CSA ISO/IEC 10164-6
Information Technology - Open Systems Interconnection - Systems Management: Log Control Function
|Publication Date:||1 January 1995|
|ICS Code (Application layer):||35.100.70|
This Recommendation I International Standard defines the security alarm reporting function. The security alarm reporting function is a systems management function which rnay be used by an application process in a centralized or decentralized management environment to exchange information for the purpose of systems management, as defined by CCIIT Rec. X.700 I ISO/IEC 7498-4. This Recornmendation I International Standard is positioned in tbe application layer of CCI'IT Rec. X.200 I IS0 7498 and is defined according to the model provided by ISO/IEC 9545. The role of systems management functions is described by CCITT Rec. X.701 I ISO/lEC 10040. The security alarm notifications defined by this systems management function provide information regarding operational condition and quality of service, pertaining to security.
Security-related events are of relevance to the provision of security. The security policy determines the actions to be undertaken whenever a security-related event has occured. The security policy rnay, for example, specify that a security alarm report be generated, a record of the event be made in a security audit trail, a threshold counter be incremeoted, the event be ignored, or a combination of these actions be taken. This Recommendation I International Standard is only concerned with security alarm reporting.
This Recommendation 1 International Standard
- establishes user requirements for the service definition needed to support the security alarm reporting function;
- defines the service provided by the security alarm reporting function;
- specifies the protocol that is necessary in order to provide the service;
- defines the relationship between the service and management notifications;
- defines relationships with other systems management functions;
- specifies conformance requirements.
This Recommendation I International Standard does not
- define the nature of any implementation intended to provide the security alarm reporting function;
- specify the manner in which management is accomplished by the user of the security alarm reporting function;
- define the nature of any interactions which result in the use of the security alarm reporting function;
- specify the services necessary for the establishment, normal and abnormal release of a management association;
- define any other notifications, defined by other Recommendations I International Standards, which may be of interest to a security administrator.