0. 32 0.04444 0.(\(CCITT X.224\), 1986)awidthshow
565 90 gm
0.04992 0.([IS8208])ashow
565 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
581 162 gm
0.58990 0. 32 0.05899 0.(X.25 Packet Level Protocol for Data Terminal, Equipment)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.47363 0. 32 0.04736 0.(, ISO 8208)awidthshow
597 162 gm
0.45669 0. 32 0.04566 0.(\(CCITT X.25\), 1990)awidthshow
629 90 gm
-0.06477 0.([IS8326/A3])ashow
629 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
645 162 gm
0.90270 0. 32 0.09027 0.(Basic Connection Oriented Session Service Definition, Addendum 3:)awidthshow
661 162 gm
-0.02374 0.(Connectionless Session Service)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.02783 0.(, ISO 8326/DAD3, 1988)ashow
693 90 gm
-0.06477 0.([IS8348/A1])ashow
693 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
709 162 gm
-0.00361 0.(Network Service Definition, Addendum 1: Connectionless-mode Trans-)ashow
725 162 gm
0.01246 0.(mission)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.05294 0. 32 0.00529 0.(, ISO 8348/AD1, 1987)awidthshow
F T cp
%%Page: ? 7
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(119)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 452 gm
-0.07005 0.(Bibliography)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.04992 0.([IS8348])ashow
101 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
117 162 gm
0.16937 0. 32 0.01693 0.(Network Service Definition)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.12130 0. 32 0.01213 0.(, ISO 8348 \(CCITT X.213\), 1987)awidthshow
149 90 gm
0.04992 0.([IS8372])ashow
149 162 gm
0.51284 0. 32 0.05128 0.(ISO, Information Technology, Security Techniques, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.48812 0. 32 0.04881 0.(Modes of Opera-)awidthshow
165 162 gm
-0.02925 0.(tion for a 64-bit Block Cipher Algorithm)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.03263 0.(, ISO/IEC, ISO 8372, 1989)ashow
197 90 gm
0.04992 0.([IS8473])ashow
197 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
213 162 gm
2.15606 0. 32 0.21560 0.(Protocol for Providing the Connectionless-mode Network Service)awidthshow
229 162 gm
-0.06817 0.(\(Internetwork Protocol\))ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.07931 0.(, ISO 8473)ashow
261 90 gm
0.03962 0.([IS8571-1])ashow
261 162 gm
0.03143 0. 32 0.00314 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.03402 0. 32 0.00340 0.(Open Systems Interconnection \320)awidthshow
277 162 gm
0.30075 0. 32 0.03007 0.(File Transfer, Access and Management, Part 1: General Introduction)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
293 162 gm
0.07125 0. 32 0.00712 0.(ISO 8571-1, Oct. 1988)awidthshow
325 90 gm
0.03962 0.([IS8571-2])ashow
325 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
341 162 gm
0.53970 0. 32 0.05397 0.(File Transfer, Access and Management, Part 2: The Virtual Filestore)awidthshow
357 162 gm
-0.00898 0.(Definition)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.00970 0.(, ISO 8571-2, Oct. 1988)ashow
389 90 gm
0.03962 0.([IS8571-4])ashow
389 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
405 162 gm
1.60675 0. 32 0.16067 0.(File Transfer, Access and Management, Part 4: The File Protocol)awidthshow
421 162 gm
-0.00787 0.(Specification)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.00857 0.(, ISO 8571-4, Oct. 1988)ashow
453 90 gm
0.04992 0.([IS8602])ashow
453 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
469 162 gm
-0.09541 0.(Protocol for Providing the Connectionless-mode Transport Service)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.11961 0.(, ISO)ashow
485 162 gm
0.20141 0. 32 0.02014 0.(8602, Dec. 1987)awidthshow
517 90 gm
-0.06477 0.([IS8649/A1])ashow
517 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
533 162 gm
-0.06240 0.(Association Control Service Element, Addendum 1: Authentication)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.07759 0.(, ISO)ashow
549 162 gm
-0.09452 0.(8649/DAD1, 1989)ashow
581 90 gm
-0.06477 0.([IS8649/A2])ashow
581 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
597 162 gm
1.50955 0. 32 0.15095 0.(Association Control Service Element, Addendum 2: Connectionless)awidthshow
613 162 gm
0.06271 0. 32 0.00627 0.(ACSE Service)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.04852 0. 32 0.00485 0.(, ISO 8649/DAD2, 1989)awidthshow
645 90 gm
-0.06477 0.([IS8649/A3])ashow
645 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
661 162 gm
-0.04959 0.(Association Control Service Element, Addendum 3: A-Context Manage-)ashow
677 162 gm
-0.03079 0.(ment Service)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.03256 0.(, ISO 8649/PDAD3 \(working draft\), 1990)ashow
709 90 gm
0.04992 0.([IS8649])ashow
709 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
725 162 gm
-0.03199 0.(Service Definition for the Association Control Service Element \(ACSE\))ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
741 162 gm
0.20324 0. 32 0.02032 0.(ISO 8649 \(CCITT X.217\), 1988)awidthshow
F T cp
%%Page: ? 8
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(120)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 452 gm
-0.07005 0.(Bibliography)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.06477 0.([IS8650/A1])ashow
101 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
117 162 gm
1.78024 0. 32 0.17802 0.(Peer Entity Authentication During Association Establishment)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.18759 0. 32 0.11875 0.(, ISO)awidthshow
133 162 gm
-0.09452 0.(8650/DAD1, 1989)ashow
165 90 gm
-0.06477 0.([IS8650/A4])ashow
165 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
181 162 gm
-0.06278 0.(Application Entity Titles)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.07267 0.(, ISO 8650/PDAD4 \(working draft\), 1990)ashow
213 90 gm
0.04992 0.([IS8650])ashow
213 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
229 162 gm
1.46270 0. 32 0.14627 0.(Protocol Specification for the Association Control Service Element)awidthshow
245 162 gm
0.11492 0.(\(ACSE\))ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.38253 0. 32 0.03825 0.(, ISO 8650 \(CCITT X.227\), 1988)awidthshow
277 90 gm
0.03962 0.([IS8802-1])ashow
277 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
293 162 gm
-0.08633 0.(Local Area Networks, Part 1: Introduction)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.09768 0.(, ISO 8802-1)ashow
325 90 gm
0.03962 0.([IS8802-2])ashow
325 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
341 162 gm
-0.08087 0.(Local Area Networks, Part 2: Logical Link Control)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.09103 0.(, ISO 8802-2)ashow
373 90 gm
0.03962 0.([IS8802-3])ashow
373 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
389 162 gm
1.75933 0. 32 0.17593 0.(Local Area Networks, Part 3: Carrier Sense Multiple Access with)awidthshow
405 162 gm
0.26763 0. 32 0.02676 0.(Collision Detection,Access Method and Physical Layer Specifications)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
421 162 gm
0.19424 0. 32 0.01942 0.(ISO 8802-3, 1989)awidthshow
453 90 gm
0.03962 0.([IS8802-5])ashow
453 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
469 162 gm
0.06622 0. 32 0.00662 0.(Local Area Networks, Part 5: Token Ring Access Method and Physical)awidthshow
485 162 gm
-0.02197 0.(Layer Specifications)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.02441 0.(, ISO DIS 8802-5, 1990)ashow
517 90 gm
0.04992 0.([IS8807])ashow
517 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.32415 0. 32 0.13241 0.(LOTOS \320 A Formal Description Technique Based on the Temporal)awidthshow
533 162 gm
-0.09739 0.(Ordering of Observational Behaviour)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.10301 0.(, ISO 8807, 1989)ashow
565 90 gm
-0.06477 0.([IS8822/A1])ashow
565 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
581 162 gm
1.33560 0. 32 0.13356 0.(Connection Oriented Presentation Service Definition, Addendum 1:)awidthshow
597 162 gm
-0.08868 0.(Connectionless-mode Presentation Service)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.10133 0.(, ISO 8822/DAD1, 1989)ashow
629 90 gm
0.04992 0.([IS8823])ashow
629 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
645 162 gm
1.21566 0. 32 0.12156 0.(Connection Oriented Presentation Protocol Specification)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.75515 0. 32 0.07551 0.(, ISO 8823)awidthshow
661 162 gm
0.44448 0. 32 0.04444 0.(\(CCITT X.226\), 1988)awidthshow
693 90 gm
-0.06477 0.([IS8824/A1])ashow
693 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
709 162 gm
1.17004 0. 32 0.11700 0.(Specification of Abstract Syntax Notation One, Addendum 1: ASN.1)awidthshow
725 162 gm
(Extensions)show
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(, ISO 8824/DAD1 \(CCITT X.208\), 1988)show
F T cp
%%Page: ? 9
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(121)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 452 gm
-0.07005 0.(Bibliography)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.04992 0.([IS8824])ashow
101 162 gm
0.48065 0. 32 0.04806 0.(ISO, Information Processing Systems, O)awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.57296 0. 32 0.05729 0.(pen Systems Interconnection,)awidthshow
117 162 gm
1.95098 0. 32 0.19509 0.(Specification of Abstract Syntax Notation One)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.70867 0. 32 0.17086 0.(, ISO 8824 \(CCITT)awidthshow
133 162 gm
1.11602 0. 32 0.11160 0.(X.208\), 1987)awidthshow
165 90 gm
-0.06477 0.([IS8825/A1])ashow
165 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
181 162 gm
2.73849 0. 32 0.27384 0.(Specification of Basic Encoding Rules for ASN.1, Addendum 1:)awidthshow
