OSDP 2.1.7终稿:开放监督设备协议标准详解

5星 · 超过95%的资源 需积分: 49 45 下载量 116 浏览量 更新于2024-07-18 2 收藏 1.42MB PDF 举报
OSDP(Open Supervised Device Protocol),全称为公开监控设备协议,是美国半导体业协会(SIA)门禁控制和身份认证委员会制定的一种通信协议,旨在为周边设备提供安全的通信方式,特别是在门禁控制系统中。版本2.1.7是该协议的一个关键里程碑,它在2015年由SIA发布为草案,反映了对数据安全性的强化。 OSDP 2.1.7的目标是定义一种开放标准,以便于监控设备之间的高效、可靠且安全的通信。它适用于各种监控设备,如入侵报警系统、视频监控系统等,确保这些设备能够与中央管理系统无缝协作,执行远程监控和管理任务。此版本的协议强调了以下几点: 1. 协议维护与更新:SIA Standards Access Control and Identity Subcommittee负责OSDPv2.1.7的维护,这表明它是一个持续发展的标准,会根据用户反馈和技术进步进行调整。 2. 问题与支持:SIA鼓励用户在使用过程中提出任何疑问、解释或扩展建议,可以通过电子邮件osdp@siaonline.org联系,工作人员会将这些信息转交给相关委员会,以促进标准的完善。 3. 配套文档:SIA提供了多种支持文档,包括应用特定的指南,帮助开发者理解和处理OSDP在实际应用场景中的各种需求,例如常见使用案例和核心SIA消息,以及制造商和应用程序特定的消息,以实现OSDP的合规性。 4. 数据安全性增强:作为2.1.7版本的主要特征,这个草案可能包含了更严格的加密机制、认证和授权流程,以保护通信数据免受未经授权的访问,提高整个系统的安全性。 5. 标准化进程:OSDPv2.1.7是SIA试图将该协议推向标准化的重要一步,这意味着所有符合标准的产品和服务将更容易被接受和互操作,推动了整个行业的技术创新和发展。 OSDP 2.1.7 Final Draft是门禁和监控设备领域的一项重要标准,它强调了开放性、兼容性和安全性,为构建高度集成和安全的监控网络提供了坚实的技术基础。随着其不断迭代和完善,OSDP将继续推动行业向更智能、更安全的方向发展。

