URL: http://www.iso.ch
From
http://www.csa-intl.org:
This
Recommendation / International Standard addresses the application of security
services in an Open Systems environment, where the term "Open
Systems" is taken to include areas such as Database, Distributed
Applications, Open Distributed Processing and OSI. The
Security Frameworks are concerned with defining the means of providing
protection for systems and objects within systems, and with the interactions
between systems. The Security Frameworks are not concerned with the methodology
for constructing systems or mechanisms.
The
Security Frameworks address both data elements and sequences of operations (but
not protocol elements) that are used to obtain specific security services.
These security services may apply to the communicating entities of systems as
well as to data exchanged between systems, and to data managed by systems.
This
Recommendation / International Standard:
-
defines the basic concepts of Non-repudiation;
- defines general Non-repudiation services;
- identifies possible mechanisms to provide the Non-repudiation services;
- identifies general management requirements for Non-repudiation services and
mechanisms.
As
with other security services, Non-repudiation can only be provided within the
context of a defined security policy for a particular application. The
definitions of security policies are outside the scope of this Recommendation /
International Standard.
The
scope of this Recommendation / International Standard does not include
specification of details of the protocol exchanges which need to be performed
in order to achieve Non-repudiation.
This
Recommendation / International Standard does not describe in detail the
particular mechanisms that can be used to support the Non-repudiation services
nor does it give details of the supporting security management services and
protocols.
|