197 162 gm
0.43411 0. 32 0.04341 0.(ASN.1 Extensions)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.30868 0. 32 0.03086 0.(, ISO 8825/DAD1 \(CCITT X.209\), 1988)awidthshow
229 90 gm
0.04992 0.([IS8825])ashow
229 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
245 162 gm
0.95947 0. 32 0.09594 0.(Specification of Basic Encoding Rules for ASN.1)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.89782 0. 32 0.08978 0.(, ISO 8825 \(CCITT)awidthshow
261 162 gm
1.11602 0. 32 0.11160 0.(X.209\), 1987)awidthshow
293 90 gm
0.04992 0.([IS8831])ashow
293 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
309 162 gm
-0.08871 0.(Job Transfer and Manipulation Concepts and Services)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.09454 0.(, ISO 8831, 1989)ashow
341 90 gm
0.04992 0.([IS8832])ashow
341 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
357 162 gm
2.80639 0. 32 0.28063 0.(Specification of the Basic Class Protocol for Job Transfer and)awidthshow
373 162 gm
-0.06105 0.(Manipulation)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.06155 0.(, ISO 8832, 1989)ashow
405 90 gm
0.04992 0.([IS9040])ashow
405 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
421 162 gm
-0.07232 0.(Virtual Terminal Service \320 Basic Class)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.08039 0.(, ISO 9040, 1988)ashow
453 90 gm
0.04992 0.([IS9041])ashow
453 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
469 162 gm
-0.10157 0.(Virtual Terminal Protocol \320 Basic Class)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.11189 0.(, ISO 9041, 1989)ashow
501 90 gm
0.03962 0.([IS9066-1])ashow
501 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
517 162 gm
0.67703 0. 32 0.06770 0.(Reliable Transfer, Part 1: Model and Service Definition)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.63186 0. 32 0.06318 0.(, ISO 9066-1)awidthshow
533 162 gm
0.44448 0. 32 0.04444 0.(\(CCITT X.218\), 1989)awidthshow
565 90 gm
0.03962 0.([IS9066-2])ashow
565 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
581 162 gm
0.19226 0. 32 0.01922 0.(Reliable Transfer, Part 2: Protocol Specification)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.17517 0. 32 0.01751 0.(, ISO 9066-2 \(CCITT)awidthshow
597 162 gm
1.11602 0. 32 0.11160 0.(X.228\), 1989)awidthshow
629 90 gm
0.03962 0.([IS9072-1])ashow
629 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
645 162 gm
0.89385 0. 32 0.08938 0.(Remote Operations, Part 1: Model, Notation and Service Definition)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
661 162 gm
0.19836 0. 32 0.01983 0.(ISO 9072-1 \(CCITT X.219\), 1989)awidthshow
693 90 gm
0.03962 0.([IS9072-2])ashow
693 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
709 162 gm
-0.08454 0.(Remote Operations, Part 2: Protocol Specification)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.09809 0.(, ISO 9072-2 \(CCITT)ashow
725 162 gm
1.11602 0. 32 0.11160 0.(X.229\), 1989)awidthshow
F T cp
%%Page: ? 10
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(122)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 452 gm
-0.07005 0.(Bibliography)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.03962 0.([IS9314-1])ashow
101 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.02241 0.(Fiber Distributed Data Interface, Part 1: Physical Layer Protocol)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.02899 0.(, ISO)ashow
117 162 gm
0.47943 0. 32 0.04794 0.(9314-1, 1989)awidthshow
149 90 gm
0.03962 0.([IS9314-2])ashow
149 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.02807 0. 32 0.00280 0.(Fiber Distributed Data Interface, Part 2: Medium Access Control)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(, ISO)show
165 162 gm
0.47943 0. 32 0.04794 0.(9314-2, 1989)awidthshow
197 90 gm
0.03962 0.([IS9314-3])ashow
197 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.86126 0. 32 0.18612 0.(Fiber Distributed Data Interface, Part 3: Physical Layer Medium)awidthshow
213 162 gm
-0.02159 0.(Dependent)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.02041 0.(, ISO DIS 9314-3, 1990)ashow
245 90 gm
0.03962 0.([IS9314-4])ashow
245 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.43746 0. 32 0.04374 0.(Fiber Distributed Data Interface, Part 3: Single Mode Fiber/Physical)awidthshow
261 162 gm
-0.04675 0.(Layer Medium Dependent)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.04542 0.(, ISO DP 9314-4, 1990)ashow
293 90 gm
0.03962 0.([IS9314-5])ashow
293 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.17536 0.(Fiber Distributed Data Interface, Part 5: Hybrid Ring Control \(FDDI II\))ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
309 162 gm
0.07186 0. 32 0.00718 0.(ISO DP 9314-5, 1990)awidthshow
341 90 gm
-0.06477 0.([IS9545/A1])ashow
341 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
357 162 gm
0.42877 0. 32 0.04287 0.(Application Layer Structure, Addendum 1: Connectionless Operation)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
373 162 gm
-0.05822 0.(ISO DIS 9545/PDAD1 \(working draft\), 1989)ashow
405 90 gm
0.04992 0.([IS9545])ashow
405 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
421 162 gm
-0.04086 0.(Application Layer Structure)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.04542 0.(, ISO DIS 9545 \(CCITT X.200\), 1989)ashow
453 90 gm
0.04992 0.([IS9549])ashow
453 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
469 162 gm
-0.01858 0.(Connectionless Session Protocol)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.02017 0.(, ISO DIS 9549, 1988)ashow
501 90 gm
0.04992 0.([IS9576])ashow
501 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
517 162 gm
1.52999 0. 32 0.15299 0.(Connectionless Presentation Protocol Specification)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.87005 0. 32 0.08700 0.(, ISO DIS 9576,)awidthshow
533 162 gm
(1989)show
565 90 gm
0.03962 0.([IS9579-1])ashow
565 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
581 162 gm
-0.14389 0.(Remote Database Access, Part 1: General Model, Services and Protocol)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
597 162 gm
0.07385 0. 32 0.00738 0.(ISO DP 9579, 1990)awidthshow
629 90 gm
0.03962 0.([IS9579-2])ashow
629 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
645 162 gm
1.23535 0. 32 0.12353 0.(Remote Database Access, Part 2: SQL Specification)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.91934 0. 32 0.09193 0.(, ISO DP 9579,)awidthshow
661 162 gm
(1990)show
693 90 gm
0.03962 0.([IS9594-1])ashow
693 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
709 162 gm
1.07940 0. 32 0.10794 0.(The Directory, Part 1: Overview of Concepts, Models and Services)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
725 162 gm
0.12557 0. 32 0.01255 0.(ISO 9594-1 \(CCITT X.500\), Dec. 1988)awidthshow
F T cp
%%Page: ? 11
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(123)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 452 gm
-0.07005 0.(Bibliography)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.03962 0.([IS9594-8])ashow
101 162 gm
0.65429 0. 32 0.06542 0.(ISO, Information processing systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.84991 0. 32 0.08499 0.(Open Systems Interconnection,)awidthshow
117 162 gm
0.10162 0. 32 0.01016 0.(The Directory, Part 8: Authentication framework)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.09017 0. 32 0.00901 0.(, ISO 9594-8 \(CCITT)awidthshow
133 162 gm
0.56335 0. 32 0.05633 0.(X.509\), Dec. 1988)awidthshow
165 90 gm
0.04992 0.([IS9595])ashow
165 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
181 162 gm
0.86669 0. 32 0.08666 0.(Common Management Information Service Definition, Part 1: Over-)awidthshow
197 162 gm
0.10226 0.(view)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.32989 0. 32 0.03298 0.(, ISO DIS 9595, 1989)awidthshow
229 90 gm
0.04992 0.([IS9596])ashow
229 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
245 162 gm
-0.05607 0.(Common Management Information Protocol \(CMIP\) Specification)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.06541 0.(, ISO)ashow
261 162 gm
0.20401 0. 32 0.02040 0.(DIS 9596, 1989)awidthshow
293 90 gm
0.04992 0.([IS9796])ashow
293 162 gm
0.15686 0. 32 0.01568 0.(ISO, Information Technology, Security Techniques, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.14907 0. 32 0.01490 0.(A Signature Algo-)awidthshow
309 162 gm
-0.00703 0.(rithm for Short Messages)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.00776 0.(, ISO DP 9796, 1990)ashow
341 90 gm
0.04992 0.([IS9797])ashow
341 162 gm
0.77163 0. 32 0.07716 0.(ISO, Information Technology, Security Techniques, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.68466 0. 32 0.06846 0.(A Data Integrity)awidthshow
357 162 gm
(Mechanism)show
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(, ISO DP 9797, 1990)show
389 90 gm
0.03962 0.([IS9798-1])ashow
389 162 gm
0.08300 0. 32 0.00830 0.(ISO, Information Technology, Security Techniques, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.10650 0. 32 0.01065 0.(Entity Authentica-)awidthshow
405 162 gm
1.52099 0. 32 0.15209 0.(tion Mechanisms, Part 1: General Model for Entity Authentication)awidthshow
421 162 gm
-0.00869 0.(Mechanisms)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.00796 0.(, ISO/IEC DIS 9798-1, 1990)ashow
453 90 gm
0.03962 0.([IS9798-2])ashow
453 162 gm
0.08300 0. 32 0.00830 0.(ISO, Information Technology, Security Techniques, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.10650 0. 32 0.01065 0.(Entity Authentica-)awidthshow
469 162 gm
0.53527 0. 32 0.05352 0.(tion Mechanisms, Part 2: Entity Authentication Using Symmetric Key)awidthshow
485 162 gm
(Techniques)show
