| 分布式账本技术的安全保证 |
为促进安全保证机制的设计和开发,ITU-T X.1404建议书为分布式分类账技术(DLT)定义了三个级别的安全保证。此外,这一建议书进一步定义了包含安全保证的十个安全保证组件,并为实现安全保证组件三个级别的各个级别指定了标准和导则。最后,建议书还提供了特定威胁和安全保证组件之间的映射,以及特定安全功能和安全保证组件之间的映射。
分布式分类账技术(DLT)被定义为共用的数字分类账,是所有交易不断更新的列表。DLT的保证被定义为过程或可交付成果能够满足定义的特征或目标的置信度。可将保证水平视为有关各方商定保证的量化表达。
需要为实现安全保证组件三级别的各个级别指定标准和导则:数据完整性、数据机密性、凭证管理、用户身份验证、实体认证、授权、数据混淆、共识机制的强度、智能合同以及个人可识别信息(PII)数据保护。为了便于设计和开发安全保证机制,本建议书是建立在三个级别的安全保证的基础之上。 |
|
| Citation: |
https://handle.itu.int/11.1002/1000/14450 |
| Series title: |
X series: Data networks, open system communications and security
X.1300-X.1499: Secure applications and services (II)
X.1400-X.1429: Distributed ledger technology (DLT) security |
| Approval date: |
2020-10-29 |
| Provisional name: | X.sa-dlt |
| Approval process: | AAP |
|
Status: |
In force |
|
Maintenance responsibility: |
ITU-T Study Group 17 |
|
Further details: |
Patent statement(s)
Development history
|
|
|
| Ed. |
ITU-T Recommendation |
Status |
Summary |
Table of Contents |
Download |
|
1
|
X.1404 (10/2020)
|
In force
|
here
|
here
|
here
|
| Title |
Approved on |
Download |
|
Guidelines for identity-based cryptosystems used for cross-domain secure communications
|
2023
|
here
|
|
Overview of hybrid approaches for key exchange with quantum key distribution
|
2022
|
here
|
|
Guidelines for security management of using artificial intelligence technology
|
2022
|
here
|
|
Successful use of security standards (2nd edition)
|
2020
|
here
|
|
Description of the incubation mechanism and ways to improve it
|
2020
|
here
|
|
Strategic approaches to the transformation of security studies
|
2020
|
here
|
|
