As NZS 4471-1997 Information Technology - Open Systems Interconnection - Network Layer Security Protocol

7/31/2019 As NZS 4471-1997 Information Technology - Open Systems Interconnection - Network Layer Security Protocol

1/12

AS/NZS 4471:1997ISO/IEC 11577:1995

Australian/New Zealand Standard

Information technologyOpen Systems InterconnectionNetwork layer security protocol


2/12

AS/NZS 4471:1997

This Joint Australian/New Zealand Standard was prepared by Joint Technical

Committee IT/1, Information SystemsInterconnection. It was approved on behalf of

the Council of S tandards Australia on 24 February 1997 and on behalf of the Council

of Standards New Zealand on 21 February 1997. It was published on 5 June 1997.

The following interests are represented on Committee IT/1:

Australian Bankers AssociationAustralian Bureau of Statistics

Australian Computer Society

Australian Computer Users Association

Australian Information Industry Association

Australian Vice-Chancellors Committee

Department of Defence, Australia

Department of Industry, Science and T ourism, Australia

Government Computing Service, New Zealand

Information Exchange Steering Committee, Australia

Institute of Information and Communication Technologies, CSIRO, Australia

Telstra Corporation, Australia

Telecom New Zealand

Review of Standards. To keep abreast of progress in industry, Joint Australian/New Zealand Standards are subject to periodic review and are kept up to date by theissue of amendments or new editions as necessary. It is important therefore thatStandards users ensure that they are in possession of the latest edition, and anyamendments thereto.

Full details of all Joint Standards and related publications will be found in theStandards Australia and Standards New Zealand Catalogue of Publications; thisinformation is supplemented each month by the magazines The Australian Standardand Standards New Zealand, which subscribing members receive, and which givedetails of new publications, new editions and amendments, and of withdrawnStandards.

Suggestions for improvements to Joint Standards, addressed to the head office of eitherStandards Australia or Standards New Zealand, are welcomed. Notification of anyinaccuracy or ambiguity found in a Joint Australian/New Zealand Standard should bemade without delay in order that the matter may be investigated and appropriate actiontaken.

This Standard was issued in draft form for comment as DR 96323.


3/12

AS/NZS 4471:1997

Australian/New Zealand Standard

Information technologyOpen Systems InterconnectionNetwork layer security protocol

First published as AS/NZS 4471:1997.

PUBLISHED JOINTLY BY:

STANDARDS AUSTRALIA1 T he Crescent,Homebush NSW 2140 Australia

STANDARDS NEW ZEALANDLevel 10, Radio New Zealand House,

155 The Terrace,Wellington 6001 New ZealandISBN 0 7337 1140 5


4/12

ii

PREFACE

This Standard was prepared by the Joint Standards Australia/Standards New Zealand Committee IT/1,Information SystemsInterconnection. It is identical with and has been reproduced fromISO/IEC 11577:1995, Information technologyOpen Systems InterconnectionNetwork layer security

protocol.

The objective of this Standard is to provide users of computer networks with a specification of aprotocol to be used by end systems and intermediate systems in order to provide security services inthe network layer of the OSI 7-layer model.

Users of this Standard are advised by Standards Australia and Standards New Zealand, underarrangements made with ISO and IEC, as well as certain other Standards organizations, that the numberof this Standard is not reproduced on each page; its identity is shown only on the cover and title pages.

For the purpose of this Standard, the source text should be modified as follows:

(a) Terminology The words this Australian/New Zealand Standard should replace the words thisInternational Standard wherever they appear.