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(, ISO/IEC DIS 9798-2, 1990)show
517 90 gm
0.03962 0.([IS9798-3])ashow
517 162 gm
0.08300 0. 32 0.00830 0.(ISO, Information Technology, Security Techniques, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.10650 0. 32 0.01065 0.(Entity Authentica-)awidthshow
533 162 gm
1.17370 0. 32 0.11737 0.(tion Mechanisms, Part 3: Entity Authentication Using a Public Key)awidthshow
549 162 gm
-0.00915 0.(Algorithm)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.00950 0.(, ISO/IEC CD 9798-3, 1990)ashow
581 90 gm
0.04992 0.([IS9799])ashow
581 162 gm
-0.06179 0.(ISO, Information Processing Systems, )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.06309 0.(Peer Entity Authentication Using)ashow
597 162 gm
1.09039 0. 32 0.10903 0.(a Public-Key Algorithm with a Two-Way Handshake)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.78918 0. 32 0.07891 0.(, ISO DP 9799,)awidthshow
613 162 gm
(1988)show
645 90 gm
0.03561 0.([IS10000-1])ashow
645 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.09222 0.(International Standardized Profiles, Part 1: Taxonomy Framework)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.11390 0.(, ISO)ashow
661 162 gm
0.19210 0. 32 0.01921 0.(TR 10000-1, 1990)awidthshow
693 90 gm
0.03561 0.([IS10000-2])ashow
693 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.00863 0.(International Standardized Profiles, Part 2: Taxonomy of Profiles)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(, ISO)show
709 162 gm
0.19210 0. 32 0.01921 0.(TR 10000-2, 1990)awidthshow
741 90 gm
0.04370 0.([IS10035])ashow
741 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
757 162 gm
-0.03579 0.(Connectionless ACSE Protocol Specification)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.03857 0.(, ISO DIS 10035, 1989)ashow
F T cp
%%Page: ? 12
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(124)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 452 gm
-0.07005 0.(Bibliography)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.04370 0.([IS10040])ashow
101 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
117 162 gm
0.85403 0. 32 0.08540 0.(Systems Management Overview)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.57952 0. 32 0.05795 0.(, ISO/IEC DP 10040 \(CCITT X.701\),)awidthshow
133 162 gm
0.41809 0. 32 0.04180 0.(1990, June 16, 1990)awidthshow
165 90 gm
0.04370 0.([IS10116])ashow
165 162 gm
0.51284 0. 32 0.05128 0.(ISO, Information Technology, Security Techniques, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.48812 0. 32 0.04881 0.(Modes of Opera-)awidthshow
181 162 gm
-0.02917 0.(tion for an N-bit Block Cipher Algorithm)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.03297 0.(, ISO/IEC DIS 10116, 1990)ashow
209 90 gm
0.03561 0.([IS10118-1])ashow
209 162 gm
0.95520 0. 32 0.09552 0.(ISO, Information Technology, Security Techniques, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.25167 0. 32 0.12516 0.(Hash Functions)awidthshow
223 162 gm
-0.03648 0.(for Digital Signatures, Part 1: General)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.04087 0.(, ISO/IEC CD 10118-1, June 21,)ashow
237 162 gm
(1990)show
265 90 gm
0.03561 0.([IS10118-2])ashow
265 162 gm
0.95520 0. 32 0.09552 0.(ISO, Information Technology, Security Techniques, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.25167 0. 32 0.12516 0.(Hash Functions)awidthshow
279 162 gm
-0.07142 0.(for Digital Signatures, Part 2: Hash Functions using a Symmetric Block)ashow
293 162 gm
-0.01255 0.(Cipher Algorithm)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.01277 0.(, ISO/IEC CD 10118-2, June 21, 1990)ashow
325 90 gm
0.03561 0.([IS10164-7])ashow
325 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
341 162 gm
1.69586 0. 32 0.16958 0.(Systems Management, Part 7: Security Alarm Reporting Function)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
357 162 gm
0.07812 0. 32 0.00781 0.(ISO/IEC DIS 10164-7 \(CCITT X.736\), Soeul, May 21-22, 1990)awidthshow
389 90 gm
0.03561 0.([IS10164-8])ashow
389 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
405 162 gm
0.36575 0. 32 0.03657 0.(Systems Management, Part 8: Security Audit Trail Function)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.42922 0. 32 0.04292 0.(, ISO/IEC)awidthshow
421 162 gm
0.20034 0. 32 0.02003 0.(DIS 10164-8 \(CCITT X.740\), Soeul, June 1990)awidthshow
453 90 gm
0.03561 0.([IS10164-9])ashow
453 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
469 162 gm
2.45925 0. 32 0.24592 0.(Systems Management, Part 9: Objects and Attributes for Access)awidthshow
485 162 gm
0.01203 0.(Control)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.04791 0. 32 0.00479 0.(, ISO/IEC DIS 10164-9 \(CCITT X.741\), Soeul, June 1990)awidthshow
517 90 gm
0.03561 0.([IS10165-1])ashow
517 162 gm
0.46524 0. 32 0.04652 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59555 0. 32 0.05955 0.(Open Systems Interconnection,)awidthshow
533 162 gm
-0.10981 0.(Structure of Management Information, Part 1: Management Information)ashow
549 162 gm
0.05528 0.(Model)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.18692 0. 32 0.01869 0.(, ISO/IEC DIS 10165-1 \(CCITT X.720\), Paris, Jan. 1990)awidthshow
581 90 gm
0.04370 0.([IS10167])ashow
581 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.31127 0. 32 0.03112 0.(Guidelines for the Application of Estelle, LOTOS, and SDL)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.27999 0. 32 0.02799 0.(, ISO DTR)awidthshow
597 162 gm
0.52642 0. 32 0.05264 0.(8807, 1990)awidthshow
629 90 gm
0.03561 0.([IS10181-1])ashow
629 162 gm
1.22192 0. 32 0.12219 0.(ISO, Information Technology, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.00936 0. 32 0.10093 0.(OSI Security Model, Part 1: Security)awidthshow
645 162 gm
-0.02781 0.(Framework)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.02583 0.(, ISO DP 10181-1)ashow
677 90 gm
0.03561 0.([IS10181-2])ashow
677 162 gm
0.79589 0. 32 0.07958 0.(ISO, Information Technology, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.66940 0. 32 0.06694 0.(OSI Security Model, Part 2: Authenti-)awidthshow
693 162 gm
-0.08332 0.(cation Framework)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.08656 0.(, ISO DP 10181-1)ashow
725 90 gm
-0.09136 0.([ISO90a])ashow
725 162 gm
0.34103 0. 32 0.03410 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.31158 0. 32 0.03115 0.(Proposed Draft for End System)awidthshow
741 162 gm
0.35079 0. 32 0.03507 0.(to End System Security Protocol)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.34622 0. 32 0.03462 0.(, 2nd version, ISO/IEC JTC1/SC6, 27)awidthshow
757 162 gm
0.52566 0. 32 0.05256 0.(July, 1990)awidthshow
F T cp
%%Page: ? 13
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(125)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 452 gm
-0.07005 0.(Bibliography)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.04473 0.([ISO90b])ashow
101 162 gm
0.26779 0. 32 0.02677 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.21484 0. 32 0.02148 0.(Appendix B to UK Proposal for)awidthshow
117 162 gm
0.34225 0. 32 0.03422 0.(Network Layer End System to End System Security Protocol)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.42999 0. 32 0.04299 0.(, ISO/IEC)awidthshow
133 162 gm
0.38238 0. 32 0.03823 0.(JTC1/SC6, July 27, 1990)awidthshow
165 90 gm
-0.09136 0.([ISO90c])ashow
165 162 gm
1.91940 0. 32 0.19194 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.91070 0. 32 0.19107 0.(OSI Upper Layers Security)awidthshow
181 162 gm
0.31553 0.(Model)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.21307 0. 32 0.12130 0.(, fourth working draft, ISO/IEC JTC1/SC21 N5447, ISO/IEC)awidthshow
197 162 gm
1.11679 0. 32 0.11167 0.(JTC1/SC21/WG6 and CCITT Question 19/VII Collaborative ad hoc)awidthshow
213 162 gm
-0.06092 0.(Meeting on Security in Berlin, Oct. 30, 1990)ashow
245 90 gm
-0.04473 0.([ISO90d])ashow
245 162 gm
0.12603 0. 32 0.01260 0.(ISO, Information Processing Systems, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.13549 0. 32 0.01354 0.(Working Draft Integrity Frame-)awidthshow
261 162 gm
0.06390 0.(work)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.24520 0. 32 0.02452 0.(, ISO/IEC JTC1/SC21 N5047, July 1990)awidthshow
293 90 gm
-0.09136 0.([ISO90e])ashow
293 162 gm
-0.00869 0.(ISO, Information Processing Systems, )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.00959 0.(Working Draft Non-Repudiation)ashow
309 162 gm
0.03312 0.(Framework)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.12298 0. 32 0.01229 0.(, ISO/IEC JTC1/SC21 N5046, July, 1990)awidthshow
341 90 gm
-0.04380 0.([ISO90f])ashow
341 162 gm
0.84091 0. 32 0.08409 0.(D. Kim, Y. Kim, H. Shin, H. Choi, T. Park, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.29287 0. 32 0.12928 0.(Proposal of a Common)awidthshow
357 162 gm
2.00332 0. 32 0.20033 0.(Security Service Element in the OSI Application Layer)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.65634 0. 32 0.16563 0.(,  ISO/IEC)awidthshow
373 162 gm
-0.01795 0.(JTC1/SC21 N5002 Attachment, Sep. 1990)ashow
405 90 gm
([ITS90])show
405 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
3.67599 0. 32 0.36759 0.(Information Technology Security Evaluation Criteria \(ITSEC\),)awidthshow
421 162 gm
1.27655 0. 32 0.12765 0.(Harmonised Criteria of France \320 Germany \320 the Netherlands \320\312the)awidthshow
437 162 gm
0.19393 0. 32 0.01939 0.(United Kingdom)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.09735 0. 32 0.00973 0.(, Draft, May 2, 1990)awidthshow
469 90 gm
([Kar86])show
469 162 gm
-0.01637 0.(A. Karila, )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.01905 0.(Portable Protocol Development and Run-Time Environment)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
