ANSI INCITS 426 : 2007
Withdrawn
A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.
FIBRE CHANNEL - SECURITY PROTOCOLS (FC-SP)
Hardcopy , PDF
20-09-2015
English
01-01-2007
Foreword
Introduction
1 Scope
2 Normative References
2.1 Overview
2.2 Approved references
2.3 References under development
2.4 Other References
3 Definitions and conventions
3.1 Overview
3.2 Definitions
3.3 Editorial Conventions
3.4 Abbreviations, acronyms, and symbols
3.5 Keywords
3.6 T10 Vendor ID
3.7 Sorting
3.8 Terminate Communication
3.9 State Machine notation
4 Structure and Concepts
4.1 Overview
4.2 FC-SP Compliance
4.3 Fabric Security Architecture
4.4 Authentication Infrastructure
4.5 Authentication
4.6 Security Associations
4.7 Cryptographic Integrity and Confidentiality
4.8 Authorization (Access Control)
4.9 Name Format
5 Authentication Protocols
5.1 Overview
5.2 Authentication Messages Structure
5.3 Authentication Messages Common to Authentication
Protocols
5.4 DH-CHAP Protocol
5.5 FCAP Protocol
5.6 FCPAP Protocol
5.7 AUTH_ILS Specification
5.8 B_AUTH_ILS Specification
5.9 AUTH_ELS Specification
5.10 Re-Authentication
5.11 Timeouts
6 Security Association Management Protocol
6.1 Introduction
6.2 SA Management Messages
6.3 IKE_SA_Init Message
6.4 IKE_Auth Message
6.5 IKE_Create_Child_SA Message
6.6 IKE_Informational Message
6.7 Interaction with the Authentication Protocols
6.8 IKEv2 Protocol Details
7 Fabric Policies
7.1 Policies Definition
7.2 Policies Enforcement
7.3 Policies Management
7.4 Policies Check
7.5 Policy Summation ELSs
7.6 Zoning Policies
8 Combinations of Security Protocols
8.1 Entity Authentication Overview
8.2 Terminology
8.3 Scope of Security Relationships
8.4 Entity Authentication Model
8.5 Abstract Services for Entity Authentication
8.6 Nx_Port to Fabric Authentication (NFA) State Machine
8.7 Fabric from Nx_Port Authentication (FNA) State Machine
8.9 Additional Security State Machines
8.10 Impact on Other Standards
Annexes
A FC-SP Compliance Summary
A.1 Compliance Elements
A.2 Authentication Compliance Elements
A.3 SA Management Compliance Elements
A.4 Policy Compliance Elements
B Random Number Generation and RADIUS Deployment
B.1 Overview
B.2 RADIUS Servers
B.3 RADIUS Messages
B.4 RADIUS Authentication
C Examples of Proposals Negotiation for the
SA Management Protocol
D Guidelines for Mapping Access Control Requirements
to Fabric Policies
E Pre FC-SP Fabric Policy Implementations
E.1 Overview
E.2 Fabric Management Policy Set
E.3 Fabric Binding
Figures
Tables
Specifies protocols used to implement security in a Fibre Channel fabric.
| Committee |
T11.3
|
| DocumentType |
Standard
|
| Pages |
306
|
| PublisherName |
Information Technology Industry Council
|
| Status |
Withdrawn
|
| ISO/IEC 14165-133:2010 | Information technology Fibre Channel Part 133: Switch Fabric-3 (FC-SW-3) |
| ANSI INCITS TR 47 : 2012 | INFORMATION TECHNOLOGY - FIBRE CHANNEL - SIMPLIFIED CONFIGURATION AND MANAGEMENT SPECIFICATION (FC-SCM) |
| ANSI INCITS 461 : 2010 : R2015 | INFORMATION TECHNOLOGY - FIBRE CHANNEL - SWITCH FABRIC - GENERATION 5 (FC-SW-5) |
| ANSI INCITS 461 : 2010 | INFORMATION TECHNOLOGY - FIBRE CHANNEL - SWITCH FABRIC - GENERATION 5 (FC-SW-5) |
| ANSI INCITS 419 : 2008(S2018) | INFORMATION TECHNOLOGY - FIBRE CHANNEL - BACKBONE - 4 (FC-BB-4) |
| ANSI INCITS 485 : 2014 | INFORMATION TECHNOLOGY - FIBRE CHANNEL - SINGLE-BYTE COMMAND CODE SETS MAPPING PROTOCOL - 5 (FC-SB-5) |
| ANSI INCITS 462 : 2010 | INFORMATION TECHNOLOGY - FIBRE CHANNEL - BACKBONE - 5 (FC-BB-5) |
| ANSI INCITS 463 : 2010 : R2015 | INFORMATION TECHNOLOGY - FIBRE CHANNEL - GENERIC SERVICES - 6 (FC-GS-6) |
| ANSI INCITS 463 : 2010 | INFORMATION TECHNOLOGY - FIBRE CHANNEL - GENERIC SERVICES - 6 (FC-GS-6) |
| ISO/IEC 14165-243:2012 | Information technology Fibre Channel Part 243: Backbone 3 (FC-BB-3) |
| ANSI INCITS 462 : 2010 : R2015 | INFORMATION TECHNOLOGY - FIBRE CHANNEL - BACKBONE - 5 (FC-BB-5) |
| ANSI INCITS 466 : 2011 | INFORMATION TECHNOLOGY - FIBRE CHANNEL - SINGLE-BYTE COMMAND CODE SETS MAPPING PROTOCOL - 4 (FC-SB-4) |
| ANSI INCITS TR 47 : 2012 : R2017 | INFORMATION TECHNOLOGY - FIBRE CHANNEL - SIMPLIFIED CONFIGURATION AND MANAGEMENT SPECIFICATION (FC-SCM) |
| CAN/CSA-ISO/IEC 14165-414-08 (R2018) | Information technology - Fibre channel - Part 414: Generic services-4 (FC-GS-4) (Adopted ISO/IEC 14165-414:2007, first edition, 2007-05) |
| CSA ISO/IEC 14165-414 : 2008 | INFORMATION TECHNOLOGY - FIBRE CHANNEL - PART 414: GENERIC SERVICES-4 (FC-GS-4) |
| ANSI INCITS 418 : 2006 | FIBRE CHANNEL - SWITCH FABRIC - 4 (FC-SW-4) |
| FIPS PUB 140 : 0001 | SECURITY REQUIREMENTS FOR CRYPTOGRAPHIC MODULES |
| ANSI INCITS 424 : 2007 | FIBRE CHANNEL - FRAMING AND SIGNALING - 2 (FC-FS-2) |
| FIPS PUB 197 : 2001 | ADVANCED ENCRYPTION STANDARD (AES) |
| ANSI INCITS TR 36 : 2004 | INFORMATION TECHNOLOGY - FIBRE CHANNEL - DEVICE ATTACH (FC-DA) |
| FIPS PUB 180 : 2002 | SECURE HASH STANDARD |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.