• Shopping Cart
    There are no items in your cart

BS ISO/IEC 10181-6:1996

Current

Current

The latest, up-to-date edition.

Information technology. Open systems interconnection. Security frameworks for open systems Integrity framework

Available format(s)

Hardcopy , PDF

Language(s)

English

Published date

15-03-1997

€165.94
Excluding VAT

1 Scope
2 Normative references
    2.1 Identical Recommendations - International
          Standards
    2.2 Paired Recommendations - International
          Standards equivalent in technical content
    2.3 Additional references
3 Definitions
4 Abbreviations
5 General discussion of integrity
    5.1 Basic concepts
    5.2 Types of integrity services
    5.3 Types of integrity mechanisms
    5.4 Threats to integrity
    5.5 Types of integrity attacks
6 Integrity policies
    6.1 Policy expression
          6.1.1 Data characterization
          6.1.2 Entity characterization
                  6.1.2.1 Identity based policies
                  6.1.2.2 Rule based policies
7 Integrity information and facilities
    7.1 Integrity information
          7.1.1 Shield integrity information
          7.1.2 Modification detection integrity information
          7.1.3 Unshield integrity information
    7.2 Integrity facilities
          7.2.1 Operational related facilities
          7.2.2 Management related facilities
8 Classification of integrity mechanisms
    8.1 Integrity provision through cryptography
          8.1.1 Integrity provision through sealing
          8.1.2 Integrity provision through Digital
                  Signatures
          8.1.3 Integrity provision through encipherment
                  of redundant data
    8.2 Integrity provision through context
          8.2.1 Data Replication
          8.2.2 Pre-agreed context
    8.3 Integrity provision through detection and
          acknowledgement
    8.4 Integrity provision through prevention
9 Interaction with other security services and mechanisms
    9.1 Access control
    9.2 Data origin authentication
    9.3 Confidentiality
Annex A Integrity in the OSI Basic Reference Model
Annex B External Data Consistency
Annex C Integrity Facilities Outline

Concerned with the applying of security services in an Open Systems environment (includes Database, Distributed Applications, Open Distributed Processing and OSI areas). Specifies means of system protection, including objects within systems. Does not address the methodology for construction of systems or mechanisms.

Committee
ICT/1
DevelopmentNote
Supersedes 94/641670 DC. (07/2005)
DocumentType
Standard
Pages
22
PublisherName
British Standards Institution
Status
Current
Supersedes

The Recommendation | International Standard on Security Frameworks for Open Systems addresses the application of security services in an Open Systems environment, where the term \'Open System\' is taken to include areas such as Database, Distributed Applications, Open Distributed Processing and OSI. The Security Frameworks are concerned with defining the means of providing protection for systems and objects within systems, and with the interactions between systems. The Security Frameworks are not concerned with the methodology for constructing systems or mechanisms. The Security Frameworks address both data elements and sequences of operations (but not protocol elements) which may be used to obtain specific security services. These security services may apply to the communicating entities of systems as well as to data exchanged between systems, and to data managed by systems. This Recommendation | International Standard addresses the integrity of data in information retrieval, transfer, and management: defines the basic concept of data integrity; identifies possible classes of integrity mechanism; identifies facilities for each class of integrity mechanisms; identifies management required to support the class of integrity mechanism; addresses the interaction of integrity mechanism and the supporting services with other security services and mechanisms. A number of different types of standard can use this framework, including: standards that incorporate the concept of integrity; standards that specify abstract services that include integrity; standards that specify uses of an integrity service; standards that specify means of providing integrity within an open system architecture; and standards that specify integrity mechanisms. Such standards can use this framework as follows: standards of type1), 2), 3), 4) and 5) can use the terminology of this framework; standards of type2), 3), 4) and 5) can use the facilities identified in clause7; standards of type5) can be based upon the classes of mechanisms identified in clause8. Some of the procedures described in this security framework achieve integrity by the application of cryptographic techniques. This framework is not dependent on the use of particular cryptographic or other algorithms, although certain classes of integrity mechanisms may depend on particular algorithm properties. NOTE— Although ISO does not standardize cryptographic algorithms, it does standardize the procedures used to register them in ISO/IEC9979. The integrity addressed by this Recommendation | International Standard is that defined by the constancy of a data value. This notion (constancy of a data value) encompasses all instances in which different representations of a data value are deemed equivalent (such as different ASN.1 encodings of the same value). Other forms of invariance are excluded. The usage of the term data in this Recommendation | International Standard includes all types of data structures (such as sets or collections of data, sequences of data, file-systems and databases). This framework addresses the provision of integrity to data that are deemed to be write-accessible to potential attackers. Therefore, it focusses on the provision of integrity through mechanisms, both cryptographic and non-cryptographic that do not rely exclusively on regulating access.

Standards Relationship
ISO/IEC 10181-6:1996 Identical

ISO/IEC 7498-1:1994 Information technology — Open Systems Interconnection — Basic Reference Model: The Basic Model
ISO/IEC 10736:1995 Information technology Telecommunications and information exchange between systems Transport layer security protocol
ISO/IEC 9979:1999 Information technology Security techniques Procedures for the registration of cryptographic algorithms
ISO/IEC 10181-3:1996 Information technology Open Systems Interconnection Security frameworks for open systems: Access control framework
ISO/IEC 10181-1:1996 Information technology Open Systems Interconnection Security frameworks for open systems: Overview
ISO 7498-2:1989 Information processing systems Open Systems Interconnection Basic Reference Model Part 2: Security Architecture
ISO/IEC 11577:1995 Information technology Open Systems Interconnection Network layer security protocol
ISO/IEC 10181-2:1996 Information technology Open Systems Interconnection Security frameworks for open systems: Authentication framework

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.