485 162 gm
-0.02189 0.(Licentiate's thesis, Helsinki University of Technology, Apr. 1986)ashow
517 90 gm
([Kar87])show
517 162 gm
0.58258 0. 32 0.05825 0.(A. Karila, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.81726 0. 32 0.08172 0.(C-VOPS \320 A Portable Environment for Protocol Develop-)awidthshow
533 162 gm
2.61917 0. 32 0.26191 0.(ment and Implementation)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.98928 0. 32 0.19892 0.(, Proceedings of IFIP TC6 International)awidthshow
549 162 gm
3.19961 0. 32 0.31996 0.(Conference on Information Network and Data Communication,)awidthshow
565 162 gm
0.32730 0. 32 0.03273 0.(Sweden, May 11-14, 1986, North Holland, 1987, pp. 19-34)awidthshow
597 90 gm
-0.05162 0.([Kat90])ashow
597 162 gm
0.44586 0. 32 0.04458 0.(Dave Katz, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.54626 0. 32 0.05462 0.(The Use of Connectionless Network Layer Protocols over)awidthshow
613 162 gm
1.61270 0. 32 0.16127 0.(FDDI Networks)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.15509 0. 32 0.11550 0.(, ACM Computer Communication Review, Vol. 20,)awidthshow
629 162 gm
0.57144 0. 32 0.05714 0.(No. 3, July 1990, pp. 32-45)awidthshow
661 90 gm
([Ken89])show
661 162 gm
1.06170 0. 32 0.10617 0.(S. Kent, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.66259 0. 32 0.16625 0.(Comments on "Security Problems in the TCP/IP Protocol)awidthshow
677 162 gm
0.11592 0.(Suite")ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.50033 0. 32 0.05003 0.(, ACM Computer Communication Review, Vol. 19, No. 3, July)awidthshow
693 162 gm
0.59036 0. 32 0.05903 0.(1989, pp. 10-19)awidthshow
725 90 gm
([KHA90])show
725 162 gm
1.49414 0. 32 0.14941 0.(A. Karila, J. Harju, I. Airaksinen, M. Siev\212nen, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.65884 0. 32 0.26588 0.(Inserting Security)awidthshow
741 162 gm
0.19592 0. 32 0.01959 0.(Mechanisms into OSI Layers \320 a Case Study)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.28900 0. 32 0.02890 0.(, Lappeenranta University)awidthshow
757 162 gm
-0.01718 0.(of Technology, 1990)ashow
F T cp
%%Page: ? 14
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(126)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 452 gm
-0.07005 0.(Bibliography)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.05824 0.([KLP83])ashow
101 162 gm
2.45834 0. 32 0.24583 0.(A. Karila, K. L\214ng, P. Pulli, Tietoliikennesovittimen toiminta ja)awidthshow
117 162 gm
0.26535 0. 32 0.02653 0.(rakenne, \()awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.25085 0. 32 0.02508 0.(Functional Specification and Structure of a Transport Layer)awidthshow
133 162 gm
0.05635 0.(Gateway)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.19561 0. 32 0.01956 0.(, in Finnish\), Technical Research Centre of Finland, Research)awidthshow
149 162 gm
0.49346 0. 32 0.04934 0.(Notes 252, 1983, 94 p.)awidthshow
181 90 gm
-0.06323 0.([KM91])ashow
181 162 gm
1.55349 0. 32 0.15534 0.(J. Koivisto, J. Malka, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.21740 0. 32 0.22174 0.(DVOPS \320 An Object-Oriented Approach to)awidthshow
197 162 gm
0.35278 0. 32 0.03527 0.(Distributed Computation)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.18371 0. 32 0.01837 0.(, to be presented in the Usenix'91 conference,)awidthshow
213 162 gm
-0.08624 0.(Technical Research Centre of Finland, January 1991)ashow
245 90 gm
([Koi87])show
245 162 gm
0.31448 0. 32 0.03144 0.(J. Koivisto, Sovelluskerroksen tietoyksik\232iden automaattinen k\212sittely)awidthshow
261 162 gm
0.06896 0. 32 0.00689 0.(standardikuvauskielen perusteella, \()awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.06118 0. 32 0.00611 0.(Automatic Handling of Application)awidthshow
277 162 gm
1.99279 0. 32 0.19927 0.(Layer Data Units Based on a Standard Description Language)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.08078 0. 32 0.10807 0.(, in)awidthshow
293 162 gm
0.38269 0. 32 0.03826 0.(Finnish\), Master's Thesis, Helsinki University of Technology, Depart-)awidthshow
309 162 gm
-0.06513 0.(ment of Technical Physics, 1987)ashow
341 90 gm
-0.10711 0.([Lan81])ashow
341 162 gm
-0.02465 0.(C. Landwehr, )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.02462 0.(Formal Models for Computer Security)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.03013 0.(, ACM Computing)ashow
357 162 gm
0.57937 0. 32 0.05793 0.(Surveys, Vol. 13, No. 3, Sept. 1981, pp. 247-278)awidthshow
389 90 gm
-0.05154 0.([LLH89])ashow
389 162 gm
1.73812 0. 32 0.17381 0.(C.-S.Laih, J.-Y. Lee, L. Harn, Y.-K. Su, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.72842 0. 32 0.27284 0.(Linearly Shift Knapsack)awidthshow
405 162 gm
1.59622 0. 32 0.15962 0.(Public-Key Cryptosystem)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.73791 0. 32 0.07379 0.(,  IEEE Journal on Selected Areas in Com-)awidthshow
421 162 gm
0.28884 0. 32 0.02888 0.(munications, Vol. 7, No. 4, May 1989, pp. 534-547)awidthshow
453 90 gm
([LS90])show
453 162 gm
2.95989 0. 32 0.29598 0.(W.-P. Lu, M. Sundareshan, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.87902 0. 32 0.28790 0.(A Model for Multilevel Security in)awidthshow
469 162 gm
-0.00917 0.(Computer Networks)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.00830 0.(, IEEE Transactions on Software Engineering, Vol.)ashow
485 162 gm
0.58166 0. 32 0.05816 0.(16, No. 6, June 1990, pp. 647-659)awidthshow
517 90 gm
-0.12931 0.([LT90])ashow
517 162 gm
1.06155 0. 32 0.10615 0.(L. Landweber, M. Tasman, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.26434 0. 32 0.12643 0.(An ISO TP4-TP0 Gateway)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.13082 0. 32 0.11308 0.(, ACM Com-)awidthshow
533 162 gm
0.08468 0. 32 0.00846 0.(puter Communication Review, Vol. 20, No. 2, April 1990, pp. 16-21)awidthshow
565 90 gm
-0.10771 0.([Mas88])ashow
565 162 gm
0.27603 0. 32 0.02760 0.(J. Massey, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.42800 0. 32 0.04280 0.(An Introduction to Contemporary Cryptology)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.47164 0. 32 0.04716 0.(, Proceedings)awidthshow
581 162 gm
0.24932 0. 32 0.02493 0.(of the IEEE, Vol. 76, No. 5, May 1988, pp. 533-549)awidthshow
613 90 gm
-0.16213 0.([Mer89])ashow
613 162 gm
2.34085 0. 32 0.23408 0.(R. Merkle, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.81539 0. 32 0.28153 0.(One Way Hash Functions and DES)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
2.94540 0. 32 0.29454 0.(, Proceedings of)awidthshow
629 162 gm
0.15930 0. 32 0.01593 0.(Crypto'89, Santa Barbara, October, 1989)awidthshow
661 90 gm
-0.06323 0.([MH78])ashow
661 162 gm
2.63977 0. 32 0.26397 0.(R. Merkle, M. Hellman, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
3.38897 0. 32 0.33889 0.(Hiding Information and Signatures in)awidthshow
677 162 gm
1.01150 0. 32 0.10115 0.(Trapdoor Knapsack)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.63186 0. 32 0.06318 0.(, IEEE Transactions on Information Theory, Vol.)awidthshow
693 162 gm
0.54321 0. 32 0.05432 0.(IT-24, Sep. 1978, pp. 525-530)awidthshow
725 90 gm
-0.22019 0.([Mit90])ashow
725 162 gm
0.18539 0. 32 0.01853 0.(C. Mitchell, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.21972 0. 32 0.02197 0.(OSI and X.400 Security)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.27679 0. 32 0.02767 0.(, Telecommunications, May 1990,)awidthshow
741 162 gm
0.55953 0. 32 0.05595 0.(pp. 49-54)awidthshow
F T cp
%%Page: ? 15
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(127)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 452 gm
-0.07005 0.(Bibliography)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.26405 0.([MM83])ashow
101 162 gm
0.48110 0. 32 0.04811 0.(R. DeMillo, M. Merritt, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.61218 0. 32 0.06121 0.(Protocols for Data Security)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.64056 0. 32 0.06405 0.(, IEEE Computer)awidthshow
117 162 gm
0.24719 0. 32 0.02471 0.(Magazine, Feb. 1983, pp. 39-51)awidthshow
149 90 gm
-0.21830 0.([MOI90])ashow
149 162 gm
1.33514 0. 32 0.13351 0.(S. Miyaguchi, K. Ohta, M. Iwata, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.90551 0. 32 0.19055 0.(128-bit hash function \(N-Hash\))awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
165 162 gm
-0.02880 0.(proceedings of SECURICOM90, Paris, March 1990)ashow
197 90 gm
-0.10890 0.([Moo88])ashow
197 162 gm
1.39495 0. 32 0.13949 0.(J. Moore, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.29766 0. 32 0.22976 0.(Protocol Failures in Cryptosystems)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.67282 0. 32 0.16728 0.(, Proceedings of the)awidthshow
213 162 gm
0.35827 0. 32 0.03582 0.(IEEE, Vol. 76, No. 5, May 1988, pp. 594-602)awidthshow
245 90 gm
-0.19671 0.([MT79])ashow
245 162 gm
2.90481 0. 32 0.29048 0.(R. Morris, K. Thompson, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
3.47229 0. 32 0.34722 0.(Password Security: A Case History)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
261 162 gm
0.09292 0. 32 0.00929 0.(Communications of the ACM, Vol. 22, Nov. 1979, pp. 594-597)awidthshow
293 90 gm
-0.16384 0.([MWR89])ashow
293 162 gm
1.00189 0. 32 0.10018 0.(C. Mitchell, M. Walker, D. Rush, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.53762 0. 32 0.15376 0.(CCITT/ISO Standards for Secure)awidthshow
309 162 gm
1.45858 0. 32 0.14585 0.(Message Handling)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.86868 0. 32 0.08686 0.(, IEEE Journal on Selected Areas in Communica-)awidthshow
325 162 gm
0.41137 0. 32 0.04113 0.(tions, Vol. 7, No. 4, May 1989, pp. 517-524)awidthshow
