ISO/IEC 10181-4-1997 信息技术开放系统互连开放系统安全框架:抗抵赖框架
作者:标准资料网 时间:2024-05-21 02:06:55 浏览:9421
来源:标准资料网
下载地址: 点击此处下载
【英文标准名称】:Informationtechnology-OpenSystemsInterconnection-Securityframeworksforopensystems:Non-repudiationframework
【原文标准名称】:信息技术开放系统互连开放系统安全框架:抗抵赖框架
【标准号】:ISO/IEC10181-4-1997
【标准状态】:现行
【国别】:国际
【发布日期】:1997-04
【实施或试行日期】:
【发布单位】:国际标准化组织(IX-ISO)
【起草单位】:ISO/IECJTC1
【标准类型】:()
【标准水平】:()
【中文主题词】:信息技术;导则;开放系统互连;安全;信息交换;网络互连;传播方式;数据处理
【英文主题词】:Communicationprocesses;Dataprocessing;Guidelines;Informationinterchange;Informationtechnology;Networkinterconnection;Opensystemsinterconnection;OSI;Safety
【摘要】:ThisRecommendation|InternationalStandardaddressestheapplicationofsecurityservicesinanOpenSystemsenvironment,wheretheterm"OpenSystems"istakentoincludeareassuchasDatabase,DistributedApplications,OpenDistributedProcessingandOSI.TheSecurityFrameworksareconcernedwithdefiningthemeansofprovidingprotectionforsystemsandobjectswithinsystems,andwiththeinteractionsbetweensystems.TheSecurityFrameworksarenotconcernedwiththemethodologyforconstructingsystemsormechanisms.TheSecurityFrameworksaddressbothdataelementsandsequencesofoperations(butnotprotocolelements)whichareusedtoobtainspecificsecurityservices.Thesesecurityservicesmayapplytothecommunicatingentitiesofsystemsaswellastodataexchangedbetweensystems,andtodatamanagedbysystems.ThisRecommendation|InternationalStandard:—definesthebasicconceptsofNon-repudiation;—definesgeneralNon-repudiationservices;—identifiespossiblemechanismstoprovidetheNon-repudiationservices;—identifiesgeneralmanagementrequirementsforNon-repudiationservicesandmechanisms.Aswithothersecurityservices,Non-repudiationcanonlybeprovidedwithinthecontextofadefinedsecuritypolicyforaparticularapplication.ThedefinitionsofsecuritypoliciesareoutsidethescopeofthisRecommendation|InternationalStandard.ThescopeofthisRecommendation|InternationalStandarddoesnotincludespecificationofdetailsoftheprotocolexchangeswhichneedtobeperformedinordertoachieveNon-repudiation.ThisRecommendation|InternationalStandarddoesnotdescribeindetailtheparticularmechanismsthatcanbeusedtosupporttheNon-repudiationservicesnordoesitgivedetailsofthesupportingsecuritymanagementservicesandprotocols.Someoftheproceduresdescribedinthisframeworkachievesecuritybytheapplicationofcryptographictechniques.Thisframeworkisnotdependentontheuseofaparticularcryptographicorotheralgorithmoronparticularcryptographictechniques(i.e.symmetricorasymmetric)althoughcertainclassesofNon-repudiationmechanismsmaydependonparticularalgorithmproperties.Indeeditislikely,inpractice,thatanumberofdifferentalgorithmswillbeused.Twoentitieswishingtousecryptographically-protecteddatamustsupportthesamecryptographicalgorithm.[|NOTE-AlthoughISOdoesnotstandardizecryptographicalgorithms,itdoesstandardizetheproceduresusedtoregistertheminISO/IEC9979.]Anumberofdifferenttypesofstandardcanusethisframeworkincluding:1)standardsthatincorporatetheconceptofNon-repudiation;2)standardsthatspecifyabstractservicesthatincludeNon-repudiation;3)standardsthatspecifyusesofaNon-repudiationservice;4)standardsthatspecifythemeansofprovidingNon-repudiationwithinanopensystemarchitecture;and5)standardsthatspecifyNon-repudiationmechanisms.Suchstandardscanusethisframeworkasfollows:—standardsoftype1),2),3),4)or5)canusetheterminologyofthisframework;—standardsoftype2),3),4)or5)canusethefacilitiesdefinedinclause7;and—standardsoftype5)canbebasedupontheclassesofmechanismdefinedinclause8.
