Security for telecommunications network management

Security for Telecommunications Network Management

Volumn , Issue , 1999, Pages 1-296

  Rozenblit, Moshe ^a  

^a TELCORDIA TECHNOLOGIES   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

INFORMATION MANAGEMENT; NETWORK MANAGEMENT; NETWORK PROTOCOLS; TELECOMMUNICATION INDUSTRY;

IN-NETWORK MANAGEMENT; PRACTICAL SOLUTIONS; SECURITY COMPONENTS; SECURITY IMPLICATIONS; SECURITY MANAGEMENT; SECURITY PROFESSIONALS; TELECOMMUNICATIONS INDUSTRY; TELECOMMUNICATIONS NETWORKS;

NETWORK SECURITY;

EID: 85036508654     PISSN: None     EISSN: None     Source Type: Book    
DOI: 10.1109/9780470546390     Document Type: Book

References (112)

1. NBS FIPS PUB 81, “DES Modes of Operation,” National Bureau of Standards, U.S. Department of Commerce, December 1980.
2. NBS FTPS PUB 74, “Guidelines for Implementing and Using the NBS Data Encryption Standard,” National Bureau of Standards, U.S. Department of Commerce, April 1981.
3. NBS FIPS PUB 46-1, “Data Encryption Standard,” National Bureau of Standards, U.S. Department of Commerce, January 1988.
4. NIST FIPS PUB 46-2, “Data Encryption Standard,” National Institute of Standards and Technology, U.S. Department of Commerce, December 1993.
5. NIST FIPS PUB 180-1, “Secure Hash Standard,” National Institute of Standards and Technology, U.S. Department of Commerce, April 17, 1995.
6. NIST FIPS PUB 186, “Digital Signature Standard,” National Institute of Standards and Technology, U.S. Department of Commerce, May 1995.
7. GR-1253-CORE, TMN Security Administration, Issue 1 (Bellcore, June 1995).
8. GR-1332-CORE, Generic Requirements for Data Communications Network Security, Issue 1 (Bellcore, February 1994).
9. GR-1469-CORE, OTGR Section 15.5: Generic Requirements on Security for OSI-Based Telecommunications Management Network Interfaces (a module of OTGR FR-439), Issue 1 (Bellcore, September 1994).
10. GR-2869-CORE, Generic Requirements for Operations Based on the TMN Architecture, Issue 1 (Bellcore, October 1995).
11. ISO/IEC JTC 1/SC 21 N6998, IEEE 802.10c/D1, IEEE Standard for Interoperable LAN/MAN Security, Part 3—Key Management Protocol, March 21, 1993.
12. IEEE P802.10B/D7, IEEE Standard for Interoperable LAN Security, (SILS) Part B— Secure Data Exchange, November 9, 1991.
13. ISO/IEC IS 10164-1, Information Technology—Open Systems Interconnection— Systems Management—Part 1: Object Management Function, 1992.
14. ISO/IEC IS 10164-5, Information Technology—Open Systems Interconnection— Systems Management—Part 5: Event Report Management Function, 1992.
15. ISO/IEC 10181-3, Committee Draft—Information Technology—Security Frameworks for Open Systems—Part 3: Access Control Framework, 1994.
16. ISO/IEC 11770-1, Information Technology—Security Techniques—Key Management— Part 1: Key Management Framework.
17. ISO/IEC 7498-2, Information Processing Systems—OSI Reference Model—Part 2: Security Architecture,1989.
18. ISO/IEC 8072, Information Processing Systems—Open Systems Interconnection— Transport Service Definition, June 1986.
19. ISO/IEC 8073, Information Processing Systems—Open Systems Interconnection— Connection Oriented Transport Protocol Specification, July 1986.
20. ISO/IEC 8571, Information Processing Systems—Open System Interconnection-—File Transfer, Access and Management—Parts 1-4, 1988.
21. ISO/IEC 8602, Information Processing Systems—Open Systems Interconnection—Protocol for Providing the Connectionless—Mode Transport Service, June 1987.
22. IS0 8649-1, Information Processing Systems—Open Systems Interconnection—Authentication Addendum to ACSE Service Definition,1992.
23. ISO/IEC 8650, Information Processing Systems—Open Systems Interconnection—Protocol Specification for the Association Control Service Element, 1988.
24. ISO 8650-1, Information Processing Systems—Open Systems Interconnection—Authentication Addendum to ACSE Protocol Definition,1992.
