URL: http://www.iso.ch/iso/en/CatalogueDetailPage.CatalogueDetail?CSNUMBER=18198&ICS1=35&ICS2=100&ICS3=1
From
http://www.csa-intl.org:
This
series of Recommendations / International Standards on Security Frameworks for
Open Systems addresses the application of security services in an Open Systems
environment, where the term "Open Systems" is taken to include areas
such as Database, Distributed Applications, Open Distributed Processing
and OSI. The Security Frameworks are concerned with defining the means of
providing protection for systems and objects within systems, and with the
interactions between systems. The Security Frameworks are not concerned with the
methodology for constructing systems or mechanisms.
The
Security Frameworks address both data elements and sequences of operations (but
not protocol elements) that are used to obtain specific security services.
These security services may apply to the communicating entities of systems as
well as to data exchanged between systems, and to data managed by systems.
This
Recommendation / International Standard:
-
defines the basic concepts for authentication;
- identifies the possible classes of authentication mechanisms;
- defines the services for these classes of authentication mechanism;
- identifies functional requirements for protocols to support these classes of
authentication
mechanism; and
- identifies general management requirements for authentication.
A
number of different types of standards can use this framework including:
(1)
standards that incorporate the concept of authentication;
(2) standards that provide an authentication service;
(3) standards that use an authentication service;
(4) standards that specify the means to provide authentication within an open
system architecture; and
(5) standards that specify authentication mechanisms.
Keywords:
|