【中国标准分类号】:L79
【国际标准分类号】:35_100_01
【页数】:23P.;A4
【正文语种】:英语
【原文标准名称】:信息技术开放系统互连开放系统安全框架:抗抵赖框架
【标准号】:ISO/IEC10181-4-1997
【标准状态】:现行
【国别】:国际
【发布日期】:1997-04
【实施或试行日期】:
【发布单位】:国际标准化组织(IX-ISO)
【起草单位】:ISO/IECJTC1
【标准类型】:()
【标准水平】:()
【中文主题词】:信息技术;导则;开放系统互连;安全;信息交换;网络互连;传播方式;数据处理
【英文主题词】:Communicationprocesses;Dataprocessing;Guidelines;Informationinterchange;Informationtechnology;Networkinterconnection;Opensystemsinterconnection;OSI;Safety
【摘要】:ThisRecommendation|InternationalStandardaddressestheapplicationofsecurityservicesinanOpenSystemsenvironment,wheretheterm"OpenSystems"istakentoincludeareassuchasDatabase,DistributedApplications,OpenDistributedProcessingandOSI.TheSecurityFrameworksareconcernedwithdefiningthemeansofprovidingprotectionforsystemsandobjectswithinsystems,andwiththeinteractionsbetweensystems.TheSecurityFrameworksarenotconcernedwiththemethodologyforconstructingsystemsormechanisms.TheSecurityFrameworksaddressbothdataelementsandsequencesofoperations(butnotprotocolelements)whichareusedtoobtainspecificsecurityservices.Thesesecurityservicesmayapplytothecommunicatingentitiesofsystemsaswellastodataexchangedbetweensystems,andtodatamanagedbysystems.ThisRecommendation|InternationalStandard:—definesthebasicconceptsofNon-repudiation;—definesgeneralNon-repudiationservices;—identifiespossiblemechanismstoprovidetheNon-repudiationservices;—identifiesgeneralmanagementrequirementsforNon-repudiationservicesandmechanisms.Aswithothersecurityservices,Non-repudiationcanonlybeprovidedwithinthecontextofadefinedsecuritypolicyforaparticularapplication.ThedefinitionsofsecuritypoliciesareoutsidethescopeofthisRecommendation|InternationalStandard.ThescopeofthisRecommendation|InternationalStandarddoesnotincludespecificationofdetailsoftheprotocolexchangeswhichneedtobeperformedinordertoachieveNon-repudiation.ThisRecommendation|InternationalStandarddoesnotdescribeindetailtheparticularmechanismsthatcanbeusedtosupporttheNon-repudiationservicesnordoesitgivedetailsofthesupportingsecuritymanagementservicesandprotocols.Someoftheproceduresdescribedinthisframeworkachievesecuritybytheapplicationofcryptographictechniques.Thisframeworkisnotdependentontheuseofaparticularcryptographicorotheralgorithmoronparticularcryptographictechniques(i.e.symmetricorasymmetric)althoughcertainclassesofNon-repudiationmechanismsmaydependonparticularalgorithmproperties.Indeeditislikely,inpractice,thatanumberofdifferentalgorithmswillbeused.Twoentitieswishingtousecryptographically-protecteddatamustsupportthesamecryptographicalgorithm.[|NOTE-AlthoughISOdoesnotstandardizecryptographicalgorithms,itdoesstandardizetheproceduresusedtoregistertheminISO/IEC9979.]Anumberofdifferenttypesofstandardcanusethisframeworkincluding:1)standardsthatincorporatetheconceptofNon-repudiation;2)standardsthatspecifyabstractservicesthatincludeNon-repudiation;3)standardsthatspecifyusesofaNon-repudiationservice;4)standardsthatspecifythemeansofprovidingNon-repudiationwithinanopensystemarchitecture;and5)standardsthatspecifyNon-repudiationmechanisms.Suchstandardscanusethisframeworkasfollows:—standardsoftype1),2),3),4)or5)canusetheterminologyofthisframework;—standardsoftype2),3),4)or5)canusethefacilitiesdefinedinclause7;and—standardsoftype5)canbebasedupontheclassesofmechanismdefinedinclause8.
【中国标准分类号】:L79
【国际标准分类号】:35_100_01
【页数】:23P.;A4
【正文语种】:英语
下载地址: 点击此处下载