ETSI EG 202 067 V1.1.1 (2002-09)

Intellectual Property Rights
Foreword
Introduction
1 Scope
2 References
3 Definitions and abbreviations
   3.1 Definitions
   3.2 Abbreviations
4 Void
5 The Universal Communications Identifier (UCI)
6 UCI functional entities
   6.1 UCI system overview
   6.2 The Personal User Agent (PUA)
   6.3 The Service Agent (SA)
   6.4 Relationships between principal UCI entities
   6.5 Other entities
7 Capabilities for UCI-based communications systems
   7.1 System capabilities related to user input/output
   7.2 System capabilities (internal/automated)
   7.3 Service capabilities relating to UCI security
   7.4 System capabilities relating to the UCI
8 UCI Technical Requirements
9 UCI system dialogues, services and processes
   9.1 System dialogues
   9.2 Support services
   9.3 Key processes
        9.3.1 Terminal/User registration and authentication
        9.3.2 Basic UCI communication set-up
        9.3.3 PUA and terminal profile management
10 Communication using UCIs
   10.1 PUA to PUA communication - basic
   10.2 PUA to PUA communication - linked PUAs
   10.3 UCI communication with non-UCI users
11 UCI Privacy Protection
   11.1 Background
   11.2 UCI-based privacy control
12 UCI Data
   12.1 Stored data
        12.1.1 Terminal Data
        12.1.2 PUA Data
        12.1.3 SA Data
        12.1.4 Service Data
        12.1.5 User provided UCI data
   12.2 Acquisition of network, service and application data
   12.3 PUA rules
13 UCI Security Framework
   13.1 Security Objectives Definition
        13.1.1 General security objectives
        13.1.2 Users' objectives
        13.1.3 Service and network providers' objectives
        13.1.4 Manufacturers' objectives
        13.1.5 UCI system security objectives
   13.2 A Model for UCI Security Analysis
        13.2.1 Communication subjects
        13.2.2 Information flow paths
        13.2.3 Functions and services
        13.2.4 Boundaries
   13.3 Forms of Attack
        13.3.1 Eavesdropping
        13.3.2 Masquerade
        13.3.3 Replay
        13.3.4 Modification of information
        13.3.5 Unauthorized access
        13.3.6 Stalking
        13.3.7 Denial of service attacks
   13.4 Threats to UCI System
   13.5 UCI System Security Requirements
   13.6 Countermeasures
        13.6.1 Identification and authentication
        13.6.2 Encryption
        13.6.3 Cryptographic integrity
        13.6.4 Protection from denial of service attacks
        13.6.5 Intrusion detection
        13.6.6 Location specific service binding
   13.7 UCI System Security Features
   13.8 Threats after application of countermeasures
   13.9 Security Mechanisms
14 Administrative issues
15 Key standards activities
Annex A (informative): UCI Scenarios
      A.1 Introduction
      A.2 Mobile Worker Scenario
          A.2.1 Key UCI capabilities illustrated by this scenario
          A.2.2 Scenario description
          A.2.3 Discussion
      A.3 Home Scenario
          A.3.1 Key UCI capabilities illustrated by this scenario
          A.3.2 Scenario description
          A.3.3 Discussion
      A.4 Tennis Club Scenario
          A.4.1 Key UCI capabilities illustrated by this scenario
          A.4.2 Scenario description
          A.4.3 Discussion
      A.5 Multiple Role Scenario
          A.5.1 Key UCI capabilities illustrated by this scenario
          A.5.2 Scenario description
          A.5.3 Discussion
      A.6 Corporate Scenario
          A.6.1 Key UCI capabilities illustrated by this scenario
          A.6.2 Scenario description
          A.6.3 Discussion
      A.7 PUA acting as a personal assistant scenario
          A.7.1 Key UCI capabilities illustrated by this scenario
          A.7.2 Scenario description
          A.7.3 Discussion
Annex B (informative): User Requirements for communications
        systems using UCIs
      B.1 Notes relating to the user requirements
          B.1.1 Origin of the user requirements
          B.1.2 Assumptions concerning the Universal
                Communications Identifier
          B.1.3 System re-engineering
          B.1.4 Dependencies and conflicts
      B.2 Generic requirements
      B.3 Human factors requirements
Annex C (informative): Standards Bodies related
        to UCI Technical Requirements
      C.1 Personal User Agent Technical Requirements
      C.2 Service Agent
      C.3 Terminals and end-user applications
      C.4 UCI and identification verifiers
Annex D (informative): Security Mechanisms
      D.1 Public, Private and Secret Keys
          D.1.1 Symmetric key advantages and disadvantages
          D.1.2 Asymmetric key advantages and disadvantages
          D.1.3 General encryption management problems
          D.1.4 Can encryption be perfect?
      D.2 Internet Key Exchange (IKE)
          D.2.1 Overview
          D.2.2 What IKE achieves
          D.2.3 IKE in UCI
      D.3 Digital Signature and Signature in General
          D.3.1 Digital signature and UCI
Annex E (informative): Security risk assessment
      E.1 Initial risk asses
      E.2 Final risk assessment
Annex F (informative): Comparison of the UCI approach with ENUM
      F.1 ENUM
      F.2 UCI
      F.3 Similarities between ENUM and UCI
      F.4 Differences between ENUM and UCI
      F.5 Summary
History

Delineates the system architecture and operations needed for a Universal Communications (UCI) implementation capitalizing on existing and emerging standards and also identifies and documents the standards that are available (or that will be available) to enable the UCI to be implemented.