ISO 8802:2020
ISO 8802:2020 Telecommunications and exchange between information technology systems – Requirements for local and metropolitan area networks – Part 1AE: Media access control (MAC) security
CDN $390.00
Description
This document specifies provision of connectionless user data confidentiality, frame data integrity, and data origin authenticity by media access independent protocols and entities that operate transparently to MAC Clients.
NOTE-The MAC Clients are as specified in IEEE Std 802®, IEEE Std 802.1Q?, and IEEE Std 802.1X.2
To this end, it
a) Specifies the requirements to be satisfied by equipment claiming conformance to this standard.
b) Specifies the requirements for MACsec in terms of provision of the MAC Service and the
preservation of the semantics and parameters of service requests and indications.
c) Describes the threats, both intentional and accidental, to correct provision of the service.
d) Specifies security services that prevent, or restrict, the effect of attacks that exploit these threats.
e) Examines the potential impact of both the threats and the use of MACsec on the Quality of Service
(QoS), specifying constraints on the design and operation of MAC Security entities and protocols.
f) Models support of the secure MAC Service in terms of the operation of media access control method
independent MAC Security Entities (SecYs) within the MAC Sublayer.
g) Specifies the format of the MACsec Protocol Data Unit (MPDUs) used to provide secure service.
h) Identifies the functions to be performed by each SecY, and provides an architectural model of its
internal operation in terms of Processes and Entities that provide those functions.
i) Specifies each SecY’s use of an associated and collocated Port Access Entity (PAE,
IEEE Std 802.1X) to discover and authenticate MACsec protocol peers and its use of that PAE’s
Key Agreement Entity (KaY) to agree and update cryptographic keys.
j) Specifies performance requirements and recommends default values and applicable ranges for the
operational parameters of a SecY.
k) Specifies how SecYs are incorporated within the architecture of end stations, bridges, and two-port
Ethernet Data Encryption devices (EDEs).
l) Establishes the requirements for management of MAC Security, identifying the managed objects
and defining the management operations for SecYs.
m) Specifies the Management Information Base (MIB) module for managing the operation of MAC
Security in TCP/IP networks.
n) Specifies requirements, criteria, and choices of Cipher Suites for use with this standard.
Edition
2
Published Date
2020-08-21
Status
PUBLISHED
Pages
221
Language
English
Format
Secure PDF
Secure – PDF details
- Save your file locally or view it via a web viewer
- Viewing permissions are restricted exclusively to the purchaser
- Device limits - 3
- Printing – Enabled only to print (1) copy
See more about our Environmental Commitment
Abstract
This document specifies provision of connectionless user data confidentiality, frame data integrity, and data origin authenticity by media access independent protocols and entities that operate transparently to MAC Clients.
NOTE-The MAC Clients are as specified in IEEE Std 802®, IEEE Std 802.1Q?, and IEEE Std 802.1X.2
To this end, it
a) Specifies the requirements to be satisfied by equipment claiming conformance to this standard.
b) Specifies the requirements for MACsec in terms of provision of the MAC Service and the
preservation of the semantics and parameters of service requests and indications.
c) Describes the threats, both intentional and accidental, to correct provision of the service.
d) Specifies security services that prevent, or restrict, the effect of attacks that exploit these threats.
e) Examines the potential impact of both the threats and the use of MACsec on the Quality of Service
(QoS), specifying constraints on the design and operation of MAC Security entities and protocols.
f) Models support of the secure MAC Service in terms of the operation of media access control method
independent MAC Security Entities (SecYs) within the MAC Sublayer.
g) Specifies the format of the MACsec Protocol Data Unit (MPDUs) used to provide secure service.
h) Identifies the functions to be performed by each SecY, and provides an architectural model of its
internal operation in terms of Processes and Entities that provide those functions.
i) Specifies each SecY's use of an associated and collocated Port Access Entity (PAE,
IEEE Std 802.1X) to discover and authenticate MACsec protocol peers and its use of that PAE's
Key Agreement Entity (KaY) to agree and update cryptographic keys.
j) Specifies performance requirements and recommends default values and applicable ranges for the
operational parameters of a SecY.
k) Specifies how SecYs are incorporated within the architecture of end stations, bridges, and two-port
Ethernet Data Encryption devices (EDEs).
l) Establishes the requirements for management of MAC Security, identifying the managed objects
and defining the management operations for SecYs.
m) Specifies the Management Information Base (MIB) module for managing the operation of MAC
Security in TCP/IP networks.
n) Specifies requirements, criteria, and choices of Cipher Suites for use with this standard.
Previous Editions
Can’t find what you are looking for?
Please contact us at:
Related Documents
-
ISO 3833:1977 Road vehicles – Types – Terms and definitions
CDN $115.00 Add to cart -
ISO 14416:2003 Information and documentation – Requirements for binding of books, periodicals, serials and other paper documents for archive and library use – Methods and materials
CDN $273.00 Add to cart -
ISO 2574:1994 Aircraft – Electrical cables – Identification marking
CDN $115.00 Add to cart -
ISO 5053:2019 Industrial trucks – Vocabulary – Part 2: Fork arms and attachments
CDN $351.00 Add to cart
