Information technology — Multimedia framework (MPEG-21) — Part 15: Event Reporting — Amendment 1: Security in Event Reporting

Technologies de l'information — Cadre multimédia (MPEG-21) — Partie 15: Rapport d'événement — Amendement 1: Sécurité lors du rapport d'événement

General Information

Status
Published
Publication Date
14-Sep-2008
Current Stage
6060 - International Standard published
Due Date
02-Jul-2010
Completion Date
15-Sep-2008
Ref Project

Relations

Buy Standard

Standard
ISO/IEC 21000-15:2006/Amd 1:2008 - Security in Event Reporting
English language
17 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

INTERNATIONAL ISO/IEC
STANDARD 21000-15
First edition
2006-07-15
AMENDMENT 1
2008-10-01


Information technology — Multimedia
framework (MPEG-21)
Part 15:
Event Reporting
AMENDMENT 1: Security in Event Reporting
Technologies de l'information — Cadre multimédia (MPEG-21)
Partie 15: Rapport d'événement
AMENDEMENT 1: Sécurité lors du rapport d'événement




Reference number
ISO/IEC 21000-15:2006/Amd.1:2008(E)
©
ISO/IEC 2008

---------------------- Page: 1 ----------------------
ISO/IEC 21000-15:2006/Amd.1:2008(E)
PDF disclaimer
This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but
shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In
downloading this file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The ISO Central Secretariat
accepts no liability in this area.
Adobe is a trademark of Adobe Systems Incorporated.
Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation
parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In
the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below.


COPYRIGHT PROTECTED DOCUMENT


©  ISO/IEC 2008
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means,
electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or
ISO's member body in the country of the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland

ii © ISO/IEC 2008 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC 21000-15:2006/Amd.1:2008(E)
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are members of
ISO or IEC participate in the development of International Standards through technical committees
established by the respective organization to deal with particular fields of technical activity. ISO and IEC
technical committees collaborate in fields of mutual interest. Other international organizations, governmental
and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information
technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of the joint technical committee is to prepare International Standards. Draft International
Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as
an International Standard requires approval by at least 75 % of the national bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.
Amendment 1 to ISO/IEC 21000-15:2006 was prepared by Joint Technical Committee ISO/IEC JTC 1,
Information technology, Subcommittee SC 29, Coding of audio, picture, multimedia and hypermedia
information.


© ISO/IEC 2008 – All rights reserved iii

---------------------- Page: 3 ----------------------
ISO/IEC 21000-15:2006/Amd.1:2008(E)

Information technology — Multimedia framework (MPEG-21)
Part 15:
Event Reporting
AMENDMENT 1: Security in Event Reporting
Add the following new clause, after Clause 9:
10. Protection
10.1 General
This subclause specifies how to protect Event Report Requests and Event Reports at different levels of
granularity, from a complete ER or ERR to specific elements within them.
First, it is defined how to ensure integrity and authenticity to the requested and reported data by means of
digital signatures. Then, a mechanism for protecting ERs and ERRs is specified. Finally, Annex A presents the
XML schema defined, Annex B presents an example of a digitally signed Event Report Request and Annex C
presents an example of a partially protected Event Report.
10.2 Data integrity and authenticity
This subclause specifies a solution to provide authenticity and integrity to ERRs, ERs and elements within
them. It makes use of the dsig:Signature element defined in [1]. Figure 3 sketches the dsig:Signature
element. The semantics for all elements under Signature should refer to W3C XML Signature
recommendation [1].


Figure 3 – Signature element

© ISO/IEC 2008 – All rights reserved 1

---------------------- Page: 4 ----------------------
ISO/IEC 21000-15:2006/Amd.1:2008(E)
The dsig:Signature element is added as an optional child element to the following elements of
ISO/IEC 21000-15:














Figure 4 presents the diagram for the resultant ER element. It has the dsig:Signature element as an
optional child element. If present, the dsig:Signature element shall contain the digital signature for the
erl:ER element.


