CSA ISO/IEC 10164-9
Information Technology - Open Systems Interconnection - Systems Management: Objects and Attributes for Access Control
| Organization: | CSA |
| Publication Date: | 1 January 1997 |
| Status: | active |
| Page Count: | 130 |
| ICS Code (Application layer): | 35.100.70 |
scope:
The specifications contained herein are applicable to the provision of access control for applications that use OSI management services and protocols.
This Recommendation I International Standard
- establishes user requirements for the provision of access control for applications that use OSI management services and protocols;
- interprets and applies the general model of access control defined in ITU-T Rec. X.812 I ISO/IEC 10181-3 for use with management applications that use OSI management services and protocols;
- defines procedures for the imposition of access control rules in conjunction with the use of OSI management services and protocols;
- defines managed object classes and attribute types that
a) represent some of the access control information that may be used in the provision of access control; and
b) are only for use when the management of the access control information is to be achieved using systems management;
- specifies the protocol that is necessary to exchange the access control information defined in this Recommendation I International Standard, when the exchange is achieved using OSI systems management;
- specifies conformance requirements for open systems that claim to support access control for applications that use OSI management services and protocols;
- specifies conformance requirements for open systems that claim to support the management of the access control information defined in this Recommendation I International Standard.
The access control information identified by this Recommendation I International Standard may be used in support of access control schemes based on access control lists, capabilities, security labels, and contextual constraints.
This Recommendation I International Standard does not
- define an access control policy for applications that use OSI management services and protocols;
- define security (or management) domains in which an access control policy may be imposed;
- define how the components of an access control function be implemented, nor where those components be located;
- specify the form of any access control information that is temporarily or permanently stored in an open system;
- specify any access control mechanisms, nor mandate the use of any particular access control mechanism;
- mandate that access control information be managed, and if it is to be managed, that management be achieved using OSI systems management;
- describe how communicating management application entities act to make access control decisions on behalf of, or for the benefit of any third party;
- specify any conformance requirement for the access control parameter defined in this Recommendation I International Standard
Document History