25. ISO/IEC 9798-3:1993, Information Technology—Security Techniques—Entity Authentication Mechanisms—Part 3: Entity Authentication Using a Public Key Algorithm.
26. N. Koblitz, “Elliptic Curve Cryptosystems,”Mathematics of Computation, vol. 48, 1987, pp. 203-209.
27. ITU-T, Draft M.3010, Principles for a Telecommunications Management Network, April 1995.
28. ITU-T Draft Rec. M.3100, Generic Network Information Model, January 1995.
29. ITU-T Rec. M.3400, TMN Management Functions,1996.
30. V. Miller, “Uses of Elliptic Curves in Cryptography,” Advances in Cryptology, CRYPTO’85, Lecture Notes in Computer Science218, Springer-Verlag, pp. 417-426.
31. S. P. Miller, B. C. Neuman, J. I. Schiller, and J. H. Saltzer, “Project Athena Technical Plan Section E.2.1: Kerberos Authentication and Authorization System,” Project Athena, MIT, December 1987.
32. Network Management Forum, OMNIPoint 1 Definitions, Forum 006, Issue 1.0, August 1992.
33. Application Services: Security of Management, Network Management Forum, Forum 016, Issue 1.0, August 1992.
34. Working Implementation Agreement for Open System Interconnection Protocols: Part 12— OS Security, Open Systems Environment Implementors Workshop, December 1992.
35. Object Management Group, CORBA services, Common Object Services, Version 2.2, November 1997.
36. Object Management Group, The Common Object Request Broker: Architecture and Specification, Version 2.2, February 1998.
37. Object Management Group, OMG Document orbos/97-02-04, Secure Socket Layer/CORBA Security, adopted June 24, 1997.
38. RSA Data Security Inc., PKCS#1: RSA Encryption Standard, Version 1.5, November 1993.
39. RSA Laboratories, a division of RSA Data Security, Inc., Public-Key Cryptography Standards #7—Cryptographic Message Syntax.(The Network Working Group of the IETF as an Informational Request has recently published this standard for Comments, RFC 2315.)
40. ITU-T Rec. Q.811, Lower Layer Protocol Profiles for the Q3 and X Interfaces.
41. ITU-T Rec. Q.812, Upper Layer Protocol Profiles for the Q3 and X Interfaces.
42. ITU-T Rec. Q.813, Security Transformations Application Service Element for Remote Operations Service Element (STASE-ROSE).
43. M. O. Rabin, “Digital Signatures and Public Key Functions as Intractable as Factorization,” MIT Laboratory for Computer Science, Technical Report, MIT/LCS/TR-212, January 1979.
44. R. L. Rivest, “The RC4 Encryption Algorithm,” RSA Data Security Inc., March 1993.
45. R. L. Rivest, “The RC5 Encryption Algorithm,”Dr. Dobb’s Journal,20, no. 1 (January 1995), pp. 146-148.
46. R. Rivest, IETF RFC 1319: “The MD5 Message Digest Algorithm, April 1992.
47. R. L. Rivest, “The MD4 Message Digest Algorithm,” RFC 1320, April 1992.
48. IETF RFC 2078, “Generic Security Service Application Program Interface,” Version 2, Internet Engineering Task Force, January 1997.
49. H. Krawczyk, M. Bellare and R. Canetti, IETF RFC 2104, HMAC: Keyed-Hashing for Message Authentication, February 1997.
50. U. Blumenthal and B. Wijnen, IETF RFC 2274, User-Based Security Model (USM) for Version 3 of the Simple Network Management Protocal (SNMPv3), January 1998.
51. B. Wijnen, R. Presuhn, and K. McCloghrie, IETF RFC 2275, View-Based Access Control Model (VACM) for the Simple Network Management Protocal (SNMPv3), January 1998.
52. The OAKLEY Key Determination Protocol. H. Orman. November 1998. (Status: INFORMATIONAL)
53. IP Security Document Roadmap. R. Thayer, N. Doraswamy and R. Glenn. November 1998. (Status: INFORMATIONAL)
54. The NULL Encryption Algorithm and Its Use with IPsec. R. Glenn and S. Kent. November 1998. (Status: PROPOSED STANDARD)
55. The Internet Key Exchange (IKE). D. Harkins and D. Carrel. November 1998. (Status: PROPOSED STANDARD)
56. Internet Security Association and Key ManagementProtocol (ISAKMP). D. Maughan, M. Schertler, M. Schneider, and J. Turner. November 1998. (Status: PROPOSED STANDARD)
