ITU-T
Recommendation X.800 (Security Architecture for OSI) and IETF RFC 2828
(Internet Security Glossary) are used as references to systematically
evaluate and define security requirements. Though coming from different
standardization bodies, the two standards have many points in common.
X.800 is used to define general security-related architectural elements
needed when protection of communication between open systems is required.
X.800 establishes guidelines and constraints to improve existing recommendations and/or
to develop new recommendations in the context of OSI. Similarly, RFC
2828 provides abbreviations, explanations and recommendations for
information system security terminology.
Both
X.800 and RFC 2828 are designed to assist security managers in defining
security requirements and possible approaches to meeting those
requirements. They also help hardware and software manufacturers to
develop security features for their products and services that follow
certain standards. X.800 and RFC 2828 both mention several aspects of
security systems, namely security threat and attack, security services and
mechanisms and security management. This section gives a brief introduction
to these standards. We urge readers to read the original standard
documents for more information.
No comments:
Post a Comment