The scope of the present document is to recommend a framework for the secure provision of Lawful Interception (LI) and Data Retention (DR) services of a Communication Service Provider (CSP) towards the Law Enforcement Agencies. This framework aims to guarantee security in terms of confidentiality@ integrity@ forward secrecy@ forward integrity and non-repudiation within CSP's LI and DR systems@ operations and CSP internal and external interfaces for the delivery of IRI@ CC and DR data towards any LEAs. The present document initially describes the assets to be protected and then analyses the related security threats. Finally it recommends a range of security measures and controls necessary for achieving the desired level of security. The security measures content contains an unbreakable set of security categories where most of the measures@ for each category@ are indispensable controls while some others can be optionally chosen for creating a tighter security framework. Annexes are also defined. Annex A lists all recommended measures and controls@ associates these measures with the respective systems@ services and interfaces and also with the respective threats that aims to overcome. Annex B provides a secure logging infrastructure. Annex C provides a solution for protecting the retained data during the operation of the DR service while annex D provides a guide for cryptographic algorithms.
TR 102 661-2008由ETSI - European Telecommunications Standards Institute 发布于 2008-11-01,并于 2014-04-07 实施。
非常抱歉,我们暂时无法提供预览,您可以试试: 免费下载 TR 102 661-2008 前三页,或者稍后再访问。
点击下载后,生成下载文件时间比较长,请耐心等待......
Copyright ©2007-2022 ANTPEDIA, All Rights Reserved
京ICP备07018254号 京公网安备1101085018 电信与信息服务业务经营许可证:京ICP证110310号