(b) Decimal marker Substitute a full point for a comma where it appears as a decimal marker.(c) References The r eferences to international Standards should be replaced by references, where

appropriate, to the following Australian or Joint Australian/New Zealand Standards:

Refer ence to International Standardor other publication

Australian or JointAustralian/New Zealand Standard

ISO8648 Information processing systems

Open Systems InterconnectionInternal organization of the NetworkLayer

AS3622 Information processing systems

Open Systems InterconnectionInternal organization of the networklayer

ISO/IEC

7498 Information technologyOpen Systems InterconnectionBasic Reference Model

7498-1 Part 1: The Basic Model

AS/NZS

2777 Information processing systemsOpen Systems InterconnectionBasic reference model

2777. 1 Pa rt 1: The bas ic model

ISO7498-2 Part 2: Security Architecture

AS2777.2 Part 2: Security architecture

ISO/IEC8208 Information technology

Data communicationsX.25 PacketLayer Protocol for Data TerminalEquipment

AS/NZS3621 In for mation te chnology

Data communicationsX.25 packetlayer protocol for data terminalequipment

8348 Information technology

Open Systems InterconnectionNetwork Service Definition

2994 In for mation te chnology

Open Systems InterconnectionNetwork service definition

8473 Information technologyProtocol for providing theconnectionless-mode network service

8473-1 Par t 1: Pr otocol specification


5/12

iii

ISO/IEC8825 Information technology

Open Systems InterconnectionSpecification of basic encoding rulesfor Abstract Syntax Notation One

(ASN.1)

AS3626 Information technology

Open Systems InterconnectionSpecification of basic encoding rulesfor Abstract Syntax Notation One

(ASN.1)

8878 Information technologyTelecommunications and informationexchange between systemsUse of X.25 to provide the OSIconnection-mode network service

AS/NZS3604 Information technology

Telecommunications and informationexchange between systemsUse of X.25 to provide the OSIconnection-mode network service

9594 Information technologyOpen Systems InterconnectionThe Directory

9594-8 Part 8: Authentication framework

AS4019 Information technology

Open Systems Interconnection TheDirectory

4019.8 Part 8: Authentication framework

9646 Information technologyOpen Systems InterconnectionConformance testing methodologyand framework

9646-1 Part 1: General concepts9646-2 Part 2: Abstract test suite specification

9834 Information technologyOpen Systems InterconnectionProcedures for operation of OSIRegistration Authorities

9834-1 Part 1: General procedures

9834-3 Part 3: Registration of objectidentifier component values f or jointISO/CCITT use

AS/NZS4153 Information technology

Open Systems InterconnectionProcedures for the operation of OSIregistration authorities

4153.1 Part 1: General procedures

4153.3 Part 3: Registration of objectidentifier components values for jointISO-CCITT use

9979 Data cryptographic techniquesProcedures for the registration ofcryptographic algorithms

10731 Information technologyOpen Systems InterconnectionBasic Reference ModelConventions for the definition of OSIservices

10745 Information technology

Open Systems InterconnectionUpper layers security model

TR 13594 Information technologyOpen Systems InterconnectionLower layers security model


6/12

iv

CCITTX.25 Interface between Data Terminal

Equipment (DTE) and Data Circuit-Terminating Equipment (DEC) forterminals operating in Packet Mode

and connected to public datanetworks by dedicated circuits

AS

Copyright STANDARDS AUSTRALIA/STANDARDS NEW ZEALAND

Users of Standards are reminded that copyright subsists in all Standards Australia and Standards New Zealand publications andsoftware. Except where the Copyright Act allows and except where provided for below no publications or software produced byStandards Australia or Standards New Zealand may be reproduced, stored in a retrieval system in any form or transmitted by anymeans without prior permission in writing from Standards Australia or Standards New Zealand. Permission may be conditional on anappropriate royalty payment. Australian requests for permission and information on commercial software royalties should be directedto the head offi ce of Standards Australia. New Zealand requests should be directed to Standards New Zealand.

Up to 10 percent of t he technical content pages of a Standard may be copied f or use exclusively i n-house by purchasersof the Standard without payment of a royalty or advice t o Standards Australia or Standards New Zealand.

Inclusion of copyright material i n computer software programs is also permitted without royalty payment provided suchprograms are used exclusively in-house by the creators of the programs.

Care should be taken to ensure that material used is from the current edition of t he Standard and that it is updated whenever theStandard is amended or revised. The number and date of the Standard should t herefore be clearly i dentified.