357 90 gm
0.11260 0.([NCS87])ashow
357 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.26898 0. 32 0.22689 0.(Trusted Network Interpretation of the Trusted Computer Systems)awidthshow
373 162 gm
1.63879 0. 32 0.16387 0.(Evaluation Criteria)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.26663 0. 32 0.12666 0.(, NCSG-TG-005, Version 1, National Computer)awidthshow
389 162 gm
(Security Center, USA July 31, 1987)show
421 90 gm
-0.05162 0.([Nel88])ashow
421 162 gm
0.10147 0. 32 0.01014 0.(R. Nelson, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.15121 0. 32 0.01512 0.(SDNS Services and Architecture)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.11657 0. 32 0.01165 0.(, 1988)awidthshow
453 90 gm
0.05955 0.([Nes90])ashow
453 162 gm
1.31118 0. 32 0.13111 0.(D. Nessett: )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.48422 0. 32 0.14842 0.(A Critique of the Burrows, Abadi and Needham Logic)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
469 162 gm
-0.08979 0.(ACM Operating Systems Review, 1990)ashow
501 90 gm
0.05841 0.([Nok90])ashow
501 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.75347 0. 32 0.07534 0.(How to Use CASN Compiler for Implementation of a Virtual Task in)awidthshow
517 162 gm
0.01071 0.(CVOPS)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.02960 0. 32 0.00296 0.(, Ver. 1.0, Technical Report, Nokia Research Centre, 1990)awidthshow
549 90 gm
0.13592 0.([NS78])ashow
549 162 gm
1.22756 0. 32 0.12275 0.(R. Needham, R. Schroeder, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.46911 0. 32 0.14691 0.(Using Encryption for Authentication in)awidthshow
565 162 gm
0.22781 0. 32 0.02278 0.(Large Networks of Computers)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.18096 0. 32 0.01809 0.(, Communications of the ACM, Vol. 21,)awidthshow
581 162 gm
0.50979 0. 32 0.05097 0.(No. 12, Dec. 1978, pp. 993-999)awidthshow
613 90 gm
0.13592 0.([NS87])ashow
613 162 gm
0.32958 0. 32 0.03295 0.(R. Needham, R. Schroeder, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.55908 0. 32 0.05590 0.(Authentication Revisited)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.40069 0. 32 0.04006 0.(, ACM Operating)awidthshow
629 162 gm
0.49224 0. 32 0.04922 0.(Systems Review, Vol. 21, No. 1, Jan. 1987, p. 7)awidthshow
661 90 gm
0.13592 0.([NS89])ashow
661 162 gm
0.50994 0. 32 0.05099 0.(K. Nakao, K. Suzuki, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.72204 0. 32 0.07220 0.(Proposal on a Secure Communications Service)awidthshow
677 162 gm
2.61611 0. 32 0.26161 0.(Element \(SCSE\) in the OSI Application Layer)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
2.27905 0. 32 0.22790 0.(, IEEE Journal on)awidthshow
693 162 gm
0.19348 0. 32 0.01934 0.(Selected Areas in Communications, Vol. 7, No. 4, May 1989, pp. 505-)awidthshow
709 162 gm
(516)show
741 90 gm
-0.13064 0.([OR87])ashow
741 162 gm
0.16494 0. 32 0.01649 0.(D. Otway, O. Rees, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.25619 0. 32 0.02561 0.(Efficient and Timely Mutual Authentication)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.23971 0. 32 0.02397 0.(, ACM)awidthshow
757 162 gm
0.29525 0. 32 0.02952 0.(Operating Systems Review, Vol. 21, No. 1, Jan. 1987, pp. 8-10)awidthshow
F T cp
%%Page: ? 16
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(128)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 452 gm
-0.07005 0.(Bibliography)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.19587 0.([OT89])ashow
101 162 gm
0.28854 0. 32 0.02885 0.(E. Okamoto, K. Tanaka, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.35339 0. 32 0.03533 0.(Key Distribution System Based on Identifica-)awidthshow
117 162 gm
-0.00354 0.(tion Information)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.00370 0.(,  IEEE Journal on Selected Areas in Communications,)ashow
133 162 gm
0.41473 0. 32 0.04147 0.(Vol. 7, No. 4, May 1989, pp. 481-485)awidthshow
165 90 gm
([Par90])show
165 162 gm
0.16921 0. 32 0.01692 0.(G. Parulkar, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.22567 0. 32 0.02256 0.(The Next Generation of Internetworking)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.23284 0. 32 0.02328 0.(, ACM Computer)awidthshow
181 162 gm
0.29769 0. 32 0.02976 0.(Communication Review, Vol. 20, No. 1, Jan. 1990, pp. 18-43)awidthshow
213 90 gm
-0.05290 0.([Pat87])ashow
213 162 gm
0.77713 0. 32 0.07771 0.(W. Patterson: )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.00936 0. 32 0.10093 0.(Mathematical Cryptology for Computer Scientists and)awidthshow
229 162 gm
-0.14939 0.(Mathematicians)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.14292 0.(, Rowman & Littlefield, 1987)ashow
261 90 gm
0.13592 0.([PK79])ashow
261 162 gm
0.09826 0. 32 0.00982 0.(G. Popek, C. Kline, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.16052 0. 32 0.01605 0.(Encryption and Secure Computer Networks)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.14419 0. 32 0.01441 0.(, ACM)awidthshow
277 162 gm
0.36773 0. 32 0.03677 0.(Computing Surveys, Vol. 11, No. 4, Dec. 1979, pp. 331-356)awidthshow
309 90 gm
0.13592 0.([PK90])ashow
309 162 gm
1.75521 0. 32 0.17552 0.(D. Piscitello, M. Kramer, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.65197 0. 32 0.26519 0.(Internetworking Using Switched Multi-)awidthshow
325 162 gm
2.51037 0. 32 0.25103 0.(megabit Data Service in TCP/IP Environments)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
2.64434 0. 32 0.26443 0.(, ACM Computer)awidthshow
341 162 gm
0.22903 0. 32 0.02290 0.(Communication Review, Vol. 20, No. 3, July 1990, pp. 62-71)awidthshow
373 90 gm
0.11314 0.([PSI90])ashow
373 162 gm
0.29281 0. 32 0.02928 0.(PSI Inc., )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.59448 0. 32 0.05944 0.(ISODE 6.0 Announcement)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.34088 0. 32 0.03408 0.(, Jan. 1990)awidthshow
405 90 gm
-0.06251 0.([QG90])ashow
405 162 gm
0.69503 0. 32 0.06950 0.(J.-J. Quisquater, L. Guillou, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.91552 0. 32 0.09155 0.(How to Explain Zero-Knowledge Proto-)awidthshow
421 162 gm
-0.02455 0.(cols to Your Children)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.02984 0.(, 1990)ashow
453 90 gm
([RFC81a])show
453 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.01690 0.(Internet Protocol)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.01890 0.(, RFC 791, Sep. 1981)ashow
485 90 gm
0.04783 0.([RFC81b])ashow
485 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.01380 0.(Transmission Control Protocol)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.01457 0.(, RFC 793, Sep. 1981)ashow
517 90 gm
([RFC89a])show
517 162 gm
0.89279 0. 32 0.08927 0.(J. Linn, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.47094 0. 32 0.14709 0.(Privacy Enhancement for Internet Electronic Mail: Part I:)awidthshow
533 162 gm
1.64459 0. 32 0.16445 0.(Message Encipherment and Authentication Procedures)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.09146 0. 32 0.10914 0.(, RFC 1113,)awidthshow
549 162 gm
(1989)show
581 90 gm
0.04783 0.([RFC89b])ashow
581 162 gm
-0.12692 0.(S. Kent, J. Linn, )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.14340 0.(Privacy Enhancement for Internet Electronic Mail: Part)ashow
597 162 gm
-0.06845 0.(II: Certificate-Based Key Management)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.07530 0.(, RFC 1114, 1989)ashow
629 90 gm
([RFC89c])show
629 162 gm
0.54183 0. 32 0.05418 0.(J. Linn, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.90362 0. 32 0.09036 0.(Privacy Enhancement for Internet Electronic Mail: Part III:)awidthshow
645 162 gm
0.07217 0. 32 0.00721 0.(Algorithms, Modes and Identifiers)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.05264 0. 32 0.00526 0.(, RFC 1115, 1989)awidthshow
677 90 gm
0.11260 0.([RHF90])ashow
677 162 gm
1.20452 0. 32 0.12045 0.(F. Ross, J. Hamstra, R. Fink, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.50222 0. 32 0.15022 0.(FDDI \320 A LAN Among MANs)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.82632 0. 32 0.18263 0.(, ACM)awidthshow
693 162 gm
0.38879 0. 32 0.03887 0.(Computer Communication Review, Vol. 20, No. 3, July 1990, pp. 16-)awidthshow
709 162 gm
(31)show
741 90 gm
-0.05401 0.([Riv90])ashow
741 162 gm
1.40487 0. 32 0.14048 0.(R. Rivest, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.10845 0. 32 0.21084 0.(The MD4 Message Digest Algorithm)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
2.03598 0. 32 0.20359 0.( \(Version 2/17/90,)awidthshow
757 162 gm
0.08407 0. 32 0.00840 0.(Revised\), ISO/IEC JTC1/SC 27/WG20.2 N193, April 4, 1990)awidthshow
F T cp
%%Page: ? 17
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(129)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 452 gm
-0.07005 0.(Bibliography)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.05711 0.([Ros90])ashow
101 162 gm
-0.00822 0.(M. Rose, )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.00807 0.(The Open Book, OSI \320 a Practical Perspective)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.00761 0.(, Prentice Hall,)ashow
117 162 gm
(1990)show
149 90 gm
-0.05398 0.([RSA78])ashow
149 162 gm
1.12152 0. 32 0.11215 0.(R. Rivest, A. Shamir, L. Adleman, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.37756 0. 32 0.13775 0.(A Method for Obtaining Digital)awidthshow
165 162 gm
1.92489 0. 32 0.19248 0.(Signatures and Public-Key Cryptosystems)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.49810 0. 32 0.14981 0.(, Communications of the)awidthshow
181 162 gm
0.49301 0. 32 0.04930 0.(ACM, Vol. 21, No. 2, Feb. 1978, pp. 120-126)awidthshow
213 90 gm
-0.05268 0.([Rue90])ashow
