標(biāo)準(zhǔn)號(hào)：ISO/IEC 10181-1-1996
中文標(biāo)準(zhǔn)名稱：信息技術(shù) 開放系統(tǒng)互連 開放系統(tǒng)安全框架:概述
英文標(biāo)準(zhǔn)名稱：Information technology - Open Systems Interconnection - Security frameworks for open systems - Overview
標(biāo)準(zhǔn)類型：L79
發(fā)布日期：1999/12/31 12:00:00
實(shí)施日期：1999/12/31 12:00:00
中國標(biāo)準(zhǔn)分類號(hào)：L79
國際標(biāo)準(zhǔn)分類號(hào)：35.100.01
適用范圍：The security frameworks address the application of security services in an Open Systems environment, where the term Open Systems is taken to include areas such as Database, Distributed Applications, ODP and OSI. The security frameworks are concerned with defining the means of providing protection for systems and objects within systems, and with the interactions between systems. The security frameworks are not concerned with the methodology for constructing systems or mechanisms. The security frameworks address both data elements and sequences of operations (but not protocol elements) which are used to obtain specific security services. These security services may apply to the communicating entities of systems as well as to data exchanged between systems, and to data managed by systems. The security frameworks provide the basis for further standardization, providing consistent terminology and definitions of generic abstract service interfaces for specific security requirements. They also categorize the mechanisms that can be used to achieve those requirements. One security service frequently depends on other security services, making it difficult to isolate one part of security from the others. The security frameworks address particular security services, describe the range of mechanisms that can be used to provide the security services, and identify interdependancies between the services and the mechanisms. The description of these mechanisms may involve a reliance on a different security service, and it is in this way that the security frameworks describe the reliance of one security service on another. This part of the security frameworks: - describes the organization of the security frameworks; - defines security concepts which are required in more than one part of the security frameworks; - describes the inter-relationship of the services and mechanisms identified in other parts of the frameworks.