scope:

This Recommendation | International Standard defines the security alarm reporting function. The security alarm reporting function is a systems management function which may be used by an application process in a centralized or decentralized management environment to exchange information for the purpose of systems management, as defined by CCITT Rec. X.700 | ISO/IEc 7498-4. This Recommendation | International Standard is positioned in the application layer of CCITT Rec. X.200 | ISO 7498 and is defined according to the model provided by ISO/IEC 9545. The role of the systems management functions is described by CCITT Rec. X.701 | ISO/IEC 100450. The security alarm notifications defined by this systems management function provide information regarding operational condition and quality of service, pertaining to security.

 Security-related events are of relevance to the provision of security. The security policy determines the actions to be undertaken whenever a security-related event has occured. The security policy may, for example, specify that a security alarm report be generated, a record of the event be made in a security audit trail, a threshold counter be incremented, the event be ignored, or a combination of these actions be taken. This Recommendation | International Standard is only concerned with security alarm reporting.

This Recommendation | International Standard

- establishes user requirements for the service definition needed to support the security alarm reporting function;

- defines the service provided by the security alarm reporting function;

- specifies the protocol that is necessary in order to provide the service;

- defines the relationship between the service and management notifications;

- defines relationships with other systems management functions;

- specifies conformance requirements.

 This Recommendation | International Standard does not

- define the nature of any implementation intended to provide the security alarm reporting function;

- specify the manner in which management is accomplished by the user of the security alarm reporting function;

- define the nature of any interactions which result in the use of the security alarm reporting function;

- specify the services necessary for the establishment, normal and abnormal release of a management association;

- define any other notifications, defined by other Recommendations | International Standards, which may be of interest to a security administrator.