IEEE 802.10c-1998

To define a standard for services, protocols, data formats, and interfaces that will allow secure IEEE 802 LAN products to interoperate. IEEE 802.10 has specified three areas for standardization: Secure Data Exchange, Key Management, and Security Management, and the objects necessary to manage each protocol. The goals of each of these areas of SILS are to be as independent as possible of any particular encryption algorithm, such as DES or RSA, and of the transmission media. The work in each area is based on the OSI Seven Layer model (IS 7498) and on the OSI Security Architecture (IS 7498/2). The Key Management Standard specifies a Layer 7 protocol that will provide secure automated management of the cryptographic keys to be used by the Secure Data Exchange at Layer 2 or by Security Management at Layer 7. The standard will draw on work already done for Key Management by other standards groups. The ANSI X9.E9 group has written a Key Management standard for use by the Banking Community. ECMA TC32/TG9 has proposed a framework for secure applications, and the Secure Data Network System (SDNS) project has developed a key management standard for use with public key algorithms. The 802.10 Key Management standard will consider each of these standards to determine if the standard or some form of the standard is appropriate for use with LANs. The appendices to the SILS Key Management standard will provide explanatory information for the standard. The Rationale for Security Services Appendix will explain why the services that Key Management provides are appropriate for the management of cryptographic keys on LANs and how those services address the threats posed to the security of automated key distribution on LANs. The Examples of Algorithms Appendix will give an example of the use of Key Management withparticular algorithms. The Philosophy of Key Management Appendix will provide guidelines on the manual aspects of key management such as the secure distribution of Initialization Keys.

The purpose is threefold. First, the standard must specify the minimally acceptable security services to be supported primarily by encryption for IEEE 802 LANs. Second, the standard must define logical and physical mechanisms for achieving these services; this includes the managed objects required to support the processing to provide the services. Finally and most important, the standard must maximize interoperability of products in an open systems interconnection architecture.

Amendment Standard - Inactive-Withdrawn. Withdrawn Jan 16, 2004. This IEEE Standards product is part of the 802 family on LAN/MAN. A cryptographic key management model and a key management OSI Basic Reference Model Application Layer protocol are specified.