GB/T 18794.5-2003
Information technology-Open Systems Interconnection-Security frameworks for open systems-Part 5:Confidentiality framework (English Version)

Standard No.

GB/T 18794.5-2003

Language

Chinese, Available in English version

Release Date

2003

Published By

General Administration of Quality Supervision, Inspection and Quarantine of the People‘s Republic of China

Latest

GB/T 18794.5-2003

Scope

This standard for an open systems security framework addresses the application of security services in an open systems environment, where the term "open systems" includes such domains as databases, distributed applications, open distributed processing, and open systems interconnection. A security framework involves defining methods for providing protection to systems and objects within systems, and to the interactions between systems. This security framework does not address methodologies for building systems or mechanisms. A security framework addresses sequences of data elements and operations (rather than protocol elements), both of which can be used to obtain specific security services. These security services apply to the entities the systems are communicating with, the data exchanged between the systems, and the data managed by the systems. This section addresses the confidentiality of information during retrieval, transmission and management. This part: 1) defines the basic concepts of confidentiality; 2) identifies possible types of confidentiality mechanisms; 3) classifies and identifies the facilities for each type of confidentiality mechanism; 4) identifies the types of confidentiality mechanisms used to support the various categories Management required; 5) Describe the interaction of confidentiality mechanisms and supporting services with other security services and mechanisms. Many different types of standards can use this framework, including: 1) standards that embody the concept of confidentiality; 2) standards that specify abstract services that contain confidentiality; 3) standards that specify services that use confidentiality; Standards for methods of providing confidentiality services within the architecture; 5) Standards for specifying confidentiality mechanisms. These standards can use this framework in the following ways: - standard types 1), 2), 3), 4) and 5) can use the terms of this framework; - standard types 2), 3), 4) and 5) Facilities that can be defined in Clause 7 of this Framework; - Criterion Type 5) can be based on the category of mechanisms defined in Clause 8 of this Framework. Like other security services, confidentiality can only be provided in the context of a security policy defined for a particular application. The definition of a specific security policy is outside the scope of this standard. It is also outside this standard to specify the details of the protocol exchanges that need to be performed in order to achieve confidentiality. This standard does not specify specific mechanisms to support these confidentiality services, nor does it specify full details of security management services and protocols. Generic mechanisms to support confidentiality are described in Section 8. Some of the procedures described in this security framework achieve confidentiality through the application of cryptography. However, this framework has no dependencies on the use of specific cryptography or other algorithms, although certain classes of confidentiality mechanisms may rely on specific algorithmic properties. This framework addresses how confidentiality protection is provided when information is represented as data accessible to potential attackers. Its scope includes traffic confidentiality.

GB/T 18794.5-2003 history

• 2003 GB/T 18794.5-2003 Information technology-Open Systems Interconnection-Security frameworks for open systems-Part 5:Confidentiality framework

GB/T 18794.5-2003 -All Parts