57. The Internet IP Security Domain of Interpretation for ISAKMP. D. Piper. November 1998. (Status: PROPOSED STANDARD)
58. IP Encapsulating Security Payload (ESP). S. Kent and R. Atkinson. November 1998. (Obsoletes RFC 1827) (Status: PROPOSED STANDARD)
59. The ESP DES-CBC Cipher Algorithm with Explicit IV. C. Madson and N. Doraswamy. November 1998. (Status: PROPOSED STANDARD)
60. The Use of HMAC-SHA-1-96 within ESP and A.H. C. Madson and R. Glenn. November 1998. (Status: PROPOSED STANDARD)
61. The Use of HMAC-MD5-96 within ESP and A.H. C. Madson and R. Glenn. November 1998. (Status: PROPOSED STANDARD)
62. IP Authentication Header. S. Kent and R. Atkinson. November 1998. (Obsoletes RFC1826) (Status: PROPOSED STANDARD)
63. Security Architecture for the Internet Protocol. S. Kent and R. Atkinson. November 1998. (Obsoletes RFC1825) (Status: PROPOSED STANDARD)
64. R. Rivest, A. Shamir, and L. M. Adelman, “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems,”Communications of the ACM,21, no. 2 (February 1978), pp. 120-126.
65. ANSI Tl.210-1993, American National Standard for Telecommunications—Operations, Administration, Maintenance, and Provisioning (OAM&P)—Principles of Functions, Architectures, and Protocols for Telecommunications Management Network (TMN) Interfaces.
66. ANSI T l.233-93, American National Standard: Operations, Administration, Maintenance and Provisioning(OAM&P)—Security Framework for Telecommunications Management Network (TMN) Interfaces,1993.
67. ANSI T l.228-95, American National Standard: Operations, Administration, Maintenance and Provisioning (OAM&P)—Services for Interfaces between Operations Systems across Jurisdictional Boundaries to Support Fault Management (Trouble Administration),1995.
68. ANSI T1.243-T1M1/95, American National Standard: Operations, Administration, Maintenance and Provisioning (OAM&P)—Baseline Security Requirements for the Telecommunications Management Network (TMN),1994.
69. ANSI Tl.245-1995, Directory Service for Telecommunications Management Network, 1995.
70. ANSI T1.252, Operations, Administration, Maintenance and Provisioning (OAM&P)— Security for the Telecommunications Management Network Directory.
71. ANSI T1.254, Application-Based Security, 1997.
72. ANSI T1.259, Security Transformations Application Service Element for Remote Operations Service Element (STASE-ROSE), 1999.
73. ANSI Tl.261, Operations, Administration, Maintenance, and Provisioning (OAM&P)— Security for TMN Management Transactions over the TMN Q3 Interface, 1999.
74. TA-STS-001080, Bellcore Standard Operating Environment Security Requirements, Issue 2 (Bellcore, June 1991).
75. TA-STS-001194, Bellcore Operations Systems Security Requirements, Issue 1 (Bellcore, June 1991).
76. T1 Technical Report No. 40Security Requirements for Electronic Bonding Between Two TMNs,1995
77. ECIC/94-001, Security Requirements for Electronic Bonding Between Two TMNs,1994.
78. TR-NWT-000815, OTGR Section 2.31: Generic Requirements for Network Element and Network System Security (A Module of OTGR FR-NWT-000435), Issue 2 (Bellcore, December 1992).
79. CCITT Rec. X.200 I ISO/IEC 7498: Information Processing Systems—Open Systems Interconnection—Basic Reference Model (1984)
80. CCITT Rec. X.208 (1988) I ISO/IEC 8824: 1990, Information Technology—Open Systems Interconnection—Specification of Abstract Syntax Notation One (ASN.l).
81. ITU-T Rec. X.210 I ISO/IEC 8509, Information Technology—Open Systems Interconnection—Service conventions (1987).
82. CCITT Rec. X.217 I ISO/IEC 8649, Information Processing Systems—Open Systems Interconnection—Service Definition for the Association Control Service Elements, 1988.
83. CCITT Rec. X.219—ISO/IEC 9072-1, Remote Operations: Model, Notation, and Service Definition, 1988.
84. ITU-T Rec. X.219 I ISO/IEC 9072-1, Information Technology—Open Systems Interconnection—Remote Operations: Model, Notation and Service Definition, 1993.
