AUTHENTICITY TEST , COMMUNICATIONS , DATA COMMUNICATION , DATA NETWORK , DATA SECURITY , DEFINITION , DEFINITIONS , INFORMATION TECHNOLOGY , OPEN SYSTEMS INTERCONNECTION , OSI , SAFETY , TELECOMMUNICATION , TELECOMMUNICATIONS
被代替标准
2013-10-24
适用范围
This National Standard of Canada is equivalent to International Standard ISO/IEC 10181-6:1996 (first edition, 1996-09-15). 1 Scope The Recommendation | International Standard on Security Frameworks for Open Systems addresses the application of security services in an Open Systems environment, where the term "Open System" is taken to include areas such as Database, Distributed Applications, Open Distributed Processing and OSI. The Security Frameworks are concerned with defining the means of providing protection for systems and objects within systems, and with the interactions between systems. The Security Frameworks are not concerned with the methodology for constructing systems or mechanisms. The Security Frameworks address both data elements and sequences of operations (but not protocol elements) which may be used to obtain specific security services. These security services may apply to the communicating entities of
systems as well as to data exchanged between systems, and to data managed by systems. This Recommendation | International Standard addresses the integrity of data in information in retrieval, transfer and management: 1) defines the basic concepts of data integrity; 2) identifies possible classes of integrity mechanisms; 3) identifies facilities for each class of integrity mechanisms; 4) identifies management required to support the class of integrity mechanisms; 5) addresses the interaction of integrity mechanisms and the supporting services with other security services and mechanisms. A number of different types of standard can use this framework, including: 1) standards that incorporate the concept of integrity; 2) standards that specify abstract services that include integrity; 3) standards that specify uses of an integrity service; 4) standards that specify means of providing integrity within an open system architecture; and 5) standards that specify integrity mechanisms. Such standards can use this framework as follows: - standards of type 1), 2), 3), 4) and 5) can use the terminology of this framework; - standards of type 2), 3), 4) and 5) can use the facilities identified in clause 7; - standards of type 5) can be based upon the classes of mechanisms identified in clause 8. Some of the procedures described in this security framework achieve integrity by the application of cryptographic techniques. This framework is not dependent on the use of particular cryptographic or other algorithms, although certain classes of integrity mechanisms may depend on particular algorithm properties. NOTE - Although ISO does not standardize cryptographic algorithms, it does standardize the procedures used to register them in ISO/IEC 9979. The integrity addressed by this Recommendation | International Standard is that defined by the constancy of a data value. This notion (constancy of a data value) encompasses all instances in which different representations of a data value are deemed equivalent (such as different ASN.1 encodings of the same value). Other forms of invariance are excluded. The usage of the term data in this Recommendation | International Standard includes all types of data structures (such as sets or collections of data, sequences of data, file-systems and databases).