ISO/IEC 9594-8-2001 信息技术开放系统互连目录:公共键和属性认证框架
作者:标准资料网 时间:2024-03-29 07:01:13 浏览:8580
来源:标准资料网
下载地址: 点击此处下载
【英文标准名称】:Informationtechnology-OpenSystemsInterconnection-TheDirectory:Public-keyandattributecertificateframeworks
【原文标准名称】:信息技术开放系统互连目录:公共键和属性认证框架
【标准号】:ISO/IEC9594-8-2001
【标准状态】:作废
【国别】:国际
【发布日期】:2001-08-01
【实施或试行日期】:
【发布单位】:国际标准化组织(IX-ISO)
【起草单位】:ISO/IECJTC1
【标准类型】:()
【标准水平】:()
【中文主题词】:网络互连;膨胀;合格证书;计数检查;人名地址录;开式系统;导则;定义;开放系统互连;作标记;信息交换;数据处理;信息技术
【英文主题词】:Certificates;Dataprocessing;Definitions;Directories;Expansion(deformation);Guidelines;Informationinterchange;Informationtechnology;Inspectionbyattributes;Marking;Networkinterconnection;Opensystems;Opensystemsinterconnection;OSI
【摘要】:ThisRecommendation|InternationalStandardaddressessomeofthesecurityrequirementsintheareasofauthenticationandothersecurityservicesthroughtheprovisionofasetofframeworksuponwhichfullservicescanbebased.Specifically,thisRecommendation|InternationalStandarddefinesframeworksfor:-Public-keycertificates;-Attributecertificates;-Authenticationservices.Thepublic-keycertificateframeworkdefinedinthisRecommendation|InternationalStandardincludesdefinitionoftheinformationobjectsforPublicKeyInfrastructure(PKI),includingpublic-keycertificates,andCertificateRevocationList(CRL).TheattributecertificateframeworkincludesdefinitionoftheinformationobjectsforPrivilegeManagementInfrastructure(PMI),includingattributecertificates,andAttributeCertificateRevocationList(ACRL).ThisSpecificationalsoprovidestheframeworkforissuing,managing,usingandrevokingcertificates.Anextensibilitymechanismisincludedinthedefinedformatsforbothcertificatetypesandforallrevocationlistschemes.ThisRecommendation|InternationalStandardalsoincludesasetofstandardextensionsforeach,whichisexpectedtobegenerallyusefulacrossanumberofapplicationsofPKIandPMI.Theschemacomponents,includingobjectclasses,attributetypesandmatchingrulesforstoringPKIandPMIobjectsintheDirectory,areincludedinthisRecommendation|InternationalStandard.OtherelementsofPKIandPMI,beyondtheseframeworks,suchaskeyandcertificatemanagementprotocols,operationalprotocols,additionalcertificateandCRLextensionsareexpectedtobedefinedbyotherstandardsbodies(e.g.ISOTC68,IETF,etc.).TheauthenticationschemedefinedinthisRecommendation|InternationalStandardisgenericandmaybeappliedtoavarietyofapplicationsandenvironments.TheDirectorymakesuseofpublic-keycertificatesandattributecertificates,andtheframeworkfortheDirectory'suseofthesefacilitiesisalsodefinedinthisRecommendation|InternationalStandard.Public-keytechnology,includingcertificates,isusedbytheDirectorytoenablestrongauthentication,signedand/orencryptedoperations,andforstorageofsignedand/orencrypteddataintheDirectory.AttributecertificatescanbeusedbytheDirectorytoenablerule-basedaccesscontrol.AlthoughtheframeworkfortheseisprovidedinthisSpecification,thefulldefinitionoftheDirectory'suseoftheseframeworks,andtheassociatedservicesprovidedbytheDirectoryanditscomponentsissuppliedinthecompletesetofDirectorySpecifications.ThisRecommendation|InternationalStandard,intheAuthenticationservicesframework,also:-specifiestheformofauthenticationinformationheldbytheDirectory;-describeshowauthenticationinformationmaybeobtainedfromtheDirectory;-statestheassumptionsmadeabouthowauthenticationinformationisformedandplacedintheDirectory;-definesthreewaysinwhichapplicationsmayusethisauthenticationinformationtoperformauthenticationanddescribeshowothersecurityservicesmaybesupportedbyauthentication.ThisRecommendation|InternationalStandarddescribestwolevelsofauthentication:simpleauthentication,usingapasswordasaverificationofclaimedidentity;andstrongauthentication,involvingcredentialsformedusingcryptographictechniques.Whilesimpleauthenticationofferssomelimitedprotectionagainstunauthorizedaccess,onlystrongauthenticationshouldbeusedasthebasisforprovidingsecureservices.Itisnotintendedtoestablishthisasageneralframeworkforauthentication,butitcanbeofgeneraluseforapplicationswhichconsiderthesetechniquesadequate.
