ASN.1 and OSI Data Representation

Key concept: abstract syntax, hence Abstract Syntax Notation One.

ASN.1 is an international standard[1] which was originally developed as part of the OSI research, and has been adopted for use in various areas of the Internet architecture, particularly network management.

Defines structure of data objects in a way which is implementation independent. This can be contrasted with data definitions in (eg) programming languages.
- An excellent example is the data type integer, which has quite a different meaning in maths to that which it has in most programming languages.
- In general, ASN.1 is used to define data objects in an abstract (or "real world") way, compared to the concrete definitions used in programming.
A companion OSI standard specifies Basic Encoding Rules (BER)[2], which define the way in which ASN.1 objects are encoded into streams of octets for transmission over a network.

[1]ISO/IEC 8824:1987 - ASN.1 is an example of a Data Description Language in database terminology
[2]ISO/IEC 8825:1987

ASN.1 Data Types

Simple data types include:

BOOLEAN(1): takes values true and false
INTEGER(2): any positive or negative whole number
REAL(9): expressed as mantissa, base, exponent
BITSTRING(3), OCTETSTRING(4): an ordered sequence of 0 or more bits or octets (bytes?)
NULL(5): takes only one value, null...
ENUMERATED(10): a list of values is supplied

Examples of some of these include:

brainDamaged :== BOOLEAN
numberOfEmployees :== INTEGER
avogadrosNumber :== REAL(602,10,23)
sevenDeadlySins	:== ENUMERATED {
	pride(1), envy(2), gluttony(3), avarice(4), lust(5), sloth(6),
wrath(7)
} -- corresponding to OSI 7 layers :-)

NB: The numbers given in parentheses, eg (1), are called TAGS, see later this lecture.

ASN.1 Structured Data Types

Structured data types include:

SET(17): a fixed, unordered set of distinct types, some possibly optional
SET OF(17): an unordered list of zero or more of the same type
SEQUENCE(16), SEQUENCE OF(16): a fixed, ordered list of distinct or same types.
CHOICE(11): like SET, except more general.
ANY: like CHOICE, except containing a list of anything that can be defined in ASN.1

Some examples are:

messageBodyPart	:== CHOICE {
    [0] IMPLICIT asciiText, -- note TAG*
    [1] IMPLICIT telex
    ...etc... }

Tags in ASN.1

Note that in the previous slides, each element of a structured data item was identified using a TAG.

There are four classes of tags:

UNIVERSAL: a universal tag is defined in ISO/IEC 8824 and gives a machine-readable identification of all of the basic types of an ASN.1 specification. The tags attached to the basic data types in slides 2 & 3 of this lecture are an example.
APPLICATION: these tags are only required to be unique within a particular application. An example is a tag representing a particular packet type (PDU) sent by an application.
CONTEXT-SPECIFIC: these tags are only required to be unique within an already tagged type. The tags attached to values in the CHOICE and ENUMERATED examples in slides 2 & 3 are an example.
PRIVATE: these are defined for the use of a particular organisation and have no meaning outside of that organisation.

Digression on ASN.1 Syntax Conventions

In writing ASN.1 specifications, the case of the characters used conventionally indicates to a human reader the part of the ASN.1 grammar in use. Thus:

A type in ASN.1 is indicated by starting its name with an uppercase letter, eg: Gauge.
for a value (an instance of a type), the word starts with a lowercase letter, eg internet.
The keywords of the ASN.1 language, and macros, are written entirely in uppercase, eg OCTET STRING

Note that in these notes, an attempt will also be made to present all ASN.1 (and other) syntactic elements in the fixed-width courier typeface. Occasional lapses from this convention may have to be forgiven by the reader...

Example:

MyType ::= TYPE
nameOfValue MyType ::= VALUE

Note also that, where appropriate, we adopt the OSI convention of referring to "octets", instead of "bytes", even though the terms have almost universally identical meaning.

Basic Encoding Rules - Transfer Syntax for ASN.1

These are needed to disambiguate a stream of bytes arriving over a network.

An ASN.1 object is encoded as a TAG, a LENGTH and a VALUE, (TLV encoding) thus:

The TAG is (usually) encoded in a single octet, containing its value (see earlier) in binary in the low-order 5 bits and maybe some other information[3].

The LENGTH can be encoded in two possible ways, definite (which usually only requires a single octet) and indefinite (which requires, at least, several more octets). Both are equally complicated!

The VALUE field is encoded using a specified method which is appropriate to its type - for example, an INTEGER is sent as its binary 2's complement equivalent; an OCTET STRING is simply the appropriate octets.

[3]The CLASS (see slide 4) of the object (most significant 2 bits), and whether it is a simple or constructed (structured) data type (1 bit: 0 for simple, 1 for constructed).

BER Examples

A Boolean value of true might be encoded in ASN.1/BER as three octets, thus:

A small-valued integer might be encoded as:

Note that the value field is encoded using 2's complement notation
If the value is greater than 127 or less than -128, more octets are required, hence the length is greater.

A an octet-string encodes just the bytes of the string, thus:

Object Identifiers

ASN.1 might be of only passing interest were it not for the OBJECT IDENTIFIER[4] data type. An OBJECT IDENTIFIER is a simple ASN.1 data type with special properties.

An OBJECT IDENTIFIER is a data type denoting an authoritatively named object, regardless of the type of the object which it names.

It is written as a sequence of non-negative integer values which describe a traversal of a tree. The tree consists of a root connected to a number of labelled nodes via edges.

Each label consists of a non-negative integer value and an optional brief textual description (or Object Descriptor). The most common format for writing down the value of an OBJECT IDENTIFIER is as a dotted sequence, thus:

1.0.8571.5.1

This identifies the object found by starting at the root, moving to the node with label 1, then moving to the node with label 0, and so on. The node found after traversing this list is the one being identified.

[4] and the related Object Descriptor type.

Global Naming

The root node has three subordinates:

ccitt(0): which is administered by CCITT, nowadays known simply by its parent body's name, ITU...
iso(1): administered by ISO/IEC, and the branch of the tree of most interest.
joint-iso-ccitt(2): jointly adminstered by ISO and CCITT.

ISO/IEC in turn defines four subordinates:

standard(0): which has a subordinate tree for every ISO standard(!)
registration-authority(1): defines OSI name registration authorities.
member-body(2): the members (countries) which form the ISO.
identified-organisation(3): allocated by ISO/IEC as it sees fit. The US Govt. DoD, the original sponsoring organisation for the TCP/IP protocol suite and the Internet is a subordinate of this node. The Internet, in turn, is node 1 within DoD.

The Basic Tree

In ASN.1, an OBJECT IDENTIFIER is specified using the following syntax, eg:

Document-Type-Name ::=
	OBJECT IDENTIFIER
fTAM-1 Document-Type-Name ::=
	{ 1 0 8571 5 1 }

The textual values (Object Descriptors) may also be used, and mixed, where no confusion can arise, eg:

internet OBJECT IDENTIFIER ::=
	{ iso org(3) dod(6) 1 }

or even just:

{ internet }

Registration Authority

To be useful, a name needs to unambiguous - this is done by registration authorities. It also must be available to be "looked up" - this is the function of a directory service, defined in OSI by X.500.

The OSI Name-Registration Hierarchy:

Note that CCITT no longer exists, having been subsumed into its parent body, the ITU - how this affects the diagram is unclear to your lecturer.

For more information on ASN.1, you might care to look at the ASN.1 home page

This lecture is also available in PostScript format. The tutorial for this lecture is Tutorial #14.

Phil Scott