Some organizations have developed principle-based security architecture to define the necessary elements of security. Infractions may be inadvertent acts, deliberate nefarious acts, acts of God, technical failure and management malfeasance or failure. Issues of concern include interception, interruption, modification and fabrication of corporate information. CCITT X.219, November 1988, Remote Operations: Model, Notation and Service Definition.Given the avalanche of security threats identified and directed daily at all sorts of corporate IT assets - PCs, midrange servers, mainframes, networks, storage systems, VoIP systems and cell phones, to list just a few - the case for effective, active management of these IT and networking security risks is a no-brainer.ISO 8602, 1987, Information Processing System - Open Systems Interconnection - Protocol for Providing the Connectionless - Mode Transport Service.ISO/IEC 8073, 1988, Information Processing System - Open Systems Interconnection -Connection Oriented Transport Protocol Specification.ECMA TR/42, July 1987, Framework for Distributed Office Application.
DOD 5200.28-STD, December 1985, Department of Defense Trusted Computer System Evaluation Criteria.
ISO/IEC DIS 10745, 1992, Information Technology - Open Systems Interconnection - Upper Layers Security Model.ISO/IEC CD 10181-6, June 1991, Information Technology - Open Systems Interconnection - Security Frameworks in Open Systems - Part 6: Integrity.ISO/IEC CD 10181-5, 1992, Information Technology - Open Systems Interconnection - Security Frameworks in Open Systems - Part 5: Confidentiality.ISO/IEC CD 10181-3, June 1991, Information Technology - Open Systems Interconnection - Security Frameworks in Open Systems - Part 3: Access Control.ISO/IEC DIS 10181-2, May 1991, Information Technology - Open Systems Interconnection - Security Frameworks in Open Systems - Part 2: Authentication Framework.
0 kommentar(er)
