IEEE Std 802.1AE-2018 pdf download – Local and metropolitan area networks— Media Access Control (MAC) Security.
Customer Network Port: A port on the network component of an Ethernet Data Encryption device (EDE-CS, EDE-CC, or EDE-SS) that provides internal connectivity to the edge component of that EDE. data integrity: A property whereby data has not been altered in an unauthorized manner since it was created, transmitted or stored. 11 edge component: The bridge component in an Ethernet Data Encryption device (EDE-CS, EDE-CC, or EDE-SS) that is attached to the red-side port. Ethernet Data Encryption device (EDE): A two-port bridge that transmits and receives frames that are assumed to be unprotected to and from one red-side port, and conditionally relays those frames to and from its other black-side port, protecting and verifying frames transmitted and received on the black-side port using MACsec. IEEE 802 Local Area Network (LAN): LAN technologies that provide a MAC Service equivalent to the MAC Service defined in IEEE Std 802.1AC. IEEE 802 LANs include IEEE Std 802.3 (Ethernet) and IEEE Std 802.11 [B2] (Wireless). NOTE— IEEE 802 LANs are also referred to in the text of this standard simply as LANs. initialization vector (IV): A vector used in defining the starting point of an encryption process within a cryptographic algorithm. 12 integrity: See: data integrity. integrity check value (ICV): A value that is derived by performing an algorithmic transformation on the data unit for which data integrity services are provided. The ICV is sent with the protected data unit and is recalculated and compared by the receiver to detect data modification. key: See: cryptographic key. key management: The generation, storage, distribution, deletion, archiving, and application of keys in accordance with a security policy.
MAC service data unit (MSDU): A sequence of zero or more octets that compose the data to be communicated with a single MAC Service request or indication. master key: A secret key that is used to derive one or more cryptographic keys that are used directly to protect data transfer. message authentication: If the message arrives authenticated, the cryptographic guarantee is that the message was not modified in transit and that the message originated from an entity with the proper cryptographic credentials. mode: See: cryptographic mode of operation. multipoint: Involving or potentially involving more than one participant in the role of receiver, or in the role of transmitter, in a single data transfer or set of related data transfers. network component: The bridge component in an Ethernet Data Encryption device (EDE-CS, EDE-CC, or EDE-SS) that is attached to the black-side port. nonce: A non-repeating value, such as a counter, used in key management protocols to thwart replay and other types of attack. 13 Packet Number (PN): A monotonically increasing value that is guaranteed unique for each MACsec frame transmitted using a given Secure Association Key (SAK).
IEEE Std 802.1AE-2018 pdf download – Local and metropolitan area networks— Media Access Control (MAC) Security
Note:
If you can share this website on your Facebook,Twitter or others,I will share more.