CSA Preface
Standards development within the Information Technology sector is harmonized with international standards development. Through the CSA Technical Committee on Information Technology (TCIT), Canadians serve as the Canadian Advisory Committee (CAC) on ISO/IEC joint Technical Committee 1 on Information Technology (ISO/IEC JTCI ) for the Standards Council of Canada (SCC), the ISO member body for Canada and sponsor of the Canadian National Committee of the IEC. Also, as a member of the International Telecommunication Union (ITU), Canada participates in the International Telegraph and Telephone Consultative Committee (ITU-T).
This International Standard was reviewed by the CSA TCIT under the jurisdiction of the Strategic Steering Committee on Information Technology and deemed acceptable for use in Canada. (A committee membership list is available on request from the CSA Project Manager.) From time to time, ISO/IEC may publish addenda, corrigenda, etc. The CSA TCIT will review these documents for approval and publication. For a listing, refer to the CSA Information Products catalogue or CSA Info Update or contact a CSA Sales representative. This Standard has been formally approved, without modification, by these Committees and has been approved as a National Standard of Canada by the Standards Council of Canada.
Scope
1.1
This series of Recommendations / International Standards defines a set of generic facilities to assist in the provision of security services in OSI applications. These include:
(a) a set of notational tools to support the specification of selective field protection requirements in an abstract syntax specification, and to support the specification of security exchanges and security transformations;
(b) a service definition, protocol specification and PICS proforma for an application-service-element (ASE) to support the provision of security services within the Application Layer of OSI;
(c) a specification and PICS proforma for a security transfer syntax, associated with Presentation Layer support for security services in the Application Layer.
1.2
This Recommendation / International Standard defines the following:
(a) general models of security exchange protocol functions and security transformations, based on the concepts described in the OSI Upper Layers Security Model (ITU-T Rec. X.803 / ISO/IEC 10745);
(b) a set of notational tools to support the specification of selective field protection requirements in an abstract syntax specification, and to support the specification of security exchanges and security transformations;
(c) a set of informative guidelines as to the application of the generic upper layers security facilities covered by this series of Recommendations / International Standards.
1.3
This Recommendation / International Standard does not define the following:
(a) a complete set of upper layer security facilities which may be required by other Recommendations / International Standards;
(b) a complete set of security facilities for specific applications;
(c) the mechanisms employed to support security services.
1.4
The security exchange model, and supporting notation, are intended both for use as the basis of defining the security exchange service element in subsequent parts of this series of Recommendations / International Standards, and for use by any other ASE which may import security exchanges into its own specification.