ISO/IEC 10181-7-1996 信息技术开放系统互连开放系统安全框架:安全跟踪和告警框架
作者:标准资料网 时间:2024-04-30 23:17:17 浏览:8069
来源:标准资料网
下载地址: 点击此处下载
【英文标准名称】:Informationtechnology-OpenSystemsInterconnection-Securityframeworksforopensystems-Securityauditandalarmsframework
【原文标准名称】:信息技术开放系统互连开放系统安全框架:安全跟踪和告警框架
【标准号】:ISO/IEC10181-7-1996
【标准状态】:现行
【国别】:国际
【发布日期】:1996-08
【实施或试行日期】:
【发布单位】:国际标准化组织(IX-ISO)
【起草单位】:ISO/IECJTC1
【标准类型】:()
【标准水平】:()
【中文主题词】:信息技术;数据安全;开放系统互连;开放系统互连;数据处理;信息交换;网络互连;数据保护;开式系统;通信规程;总揽
【英文主题词】:Communicationprocedures;Dataprocessing;Dataprotection;Datasecurity;Informationinterchange;Informationtechnology;Networkinterconnection;Opensystems;Opensystemsinterconnection;OSI;Overviews
【摘要】:ThisRecommendation|InternationalStandardaddressestheapplicationofsecurityservicesinanOpenSystemsenvironment,wheretheterm"OpenSystems"istakentoincludeareassuchasDatabase,DistributedApplications,OpenDistributedProcessingandOSI.TheSecurityFrameworksareconcernedwithdefiningthemeansofprovidingprotectionforsystemsandobjectswithinsystems,andwiththeinteractionsbetweensystems.TheSecurityFrameworksarenotconcernedwiththemethodologyforconstructingsystemsormechanisms.TheSecurityFrameworksaddressbothdataelementsandsequencesofoperations(butnotprotocolelements)whichareusedtoobtainspecificsecurityservices.Thesesecurityservicesmayapplytothecommunicatingentitiesofsystemsaswellastodataexchangedbetweensystems,andtodatamanagedbysystems.ThepurposeofsecurityauditandalarmsasdescribedinthisRecommendation|InternationalStandardistoensurethatopensystem-security-relatedeventsarehandledinaccordancewiththesecuritypolicyoftheapplicablesecurityauthority.Inparticular,thisframework:a)definesthebasicconceptsofsecurityauditandalarms;b)providesageneralmodelforsecurityauditandalarms;andc)identifiestherelationshipoftheSecurityAuditandAlarmsservicewithothersecurityservices.Aswithothersecurityservices,asecurityauditcanonlybeprovidedwithinthecontextofadefinedsecuritypolicy.TheSecurityAuditandAlarmsmodelprovidedinclause6supportsavarietyofgoalsnotallofwhichmaybenecessaryordesiredinaparticularenvironment.Thesecurityauditserviceprovidesanauditauthoritywiththeabilitytospecifytheeventswhichneedtoberecordedwithinasecurityaudittrail.Anumberofdifferenttypesofstandardcanusethisframeworkincluding:1)standardsthatincorporatetheconceptofauditandalarms;2)standardsthatspecifyabstractservicesthatincludeauditandalarms;3)standardsthatspecifyusesofauditandalarms;4)standardsthatspecifythemeansofprovidingauditandalarmswithinanopensystemarchitecture;and5)standardsthatspecifyauditandalarmsmechanisms.Suchstandardscanusethisframeworkasfollows:-standardtypes1),2),3),4)and5)canusetheterminologyofthisframework;-standardtypes2),3),4)and5)canusethefacilitiesdefinedinclause8;and-standardtypes5)canbebaseduponthecharacteristicsofmechanismsdefinedinclause9.
【中国标准分类号】:L79
【国际标准分类号】:35_100_01
【页数】:18P.;A4
【正文语种】:英语
【原文标准名称】:信息技术开放系统互连开放系统安全框架:安全跟踪和告警框架
【标准号】:ISO/IEC10181-7-1996
【标准状态】:现行
【国别】:国际
【发布日期】:1996-08
【实施或试行日期】:
【发布单位】:国际标准化组织(IX-ISO)
【起草单位】:ISO/IECJTC1
【标准类型】:()
【标准水平】:()
【中文主题词】:信息技术;数据安全;开放系统互连;开放系统互连;数据处理;信息交换;网络互连;数据保护;开式系统;通信规程;总揽
【英文主题词】:Communicationprocedures;Dataprocessing;Dataprotection;Datasecurity;Informationinterchange;Informationtechnology;Networkinterconnection;Opensystems;Opensystemsinterconnection;OSI;Overviews
【摘要】:ThisRecommendation|InternationalStandardaddressestheapplicationofsecurityservicesinanOpenSystemsenvironment,wheretheterm"OpenSystems"istakentoincludeareassuchasDatabase,DistributedApplications,OpenDistributedProcessingandOSI.TheSecurityFrameworksareconcernedwithdefiningthemeansofprovidingprotectionforsystemsandobjectswithinsystems,andwiththeinteractionsbetweensystems.TheSecurityFrameworksarenotconcernedwiththemethodologyforconstructingsystemsormechanisms.TheSecurityFrameworksaddressbothdataelementsandsequencesofoperations(butnotprotocolelements)whichareusedtoobtainspecificsecurityservices.Thesesecurityservicesmayapplytothecommunicatingentitiesofsystemsaswellastodataexchangedbetweensystems,andtodatamanagedbysystems.ThepurposeofsecurityauditandalarmsasdescribedinthisRecommendation|InternationalStandardistoensurethatopensystem-security-relatedeventsarehandledinaccordancewiththesecuritypolicyoftheapplicablesecurityauthority.Inparticular,thisframework:a)definesthebasicconceptsofsecurityauditandalarms;b)providesageneralmodelforsecurityauditandalarms;andc)identifiestherelationshipoftheSecurityAuditandAlarmsservicewithothersecurityservices.Aswithothersecurityservices,asecurityauditcanonlybeprovidedwithinthecontextofadefinedsecuritypolicy.TheSecurityAuditandAlarmsmodelprovidedinclause6supportsavarietyofgoalsnotallofwhichmaybenecessaryordesiredinaparticularenvironment.Thesecurityauditserviceprovidesanauditauthoritywiththeabilitytospecifytheeventswhichneedtoberecordedwithinasecurityaudittrail.Anumberofdifferenttypesofstandardcanusethisframeworkincluding:1)standardsthatincorporatetheconceptofauditandalarms;2)standardsthatspecifyabstractservicesthatincludeauditandalarms;3)standardsthatspecifyusesofauditandalarms;4)standardsthatspecifythemeansofprovidingauditandalarmswithinanopensystemarchitecture;and5)standardsthatspecifyauditandalarmsmechanisms.Suchstandardscanusethisframeworkasfollows:-standardtypes1),2),3),4)and5)canusetheterminologyofthisframework;-standardtypes2),3),4)and5)canusethefacilitiesdefinedinclause8;and-standardtypes5)canbebaseduponthecharacteristicsofmechanismsdefinedinclause9.
【中国标准分类号】:L79
【国际标准分类号】:35_100_01
【页数】:18P.;A4
【正文语种】:英语
下载地址: 点击此处下载