1 Scope
2
Normative references
2.1 Identical Recommendations | International Standards
2.2 Paired Recommendations | International Standards equivalent in
technical content
2.3 Additional References
3
Definitions
3.1 Reference Model definitions
3.2 Security Architecture definitions
3.3 Service Convention definitions
3.4 Network Service definitions
3.5 Internal Organisation of the Network Layer definitions
3.6 Connectionless Network Protocol definitions
3.7 Upper Layer Security Model definitions
3.8 Conformance Testing definitions
3.9 Additional definitions
4
Abbreviations
4.1 Data Units
4.2 Protocol Data Unit Fields
4.3 Parameters
4.4 Miscellaneous
5
Overview of the Protocol
5.1 Introduction
5.2 Overview of Services Provided
5.3 Overview of Services Assumed
5.4 Security Associations and Security Rules
5.5 Overview of Protocol – Protection Functions
5.6 Overview of Protocol – NLSP-CL
5.7 Overview of Protocol – NLSP-CO
6
Protocol Functions Common to NLSP-CL and NLSP-CO
6.1 Introduction
6.2 Common SA Attributes
6.3 Common Functions on a Request for an Instance of Communication
6.4 Secure Data Transfer Protocol Functions
6.5 Use of a Security Association Protocol
7
Protocol Functions FOR NLSP-CL
7.1 Services Provided by NLSP-CL
7.2 Services Assumed
7.3 Security Association Attributes
7.4 Checks
7.5 In-Band SA Establishment
7.6 Processing NLSP-UNITDATA Request
7.7 Processing UN-UNITDATA Indication
8
Protocol Functions for NLSP-CO
8.1 Services Provided by NLSP-CO
8.2 Services Assumed
8.3 Security Association Attributes
8.4 Checks and other
Common Functions
8.5 NLSP-Connect Functions
8.6 NLSP-DATA Functions
8.7 NLSP-EXPEDITED-DATA Functions
8.8 RESET Functions
8.9 NLSP-DATA ACKNOWLEDGE
8.10 NLSP-DISCONNECT
8.11 Other Functions
8.12 Peer Entity Authentication
9
Overview of Mechanisms used
9.1 Security Services and Mechanisms
9.2 Functions Supported
10 Connection security control
(NLSP-CO only)
10.1 Overview
10.2 SA-Attributes
10.3 Procedures
10.4 CSC-PDU Fields used
11 SDT PDU Based encapsulation
Function
11.1 Overview
11.2 SA Attributes
11.3 Procedures
11.4 PDU Fields used
12 No-Header Encapsulation Function
(NLSP-CO only)
12.1 Overview
12.2 SA Attributes
12.3 Procedures
13 Structure and Encoding of PDUS
13.1 Introduction
13.2 Content Field Format
13.3 Protected Data
13.4 Security Association PDU
13.5 Connection Security Control PDU
14 Conformance
14.1 Static Conformance Requirements
14.2 Dynamic Conformance Requirements
14.3 Protocol Implementation
Conformance Statement
Annex A – Mapping UN primitives to
CCITT Rec. X.213 | ISO 8348
Annex B – Mapping UN Primitives to
CCITT Rec. X.25 | ISO 8208
Annex C – Security Association Protocol
Using Key Token Exchange and Digital Signatures
C.1 Overview
C.2 Key Token Exchange (KTE)
C.3 SA-Protocol Authentication
C.4 SA Attribute Negotiation
C.5 SA Abort/Release
C.6 Mapping of SA-Protocol Functions to Protocol Exchanges
C.7 SA PDU – SA Contents
Annex D – NLSP PICS Proforma
D.1 Introduction
D.2 Abbreviations and Special Symbols
D.3 Instructions for Completing the PICS Proforma
D.4 Identification
D.5 Features Common to NLSP-CO and NLSP-CL
D.6 Features Specific to NLSP-CL
D.7 Features Specific to NLSP-CO
Annex E – Tutorial on some Basic
Concepts of NLSP
E.1 Basis of Protection
E.2 Underlying vs NLSP Service
E.3 NLSP Addressing
E.4 Connection Mode NLSP
E.5 Connectionless Mode NLSP
E.6 Security Attributes and Associations
E.7 Dynamic Functional Relationship between NLSP and CLNP
E.8 Dynamic Functionality
Related to Layered Model
Annex F – Example of an Agreed Set of
Security Rules
Annex G – Security Associations and
Attributes
Annex H – Example Key Token Exchange –
EKE Algorithm