Open Supervised Device Protocol (OSDP)协议

2022-02-08 上传
门禁行业

Device Provisioning Protocol v1.0

2018-12-05 上传
Table of contents 1 INTRODUCTION .......................................................................................................................................................... 8 1.1 Scope ............................................................................................................................................................ 8 1.2 References.................................................................................................................................................... 8 1.3 Definitions and acronyms............................................................................................................................ 10 1.3.1 Shall/should/may/might word usage .............................................................................................. 10 1.3.2 Conventions ................................................................................................................................... 10 1.3.3 Abbreviations and acronyms.......................................................................................................... 11 1.3.4 Definitions ...................................................................................................................................... 12 1.3.5 Symbols ......................................................................................................................................... 13 1.4 Architecture ................................................................................................................................................. 14 1.5 Device roles ................................................................................................................................................ 14 1.5.1 Authentication roles........................................................................................................................ 14 1.5.2 Configurator delegation.................................................................................................................. 15 1.6 Security considerations............................................................................................................................... 15 1.6.1 Overview ........................................................................................................................................ 15 1.6.2 Threat profile .................................................................................................................................. 15 1.6.3 Trust model .................................................................................................................................... 18 2 DPP PROTOCOL USAGE.......................................................................................................................................... 20 2.1 Overview ..................................................................................................................................................... 20 2.2 Infrastructure setup and connectivity .......................................................................................................... 20 2.2.1 AP configuration............................................................................................................................. 20 2.2.2 STA configuration........................................................................................................................... 20 2.2.3 Infrastructure connectivity .............................................................................................................. 20 2.2.4 Message flows for infrastructure connectivity ................................................................................ 20 2.3 Wi-Fi Direct ................................................................................................................................................. 23 2.3.1 Establishing a P2P group using DPP............................................................................................. 24 2.3.2 P2P Group operation ..................................................................................................................... 26 3 SECURITY.................................................................................................................................................................. 27 3.1 Properties.................................................................................................................................................... 27 3.2 Public key cryptography.............................................................................................................................. 27 3.2.1 Supported public key cryptosystem ............................................................................................... 27 3.2.2 Notation.......................................................................................................................................... 27 3.2.3 Cryptographic suites ...................................................................................................................... 28 3.2.4 Point representation....................................................................................................................... 28 4 DATA STRUCTURES................................................................................................................................................. 29 4.1 Public keys .................................................................................................................................................. 29 4.2 Connectors.................................................................................................................................................. 29 4.3 DPP Configuration object............................................................................................................................ 30 4.3.1 Wi-Fi Technology ........................................................................................................................... 30 4.3.2 DPP Discovery ............................................................................................................................... 30 4.3.3 DPP Credential .............................................................................................................................. 30 5 BOOTSTRAPPING OF TRUST.................................................................................................................................. 32 5.1 Overview ..................................................................................................................................................... 32 5.2 Bootstrapping information ........................................................................................................................... 32 5.2.1 Bootstrapping information format................................................................................................... 32 5.3 Scanning a QR code................................................................................................................................... 33 5.4 NFC............................................................................................................................................................. 34 5.4.1 Overview ........................................................................................................................................ 34 5.4.2 NFC Connection Handover............................................................................................................ 35 5.4.3 DPP bootstrapping via NFC URI record ........................................................................................ 37 5.5 Bluetooth ..................................................................................................................................................... 38 5.5.1 Overview ........................................................................................................................................ 38 5.5.2 Responder procedures .................................................................................................................. 40 5.5.3 Initiator procedures ........................................................................................................................ 40 Device Provisioning Protocol Specification v1.0 © 2018 Wi-Fi Alliance. All Rights Reserved. Used with the permission of Wi-Fi Alliance under the terms as stated in this document. Page 4 of 124 5.6 PKEX: Proof of knowledge of a shared code, key, phrase, or word...........................................................41 5.6.1 PKEX preliminaries ........................................................................................................................ 41 5.6.2 PKEX exchange phase .................................................................................................................. 42 5.6.3 PKEX commit-reveal phase ........................................................................................................... 43 6 DPP AUTHENTICATION............................................................................................................................................ 45 6.1 Overview ..................................................................................................................................................... 45 6.2 DPP Authentication protocol ....................................................................................................................... 45 6.2.1 DPP capabilities negotiation .......................................................................................................... 46 6.2.2 DPP authentication request ........................................................................................................... 47 6.2.3 DPP authentication response ........................................................................................................ 47 6.2.4 DPP authentication confirm ........................................................................................................... 49 6.3 DPP Configuration protocol ........................................................................................................................ 50 6.3.1 Overview ........................................................................................................................................ 50 6.3.2 DPP configuration request ............................................................................................................. 50 6.3.3 DPP configuration response .......................................................................................................... 51 6.3.4 DPP Configuration Attributes object .............................................................................................. 51 6.3.5 Connector....................................................................................................................................... 52 6.3.6 DPP Configuration object............................................................................................................... 