Figure 4 – ER element
10.3 Data encryption
This subsection specifies how to protect Event Reports and Event Report Requests and elements within them.
It defines the equivalent encrypted elements for ERs and ERRs according to the W3C XML Encryption
recommendation.
10.3.1 Encrypted elements
The equivalent encrypted elements are defined according to W3C XML Encryption recommendation [2] for
ERs and ERRs are the following:








2 © ISO/IEC 2008 – All rights reserved

---------------------- Page: 5 ----------------------
ISO/IEC 21000-15:2006/Amd.1:2008(E)
Figure 5 presents the erl:EncryptedER element defined. The semantics for all elements under
erl:EncryptedER should refer to [2].


Figure 5 – EncryptedER element

Add the following new annexes, after Annex D:
Annex E
(informative)

XML Schema Definition
E.1 General
This annex contains the XML schema for the syntax of the types and elements of the Security in Event
Reporting Amendment 1.
E.2 Schema for Event Reporting
This subclause contains the XML Schema for Event Reporting. Using this schema ERs, ERRs and elements
within them can be digitally signed using the dsig:Signature element as defined in the W3C XML Signature
recommendation and they can be encrypted using the EncryptedER elements.









xmlns:r="urn:mpeg:mpeg21:2003:01-REL-R-NS" xmlns:dii="urn:mpeg:mpeg21:2002:01-
DII-NS" xmlns:dia="urn:mpeg:mpeg21:2003:01-DIA-NS"
xmlns:sx="urn:mpeg:mpeg21:2003:01-REL-SX-NS"
xmlns:mpeg7="urn:mpeg:mpeg7:schema:2004"
xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"
© ISO/IEC 2008 – All rights reserved 3

---------------------- Page: 6 ----------------------
ISO/IEC 21000-15:2006/Amd.1:2008(E)
xmlns:enc="http://www.w3.org/2001/04/xmlenc#"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:ns1="urn:uddi-
org:schemaCentricC14N:2002-07-10" targetNamespace="urn:mpeg:mpeg21:2005:01-ERL-
NS" elementFormDefault="qualified" attributeFormDefault="unqualified">
schemaLocation="dia.xsd"/>
schemaLocation="dii.xsd"/>



schemaLocation="./xml_2001.xsd"/>
schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-
schema.xsd"/>
schemaLocation="http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-
schema.xsd"/>
schemaLocation="http://www.uddi.org/schema/SchemaCentricCanonicalization.xsd"/>




 
 
  
  
  
  
  
  
  
 
 





 
 
  
  
   
   
   
   
  
  
   maxOccurs="unbounded"/>
  
  
   
   
   
4 © ISO/IEC 2008 – All rights reserved

---------------------- Page: 7 ----------------------
ISO/IEC 21000-15:2006/Amd.1:2008(E)
   
   
   
   
   
  
  
  
 
 


 
 
 
 
 
 
 





 
 
  
  
   minOccurs="0"/>
  
  
   
   
    
    
     
     
      
     
     
    
    
    
    
    
    
    
    
    
      use="optional"/>
      use="required"/>
     
     
    
    
    
    
© ISO/IEC 2008 – All rights reserved 5

---------------------- Page: 8 ----------------------
ISO/IEC 21000-15:2006/Amd.1:2008(E)
     
     
      
      
        minOccurs="0"/>
        minOccurs="0"/>
        minOccurs="0"/>
        minOccurs="0" maxOccurs="unbounded">
       
        
        
        
        
        
        
       
       
      
      
     
      maxOccurs="unbounded">
      
      
      
      
     
     
     
     
    
    
   
   
  
  
   
   
    
    
    
   
   
  
   maxOccurs="unbounded">
   
   
     maxOccurs="unbounded"/>
    
    
    
     
     
6 © ISO/IEC 2008 – All rights reserved

---------------------- Page: 9 ----------------------
ISO/IEC 21000-15:2006/Amd.1:2008(E)
     
    
    
   
   
  
  
  
  
  
 
 





 
 
  
   type="erl:EncryptedData"/>
 
 


 
  maxOccurs="unbounded"/>
 
  
  
  
 
  maxOccurs="unbounded"/>
  maxOccurs="unbounded">
  
  
  
 
  maxOccurs="unbounded"/>
 
  
  
  
 
  maxOccurs="unbounded"/>
 
 


 
 
  maxOccurs="unbounded"/>
 
© ISO/IEC 2008 – All rights reserved 7

---------------------- Page: 10 ----------------------
ISO/IEC 21000-15:2006/Amd.1:2008(E)


 
 
  
   ...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.