The use of material in print form or in computer software programs to be used commercially, with or without payment, or incommercial contracts is subject t o the payment of a r oyalty. This policy may be varied by Standards Australia or StandardsNew Zealand at any time.


7/12

v

CONTENTS

Page

1 Sc ope . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

2 No rmativ e re fe renc es . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

2.1 Identical Recommendations International Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

2.2 Paired Recommendations International Standards equivalent in technical content . . . . . . . 2

2.3 Ad ditional Re ferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

3 De fin itions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

3.1 Re ference M od el defin itions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

3.2 Security Architecture definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

3.3 Service Convention definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

3.4 Ne twork Service defin it ions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

3.5 Internal Organisation of the Network Layer definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

3.6 Connectionless Network Protocol definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

3.7 Upper Layer Security Model definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

3.8 Co nfo rma nce T estin g definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

3.9 Ad ditional defin itions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

4 Ab bre via tions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

4.1 Dat a Unit s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

4.2 Proto col D ata U nit Fie lds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

4.3 Pa rame te rs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

4.4 Miscella neo us . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

5 Ov erv iew o f th e Pro toco l . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

5.1 In tro duction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

5.2 Ov erv iew o f Se rvices Provided . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

5.3 Ov erv iew o f Se rvices A ssumed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

5.4 Security Associations and Security Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

5.5 Overview of Protocol Protection Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

5.6 Ov erv iew o f Proto col NLSP-C L . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

5.7 Ov erv iew o f Proto col NLSP-C O . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

6 Protocol Functions Common to NLSP-CL and NLSP-CO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

6.1 In tro duction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

6.2 Co mmon SA Attrib utes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

6.3 Common Functions on a Request for an Instance of Communication . . . . . . . . . . . . . . . . 14

6.4 Secure Data Transfer Protocol Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

6.5 Use of a Security Association Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

7 Proto col Fu nctions FOR N LSP-C L . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

7.1 Se rvices p ro vided b y N LSP-C L . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

7.2 Se rvices A ss umed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

7.3 Se curity A ss ocia tio n Attribute s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

7.4 Che cks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177.5 In -Ba nd SA E sta blish ment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

7.6 Processing NLSP-UNITDATA Request . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

7.7 Processing UN-UNITDATA Indication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18


8/12

vi

Page

8 Proto col Functions for N LSP-C O . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

8.1 Se rvices Pro vided b y N LSP-C O . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

8.2 Se rvices A ss umed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

8.3 Se curity A ss ocia tio n Attribute s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218.4 Checks and other Common Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

8.5 NL SP-Co nnec t Functio ns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

8.6 NL SP-DA TA Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

8.7 NLSP-EXPEDITED-DATA Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

8.8 RE SET Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

8.9 NL SP-DA TA A CKN OW L ED GE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

8.1 0 NL SP-DISCO NNE CT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

8.1 1 Other Fu nctions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

8.12 Peer Entity Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

9 Ov erv iew o f Mec han is ms u sed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

9.1 Security Services and Mechanisms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

9.2 Fu nctions Suppo rted . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

10 Connection security control (NLSP-CO only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

10. 1 Ov erv iew . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

10. 2 SA -Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

10. 3 Proced ures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

10. 4 CSC -PD U Fie ld s use d . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

11 SDT PDU Based encapsulation Function . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

11. 1 Ov erv iew . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

11. 2 SA A ttribute s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

11. 3 Proced ures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

11. 4 PD U Field s u se d . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

12 No-Header Encapsulation Function (NLSP-CO only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

12. 1 Ov erv iew . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

12. 2 SA A ttribute s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

12. 3 Proced ures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

13 Structure and Encoding of PDUS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

13. 1 In tro duction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

13. 2 Co nte nt Fie ld Format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

13. 3 Prote cte d D ata . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

13. 4 Se curity A ss ocia tio n PD U . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

