《ISO IEC 27033-7-2023.docx》由会员分享,可在线阅读,更多相关《ISO IEC 27033-7-2023.docx(28页珍藏版)》请在优知文库上搜索。
1、INTERNATIONA1.STANDARDISO/IEC27033-7editionFirst2023-1.1.Informationtechno1.ogy-Networksecurity一的IineSfornetworkvirtua1.izationsecurityTechno1.ogiesdeinformationSecuritedesreseauxPartie7:1.ignesdirectricespourIas6cuht6de1.avirtua1.isationdesreseauxReferencenumberISO/IEC27033-7:2023(E)COPYRIGHTPROTEC
2、TEDDOCUMENTIS0/1EC2023IUirhM*hedbdi1.iUedotherwiseupdhi.or啪UIBndttaeDmkfifiU81.andonnet8CH-1214Vernier,GenevaPhone:M1.22749O1.11觥ftte:丽丽BQrgPub1.ishedinSwitzer1.andContentsForewordivIntroductionv2 Scope13 Normativereferences14 Termsanddefinitions115 Abbreviatedterms2Overview45.1 Genera1.45.2 Descrip
3、tionofnetworkvirtua1.ization45.3 Securitymode1.45.3.1 Mode1.ofnetworkvirtua1.izationsecurity6 5.3.2Networkvirtua1.izationcomponents.67 Securitythreats6Securityrecommendations77.1 Genera1.77.2 Confidentia1.ity77AUttabjIity87.5 Authentication(.9,t,.,.87.6 Accesscontro1.88Securitycontro1.s981Generi1.1.
4、98.2 Vworkinfrastructuresecurity1()8.5 Vworkmanagt11untocuritysecurity.-118.5.1 SDNcontro1.1.ersecurityI1.9 8.4.2NFVorchestratorsecurity12Designtechniquesandconsiderations129.1 Overview129.2 Integrityprotectionofp1.atform139.3 APIHjndngdbdonnetvmiuitbiGtfr11n139.5 Swork.13Annex A (informative)Usecas
5、esofnetworkvirtua1.ization.一.一.15Annex B (informative)Detai1.edsecuritythreatdescriptionofnetworkvirtua1.ization18Bib1.iography22IntroductionThepurposeofthisdocumentistoaddressthekeycha1.1.engesandrisksofnetworkvirtua1.izationWnuatydHefuiQckKicBijrrationniahngaihKiT1.Mirhia1.atecumriarinisitdrastruc
6、ture,rorkfunction,1) identifysecurityrisksofnetworkvirtua1.ization;2) proposeanetworkvirtua1.izationsecuritymode1.;3) workinfrastructure,workfunction,virtua1.contro1.andresourcemanagement.干力WdDwrtIUW煽。3昧FaihUIPCwj1.tuffeforsdOdUmentUndunduriJ1.喉中小小;伏SbMuDMfkr$tosecure1.ydesignanddeve1.opproductsthat
7、imp1.ementnetworkvirtua1.ization,andhe1.poperatorstoeva1.uatethesecurityoftheseproductsanddep1.oythemsecure1.yfornetworkservices.Byproposingsecurityguide1.ines,thisdocumentnetworkvirtua1.izationtechno1.ogy,aimstohe1.ptheindustrytoimprovesystemsecuritythatisbui1.tonThetargetaudiencecaninc1.udethenetw
8、orkequipmentvendors,networkoperators,internetserviceprovidersandsoftwareserviceproviders.Withtherapiddeve1.opmentofITtechno1.ogiessuchasc1.oudcomputing,ITsystemsandcommunicationsystemsareincreasing1.yevo1.vingwiththeadoptionofvirtua1.izationtechno1.ogy.Virtua1.izationenab1.es那时hiss段隔叩H81.eMrf1.exibi
9、1.ityandsca1.abi1.itywith1.owcost,butatthesametime,introducesInformationtechno1.ogy-Networksecurity一f席1.ineSfornetworkvirtua1.izationsecurity1 ScopeThisdocumentaimstoidentifysecurityrisksofnetworkvirtua1.izationandproposesguide1.inesfortheimp1.ementationofnetworkvirtua1.izationsecurity.Overa1.1.,thi
10、sdocumentintendstoconsiderab1.yaidthecomprehensivedefinitionandimp1.ementationofsecurityforanyorganizationvirtua1.izationenvironments.Itisaimedatusersandimp1.ementerswhoSW佬Dft1.tb1.1.娟HbntIMviff11酬琳如tionandmaintenanceofthetechnica1.contro1.srequiredtoprovide2 NormativereferencesTherearenonormativere
11、ferencesinthisdocument.3 TermsanddefinitionsForthepurposesofthisdocument,thefo1.1.owingtermsanddefinitionsapp1.y.ISOandIECmaintaintermino1.ogydatabasesforuseinstandardizationatthefo1.1.owingaddresses:ISOOn1.inebrowsingp1.atform:avai1.ab1.eathttps:/www.iso.org/obpX1.IECE1.ectropedia:avai1.ab1.enetwor
12、kvirtua1.izationworkscansimu1.taneous1.ycoexistoverthesharedinfraStEetUreSNniMitctHpvajWatmfcnrtuohaationa1.1.owstheaggregationofmu1.tip1.eresourcesandmakestheaggregatedygURCE:ISO/IECTR29181-1:2012,3.3netvorkfunctionsvirtua1.izationNFVtechno1.ogythatenab1.esthecreationOworkscansimu1.taneous1.ycoexis
13、toverthesharednetworksNote1toresource,entry:Thisinc1.udestheaggregationofmu1.tip1.eresourcesinaproviderandappearingasasing1.eSOURCE:ISO/iECTR22417:2017.3.83.3software-definednetworkingsetoftechniquesthatenab1.estodirect1.yprogram,orchestrate,contro1.andmanagenetworkresources,whichfaci1.itatesthedesign,de1.iveryandoperationOfnetworkservicesinadynamicandsca1.ab1.emanner史9URCE:ITU-T
免费区 