GB/T 18794.7-2003
Information technology-Open Systems Interconnection-Security frameworks for open systems-Part 7:Security audit and alarms framework (English Version)

Standard No.

GB/T 18794.7-2003

Language

Chinese, Available in English version

Release Date

2003

Published By

General Administration of Quality Supervision, Inspection and Quarantine of the People‘s Republic of China

Latest

GB/T 18794.7-2003

Scope

This standard for an open systems security framework addresses the application of security services in an open systems environment, where the term "open systems" includes such domains as databases, distributed applications, open distributed processing, and open systems interconnection. A security framework involves defining methods for providing protection to systems and objects within systems, and to the interactions between systems. This security framework does not address methodologies for building systems or mechanisms. A security framework addresses sequences of data elements and operations (rather than protocol elements), both of which can be used to obtain specific security services. These security services apply to the entities the systems are communicating with, the data exchanged between the systems, and the data managed by the systems. The purpose of security auditing and alerting described in this section is to ensure that events related to open system security are handled in accordance with the appropriate security policy of the security agency. In particular, this framework: a) defines the basic concepts of security auditing and alerting; b) provides a general model for security auditing and alerting; c) identifies the relationship between security auditing and alerting services and other security services. Like other security services, security auditing can only be provided within the scope of the specified security policy. The security auditing and alerting model provided in Chapter 6 supports many goals, not all of which are necessary or required in a particular environment. The security audit service provides auditors with the ability to identify events that need to be recorded in the security audit trail. Many different types of standards can use this framework, including: 1) standards embodying the concept of auditing and alerting; 2) standards specifying abstract services that include auditing and alerting; 3) standards specifying the use of auditing and alerting; 4) standards specifying Provide standards for audit and alarm methods within the system architecture; 5) Specify standards for audit and alarm mechanisms. These standards can use this framework in the following ways: - standard types 1), 2), 3) and 5) can use the terms of this framework; - standard types 2), 3), 4) and 5) can use the terms of this framework; Facilities defined in Clause 8; - standard type 5) can be based on mechanism characteristics defined in Clause 9

GB/T 18794.7-2003 history

• 2003 GB/T 18794.7-2003 Information technology-Open Systems Interconnection-Security frameworks for open systems-Part 7:Security audit and alarms framework

GB/T 18794.7-2003 -All Parts