BS ISO/IEC 9594-11:2020:2021 Edition

$215.11

Information technology. Open systems interconnection directory – Protocol specifications for secure operations

Published By	Publication Date	Number of Pages
BSI	2021	96

Guaranteed Safe Checkout

Categories: 35.100.70 - Application layer, BSI

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

Description

PDF Catalog

PDF Pages	PDF Title
2	undefined
11	1 Scope 2 Normative references 2.1 Identical Recommendations \| International Standards
12	2.2 Paired Recommendations \| International Standards equivalent in technical content 2.3 Other references 3 Definitions 3.1 OSI Reference Model definitions 3.2 Directory model definitions 3.3 Public-key and attribute certificate definitions
13	3.4 Terms defined in this Recommendation \| International Standard 4 Abbreviations
14	5 Conventions 6 Common data types and special cryptographic algorithms 6.1 Introduction
15	6.2 ASN.1 information object class specification tool 6.2.1 General information object class concept 6.2.2 The ALGORITHM information object class
16	6.3 Multiple-cryptographic algorithm specifications 6.3.1 General 6.3.2 Multiple signatures algorithm
17	6.3.3 Multiple symmetric key algorithm 6.3.4 Multiple public-key algorithms 6.3.5 Multiple hash algorithm 6.3.6 Multiple authenticated encryption with associated data algorithm 6.3.7 Multiple integrity check value algorithm
18	6.4 Key establishment algorithms 6.4.1 General 6.4.2 Diffie-Hellman group 14 algorithm with HKDF-256 6.4.3 Diffie-Hellman group 23 algorithm with HKDF-256
19	6.4.4 Diffie-Hellman group 28 algorithm with HKDF-256 6.4.5 Key derivation 6.4.5.1 General 6.4.5.2 HMAC-based extract-and-expand key derivation function
20	6.4.6 Special conditions 6.5 Multiple-cryptographic algorithm-value pairs 6.5.1 Multiple digital signatures attached to data 6.5.2 Double digital signature attached to data 6.5.3 Duplicate integrity check values attached to data
21	6.6 Formal specification of encipherment 6.6.1 Formal specification of encryption 6.6.2 Formal specification of authenticated encryption with associated data
22	7 General concepts for securing protocols 7.1 Introduction 7.2 Protected protocol plug-in concept 7.3 Communications structure 7.4 Another view of the relationship between the wrapper protocol and the protected protocol
23	7.5 Structure of application protocol data unit 7.6 Exception conditions
24	8 Wrapper protocol general concepts 8.1 Introduction 8.2 UTC time specification 8.3 Use of alternative cryptographic algorithms 8.4 Establishment of shared keys
25	8.5 Sequence numbers 8.6 Use of invocation identification in the wrapper protocol 8.7 Mapping to underlying services 8.8 Definition of protected protocols 8.9 Overview of wrapper protocol data units
26	9 Association management 9.1 Introduction to association management 9.2 Association handshake request
28	9.3 Association accept
29	9.4 Association reject due to security issues
30	9.5 Association reject by the protected protocol
31	9.6 Handshake security abort 9.7 Handshake abort by protected protocol
32	9.8 Data transfer security abort 9.9 Abort by protected protocol
33	9.10 Release request WrPDU 9.11 Release response WrPDU
34	9.12 Release collision 10 Data transfer phase 10.1 Symmetric keys renewal 10.2 Data transfer by the client 10.2.1 General
35	10.2.2 Client using authenticated encryption with associated data 10.2.3 Client not using authenticated encryption with associated data 10.2.4 Client non-encrypted data
36	10.3 Data transfer by the server 10.3.1 General 10.3.2 Server using authenticated encryption with associated data 10.3.3 Server not using authenticated encryption with associated data
37	10.3.4 Server non-encrypted data
38	11 Information flow 11.1 Purpose and general model
39	11.2 Protected protocol SAOC 11.3 Wrapper SAOC 11.3.1 General 11.3.2 Handshake request subclass 11.3.3 Handshake accept subclass 11.3.4 Handshake security reject subclass 11.3.5 Handshake reject by protected protocol subclass
40	11.3.6 Handshake security abort subclass 11.3.7 Handshake abort by protected protocol subclass 11.3.8 Data transfer security abort subclass 11.3.9 Data transfer application abort subclass 11.3.10 Release request subclass 11.3.11 Release response subclass