53 6.4 Network introduction protocol ..................................................................................................................... 55 6.4.1 Introduction .................................................................................................................................... 55 6.4.2 Connector group comparison......................................................................................................... 56 6.5 Network access protocols ........................................................................................................................... 56 7 STATE MACHINES .................................................................................................................................................... 57 7.1 Initiator state machine................................................................................................................................. 57 7.1.1 States ............................................................................................................................................. 57 7.1.2 Events and output .......................................................................................................................... 57 7.1.3 Variables ........................................................................................................................................ 57 7.1.4 Parent process behavior ................................................................................................................ 57 7.1.5 State machine behavior ................................................................................................................. 57 7.2 Responder state machine ........................................................................................................................... 59 7.2.1 States ............................................................................................................................................. 59 7.2.2 Events and output .......................................................................................................................... 59 7.2.3 Variables ........................................................................................................................................ 59 7.2.4 State machine behavior ................................................................................................................. 60 7.3 Configurator state machine......................................................................................................................... 62 7.3.1 States ............................................................................................................................................. 62 7.3.2 Events and output .......................................................................................................................... 62 7.3.3 Variables ........................................................................................................................................ 62 7.3.4 Parent process behavior ................................................................................................................ 62 7.3.5 State machine behavior ................................................................................................................. 62 7.4 Enrollee state machine................................................................................................................................ 64 7.4.1 States ............................................................................................................................................. 64 7.4.2 Events and output .......................................................................................................................... 64 7.4.3 Variables ........................................................................................................................................ 64 7.4.4 State machine behavior ................................................................................................................. 64 7.5 Detailed protocol description....................................................................................................................... 66 7.5.1 DPP bootstrapping......................................................................................................................... 66 7.5.2 DPP authentication exchange........................................................................................................ 66 7.5.3 DPP configuration exchange ......................................................................................................... 68 7.5.4 DPP network introduction exchange.............................................................................................. 69 7.5.5 Network access.............................................................................................................................. 70 8 DPP ATTRIBUTE, FRAME, AND ELEMENT FORMATS .......................................................................................... 71 8.1 DPP attributes ............................................................................................................................................. 71 8.1.1 DPP attribute body field definitions................................................................................................ 72 8.2 DPP frames................................................................................................................................................. 74 8.2.1 DPP Public Action frames.............................................................................................................. 74 8.2.2 DPP Generic Advertisement Service (GAS) frames...................................................................... 78 Device Provisioning Protocol Specification v1.0 © 2018 Wi-Fi Alliance. All Rights Reserved. Used with the permission of Wi-Fi Alliance under the terms as stated in this document. Page 5 of 124 8.3 DPP status and error codes........................................................................................................................ 81 8.4 Network Introduction protocol elements...................................................................................................... 82 8.4.1 Overview ........................................................................................................................................ 82 8.4.2 Network Introduction protocol AKM suite....................................................................................... 82 9 DPP CONFIGURATION BACKUP AND RESTORE.................................................................................................. 83 9.1 Overview ..................................................................................................................................................... 83 9.2 DPP AsymmetricKeyPackage..................................................................................................................... 83 9.3 DPPEnvelopedData .................................................................................................................................... 84 9.3.1 DPPAsymmetricKeyPackage encryption....................................................................................... 86 9.3.2 DPPEnvelopedData decryption ..................................................................................................... 86 9.4 DPP configuration backup .......................................................................................................................... 86 9.5 DPP configuration restore........................................................................................................................... 86 9.6 Enabling multiple Configurators in DPP...................................................................................................... 87 APPENDIX A (INFORMATIVE) TEST VECTORS ............................................................................................................ 88 A.1 Test vectors for DPP Authentication using P-256 for mutual authentication..............................................88 A.2 Test vectors for DPP Authentication using P-256 for Responder-only authentication ...............................91 A.3 Test vectors for DPP Authentication using P-384 for mutual authentication..............................................94 A.4 Test vectors for DPP Authentication using P-521 for mutual authentication..............................................98 A.5 Test vectors for DPP Authentication using Brainpool P-256r1 for mutual authentication ........................103 A.6 Test vectors for DPP Authentication using Brainpool P-384r1 using mutual authentication....................106 A.7 A.7 Test vectors for DPP Authentication using Brainpool P-512r1 for mutual authentication ..................110 APPENDIX B ROLE-SPECIFIC ELEMENTS FOR PKEX............................................................................................... 115 B.1 Role-specific elements for NIST p256 ...................................................................................................... 115 B.2 Role-specific elements for NIST p384 ...................................................................................................... 115 B.3 Role-specific elements for NIST p521 ...................................................................................................... 116 B.4 Role-specific elements for Brainpool p256r1 ............................................................................................ 117 B.5 Role-specific elements for Brainpool p384r1 ............................................................................................ 117 B.6 Role-specific elements for Brainpool p512r1 ............................................................................................ 118 APPENDIX C PKEX TEST VECTOR FOR NIST P256................................................................................................... 119 C.1 Initial state of Initiator and Responder ...................................................................................................... 119 C.2 Initiator generates PKEX Exchange Request frame................................................................................. 119 C.3 Responder processes PKEX Exchange Request frame........................................................................... 120 C.4 Responder generates PKEX Exchange Response frame ........................................................................ 120 C.5 Initiator processess PKEX Exchange Response frame............................................................................ 121 C.6 Initiator generates PKEX Commit/Reveal request.................................................................................... 121 C.7 Responder processes PKEX Commit/Reveal Request frame.................................................................. 122 C.8 Responder generates PKEX Commit/Reveal Response frame................................................................ 123 C.9 Initiator processes PKEX Commit/Reveal Response frame..................................................................... 124

