IEEE 1244.2-2000 pdf download
IEEE 1244.2-2000 pdf download.IEEE Standard for Media Management Systems (MMS) Session Security, Authentication,Initialization Protocol (SSAIP).
Some typical applications, where security considerations may be found to differ, may be as follows:
a) Home office: Isolated machine or machines using automated backup to a very small CD-RW or 8 mm library, requiring no privacy and no authentication. A vendor of such a facility can still be MMS-standards compliant.
b) Typical in-house business: With checked authentication of the client (to safeguard against careless accidents), but no server authentication and no privacy (U.S. law comes close to guaranteeing lack of privacy in the work situation).
C) 1)01) classified site: High-assurance authentication of the client is required in order to enforce “need to know” but little or no authentication of the server is needed, nor is privacy needed, because the network is physically protected.
d) Business-to-business over the public Internet: Privacy is needed, as well as highly assured authentication of the client to the server, and the server to the client.
1.2 Purpose
The purpose of this standard is to specify the protocol messages that pass between the Media Management System (MMS) Client or MMS Module and the Media Manager (MM), so that any IEEE 1244 compliant MM and any IEEE 1244 compliant MMS Client or MMS Module may communicate as described in this standard. This protocol determines all relevant behavior and state of the MMS Client or MMS Module and MM, from the time the MMS Client or MMS Module decides to initiate a communication session with the MM until this session is either successfully established or the attempt to establish such a communication session has failed as determined by this protocol.
1.3 Conformance
A MMS Module or MMS Client conforms to this standard if it can send and receive all required protocol messages in the syntax described in this standard, and if it acts in accordance with the semantics of those messages, as described in this standard and the related standards mentioned in Clause 2. Protocol messages described as optional components in this standard are not required in order for an MMS Module or MMS Client to conform to this standard. However, if they are impleniented, they must act in accordance with the semantics of those messages, as described in this standard and the related standards mentioned in 1 .1.
No additional messages may be added to the language, unless they are described in this standard and the related standards mentioned in 1.1 in order to promote compatibility between all MMS Modules and MMS clients that claim conformance with this standard.
There are multiple levels of security, composed from the following three independent decisions:
a) Decision 1: The client decides on a level of privacy, and effects that decision by connecting to the MMS server via port 651 (the uninterrupted port), or via port 695 (the SSL encrypted port). A particular MMS server may choose to support either or both ports by establishing listeners on one, or the other, or both, ports.
b) Decision 2: The client may choose to simply announce itself by means of the hello protocol without using either a password or an X.509 certificate, or to authenticate itself to the MMS server by means of an offered password. or by means of an X.509 certificate. If the client’s choice does not meet the server’s minimum requirements for authentication, the server will reply with an unwelcome message.
c) Decision 3: The server may choose to reply by means of the welcome response without using either a password or an X.509 certificate, or to authenticate itself to the MMS client by means of a password, or by means of an X.509 certificate. If the server’s choice does not meet the client’s minimum requirements for authentication, it will close the connection to the server.
These decisions allow 18 different combinations, but is it expected that MMS standard-conforming product configurations will limit these choices to certain arrangements that reduce the number of possibilities actually used, and will most usually required symmetry of choices by the client and the server. However, this is not a requirement, and it is recognized that there are important situations where asymmetry of the authentication requirements between the client and server is appropriate.
1.4 Rationale
This protocol initiates communication sessions between MMS Modules or MMS Clients and the MM. It is common among all MMS Modules and MMS Clients, and provides a way of negotiating and establishing an agreement on language and language version between those components. Even if these MMS Modules or MMS Clients are originating from different suppliers and support one or more different languages, as described in this standard and the related standards mentioned in 1.1, they shall be able to communicate with each other. This establishes mechanisms that will allow the support of different languages and language versions by the MMS Clients and MMS Modules and increase the tiexibility and adaptability of the standard described here in this standard and the standards mentioned in 1.1.