TR 101 771 : 1.1.1
Current
The latest, up-to-date edition.
TIPHON RELEASE 4; SERVICE INDEPENDENT REQUIREMENTS DEFINITION; THREAT ANALYSIS
Hardcopy , PDF
English
Intellectual Property Rights
Foreword
1 Scope
2 References
3 Definitions and abbreviations
3.1 Definitions
3.2 Abbreviations
4 Overview
5 System's Design
5.1 Network Architecture
5.2 General Design
5.3 TIPHON Connectivity Scenarios
5.4 Services
6 Security Objectives
6.1 Main Security Objectives
6.2 Customers' (Subscribers') Objectives
6.3 Objectives of (TIPHON) Service and Network
Providers
6.4 Manufacturers' Objectives
7 System's Review
8 Threat Analysis and possible Countermeasures
8.1 Denial of service
8.2 Eavesdropping
8.3 Masquerade
8.4 Unauthorized access
8.5 Loss of information
8.6 Corruption of information
8.7 Repudiation
9 Risk Assessment
9.1 Methodology
9.2 Evaluation of Risks
9.3 Effectiveness of Countermeasures
10 Recommendations
10.1 Security Policy
10.2 Recommendation to the TIPHON Security Profiles
10.3 Recommendation to the TIPHON network
architecture
10.4 Recommendation to TIPHON Services
Annex A: Legislation Issues
A.1 Privacy
A.2 Security Order
A.3 Lawful Interception
A.4 Contract
Annex B: Description of Threats
B.1 Denial of services
B.2 Eavesdropping
B.3 Masquerade
B.4 Modification of information
B.5 Unauthorized access
Annex C: Description and possible examples of
Countermeasures
C.1 Authentication
C.2 Digital Signature
C.3 Access Control
C.4 Virtual Private Network
C.5 Secure Configuration of Operating Systems
C.6 Secure Configuration of Networks
C.7 Protection from Denial of Service Attacks
on Hosts and Media Streams
C.8 Physical Protection
C.9 Encryption
C.10 Intrusion Detection Systems
C.11 Auditing and logging
C.12 Non-Repudiation measures
Annex D: Threat and Countermeasure Template for
Providers
Annex E: Bibliography
History
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.