libosdp-conformance-guide_osdp_

2021-09-28 上传
libosdp conference hamdam gol nemishavad

优化这段代码:if (icbcDtlRsp.getBillSta().equals("CS01") && icbcDtlRsp.getRangeStage().equals("TF0101")) { //CS01已出票 & TFO101待收票---010004出票已登记 ecdsDrftInf.setDrftSndStat(getValueOrDefault(ECDSConstants.DRAFT_STATUS_CPYDJ, ecdsDrftInf.getDrftSndStat())); // 票据发送人状态 ecdsDrftInf.setDrftRcvStat(getValueOrDefault(ECDSConstants.DRAFT_STATUS_CPYDJ, ecdsDrftInf.getDrftRcvStat())); // 票据接收人状态 ecdsDrftInf.setDrftCurrStat(getValueOrDefault(ECDSConstants.DRAFT_STATUS_CPYDJ, ecdsDrftInf.getDrftCurrStat())); // 人行当前状态 } else if (ecdsDrftInf.getDrftOrgStat().equals(ECDSConstants.DRAFT_STATUS_CPYDJ) && icbcDtlRsp.getBillSta().equals("CS01") && icbcDtlRsp.getRangeStage().equals("TF0302")) { //CS01已出票 & TF0302已锁定--- 020001承兑待签收 ecdsDrftInf.setDrftSndStat(getValueOrDefault(ECDSConstants.DRAFT_STATUS_TSCDDQS, ecdsDrftInf.getDrftSndStat())); // 票据发送人状态 ecdsDrftInf.setDrftRcvStat(getValueOrDefault(ECDSConstants.DRAFT_STATUS_TSCDDQS, ecdsDrftInf.getDrftRcvStat())); // 票据接收人状态 ecdsDrftInf.setDrftCurrStat(getValueOrDefault(ECDSConstants.DRAFT_STATUS_TSCDDQS, ecdsDrftInf.getDrftCurrStat())); // 人行当前状态 } else if (ecdsDrftInf.getDrftOrgStat().equals(ECDSConstants.DRAFT_STATUS_CPYDJ) && icbcDtlRsp.getBillSta().equals("CS02") && icbcDtlRsp.getRangeStage().equals("TFO101")) { //CS02已承兑 & TFO101待收票---020006承兑已签收 ecdsDrftInf.setDrftSndStat(getValueOrDefault(ECDSConstants.DRAFT_STATUS_TSCDYQS, ecdsDrftInf.getDrftSndStat())); // 票据发送人状态 ecdsDrftInf.setDrftRcvStat(getValueOrDefault(ECDSConstants.DRAFT_STATUS_TSCDYQS, ecdsDrftInf.getDrftRcvStat())); // 票据接收人状态 ecdsDrftInf.setDrftCurrStat(getValueOrDefault(ECDSConstants.DRAFT_STATUS_TSCDYQS, ecdsDrftInf.getDrftCurrStat())); // 人行当前状态 }

2023-06-01 上传
private static final Map, String> DRAFT_STATUS_MAP = new HashMap(); static { DRAFT_STATUS_MAP.put(ECDSConstants.DRAFT_STATUS_CPYDJ, ECDSConstants.DRAFT_STATUS_TSCDDQS); DRAFT_STATUS_MAP.put...

draft-js使用

2023-05-31 上传
Draft.js 是由 Facebook 开源的一款基于 React 的富文本编辑器组件库。使用 Draft.js 可以轻松构建功能丰富的富文本编辑器,支持用户输入、样式编辑、嵌入式媒体、拖拽等操作。 下面是一个简单的使用 Draft.js 的...

ug中draft命令怎么使用

2023-06-10 上传
2. 在2D图纸中选择“绘图”-“草图”命令,进入草图模式; 3. 在草图模式下,选择“草图”-“创建草图”命令; 4. 在创建草图的对话框中,选择需要绘制的平面,确定后进入草图编辑界面; 5. 在草图编辑界面中,选择...

draft-js-import-markdown

2023-05-31 上传
`draft-js-import-markdown` 是一个用于将Markdown格式文本转换成 Draft.js 内容状态(`ContentState`)对象的第三方库。它可以帮助你在应用中实现Markdown编辑器,允许用户使用Markdown语法输入文本,并将其转换成 ...

draft是什么意思

2024-07-12 上传
在技术文档和学术领域,draft通常指的是"草案"或"初步版本"。例如,在引用中提到的"Galileo System Signal Draft Standard",这意味着这是关于伽利略系统的信号标准的一个还未最终定稿的版本。而在引用中提到的...

latex using draft setting.

2023-05-17 上传
2. Missing figures: If a figure is not found, a box with the caption will be printed in its place. 3. Missing citations: If a citation is missing or not properly formatted, a question mark will be ...

用正则提取@draft:起草 中的draft和起草

2023-05-31 上传
好的,可以使用以下正则表达式提取: ``` @(\w+):(.+) ``` 其中,`\w+` 匹配一个或多个字母、...对于字符串 `@draft:起草`,使用上述正则表达式可以得到两个分组结果: - 第一个分组 `draft` - 第二个分组 `起草`
qq_35684110
  • 粉丝: 4
  • 资源: 8
上传资源 快速赚钱

最新资源