CSA Standards

Information technology - Open Systems Interconnection - Security frameworks for open systems: Confidentiality framework
 N CAN/CSA-ISO/IEC 10181-5-00

Annotation

This Recornmendation I International Standard on Security Frameworks for Open Systems addresses the application of security services in an Open Systems environment, where the term "Open System" is taken to include areas such as Database, Distributed Applications, Open Distributed Processing and OX. The Security Frameworks are concerned with defining the means of providing protection for systems and objects within systems, and with the interactions between systems. The Security Frameworks are not concerned with the methodology for constructing systems or mechanisms.

The Security Frameworks address both data elements and sequences of operations (but not protocol elements) which may be used to obtain specific security services. These security services may apply to the communicating entities of systems as well as to data exchanged between systems, and to data managed by systems.

This Recommendation I International Standard addresses the confidentiality of information in retrieval, transfer and management. It:

1) defines the basic concepts of confidentiality;

2) identifies possible classes of confidentiality mechanisms;

3) classifies and identifies facilities for each class of confidentiality mechanisms;

4) identifies management required to support the classes of confidentiality mechanism; and

5) addresses the interaction of confidentidity mechanism and the supporting services with other security services and mechanisms. A number of different types of standards can use this framework, including: