《TIA-102.AAAB-A-2005.pdf》由会员分享,可在线阅读,更多相关《TIA-102.AAAB-A-2005.pdf(38页珍藏版)》请在三一文库上搜索。
1、 TIA STANDARD Project 25 Digital Land Mobile Radio Security Services Overview TIA-102.AAAB-A (Revision of TIA-102.AAAB) January 2005 TELECOMMUNICATIONS INDUSTRY ASSOCIATION Representing the telecommunications industry in association with the Electronic Industries Alliance ANSI/TIA-102.AAAB-A-2005 Ap
2、proved: January 26, 2005 Copyright Telecommunications Industry Association Provided by IHS under license with EIALicensee=IHS Employees/1111111001, User=Wing, Bernie Not for Resale, 03/29/2007 21:13:13 MDTNo reproduction or networking permitted without license from IHS -,-,- NOTICE TIA Engineering S
3、tandards and Publications are designed to serve the public interest through eliminating misunderstandings between manufacturers and purchasers, facilitating interchangeability and improvement of products, and assisting the purchaser in selecting and obtaining with minimum delay the proper product fo
4、r their particular need. The existence of such Standards and Publications shall not in any respect preclude any member or non-member of TIA from manufacturing or selling products not conforming to such Standards and Publications. Neither shall the existence of such Standards and Publications preclud
5、e their voluntary use by Non-TIA members, either domestically or internationally. Standards and Publications are adopted by TIA in accordance with the American National Standards Institute (ANSI) patent policy. By such action, TIA does not assume any liability to any patent owner, nor does it assume
6、 any obligation whatever to parties adopting the Standard or Publication. This Standard does not purport to address all safety problems associated with its use or all applicable regulatory requirements. It is the responsibility of the user of this Standard to establish appropriate safety and health
7、practices and to determine the applicability of regulatory limitations before its use. (From Standards Proposal No. 3-4912-RV1, formulated under the cognizance of the TIA TR-8.3 Subcommittee on Encryption). Published by TELECOMMUNICATIONS INDUSTRY ASSOCIATION 2004 Standards and Technology Department
8、 2500 Wilson Boulevard Arlington, VA 22201 U.S.A. PRICE: Please refer to current Catalog of TIA TELECOMMUNICATIONS INDUSTRY ASSOCIATION STANDARDS AND ENGINEERING PUBLICATIONS or call Global Engineering Documents, USA and Canada (1-800-854-7179) International (303-397-7956) or search online at http:/
9、www.tiaonline.org/standards/search_n_order.cfm All rights reserved Printed in U.S.A. Copyright Telecommunications Industry Association Provided by IHS under license with EIALicensee=IHS Employees/1111111001, User=Wing, Bernie Not for Resale, 03/29/2007 21:13:13 MDTNo reproduction or networking permi
10、tted without license from IHS -,-,- NOTICE OF COPYRIGHT This document is copyrighted by the TIA. Reproduction of these documents either in hard copy or soft copy (including posting on the web) is prohibited without copyright permission. For copyright permission to reproduce portions of this document
11、, please contact TIA Standards Department or go to the TIA website (www.tiaonline.org) for details on how to request permission. Details are located at: http:/www.tiaonline.org/about/faqDetail.cfm?id=18 OR Telecommunications Industry Association Standards (b) there is no assurance that the Document
12、will be approved by any Committee of TIA or any other body in its present or any other form; (c) the Document may be amended, modified or changed in the standards development or any editing process. The use or practice of contents of this Document may involve the use of intellectual property rights
13、(“IPR”), including pending or issued patents, or copyrights, owned by one or more parties. TIA makes no search or investigation for IPR. When IPR consisting of patents and published pending patent applications are claimed and called to TIAs attention, a statement from the holder thereof is requested
14、, all in accordance with the Manual. TIA takes no position with reference to, and disclaims any obligation to investigate or inquire into, the scope or validity of any claims of IPR. TIA will neither be a party to discussions of any licensing terms or conditions, which are instead left to the partie
15、s involved, nor will TIA opine or judge whether proposed licensing terms or conditions are reasonable or non-discriminatory. TIA does not warrant or represent that procedures or practices suggested or provided in the Manual have been complied with as respects the Document or its contents. TIA does n
16、ot enforce or monitor compliance with the contents of the Document. TIA does not certify, inspect, test or otherwise investigate products, designs or services or any claims of compliance with the contents of the Document. ALL WARRANTIES, EXPRESS OR IMPLIED, ARE DISCLAIMED, INCLUDING WITHOUT LIMITATI