213 162 gm
0.34042 0. 32 0.03404 0.(R. Rueppel, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.42739 0. 32 0.04273 0.(A Formal Approach to Security Architectures)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.32333 0. 32 0.03233 0.(, preprint of)awidthshow
229 162 gm
0.91888 0. 32 0.09188 0.(paper to be presented in Eurocrypt'91, April 8 \320 11, 1991, Brighton,)awidthshow
245 162 gm
-0.01077 0.(England, dated Dec. 17, 1990)ashow
277 90 gm
-0.05268 0.([Rue91])ashow
277 162 gm
0.17532 0. 32 0.01753 0.(Lecture by and discussion with Rainer Rueppel at Helsinki University,)awidthshow
293 162 gm
-0.02400 0.(March 18, 1991)ashow
325 90 gm
-0.04417 0.([SDN89a])ashow
325 162 gm
2.07717 0. 32 0.20771 0.(SDNS, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.00210 0. 32 0.20021 0.(Secure Data Network Systems, Security Protocol 3 \(SP3\))awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
341 162 gm
0.27847 0. 32 0.02784 0.(Specification SDN.301, Revision 1.4, Feb. 28, 1989)awidthshow
373 90 gm
([SDN89b])show
373 162 gm
2.07717 0. 32 0.20771 0.(SDNS, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.00210 0. 32 0.20021 0.(Secure Data Network Systems, Security Protocol 4 \(SP4\))awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
389 162 gm
0.09704 0. 32 0.00970 0.(Specification SDN.401, Revision 1.3, May 2, 1989)awidthshow
421 90 gm
0.05824 0.([SEG90])ashow
421 162 gm
3.09341 0. 32 0.30934 0.(Security EDIFACT Group, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
3.50097 0. 32 0.35009 0.(Security Framework for EDIFACT)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
437 162 gm
0.38894 0. 32 0.03889 0.(MD4.B, Document 1.19, v. 1.0, \(draft\), 7 June, 1990)awidthshow
469 90 gm
([Sha49])show
469 162 gm
0.48812 0. 32 0.04881 0.(C. Shannon, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.66101 0. 32 0.06610 0.(Communication Theory of Secrecy Systems)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.50643 0. 32 0.05064 0.(, Bell System)awidthshow
485 162 gm
0.08956 0. 32 0.00895 0.(Technical Journal, Vol. 28, Oct. 1949, pp. 656-715)awidthshow
517 90 gm
([Sha85])show
517 162 gm
2.04086 0. 32 0.20408 0.(A. Shamir, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
3.23059 0. 32 0.32305 0.(Identity-Based Cryptosystem and Signature Scheme)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
533 162 gm
0.72952 0. 32 0.07295 0.(Advances in Cryptology: Proceedings of Crypto'84, Springer, Berlin,)awidthshow
549 162 gm
0.59036 0. 32 0.05903 0.(1985, pp. 47-53)awidthshow
581 90 gm
-0.05419 0.([Sim79])ashow
581 162 gm
3.95858 0. 32 0.39585 0.(G. Simmons, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
5.53909 0. 32 0.55390 0.(Symmetric and Asymmetric Encryption)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
4.56970 0. 32 0.45697 0.(, ACM)awidthshow
597 162 gm
0.36773 0. 32 0.03677 0.(Computing Surveys, Vol. 11, No. 4, Dec. 1979, pp. 305-330)awidthshow
629 90 gm
-0.05419 0.([Sim84])ashow
629 162 gm
1.77154 0. 32 0.17715 0.(G. Simmons, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.86254 0. 32 0.28625 0.(Authentication Theory/Coding Theory)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.76193 0. 32 0.17619 0.(, Advances in)awidthshow
645 162 gm
1.36932 0. 32 0.13693 0.(Cryptology, Proceedings of Crypto '84, Springer, New York, 1985,)awidthshow
661 162 gm
0.50354 0. 32 0.05035 0.(pp. 411-431)awidthshow
693 90 gm
-0.05419 0.([Sim88])ashow
693 162 gm
0.56213 0. 32 0.05621 0.(G. Simmons, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.66131 0. 32 0.06613 0.(A Survey of Information Authentication)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.60455 0. 32 0.06045 0.(, Proceedings of)awidthshow
709 162 gm
0.27282 0. 32 0.02728 0.(the IEEE, Vol. 76, No. 5, May 1988, pp. 603-620)awidthshow
F T cp
%%Page: ? 18
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(130)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 452 gm
-0.07005 0.(Bibliography)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.05419 0.([Sim89])ashow
101 162 gm
1.01623 0. 32 0.10162 0.(G. Simmons, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.96298 0. 32 0.09629 0.(A Protocol to Provide Verifiable Proof of Identity and)awidthshow
117 162 gm
0.41900 0. 32 0.04190 0.(Unforgeable Transaction Receipts)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.24154 0. 32 0.02415 0.(, IEEE Journal on Selected Areas in)awidthshow
133 162 gm
0.25665 0. 32 0.02566 0.(Communications, Vol. 7, No. 4, May 1989, pp. 435-447)awidthshow
165 90 gm
-0.06480 0.([SM87])ashow
165 162 gm
0.33859 0. 32 0.03385 0.(A. Shimizu, S. Miyaguchi, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.44616 0. 32 0.04461 0.(Fast Data Encipherment Algorithm FEAL)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
181 162 gm
-0.00250 0.(Proceedings of Eurocrypt'87, April 1987)ashow
213 90 gm
0.11260 0.([SNC88])ashow
213 162 gm
-0.00308 0.(J. Steiner, C. Neuman, J. Schiller, )ashow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.00349 0.(Kerberos: An Authentication Service)ashow
229 162 gm
0.15609 0. 32 0.01560 0.(for Open Network Systems)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.13580 0. 32 0.01358 0.(, Project Athena, MIT, 1988)awidthshow
261 90 gm
-0.21830 0.([TED89])ashow
261 162 gm
1.64901 0. 32 0.16490 0.(The TEDIS \320 EDI Security Workshop, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.93252 0. 32 0.19325 0.(Security in a Multi-Owner)awidthshow
277 162 gm
0.16564 0.(System)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.60394 0. 32 0.06039 0.(, Brussels, June 20-21, 1989)awidthshow
309 90 gm
-0.23365 0.([TED90a])ashow
309 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.30346 0. 32 0.23034 0.(TEDIS Programme 1988-1989)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.39816 0. 32 0.13981 0.(, Activity Report, Brussels, July 25,)awidthshow
325 162 gm
(1990)show
357 90 gm
-0.18713 0.([TED90b])ashow
357 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.44631 0. 32 0.04463 0.(Digital Signatures in EDIFACT)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.37551 0. 32 0.03755 0.(, a TEDIS programme report prepared)awidthshow
373 162 gm
-0.00614 0.(by CRYPTOMATHIC A/S, final version, Nov. 29, 1990)ashow
405 90 gm
-0.21830 0.([TTY88])ashow
405 162 gm
0.19332 0. 32 0.01933 0.(Kari L\214ng \(editor\), Tietotekniikan kehitt\212misohjelma FINPRIT: Tieto-)awidthshow
421 162 gm
0.19821 0. 32 0.01982 0.(tekniikan yhdent\212minen, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.15029 0. 32 0.01502 0.(final report \(concise version\) of the FINPRIT)awidthshow
437 162 gm
-0.06710 0.(research program)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.06324 0.( \(in Finnish\), TEKES, Helsinki, 1988)ashow
469 90 gm
-0.06251 0.([VK83])ashow
469 162 gm
1.09130 0. 32 0.10913 0.(V. Voydock, S. Kent, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.67968 0. 32 0.16796 0.(Security Mechanisms in High-Level Network)awidthshow
485 162 gm
0.04516 0.(Protocols)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.17471 0. 32 0.01747 0.(, Computing Surveys, Vol. 15, June 1983, pp. 135-171)awidthshow
517 90 gm
-0.16213 0.([Wal89])ashow
517 162 gm
0.10787 0. 32 0.01078 0.(S. Walker, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.12054 0. 32 0.01205 0.(Network Security: The Parts of the Sum)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.12054 0. 32 0.01205 0.(, Proceedings of the)awidthshow
533 162 gm
1.26663 0. 32 0.12666 0.(1989 IEEE Computer Society Symposium on Security and Privacy,)awidthshow
549 162 gm
0.26611 0. 32 0.02661 0.(Oakland, 1989, pp. 2-9)awidthshow
581 90 gm
-0.05210 0.([Woo87])ashow
581 162 gm
1.75521 0. 32 0.17552 0.(C. Wood & al., )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
3.50555 0. 32 0.35055 0.(Computer Security: A Comprehensive Controls)awidthshow
597 162 gm
0.02149 0.(Checklist)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.08499 0. 32 0.00849 0.(, Wiley, New York, 1987)awidthshow
629 90 gm
-0.05210 0.([Woo90])ashow
629 162 gm
3.19458 0. 32 0.31945 0.(C. Wood, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
4.56146 0. 32 0.45614 0.(Principles of Secure Information Systems Design)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
645 162 gm
0.34439 0. 32 0.03443 0.(Computers & Security, Vol. 9, No. 1, Feb. 1990, pp. 13-24)awidthshow
677 90 gm
0.27015 0.([X.21])ashow
677 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.25717 0. 32 0.12571 0.(Interface between data terminal equipment \(DTE\) and data circuit-)awidthshow
693 162 gm
-0.08351 0.(terminating-equipment \(DCE\) for synchronous operation on public data)ashow
709 162 gm
0.62528 0.(networks)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
2.57614 0. 32 0.25761 0.(, CCITT Recommendation X.21, Blue Book Vol. VIII,)awidthshow
725 162 gm
0.07003 0. 32 0.00700 0.(Fascicle VIII.2, Geneva, 1989)awidthshow
F T cp
%%Page: ? 19
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(131)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 452 gm
-0.07005 0.(Bibliography)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.27015 0.([X.25])ashow
101 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.25717 0. 32 0.12571 0.(Interface between data terminal equipment \(DTE\) and data circuit-)awidthshow
117 162 gm
-0.16287 0.(terminating-equipment \(DCE\) for terminals operating in the packet mode)ashow
133 162 gm
1.10412 0. 32 0.11041 0.(and connected to public data networks by dedicated circuit)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.36383 0. 32 0.13638 0.(, CCITT)awidthshow
149 162 gm
0.33416 0. 32 0.03341 0.(Recommendation X.25 \(see also ISO 7776 and ISO 8208\), Blue Book)awidthshow
