BS ISO/IEC 10181-7-1996 信息技术.开放式系统互连.开放式系统的安全框架.安全审计和报警框架
作者:标准资料网 时间:2024-04-20 18:45:20 浏览:8539
来源:标准资料网
下载地址: 点击此处下载
【英文标准名称】:Informationtechnology-Opensystemsinterconnection-Securityframeworksforopensystems-Securityauditandalarmsframework
【原文标准名称】:信息技术.开放式系统互连.开放式系统的安全框架.安全审计和报警框架
【标准号】:BSISO/IEC10181-7-1996
【标准状态】:现行
【国别】:英国
【发布日期】:1996-11-15
【实施或试行日期】:1996-11-15
【发布单位】:英国标准学会(BSI)
【起草单位】:BSI
【标准类型】:()
【标准水平】:()
【中文主题词】:审计;文电;数据处理;数据集成度;数据存储保护;数据传输;开放系统互连;验证;信息交流;数据安全;数据传送
【英文主题词】:Communicationprocedures;Dataprocessing;Dataprotection;Datasecurity;Informationinterchange;Informationtechnology;Networkinterconnection;Opensystems;Opensystemsinterconnection;OSI;Overviews
【摘要】:ThisRecommendation|InternationalStandardaddressestheapplicationofsecurityservicesinanOpenSystemsenvironment,wheretheterm"OpenSystems"istakentoincludeareassuchasDatabase,DistributedApplications,OpenDistributedProcessingandOSI.TheSecurityFrameworksareconcernedwithdefiningthemeansofprovidingprotectionforsystemsandobjectswithinsystems,andwiththeinteractionsbetweensystems.TheSecurityFrameworksarenotconcernedwiththemethodologyforconstructingsystemsormechanisms.TheSecurityFrameworksaddressbothdataelementsandsequencesofoperations(butnotprotocolelements)whichareusedtoobtainspecificsecurityservices.Thesesecurityservicesmayapplytothecommunicatingentitiesofsystemsaswellastodataexchangedbetweensystems,andtodatamanagedbysystems.ThepurposeofsecurityauditandalarmsasdescribedinthisRecommendation|InternationalStandardistoensurethatopensystem-security-relatedeventsarehandledinaccordancewiththesecuritypolicyoftheapplicablesecurityauthority.Inparticular,thisframework:a)definesthebasicconceptsofsecurityauditandalarms;b)providesageneralmodelforsecurityauditandalarms;andc)identifiestherelationshipoftheSecurityAuditandAlarmsservicewithothersecurityservices.Aswithothersecurityservices,asecurityauditcanonlybeprovidedwithinthecontextofadefinedsecuritypolicy.TheSecurityAuditandAlarmsmodelprovidedinclause6supportsavarietyofgoalsnotallofwhichmaybenecessaryordesiredinaparticularenvironment.Thesecurityauditserviceprovidesanauditauthoritywiththeabilitytospecifytheeventswhichneedtoberecordedwithinasecurityaudittrail.Anumberofdifferenttypesofstandardcanusethisframeworkincluding:1)standardsthatincorporatetheconceptofauditandalarms;2)standardsthatspecifyabstractservicesthatincludeauditandalarms;3)standardsthatspecifyusesofauditandalarms;4)standardsthatspecifythemeansofprovidingauditandalarmswithinanopensystemarchitecture;and5)standardsthatspecifyauditandalarmsmechanisms.Suchstandardscanusethisframeworkasfollows:-standardtypes1),2),3),4)and5)canusetheterminologyofthisframework;-standardtypes2),3),4)and5)canusethefacilitiesdefinedinclause8;and-standardtypes5)canbebaseduponthecharacteristicsofmechanismsdefinedinclause9.
【中国标准分类号】:L79
【国际标准分类号】:35_100_01
【页数】:26P.;A4
【正文语种】:英语
【原文标准名称】:信息技术.开放式系统互连.开放式系统的安全框架.安全审计和报警框架
【标准号】:BSISO/IEC10181-7-1996
【标准状态】:现行
【国别】:英国
【发布日期】:1996-11-15
【实施或试行日期】:1996-11-15
【发布单位】:英国标准学会(BSI)
【起草单位】:BSI
【标准类型】:()
【标准水平】:()
【中文主题词】:审计;文电;数据处理;数据集成度;数据存储保护;数据传输;开放系统互连;验证;信息交流;数据安全;数据传送
【英文主题词】:Communicationprocedures;Dataprocessing;Dataprotection;Datasecurity;Informationinterchange;Informationtechnology;Networkinterconnection;Opensystems;Opensystemsinterconnection;OSI;Overviews
【摘要】:ThisRecommendation|InternationalStandardaddressestheapplicationofsecurityservicesinanOpenSystemsenvironment,wheretheterm"OpenSystems"istakentoincludeareassuchasDatabase,DistributedApplications,OpenDistributedProcessingandOSI.TheSecurityFrameworksareconcernedwithdefiningthemeansofprovidingprotectionforsystemsandobjectswithinsystems,andwiththeinteractionsbetweensystems.TheSecurityFrameworksarenotconcernedwiththemethodologyforconstructingsystemsormechanisms.TheSecurityFrameworksaddressbothdataelementsandsequencesofoperations(butnotprotocolelements)whichareusedtoobtainspecificsecurityservices.Thesesecurityservicesmayapplytothecommunicatingentitiesofsystemsaswellastodataexchangedbetweensystems,andtodatamanagedbysystems.ThepurposeofsecurityauditandalarmsasdescribedinthisRecommendation|InternationalStandardistoensurethatopensystem-security-relatedeventsarehandledinaccordancewiththesecuritypolicyoftheapplicablesecurityauthority.Inparticular,thisframework:a)definesthebasicconceptsofsecurityauditandalarms;b)providesageneralmodelforsecurityauditandalarms;andc)identifiestherelationshipoftheSecurityAuditandAlarmsservicewithothersecurityservices.Aswithothersecurityservices,asecurityauditcanonlybeprovidedwithinthecontextofadefinedsecuritypolicy.TheSecurityAuditandAlarmsmodelprovidedinclause6supportsavarietyofgoalsnotallofwhichmaybenecessaryordesiredinaparticularenvironment.Thesecurityauditserviceprovidesanauditauthoritywiththeabilitytospecifytheeventswhichneedtoberecordedwithinasecurityaudittrail.Anumberofdifferenttypesofstandardcanusethisframeworkincluding:1)standardsthatincorporatetheconceptofauditandalarms;2)standardsthatspecifyabstractservicesthatincludeauditandalarms;3)standardsthatspecifyusesofauditandalarms;4)standardsthatspecifythemeansofprovidingauditandalarmswithinanopensystemarchitecture;and5)standardsthatspecifyauditandalarmsmechanisms.Suchstandardscanusethisframeworkasfollows:-standardtypes1),2),3),4)and5)canusetheterminologyofthisframework;-standardtypes2),3),4)and5)canusethefacilitiesdefinedinclause8;and-standardtypes5)canbebaseduponthecharacteristicsofmechanismsdefinedinclause9.
【中国标准分类号】:L79
【国际标准分类号】:35_100_01
【页数】:26P.;A4
【正文语种】:英语
下载地址: 点击此处下载