17、ON, ANY AND ALL WARRANTIES CONCERNING THE ACCURACY OF THE CONTENTS, ITS FITNESS OR APPROPRIATENESS FOR A PARTICULAR PURPOSE OR USE, ITS MERCHANTABILITY AND ITS NON- INFRINGEMENT OF ANY THIRD PARTYS INTELLECTUAL PROPERTY RIGHTS. TIA EXPRESSLY DISCLAIMS ANY AND ALL RESPONSIBILITIES FOR THE ACCURACY OF
18、 THE CONTENTS AND MAKES NO REPRESENTATIONS OR WARRANTIES REGARDING THE CONTENTS COMPLIANCE WITH ANY APPLICABLE STATUTE, RULE OR REGULATION, OR THE SAFETY OR HEALTH EFFECTS OF THE CONTENTS OR ANY PRODUCT OR SERVICE REFERRED TO IN THE DOCUMENT OR PRODUCED OR RENDERED TO COMPLY WITH THE CONTENTS. TIA S
19、HALL NOT BE LIABLE FOR ANY AND ALL DAMAGES, DIRECT OR INDIRECT, ARISING FROM OR RELATING TO ANY USE OF THE CONTENTS CONTAINED HEREIN, INCLUDING WITHOUT LIMITATION ANY AND ALL INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES (INCLUDING DAMAGES FOR LOSS OF BUSINESS, LOSS OF PROFITS, LITIGATION,
20、OR THE LIKE), WHETHER BASED UPON BREACH OF CONTRACT, BREACH OF WARRANTY, TORT (INCLUDING NEGLIGENCE), PRODUCT LIABILITY OR OTHERWISE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE FOREGOING NEGATION OF DAMAGES IS A FUNDAMENTAL ELEMENT OF THE USE OF THE CONTENTS HEREOF, AND THESE CONTENTS W
21、OULD NOT BE PUBLISHED BY TIA WITHOUT SUCH LIMITATIONS. Copyright Telecommunications Industry Association Provided by IHS under license with EIALicensee=IHS Employees/1111111001, User=Wing, Bernie Not for Resale, 03/29/2007 21:13:13 MDTNo reproduction or networking permitted without license from IHS
22、-,-,- TIA 102.AAAB-A i Contents 1 Introduction1 1.1 Scope1 1.2 Document Description2 1.3 Document Revision History.3 1.4 Definitions.3 1.5 Abbreviations .5 1.6 References.6 1.7 Overview.6 2 Security Threats .7 2.1 Message Interception.7 2.2 Message Replay7 2.3 Spoofing7 2.4 Misdirection8 2.5 Jamming
23、 .8 2.6 Traffic Analysis 9 2.7 Subscriber Duplication9 2.8 Theft of Service10 2.9 Theft of Unit10 3 Confidentiality.11 3.1 Encryption Transformation.12 3.1.1 Traffic Encryption.14 3.1.2 Air Interface Encryption.15 4 Integrity16 4.1 Chronological Integrity16 4.2 Message Integrity17 5 Authentication.1
24、9 6 Key Management .22 6.1 Physical Key Distribution23 6.2 Over-the-Air Key Distribution.23 6.2.1 Automated Key Management.24 6.2.2 Public Key Techniques26 6.3 Key Compromise.26 Copyright Telecommunications Industry Association Provided by IHS under license with EIALicensee=IHS Employees/1111111001,
25、 User=Wing, Bernie Not for Resale, 03/29/2007 21:13:13 MDTNo reproduction or networking permitted without license from IHS -,-,- TIA 102.AAAB-A ii Foreword (This foreword is not part of this document.) This document has been submitted to APCO/NASTD/FED by the Telecommunications Industry Association
26、(TIA), as provided for in a Memorandum of Understanding (MOU) dated December, 1993. That MOU provides that APCO/NASTD/FED will devise a Common System Standard for digital public safety communications (the Standard), and that TIA shall provide technical assistance in the development of documentation
27、for the Standard. This document has been developed by TR8.3 (Encryption) with inputs from the APCO Project 25 Interface Committee (APIC), the APIC Encryption Task Group, and TIA Industry members. This document is being published to provide technical information on the emerging digital techniques for
28、 Land Mobile Radio Service. Security services are intended to neutralize security threats to a radio system. The nature of these threats is discussed in this document, and the security services to counter these threats are defined. These services apply to both conventional and trunking systems. This
29、 document presents security services that were recommended by TIA to APCO/NASTD/FED as being suitable for use as part of their standard for a digital public safety radio system (Project 25). Copyright Telecommunications Industry Association Provided by IHS under license with EIALicensee=IHS Employee
30、s/1111111001, User=Wing, Bernie Not for Resale, 03/29/2007 21:13:13 MDTNo reproduction or networking permitted without license from IHS -,-,- TIA 102.AAAB-A iii Patent Identification The readers attention is called to the possibility that compliance with this document may require the use of one or m
31、ore inventions covered by patent rights. By publication of this document no position is taken with respect to the validity of those claims or any patent rights in connection therewith. The patent holders so far identified have, we believe, filed statements of willingness to grant licenses under thos
32、e rights on reasonable and nondiscriminatory terms and conditions to applicants desiring to obtain such licenses. The following patent holders and patents have been identified in accordance with the TIA intellectual property rights policy: No patents have been identified. TIA shall not be responsibl
