1 Introduction
1.1 Scope
1.2 References
1.3 Definitions
1.4 Rationale
2
System description
2.1 Actors and roles
2.2 Security domains
3
Generic security objectives for TMN
4
Legislation issues
5
Threats and risks
6
Security requirements and services
6.1 Security requirements and corresponding services
6.1.1 Mapping functional requirements, threats
and security objectives
6.1.2 Description of functional requirements
and the corresponding services
6.2 Requirements on the management of security
6.3 Architectural requirements
6.4 Security services and OSI layers
6.4.1
user authentication
6.4.2 authentication (peer entity and data
origin)
6.4.3 access control
6.4.4 security alarm, audit trail and recovery
6.4.5 integrity
6.4.6 confidentiality
6.4.7 non-repudiation
6.5 Security management
Appendix I – Legislation issues
I.1 Introduction
I.2 Applicable legislation areas
I.3 Sources of legislation
I.4 Possible consequences for TMN security standardization
Appendix II – Functional classes and security subprofiles
II.1 Grouping of security measures
II.1.1 The use of FCs in the inter-domain case
II.1.2 The use of FCs in the intra-domain case
II.2 Functional classes
II.3 Security profiles