【中国标准分类号】:L79
【国际标准分类号】:35_100_70
【页数】:140P.;A4
【正文语种】:英语
【原文标准名称】:信息技术开放系统互连目录:公共键和属性认证框架
【标准号】:ISO/IEC9594-8-2001
【标准状态】:作废
【国别】:国际
【发布日期】:2001-08-01
【实施或试行日期】:
【发布单位】:国际标准化组织(IX-ISO)
【起草单位】:ISO/IECJTC1
【标准类型】:()
【标准水平】:()
【中文主题词】:网络互连;膨胀;合格证书;计数检查;人名地址录;开式系统;导则;定义;开放系统互连;作标记;信息交换;数据处理;信息技术
【英文主题词】:Certificates;Dataprocessing;Definitions;Directories;Expansion(deformation);Guidelines;Informationinterchange;Informationtechnology;Inspectionbyattributes;Marking;Networkinterconnection;Opensystems;Opensystemsinterconnection;OSI
【摘要】:ThisRecommendation|InternationalStandardaddressessomeofthesecurityrequirementsintheareasofauthenticationandothersecurityservicesthroughtheprovisionofasetofframeworksuponwhichfullservicescanbebased.Specifically,thisRecommendation|InternationalStandarddefinesframeworksfor:-Public-keycertificates;-Attributecertificates;-Authenticationservices.Thepublic-keycertificateframeworkdefinedinthisRecommendation|InternationalStandardincludesdefinitionoftheinformationobjectsforPublicKeyInfrastructure(PKI),includingpublic-keycertificates,andCertificateRevocationList(CRL).TheattributecertificateframeworkincludesdefinitionoftheinformationobjectsforPrivilegeManagementInfrastructure(PMI),includingattributecertificates,andAttributeCertificateRevocationList(ACRL).ThisSpecificationalsoprovidestheframeworkforissuing,managing,usingandrevokingcertificates.Anextensibilitymechanismisincludedinthedefinedformatsforbothcertificatetypesandforallrevocationlistschemes.ThisRecommendation|InternationalStandardalsoincludesasetofstandardextensionsforeach,whichisexpectedtobegenerallyusefulacrossanumberofapplicationsofPKIandPMI.Theschemacomponents,includingobjectclasses,attributetypesandmatchingrulesforstoringPKIandPMIobjectsintheDirectory,areincludedinthisRecommendation|InternationalStandard.OtherelementsofPKIandPMI,beyondtheseframeworks,suchaskeyandcertificatemanagementprotocols,operationalprotocols,additionalcertificateandCRLextensionsareexpectedtobedefinedbyotherstandardsbodies(e.g.ISOTC68,IETF,etc.).TheauthenticationschemedefinedinthisRecommendation|InternationalStandardisgenericandmaybeappliedtoavarietyofapplicationsandenvironments.TheDirectorymakesuseofpublic-keycertificatesandattributecertificates,andtheframeworkfortheDirectory'suseofthesefacilitiesisalsodefinedinthisRecommendation|InternationalStandard.Public-keytechnology,includingcertificates,isusedbytheDirectorytoenablestrongauthentication,signedand/orencryptedoperations,andforstorageofsignedand/orencrypteddataintheDirectory.AttributecertificatescanbeusedbytheDirectorytoenablerule-basedaccesscontrol.AlthoughtheframeworkfortheseisprovidedinthisSpecification,thefulldefinitionoftheDirectory'suseoftheseframeworks,andtheassociatedservicesprovidedbytheDirectoryanditscomponentsissuppliedinthecompletesetofDirectorySpecifications.ThisRecommendation|InternationalStandard,intheAuthenticationservicesframework,also:-specifiestheformofauthenticationinformationheldbytheDirectory;-describeshowauthenticationinformationmaybeobtainedfromtheDirectory;-statestheassumptionsmadeabouthowauthenticationinformationisformedandplacedintheDirectory;-definesthreewaysinwhichapplicationsmayusethisauthenticationinformationtoperformauthenticationanddescribeshowothersecurityservicesmaybesupportedbyauthentication.ThisRecommendation|InternationalStandarddescribestwolevelsofauthentication:simpleauthentication,usingapasswordasaverificationofclaimedidentity;andstrongauthentication,involvingcredentialsformedusingcryptographictechniques.Whilesimpleauthenticationofferssomelimitedprotectionagainstunauthorizedaccess,onlystrongauthenticationshouldbeusedasthebasisforprovidingsecureservices.Itisnotintendedtoestablishthisasageneralframeworkforauthentication,butitcanbeofgeneraluseforapplicationswhichconsiderthesetechniquesadequate.
【中国标准分类号】:L79
【国际标准分类号】:35_100_70
【页数】:140P.;A4
【正文语种】:英语
下载地址: 点击此处下载