41	11.3.12 Client data transfer with authenticated encryption with associated data subclass 11.3.13 Client data transfer with integrity check value protection subclass 11.3.14 Server data transfer with authenticated encryption with associated data subclass 11.3.15 Client data transfer with integrity check value protection subclass
42	12 Wrapper error handling 12.1 General 12.2 Checking of a wrapper handshake request 12.2.1 General 12.2.2 Digital signature checking 12.2.3 Checking of the to-be-signed part
43	12.3 Checking of a wrapper handshake accept 12.3.1 General 12.3.2 Digital signature checking 12.3.3 Checking of the to-be-signed part
44	12.4 Checking of data transfer WrPDUs 12.4.1 General 12.4.2 Common checking for data transfer 12.4.2.1 Common checking for use of authenticate encryption with associated data 12.4.2.2 Common checking for non-use of authenticate encryption with associated data
45	12.4.2.3 Common checking for AadClient and AadServer data types 12.4.5 AadClient data value specific checking 12.4.6 AadServer data value specific checking
46	12.5 Wrapper diagnostic codes
47	13 Authorization and validation list management 13.1 General on authorization and validation management 13.1.1 Introduction 13.1.2 Invocation identification 13.1.3 Exception conditions 13.2 Defined protected protocol data unit types
48	13.3 Authorization and validation management protocol initialization request 13.4 Authorization and validation management protocol initialization accept 13.5 Authorization and validation management protocol initialization reject 13.6 Authorization and validation management protocol initialization abort
49	13.7 Add authorization and validation list request
50	13.8 Add authorization and validation list response 13.9 Replace authorization and validation list request 13.10 Replace authorization and validation list response
51	13.11 Delete authorization and validation list request 13.12 Delete authorization and validation list response
52	13.13 Authorization and validation list abort 13.14 Authorization and validation list error codes
53	14 Certification authority subscription protocol 14.1 Certification authority subscription introduction 14.2 Defined protected protocol data unit types 14.3 Certification authority subscription protocol initialization request
54	14.4 Certification authority subscription protocol initialization accept 14.5 Certification authority subscription protocol initialization reject 14.6 Certification authority subscription protocol initialization abort 14.7 Public-key certificate subscription request
55	14.8 Public-key certificate subscription response
56	14.9 Public-key certificate un-subscription request 14.10 Public-key certificate un-subscription response
57	14.11 Public-key certificate replacements request
58	14.12 Public-key certificate replacement response
59	14.13 End-entity public-key certificate updates request 14.14 End-entity public-key certificate updates response
60	14.15 Certification authority subscription abort 14.16 Certification authority subscription error codes
61	15 Trust broker protocol 15.1 Introduction 15.2 Defined protected protocol data unit types 15.3 Trust broker protocol initialization request 15.4 Trust broker protocol initialization accept
62	15.5 Trust broker protocol initialization reject 15.6 Trust broker protocol initialization abort 15.7 Trust broker request syntax 15.8 Trust broker response syntax
63	15.9 Trust broker error information
86	H.1 Introduction H.2 Negotiation of cryptographic algorithms H.2.1 Cryptographic negotiation for new protocols H.2.2 Cryptographic negotiation for existing protocols
87	H.3 Non-negotiable digital signature algorithms H.3.1 General
88	H.3.2 Duplicate signatures for new protocols H.3.3 Duplicate signatures for existing protocols

Additional information

Status	Under Review
Pages	96
Publication Date	2021-01-07
ISBN	978 0 580 99878 2
Standard Number	BS ISO/IEC 9594-11:2020
Title	Information technology. Open systems interconnection directory – Protocol specifications for secure operations
Identical National Standard Of	ISO/IEC 9594-11
Descriptors	Information technology, Open systems interconnection, Directories, Specifications, Algorithms
Publisher	BSI
Committee	IST/6
ICS Codes	35.100.70 - Application layer

Preview PDF


PDF Format	Searchable	Printable	Preview Now

BS ISO/IEC 9594-11:2020:2021 Edition

PDF Catalog

Related products