33、e for identifying patents for which licenses may be required by this document or for conducting inquiries into the legal validity or scope of those patents that are brought to its attention. Copyright Telecommunications Industry Association Provided by IHS under license with EIALicensee=IHS Employee
34、s/1111111001, User=Wing, Bernie Not for Resale, 03/29/2007 21:13:13 MDTNo reproduction or networking permitted without license from IHS -,-,- TIA 102.AAAB-A iv This page is intentionally left blank. Copyright Telecommunications Industry Association Provided by IHS under license with EIALicensee=IHS
35、Employees/1111111001, User=Wing, Bernie Not for Resale, 03/29/2007 21:13:13 MDTNo reproduction or networking permitted without license from IHS -,-,- TIA 102.AAAB-A 1 1 INTRODUCTION In many cases, information security is a vital component of a general land mobile radio system. Several security servi
36、ces are available for implementation in these systems. The services are generally optional and they operate within the bounds of the interfaces defined for non-secure operation. This security overlay may be used to provide security of information transferred across general FDMA or TDMA land mobile r
37、adio systems. The purpose of this document is to define the meaning of these security services. The definition and detail of how security services are provided is outside the scope of this document. This document was generated in response to Project 25 requirements for security services; however, it
38、 is applicable to any general land mobile communications system. TIA 102 security standard documents define protection of Phase 1 and Phase 2 systems. TIA 905 security standard documents define protection of Phase 2 TDMA systems. The security services defined in the TIA 102 and TIA 905 security docu
39、ments are to be interoperable across the Phase 1 and Phase 2 FDMA and the Phase 2 two-slot TDMA air interfaces. 1.1 Scope A general land mobile radio communications system consists of subscriber units, base stations, fixed equipment for single-site to wide area operation, console operator positions,
40、 and computer equipment. The subscriber units include portable radios for handheld operation and mobile radios for vehicular operation. The base stations are for geographically fixed installations. Other fixed equipment is used for wide area operation and console operator positions, and computer equ
41、ipment is used for interface between each of these equipment items. A standard should exist to describe any given specific instance of such a general land mobile radio system. This document will refer to such a specific instance of a general land mobile radio system as a “Land Mobile Radio system,“
42、to distinguish it from the entire universe of general land mobile radio systems. Specific Land Mobile Radio systems are referenced in the appendices for the instantiation of the security services described in this document. Instances of Land Mobile Radio systems that may apply these security service
43、s are given by TSB 102-A (reference 1) and TIA 905 (reference 2) System and Standards Definition (shell) documents. This document provides an overview of the security services available in Land Mobile Radio systems. It provides the context in which to understand why security services are required an
44、d gives a general high level description of how they are provided. The purpose of security services is to neutralize information security threats to a system. The nature of these threats is discussed in this document and the security services to counter these threats are defined. Copyright Telecommu
45、nications Industry Association Provided by IHS under license with EIALicensee=IHS Employees/1111111001, User=Wing, Bernie Not for Resale, 03/29/2007 21:13:13 MDTNo reproduction or networking permitted without license from IHS -,-,- TIA 102.AAAB-A 2 The security services defined here apply to all asp
46、ects of Land Mobile Radio systems, including trunking and conventional systems as well as voice and data systems. In general the subject of security includes encryption, and this topic is discussed in general terms to explain the different levels of encryption algorithms available within the standar
47、d, and their application to security services. In the context of this document, the specific security requirements are generalized into four security topics: 1. Confidentiality (also known as Privacy) 2. Authentication 3. Integrity 4. Key management These four categories correspond to the security s
48、ervices available to Land Mobile Radio systems. This document does not provide specific message formats or operational details of these security services. Detailed information is provided in the companion documents identified in section 1.6. 1.2 Document Description This document establishes general principles for a security services designed to protect the family of Project 25 systems. ? Section 1 provides a general description, definitions and abbreviations. ? Section 2 provides an overview of security threats. ?