165 162 gm
0.08605 0. 32 0.00860 0.(Vol. VIII, Fascicle VIII.2, Geneva, 1989)awidthshow
197 90 gm
0.22509 0.([X.200])ashow
197 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
3.63220 0. 32 0.36322 0.(Reference Model of Open Systems Interconnection for CCITT)awidthshow
213 162 gm
0.08099 0.(Applications)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.37155 0. 32 0.03715 0.(, CCITT Recommendation X.200 \(ISO 7498\), Blue Book)awidthshow
229 162 gm
0.08605 0. 32 0.00860 0.(Vol. VIII, Fascicle VIII.4, Geneva, 1989)awidthshow
261 90 gm
0.22509 0.([X.224])ashow
261 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.05635 0.(Transport Protocol Specification)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.06652 0.(, CCITT Recommendation X.224 \(ISO)ashow
277 162 gm
0.08117 0. 32 0.00811 0.(8073\), Blue Book Vol. VIII, Fascicle VIII.5, Geneva, 1989)awidthshow
309 90 gm
0.22509 0.([X.208])ashow
309 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.94281 0. 32 0.29428 0.(Specification of Abstract Syntax Notation One \(ASN.1\))awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
3.21380 0. 32 0.32138 0.(, CCITT)awidthshow
325 162 gm
0.48049 0. 32 0.04804 0.(Recommendation X.208 \(ISO 8824, ISO 8824/AD1\), Blue Book Vol.)awidthshow
341 162 gm
0.10314 0. 32 0.01031 0.(VIII, Fascicle VIII.4, Geneva, 1989)awidthshow
373 90 gm
0.22509 0.([X.209])ashow
373 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.07142 0.(Specification of Basic Encoding Rules for Abstract Syntax Notation One)ashow
389 162 gm
0.05513 0.(\(ASN.1\))ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.24581 0. 32 0.02458 0.(, CCITT Recommendation X.208 \(ISO 8825, ISO 8825/AD1\),)awidthshow
405 162 gm
0.00839 0. 32 0.00083 0.(Blue Book Vol. VIII, Fascicle VIII.4, Geneva, 1989)awidthshow
437 90 gm
0.22509 0.([X.210])ashow
437 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
(Layer Service Definition Conventions)show
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(, CCITT Recommendation X.210)show
453 162 gm
0.02746 0. 32 0.00274 0.(\(ISO TR 8509\), Blue Book Vol. VIII, Fascicle VIII.4, Geneva, 1989)awidthshow
485 90 gm
0.22509 0.([X.213])ashow
485 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.15377 0. 32 0.21537 0.(Network Service Definition for Open Systems Interconnection for)awidthshow
501 162 gm
0.55404 0. 32 0.05540 0.(CCITT Applications)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.37567 0. 32 0.03756 0.(, CCITT Recommendation X.213 \(ISO 8348, ISO)awidthshow
517 162 gm
1.56723 0. 32 0.15672 0.(8348/AD2, ISO 8348/AD3\), Blue Book Vol. VIII, Fascicle VIII.4,)awidthshow
533 162 gm
0.17044 0. 32 0.01704 0.(Geneva, 1989)awidthshow
565 90 gm
0.22509 0.([X.217])ashow
565 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.50671 0. 32 0.25067 0.(Association Control Service Definition for Open Systems Interc-)awidthshow
581 162 gm
1.36123 0. 32 0.13612 0.(onnection for CCITT Applications)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.45050 0. 32 0.14505 0.(, CCITT Recommendation X.217)awidthshow
597 162 gm
0.05203 0. 32 0.00520 0.(\(ISO 8649\), Blue Book Vol. VIII, Fascicle VIII.4, Geneva, 1989)awidthshow
629 90 gm
0.22509 0.([X.218])ashow
629 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.06518 0.(Reliable Transfer: Model and Service Definition)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.08303 0.(, CCITT Recommenda-)ashow
645 162 gm
2.45712 0. 32 0.24571 0.(tion X.218 \(ISO 9066-1\), Blue Book Vol. VIII, Fascicle VIII.4,)awidthshow
661 162 gm
0.17044 0. 32 0.01704 0.(Geneva, 1989)awidthshow
693 90 gm
0.22509 0.([X.219])ashow
693 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.88073 0. 32 0.08807 0.(Remote Operations: Model, Notation and Service Definition)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.90423 0. 32 0.09042 0.(, CCITT)awidthshow
709 162 gm
0.47317 0. 32 0.04731 0.(Recommendation X.219 \(ISO 9072-1\), Blue Book Vol. VIII, Fascicle)awidthshow
725 162 gm
0.43975 0. 32 0.04397 0.(VIII.4, Geneva, 1989)awidthshow
F T cp
%%Page: ? 20
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(132)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 452 gm
-0.07005 0.(Bibliography)ashow
101 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
0.22509 0.([X.224])ashow
101 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.05635 0.(Transport Protocol Specification)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.06652 0.(, CCITT Recommendation X.224 \(ISO)ashow
117 162 gm
0.08117 0. 32 0.00811 0.(8073\), Blue Book Vol. VIII, Fascicle VIII.5, Geneva, 1989)awidthshow
149 90 gm
0.22509 0.([X.227])ashow
149 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.22024 0. 32 0.12202 0.(Protocol Specification for the Association Control Service Element)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
165 162 gm
1.55151 0. 32 0.15515 0.(CCITT Recommendation X.227 \(ISO 8650\), Blue Book Vol. VIII,)awidthshow
181 162 gm
0.07003 0. 32 0.00700 0.(Fascicle VIII.5, Geneva, 1989)awidthshow
213 90 gm
0.22509 0.([X.228])ashow
213 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.12292 0.(Protocol Specification for the Reliable Transfer Service Element)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.17185 0.(, CCITT)ashow
229 162 gm
0.47317 0. 32 0.04731 0.(Recommendation X.228 \(ISO 9066-2\), Blue Book Vol. VIII, Fascicle)awidthshow
245 162 gm
0.43975 0. 32 0.04397 0.(VIII.5, Geneva, 1989)awidthshow
277 90 gm
0.22509 0.([X.229])ashow
277 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.48666 0. 32 0.14866 0.(Protocol Specification for the Remote Operations Service Element)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
(,)show
293 162 gm
0.81542 0. 32 0.08154 0.(CCITT Recommendation X.229 \(ISO 9072-2\), Blue Book Vol. VIII,)awidthshow
309 162 gm
0.07003 0. 32 0.00700 0.(Fascicle VIII.5, Geneva, 1989)awidthshow
341 90 gm
0.22509 0.([X.400])ashow
341 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.84951 0. 32 0.18495 0.(Message Handling, Part 1: System and Service Overview)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
2.10052 0. 32 0.21005 0.(, CCITT)awidthshow
357 162 gm
3.00247 0. 32 0.30024 0.(Recommendation X.400, Blue Book Vol. VIII, Fascicle VIII.7,)awidthshow
373 162 gm
0.17044 0. 32 0.01704 0.(Geneva, 1989)awidthshow
405 90 gm
0.22509 0.([X.500])ashow
405 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
0.47378 0. 32 0.04737 0.(The Directory \320 Overview of Concepts, Models, and Services)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.56533 0. 32 0.05653 0.(, CCITT)awidthshow
421 162 gm
1.09069 0. 32 0.10906 0.(Recommendation X.500 \(Melbourne 1988, ISO 9594-1\), Blue Book)awidthshow
437 162 gm
0.08605 0. 32 0.00860 0.(Vol. VIII, Fascicle VIII.8, Geneva, 1989)awidthshow
469 90 gm
0.22509 0.([X.509])ashow
469 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
-0.01351 0.(The Directory, Part 8:\312Authentication Framework)ashow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
-0.01687 0.(, CCITT Recommen-)ashow
485 162 gm
1.18942 0. 32 0.11894 0.(dation X.509 \(Melbourne 1988, ISO 9594-1\), Blue Book Vol. VIII,)awidthshow
501 162 gm
0.07003 0. 32 0.00700 0.(Fascicle VIII.8, Geneva, 1989)awidthshow
533 90 gm
0.11396 0.([Z.100])ashow
533 162 gm
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
1.58706 0. 32 0.15870 0.(Functional Specification and Description Language \(SDL\))awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
1.50024 0. 32 0.15002 0.(, CCITT)awidthshow
549 162 gm
1.67098 0. 32 0.16709 0.(\312Recommendations Z.100 and Z.110,  Blue Book Vol. X, Fascicle)awidthshow
565 162 gm
0.74874 0. 32 0.07487 0.(X.1, Geneva, 1989)awidthshow
597 90 gm
-0.12931 0.([ZE90])ashow
597 162 gm
1.71463 0. 32 0.17146 0.(R. Zamparo, G. Endersz, )awidthshow
2 fs
bu fc
2 F /|______Times-Italic fnt
bn
2.19467 0. 32 0.21946 0.(Architecture and Testbed Realization of)awidthshow
613 162 gm
0.66833 0. 32 0.06683 0.(Security Services in an OSI Communication Environment)awidthshow
0 fs
bu fc
2 F /|______Times-Roman fnt
bn
0.48736 0. 32 0.04873 0.(, preprint of)awidthshow
629 162 gm
-0.00457 0.(presentation at ICCC in Nov. 1990 at New Delhi, Sep. 4, 1990)ashow
F T cp
%%Trailer
cd
end
%%Pages: 20 0

% Next: Glossary

%!PS-Adobe-2.0
%%Title: Glossary
%%Creator: NoWord
%%Pages: (atend)
%%BoundingBox: ? ? ? ?
%%PageBoundingBox: 28 30 566 811
%%For: AriA
%%IncludeProcSet: "(AppleDict md)" 68 0
%%EndComments
%%EndProlog
%%BeginDocumentSetup
md begin

T T -30 -28 811 566 100 72 72 3 F F F F T T T psu
(AriA; document: Glossary)jn
0 mf
od
%%EndDocumentSetup
%%Page: ? 1
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
bu fc
{}mark T /Times-Roman /|______Times-Roman 0 rf
bn
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(132)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 469 gm
-0.07739 0.(Glossary)ashow
110 90 gm
1 fs
bu fc
{}mark T /Times-Bold /|______Times-Bold 0 rf
bn
18 fz
bu fc
2 F /|______Times-Bold fnt
bn
0.57254 0.(Glossary)ashow
141 90 gm
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.22259 0.(ACSE)ashow
141 171 gm
-0.15521 0.(Association Control Service Element)ashow
169 90 gm
(ANSI)show
169 171 gm
-0.14611 0.(American National Standards Institute)ashow
197 90 gm
-0.22010 0.(APDU)ashow
197 171 gm
-0.18243 0.(Application Protocol Data Unit)ashow
225 90 gm
-0.66499 0.(ARQ)ashow
225 171 gm
-0.20104 0.(Automatic Repeat Request)ashow
253 90 gm
-0.33200 0.(ASE)ashow
253 171 gm
-0.21589 0.(Application Service Element)ashow
281 90 gm
0.25074 0.(ASN.1)ashow
281 171 gm
-0.11862 0.(Abstract Syntax Notation 1)ashow
309 90 gm
-0.83007 0.(ATM)ashow
309 171 gm
-0.07757 0.(Asynchronous Transfer Mode)ashow
337 90 gm
