ECMA/TR 46 : 1ED 88
Current
The latest, up-to-date edition.
SECURITY IN OPEN SYSTEMS - A SECURITY FRAMEWORK
12-01-2013
1. INTRODUCTION
1.1 Need and Application
2.2 Scope of Security in this Report
1.3 The Application Layer Security Framework
1.4 References
1.5 Definitions
1.5.1 General Terminology
1.5.2 Specific Terminology
1.5.3 Acronyms
2. REQUIREMENTS
2.1 Requirements on this Report
2.2 Environment Compatibility
2.3 General Security Requirements
2.3.1 User View Of Security
2.3.2 Threats to be addressed
2.3.3 Methods of Attack
2.4 Security Policies and Domains
2.4.1 Security Policy
2.4.2 Security Administration Domains
2.4.3 Cooperation between Security Domains
2.4.4 Levels of Policy
2.4.5 Implementation of Policies
2.5 Functional Security Requirements
2.5.1 Access Control
2.5.2 Resource Protection
2.5.3 Information Protection
2.5.4 Security Management
2.6 Implementation Considerations
2.6.1 Use of Supportive Applications
2.6.2 Cryptography
2.7 Design Requirements
2.7.1 Separation of Functionality
2.7.2 Distributed Operation
2.7.3 Robustness/Resilience
2.7.4 Selective Implementation
2.7.5 Usability
2.7.6 Evaluation and Testing
2.7.7 Certification and Accreditation
3. SECURITY CONCEPTS AND MODELS
3.1 The Security Domain Concept
3.1.1 Introduction
3.1.2 Autonomous Peer Domains
3.1.3 The Security Subdomain
3.1.4 Types of Security Domain
3.2 The Security Facility Concept
3.2.1 Introduction
4. DETAILED DESCRIPTION OF SECURITY FACILITIES
4.1 Subject Sponsor
4.1.1 Introduction
4.1.2 Functionality
4.1.3 Interaction With Other Facilities
4.1.4 Interactions with Communications Layer
Management
4.1.5 Use of Other Applications
4.1.6 Facility Management
4.1.7 Characteristics of the Subject Sponsor
4.2 Authentication Facility
4.2.1 Introduction
4.2.2 Functions Of the Authentication Facility
4.2.3 Interactions With other Facilities
4.2.4 Interactions with Communications Layer
Management
4.2.5 Use of Other Applications
4.2.6 Facility Management
4.3 Association Management Facility
4.3.1 Introduction
4.3.2 Functions of Association Management
4.3.3 Interaction With Other Facilities
4.3.4 Interactions With Communication Layer
Management
4.3.5 Interactions With Other Applications
4.3.6 Facility Management
4.4 Security State Facility
4.4.1 Introduction
4.4.2 Functions Of the Security State Facility
4.4.3 Interactions with other Facilities
4.4.4 Interactions with Communication Layer
Management
4.4.5 Use Of Other Applications
4.4.6 Facility Management
4.5 Security Attribute Management Facility
4.5.1 Introduction
4.5.2 Functions Of the Facility
4.5.3 Interactions With other Facilities
4.5.4 Interactions with Communications Layer
Management
4.5.5 Use of Other Applications
4.5.6 Facility Management
4.6 Authorization Facility
4.6.1 Introduction
4.6.2 Functions Of the Authorization Facility
4.6.3 Interactions With other Facilities
4.6.4 Interactions with Communications Layer
Management
4.6.5 Use of Other Applications
4.6.6 Facility Management
4.7 Inter-Domain Facility
4.7.1 Introduction
4.7.2 Functions Of the Inter-Domain Facility
4.7.3 Interactions With other Facilities
4.7.4 Interactions with Communication Layer
Management
4.7.5 Use of Other Applications
4.7.6 Facility Management
4.8 Security Audit Facility
4.8.1 Introduction
4.8.2 Functions Of The Security Audit Facility
4.8.3 Interactions With other Facilities
4.8.4 Interactions with Communications Layer
Management
4.8.5 Use of Other Applications
4.8.6 Facility Management
4.9 Security Recovery Facility
4.9.1 Introduction
4.9.2 Functions Of the Facility
4.9.3 Interactions With other Facilities
4.9.4 Interactions with Communications Layer
Management
4.9.5 Use of Other Applications
4.9.6 Facility Management
4.10 Cryptographic Support Facility
4.10.1 Introduction
4.10.2 Functions Of The Cryptographic Support
Facility
4.10.3 Interactions With other Facilities
4.10.4 Interactions with Communications Layer
Management
4.10.5 Use of Other Applications
4.10.6 Facility Management
4.11 Facility Interaction Matrix
5. RELATIONSHIP TO THE OSI REFERENCE MODEL
5.1 Security Facilities and Application Service
Elements
5.2 Single Associates Objects
5.3 Security Application Entity Types
6. SUPPORTIVE SECURITY APPLICATIONS
6.1 Role in The Distributed Environment
6.2 Client and Servers
6.2.1 Client/Server Interaction Within a
Supportive Security Application
6.2.2 Server/Server Interaction within a
Supportive Security Application
6.3 Supportive Security Applications and the OSI
Reference Model
6.4 Supportive Security Application Process Structure
6.5 Service and Management Aspects
7. SECURITY MANAGEMENT
7.1 Operational Security Management
7.1.1 Security Management Functions
7.1.2 Security Management Structures
7.1.3 Consistency and Synchronization of Security
Management
7.2 Security Configuration Management
7.3 Ordering of Security Management
8. CONCLUSION
APPENDIX A - DETAILED EXAMPLE OF THE USE OF SECURITY
FACILITIES IN ELECTRONICAL MAIL
APPENDIX B - DISCUSSION OF SECURITY ATTRIBUTES
APPENDIX C - MANDATORY VERSUS DISCRETIONARY
AUTHORIZATION POLICIES
Defines the functions which will affect the interactions between users and productive applications, and between productive applications and supportive applications which will also affect the installation, maintenance and management of applications and of the underlying system.
DocumentType |
Technical Report
|
PublisherName |
European Computer Manufacturers Association
|
Status |
Current
|
ECMA 205 : 1ED 93 | COMMERCIALLY ORIENTED FUNCTIONALITY CLASS FOR SECURITY EVALUATION (COFC) |
ECMA/TR 64 : 1ED 93 | SECURE INFORMATION PROCESSING VERSUS THE CONCEPT OF PRODUCT EVALUATION |
ECMA 206 : 1ED 93 | ASSOCIATION CONTEXT MANAGEMENT INCLUDING SECURITY CONTEXT MANAGEMENT |
CEN/TR 15300:2006 | Health informatics - Framework for formal modelling of healthcare security policies |
ECMA 179 : 1ED 92 | SERVICES FOR COMPUTER SUPPORTED TELECOMMUNICATIONS APPLICATIONS (CSTA) PHASE 1 |
ECMA 218 : 1994 ERRATA 1999 | PROTOCOL FOR COMPUTER SUPPORTED TELECOMMUNICATIONS APPLICATIONS (CSTA) PHASE 2 |
I.S. CEN TR 15300:2006 | HEALTH INFORMATICS - FRAMEWORK FOR FORMAL MODELLING OF HEALTHCARE SECURITY POLICIES |
ECMA 217 : 1ED 94 | SERVICES FOR COMPUTER SUPPORTED TELECOMMUNICATIONS APPLICATIONS (CSTA) PHASE 2 |
ISO 7498-2:1989 | Information processing systems Open Systems Interconnection Basic Reference Model Part 2: Security Architecture |
ECMA/TR 37 : 1986 | FRAMEWORK FOR OSI MANAGEMENT |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.