Customer Support: +1 416-401-8730

Login to i2i Subscription Intertek.com
  • There are no items in your cart
Please enter a keyword to search
Advanced search
Home
ECMA
ECMA 219 : 2ED 96

ECMA 219 : 2ED 96

Current

Current

The latest, up-to-date edition.

AUTHENTICATION AND PRIVILEGE ATTRIBUTE SECURITY APPLICATION WITH RELATED KEY DISTRIBUTION FUNCTIONS - PART 1, 2 AND 3

Published date

01-12-2013

Publisher

European Computer Manufacturers Association

Part 1 - Overview and functional model
1 Introduction
   1.1 Scope
   1.2 Field of application
   1.3 Requirements to be satisfied
   1.4 Conformance
   1.5 Overview and document structure
2 References
   2.1 Normative references
   2.2 Informative references
3 Definitions and conventions
   3.1 Imported definitions
   3.2 New definitions
   3.3 Conventions
   3.4 Acronyms
4 Functional model
   4.1 Environment
   4.2 Role of the APA-Application
   4.3 Functional model of the APA-Application
   4.4 Services provided by the APA-Application
   4.5 Data elements
   4.6 Authentication methods
   4.7 Management and recovery of the APA-Application
5 Relationship to other Standards and Technical Report
   5.1 Relationship to ECMA TR/46, "Security in Open Systems:
        A Security Framework"
   5.2 Relationship to Standard ISO 7498-2, "Security
        Architecture"
   5.3 Relationship to Standard ISO/IEC 10181-2,
        "Authentication Framework"
   5.4 Relationship to Standard ISO/IEC 9594: 1990 Part 8,
        "Directory Authentication Framework"
   5.5 Relationship to Standard ISO/IEC 10181-3, "Access
        Control Framework"
   5.6 Relationship to ISO/IEC 10164, "Standards for Systems
        Management"
Annex A (Informative) Changes from the first edition
        (December 1994)
Part 2 - Security information objects
1 Introduction
2 Overview
3 GeneralisedCertificate
   3.1 Common Contents fields
   3.2 Specific Certificate Contents
   3.3 Check value
   3.4 Certificate Identity
4 Security attributes
5 Authentication Certificate (AUC)
6 Privilege Attribute Certificate (PAC)
7 Protection methods
   7.1 "Control/Protection Values" protection method
   7.2 "Primary Principal Qualification" protection method
   7.3 "Target Qualification" protection method
   7.4 "Delegate/Target Qualification" protection method
   7.5 "Delegate Qualification" protection method
   7.6 "Trace Pointer" protection method
   7.7 "Initiator Qualification" protection method
   7.8 "Count" protection method
   7.9 "Check Back" protection method
   7.10 "Nested Chain" protection method
   7.11 Combining the methods
8 Generalised User Certificate (GUC)
9 External control values construct
10 Specification of Keying Information
   10.1 Configurations Supported
   10.2 General Description
   10.3 Example walkthroughs of key exchanges
11 DialogueKeyBlock
Annex A (Normative) Use of identities in the APA-Application
Part 3 - Service definitions
1 Introduction
2 APA abstract model
   2.1 The APA-Application
3 Specification of bind and unbind operations
   3.1 A-bind
   3.2 A-unbind
   3.3 PA-bind
   3.4 PA-unbind
   3.5 KD-bind
   3.6 KD-unbind
4 Common atomic operations
   4.1 Open Security Association (OpenSA)
   4.2 DeclareOperationContext
   4.3 Get Keying Information (GetKI)
   4.4 Process Keying Information (ProcessKI)
   4.5 Close Security Association (CloseSA)
   4.6 RevokeCertificate
   4.7 Abstract errors arising from common operations
5 Authentication Port atomic operations
   5.1 Authenticate
   5.2 ContinueAuthentication
   5.3 ChangePassword
   5.4 ContinueChangePassword
   5.5 Check Authentication Certificate (CheckAUC)
   5.6 ConfirmPresence
   5.7 Get Authentication Server Name (GetASName)
   5.8 Get Authentication Ticket (GetAT)
   5.9 Abstract errors arising from A-Port operations
6 Privilege Attribute Port atomic operations
   6.1 Get Access Control Ticket (GetACT)
   6.2 Check Privilege Attribute Certificate (CheckPAC)
   6.3 Refine Privilege Attribute Certificate (RefinePAC)
   6.4 Abstract errors arising from PA-Port operations
7 Key Distribution Port atomic operations
8 Combined operations
   8.1 Authentication port combined operations
   8.2 Privilege Attribute port combined operations
   8.3 Key Distribution port combined operations
Annex A (Informative) Information Model
Annex B (Informative) Authentication Information Types
Annex C (Normative) ASN.1 - Object Identifier Usage
Annex D (Normative) ASN.1 - Object Identifiers
Annex E (Normative) ASN.1 - Abstract Service
Annex F (Informative) ASN.1 - Authentication Methods
Annex G (Informative) Changes from first edition
                      (December 1994)

Defines three applications: -an Authentication Application, -a Privilege Attributes Application, -a Key Distribution Application.

DocumentType
Standard
PublisherName
European Computer Manufacturers Association
Status
Current
Supersedes

ASTM E 1985 : 1998 : R2013 Standard Guide for User Authentication and Authorization (Withdrawn 2017)
ECMA 235 : 1ED 96 THE ECMA GSS-API MECHANISM
EG 201 057 : 1.1.2 TELECOMMUNICATIONS SECURITY; TRUSTED THIRD PARTIES (TTP); REQUIREMENTS FOR TTP SERVICES
ASTM E 1985 : 1998 Standard Guide for User Authentication and Authorization
ASTM E 1985 : 1998 : R2005 Standard Guide for User Authentication and Authorization

ISO/IEC 10181-7:1996 Information technology Open Systems Interconnection Security frameworks for open systems: Security audit and alarms framework
ISO/IEC 9798-3:1998 Information technology Security techniques Entity authentication Part 3: Mechanisms using digital signature techniques
ISO/IEC 8825-1:2015 Information technology ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER) Part 1:
ISO/IEC 9595:1998 Information technology Open Systems Interconnection Common management information service
ISO/IEC 8824:1990 Information technology — Open Systems Interconnection — Specification of Abstract Syntax Notation One (ASN.1)
ISO/IEC 10181-3:1996 Information technology Open Systems Interconnection Security frameworks for open systems: Access control framework
ISO/IEC 10181-1:1996 Information technology Open Systems Interconnection Security frameworks for open systems: Overview
ISO/IEC 9798-2:2008 Information technology Security techniques Entity authentication Part 2: Mechanisms using symmetric encipherment algorithms
ISO/IEC 9594-8:2017 Information technology Open Systems Interconnection The Directory Part 8: Public-key and attribute certificate frameworks
ISO 7498-2:1989 Information processing systems Open Systems Interconnection Basic Reference Model Part 2: Security Architecture
ECMA 206 : 1ED 93 ASSOCIATION CONTEXT MANAGEMENT INCLUDING SECURITY CONTEXT MANAGEMENT
ISO/IEC 10181-2:1996 Information technology Open Systems Interconnection Security frameworks for open systems: Authentication framework

View more information
Sorry this product is not available in your region.

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.

Learn more on subscription solutions

or

Get in touch with us