13.5 Connection Security Control PDU . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

14 Co nfo rmance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

14.1 Static Conformance Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

14.2 Dynamic Conformance Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

14.3 Protocol Implementation Conformance Statement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61


9/12

vii

Page

Annex A Mapping UN primitives to CCITT Rec. X.213 ISO 8348 . . . . . . . . . . . . . . . . . . . . . . . 62

Annex B Mapping UN Primitives to CCITT Rec. X.25 ISO 8208 . . . . . . . . . . . . . . . . . . . . . . . . 63

Annex C Security Association Protocol Using Key Token Exchange and Digital Signatures . . . . . . . 64C. 1 Overvi ew . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64

C. 2 Ke y To ken E xch ang e (K TE ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

C. 3 SA -Proto col A uthen tic ation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

C. 4 SA A ttribute N egotiation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66

C. 5 SA A bort/R elease . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67

C.6 Mapping of SA-Protocol Functions to Protocol Exchanges . . . . . . . . . . . . . . . . . . . . . . . 67

C. 7 SA PDU SA Co nte nts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70

Annex D NLSP PICS Proforma . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

D. 1 In tro duction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

D.2 Abbreviations and Special Symbols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

D.3 Instructions for Completing the PICS Proforma . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

D. 4 Id entifica tio n . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76

D.5 Features Common to NLSP-CO and NLSP-CL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

D. 6 Fe atu res Spe cific to NL SP-C L . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

D. 7 Fe atu res Spe cific to NL SP-C O . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83

Annex E Tutorial on some Basic Concepts of NLSP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

E. 1 Ba sis o f Pro tection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

E. 2 Un derlying vs NLSP Serv ic e . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88

E. 3 NL SP A ddres sin g . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88

E. 4 Co nnec tion Mod e NL SP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92

E. 5 Co nnec tionles s Mod e N LSP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

E.6 Security Attributes and Associations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

E.7 Dynamic Functional Relationship between NLSP and CLNP . . . . . . . . . . . . . . . . . . . . . . 99

E.8 Dynamic Functionality Related to Layered Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101

Annex F Example of an Agreed Set of Security Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103

Annex G Security Associations and Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105

Annex H Example Key Token Exchange EKE Algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107


10/12

viii

NOTES


11/12

1


12/12

This is a free preview. Purchase the entire publication at the link below:

Looking for additional Standards? Visit SAI Global Infostore

Subscribe to ourFree Newsletters about Australian Standards in Legislation; ISO, IEC, BSI and more

Do you need to Manage Standards Collections Online?

Learn about LexConnect, All Jurisdictions, Standards referenced in Australian legislation

Do you want to know when a Standard has changed?

Want to become an SAI Global Standards Sales Affiliate?

Learn about other SAI Global Services:

LOGICOM Military Parts and Supplier DatabaseMetals Infobase Database of Metal Grades, Standards and Manufacturers

Materials Infobase Database of Materials, Standards and Suppliers

Database of European Law, CELEX and Court Decisions

Need to speak with a Customer Service Representative - Contact Us

AS/NZS 4471:1997, Information technology - OpenSystems Interconnection - Network layer securityprotocol
http://infostore.saiglobal.com/store?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Newsletters/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Collections/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Law/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/StandardsWatch/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Affiliate/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/LOGICOM/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/LOGICOM/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/Metals/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/Materials/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/European-Law/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://infostore.saiglobal.com/store/getpage.aspx?path=/InformationServices/shop/pages/ContactingUs.htm&utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://infostore.saiglobal.com/store/Details.aspx?ProductId=383816&utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://infostore.saiglobal.com/store/getpage.aspx?path=/InformationServices/shop/pages/ContactingUs.htm&utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/European-Law/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/Materials/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/Metals/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Databases/LOGICOM/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Affiliate/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/StandardsWatch/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Law/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Collections/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://www.saiglobal.com/Information/Standards/Newsletters/?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSiteshttp://infostore.saiglobal.com/store?utm_source=PDF&utm_medium=Website_Infostore&utm_campaign=DocSharingSites

Documents

As NZS 4471-1997 Information Technology - Open Systems Interconnection - Network Layer Security Protocol