This is a free 6 page sample. Access the full version at http://infostore.saiglobal.com.

X.400 SECURITY
Implementation Guide

SAA/SNZ HB74:1996

This is a free 6 page sample. Access the full version at http://infostore.saiglobal.com.

THIS PAGE IS INTENTIONALLY LEFT BLANK.

This is a free 6 page sample. Access the full version at http://infostore.saiglobal.com.

X.400 Security

Implementation Guide

ISBN 7337 0195 7

SAA/SNZ HB74:1996

PREFACE
This X.400 Security Implementation Guide is intended to provide sufficient information to enable the transfer of EDI messages with appropria te security using X.400 protocols. The document includes a brief overview of X.400 and of X.400 security. EDI security may also be implemented entirely within the EDI message. Security standards exist or are currently near completion for ANSI X12 and UN/EDIFACT documents. Messages with or without ANSI X12 or UN/EDIFACT security may be carried by X.400 with or without X.400 security. The choice of method of applying security is left to the user to determine which best meets their requirements and capability.
This is a free 6 page sample. Access the full version at http://infostore.saiglobal.com.

This handbook was produced by a subgroup of the Electronic Data Interchange : Message Administration, Security and Transfer committee. The following documents were used as reference: EDI Message Security Guide (Electronic Commerce Australia) X.400/X.500 Standard s NIST Specification, Publication 500-202.

Copyright-STANDARDS AUSTRALIA Users of Standards are reminded that copyright subsists in all Standards Australia publications and software. Except where the Copyright Act allows and except where provided for below no publications or software produced by Standards Australia may be reproduced, stored in a retrievalsystem in any form or transmittedby any means without prior permission in writing from Standards Australia. Permission may be conditional on an appropriate royalty payment. Requests for permission and information on commercial softwareroyalties should be directed to the head office of Standards Australia. Standards Australia will permit up to 10 percent of the technical content pages of a Standard to be copied for use exclusively in-house by purchasers of theStandard without payment of a royalty or advice to Standards Australia. Standards Australia will also permit the inclusion of its copyright material in computer software programs for no royalty payment provided such programs are used exclusively in-house by the creators of the programs. Care should be taken to ensure that material used is from the current edition of the Standard and that it is updated whenever the Standards is amended or revised. The number and date of the Standard should therefore be clearly identified. The use of material in print form or in computer software programs to be used commercially, with or without payment, or in commercial contracts is subject to the payment of a royalty. This policy may be varied by Standards Australia at any time.

SAA/SNZ HB74:1996

CONTENTS

Page SECTION 1 INTRODUCTI ON AND SCOPE 1.1 Document purpose ................................................................ 1.2 Scope .................................................................................... 1.3 Definitions.............................................................................. 1.4 Overview................................................................................ 4 4 4 4

This is a free 6 page sample. Access the full version at http://infostore.saiglobal.com.

SECTION 2 X.400 OVERVIEW 2.1 What is X.400? ...................................................................... 2.2 How does X.400 work?.......................................................... 2.3 X.400 protocols......................................................................

5 5 8

SECTION 3 SECURITY SERVICES WITHIN X.400 3.1 Security services within X.400 ............................................... 3.2 X.400 security services.......................................................... 3.3 OSI implementors guide........................................................ 3.4 Security services for secure transmission in an EDI environment ...........................................................................

12 14 16 17

SECTION 4 IMPLEMENTATION 4.1 Purpose ................................................................................. 4.2 X.400 service elements ......................................................... 4.3 Description of security service implementations .................... 4.4 Algorithm choices ..................................................................

19 19 21 24

SAA/SNZ HB74:1996

SECTION 1
1.1

INTRODUCTION AND SCOPE

DOCUMENT PURPOSE

The primary purpose of this document is to enable the implementation of end-toend security services for the transfer of EDI data within the scope of the joint CCITT X.400/ISO-IEC MOTIS series of recommendations. (From herein simply referre d to by using the commonly known term X.400) This document may also be seen as an educational tool in both the areas of X.400 and EDI message security. However, this is more a consequence than an objective. It is assumed that the reader has a good under standing of EDI security issues and a reasonable working knowled ge of X.400. For gener al security information the Electronic Commerce Australia publication, EDI Message Security Guide, is highly recommended as prerequisite reading.

This is a free 6 page sample. Access the full version at http://infostore.saiglobal.com.

1.2

SCOPE

The scope of this document is limited to the security services which are a subset of services available in the 1988 X.400 standards (and the 1990 X.435 standards). Secure end-to-end transfer of EDI messages is the prime focus of this document. Much of the material covered is applicable to non-EDI messages (eg E-mail), and therefore it should be used as a basis for further study for non-ED I X.400 security.

1.3

DEFINITIONS

Care has been taken throug hout this document to use definitions consistent with existing documentation. X.400 type terms are used as per the X.400 standards. Security terms are generally used as per the EDI Message Security Guide.

1.4

OVERVIEW

The document has four major sections, including this introductory Section. Section 2 provides a high level description of X.400, how it works, the protocols used and the major components. Section 3 discusses the security services supported within the X.400 environment. From these, the end-to-end services applicable to EDI are discussed in greater depth. Section 4 provides specific details on the implementation of end-to-end X.400 security. It details which fields and service elements should be used and the information they should contain.

This is a free preview. Purchase the entire publication at the link below:

HB 74:1996, X.400 Security Implementation Guide

This is a free 6 page sample. Access the full version at http://infostore.saiglobal.com.

Looking for additional Standards? Visit SAI Global Infostore Subscribe to our Free Newsletters about Australian Standards in Legislation; ISO, IEC, BSI and more Do you need to Manage Standards Collections Online? Learn about LexConnect, All Jurisdictions, Standards referenced in Australian legislation Do you want to know when a Standard has changed? Want to become an SAI Global Standards Sales Affiliate? Learn about other SAI Global Services: LOGICOM Military Parts and Supplier Database Metals Infobase Database of Metal Grades, Standards and Manufacturers Materials Infobase Database of Materials, Standards and Suppliers Database of European Law, CELEX and Court Decisions

Need to speak with a Customer Service Representative - Contact Us