• Shopping Cart
    There are no items in your cart

BS ISO/IEC 10181-5:1996

Current

Current

The latest, up-to-date edition.

Information technology. Open systems interconnection. Security frameworks for open systems Confidentiality framework

Available format(s)

Hardcopy , PDF

Language(s)

English

Published date

15-02-1997

€165.94
Excluding VAT

1 Scope
2 Normative references
   2.1 Identical Recommendations/International
        Standards
   2.2 Paired Recommendations/International Standards
        equivalent in technical content
3 Definitions
   3.1 Basic Reference Model definitions
   3.2 Security architecture definitions
   3.3 Security frameworks overview definitions
   3.4 Additional definitions
4 Abbreviations
5 General discussion of confidentiality
   5.1 Basic concepts
        5.1.1 Protection of information
        5.1.2 Hide and reveal operations
   5.2 Classes of confidentiality services
   5.3 Types of confidentiality mechanisms
   5.4 Threats to confidentiality
        5.4.1 Threats when confidentiality is provided
               through access prevention
        5.4.2 Threats when confidentiality is provided
               through information hiding
   5.5 Types of confidentiality attacks
6 Confidentiality policies
   6.1 Policy expression
        6.1.1 Information characteristics
        6.1.2 Entity characterization
7 Confidentiality information and facilities
   7.1 Confidentiality information
        7.1.1 Hiding confidentiality information
        7.1.2 Revealing confidentiality information
   7.2 Confidentiality facilities
        7.2.1 Operation related facilities
               7.2.1.1 Hide
               7.2.1.2 Reveal
        7.2.2 Management related facilities
8 Confidentiality mechanisms
   8.1 Confidentiality protection through access
        prevention
        8.1.1 Confidentiality protection through physical
               media protection
        8.1.2 Confidentiality protection through routing
               control
   8.2 Confidentiality provision through encipherment
        8.2.1 Confidentiality provision through data
               padding
        8.2.2 Confidentiality provision through dummy
               events
        8.2.3 Confidentiality provision through PDU
               header protection
        8.2.4 Confidentiality provision through time
               varying fields
   8.3 Confidentiality provision through contextual
        location
9 Interactions with other security services and
   mechanisms
   9.1 Access Control
Annex A - Confidentiality in the OSI Reference Model
Annex B - Example of a sequence of movements through
          different confidentiality protected environments
Annex C - Representation of Information
Annex D - Covert Channels
Annex E - Confidentiality Facilities Outline

Defines application of security services in an Open Systems environment, including Database, Distributed Applications, Open Distributed Processing and OSI. Concerned with provision of protection for systems and objects within systems, together with interactions between systems. Does not cover methods for construction of systems or mechanisms.

Committee
ICT/1
DevelopmentNote
Supersedes 94/641669 DC. (07/2005)
DocumentType
Standard
Pages
22
PublisherName
British Standards Institution
Status
Current
Supersedes

This Recommendation | International Standard on Security Frameworks for Open Systems addresses the application of security services in an Open Systems environment, where the term \'Open System\' is taken to include areas such as Database, Distributed Applications, Open Distributed Processing and OSI. The Security Frameworks are concerned with defining the means of providing protection for systems and objects within systems, and with the interactions between systems. The Security Frameworks are not concerned with the methodology for constructing systems or mechanisms. The Security Frameworks address both data elements and sequences of operations (but not protocol elements) which may be used to obtain specific security services. These security services may apply to the communicating entities of systems as well as to data exchanged between systems, and to data managed by systems. This Recommendation | International Standard addresses the confidentiality of information in retrieval, transfer and management. It: defines the basic concepts of confidentiality; identifies possible classes of confidentiality mechanisms; classifies and identifies facilities for each class of confidentiality mechanisms; identifies management required to support the classes of confidentiality mechanism; and addresses the interaction of confidentiality mechanism and the supporting services with other security services and mechanisms. A number of different types of standards can use this framework, including: standards that incorporate the concept of confidentiality; standards that specify abstract services that include confidentiality; standards that specify uses of a confidentiality service; standards that specify means of providing confidentiality within an open system architecture; and standards that specify confidentiality mechanisms. Such standards can use this framework as follows: standards of type1), 2), 3), 4) and 5) can use the terminology of this framework; standards of type2), 3), 4) and 5) can use the facilities defined in clause7 of this framework; standards of type5) can be based upon the classes of mechanism defined in clause8 of this framework. As with other security services, confidentiality can only be provided within the context of a defined security policy for a particular application. The definitions of specific security policies are outside the scope of this Recommendation | International Standard. It is not a matter for this Recommendation | International Standard to specify details of the protocol exchanges which need to be performed in order to achieve confidentiality. This Recommendation | International Standard does not specify particular mechanisms to support these confidentiality services nor the full details of security management services and protocols. Generic mechanisms to support confidentiality are described in clause8. Some of the procedures described in this security framework achieve confidentiality by the application of cryptographic techniques. This framework is not dependent on the use of particular cryptographic or other algorithms, although certain classes of confidentiality mechanisms may depend on particular algorithm properties. NOTE— Although ISO does not standardize cryptographic algorithms, it does standardize the procedures used to register them in ISO/IEC 9979:1991, Procedures for the registration of criptographic algorithms. This framework addresses the provision of confidentiality when the information is represented by data that are read-accessible to potential attackers. Its scope includes traffic flow confidentiality.

Standards Relationship
ISO/IEC 10181-5:1996 Identical

ISO/IEC 7498-1:1994 Information technology — Open Systems Interconnection — Basic Reference Model: The Basic Model
ISO/IEC 10736:1995 Information technology Telecommunications and information exchange between systems Transport layer security protocol
ISO/IEC 10181-3:1996 Information technology Open Systems Interconnection Security frameworks for open systems: Access control framework
ISO/IEC 10181-1:1996 Information technology Open Systems Interconnection Security frameworks for open systems: Overview
ISO 7498-2:1989 Information processing systems Open Systems Interconnection Basic Reference Model Part 2: Security Architecture
ISO/IEC 8473-1:1998 Information technology — Protocol for providing the connectionless-mode network service: Protocol specification — Part 1:
ISO/IEC 11577:1995 Information technology Open Systems Interconnection Network layer security protocol

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.