IEEE 8802-1AE-2013

$109.42

ISO/IEC/IEEE International Standard for Information technology — Telecommunications and information exchange between systems — Local and metropolitan area networks — Part 1AE: Media access control (MAC) security

Published By	Publication Date	Number of Pages
IEEE	2013

Guaranteed Safe Checkout

Category: IEEE

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

Description

Adoption Standard – Superseded. This standard specifies how all or part of a network can be secured transparently to peer protocol entities that use the MAC Service provided by IEEE 802(R) LANs to communicate. MAC security (MACsec) provides connectionless user data confidentiality, frame data integrity, and data origin authenticity.

PDF Catalog

PDF Pages	PDF Title
5	IEEE Std 802.1AE-2013
7	Title page
10	Introduction Notice to users
11	CONTENTS
15	1. Overview 1.1 Introduction
16	1.2 Scope
17	2. Normative references
19	3. Definitions
22	4. Abbreviations and acronyms
24	5. Conformance 5.1 Requirements terminology 5.2 Protocol Implementation Conformance Statement (PICS) 5.3 Required capabilities
25	5.4 Optional capabilities
27	6. Secure provision of the MAC Service 6.1 MAC Service primitives and parameters
29	6.2 MAC Service connectivity
30	6.3 Point-to-multipoint LANs 6.4 MAC status parameters 6.5 MAC point-to-point parameters
31	6.6 Security threats
32	6.7 MACsec connectivity
33	6.8 MACsec guarantees 6.9 Security services
34	6.10 Quality of service maintenance
36	7. Principles of secure network operation 7.1 Support of the secure MAC Service by an individual LAN
40	7.1.1 Connectivity Association (CA) 7.1.2 Secure Channel (SC) 7.1.3 Secure Association (SA)
41	7.2 Multiple instances of the secure MAC Service on a single LAN
42	7.3 Use of the secure MAC Service
43	7.3.1 Client policies 7.3.2 Use of the secure MAC Service by bridges
45	8. MAC Security Protocol (MACsec)
46	8.1 Protocol design requirements 8.1.1 Security requirements 8.1.2 Manageability requirements
47	8.1.3 Interoperability requirements 8.1.4 Deployment requirements 8.1.5 Coexistence requirements
48	8.1.6 Scalability requirements 8.1.7 Unauthorized access attempts 8.1.8 Localization and isolation of attacks 8.1.9 Implementation 8.2 Protocol support requirements
49	8.2.1 SC identification requirements 8.2.2 SA Key requirements 8.2.3 KaY independence of MACsec 8.2.4 Discovering connectivity
50	8.2.5 Authentication requirements 8.2.6 Authorization requirements 8.2.7 Key exchange and maintenance 8.3 MACsec operation
52	9. Encoding of MACsec protocol data units 9.1 Structure, representation, and encoding 9.2 Major components
53	9.3 Security TAG 9.4 MACsec EtherType
54	9.5 TAG Control Information (TCI)
55	9.6 Association Number (AN) 9.7 Short Length (SL) 9.8 Packet Number (PN) 9.9 Secure Channel Identifier (SCI)
56	9.10 Secure Data 9.11 Integrity Check Value (ICV)
57	9.12 PDU validation
58	10. Principles of MAC Security Entity (SecY) operation 10.1 SecY overview
60	10.2 SecY functions
61	10.3 Model of operation 10.4 SecY architecture
64	10.5 Secure frame generation 10.5.1 Transmit SA assignment 10.5.2 Transmit PN assignment 10.5.3 SecTAG encoding
65	10.5.4 Cryptographic protection 10.5.5 Transmit request 10.6 Secure frame verification
66	10.6.1 Receive SA assignment 10.6.2 Preliminary replay check
67	10.6.3 Cryptographic validation 10.6.4 Replay check update 10.6.5 Receive indication 10.7 SecY management
68	10.7.1 SCI 10.7.2 Uncontrolled Port status
70	10.7.3 Uncontrolled Port statistics 10.7.4 Controlled Port status 10.7.5 Controlled Port controls 10.7.6 Controlled Port statistics
71	10.7.7 Frame verification capabilities 10.7.8 Frame verification controls 10.7.9 Frame verification statistics
72	10.7.10 Frame validation statistics 10.7.11 Receive SC creation 10.7.12 Receive SC status
73	10.7.13 Receive SA creation 10.7.14 Receive SA status 10.7.15 Receive SA control
74	10.7.16 Frame generation capabilities 10.7.17 Frame generation controls 10.7.18 Frame generation statistics 10.7.19 Frame protection statistics
75	10.7.20 Transmit SC status 10.7.21 Transmit SA creation 10.7.22 Transmit SA status 10.7.23 Transmit SA controls 10.7.24 Implemented Cipher Suites
76	10.7.25 Cipher Suite selection 10.7.26 SAK creation
77	10.7.27 SAK status 10.7.28 SAK controls 10.8 Addressing 10.9 Priority 10.10 SecY performance requirements
79	11. MAC Security in Systems 11.1 MAC Service interface stacks
80	11.2 MACsec in end stations 11.3 MACsec in MAC Bridges
81	11.4 MACsec in VLAN-aware Bridges
82	11.5 MACsec and Link Aggregation
83	11.6 Link Layer Discovery Protocol (LLDP)
84	11.7 MACsec in Provider Bridged Networks
86	11.8 MACsec and multi-access LANs
88	12. MACsec and EPON
90	13. Management protocol 13.1 Introduction 13.2 The Internet-Standard Management Framework 13.3 Relationship to other MIBs 13.3.1 System MIB Group 13.3.2 Relationship to the Interfaces MIB
92	13.4 Security considerations
94	13.5 Structure of the MIB
98	13.6 Definitions for MAC Security MIB
135	14. Cipher Suites 14.1 Cipher Suite use
136	14.2 Cipher Suite capabilities
137	14.3 Cipher Suite specification 14.4 Cipher Suite conformance 14.4.1 Conformance with Cipher Suite variance
138	14.5 Default Cipher Suite (GCM-AES-128)
140	Annex A (normative) PICS Proforma
156	Annex B (informative) Bibliography
157	Annex C (informative) IEEE list of participants

Additional information

Standard Title	ISO/IEC/IEEE International Standard for Information technology — Telecommunications and information exchange between systems — Local and metropolitan area networks — Part 1AE: Media access control (MAC) security
Published Code	IEEE
Publication Date	2013

Preview PDF


PDF Format	Searchable	Printable	Preview Now

IEEE 8802-1AE-2013

PDF Catalog

Related products