標準號：BS ISO/IEC 10745-1995
中文標準名稱：信息技術.開放式系統互連.上層加密模式
英文標準名稱：Information technology - Open systems interconnection - Upper layers security model
標準類型：L79
發布日期：1995/12/15 12:00:00
實施日期：1995/12/15 12:00:00
中國標準分類號：L79
國際標準分類號：35.100.01
適用范圍：1 This Recommendation | International Standard defines an architectural model that provides a basis for: a) the development of application-independent services and protocols for security in the upper layers of OSI; and b) the utilization of these services and protocols to fulfil the security requirements of a wide variety of applications, so that the need for application-specific ASEs to contain internal security services is minimized. 2 In particular, this Recommendation | International Standard specifies: a) the security aspects of communication in the upper layers of OSI; b) the support in the upper layers of the security services defined in the OSI Security Architecture and the Security Frameworks for Open Systems; c) the positioning of, and relationships among, security services and mechanisms in the upper layers, according to the guidelines of CCITT Rec. X.800 I ISO 7498-2 and ITU-T Rec. X.207 | ISO/IEC 9545. d) the interactions among the upper layers, and interactions between the upper layers and the lower layers, in providing and using security services; e) the requirement for management of security information in the upper layers. 3 With respect to access control, the scope of this Recommendation | International Standard includes services and mechanisms for controlling access to OSI resources and resources accessible via OSI. 4 This Recommendation | International Standard does not include: a) definition of OSI services or specification of OSI protocols; b) specification of security techniques and mechanisms, their operation, and their protocol requirements; or c) aspects of providing security which are not concerned with OSI communications. 5 This Recommendation | International Standard is neither an implementation specification for systems nor a basis for appraising the conformance of implementations. NOTE - The scope of this Recommendation | International Standard includes security for connectionless applications and for distributed applications (such as store-and-forward applications, chained applications, and applications acting on behalf of other applications).