ECMA 205 : 1ED 93
Current
The latest, up-to-date edition.
12-01-2013
1 Scope
2 Conformance
3 References
4 Definitions
4.1 Terms defined in this document
4.1.1 Access right
4.1.2 Administration
4.1.3 Customer-specifiable
4.1.4 Identification
4.1.5 User identifier
4.2 Terms defined in other documents
5 Acronyms
6 Specification of security enforcing functions
6.1 Identification and Authentication
6.1.1 Unique Identification and Authentication
6.1.2 Identification and Authentication prior to all
other interactions
6.1.3 Associate information to users
6.1.4 Logon message
6.1.5 Number of logon trials
6.1.6 Expiration of unused user identifiers
6.1.7 Disable users temporarily
6.1.8 User status information
6.1.9 Authentication information protection
6.1.10 Authentication information independence
6.1.11 Authentication information aging
6.2 Access Control
6.2.1 Authenticated user identification
6.2.2 Individual user
6.2.3 User groups
6.2.4 Objects
6.2.5 Types of access rights
6.2.6 Default access rights
6.2.7 Precedence of access rights
6.2.8 Date of modification
6.2.9 Verification of rights
6.2.10 Application controlled access rights
6.3 Accountability and audit
6.3.1 Associate actions and users
6.3.2 Logging
6.3.4 Copy audit trails
6.3.5 Alarm if unable to record
6.3.6 Select users
6.3.7 Dynamic control
6.4 Object Reuse
6.5 Accuracy
6.5.1 TOE software integrity
6.5.2 Data integrity
6.5.3 Security parameters status report
6.6 Reliability of service
6.6.1 Recovery
6.6.2 Data backup
7 Password specific requirements
7.1 User-changeable password
7.2 Password aging
7.3 Password expiration notification
7.4 Password reuse
7.5 Password complexity
7.6 Password logging
7.7 Default passwords
Annex A (informative) Access control model
Annex B (informative) Terms defined in other documents
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.