85. ITU-T Rec. X.229 I ISO/IEC 9072-2, Information Technology—Open Systems Interconnection—Remote Operations: Protocol Specification, 1993.
86. ITU-T Rec. X.25, Interface between Data terminal Equipment (DTE) and Data Circuit-terminating Equipment (DCE) for Terminals Operating in the Packet Mode and Connected to Public Data Networks by Dedicated Circuits, 1996.
87. ITU-T Rec.X.273 (1994)—ISO/IEC IS 11577: 1994(E), Information Technology—Open Systems Interconnection—Network Layer Security Protocol, November 1, 1993.
88. CCITT Rec. X.500—ISO/IEC 9594-1, The Directory—Overview of the Concepts, Models and Services, 1993.
89. CCITT Rec. X.501—ISO/IEC 9594-2, Information Technology—Open Systems Interconnection—The Directory—Part 2: Information Framework, 1993 (E).
90. CCITT Rec. X.509—ISO/IEC 9594-8, The Directory—Authentication Framework, March 1993.
91. ITU-T Rec. X.680 I ISO/IEC 8824-1, Information Technology—Abstract Syntax Notation One (ASN.1)—Specification of Basic Notation, 1994.
92. ITU-T Rec. X.681 I ISO/IEC 8824-2, Information Technology—Abstract Syntax Notation One (ASN.1)—Information Object Definition, 1994.
93. ITU-T Rec. X.682 I ISO/IEC 8824-3, Information Technology—Abstract Syntax Notation One (ASN.1)—Constraint Specification, 1994.
94. ITU-T Rec. X.683 I ISO/IEC 8824-4, Information Technology—Abstract Syntax Notation One (ASN.1)—Parametrization of ASN.l Specification, 1994.
95. ITU-T Rec. X.690 I ISO/IEC 8825-1, Information Technology—ASN.1 Encoding Rules— Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER), 1994.
96. ITU-T Rec. X.710 I ISO/IEC 9595, Information Technology—Open Systems Interconnection—Common Management Information Service Definition, 1991.
97. ITU-T Rec. X.711 I ISO/IEC 9596, Information Technology—Open Systems Interconnection—Common Management Information Protocol Specification, 1991.
98. ISO/IEC 10165-1 I ITU-T X.720, Information Technology—Open Systems Interconnection— Structure of Management Information—Part 1: Management information Model, 1992.
99. ISO/IEC 10165-2 I ITU-T X.721, Information Technology—Open Systems Interconnection— Structure of Management Information—Part 2: Definition of Management Information, 1992.
100. ISO/IEC IS 10164-5 I ITU-T X.734, Information Technology—Open Systems Interconnection— Systems Management—Part 5: Event Report Management Function, 1993.
101. ISO/IEC IS 10164-6 I ITU-T X.735, Information Technology—Open Systems Interconnection—Systems Management—Part 6: Log Control Function, 1992.
102. ISO/IEC IS 10164-7 I ITU-T X.736, Information Technology—Open Systems Interconnection—Systems Management—Part 7: Security Alarm Reporting Function, August 1991.
103. ISO/IEC IS 10164-8 I ITU-T X.740, Information Technology—Open Systems Interconnection—Systems Management—Part 8: Security Audit Trail Function, June 1992.
104. ISO/IEC IS 10164-9 I ITU-T X.741, Information Technology—Open Systems Interconnection—Systems Management—Part 9: Objects and Attributes for Access Control, 1995.
105. ITU-T Rec. X.800, Data Communication Networks: Open Systems Interconnection (OSI); Security, Structures and Applications—Security Architecture for Open System Interconnection for CCITT Applications, 1991.
106. ITU-T Rec. X.803 I ISO/IEC 10745, Information Technology—Open Systems Interconnection—Upper Layers Security Model, 1993.
107. ITU-T Rec. X.830 I ISO/IEC IS 11586-1, Generic Upper Layer Security—Part 1: Overview, Models and Notation, 1994.
108. ITU-T Rec. X.831 I ISO/IEC IS 11586-2, Generic Upper Layer Security—Part 2: Security Exchange Service Element Service Definition, 1994.
109. ITU-T Rec. X.832 I ISO/IEC IS 11586-3, Generic Upper Layer Security—Part 3: Security Exchange Service Element Protocol Specification, 1994.
110. ITU-T Rec. X.833 I ISO/IEC IS 11586-4, Generic Upper Layer Security—Part 4: Protecting Transfer Syntax Specification, 1994.
111. ANSI X3.106-1983, Data Encryption Algorithm—Modes of Operation, 1983.
112. ANSI X3.92-1981, Data Encryption Algorithm, 1981.