-0.16897 0.(BER)ashow
337 171 gm
-0.10409 0.(Basic Encoding Rules)ashow
365 90 gm
-0.66708 0.(CA)ashow
365 171 gm
-0.19529 0.(Certification Authority)ashow
393 90 gm
(CBC)show
393 171 gm
-0.11593 0.(Cipher Block Chaining)ashow
421 90 gm
-0.16528 0.(CCITT)ashow
421 171 gm
-0.15966 0.(Comit\216 Consultatif International de Telephonique et Telegraphique)ashow
435 171 gm
-0.14686 0.(\(International Consultative Committee of Telephony and Telegraphy\))ashow
463 90 gm
(CEP)show
463 171 gm
-0.10456 0.(Connection End-Point)ashow
491 90 gm
(CEPI)show
491 171 gm
-0.12063 0.(Connection End-Point Identifier)ashow
519 90 gm
0.16056 0.(CFB)ashow
519 171 gm
-0.10865 0.(Cipher Feed-Back)ashow
547 90 gm
0.11074 0.(CLNP)ashow
547 171 gm
-0.06524 0.(Connectionless Network Protocol)ashow
575 90 gm
0.11074 0.(CLNS)ashow
575 171 gm
-0.07844 0.(Connectionless Network Service)ashow
603 90 gm
(CONS)show
603 171 gm
-0.12504 0.(Connection-Oriented Network Service)ashow
631 90 gm
-0.13307 0.(C-VOPS)ashow
631 171 gm
-0.16479 0.(C-language Virtual Operating System)ashow
659 90 gm
-0.33200 0.(DES)ashow
659 171 gm
-0.15724 0.(Data Encryption Standard)ashow
687 90 gm
-0.16352 0.(DIS)ashow
687 171 gm
-0.15777 0.(Draft International Standard)ashow
715 90 gm
-0.66310 0.(DoD)ashow
715 171 gm
-0.19657 0.(Department of Defense)ashow
743 90 gm
-0.33389 0.(DP)ashow
743 171 gm
-0.10009 0.(Draft Proposal)ashow
F T cp
%%Page: ? 2
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(133)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 469 gm
-0.07739 0.(Glossary)ashow
97 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.49853 0.(DSA)ashow
97 171 gm
-0.17156 0.(Directory Server Agent)ashow
125 90 gm
-0.49472 0.(DUA)ashow
125 171 gm
-0.15484 0.(Directory User Agent)ashow
153 90 gm
-0.26483 0.(D-VOPS)ashow
153 171 gm
-0.17935 0.(Distributed Virtual Operating System)ashow
181 90 gm
-0.16897 0.(ECB)ashow
181 171 gm
-0.13882 0.(Electronic Code Bood)ashow
209 90 gm
-0.49313 0.(EDI)ashow
209 171 gm
-0.21450 0.(Electronic Data Interchange)ashow
237 90 gm
-0.33200 0.(EDP)ashow
237 171 gm
-0.15750 0.(Electronic Data Processing)ashow
265 90 gm
(EESP)show
265 171 gm
-0.09712 0.(End-to-End Security Protocol)ashow
293 90 gm
(EESP)show
293 171 gm
-0.09712 0.(End-to-End Security Protocol)ashow
321 90 gm
-0.11160 0.(EFSA)ashow
321 171 gm
-0.17660 0.(Extended Finite State Automaton)ashow
349 90 gm
-0.16551 0.(EFT)ashow
349 171 gm
-0.09461 0.(Electronic Funds Transfer)ashow
377 90 gm
-0.33013 0.(FDDI)ashow
377 171 gm
-0.17991 0.(Fiber Distributed Data Interface)ashow
405 90 gm
-0.33135 0.(FEAL)ashow
405 171 gm
-0.13778 0.(Fast Encryption Algorithm)ashow
433 90 gm
-0.44366 0.(FTAM)ashow
433 171 gm
-0.12104 0.(File Transfer, Access and Management)ashow
461 90 gm
0.16403 0.(FTP)ashow
461 171 gm
-0.09292 0.(File Transfer Protocol)ashow
489 90 gm
0.33695 0.(Gb)ashow
489 171 gm
0.35888 0. 32 0.03588 0.(Gigabit \(1,000,000,000 bits\))awidthshow
517 90 gm
0.08476 0.(GOSIP)ashow
517 171 gm
-0.09307 0.(Government OSI Profile)ashow
545 90 gm
-0.32775 0.(IEEE)ashow
545 171 gm
-0.15733 0.(Institute of Electrical and Electronics Engineers)ashow
573 90 gm
0.33601 0.(IP)ashow
573 171 gm
-0.12277 0.(Internet Protocol)ashow
601 90 gm
0.33601 0.(IS)ashow
601 171 gm
-0.14050 0.(International Standard)ashow
629 90 gm
(ISDN)show
629 171 gm
-0.13476 0.(Integrated Services Digital Network)ashow
657 90 gm
-0.16352 0.(ISO)ashow
657 171 gm
-0.16445 0.(International Organization of Standardization)ashow
685 90 gm
-0.33010 0.(ISODE)ashow
685 171 gm
-0.17779 0.(ISO Development Environment)ashow
713 90 gm
-0.33200 0.(JTM)ashow
713 171 gm
-0.11708 0.(Job Transfer and Manipulation)ashow
741 90 gm
(kb)show
741 171 gm
-0.01683 0.(Kilobit \(1,000 bits\))ashow
F T cp
%%Page: ? 3
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(134)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 469 gm
-0.07739 0.(Glossary)ashow
97 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.32806 0.(LAN)ashow
97 171 gm
-0.15319 0.(Local Area Network)ashow
125 90 gm
-0.33200 0.(LLC)ashow
125 171 gm
-0.15682 0.(Logical Link Control)ashow
153 90 gm
-0.66691 0.(MAC)ashow
153 171 gm
-0.16511 0.(Medium Access Control)ashow
181 90 gm
-0.49655 0.(MAN)ashow
181 171 gm
-0.16400 0.(Metropolitan Area Network)ashow
209 90 gm
-0.66708 0.(Mb)ashow
209 171 gm
-0.01345 0.(Megabit \(1,000,000 bits\))ashow
237 90 gm
(MHS)show
237 171 gm
-0.08946 0.(Message Handling System)ashow
265 90 gm
-0.33103 0.(MOTIS)ashow
265 171 gm
-0.15116 0.(Message-Oriented Text Interchange System)ashow
293 90 gm
-0.33782 0.(MS)ashow
293 171 gm
-0.10861 0.(Message Store)ashow
321 90 gm
-0.83007 0.(MTA)ashow
321 171 gm
-0.13958 0.(Message Transfer Agent)ashow
349 90 gm
-0.33406 0.(MTS)ashow
349 171 gm
-0.08819 0.(Message Transfer System)ashow
377 90 gm
0.33100 0.(NBS)ashow
377 171 gm
-0.04168 0.(National Bureau of Standards \(now NIST\))ashow
405 90 gm
0.16450 0.(NCR)ashow
405 171 gm
-0.06271 0.(Network Connection Request \(PDU\))ashow
433 90 gm
0.08570 0.(\(N\)CR)ashow
433 171 gm
-0.05981 0.(\(N\) Connection Request \(PDU\))ashow
461 90 gm
0.11196 0.(N-CR)ashow
461 171 gm
-0.10894 0.(Network Connect Request \(service primitive\))ashow
489 90 gm
0.06990 0.(\(N\)-CR)ashow
489 171 gm
-0.11174 0.(\(N\) Connect Request \(service primitive\))ashow
517 90 gm
0.11430 0.(NIST)ashow
517 171 gm
-0.10269 0.(National Institute of Standardization \(formerly NBS\))ashow
545 90 gm
(NSA)show
545 171 gm
-0.15724 0.(National Security Agency)ashow
573 90 gm
0.11329 0.(NPDU)ashow
573 171 gm
-0.10470 0.(Network Protocol Data Unit)ashow
601 90 gm
0.07070 0.(\(N\)PDU)ashow
601 171 gm
-0.10897 0.(\(N\) Protocol Data Unit)ashow
629 90 gm
0.11074 0.(NSAP)ashow
629 171 gm
-0.08407 0.(Network Service Access Point)ashow
657 90 gm
0.06912 0.(\(N\)SAP)ashow
657 171 gm
-0.08432 0.(\(N\) Service Access Point)ashow
685 90 gm
0.11329 0.(NSDU)ashow
685 171 gm
-0.12237 0.(Network Service Data Unit)ashow
713 90 gm
0.07070 0.(\(N\)SDU)ashow
713 171 gm
-0.13027 0.(\(N\) Service Data Unit)ashow
741 90 gm
-0.16897 0.(OFB)ashow
741 171 gm
-0.15361 0.(Output Feed-Back)ashow
F T cp
%%Page: ? 4
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(135)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 469 gm
-0.07739 0.(Glossary)ashow
97 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.16352 0.(OSI)ashow
97 171 gm
-0.12152 0.(Open Systems Interconnection)ashow
125 90 gm
0.32907 0.(P1)ashow
125 171 gm
-0.09703 0.(Protocol 1 \(MTA-to-MTA protocol in X.400 MHS\))ashow
153 90 gm
0.32907 0.(P2)ashow
153 171 gm
-0.03811 0.(Protocol 2 \(UA-to-UA protocol in X.400 MHS\))ashow
181 90 gm
0.33100 0.(PBX)ashow
181 171 gm
-0.13371 0.(Private Branch Exchange)ashow
209 90 gm
(PDN)show
209 171 gm
-0.12742 0.(Public Data Network)ashow
237 90 gm
(PDU)show
237 171 gm
-0.15522 0.(Protocol Data Unit)ashow
265 90 gm
0.33650 0.(PIN)ashow
265 171 gm
-0.08503 0.(Personal Identity Number)ashow
293 90 gm
0.33100 0.(PKC)ashow
293 171 gm
-0.05969 0.(Public Key Cryptosystem)ashow
321 90 gm
0.11074 0.(PPDU)ashow
321 171 gm
-0.13171 0.(Presentation Protocol Data Unit)ashow
349 90 gm
0.11074 0.(PSDU)ashow
349 171 gm
-0.14721 0.(Presentation Service Data Unit)ashow
377 90 gm
0.22172 0.(PSTN)ashow
377 171 gm
-0.09188 0.(Public Switched Telephone Network)ashow
405 90 gm
-0.66499 0.(RDA)ashow
405 171 gm
-0.20327 0.(Remote Database Access)ashow
433 90 gm
0.16056 0.(RFC)ashow
433 171 gm
-0.10978 0.(Request for Comment)ashow
461 90 gm
-0.16897 0.(ROS)ashow
461 171 gm
-0.18548 0.(Remote Operations)ashow
489 90 gm
-0.22259 0.(ROSE)ashow
489 171 gm
-0.18525 0.(Remote Operations Service Element)ashow
517 90 gm
-0.16897 0.(RSA)ashow
517 171 gm
-0.12332 0.(Rivest\320Shamir\320Adelman \(a public key cryptosystem\))ashow
545 90 gm
(RTS)show
545 171 gm
-0.16331 0.(Reliable Transfer)ashow
573 90 gm
-0.11160 0.(SASE)ashow
573 171 gm
-0.19781 0.(Specific Application Service Element)ashow
601 90 gm
0.10807 0.(SCSE)ashow
601 171 gm
-0.15550 0.(Secure Communications Service Element)ashow
629 90 gm
(SDU)show
629 171 gm
-0.18486 0.(Service Data Unit)ashow
657 90 gm
-0.11160 0.(SMIB)ashow
657 171 gm
-0.15011 0.(Security Management Information Base)ashow
685 90 gm
0.32907 0.(SP3)ashow
685 171 gm
-0.08660 0.(Network Layer Security Protocol)ashow
713 90 gm
0.32907 0.(SP4)ashow
713 171 gm
-0.10189 0.(Transport Layer Security Protocol)ashow
741 90 gm
(TCP)show
741 171 gm
-0.07055 0.(Transmission Control Protocol)ashow
F T cp
%%Page: ? 5
op
30 28 xl
1 1 pen
45 288 gm
(nc 30 28 811 566 6 rc)kp
1 setTxMode
0 fs
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(136)show
803 90 gm
10 fz
bu fc
2 F /|______Times-Roman fnt
bn
-0.01179 0.(Open Systems Security \320 an Architectural Framework)ashow
803 469 gm
-0.07739 0.(Glossary)ashow
97 90 gm
12 fz
bu fc
2 F /|______Times-Roman fnt
bn
(TP0)show
97 171 gm
-0.05200 0.(Class 0 Transport Protocol)ashow
125 90 gm
(TP4)show
125 171 gm
-0.05200 0.(Class 4 Transport Protocol)ashow
153 90 gm
-0.10899 0.(TPDU)ashow
153 171 gm
-0.12153 0.(Transport Protocol Data Unit)ashow
181 90 gm
-0.32623 0.(UA)ashow
181 171 gm
-0.10810 0.(User Agent)ashow
209 90 gm
-0.49472 0.(VAN)ashow
209 171 gm
-0.14547 0.(Value Added Network)ashow
237 90 gm
-0.22010 0.(VANS)ashow
237 171 gm
-0.13824 0.(Value Added Network Service)ashow
265 90 gm
-0.21910 0.(VLSI)ashow
265 171 gm
-0.16967 0.(Very Large Scale Integration)ashow
293 90 gm
-0.22259 0.(VOPS)ashow
293 171 gm
-0.18666 0.(Virtual Operating System)ashow
321 90 gm
-0.99322 0.(VT)ashow
321 171 gm
-0.26412 0.(Virtual Terminal)ashow
349 90 gm
-0.32615 0.(WAN)ashow
349 171 gm
-0.14212 0.(Wide Area Network)ashow
377 90 gm
0.50146 0.(XNS)ashow
377 171 gm
(Xerox Network Systems)show
F T cp
%%Trailer
cd
end
%%Pages: 5 0
%%EOF