Information technology. Open systems interconnection. Security frameworks for open systems Overview

Available format(s)

Hardcopy , PDF

Language(s)

English

Published date

11-15-1996

Publisher

British Standards Institution

1 Scope
2 Normative references
    2.1 Identical Recommendations/International
         Standards
    2.2 Paired Recommendations/International Standards
         equivalent in technical content
3 Definitions
    3.1 Basic Reference Model definitions
    3.2 Security architecture definitions
    3.3 Additional definitions
4 Abbreviations
5 Notation
6 Organization
    6.1 Part 1 - Overview
    6.2 Part 2 - Authentication
    6.3 Part 3 - Access control
    6.4 Part 4 - Non-repudiation
    6.5 Part 5 - Confidentiality
    6.6 Part 6 - Integrity
    6.7 Part 7 - Security audit and alarms
    6.8 Part 8 - Key management
7 Common concepts
    7.1 Security information
    7.2 Security domain
         7.2.1 Security policy and security policy rules
         7.2.2 Security domain authority
         7.2.3 Inter-relationships among security domains
         7.2.4 Establishment of secure interaction rules
         7.2.5 Inter-domain security information transfer
    7.3 Security policy considerations for specific
         security services
    7.4 Trusted entities
    7.5 Trust
    7.6 Trusted third parties
8 Generic security information
    8.1 Security labels
    8.2 Cryptographic check values
    8.3 Security certificates
         8.3.1 Introduction to security certificates
         8.3.2 Verification and chaining of security
                certificates
         8.3.3 Revocation of security certificates
         8.3.4 Re-use of security certificates
         8.3.5 Security certificate structure
    8.4 Security tokens
9 Generic security facilities
    9.1 Management related facilities
         9.1.1 Install SI
         9.1.2 Deinstall SI
         9.1.3 Change SI
         9.1.4 Validate SI
         9.1.5 Invalidate SI
         9.1.6 Disable/Re-enable security service
         9.1.7 Enrol
         9.1.8 Un-enrol
         9.1.9 Distribute SI
         9.1.10 List SI
    9.2 Operational related facilities
         9.2.1 Identify trusted security authorities
         9.2.2 Identify secure interaction rules
         9.2.3 Acquire SI
         9.2.4 Generate SI
         9.2.5 Verify SI
10 Interactions between security mechanisms
11 Denial of service and availability
12 Other requirements
Annex A - Some examples of protection mechanisms for
          security certificates
      A.1 Protection using a parameter within the security
          service
      A.2 Protection using a parameter within the security
          certificate
          A.2.1 The authentication method
          A.2.2 The secret key method
          A.2.3 The public key method
          A.2.4 The one-way function method
      A.3 Protection of the internal and external
          parameters while in transit
          A.3.1 Transfer of internal parameters to the
                 issuing security authority
          A.3.2 Transfer of external parameters among
                 entities
      A.4 Use of security certificates by single entities
          or by groups of entities
      A.5 Linking a security certificate with accesses
Annex B - Bibliography

Details application of security services in an Open Systems environment including such areas as Database, Distributed Applications, ODP and OSI. Specifies means of protecting systems and objects within systems and interactions between systems. Does not cover methodology for construction systems or mechanisms.

The security frameworks address the application of security services in an Open Systems environment, where the term Open Systems is taken to include areas such as Database, Distributed Applications, ODP and OSI. The security frameworks are concerned with defining the means of providing protection for systems and objects within systems, and with the interactions between systems. The security frameworks are not concerned with the methodology for constructing systems or mechanisms.

The security frameworks address both data elements and sequences of operations (but not protocol elements) which are used to obtain specific security services. These security services may apply to the communicating entities of systems as well as to data exchanged between systems, and to data managed by systems.

The security frameworks provide the basis for further standardization, providing consistent terminology and definitions of generic abstract service interfaces for specific security requirements. They also categorize the mechanisms that can be used to achieve those requirements.

One security service frequently depends on other security services, making it difficult to isolate one part of security from the others. The security frameworks address particular security services, describe the range of mechanisms that can be used to provide the security services, and identify interdependancies between the services and the mechanisms. The description of these mechanisms may involve a reliance on a different security service, and it is in this way that the security frameworks describe the reliance of one security service on another.

This part of the security frameworks:

describes the organization of the security frameworks;
defines security concepts which are required in more than one part of the security frameworks;
describes the inter-relationship of the services and mechanisms identified in other parts of the frameworks.

Committee	ICT/1
DevelopmentNote	Supersedes 95/641768 DC. (08/2004)
DocumentType	Standard
Pages	24
PublisherName	British Standards Institution
Status	Current
Supersedes	95/641768 DC : DRAFT APR 1995

Standards	Relationship
ISO/IEC 10181-1:1996	Identical

ISO/IEC 7498-1:1994	Information technology Open Systems Interconnection Basic Reference Model: The Basic Model
ISO/IEC 10181-3:1996	Information technology Open Systems Interconnection Security frameworks for open systems: Access control framework
ISO/IEC 9594-8:2017	Information technology Open Systems Interconnection The Directory Part 8: Public-key and attribute certificate frameworks
ISO 7498-2:1989	Information processing systems Open Systems Interconnection Basic Reference Model Part 2: Security Architecture
ISO/IEC 10181-2:1996	Information technology Open Systems Interconnection Security frameworks for open systems: Authentication framework
ISO/IEC 11770-1:2010	Information technology Security techniques Key management Part 1: Framework
ISO/IEC 9798-1:2010	Information technology Security techniques Entity authentication Part 1: General

View more information

US$237.18

Excluding Tax where applicable

Product format

I agree to the DRM document license rules apply against the PDF selection made.

Please confirm that you agree to the document license rules for this document.

I agree to the document license rules .

Please confirm that you agree to the document license rules for this document.

Access your standards online with a subscription

Features

Simple online access to standards, technical information and regulations.
Critical updates of standards and customisable alerts and notifications.
Multi-user online standards collection: secure, flexible and cost effective.

Learn more on subscription solutions

Get in touch with us

Log into your Account

BS ISO/IEC 10181-1:1996

Current

Table of Contents

Abstract

Scope

General Product Information

International Equivalents

Standards Referencing This Book

Category

Subcategory

Access your standards online with a subscription