GB/T 18794.6-2003
Information technology-Open Systems Interconnection-Security frameworks for open systems-Part 6:Integrity framework (English Version)

Standard No.

GB/T 18794.6-2003

Language

Chinese, Available in English version

Release Date

2003

Published By

General Administration of Quality Supervision, Inspection and Quarantine of the People‘s Republic of China

Latest

GB/T 18794.6-2003

Scope

This standard for an open systems security framework addresses the application of security services in an open systems environment, where the term "open systems" includes such domains as databases, distributed applications, open distributed processing, and open systems interconnection. A security framework involves defining methods for providing protection to systems and objects within systems, and to the interactions between systems. This security framework does not address methodologies for building systems or mechanisms. A security framework addresses sequences of data elements and operations (rather than protocol elements), both of which can be used to obtain specific security services. These security services apply to the entities the systems are communicating with, the data exchanged between the systems, and the data managed by the systems. This part describes the integrity of data in information retrieval, transmission and management: 1) defines the basic concepts of data integrity; 2) identifies possible classifications of integrity mechanisms; 3) identifies the facilities for each type of integrity mechanisms; 4) Identify the management required to support the classification of integrity mechanisms; 5) describe the interaction of integrity mechanisms and supporting services with other security services and mechanisms. There are many different types of standards that can use this framework, including: 1) Standards that embody the concept of integrity; 2) Standards that specify abstract services that include integrity; 3) Standards that specify the use of integrity services; 4) Standards that specify Standards for providing integrity service methods within the architecture; 5) Standards for specifying integrity mechanisms. These standards can use this framework in the following ways: - standard types 1), 2), 3), 4) and 5) can use the terms of this framework; - standard types 2), 3), 4) and 5 ) can use facilities identified in Clause 7; - standard type 5) can be based on the mechanism categories defined in Clause 8 of this framework. Some of the procedures described in this security framework achieve integrity through the application of cryptography. This framework does not depend on the use of specific cryptographic or other algorithms, although certain classes of integrity mechanisms may depend on the properties of specific algorithms. The integrity discussed in this section is defined by the invariance of data values. (Data value invariance) This concept covers all instances where different representations of a value are considered equivalent (eg different ANS.1 codes for the same value). Other forms of invariance are excluded here. The use of the term data in this section includes all types of data structures (such as collections or collections of data, data sequences, file systems, and databases). This framework addresses providing integrity to data that is considered write-accessible by potential attackers. As such, it focuses on providing integrity through cryptographic and non-cryptographic mechanisms and does not rely exclusively on controlling access

GB/T 18794.6-2003 history

• 2003 GB/T 18794.6-2003 Information technology-Open Systems Interconnection-Security frameworks for open systems-Part 6:Integrity framework

GB/T 18794.6-2003 -All Parts