CAN/CSA-ISO/IEC 10164-8-95 (R2014)
Current
The latest, up-to-date edition.
Information Technology - Open Systems Interconnection - Systems Management: Security Audit Trail Function (Adopted ISO/IEC 10164-8:1993, first edition, 1993-06-15)
Hardcopy , PDF
English
01-01-1995
Important note : Users cannot be edited or removed once added to your Multi user PDF.
1 Scope
2 Normative references
3 Definitions
4 Abbreviations
5 Conventions
6 Requirements
7 Model
8 Generic definitions
9 Service definition
10 Functional units
11 Protocol
12 Relationships with other functions
13 Conformance
Annexes
A - Definition of management information
B - MCS proforma
C - MICS proforma
D - MOCS proforma
E - MIDS (notification) proforma
F - Relationship with the security audit framework
Scope This Recommendation | International Standard defines the security audit trail function. The security audit trail function is a systems management function which may be used by an application process in a centralized or decentralized management environment to exchange information and commands for the purpose of systems management, as defined by CCITT Rec. X.700 | ISO 7498-4. This Recommendation | International Standard is positioned in the application layer of CCITT Rec. X.200 | ISO 7498 and is defined according to the model provided by ISO/IEC 9545. The role of systems management functions is described by CCITT Rec. X.701 | ISO/IEC 10040. This Recommendation | International Standard - establishes user requirements for the service definition needed to support the security audit trail reporting function; - defines the service provided by the security audit trail reporting function; - specifies the protocol that is necessary in order to provide the service; - defines the relationship between the service and management notifications; - defines relationships with other systems management functions; - specifies conformance requirements. This Recommendation | International Standard does not define - a security audit, nor how to perform one. A security audit may be used to assist in assessing the effectiveness of a security policy. The security policy identifies the categories of security-related events that require auditing, and the location of the security audit trail log in which they are to be recorded; - the nature of any implementation intended to provide the security audit trail function; - the occasions where the use of the security audit trail function is appropriate; - the services necessary for the establishment, normal and abnormal release of a management association; - any other notifications defined by other Recommendations | International Standards which may be of interest to a security administrator.
| DocumentType |
Standard
|
| Pages |
57
|
| ProductNote |
Reconfirmed EN
|
| PublisherName |
Canadian Standards Association
|
| Status |
Current
|
| Supersedes |
Scope This Recommendation | International Standard defines the security audit trail function. The security audit trail function is a systems management function which may be used by an application process in a centralized or decentralized management environment to exchange information and commands for the purpose of systems management, as defined by CCITT Rec. X.700 | ISO 7498-4. This Recommendation | International Standard is positioned in the application layer of CCITT Rec. X.200 | ISO 7498 and is defined according to the model provided by ISO/IEC 9545. The role of systems management functions is described by CCITT Rec. X.701 | ISO/IEC 10040. This Recommendation | International Standard - establishes user requirements for the service definition needed to support the security audit trail reporting function; - defines the service provided by the security audit trail reporting function; - specifies the protocol that is necessary in order to provide the service; - defines the relationship between the service and management notifications; - defines relationships with other systems management functions; - specifies conformance requirements. This Recommendation | International Standard does not define - a security audit, nor how to perform one. A security audit may be used to assist in assessing the effectiveness of a security policy. The security policy identifies the categories of security-related events that require auditing, and the location of the security audit trail log in which they are to be recorded; - the nature of any implementation intended to provide the security audit trail function; - the occasions where the use of the security audit trail function is appropriate; - the services necessary for the establishment, normal and abnormal release of a management association; - any other notifications defined by other Recommendations | International Standards which may be of interest to a security administrator.
| Standards | Relationship |
| ISO/IEC 10164-8:1993 | Identical |
| ISO/IEC 10181-7:1996 | Information technology Open Systems Interconnection Security frameworks for open systems: Security audit and alarms framework |
| ISO/IEC 9646-7:1995 | Information technology Open Systems Interconnection Conformance testing methodology and framework Part 7: Implementation Conformance Statements |
| ISO/IEC 10165-2:1992 | Information technology Open Systems Interconnection Structure of management information: Definition of management information |
| ISO/IEC 10165-6:1997 | Information technology Open Systems Interconnection Structure of management information: Requirements and guidelines for implementation conformance statement proformas associated with OSI management |
| ISO/IEC 9595:1998 | Information technology Open Systems Interconnection Common management information service |
| ISO/IEC 10040:1998 | Information technology Open Systems Interconnection Systems management overview |
| ISO/IEC 9646-2:1994 | Information technology Open Systems Interconnection Conformance testing methodology and framework Part 2: Abstract Test Suite specification |
| ISO/IEC 9545:1994 | Information technology Open Systems Interconnection Application Layer structure |
| ISO/IEC 8824:1990 | Information technology — Open Systems Interconnection — Specification of Abstract Syntax Notation One (ASN.1) |
| ISO/TR 8509:1987 | Information processing systems Open Systems Interconnection Service conventions |
| ISO 7498-2:1989 | Information processing systems Open Systems Interconnection Basic Reference Model Part 2: Security Architecture |
| ISO/IEC 10164-7:1992 | Information technology Open Systems Interconnection Systems Management: Security alarm reporting function |
| ISO/IEC 8825:1990 | Information technology — Open Systems Interconnection — Specification of Basic Encoding Rules for Abstract Syntax Notation One (ASN.1) |
| ISO/IEC 9646-1:1994 | Information technology Open Systems Interconnection Conformance testing methodology and framework Part 1: General concepts |
| ISO/IEC 10164-4:1992 | Information technology Open Systems Interconnection Systems Management: Alarm reporting function Part 4: |
| ISO/IEC 10164-5:1993 | Information technology Open Systems Interconnection Systems management: Event Report Management Function |
| ISO/IEC 7498-4:1989 | Information processing systems — Open Systems Interconnection — Basic Reference Model — Part 4: Management framework |
| ISO/IEC 10165-4:1992 | Information technology Open Systems Interconnection Structure of management information Part 4: Guidelines for the definition of managed objects |
| ISO/IEC 10164-6:1993 | Information technology — Open Systems Interconnection — Systems Management: Log control function |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.